search

microsoftgraph / msgraph-bicep-types

Repo contains Microsoft Graph resource types to integrate with bicep templates.
MIT License
39 stars 6 forks source link

Deployment details in the Azure portal does not show the deployed resources #35

Open danstis opened 1 year ago

danstis commented 1 year ago

When deploying a new application using the Preview provider, a deployment record is created at the deployment scope (Resource Group or Subscription) however it contains no details of what was deployed.

For example: Correlation ID: f2d5e313-ff86-4715-acf6-82071fdde4da image

The deployment details when expanded, shows the loading animation, but never displays any details.

dkershaw10 commented 1 year ago

Thanks for reporting. @shenglol is this something that the extension framework should be taking care of, or is there something we are doing wrong in the Graph extension?

Thanks for filing this issue @danstis - we'll repro on our side and come back to you shortly.

dkershaw10 commented 1 year ago

@danstis - we think that this is a known issue, in that the Azure Portal doesn't display any non-ARM resources (will add this to the release notes). We'll try and follow up here to see who owns this component and whether anything can be done here for Bicep extensions.

mattallford commented 10 months ago

Hi team,

I've just found some time to start looking at this preview feature, and I wanted to add some context to this issue.

I found that when I deploy a normal Azure resource using Bicep, such as the basic example immediately below, I can see the deployment in the Deployments pane in the Azure Portal, and I can see the resource being deployed when clicking in to the deployment and expanding Deployment details - all as expected.

@description('location of the resource group')
param location string = resourceGroup().location

resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
  name: 'ExampleManagedIdentity'
  location: location
}

However, if I were to add a Graph resource to the deployment, such as in the example below, I experience the issue originally described by @danstis. Just to reiterate, even though my deployment contains both Azure resources and graph resources, if I go to view the deployment in the portal, I can't even load and see the Azure resources that were part of the deployment. It seems that having graph resources in the same deployment stops the deployment details loading, even if there are valid Azure resources being deployed in the deployment.

import 'microsoftGraph@1.0.0'

@description('location of the resource group')
param location string = resourceGroup().location

resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
  name: 'ExampleManagedIdentity'
  location: location
}

resource entraGroup 'Microsoft.Graph/groups@beta' = {
  name: 'EntraGroupByBicep'
  displayName: 'Entra Group By Bicep'
  mailEnabled: false
  mailNickname: 'EntraGroupByBicep'
  securityEnabled: true
  description: 'Entra Group Created by Bicep'
  members: [
    managedIdentity.properties.principalId
  ]
}

I wanted to provide this additional context to let you know this isn't just effecting the graph resources being deployed, but it is in fact breaking existing functionality of viewing deployments, if a graph resource is included in the same deployment as a standard Azure resource.

dkershaw10 commented 10 months ago

@shenglol - just making sure you are seeing this behavior too, when addressing this missing extensibility functionality.

dkershaw10 commented 6 months ago

@danstis we unfortunately won't be able to fix this until after we release public preview. Would this be an adoption blocker for you?

danstis commented 6 months ago

@dkershaw10 No this will not be a blocker for us.

Wopienkaatwork commented 1 month ago

Hi, I just tried the new preview features as well but was not able to deploy graph resources via the portal : 

extension microsoftGraph

resource group 'Microsoft.Graph/groups@v1.0'= {
  displayName: 'abc'
  mailEnabled: false
  mailNickname: 'abc'
  securityEnabled: true
  uniqueName: 'abc'
}

I took the json and tried to deploy via the portal as a custom deployment and the only message I got was this: image Am I missing something for the portal deployment?

dkershaw10 commented 1 month ago

Yes this is expected - please visit the known issues topic and the limitations topic. There are two issues:

  1. Only certain clients are currently allowed to perform deployments (for Graph resources) - see issue item
  2. Deployment for extensible resources are not supported in the Azure Portal - see limitation item

@Wopienkaatwork Now for the issue, we could look into adding the Azure Portal to the set of clients allowed to deploy Graph resources. If this is something important for you, please create a new issue and select "Feature request" and fill in the template. NOTE - we haven't tested if this will work end to end, as the portal may be expecting other info from the deployment engine/extensibility host, that might prevent the deployment from starting.