Adding unused parameter with type expression fails deployment #11846
Comments
|
The behavior you ran into is the result of an intentional breaking change. Some background: ARM recently introduced langauge version 2.0, which is required for templates that use aggregate parameter types. Bicep type expressions became GA in version 0.21.1, and any template that includes type expressions (like The new ARM language version also included a small number of breaking changes, one of which was the removal of "outer" expression evaluation mode. "Outer" mode is the default in templates that do not specify a language version but is blocked in templates that use version 2.0 (in which case "Inner" mode is the default (and only permitted) evaluation mode). This change was not expected to impact any Bicep users, as What's happening in your deployment is that the For consistent behavior, I would recommend updating |
|
Sorry, hit the wrong button there. Meant to leave this open for others to weigh in. One thing we could do here is raise an error-level compiler diagnostic. The error message returned by ARM is not very clear in this instance, and we should be able to detect this scenario via static analysis rather than letting the runtime handle it. Adding a compile-time check might be as simple as checking any resource of type |
|
If a compile-time check is possible/reasonable then this sounds definitely like a good idea. BTW, adding resource taskDeployment 'Microsoft.Resources/deployments@2020-10-01' = {
name: 'name'
properties: {
expressionEvaluationOptions: {
scope: 'inner'
}
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: [
<SNIP> |
|
@dmgonch If the nested deployment resource still refers to the To clear the error in "inner" mode, the resource taskDeployment 'Microsoft.Resources/deployments@2020-10-01' = {
name: 'name'
properties: {
mode: 'Incremental'
expressionEvaluationOptions: {
scope: 'inner'
}
parameters: {
options: {
value: fakeOptions // <-- pass `fakeOptions` explicitly (as a parameter) to the nested deployment
}
}
template: {
'$schema': 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
parameters: {
options: {
type: 'array'
}
}
resources: [
{
apiVersion: '2019-12-01'
type: 'Microsoft.ManagedIdentity/userAssignedIdentities'
name: 'example'
properties: {
fakeOptions: '[parameters(\'options\')]' // <-- This expression will be evaulated as part of the nested deployment
}
}
]
}
}
}Alternatively, you could define main.bicep ...
module taskDeployment 'taskDeployment.bicep' = {
name: 'taskDeployment'
params: {
options: fakeOptions
}
}taskDeployment.bicep param options array
resource example 'Microsoft.ManagedIdentity/userAssignedIdentities@2019-12-01' = {
name: 'example'
properties: {
fakeOptions: options
}
} |
|
Confirmed that moving the resource to a separate .bicep file resolved that issue. Thank you very much for your help! |
…mbolic references to outer scope (#11884) Resolves #11846 This PR updates EmitLimitationCalculator to emit an error when a resource of type `Microsoft.Resources/deployments` uses inner scoped expression evaluation but refers to symbols defined in the outer scope from within the `template` property. This PR may be a **breaking change** for some templates, as the added check may catch scenarios that would not result in a runtime deployment failure, e.g., when a template has a symbol with the same name and type defined in both contexts: ```bicep var fizz = 'buzz' resource nested 'Microsoft.Resources/deployments@2020-10-01' = { name: 'name' properties: { mode: 'Incremental' expressionEvaluationOptions: { scope: 'inner' } template: { '$schema': 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#' contentVersion: '1.0.0.0' variables: { fizz: 'pop' } resources: [ { apiVersion: '2022-09-01' type: 'Microsoft.Resources/tags' name: 'default' properties: { tags: { tag1: fizz // <-- Not an error, but surprise! Its value is 'pop', not 'buzz' } } } ] } } } ``` In that case, the user *may* be using a Bicep symbolic reference to save a few characters, but what the template will do (dereference the inner-scoped symbol) does not line up with the communicated intent of the syntax (i.e., to dereference the outer-scoped symbol), so I chose to flag that as an error, too, as this usage would almost certainly represent a *logical* error even if the compiled nested deployment would not raise a runtime error. ###### Microsoft Reviewers: [Open in CodeFlow](https://microsoft.github.io/open-pr/?codeflow=https://github.com/Azure/bicep/pull/11884)
Bicep version
Bicep CLI version 0.21.1 (d4acbd2a9f)Describe the bug
Running
az deployment group create --what-if -x Ignore --subscription <SUB_ID> -g <RG_NAME> -f repro.bicepfails with:InvalidTemplate - Deployment template validation failed: 'The template reference 'two' is not valid: could not find template resource or resource copy with this name. Please see https://aka.ms/arm-function-reference for usage details.'.But if
notUsedTypedParamis commented out, then the command above succeeds.To Reproduce
az deployment group create --what-if -x Ignore --subscription <SUB_ID> -g <RG_NAME> -f repro.biceprepro.bicep
module-one.bicep
module-two.bicep
The text was updated successfully, but these errors were encountered: