diff --git a/sdk/provisioning/Azure.Provisioning/src/Construct.cs b/sdk/provisioning/Azure.Provisioning/src/Construct.cs index 7a5f2be994cae..1c009462cd89e 100644 --- a/sdk/provisioning/Azure.Provisioning/src/Construct.cs +++ b/sdk/provisioning/Azure.Provisioning/src/Construct.cs @@ -279,13 +279,13 @@ internal void WriteOutputs(MemoryStream stream) foreach (var output in outputsToWrite) { string value; - if (output.IsLiteral || ReferenceEquals(this, output.ModuleSource)) + if (output.IsLiteral || ReferenceEquals(this, output.Resource.ModuleScope)) { value = output.IsLiteral ? $"'{output.Value}'" : output.Value; } else { - value = $"{output.ModuleSource!.Name}.outputs.{output.Name}"; + value = $"{output.Resource.ModuleScope!.Name}.outputs.{output.Name}"; } string name = output.Name; stream.WriteLine($"output {name} string = {value}"); diff --git a/sdk/provisioning/Azure.Provisioning/src/ModuleInfrastructure.cs b/sdk/provisioning/Azure.Provisioning/src/ModuleInfrastructure.cs index 4f50bbe45ad26..f15694a97df5e 100644 --- a/sdk/provisioning/Azure.Provisioning/src/ModuleInfrastructure.cs +++ b/sdk/provisioning/Azure.Provisioning/src/ModuleInfrastructure.cs @@ -47,7 +47,6 @@ private void AddOutputsToModules() // ToList to avoid modifying the collection while iterating foreach (var output in construct.GetOutputs(false).ToList()) { - output.ModuleSource = output.Resource.ModuleScope!; output.Resource.ModuleScope!.AddOutput(output); } } @@ -102,7 +101,6 @@ private void BuildModuleConstructs(Resource resource, Dictionary public bool IsSecure { get; } internal IConstruct Source { get; } - internal IConstruct? ModuleSource { get; set; } internal Resource Resource { get; } diff --git a/sdk/provisioning/Azure.Provisioning/src/Parameter.cs b/sdk/provisioning/Azure.Provisioning/src/Parameter.cs index 10d197c054973..02102d5005dcf 100644 --- a/sdk/provisioning/Azure.Provisioning/src/Parameter.cs +++ b/sdk/provisioning/Azure.Provisioning/src/Parameter.cs @@ -29,8 +29,9 @@ public readonly struct Parameter /// Gets a value indicating whether the parameter is secure. /// public bool IsSecure { get; } - internal bool IsFromOutput { get; } - internal bool IsLiteral { get; } + + internal bool IsFromOutput => Output != null; + internal bool IsLiteral => Output?.IsLiteral ?? false; internal string? Value { get; } internal IConstruct? Source { get; } internal Output? Output { get; } @@ -43,14 +44,12 @@ public Parameter(Output output) { Name = output.Name; IsSecure = output.IsSecure; - IsFromOutput = true; - IsLiteral = output.IsLiteral; Value = output.Value; Source = output.Source; Output = output; } - internal Parameter(string name, string? description, object? defaultValue, bool isSecure, IConstruct source, string? value) + internal Parameter(string name, string? description, object? defaultValue, bool isSecure, IConstruct source, string? value, Output? output) { Name = name; Description = description; @@ -58,6 +57,7 @@ internal Parameter(string name, string? description, object? defaultValue, bool IsSecure = isSecure; Source = source; Value = value; + Output = output; } /// @@ -82,14 +82,21 @@ internal string GetParameterString(IConstruct parentScope) { return Name; } + + // If the parameter is from an output that is not in the current scope, use the parameter name. + if (!parentScope.GetOutputs().Contains(Output)) + { + return Name; + } + // If the parameter is an output from the current scope, use its Value. - if (ReferenceEquals(Output!.ModuleSource, parentScope)) + if (ReferenceEquals(Output!.Resource.ModuleScope, parentScope)) { return Value!; } // Otherwise it is an output from a different scope, use the full reference. - return $"{Output!.ModuleSource!.Name}.outputs.{Name}"; + return $"{Output!.Resource.ModuleScope!.Name}.outputs.{Name}"; } } } diff --git a/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultAddAccessPolicy.cs b/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultAddAccessPolicy.cs index f37cbaf6a6a74..a5528bb76f644 100644 --- a/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultAddAccessPolicy.cs +++ b/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultAddAccessPolicy.cs @@ -33,6 +33,7 @@ public KeyVaultAddAccessPolicy(IConstruct scope, Parameter principalIdParameter, })) { ParameterOverrides.Add(Properties.AccessPolicies[0], new Dictionary { { nameof(KeyVaultAccessPolicy.ObjectId), principalIdParameter } }); + Parameters.Add(principalIdParameter); } private static string GetParamValue(Parameter principalIdParameter, IConstruct scope) diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/main.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/main.bicep index df4929f7b2eee..48ade1109ae90 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/main.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/main.bicep @@ -28,6 +28,9 @@ resource resourceGroup_Q4i0lpa1h 'Microsoft.Resources/resourceGroups@2023-07-01' module rg1_TEST './resources/rg1_TEST/rg1_TEST.bicep' = { name: 'rg1_TEST' scope: resourceGroup_AVG5HpqPz + params: { + SERVICE_API_IDENTITY_PRINCIPAL_ID: rg3_TEST.outputs.SERVICE_API_IDENTITY_PRINCIPAL_ID + } } module rg2_TEST './resources/rg2_TEST/rg2_TEST.bicep' = { diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/resources/rg1_TEST/rg1_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/resources/rg1_TEST/rg1_TEST.bicep index a067a8e757d48..666e4f7726ab5 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/resources/rg1_TEST/rg1_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/resources/rg1_TEST/rg1_TEST.bicep @@ -1,3 +1,7 @@ +@secure() +@description('') +param SERVICE_API_IDENTITY_PRINCIPAL_ID string + resource appServicePlan_viooTTlOI 'Microsoft.Web/serverfarms@2021-02-01' = { name: 'appServicePlan-TEST' @@ -44,7 +48,7 @@ resource applicationSettingsResource_MAMFSSuFs 'Microsoft.Web/sites/config@2021- resource keyVault_BRsYQF4qT 'Microsoft.KeyVault/vaults@2023-02-01' = { name: 'kv-TEST' - location: LOCATION + location: webSite_dOTaZfna6.location properties: { tenantId: '00000000-0000-0000-0000-000000000000' sku: { diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/StorageBlobDefaults/resources/rg_TEST/rg_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/StorageBlobDefaults/resources/rg_TEST/rg_TEST.bicep index 4fd8ed1fb0729..814be8ecaec8b 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/StorageBlobDefaults/resources/rg_TEST/rg_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/StorageBlobDefaults/resources/rg_TEST/rg_TEST.bicep @@ -1,6 +1,6 @@ -resource storageAccount_o16OWzTQE 'Microsoft.Storage/storageAccounts@2022-09-01' = { - name: 'photoacct985209930ac24f6' +resource storageAccount_7Spem00ph 'Microsoft.Storage/storageAccounts@2022-09-01' = { + name: 'photoacct4aa56e7da51149b' location: 'westus' sku: { name: 'Premium_LRS' @@ -10,8 +10,8 @@ resource storageAccount_o16OWzTQE 'Microsoft.Storage/storageAccounts@2022-09-01' } } -resource blobService_b1lTObtBZ 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' = { - parent: storageAccount_o16OWzTQE +resource blobService_Al1mntjNG 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' = { + parent: storageAccount_7Spem00ph name: 'default' properties: { cors: { diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/StorageBlobDropDown/resources/rg_TEST/rg_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/StorageBlobDropDown/resources/rg_TEST/rg_TEST.bicep index 84adbe11a46b6..5932ba46caa84 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/StorageBlobDropDown/resources/rg_TEST/rg_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/StorageBlobDropDown/resources/rg_TEST/rg_TEST.bicep @@ -1,6 +1,6 @@ -resource storageAccount_xlURFCc5A 'Microsoft.Storage/storageAccounts@2022-09-01' = { - name: 'photoaccte6de904bc2d5415' +resource storageAccount_xksvj6bLA 'Microsoft.Storage/storageAccounts@2022-09-01' = { + name: 'photoacct420f4454773442c' location: 'westus' sku: { name: 'Premium_LRS' @@ -10,8 +10,8 @@ resource storageAccount_xlURFCc5A 'Microsoft.Storage/storageAccounts@2022-09-01' } } -resource blobService_AhHMDPJzw 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' = { - parent: storageAccount_xlURFCc5A +resource blobService_OX8Ox5p80 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' = { + parent: storageAccount_xksvj6bLA name: 'default' properties: { cors: { diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/resources/rg_TEST/rg_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/resources/rg_TEST/rg_TEST.bicep index fd18134828a04..5ba5df6c13cc0 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/resources/rg_TEST/rg_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/resources/rg_TEST/rg_TEST.bicep @@ -94,7 +94,7 @@ resource keyVaultAddAccessPolicy_NWCGclP20 'Microsoft.KeyVault/vaults/accessPoli accessPolicies: [ { tenantId: '00000000-0000-0000-0000-000000000000' - objectId: SERVICE_API_IDENTITY_PRINCIPAL_ID + objectId: webSite_W5EweSXEq.identity.principalId permissions: { secrets: [ 'get' diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/resources/rg_TEST/rg_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/resources/rg_TEST/rg_TEST.bicep index ba408adc23da3..c18ad56f04516 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/resources/rg_TEST/rg_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/resources/rg_TEST/rg_TEST.bicep @@ -37,7 +37,7 @@ resource keyVaultAddAccessPolicy_NWCGclP20 'Microsoft.KeyVault/vaults/accessPoli accessPolicies: [ { tenantId: '00000000-0000-0000-0000-000000000000' - objectId: SERVICE_API_IDENTITY_PRINCIPAL_ID + objectId: webSite_W5EweSXEq.identity.principalId permissions: { secrets: [ 'get' diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/resources/rg_TEST/rg_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/resources/rg_TEST/rg_TEST.bicep index 6b4d6c508815d..f681dcfea36df 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/resources/rg_TEST/rg_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/resources/rg_TEST/rg_TEST.bicep @@ -40,7 +40,7 @@ resource keyVaultAddAccessPolicy_NWCGclP20 'Microsoft.KeyVault/vaults/accessPoli accessPolicies: [ { tenantId: '00000000-0000-0000-0000-000000000000' - objectId: SERVICE_API_IDENTITY_PRINCIPAL_ID + objectId: webSite_W5EweSXEq.identity.principalId permissions: { secrets: [ 'get' diff --git a/sdk/provisioning/Azure.Provisioning/tests/ProvisioningTests.cs b/sdk/provisioning/Azure.Provisioning/tests/ProvisioningTests.cs index aebf64d3ff315..5ffc8da0cfea9 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/ProvisioningTests.cs +++ b/sdk/provisioning/Azure.Provisioning/tests/ProvisioningTests.cs @@ -6,6 +6,7 @@ using System; using System.IO; using System.Diagnostics; +using System.Linq; using Azure.Core.TestFramework; using Azure.Core.Tests.TestFramework; using Azure.Provisioning.AppService; @@ -165,8 +166,14 @@ public void OutputsSpanningModules() frontEnd2.AssignParameter(data => data.Identity.PrincipalId, new Parameter(output1)); frontEnd2.AssignParameter(data => data.Location, new Parameter(output2)); - _ = new TestFrontEndWebSite(infra, parent: rg3); + var testFrontEndWebSite = new TestFrontEndWebSite(infra, parent: rg3); infra.Build(GetOutputPath()); + + Assert.AreEqual(3, infra.GetParameters().Count()); + Assert.AreEqual(3, infra.GetOutputs().Count()); + + Assert.AreEqual(0, testFrontEndWebSite.GetParameters().Count()); + Assert.AreEqual(1, testFrontEndWebSite.GetOutputs().Count()); } private static string GetGitRoot()