add test file

NanaXiong00 · Jul 4, 2024 · 45819d3 · 45819d3
1 parent 2c6cf01
commit 45819d3
Show file tree

Hide file tree

Showing 3 changed files with 159 additions and 14 deletions.
diff --git a/avm/res/container-registry/registry/README.md b/avm/res/container-registry/registry/README.md
@@ -37,7 +37,8 @@ The following section provides usage examples for the module, which were used to
 - [Using only defaults](#example-1-using-only-defaults)
 - [Using encryption with Customer-Managed-Key](#example-2-using-encryption-with-customer-managed-key)
 - [Using large parameter set](#example-3-using-large-parameter-set)
-- [WAF-aligned](#example-4-waf-aligned)
+- [Using `scopeMaps` in parameter set](#example-4-using-scopemaps-in-parameter-set)
+- [WAF-aligned](#example-5-waf-aligned)
 
 ### Example 1: _Using only defaults_
 
@@ -457,7 +458,81 @@ module registry 'br/public:avm/res/container-registry/registry:<version>' = {
 </details>
 <p>
 
-### Example 4: _WAF-aligned_
+### Example 4: _Using `scopeMaps` in parameter set_
+
+This instance deploys the module with the scopeMaps feature.
+
+
+<details>
+
+<summary>via Bicep module</summary>
+
+```bicep
+module registry 'br/public:avm/res/container-registry/registry:<version>' = {
+  name: 'registryDeployment'
+  params: {
+    // Required parameters
+    name: 'crrs001'
+    // Non-required parameters
+    acrSku: 'Standard'
+    location: '<location>'
+    scopeMaps: [
+      {
+        actions: [
+          'repositories/repository-name/content/read'
+          'repositories/repository-name/metadata/write'
+        ]
+        description: 'This is a test for scopeMaps feature.'
+        name: 'rw'
+      }
+    ]
+  }
+}
+```
+
+</details>
+<p>
+
+<details>
+
+<summary>via JSON Parameter file</summary>
+
+```json
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    // Required parameters
+    "name": {
+      "value": "crrs001"
+    },
+    // Non-required parameters
+    "acrSku": {
+      "value": "Standard"
+    },
+    "location": {
+      "value": "<location>"
+    },
+    "scopeMaps": {
+      "value": [
+        {
+          "actions": [
+            "repositories/repository-name/content/read",
+            "repositories/repository-name/metadata/write"
+          ],
+          "description": "This is a test for scopeMaps feature.",
+          "name": "rw"
+        }
+      ]
+    }
+  }
+}
+```
+
+</details>
+<p>
+
+### Example 5: _WAF-aligned_
 
 This instance deploys the module in alignment with the best-practices of the Azure Well-Architected Framework.
 
@@ -1536,7 +1611,40 @@ Scope maps setting.
 
 - Required: No
 - Type: array
-- Default: `[]`
+
+**Required parameters**
+
+| Parameter | Type | Description |
+| :-- | :-- | :-- |
+| [`actions`](#parameter-scopemapsactions) | array | The list of scoped permissions for registry artifacts. |
+
+**Optional parameters**
+
+| Parameter | Type | Description |
+| :-- | :-- | :-- |
+| [`description`](#parameter-scopemapsdescription) | string | The user friendly description of the scope map. |
+| [`name`](#parameter-scopemapsname) | string | The name of the scope map. |
+
+### Parameter: `scopeMaps.actions`
+
+The list of scoped permissions for registry artifacts.
+
+- Required: Yes
+- Type: array
+
+### Parameter: `scopeMaps.description`
+
+The user friendly description of the scope map.
+
+- Required: No
+- Type: string
+
+### Parameter: `scopeMaps.name`
+
+The name of the scope map.
+
+- Required: No
+- Type: string
 
 ### Parameter: `softDeletePolicyDays`
 

diff --git a/avm/res/container-registry/registry/main.bicep b/avm/res/container-registry/registry/main.bicep
@@ -293,9 +293,12 @@ resource registry 'Microsoft.ContainerRegistry/registries@2023-06-01-preview' =
     zoneRedundancy: acrSku == 'Premium' ? zoneRedundancy : null
   }
   resource registry_scopeMap 'scopeMaps' = [
-    for scopeMap in scopeMaps: {
-      name: scopeMap.name
-      properties: scopeMap.properties
+    for (scopeMap, index) in (scopeMaps ?? []): {
+      name: scopeMap.?name ?? '${name}-scopemaps'
+      properties: {
+        actions: scopeMap.actions
+        description: scopeMap.?description
+      }
     }
   ]
 }
@@ -664,8 +667,8 @@ type scopeMapsType = {
   @description('Optional. The name of the scope map.')
   name: string?
 
-  @description('Optional. The list of scoped permissions for registry artifacts.')
-  actions: string[]?
+  @description('Required. The list of scoped permissions for registry artifacts.')
+  actions: string[]
 
   @description('Optional. The user friendly description of the scope map.')
   description: string?

diff --git a/avm/res/container-registry/registry/main.json b/avm/res/container-registry/registry/main.json
@@ -6,7 +6,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.28.1.47646",
-      "templateHash": "18070042013592883016"
+      "templateHash": "12115787266264071519"
     },
     "name": "Azure Container Registries (ACR)",
     "description": "This module deploys an Azure Container Registry (ACR).",
@@ -475,6 +475,38 @@
         }
       },
       "nullable": true
+    },
+    "scopeMapsType": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "properties": {
+          "name": {
+            "type": "string",
+            "nullable": true,
+            "metadata": {
+              "description": "Optional. The name of the scope map."
+            }
+          },
+          "actions": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            },
+            "metadata": {
+              "description": "Required. The list of scoped permissions for registry artifacts."
+            }
+          },
+          "description": {
+            "type": "string",
+            "nullable": true,
+            "metadata": {
+              "description": "Optional. The user friendly description of the scope map."
+            }
+          }
+        }
+      },
+      "nullable": true
     }
   },
   "parameters": {
@@ -729,8 +761,7 @@
       }
     },
     "scopeMaps": {
-      "type": "array",
-      "defaultValue": [],
+      "$ref": "#/definitions/scopeMapsType",
       "metadata": {
         "description": "Optional. Scope maps setting."
       }
@@ -769,12 +800,15 @@
     "registry::registry_scopeMap": {
       "copy": {
         "name": "registry_scopeMap",
-        "count": "[length(parameters('scopeMaps'))]"
+        "count": "[length(coalesce(parameters('scopeMaps'), createArray()))]"
       },
       "type": "Microsoft.ContainerRegistry/registries/scopeMaps",
       "apiVersion": "2023-06-01-preview",
-      "name": "[format('{0}/{1}', parameters('name'), parameters('scopeMaps')[copyIndex()].name)]",
-      "properties": "[parameters('scopeMaps')[copyIndex()].properties]",
+      "name": "[format('{0}/{1}', parameters('name'), coalesce(tryGet(coalesce(parameters('scopeMaps'), createArray())[copyIndex()], 'name'), format('{0}-scopemaps', parameters('name'))))]",
+      "properties": {
+        "actions": "[coalesce(parameters('scopeMaps'), createArray())[copyIndex()].actions]",
+        "description": "[tryGet(coalesce(parameters('scopeMaps'), createArray())[copyIndex()], 'description')]"
+      },
       "dependsOn": [
         "registry"
       ]