Skip to content

Commit

Permalink
fix: 1704 Web Site without Managed Identity (Azure#1738)
Browse files Browse the repository at this point in the history 
## Description

This PR changes the default value for Managed Identity Type from `null`
to `'None'` to allow creation of sites without Managed Identity as per
documentation:
https://learn.microsoft.com/en-us/azure/templates/microsoft.web/sites?pivots=deployment-language-bicep#managedserviceidentity.

The pipeline run shows Bicep Linter warnings for the `identity` property
in the pester tests:

https://github.com/cloudchristoph/bicep-registry-modules/actions/runs/8783746073/job/24100560440#step:4:234
```
/home/runner/work/bicep-registry-modules/bicep-registry-modules/avm/res/web/site/main.bicep(227,13) : Warning BCP036: The property "type" expected a value of type "'None' | 'SystemAssigned' | 'SystemAssigned, UserAssigned' | 'UserAssigned' | null" but the provided value in source declaration "identity" is of type "'None' | 'SystemAssigned' | 'SystemAssigned,UserAssigned' | 'UserAssigned'". If this is an inaccuracy in the documentation, please report it to the Bicep Team. [https://aka.ms/bicep-type-issues]
```
The warning also has existed before, but for the missing `'None'` value,
so I think it's not an issue.

Regarding the backwards compatibility: This change doesn't affect the
actual deployment. Managed Identities are disabled no matter which of
the two values is given.

Fixes Azure#1704
Closes Azure#1704

## Pipeline Reference

<!-- Insert your Pipeline Status Badge below -->

| Pipeline |
| -------- |
|
[![avm.res.web.site](https://github.com/cloudchristoph/bicep-registry-modules/actions/workflows/avm.res.web.site.yml/badge.svg?branch=1704_site_without_managed_identity)](https://github.com/cloudchristoph/bicep-registry-modules/actions/workflows/avm.res.web.site.yml)|

## Type of Change

<!-- Use the check-boxes [x] on the options that are relevant. -->

- [ ] Update to CI Environment or utlities (Non-module effecting
changes)
- [x] Azure Verified Module updates:
- [x] Bugfix containing backwards compatible bug fixes, and I have NOT
bumped the MAJOR or MINOR version in `version.json`:
- [x] Someone has opened a bug report issue, and I have included "Closes
#{bug_report_issue_number}" in the PR description.
- [ ] The bug was found by the module author, and no one has opened an
issue to report it yet.
- [ ] Feature update backwards compatible feature updates, and I have
bumped the MINOR version in `version.json`.
- [ ] Breaking changes and I have bumped the MAJOR version in
`version.json`.
  - [ ] Update to documentation

## Checklist

- [x] I'm sure there are no other open Pull Requests for the same
update/change
- [x] I have run `Set-AVMModule` locally to generate the supporting
module files.
- [ ] My corresponding pipelines / checks run clean and green without
any errors or warnings (see above)

<!-- Please keep up to day with the contribution guide at
https://aka.ms/avm/contribute/bicep -->
  • Loading branch information
@cloudchristoph
cloudchristoph authored Apr 23, 2024
1 parent 9fc5074 commit 31898ed
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 22 deletions.
2 changes: 1 addition & 1 deletion avm/res/web/site/main.bicep
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@ var identity = !empty(managedIdentities)
? {
type: (managedIdentities.?systemAssigned ?? false)
? (!empty(managedIdentities.?userAssignedResourceIds ?? {}) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned')
: (!empty(managedIdentities.?userAssignedResourceIds ?? {}) ? 'UserAssigned' : null)
: (!empty(managedIdentities.?userAssignedResourceIds ?? {}) ? 'UserAssigned' : 'None')
userAssignedIdentities: !empty(formattedUserAssignedIdentities) ? formattedUserAssignedIdentities : null
}
: null
Expand Down
42 changes: 21 additions & 21 deletions avm/res/web/site/main.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "14301920664802681394"
"version": "0.26.170.59819",
"templateHash": "5830272725104890600"
},
"name": "Web/Function Apps",
"description": "This module deploys a Web or Function App.",
Expand Down Expand Up @@ -747,7 +747,7 @@
},
"variables": {
"formattedUserAssignedIdentities": "[reduce(map(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createArray()), lambda('id', createObject(format('{0}', lambdaVariables('id')), createObject()))), createObject(), lambda('cur', 'next', union(lambdaVariables('cur'), lambdaVariables('next'))))]",
"identity": "[if(not(empty(parameters('managedIdentities'))), createObject('type', if(coalesce(tryGet(parameters('managedIdentities'), 'systemAssigned'), false()), if(not(empty(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createObject()))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createObject()))), 'UserAssigned', null())), 'userAssignedIdentities', if(not(empty(variables('formattedUserAssignedIdentities'))), variables('formattedUserAssignedIdentities'), null())), null())]",
"identity": "[if(not(empty(parameters('managedIdentities'))), createObject('type', if(coalesce(tryGet(parameters('managedIdentities'), 'systemAssigned'), false()), if(not(empty(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createObject()))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(coalesce(tryGet(parameters('managedIdentities'), 'userAssignedResourceIds'), createObject()))), 'UserAssigned', 'None')), 'userAssignedIdentities', if(not(empty(variables('formattedUserAssignedIdentities'))), variables('formattedUserAssignedIdentities'), null())), null())]",
"builtInRoleNames": {
"App Compliance Automation Administrator": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '0f37683f-2463-46b6-9ce7-9b788b988ba2')]",
"Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]",
Expand Down Expand Up @@ -929,8 +929,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "18064037455551234601"
"version": "0.26.170.59819",
"templateHash": "12051629915105082529"
},
"name": "Site App Settings",
"description": "This module deploys a Site App Setting.",
Expand Down Expand Up @@ -1080,8 +1080,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "9660352953607316036"
"version": "0.26.170.59819",
"templateHash": "14303407385986258247"
},
"name": "Site Auth Settings V2 Config",
"description": "This module deploys a Site Auth Settings V2 Configuration.",
Expand Down Expand Up @@ -1300,8 +1300,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "7436278786647572492"
"version": "0.26.170.59819",
"templateHash": "5665258089530156840"
},
"name": "Web/Function App Deployment Slots",
"description": "This module deploys a Web or Function App Deployment Slot.",
Expand Down Expand Up @@ -2208,8 +2208,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "12764984503745572183"
"version": "0.26.170.59819",
"templateHash": "16550727222833899283"
},
"name": "Site Slot App Settings",
"description": "This module deploys a Site Slot App Setting.",
Expand Down Expand Up @@ -2378,8 +2378,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "1333776366661137381"
"version": "0.26.170.59819",
"templateHash": "512112730780239094"
},
"name": "Site Slot Auth Settings V2 Config",
"description": "This module deploys a Site Auth Settings V2 Configuration.",
Expand Down Expand Up @@ -2494,8 +2494,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "2236066853450471067"
"version": "0.26.170.59819",
"templateHash": "4923254671011353973"
},
"name": "Web Site Slot Basic Publishing Credentials Policies",
"description": "This module deploys a Web Site Slot Basic Publishing Credentials Policy.",
Expand Down Expand Up @@ -2620,8 +2620,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "1058820827217282473"
"version": "0.26.170.59819",
"templateHash": "15033433727480709023"
},
"name": "Web/Function Apps Slot Hybrid Connection Relay",
"description": "This module deploys a Site Slot Hybrid Connection Namespace Relay.",
Expand Down Expand Up @@ -3440,8 +3440,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "12379291046700283915"
"version": "0.26.170.59819",
"templateHash": "1590652329081458395"
},
"name": "Web Site Basic Publishing Credentials Policies",
"description": "This module deploys a Web Site Basic Publishing Credentials Policy.",
Expand Down Expand Up @@ -3556,8 +3556,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.26.54.24096",
"templateHash": "12607693486765150465"
"version": "0.26.170.59819",
"templateHash": "15287918657229788223"
},
"name": "Web/Function Apps Hybrid Connection Relay",
"description": "This module deploys a Site Hybrid Connection Namespace Relay.",
Expand Down

0 comments on commit 31898ed

Please sign in to comment.