Adding support for Private Link Service Connection type auto and manual #1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
segraef
added a commit
that referenced
this pull request
Dec 11, 2023
segraef
pushed a commit
that referenced
this pull request
Dec 16, 2024
…zure#3015) ## Description - Example implementation to dynamically inject tenant/contributor-specific information into test cases - Tests - Using GitHub Secrets: Failed as not dynamic. All secrets would need to be declared explicitely in the templates, requiring continuous updates - Using Key Vault: Works, but requires an Azure Key Vault in the test subscription + granting the deploying principal Key Vault Secret User permissions on set Key vault - Secret values are fetched by prefix (currently `CI-`) and only if a given test template has a parameter of the same name. - Secrets are passed as secureStrings from beginning to end (i.e., also the parameter **must** be declared as `@secure()` - The test template parameter must follow the same naming as the secret to be matched as per the following rules - `CI-MySecret` would be matched wih a parameter named `mySecret` Remaining TODOs - [x] Agree on naming of variable & prefix - [x] Test whether the solution is robust enough to not fail if the Key Vault name variable is not set ([Test Run - See attempt #1](https://github.com/Azure/bicep-registry-modules/actions/runs/10559737937)) <details><summary>Result</summary> The lack of the variable does **not** fail the pipeline as shown in the following run. The logic goes past the point where it checks for the Key Vault  </details> @clintgrove, @rahalan & @segraef, please note that if this PR is merged it means you would need to update your forks in order to continue contributing to your modules. As the names etc. can still change I'd advice against any action at this point, but you should be the first to know :) On the plus side, no more updating of tenant-specific values 😉 ### GitHub Settings  ### Azure KeyVault  ### Pipeline logic in action  ## Pipeline Reference <!-- Insert your Pipeline Status Badge below --> | Pipeline | | -------- | [](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.managed-services.registration-definition.yml) [](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.compute.virtual-machine.yml) [](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.databricks.workspace.yml) ## Type of Change <!-- Use the checkboxes [x] on the options that are relevant. --> - [ ] Update to CI Environment or utilities (Non-module affecting changes) - [ ] Azure Verified Module updates: - [ ] Bugfix containing backwards-compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in `version.json`: - [ ] Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description. - [ ] The bug was found by the module author, and no one has opened an issue to report it yet. - [ ] Feature update backwards compatible feature updates, and I have bumped the MINOR version in `version.json`. - [ ] Breaking changes and I have bumped the MAJOR version in `version.json`. - [ ] Update to documentation ## Checklist - [ ] I'm sure there are no other open Pull Requests for the same update/change - [ ] I have run `Set-AVMModule` locally to generate the supporting module files. - [ ] My corresponding pipelines / checks run clean and green without any errors or warnings <!-- Please keep up to date with the contribution guide at https://aka.ms/avm/contribute/bicep --> --------- Co-authored-by: Jack Tracey <[email protected]>
](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.managed-services.registration-definition.yml){kind=link}
](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.compute.virtual-machine.yml){kind=link}
](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.databricks.workspace.yml){kind=link}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
If you haven't already, read the full contribution guide. The guide may have changed since the last time you read it, so please double-check. Once you are done and ready to submit your PR, edit the PR description and run through the relevant checklist below.
Enable GitHub Worksflows in your fork to enable auto-generation of assets with our GitHub Action.
To trigger GitHub Actions after auto-generation, add a GitHub PAT as a secret in your forked repository called
PAT.Adding a new module
brm validatelocally to verify the module files.Updating an existing module
brm validatelocally to verify the module files.version.jsonfile properly:version.json.version.json.version.json.