Azure DevOps using Bicep has different behave on local machine compared to ADO runner
I am deploying very simple Azure log search alert rules using Bicep. Code sample:
param alertLocation string = resourceGroup().location
var umAlertRules = [
{
name: 'Update Manager Schedule Failures'
query: 'here is query, not important for explanation to have here'
description: 'Update schedules with status other than succeded'
displayName: 'Update Manager Schedule Failures'
enabled: true
evaluationFrequency: 'PT5M'
severity: 1
windowSize: 'PT5M'
}
{
name: 'Patch Installation Failures'
query: 'here is query, not important for explanation to have here'
description: 'Patch installation with other than succeded status'
displayName: 'Patch Installation Failures'
enabled: true
evaluationFrequency: 'P1D'
severity: 1
windowSize: 'P1D'
}
]
resource umAlertRule 'Microsoft.Insights/scheduledQueryRules@2023-03-15-preview' = [for umAlertRule in umAlertRules:{
name: umAlertRule.name
location: alertLocation
tags: resourceGroup().tags
identity: {
type: 'UserAssigned'
userAssignedIdentities: {
'/subscriptions/subscription_id/resourceGroups/myRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/idName': {}
}
}
properties: {
actions: {
actionGroups: [
'subscriptions/subscription_id/resourceGroups/myRG/providers/microsoft.insights/actiongroups/ag-updatemanager'
]
actionProperties: {}
customProperties: {}
}
autoMitigate: false
criteria: {
allOf: [
{
dimensions: []
failingPeriods: {
minFailingPeriodsToAlert: 1
numberOfEvaluationPeriods: 1
}
operator: (contains(umAlertRule, 'criteriaOperator')) ? umAlertRule.criteriaOperator : 'GreaterThanOrEqual' // THIS PART IS CAUSING ISSUE IN ADO PIPELINE
query: umAlertRule.query
threshold: 1
timeAggregation: 'Count'
}
]
}
description: umAlertRule.description
displayName: umAlertRule.displayName
enabled: umAlertRule.enabled
evaluationFrequency: umAlertRule.evaluationFrequency
muteActionsDuration: (contains(umAlertRule, 'muteActionsDuration')) ? umAlertRule.muteActionsDuration : null // THIS PART IS CAUSING ISSUE IN ADO PIPELINE
scopes: [
'subscriptions/subscription_id'
]
severity: umAlertRule.severity
skipQueryValidation: true
targetResourceTypes: []
windowSize: umAlertRule.windowSize
}
}]
When I am running Bicep configuration on localhost using command az deployment group what-if on WSL Ubuntu or using Powershell Core command New-AzResourceGroupDeployment, there is no error reported and deployment succeeds.
This is on output operator: "GreaterThanOrEqual"
But using following tasks in Azure DevOps:
- task: AzureCLI@2
name: BicelPlan
displayName: Bicep Plan
inputs:
azureSubscription: $(azureServiceConnection)
scriptType: 'bash'
workingDirectory: 'bicep'
scriptLocation: 'inlineScript'
inlineScript: |
az deployment group what-if \
--resource-group 'myRG' \
--template-file 'um_alerts.bicep'
pipeline using public runner, it fails with following error:
/home/vsts/work/1/s/bicep/um_alerts.bicep(75,79) : Error BCP053: The type "object" does not contain property "criteriaOperator". Available properties include "description", "displayName", "enabled", "evaluationFrequency", "name", "query", "severity", "windowSize".*
The goal of this, is to use similar approach as in Terraform locals, where not all properties are specified and try function is used in configuration.
Did anyone experienced same? Obviously the point here is to DRY.
I can reproduce the same issue when using the latest bicep file.
The cause of the issue is that the Pipeline is using the Az.bicep version v0.27.1 by default.
Refer to this release note: Azure.bicep v0.28.1
Allow dot property access on union of objects with undeclared property
To solve this issue, you need to upgrade the az.bicep version to v0.28.1 to run the deployment command.
Use command:
az bicep upgrade
Here is an example:
steps:
- task: AzureCLI@2
name: BicelPlan
displayName: Bicep Plan
inputs:
azureSubscription: 'xx'
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
az bicep upgrade
az deployment group what-if \
--resource-group 'xx' \
--template-file 'xx.bicep'
Result:
- Azure Service Plan - Convert Consumption App to Premium App
- No PK or FK when exporting SQL Server database
- Assigning a Token Lifetime Policy to an application in Microsoft EntraID seems to have no effect
- How to create a dataset for Azure custom speech using spx (speechCLI)
- Azure App Service Autoscale Fails to Scale In
- Azure Scale Out on Memory keeps flapping (not scaling in)
- Setting a server minimum for Azure Web App when using automatic scaling, from Bicep
- A keyvault created with access policy using BICEP creates compound identity
- Azure Loadbalancer with public IP forward traffic to Container Apps
- How to grant a Managed Identity permissions to an Azure SQL Database using IaC?
- What means skipNegotiation in SignalR HubConnection?
- Azure ClientCertificateCredential - Using SNI
- Azure AI Search MultiIndex / Conditional Semantic search
- MSAL Node service & The Partner Center API
- Load Registered Component in Azure ML for Pipeline using Python sdk v2
- Azure Blob:- How to automate Azure Archive Storage to Cool/Hot tier conversion, send download link once it's avaible , and re-archive after 72 hours?
- Azure App Service Custom Backup to Firewall Enabled Storage Account not working as expected
- How to take max value and replace it in drived column in data factory
- Synapse/ ADF - How to Truncate table if dynamic config column is True in pre-copy script
- Azure Cost Management - track costs associated with Databricks job
- Error: "OrganizationFromTenantGuidNotFound" (even with Microsoft 365 subscription)
- How to check Debug.Writeline() output in VS code?
- C# API - Provide download of files from Azure Blobstorage
- localhost:300/api is not working : "This page isn’t working"
- Creating an Azure Linux VM with Ubuntu 20.04 with Terraform
- Failed to deploy path that does not exist
- Using Azure WAF for my server(not in Azure)
- How and where to define an environment variable on Azure
- Azure Data Factory - Unable to preview data
- Azure yaml trigger pipeline every 14 days on a Saturday