Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Keyvault's property VaultUri is not recognized. #15114

Closed
kappa-mu opened this issue Sep 20, 2024 · 8 comments · May be fixed by #15398
Closed

Keyvault's property VaultUri is not recognized. #15114

kappa-mu opened this issue Sep 20, 2024 · 8 comments · May be fixed by #15398
Assignees
Milestone

Comments

@kappa-mu
Copy link

Bicep version
0.30.3

Describe the bug
Keyvault's property VaultUri is not recognized in version 0.30.3. It is working fine in 0.29.47

To Reproduce

  1. Create a keyvault
  2. Try to output the vaulturi of the keyvault using : KeyVaultResource.properties.vaultUri and it will throw an error as vaulturi is not recognized
@jeskew
Copy link
Contributor

jeskew commented Sep 20, 2024

There weren't any changes to the KeyVault types that shipped in v0.30.3 (the most recent change was in v0.29.47), and I'm not able to reproduce this issue without a bit more information. What API version for KV are you using? kv.properties.vaultUri is defined in the latest stable version, at least:

image

image

@kappa-mu
Copy link
Author

kappa-mu commented Sep 26, 2024

The issue semms to be in vscode bicep extension. The API version I was using is 2022-07-01, but this happened with latest versions of the APIs as well.
vs-extension issue bicep

@stephaniezyen stephaniezyen added Needs: Author Feedback Awaiting feedback from the author of the issue and removed Needs: Triage 🔍 Needs: Author Feedback Awaiting feedback from the author of the issue labels Oct 9, 2024
@kappa-mu
Copy link
Author

Now this started failing in pipeline also, unfortunately, stopping our work.

@alex-frankel
Copy link
Collaborator

Can you share the exact error message you are seeing? As well as the bicep code you are using to reproduce (as text, not an image)?

I am also not able to repro this issue and here is the bicep code I used:

resource kv 'Microsoft.KeyVault/vaults@2023-07-01' = {
  name: 'foo'
  location: 'eastus'
  properties: {
    sku: {
      name: 'standard'
      family: 'A'
    }
    tenantId: subscription().tenantId
  }
}

output kvuri string = kv.properties.vaultUri

@alex-frankel alex-frankel added Needs: Author Feedback Awaiting feedback from the author of the issue and removed Needs: Triage 🔍 labels Oct 18, 2024
@kappa-mu
Copy link
Author

kappa-mu commented Oct 18, 2024

Please see the code of the issue below. The exact error message is: The type "object" does not contain property "vaultUri". Available properties include "accessPolicies", "createMode", "enabledForDeployment", "enabledForDiskEncryption", "enabledForTemplateDeployment", "enablePurgeProtection", "enableRbacAuthorization", "enableSoftDelete", "networkAcls", "publicNetworkAccess", "sku", "softDeleteRetentionInDays", "tenantId".bicepBCP053

Image

@microsoft-github-policy-service microsoft-github-policy-service bot added Needs: Triage 🔍 and removed Needs: Author Feedback Awaiting feedback from the author of the issue labels Oct 18, 2024
@alex-frankel
Copy link
Collaborator

@kappa-mu can you share the complete bicep code as text instead of an image? Please make sure you include everything in the file. It's strange to be getting an error here instead of a warning. When referencing unknown properties in a resource, it should be a warning. I suspect something else in the file may be causing this.

Notice in the below example, when I reference an unknown property on a keyvault, this is the warning I get:
Image

Also notice the referenced type is not object but VaultProperties, so something else seems to be happening here.

Can you also share the Bicep Extension version? This can be different than the Bicep CLI version. You can find it here:

Image

@alex-frankel alex-frankel added Needs: Author Feedback Awaiting feedback from the author of the issue and removed Needs: Triage 🔍 labels Oct 18, 2024
@kappa-mu
Copy link
Author

kappa-mu commented Oct 21, 2024

Hello @alex-frankel thank you for responding. I am able to work with it with the older version of bicep extension 0.29.47 where the same code does not throw any error. But the code does not work on 0.30.23 or 0.30.3. I was able to continue my work with the older version of the bicep. So it was a low priority problem till last week.

But, I use Azure DevOps release pipeline to deploy infrastructure using Azure CLI task. There it was working at least up to 25th September, 2024 when the build version was 0.29.4, this is from log - "2024-09-25T09:38:20.0507372Z VERBOSE: Using Bicep v0.29.47"

Since last week, the bicep version of Azure CLI task got updated and it started failing in the pipeline also - "2024-10-18T11:25:07.1621128Z VERBOSE: Using Bicep v0.30.23" and the error message is:
"Error BCP053: The type "object" does not contain property "vaultUri". Available properties include "accessPolicies", "createMode", "enabledForDeployment", "enabledForDiskEncryption", "enabledForTemplateDeployment", "enablePurgeProtection", "enableRbacAuthorization", "enableSoftDelete", "networkAcls", "publicNetworkAccess", "sku", "softDeleteRetentionInDays", "tenantId". [https://aka.ms/bicep/core-diagnostics#BCP053]"

Please find the full code below:

param ci string
@description('DTAP dtap (DEV,TST,ACC,or PRD)')
@allowed([
  'DEV'
  'TST'
  'ACC'
  'PRD'
])
param dtap string
param location string = resourceGroup().location
@description('whether this Keyvault has VNET integration')
param privateInbound bool = false
@description('if disabled no public access is allow only through private endpoint')
param publicNetworkAccess string = 'Enabled' 
param sku string = 'standard'
param accessPolicies array = []
param enabledForDeployment bool = false
param enabledForRBAC bool = true
param enabledForTemplateDeployment bool = true
param enabledForDiskEncryption bool = false
param softDeleteRetentionInDays int = 90
param enablePurgeProtection bool = true
param suffix string = ''

@description('whether to create a new or recover a keyvault')
@allowed([
  'new'
  'existing'
])
param newOrExisting string = 'new'
@description('application name tag')
param applicationName string

var KeyVaultResourceName = empty(suffix) ? 'MSC-KEY-${toUpper(ci)}-${toUpper(dtap)}' : 'MSC-KEY-${toUpper(ci)}-${toUpper(dtap)}-${toUpper(suffix)}'
//var KeyVaultResourceName = 'MSC-KEY-${ci}-${dtap}'
var virtualNetworkRules = privateInbound ? [
  {
    id: existingVnet::backendsubnet.id
    ignoreMissingVnetServiceEndpoint: false
  }
] : []

var properties = (newOrExisting == 'new') ? {
  createMode: 'default'
  enabledForDeployment: enabledForDeployment
  enabledForTemplateDeployment: enabledForTemplateDeployment
  enabledForDiskEncryption: enabledForDiskEncryption
  enableRbacAuthorization: enabledForRBAC
  accessPolicies: accessPolicies
  tenantId: subscription().tenantId
  sku: {
    name: sku
    family: 'A'
  }
  enableSoftDelete: true
  softDeleteRetentionInDays: softDeleteRetentionInDays
  enablePurgeProtection: enablePurgeProtection
  networkAcls: {
    bypass: 'AzureServices'
    defaultAction: 'Deny'
    ipRules: []
    virtualNetworkRules: virtualNetworkRules
  }
  publicNetworkAccess: publicNetworkAccess
} : {
  createMode: 'recover'
  enabledForDeployment: enabledForDeployment
  enabledForTemplateDeployment: enabledForTemplateDeployment
  enabledForDiskEncryption: enabledForDiskEncryption
  enableRbacAuthorization: enabledForRBAC
  accessPolicies: accessPolicies
  tenantId: subscription().tenantId
  sku: {
    name: sku
    family: 'A'
  }
  enableSoftDelete: true
  softDeleteRetentionInDays: softDeleteRetentionInDays
  enablePurgeProtection: enablePurgeProtection
  networkAcls: {
    bypass: 'AzureServices'
    defaultAction: 'Deny'
    ipRules: []
    virtualNetworkRules: virtualNetworkRules
  }
  publicNetworkAccess: publicNetworkAccess
}


@description('gather existing vnet')
resource existingVnet 'Microsoft.Network/virtualNetworks@2021-08-01' existing = {
  name: 'MSC-VNW-${toUpper(ci)}-${toUpper(dtap)}'

  resource backendsubnet 'subnets' existing = {
    name: 'MSC-NET-${toUpper(ci)}-${toUpper(dtap)}-BACKEND'
  }
}


resource KeyVaultResource 'Microsoft.KeyVault/vaults@2023-07-01' = {
  tags: {
    'CCC template version': '2.0'
    'Application Name': applicationName
  }
  name: KeyVaultResourceName
  location: location
  properties: properties
}

output resource object = KeyVaultResource
output resourceId string = KeyVaultResource.id
output keyvaultName string = KeyVaultResourceName
output keyvaultUri string = KeyVaultResource.properties.vaultUri

@microsoft-github-policy-service microsoft-github-policy-service bot added Needs: Triage 🔍 and removed Needs: Author Feedback Awaiting feedback from the author of the issue labels Oct 21, 2024
@stephaniezyen stephaniezyen moved this from Todo to In Progress in Bicep Oct 23, 2024
jeskew added a commit that referenced this issue Oct 27, 2024
Resolves #15397

Worked on this as an alternative way to address #15114 (instead of
#15398). This PR does two things:

1. If a ternary has a literally-typed condition (i.e., it is definitely
true or definitely false), the type engine will use the type of the
active branch's expression. E.g., the type of `true ? 'a' : 'b'` is
`'a'`, and the type of `false ? 'a' : 'b'` is `'b'`. There was a TODO
comment in TypeAssignmentVisitor suggesting this change.
2. If the types of both branches can be combined instead of represented
as a union, the type engine will do so. For example, the type of
`unknownCondition ? 'a' : 'b'` is `'a' | 'b'` (a union), but the type of
`unknownCondition ? [stringParam] : [intParam]` is `[int | string]`
(assuming the type of `stringParam` is `string` and the type of
`intParam` is `int`). This change relies on existing type collapsing
logic, so it will handle things like combining refinements on string
types and combining objects into tagged unions if possible.

One change I made to the TypeCollapser is to collapse objects that
*can't* be combined into a tagged union into an object whose properties
are a union of the possible property types of the inputs. This is
similar to how we collapse tuple types. Given a template like the
following:

```bicep
param a {
  foo: string
}

param b {
  bar: string
  *: int
}

param condition bool

var value = condition ? a : b
```

`value` would have a type of `{ bar: string, foo: int | string, *: int
}`, with all properties flagged as optional.
###### Microsoft Reviewers: [Open in
CodeFlow](https://microsoft.github.io/open-pr/?codeflow=https://github.com/Azure/bicep/pull/15399)
@stephaniezyen stephaniezyen moved this from In Progress to In Review in Bicep Oct 30, 2024
@stephaniezyen stephaniezyen modified the milestones: v0.31, v0.32 Nov 6, 2024
@stephaniezyen stephaniezyen modified the milestones: v0.32, v0.33 Dec 11, 2024
@jeskew
Copy link
Contributor

jeskew commented Dec 11, 2024

I believe this was fixed in #15399 but wasn't closed at the time. If you are still seeing this issue, please let us know! It should have been fixed in v0.31

@jeskew jeskew closed this as completed Dec 11, 2024
@github-project-automation github-project-automation bot moved this from In Review to Done in Bicep Dec 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Done
Development

Successfully merging a pull request may close this issue.

4 participants