Module scope recognizing scope function as bicep reference #1195
Comments
|
Bicep doesn't block you from declaring symbols with the same name as built-in functions - instead you need to disambiguate using namespaces. I realize now that this is completely undocumented so I've added task #1196 to make sure we document it. Here's how you would need to update your example to use namespaces: targetScope = 'tenant'
resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = {
name: 'rg1'
location: 'westeurope'
properties: {
}
}
module managementGroup 'managementGroup.bicep' = {
name: 'managementGroup'
scope: az.managementGroup('c78eeaf5-617d-4733-a597-08646541a46')
}
module rgModule 'resourceGroup.bicep' = {
name: 'resourceGroup'
scope: az.resourceGroup('c78eeaf5-617d-4733-a597-08646541a462')
} |
|
Thanks. Besides updating docs, perhaps we could include this hint in error messages? |
|
@anthony-c-martin I give it a try and it does not work for managementGroup, as there is no managementGroup function in az namespace. Also, it would be nice if we could reference resource group directly, instead needing go through function: from this: to this: |
|
On the second thought - why do we even need to specify scope type for module resource? We provide |
|
There's a few different issues going on here:
main.bicep module.bicep
This will be fixed by #822
The logic is that if scope is not specified for the module, we try to use the scope of the parent bicep file. If that scope is invalid, we throw an error and require you to specify scope manually. |
alex-frankel
added
question
|
Ugh, I double checked now and To sum up:
As for the 5th: let's consider the case above with deployment from tenant to management group - why we need to explicitly specify, that module If we do not provide scope - we will use default - and that is ok - included modules will target current management group, subscription, tenant, rg - and we will be able to use only modules, that has this same target scope as the module we include them from. Specifying only name will fit nicely in #822 - you can either use bicep reference or provide a text value which will be a name/guid for the thing module is expecting (subscription/mg/rg). Edge case would be tenant deployments called from non-tenant scope modules, as this will break the 'when scope not present - use scope from calling module' rule. |
|
Oh, I see now. So instead of having to specify Good if I close this one, since it looks we are tracking everything in other issues? |
Are you sure? I don't see any case, when we have different values of targetScope in module and scope function in module call. And if we do not provide any name or reference, we assume that we target current resourceGroup, subscription, tenant, depending on the value defined in the module itself. For management groups, when we deploy not from a managment group scope, we anyway need to provide mg name. I think we can close this issue and eventually track relaxing the necessity of providing function in module scope in a new issue. |
|
Definitely not sure :) I will let @anthony-c-martin provide more details on the why on the new issue |
ghost
locked as resolved and limited conversation to collaborators
Bicep version
Bicep CLI version 0.2.217 (1c7a300b9a)
Describe the bug
A clear and concise description of what the bug is vs what you expected to happen
When we use for module (or resource) name
managementGrouporresourceGrouporsubscription, and then we use module with scope, instead using function it tries to use that resource.To Reproduce
Steps to reproduce the behavior:
output:
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: