Fix bicep build-params run condition (#4)

* Fix bicep_build_params condition * Add env values to Show debug info * Add file output to az-bicep.sh when json is used instead of bicep
innofactororg · Feb 22, 2024 · 638d334 · 638d334
1 parent 8bbd733
commit 638d334
Show file tree

Hide file tree

Showing 7 changed files with 46 additions and 11 deletions.
diff --git a/.github/actions/deploy/action.yml b/.github/actions/deploy/action.yml
@@ -207,6 +207,11 @@ runs:
           inputs.log_severity != 'ERROR'
         ) || failure()
       uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #v7.0.1
+      env:
+        IN_PROVIDERS: ${{ inputs.azure_providers }}
+        IN_WAIT_COUNT: ${{ inputs.azure_provider_wait_count }}
+        IN_WAIT_SECONDS: ${{ inputs.azure_provider_wait_seconds }}
+        IN_AUTO_MERGE: ${{ inputs.auto_merge }}
       with:
         github-token: ${{ inputs.token }}
         script: |

diff --git a/.github/actions/plan/action.yml b/.github/actions/plan/action.yml
@@ -130,7 +130,7 @@ runs:
 
     - name: Bicep build-params
       id: bicep_build_params
-      if: inputs.parameters != ''
+      if: inputs.template_parameters != ''
       env:
         IN_SEVERITY: ${{ inputs.log_severity }}
         IN_TEMPLATE: ${{ inputs.template_parameters }}
@@ -274,6 +274,27 @@ runs:
           inputs.log_severity != 'ERROR'
         ) || failure()
       uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #v7.0.1
+      env:
+        CLIENT_ID: ${{ inputs.azure_client_id }}
+        CLIENT_SECRET: ${{ inputs.azure_client_secret }}
+        IN_CURRENCY: ${{ inputs.currency }}
+        IN_LOCATION: ${{ inputs.location }}
+        IN_MANAGEMENT_GROUP: ${{ inputs.management_group }}
+        IN_PROVIDERS: ${{ inputs.azure_providers }}
+        IN_RESOURCE_GROUP: ${{ inputs.resource_group }}
+        IN_SCOPE: ${{ inputs.scope }}
+        IN_SEVERITY: ${{ inputs.log_severity }}
+        IN_SUBSCRIPTION_ID: ${{ inputs.azure_subscription_id }}
+        IN_RULE_OPTION: ${{ inputs.rule_option }}
+        IN_TENANT_ID: ${{ inputs.azure_tenant_id }}
+        IN_TEMPLATE: ${{ inputs.template }}
+        IN_TEMPLATE_PARAMS: ${{ inputs.template_parameters }}
+        IN_THRESHOLD: ${{ inputs.cost_threshold }}
+        IN_VERSION_ACE: ${{ inputs.version_ace_tool }}
+        OUT_PROVIDERS: ${{ steps.validate.outputs.providers }}
+        RULE_CONFIG_ERROR: ${{ steps.psrule_config.outputs.error }}
+        TEMPLATE_FILE: ${{ steps.bicep_build.outputs.file }}
+        TEMPLATE_PARAMS_FILE: ${{ steps.bicep_build_params.outputs.file }}
       with:
         github-token: ${{ inputs.token }}
         script: |

diff --git a/scripts/az-bicep.sh b/scripts/az-bicep.sh
@@ -72,7 +72,7 @@ else
   src_file_extension='bicep'
   out_file_extension='json'
 fi
-if [[ $IN_TEMPLATE == http* ]]; then
+if [[ "${IN_TEMPLATE}" == 'http'* ]]; then
   file="${IN_TEMPLATE##*/}"
   uri="${IN_TEMPLATE}"
   echo "Download ${uri}"
@@ -89,7 +89,7 @@ if [[ $IN_TEMPLATE == http* ]]; then
   fi
   IN_TEMPLATE="${IN_TEMPLATE##*/}"
 fi
-if [[ $IN_TEMPLATE == *.${src_file_extension} ]]; then
+if [[ "${IN_TEMPLATE}" == *".${src_file_extension}" ]]; then
   out_file=$(readlink -f "${IN_TEMPLATE/.${src_file_extension}/.${out_file_extension}}")
   echo "Set output: file='${out_file}'"
   if test -n "${TF_BUILD-}"; then
@@ -109,6 +109,15 @@ if [[ $IN_TEMPLATE == *.${src_file_extension} ]]; then
     cp "${out_file}" "${LOG_PATH}/"
   fi
 else
+  if [[ "${IN_TEMPLATE}" == *".${out_file_extension}" ]]; then
+    out_file=$(readlink -f "${IN_TEMPLATE}")
+    echo "Set output: file='${out_file}'"
+    if test -n "${TF_BUILD-}"; then
+      echo "##vso[task.setvariable variable=file;isoutput=true]${out_file}"
+    else
+      echo "file=${out_file}" >> "$GITHUB_OUTPUT"
+    fi
+  fi
   echo "Skip bicep ${SCRIPT_ACTION}, not a ${src_file_extension} file: ${IN_TEMPLATE}"
 fi
 log_output "${log}" '' ''
diff --git a/scripts/az-deploy.sh b/scripts/az-deploy.sh
@@ -129,7 +129,7 @@ log_output() {
 if test -z "${TF_BUILD-}"; then
   echo "::group::Output"
 fi
-if [[ $IN_TEMPLATE == http* ]]; then
+if [[ "${IN_TEMPLATE}" == 'http'* ]]; then
   file="${IN_TEMPLATE##*/}"
   if ! test -f "${file}"; then
     echo "Download ${IN_TEMPLATE}"
@@ -147,7 +147,7 @@ if [[ $IN_TEMPLATE == http* ]]; then
   fi
   IN_TEMPLATE="${file}"
 fi
-if [[ $IN_TEMPLATE_PARAMS == http* ]]; then
+if [[ "${IN_TEMPLATE_PARAMS}" == 'http'* ]]; then
   uri="${IN_TEMPLATE_PARAMS%% *}"
   file="${file##*/}"
   if ! test -f "${file}"; then
@@ -167,9 +167,9 @@ if [[ $IN_TEMPLATE_PARAMS == http* ]]; then
   IN_TEMPLATE_PARAMS="${file}"
 fi
 cmd="az deployment ${IN_SCOPE} ${SCRIPT_ACTION} --name ${LOG_NAME}_${RUN_ID}"
-if [[ $IN_TEMPLATE == http* ]]; then
+if [[ "${IN_TEMPLATE}" == 'http'* ]]; then
   cmd+=" --template-uri ${IN_TEMPLATE}"
-elif [[ $IN_TEMPLATE == /subscriptions/* ]]; then
+elif [[ "${IN_TEMPLATE}" == '/subscriptions/'* ]]; then
   cmd+=" --template-spec ${IN_TEMPLATE}"
 else
   cmd+=" --template-file ${IN_TEMPLATE}"

diff --git a/scripts/azure-cost.sh b/scripts/azure-cost.sh
@@ -140,10 +140,10 @@ case "${IN_SCOPE}" in
   sub)    cmd+=" ${IN_SCOPE} ${TEMPLATE_FILE} ${SUBSCRIPTION_ID} ${IN_LOCATION}";;
   group)  cmd+=" ${TEMPLATE_FILE} ${SUBSCRIPTION_ID} ${IN_RESOURCE_GROUP}";;
 esac
-if [[ $TEMPLATE_PARAMS_FILE == *.parameters.json ]]; then
+if [[ "${TEMPLATE_PARAMS_FILE}" == *'.parameters.json' ]]; then
   cmd+=" --parameters ${TEMPLATE_PARAMS_FILE}"
 fi
-if [[ $IN_TEMPLATE_PARAMS == *=* ]]; then
+if [[ "${IN_TEMPLATE_PARAMS}" == *'='* ]]; then
   IFS=' ' read -ra param_list <<< "${IN_TEMPLATE_PARAMS}"
   for pair in "${param_list[@]}"; do
     if test -n "${pair%=*}" && [[ "${pair}" == *=* ]]; then

diff --git a/scripts/install-tools.sh b/scripts/install-tools.sh
@@ -38,7 +38,7 @@ log_output() {
 az_version=$(az version | jq -r '."azure-cli"')
 echo "Azure CLI ${az_version} with extensions:" | tee -a "${log}"
 az version --query extensions -o yaml | tee -a "${log}"
-if [[ $IN_TEMPLATE == *.bicep ]]; then
+if [[ "${IN_TEMPLATE}" == *'.bicep' ]]; then
   az config set bicep.use_binary_from_path=False >/dev/null 2>&1
   cmd="az bicep install"
   case "${IN_SEVERITY}" in

diff --git a/scripts/psrule-config.sh b/scripts/psrule-config.sh
@@ -8,7 +8,7 @@ if ! test -f "${OPTION}"; then
   missing="Unable to find rule_option file ${OPTION}"
 else
   echo "Use PSRule config at ${OPTION}"
-  if test -n "${TEMPLATE_FILE}" && [[ $TEMPLATE_PARAMS_FILE == *.parameters.json ]]; then
+  if test -n "${TEMPLATE_FILE}" && [[ "${TEMPLATE_PARAMS_FILE}" == *'.parameters.json' ]]; then
     file=$TEMPLATE_PARAMS_FILE
     t=$(basename "${TEMPLATE_FILE}")
     p=$(basename "${file}")