ALZ-Bicep icon indicating copy to clipboard operation
ALZ-Bicep copied to clipboard

Published 20 hours ago • verified publisher icon Azure

💡 Feature Request - Make all modules compatible with WhatIf mode

Open olljanat opened this issue 3 years ago • 6 comments
trafficstars

Describe the solution you'd like

Picked up from https://github.com/Azure/ALZ-Bicep/issues/244#issuecomment-1137199634

I see that ability to be able to run pull requests with WhatIf mode against of production is very critical as other why it is not possible to have GIT repo with CI to production and multiple persons contributing to code without high risk to break things.

That why pull request validation here should contains following steps for all modules:

  1. Deploy
  2. Deploy again with WhatIf mode
  3. Check output from WhatIf to make sure that it does not find differences between code and environment.

Tricky part is long list of known issues listed on https://aka.ms/WhatIfIssues which can be only fixed by Microsoft.

Status per module:

Ready Order Module e2e WhatIf enabled on PR Known issues preventing WhatIf
  • - [x]
1 Management Groups ~~#250~~ #276 -
  • - [ ]
2 Custom Policy Definitions
  • - [ ]
3 Custom Role Definitions
  • - [ ]
4 Logging & Sentinel
  • - [ ]
5 Hub Networking
  • - [ ]
6 Role Assignments
  • - [ ]
7 Subscription Placement
  • - [ ]
8 Built-In and Custom Policy Assignments
  • - [ ]
9 Corp Connected Spoke Network

Describe alternatives you've considered

I really don't see good alternatives for this.

Additional context

I did drop cleaned copy of my draft solution about how to use ALZ-Bicep with Azure DevOps CI to https://github.com/olljanat/alz-bicep-ci and it already contains WhatIf verification for pull requests on those parts which I have got working.

olljanat avatar May 26 '22 12:05 olljanat

Thanks for raising this @olljanat we will triage properly once #227 is merged

jtracey93 avatar May 26 '22 15:05 jtracey93

FYI. I did figure out that if you run az deployment group what-if with flag --no-pretty-print then API will return JSON which can be easily parsed with PowerShell (included example to my )

olljanat avatar Aug 11 '22 13:08 olljanat

Ado sync

jtracey93 avatar Sep 07 '22 20:09 jtracey93

FYI. As result of my ticket 2208010050001440 I ended up to creating this post https://feedback.azure.com/d365community/idea/2adb098a-4845-ed11-a81b-000d3a7b5d8c which was requested by Microsoft Support which they hoped to be able to use to raise this idea for wider awareness.

olljanat avatar Oct 06 '22 08:10 olljanat

You can make somethings leave,such as learning lecture, besides nature labor.

gaoyarui avatar Jan 25 '23 09:01 gaoyarui

It should be noted that What-If is currently having issues with ARM/Bicep as stated here issue 157. This should be added to the overall list.

FallenHoot avatar Dec 07 '23 18:12 FallenHoot