From e6b5a770ec63f0beabdcbdb117d36ef281b4cf6d Mon Sep 17 00:00:00 2001 From: Johan Dahlbom Date: Thu, 9 Sep 2021 14:25:30 +0200 Subject: [PATCH] Changed generation of policySetDefinitions and improved whatif error handling (#423) * enhanced error handling for whatif/bicep * generate parameter files for policySetDefinitions --- src/internal/classes/AzOpsScope.ps1 | 2 +- .../functions/New-AzOpsDeployment.ps1 | 45 +++++++++++++++---- 2 files changed, 38 insertions(+), 9 deletions(-) diff --git a/src/internal/classes/AzOpsScope.ps1 b/src/internal/classes/AzOpsScope.ps1 index 3b787415..a16d4863 100644 --- a/src/internal/classes/AzOpsScope.ps1 +++ b/src/internal/classes/AzOpsScope.ps1 @@ -225,7 +225,7 @@ } else { if ( (Get-PSFConfigValue -FullName 'AzOps.Core.TemplateParameterFileSuffix') -notcontains 'parameters.json' -and - ("$($this.ResourceProvider)/$($this.Resource)" -eq 'Microsoft.Authorization/policyDefinitions') + ("$($this.ResourceProvider)/$($this.Resource)" -in 'Microsoft.Authorization/policyDefinitions', 'Microsoft.Authorization/policySetDefinitions') ) { $this.StatePath = ($this.GetAzOpsResourcePath() + '.parameters' + (Get-PSFConfigValue -FullName 'AzOps.Core.TemplateParameterFileSuffix')) } diff --git a/src/internal/functions/New-AzOpsDeployment.ps1 b/src/internal/functions/New-AzOpsDeployment.ps1 index 89e03eb4..9a31779d 100644 --- a/src/internal/functions/New-AzOpsDeployment.ps1 +++ b/src/internal/functions/New-AzOpsDeployment.ps1 @@ -72,6 +72,11 @@ #region Parse Content $templateContent = Get-Content $TemplateFilePath | ConvertFrom-Json -AsHashtable + + if ($templateContent.metadata._generator.name -eq 'bicep') { + # Detect bicep templates + $bicepTemplate = $true + } #endregion #region Process Scope @@ -99,7 +104,15 @@ # Validate Template $results = Get-AzSubscriptionDeploymentWhatIfResult @parameters -ErrorAction Continue -ErrorVariable resultsError if ($resultsError) { - Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.WhatIfWarning' -StringValues $resultsError.Exception.Message -Target $scopeObject + if ($resultsError.exception.InnerException.Message -match 'https://aka.ms/resource-manager-parameter-files' -and $true -eq $bicepTemplate) { + Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.TemplateParameterError' -Target $scopeObject + $invalidTemplate = $true + } + else { + Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.WhatIfWarning' -Target $scopeObject -Tag Error -StringValues $resultsError.exception.InnerException.Message + throw $resultsError.exception.InnerException.Message + } + } elseif ($results.Error) { Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.TemplateError' -StringValues $TemplateFilePath -Target $scopeObject @@ -113,7 +126,9 @@ $parameters.Name = $DeploymentName if ($PSCmdlet.ShouldProcess("Start Subscription Deployment?")) { - New-AzSubscriptionDeployment @parameters + if (-not $invalidTemplate) { + New-AzSubscriptionDeployment @parameters + } } else { # Exit deployment @@ -134,11 +149,16 @@ $results = Get-AzResourceGroupDeploymentWhatIfResult @parameters -ErrorAction Continue -ErrorVariable resultsError if ($resultsError) { - Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.WhatIfWarning' -StringValues $resultsError.Exception.Message -Target $scopeObject - if ($resultsError.exception.InnerException.Message -match 'InvalidTemplate') { + + if ($resultsError.exception.InnerException.Message -match 'https://aka.ms/resource-manager-parameter-files' -and $true -eq $bicepTemplate) { Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.TemplateParameterError' -Target $scopeObject $invalidTemplate = $true } + else { + Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.WhatIfWarning' -Target $scopeObject -Tag Error -StringValues $resultsError.exception.InnerException.Message + throw $resultsError.exception.InnerException.Message + } + } elseif ($results.Error) { Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.TemplateError' -StringValues $TemplateFilePath -Target $scopeObject @@ -183,10 +203,14 @@ $results = Get-AzSubscriptionDeploymentWhatIfResult @parameters -ErrorAction Continue -ErrorVariable resultsError if ($resultsError) { - Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.WhatIfWarning' -StringValues $resultsError.Exception.Message -Target $scopeObject - if ($resultsError.exception.InnerException.Message -match 'InvalidTemplate') { + if ($resultsError.exception.InnerException.Message -match 'https://aka.ms/resource-manager-parameter-files' -and $true -eq $bicepTemplate) { + Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.TemplateParameterError' -Target $scopeObject $invalidTemplate = $true } + else { + Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.WhatIfWarning' -Target $scopeObject -Tag Error -StringValues $resultsError.exception.InnerException.Message + throw $resultsError.exception.InnerException.Message + } } elseif ($results.Error) { Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.TemplateError' -StringValues $TemplateFilePath -Target $scopeObject @@ -227,10 +251,15 @@ $results = Get-AzManagementGroupDeploymentWhatIfResult @parameters -ErrorAction Continue -ErrorVariable resultsError if ($resultsError) { - Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.WhatIfWarning' -StringValues $resultsError.Exception.Message -Target $scopeObject - if ($resultsError.exception.InnerException.Message -match 'InvalidTemplate') { + + if ($resultsError.exception.InnerException.Message -match 'https://aka.ms/resource-manager-parameter-files' -and $true -eq $bicepTemplate) { + Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.TemplateParameterError' -Target $scopeObject $invalidTemplate = $true } + else { + Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.WhatIfWarning' -Target $scopeObject -Tag Error -StringValues $resultsError.exception.InnerException.Message + throw $resultsError.exception.InnerException.Message + } } elseif ($results.Error) { Write-PSFMessage -Level Warning -String 'New-AzOpsDeployment.TemplateError' -StringValues $TemplateFilePath -Target $scopeObject