[AVM Question/Feedback]: replace secret property with custom types
#2070
Assignees
Labels
Needs: Core Team 🧞
This item needs the AVM Core Team to review it
Type: AVM 🅰️ ✌️ Ⓜ️
This is an AVM related issue
Type: Question/Feedback 🙋
Further information is requested or just some feedback
Comments
ReneHezser
added
Needs: Triage 🔍
|
Important The "Needs: Triage 🔍" label must be removed once the triage process is complete! Tip For additional guidance on how to triage this issue/PR, see the BRM Issue Triage documentation. Note This label was added as per ITA06. |
1 task
ReneHezser
changed the title
secureList property with custom typessecret property with custom types
11 tasks
|
Warning Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly. Tip
Note This message was posted as per ITA01BCP. |
microsoft-github-policy-service
bot
added
the
Status: Response Overdue 🚩
matebarabas
added
Status: In Triage 🔍
Needs: Core Team 🧞
AlexanderSehr
removed
Needs: Triage 🔍
eriqua
pushed a commit
that referenced
this issue
Jun 5, 2024
## Description
- changed secure parameter from an as secure decorated object to a
custom type.
- improved documentation with examples and tests
Unfortunately, there is a breaking change in this change. The secrets
parameter required a `secureList` property, which is not required
anymore
```
// this is the old usage
secrets: {
secureList: [
{
name: 'connection-string'
value: '<secretValue>'
}
]
}
// which has now changed to a custom type and must be used like this:
secrets: [
{
name: 'connection-string'
value: '<secretValue>'
}
]
```
#2070
Fixes #2071
## Pipeline Reference
<!-- Insert your Pipeline Status Badge below -->
| Pipeline |
| -------- |
|
[](https://github.com/ReneHezser/bicep-registry-modules/actions/workflows/avm.res.app.job.yml)
|
## Type of Change
<!-- Use the check-boxes [x] on the options that are relevant. -->
- [ ] Update to CI Environment or utlities (Non-module effecting
changes)
- [x] Azure Verified Module updates:
- [ ] Bugfix containing backwards compatible bug fixes, and I have NOT
bumped the MAJOR or MINOR version in `version.json`:
- [ ] Someone has opened a bug report issue, and I have included "Closes
#{bug_report_issue_number}" in the PR description.
- [ ] The bug was found by the module author, and no one has opened an
issue to report it yet.
- [ ] Feature update backwards compatible feature updates, and I have
bumped the MINOR version in `version.json`.
- [x] Breaking changes and I have bumped the MAJOR version in
`version.json`.
- [x] Update to documentation
## Checklist
- [x] I'm sure there are no other open Pull Requests for the same
update/change
- [x] I have run `Set-AVMModule` locally to generate the supporting
module files.
- [x] My corresponding pipelines / checks run clean and green without
any errors or warnings
---------
Co-authored-by: Alexander Sehr <[email protected]>
hundredacres
pushed a commit
to hundredacres/bicep-registry-modules
that referenced
this issue
Jun 19, 2024
](https://github.com/ReneHezser/bicep-registry-modules/actions/workflows/avm.res.app.job.yml){kind=link}
## Description
- changed secure parameter from an as secure decorated object to a
custom type.
- improved documentation with examples and tests
Unfortunately, there is a breaking change in this change. The secrets
parameter required a `secureList` property, which is not required
anymore
```
// this is the old usage
secrets: {
secureList: [
{
name: 'connection-string'
value: '<secretValue>'
}
]
}
// which has now changed to a custom type and must be used like this:
secrets: [
{
name: 'connection-string'
value: '<secretValue>'
}
]
```
Azure#2070
Fixes Azure#2071
## Pipeline Reference
<!-- Insert your Pipeline Status Badge below -->
| Pipeline |
| -------- |
|
[](https://github.com/ReneHezser/bicep-registry-modules/actions/workflows/avm.res.app.job.yml)
|
## Type of Change
<!-- Use the check-boxes [x] on the options that are relevant. -->
- [ ] Update to CI Environment or utlities (Non-module effecting
changes)
- [x] Azure Verified Module updates:
- [ ] Bugfix containing backwards compatible bug fixes, and I have NOT
bumped the MAJOR or MINOR version in `version.json`:
- [ ] Someone has opened a bug report issue, and I have included "Closes
#{bug_report_issue_number}" in the PR description.
- [ ] The bug was found by the module author, and no one has opened an
issue to report it yet.
- [ ] Feature update backwards compatible feature updates, and I have
bumped the MINOR version in `version.json`.
- [x] Breaking changes and I have bumped the MAJOR version in
`version.json`.
- [x] Update to documentation
## Checklist
- [x] I'm sure there are no other open Pull Requests for the same
update/change
- [x] I have run `Set-AVMModule` locally to generate the supporting
module files.
- [x] My corresponding pipelines / checks run clean and green without
any errors or warnings
---------
Co-authored-by: Alexander Sehr <[email protected]>
This was
linked to
pull requests
Feb 11, 2025
github-project-automation
bot
moved this from Needs: Triage
to Done
in AVM - Issue Triage
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Check for previous/existing GitHub issues
Description
Some modules that are using a property
secureListwithin the secure parameter. An example is the container-app-job module here:bicep-registry-modules/avm/res/app/job/tests/e2e/max/main.test.bicep
Line 74 in 7f9c089
This looks like a workaround which was needed in the past. We can now declare custom types and decorate a property with the
@secure()tag to protect its value, instead of the whole security object.Something like this (I skipped the descriptions for readability):
I see we have 5 modules that use a secureList like this and suggest they introduce a custom type instead of the secureList workaround.
The text was updated successfully, but these errors were encountered: