Skip to content

Instantly share code, notes, and snippets.

@Usman0111

Usman0111/param_validation_design.md

Last active October 2, 2023 13:15
Show Gist options
  • Save Usman0111/92dda10627e550737341c74d617f4fa6 to your computer and use it in GitHub Desktop.
Save Usman0111/92dda10627e550737341c74d617f4fa6 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
param_validation_design.md

Supplemental Params Validation Design

Lets say a user makes the following deployment with Az CLI:

az deployment group create \ 
--template-file 'main.bicep'
--parameters 'params.bicepparam' \
--parameters foo='inline'

params.bicepparam

using './main.bicep'

param foo = 'test'
param bar = 0

main.bicep

param foo string
param bar int

In order to validate the type of the override value for parameter foo, we need to pass it down to the Bicep CLI while ensuring that no secrects get leaked in the shell history. For this, Az CLI would set a environment variable BICEP_PARAMETERS_OVERRIDES with following value as a JSON string:

{
  "foo" : "inline"
}

Then BICEP CLI would read this value and validate value for parameter foo.

Based on whether the value for --template is given or using delcaratoin is specified in the .bicepparam file, we can run following four secnarios:

1. Both --template and using are given

Template JSON produced from using

Prameters in .bicepparam file already validated

Overrides validate against path from using

2. --template is not given and using is given

Template JSON produced from using

Prameters in .bicepparam file already validated

Overrides validate against path from using

3. --template is given and using is not given

Template JSON produced from --template

should the prameters in .bicepparam file already validated?

Overrides validate against path from --template

4. Neither --template or using is given

Throw error since deployment/validation not possible

Two low level design questions that need to be answered:

1. How would inline params would be validated?

First Appraoch

Update the syntax tree and let the Bicep compiler determine which value is incorrect (could lead to confusion with line numbers: inline values don't have line number but compiler would think they do or updating the syntax tree)

Second Approach

Compile .bicepparam and throw errors

if none exits then call a different function to validate params (this produces errors without line numbers)

Then update the file after every value is validated


Note: Question 2 can be answered later (when using is being made optional)

2. How would we incorporate --bicep-file value in .bicepparam file when no using is given?

This can potentialy create line number issues

One strategy is to not edit the syntax tree at all just have two functions that would validate values in .bicepparam and inline values then combine them? (somewhat similar to solution 2 for question 1)

@Usman0111
Copy link
Author

A cleaner solution for line number issue in question 1 is to use "external" location for inline param errors (described here)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment