From f20459e1682ae02e8b59d9b46f60dc99fd182dde Mon Sep 17 00:00:00 2001 From: Jared Holgate Date: Sat, 6 Dec 2025 11:19:07 +0000 Subject: [PATCH 1/2] feat: improve bicep templating --- .../Convert-BicepConfigToInputConfig.ps1 | 2 ++ .../Convert-HCLVariablesToInputConfig.ps1 | 7 ++++ .../Convert-ParametersToInputConfig.ps1 | 10 +++--- .../Private/Config-Helpers/Get-ALZConfig.ps1 | 5 +-- .../Private/Config-Helpers/Write-JsonFile.ps1 | 27 ++++++++++++--- .../New-Bootstrap.ps1 | 34 +++++++++++++------ src/ALZ/Public/Deploy-Accelerator.ps1 | 25 ++++++++------ 7 files changed, 78 insertions(+), 32 deletions(-) diff --git a/src/ALZ/Private/Config-Helpers/Convert-BicepConfigToInputConfig.ps1 b/src/ALZ/Private/Config-Helpers/Convert-BicepConfigToInputConfig.ps1 index b4a8222..2d63279 100644 --- a/src/ALZ/Private/Config-Helpers/Convert-BicepConfigToInputConfig.ps1 +++ b/src/ALZ/Private/Config-Helpers/Convert-BicepConfigToInputConfig.ps1 @@ -44,6 +44,8 @@ function Convert-BicepConfigToInputConfig { $configItem | Add-Member -NotePropertyName "targets" -NotePropertyValue $variable.Value.targets } + $configItem | Add-Member -NotePropertyName "Sensitive" -NotePropertyValue $false + $configItem | Add-Member -NotePropertyName "Description" -NotePropertyValue $description $configItems | Add-Member -NotePropertyName $variable.Name -NotePropertyValue $configItem } diff --git a/src/ALZ/Private/Config-Helpers/Convert-HCLVariablesToInputConfig.ps1 b/src/ALZ/Private/Config-Helpers/Convert-HCLVariablesToInputConfig.ps1 index 87500d9..906545d 100644 --- a/src/ALZ/Private/Config-Helpers/Convert-HCLVariablesToInputConfig.ps1 +++ b/src/ALZ/Private/Config-Helpers/Convert-HCLVariablesToInputConfig.ps1 @@ -41,6 +41,13 @@ function Convert-HCLVariablesToInputConfig { $configItem | Add-Member -NotePropertyName "Description" -NotePropertyValue $description + $sensitive = $false + if ($variable.Value[0].PSObject.Properties.Name -contains "sensitive" -and $variable.Value[0].sensitive -eq $true) { + $sensitive = $true + Write-Verbose "Marking variable $($variable.Name) as sensitive..." + } + $configItem | Add-Member -NotePropertyName "Sensitive" -NotePropertyValue $sensitive + Write-Verbose "Adding variable $($variable.Name) to the configuration..." $configItems | Add-Member -NotePropertyName $variable.Name -NotePropertyValue $configItem } diff --git a/src/ALZ/Private/Config-Helpers/Convert-ParametersToInputConfig.ps1 b/src/ALZ/Private/Config-Helpers/Convert-ParametersToInputConfig.ps1 index 3f65b04..fec65fe 100644 --- a/src/ALZ/Private/Config-Helpers/Convert-ParametersToInputConfig.ps1 +++ b/src/ALZ/Private/Config-Helpers/Convert-ParametersToInputConfig.ps1 @@ -15,8 +15,9 @@ function Convert-ParametersToInputConfig { Write-Verbose "Alias $parameterAlias exists in input config, renaming..." $configItem = $inputConfig.PSObject.Properties | Where-Object { $_.Name -eq $parameterAlias } $inputConfig | Add-Member -NotePropertyName $parameterKey -NotePropertyValue @{ - Value = $configItem.Value.Value - Source = $configItem.Value.Source + Value = $configItem.Value.Value + Source = $configItem.Value.Source + Sensitive = $configItem.Value.Sensitive } $inputConfig.PSObject.Properties.Remove($configItem.Name) continue @@ -38,8 +39,9 @@ function Convert-ParametersToInputConfig { } Write-Verbose "Adding parameter $parameterKey with value $variableValue" $inputConfig | Add-Member -NotePropertyName $parameterKey -NotePropertyValue @{ - Value = $variableValue - Source = "parameter" + Value = $variableValue + Source = "parameter" + Sensitive = $false } } } diff --git a/src/ALZ/Private/Config-Helpers/Get-ALZConfig.ps1 b/src/ALZ/Private/Config-Helpers/Get-ALZConfig.ps1 index 90b1217..f585526 100644 --- a/src/ALZ/Private/Config-Helpers/Get-ALZConfig.ps1 +++ b/src/ALZ/Private/Config-Helpers/Get-ALZConfig.ps1 @@ -57,8 +57,9 @@ function Get-ALZConfig { foreach ($property in $config.PSObject.Properties) { $inputConfig | Add-Member -NotePropertyName $property.Name -NotePropertyValue @{ - Value = $property.Value - Source = $extension + Value = $property.Value + Source = $extension + Sensitive = $false } } diff --git a/src/ALZ/Private/Config-Helpers/Write-JsonFile.ps1 b/src/ALZ/Private/Config-Helpers/Write-JsonFile.ps1 index e3910b4..08ce643 100644 --- a/src/ALZ/Private/Config-Helpers/Write-JsonFile.ps1 +++ b/src/ALZ/Private/Config-Helpers/Write-JsonFile.ps1 @@ -5,7 +5,10 @@ function Write-JsonFile { [string] $jsonFilePath, [Parameter(Mandatory = $false)] - [PSObject] $configuration + [PSObject[]] $configurations, + + [Parameter(Mandatory = $false)] + [switch] $all ) if ($PSCmdlet.ShouldProcess("Download Terraform Tools", "modify")) { @@ -16,10 +19,24 @@ function Write-JsonFile { $environmentVariables = [ordered]@{} - foreach ($configKey in $configuration.PsObject.Properties | Sort-Object Name) { - foreach ($target in $configKey.Value.Targets) { - if ($target.Destination -eq "Environment") { - $environmentVariables.$($target.Name) = $configKey.Value.Value + foreach ($configuration in $configurations) { + Write-Verbose "Processing configuration for JSON output to $($jsonFilePath)" + foreach ($configKey in $configuration.PsObject.Properties | Sort-Object Name) { + Write-Verbose "Processing configuration key $($configKey.Name) for $($jsonFilePath)" + Write-Verbose "Configuration key value: $(ConvertTo-Json $configKey.Value -Depth 100)" + if($configKey.Value.Sensitive) { + Write-Verbose "Obfuscating sensitive configuration $($configKey.Name) from JSON output" + $environmentVariables.$($configKey.Name) = "" + continue + } + if($all) { + $environmentVariables.$($configKey.Name) = $configKey.Value.Value + continue + } + foreach ($target in $configKey.Value.Targets) { + if ($target.Destination -eq "Environment") { + $environmentVariables.$($target.Name) = $configKey.Value.Value + } } } } diff --git a/src/ALZ/Private/Deploy-Accelerator-Helpers/New-Bootstrap.ps1 b/src/ALZ/Private/Deploy-Accelerator-Helpers/New-Bootstrap.ps1 index 8107aa2..a06b119 100644 --- a/src/ALZ/Private/Deploy-Accelerator-Helpers/New-Bootstrap.ps1 +++ b/src/ALZ/Private/Deploy-Accelerator-Helpers/New-Bootstrap.ps1 @@ -125,8 +125,9 @@ function New-Bootstrap { # Add the root module folder to bootstrap input config $inputConfig | Add-Member -NotePropertyName "root_module_folder_relative_path" -NotePropertyValue @{ - Value = $starterRootModuleFolder - Source = "calculated" + Value = $starterRootModuleFolder + Source = "calculated" + Sensitive = $false } # Set the starter root module folder full path @@ -146,6 +147,8 @@ function New-Bootstrap { $bootstrapParameters = Convert-HCLVariablesToInputConfig -targetVariableFile $terraformFile.FullName -hclParserToolPath $hclParserToolPath -appendToObject $bootstrapParameters } + Write-Verbose "Bootstrap Parameters before setting config: $(ConvertTo-Json $bootstrapParameters -Depth 100)" + # Getting the configuration for the starter module user input $starterParameters = [PSCustomObject]@{} @@ -165,19 +168,22 @@ function New-Bootstrap { # Set computed inputs $inputConfig | Add-Member -NotePropertyName "module_folder_path" -NotePropertyValue @{ - Value = $starterModulePath - Source = "calculated" + Value = $starterModulePath + Source = "calculated" + Sensitive = $false } $inputConfig | Add-Member -NotePropertyName "availability_zones_bootstrap" -NotePropertyValue @{ - Value = @(Get-AvailabilityZonesSupport -region $inputConfig.bootstrap_location.Value -zonesSupport $zonesSupport) - Source = "calculated" + Value = @(Get-AvailabilityZonesSupport -region $inputConfig.bootstrap_location.Value -zonesSupport $zonesSupport) + Source = "calculated" + Sensitive = $false } if ($inputConfig.PSObject.Properties.Name -contains "starter_location" -and $inputConfig.PSObject.Properties.Name -notcontains "starter_locations") { Write-Verbose "Converting starter_location $($inputConfig.starter_location.Value) to starter_locations..." $inputConfig | Add-Member -NotePropertyName "starter_locations" -NotePropertyValue @{ - Value = @($inputConfig.starter_location.Value) - Source = "calculated" + Value = @($inputConfig.starter_location.Value) + Source = "calculated" + Sensitive = $false } } @@ -187,8 +193,9 @@ function New-Bootstrap { $availabilityZonesStarter += , @(Get-AvailabilityZonesSupport -region $region -zonesSupport $zonesSupport) } $inputConfig | Add-Member -NotePropertyName "availability_zones_starter" -NotePropertyValue @{ - Value = $availabilityZonesStarter - Source = "calculated" + Value = $availabilityZonesStarter + Source = "calculated" + Sensitive = $false } } @@ -200,6 +207,8 @@ function New-Bootstrap { -configurationParameters $bootstrapParameters ` -inputConfig $inputConfig + Write-Verbose "Final Bootstrap Parameters: $(ConvertTo-Json $bootstrapConfiguration -Depth 100)" + # Getting the input for the starter module Write-Verbose "Setting the configuration for the starter module..." $starterConfiguration = Set-Config ` @@ -207,13 +216,14 @@ function New-Bootstrap { -inputConfig $inputConfig ` -copyEnvVarToConfig - Write-Verbose "Final Starter Parameters: $(ConvertTo-Json $starterParameters -Depth 100)" + Write-Verbose "Final Starter Parameters: $(ConvertTo-Json $starterConfiguration -Depth 100)" # Creating the tfvars files for the bootstrap and starter module $tfVarsFileName = "terraform.tfvars.json" $bootstrapTfvarsPath = Join-Path -Path $bootstrapModulePath -ChildPath $tfVarsFileName $starterTfvarsPath = Join-Path -Path $starterRootModuleFolderPath -ChildPath "terraform.tfvars.json" $starterBicepVarsPath = Join-Path -Path $starterModulePath -ChildPath "parameters.json" + $starterBicepAllVarsPath = Join-Path -Path $starterModulePath -ChildPath "parameters.all.json" # Write the tfvars file for the bootstrap and starter module Write-TfvarsJsonFile -tfvarsFilePath $bootstrapTfvarsPath -configuration $bootstrapConfiguration @@ -270,10 +280,12 @@ function New-Bootstrap { Set-ComputedConfiguration -configuration $starterConfiguration Edit-ALZConfigurationFilesInPlace -alzEnvironmentDestination $starterModulePath -configuration $starterConfiguration Write-JsonFile -jsonFilePath $starterBicepVarsPath -configuration $starterConfiguration + Write-JsonFile -jsonFilePath $starterBicepAllVarsPath -configuration @($inputConfig, $starterConfiguration, $bootstrapConfiguration) -all # Remove unrequired files $foldersOrFilesToRetain = $starterConfig.starter_modules.Value.$($inputConfig.starter_module_name.Value).folders_or_files_to_retain $foldersOrFilesToRetain += "parameters.json" + $foldersOrFilesToRetain += "parameters.all.json" $foldersOrFilesToRetain += "config" $foldersOrFilesToRetain += ".config" diff --git a/src/ALZ/Public/Deploy-Accelerator.ps1 b/src/ALZ/Public/Deploy-Accelerator.ps1 index da457e2..78b1c96 100644 --- a/src/ALZ/Public/Deploy-Accelerator.ps1 +++ b/src/ALZ/Public/Deploy-Accelerator.ps1 @@ -354,24 +354,29 @@ function Deploy-Accelerator { # Set computed interface inputs $inputConfig | Add-Member -MemberType NoteProperty -Name "bicep_config_file_path" -Value @{ - Value = $starterConfigFilePath - Source = "calculated" + Value = $starterConfigFilePath + Source = "calculated" + Sensitive = $false } $inputConfig | Add-Member -MemberType NoteProperty -Name "on_demand_folder_repository" -Value @{ - Value = $starterModuleUrl - Source = "calculated" + Value = $starterModuleUrl + Source = "calculated" + Sensitive = $false } $inputConfig | Add-Member -MemberType NoteProperty -Name "on_demand_folder_artifact_name" -Value @{ - Value = $starterReleaseArtifactName - Source = "calculated" + Value = $starterReleaseArtifactName + Source = "calculated" + Sensitive = $false } $inputConfig | Add-Member -MemberType NoteProperty -Name "release_version" -Value @{ - Value = ($starterReleaseTag -eq "local" ? $inputConfig.starter_module_version.Value : $starterReleaseTag) - Source = "calculated" + Value = ($starterReleaseTag -eq "local" ? $inputConfig.starter_module_version.Value : $starterReleaseTag) + Source = "calculated" + Sensitive = $false } $inputConfig | Add-Member -MemberType NoteProperty -Name "time_stamp" -Value @{ - Value = (Get-Date).ToString("yyyy-MM-dd-HH-mm-ss") - Source = "calculated" + Value = (Get-Date).ToString("yyyy-MM-dd-HH-mm-ss") + Source = "calculated" + Sensitive = $false } # Run the bootstrap From 125a64c1cd0270b965816b17eec639d659d651a2 Mon Sep 17 00:00:00 2001 From: Jared Holgate Date: Sat, 6 Dec 2025 12:45:22 +0000 Subject: [PATCH 2/2] fix file name --- .../Deploy-Accelerator-Helpers/New-Bootstrap.ps1 | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/ALZ/Private/Deploy-Accelerator-Helpers/New-Bootstrap.ps1 b/src/ALZ/Private/Deploy-Accelerator-Helpers/New-Bootstrap.ps1 index a06b119..c376979 100644 --- a/src/ALZ/Private/Deploy-Accelerator-Helpers/New-Bootstrap.ps1 +++ b/src/ALZ/Private/Deploy-Accelerator-Helpers/New-Bootstrap.ps1 @@ -222,8 +222,10 @@ function New-Bootstrap { $tfVarsFileName = "terraform.tfvars.json" $bootstrapTfvarsPath = Join-Path -Path $bootstrapModulePath -ChildPath $tfVarsFileName $starterTfvarsPath = Join-Path -Path $starterRootModuleFolderPath -ChildPath "terraform.tfvars.json" - $starterBicepVarsPath = Join-Path -Path $starterModulePath -ChildPath "parameters.json" - $starterBicepAllVarsPath = Join-Path -Path $starterModulePath -ChildPath "parameters.all.json" + $starterBicepVarsFileName = "parameters.json" + $starterBicepAllVarsFileName = "template-parameters.json" + $starterBicepVarsPath = Join-Path -Path $starterModulePath -ChildPath $starterBicepVarsFileName + $starterBicepAllVarsPath = Join-Path -Path $starterModulePath -ChildPath $starterBicepAllVarsFileName # Write the tfvars file for the bootstrap and starter module Write-TfvarsJsonFile -tfvarsFilePath $bootstrapTfvarsPath -configuration $bootstrapConfiguration @@ -284,8 +286,8 @@ function New-Bootstrap { # Remove unrequired files $foldersOrFilesToRetain = $starterConfig.starter_modules.Value.$($inputConfig.starter_module_name.Value).folders_or_files_to_retain - $foldersOrFilesToRetain += "parameters.json" - $foldersOrFilesToRetain += "parameters.all.json" + $foldersOrFilesToRetain += $starterBicepVarsFileName + $foldersOrFilesToRetain += $starterBicepAllVarsFileName $foldersOrFilesToRetain += "config" $foldersOrFilesToRetain += ".config"