Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AVM Module Issue]: How to get connection string when event-hub namespace is created by AVM? #3638

Open
1 task done
rujche opened this issue Oct 25, 2024 · 8 comments · May be fixed by #3906
Open
1 task done

[AVM Module Issue]: How to get connection string when event-hub namespace is created by AVM? #3638

rujche opened this issue Oct 25, 2024 · 8 comments · May be fixed by #3906
Assignees
@elanzel
Labels
Class: Resource Module 📦 This is a resource module Type: AVM 🅰️ ✌️ Ⓜ️ This is an AVM related issue Type: Feature Request ➕ New feature or request

Comments

@rujche
Copy link
Member

rujche commented Oct 25, 2024
edited
Loading

Check for previous/existing GitHub issues

  • I have checked for previous/existing GitHub issues

Issue Type?

Feature Request

Module Name

avm/res/event-hub/namespace

(Optional) Module Version

No response

Description

1. Problem

I tried to get connection string of event hub namespace by method like this:

module eventHubNamespace 'br/public:avm/res/event-hub/namespace:0.7.1' = {
  name: 'eventHubNamespace'
  params: {
    name: '${abbrs.eventHubNamespaces}${resourceToken}'
    location: location
    roleAssignments: [
    ]
    eventhubs: [
      {
        name: 'eventhubone'
      }
    ]
  }
}

module samples 'br/public:avm/res/app/container-app:0.8.0' = {
  name: 'samples'
  params: {
    containers: [
      {
        env: union([
          {
            name: 'SPRING_CLOUD_AZURE_EVENTHUBS_CONNECTION_STRING'
            listKeys('${eventHubNamespace.outputs.resourceId}/AuthorizationRules/RootManageSharedAccessKey', '2024-01-01').primaryConnectionString
          }
        ],
      }
    ]
  }
}

It returns error like this:

Error BCP181: This expression is being used in an argument of the function "listKeys", which requires a value that can be calculated at the start of the deployment. Properties of eventHubNamespace which can be calculated at the start include "name".

2. Try to solve this issue

2.1. Use resourceId

I also tried this:

value: listKeys(concat(resourceId('Microsoft.EventHub/namespaces', eventHubNamespace.outputs.name), '/AuthorizationRules/RootManageSharedAccessKey'), '2024-01-01').primaryConnectionString

It returns error like this:

Error BCP181: This expression is being used in an argument of the function "listKeys", which requires a value that can be calculated at the start of the deployment. Properties of eventHubNamespace which can be calculated at the start include "name".

2.2. Use resourceId and ${abbrs.eventHubNamespaces}${resourceToken}

And tried this:

value: listKeys(concat(resourceId('Microsoft.EventHub/namespaces', '${abbrs.eventHubNamespaces}${resourceToken}'), '/AuthorizationRules/RootManageSharedAccessKey'), '2024-01-01').primaryConnectionString

It returns error like this:

Failed to perform 'action' on resource(s) of type 'namespaces/authorizationrules', because the parent resource '/subscriptions/471cca20-96cf-49ce-b242-4e67f0e14e19/resourceGroups/rg-azd-eh-dev-password-1/providers/Microsoft.EventHub/namespaces/evhns-5gz2gy5bznsvs' could not be found.

2.3. Add dependsOn

Tried this:

module samples 'br/public:avm/res/app/container-app:0.8.0' = {
  name: 'samples'
  params: {
    containers: [
      {
        env: union([
          {
            name: 'SPRING_CLOUD_AZURE_EVENTHUBS_CONNECTION_STRING'
            value: listKeys(concat(resourceId('Microsoft.EventHub/namespaces', '${abbrs.eventHubNamespaces}${resourceToken}'), '/AuthorizationRules/RootManageSharedAccessKey'), '2024-01-01').primaryConnectionString   // Issue: https://github.com/Azure/bicep-registry-modules/issues/3638
          }
        ],
      }
    ]
  }
  dependsOn: [
    eventHubNamespace
  ]
}

And failed with same error:

Failed to perform 'action' on resource(s) of type 'namespaces/authorizationrules', because the parent resource '/subscriptions/471cca20-96cf-49ce-b242-4e67f0e14e19/resourceGroups/rg-azd-eh-dev-password-2/providers/Microsoft.EventHub/namespaces/evhns-pmybghym7qjpc' could not be found.

Question / Feature request

My question is: How can I get connection when event hub namespace is created by br/public:avm/res/event-hub/namespace:0.7.1 ? May be we can add the connection-string in output?

(Optional) Correlation Id

No response
@rujche rujche added Needs: Triage 🔍 Maintainers need to triage still Type: AVM 🅰️ ✌️ Ⓜ️ This is an AVM related issue labels Oct 25, 2024
@github-project-automation github-project-automation bot moved this to Needs: Triage in AVM - Module Issues Oct 25, 2024
@avm-team-linter avm-team-linter bot added the Class: Resource Module 📦 This is a resource module label Oct 25, 2024
@avm-team-linter AVM Team Linter
Copy link

@rujche, thanks for submitting this issue for the avm/res/event-hub/namespace module!

Important

A member of the @Azure/avm-res-eventhub-namespace-module-owners-bicep or @Azure/avm-res-eventhub-namespace-module-contributors-bicep team will review it soon!

rujche added a commit to rujche/azure-dev that referenced this issue Oct 25, 2024
@rujche
Support detect Azure Event Hubs: produce message only. Try to connect…
b5d6dee 
… by connection string, but failed: Cant not get connection string. Issue created: Azure/bicep-registry-modules#3638
@rujche rujche mentioned this issue Oct 25, 2024
Merged
6 tasks
@rujche
Copy link
Member Author

rujche commented Oct 28, 2024

Problem solved by this commit: azure-javaee/azure-dev@241fbe0

@rujche rujche closed this as completed Oct 28, 2024
@github-project-automation github-project-automation bot moved this from Needs: Triage to Done in AVM - Module Issues Oct 28, 2024
saragluna pushed a commit to azure-javaee/azure-dev that referenced this issue Oct 29, 2024
@rujche
Support detecting event hubs by analyzing pom.xml and application.yml (
a8f91b1 
…#3)

* Support detect Azure Event Hubs: produce message only, managed identity only.

* Support detect Azure Event Hubs: produce message only. Try to connect by connection string, but failed: Cant not get connection string. Issue created: Azure/bicep-registry-modules#3638

* Support detect Azure Event Hubs: produce message only, support both managed-identity and connection-string.

* Change option from "Password" to "Connection string".

* Rename "getAuthTypeByPrompt" to "chooseAuthType".
@rujche
Copy link
Member Author

rujche commented Nov 26, 2024
edited
Loading

Reopen this issue because this problem is not solved in current repo. The commit closed this issue above is just a workaround.

@rujche rujche reopened this Nov 26, 2024
@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link

Warning

Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

Tip

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage 🔍" label must be removed as part of the triage process (when the issue is first responded to)!

@microsoft-github-policy-service microsoft-github-policy-service bot added the Status: Response Overdue 🚩 When an issue/PR has not been responded to for X amount of days label Dec 2, 2024
@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link

Warning

Tagging the AVM Core Team (@Azure/avm-core-team-technical-bicep) due to a module owner or contributor having not responded to this issue within 3 business days. The AVM Core Team will attempt to contact the module owners/contributors directly.

Tip

  • To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
  • To avoid this rule being (re)triggered, the ""Needs: Triage 🔍" label must be removed as part of the triage process (when the issue is first responded to)!

@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link

Caution

**This issue requires the AVM Core Team's (@Azure/avm-core-team-technical-bicep) immediate attention as it hasn't been responded to within 6 business days. **

Tip

  • To avoid this rule being (re)triggered, the "Needs: Triage 🔍" and "Status: Response Overdue 🚩" labels must be removed when the issue is first responded to!
  • Remove the "Needs: Immediate Attention ‼️" label once the issue has been responded to.

@microsoft-github-policy-service microsoft-github-policy-service bot added the Needs: Immediate Attention ‼️ Immediate attention of module owner / AVM team is needed label Dec 6, 2024
@elanzel
Copy link
Contributor

elanzel commented Dec 9, 2024
edited
Loading

Hi @rujche , have you found a workaround on your side?
Or should we plan to add the support for a Key vault and secrets creation to store connection strings as done for the storage account module https://github.com/Azure/bicep-registry-modules/tree/main/avm/res/storage/storage-account#Outputs ?

@elanzel elanzel removed Needs: Triage 🔍 Maintainers need to triage still Needs: Immediate Attention ‼️ Immediate attention of module owner / AVM team is needed Status: Response Overdue 🚩 When an issue/PR has not been responded to for X amount of days labels Dec 9, 2024
dciborow added a commit to dciborow/bicep-registry-modules that referenced this issue Dec 9, 2024
@dciborow
Add connection string output to Event Hub namespace module
c99ad1c 
Fixes Azure#3638

Add output for Event Hub namespace connection string

* Add output for connection string using `listKeys` function in `avm/res/event-hub/namespace/main.bicep`
* Update `outputs` section in `avm/res/event-hub/namespace/main.bicep` to include connection string
* Document new output for connection string in `avm/res/event-hub/namespace/README.md`

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/Azure/bicep-registry-modules/issues/3638?shareId=XXXX-XXXX-XXXX-XXXX).
@dciborow dciborow linked a pull request Dec 9, 2024 that will close this issue
Open
@rujche
Copy link
Member Author

rujche commented Dec 11, 2024

Hi, @elanzel

Sorry for late response.

have you found a workaround on your side?

Yes, I use this workaround:

https://github.com/azure-javaee/azure-dev/blob/d1c179a8392341802d0ef686354877b49eb80d24/cli/azd/resources/scaffold/templates/resources.bicept#L348

Image

Or should we plan to add the support for a Key vault and secrets creation to store connection strings as done for the storage account module

I'd love to use connection string directly, just like cosmos did: https://github.com/azure-javaee/azure-dev/blob/d1c179a8392341802d0ef686354877b49eb80d24/cli/azd/resources/scaffold/templates/resources.bicept#L104

Image

It's stored in Key Vault, and the key vault id is provided by customer.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elanzel elanzel

Labels
Class: Resource Module 📦 This is a resource module Type: AVM 🅰️ ✌️ Ⓜ️ This is an AVM related issue Type: Feature Request ➕ New feature or request
Projects
AVM - Module Issues
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add connection string output to Event Hub namespace module dciborow/bicep-registry-modules
2 participants
@elanzel @rujche