JSON Parse gives a strange warning and causes GitHub Super Linter to fail and can't be skipped #487
Comments
ghost
added
the
|
@StartAutomating we have tested the change you mentioned and this not seems to fix this issue. |
|
We have a fix ready and are adding tests to avoid regressions. |
|
@StephenMolloy we have updated the PR with some additional fixes, please retry and let us know. |
|
Sorry @StartAutomating it still does not fix this issue :( We tested your branch and see no difference in the result run locally and with the superlinter. |
|
I'm not able to repro after #488 in https://github.com/Azure/arm-ttk/releases/tag/20210818 |
|
@bmoore-msft did you run it with the verbose option? |
|
I did not use the -verbose option... thanks for clarifying (again ;)) |
|
No problem 😉 thanks for reopening the issue |
|
this is related to variable expansion which is not in use yet... could change it to write-debug short term but need to make sure we get to root cause before consuming var expansion |
|
we changed this to a write-debug instead (that's really what that case was meant for) - hopefully that doesn't make super linter think failure... (in 2021.08.23 |
|
@bmoore-msft it is still letting the super linter fail :( |
|
Do you know which version the super linter is using? (or do you see DEBUG: instead of VERBOSE:?) If it's failing on write-debug (which seems as odd as failing on write-verbose so certainly possible) then we'll need another option (obviously) @StartAutomating fyi |
|
The super linter always uses the latest arm-ttk release from GitHub. |
|
This seems like we might want to open an issue on SuperLinter to track this. IMHO/educated guess: the text saying "error" inside a verbose/debug is causing a failure, and should not be. That stated, we also want to determine why your (or anyone's) template's variable expansion does not work as expected: This additional logging helps this end goal. |
|
Is there any update on this? |
|
@spoelly - I'm not seeing this reproduce with what is currently in master (including with -Verbose (tried on PowerShell core and Windows PowerShell). Can you verify it is ongoing? (updated: It looks like we moved those messages to the -Debug channel). |
…expression (Fixes Azure#487)
|
Upon further investigation, it appears we were not escaping double quotes correctly. |
Back from vacation we see that the ARM-TTK linter is not working fine in our Super Linter execution.
After running the ARM-TTK locally we see this strange warning for one of our templates:
VERBOSE: Conversion from JSON failed with error: After parsing a value an unexpected character was encountered: o. Path 'variables.kvtAccessPoliciesArray', line 118, position 97.
After some debugging we see that line 118 is not the issue but this one:
'''
"mergeKvtAccessPoliciesCondition": "[not(contains(string(parameters('kvtAccessPolicies')),concat('"objectId":"',parameters('kvtObjectId'),'"')))]",
'''
Very strange because the json is valid otherwise the deployment of our template would fail. So as a work-arround we tried to skip the "JSONFiles Should Be Valid" check but this is imposible. :(
This is our JSON file
{ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "kvtName": { "type": "string", "metadata": { "description": "Name of the new Keyvault" } }, "kvtSkuName": { "type": "string", "defaultValue": "Standard", "allowedValues": [ "Standard", "Premium" ], "metadata": { "description": "SKU for the vault" } }, "kvtEnabledForDeployment": { "type": "bool", "defaultValue": false, "metadata": { "description": "Set TRUE to enable access for deployments" } }, "kvtEnabledForTemplateDeployment": { "type": "bool", "defaultValue": false, "metadata": { "description": "Set TRUE to enable access for Template deployments" } }, "kvtEnabledForDiskEncryption": { "type": "bool", "defaultValue": false, "metadata": { "description": "Set TRUE to enable access for disk encryption" } }, "kvtObjectId": { "type": "string", "defaultValue": "", "metadata": { "description": "ObjectId of Pipeline account" } }, "kvtNetworkAclsBypass": { "type": "string", "defaultValue": "None", "allowedValues": [ "None", "AzureServices" ], "metadata": { "description": "Tells what traffic can bypass the network rules" } }, "kvtAccessPolicies": { "type": "array", "defaultValue": [], "metadata": { "description": "Access policies defined for the new vault" } }, "kvtIpRules": { "type": "array", "defaultValue": [], "metadata": { "description": "An array with IPRule objects" } }, "kvtVirtualNetworkRules": { "type": "array", "defaultValue": [], "metadata": { "description": "An array with VirtualNetworkRule objects" } }, "location": { "type": "string", "defaultValue": "[resourceGroup().location]", "metadata": { "description": "Location of the resource deployment" } } }, "variables": { "kvtDefaultAccessPolicies": [ { "tenantId": "[subscription().tenantId]", "objectId": "[parameters('kvtObjectId')]", "permissions": { "keys": [ "Backup", "Create", "Delete", "Get", "Import", "List", "Restore", "Update", "Recover" ], "secrets": [ "All" ], "certificates": [ "All" ] } } ], "kvtDefaultAccessPoliciesArray": "[if(empty(parameters('kvtObjectId')),json('[]'),variables('kvtDefaultAccessPolicies'))]", "mergeKvtAccessPoliciesCondition": "[not(contains(string(parameters('kvtAccessPolicies')),concat('\"objectId\":\"',parameters('kvtObjectId'),'\"')))]", "kvtAccessPoliciesArray": "[if(variables('mergeKvtAccessPoliciesCondition'),union(variables('kvtDefaultAccessPoliciesArray'),parameters('kvtAccessPolicies')),parameters('kvtAccessPolicies'))]", "azureServicesBypassCondition": "[or(or(parameters('kvtEnabledForDeployment'),parameters('kvtEnabledForTemplateDeployment')),parameters('kvtEnabledForDiskEncryption'))]", "kvtNetworkAclsCondition": "[not(and(empty(parameters('kvtIpRules')),empty(parameters('kvtVirtualNetworkRules'))))]" }, "resources": [ { "name": "[parameters('kvtName')]", "type": "Microsoft.KeyVault/vaults", "apiVersion": "2021-04-01-preview", "location": "[parameters('location')]", "properties": { "accessPolicies": "[if(empty(parameters('kvtAccessPolicies')),variables('kvtDefaultAccessPoliciesArray'),variables('kvtAccessPoliciesArray'))]", "enabledForDeployment": "[parameters('kvtEnabledForDeployment')]", "enabledForDiskEncryption": "[parameters('kvtEnabledForDiskEncryption')]", "enabledForTemplateDeployment": "[parameters('kvtEnabledForTemplateDeployment')]", "enableSoftDelete": true, "sku": { "name": "[parameters('kvtSkuName')]", "family": "A" }, "tenantId": "[subscription().tenantId]", "networkAcls": { "bypass": "[if(variables('azureServicesBypassCondition'),'AzureServices',parameters('kvtNetworkAclsBypass'))]", "defaultAction": "[if(variables('kvtNetworkAclsCondition'),'Deny','Allow')]", "ipRules": "[parameters('kvtIpRules')]", "virtualNetworkRules": "[parameters('kvtVirtualNetworkRules')]" } } } ], "outputs": { "kvtName": { "type": "string", "value": "[parameters('kvtName')]" }, "kvtResourceId": { "type": "string", "value": "[resourceId('Microsoft.KeyVault/vaults', parameters('kvtName'))]" }, "kvtUri": { "type": "string", "value": "[reference(parameters('kvtName')).VaultUri]" }, "vaults": { "type": "array", "value": [ { "Name": "[parameters('kvtName')]", "ResourceId": "[resourceId('Microsoft.KeyVault/vaults', parameters('kvtName'))]", "Uri": "[reference(parameters('kvtName')).VaultUri]" } ] } } }This is what we get running arm-ttk locally with verbose
Trying to skip the JSONFiles Should Be Valid
The text was updated successfully, but these errors were encountered: