Bicep has a great feature, which meanwhile also leads to warnings during execution if you don’t pay attention to it: the avoidance of static values like URLs in Bicep files. A corresponding warning looks like this:
Warning no-hardcoded-env-urls: Environment URLs should not be hardcoded. Use the environment() function to ensure compatibility across clouds. Found this disallowed host: “login.microsoftonline.com” [https://aka.ms/bicep/linter/no-hardcoded-env-urls]
Bicep has an environment() function for this purpose.
Instead of
1var loginEndpointUri = 'https://login.microsoftonline.com/'
you should write
1var loginEndpointUri = environment().authentication.loginEndpoint
This in itself affects quite a few static values. A short overview:
1{
2 "name": "AzureCloud",
3 "gallery": "https://gallery.azure.com/",
4 "graph": "https://graph.windows.net/",
5 "portal": "https://portal.azure.com",
6 "graphAudience": "https://graph.windows.net/",
7 "activeDirectoryDataLake": "https://datalake.azure.net/",
8 "batch": "https://batch.core.windows.net/",
9 "media": "https://rest.media.azure.net",
10 "sqlManagement": "https://management.core.windows.net:8443/",
11 "vmImageAliasDoc": "https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/arm-compute/quickstart-templates/aliases.json",
12 "resourceManager": "https://management.azure.com/",
13 "authentication": {
14 "loginEndpoint": "https://login.windows.net/",
15 "audiences": [
16 "https://management.core.windows.net/",
17 "https://management.azure.com/"
18 ],
19 "tenant": "common",
20 "identityProvider": "AAD"
21 },
22 "suffixes": {
23 "acrLoginServer": ".azurecr.io",
24 "azureDatalakeAnalyticsCatalogAndJob": "azuredatalakeanalytics.net",
25 "azureDatalakeStoreFileSystem": "azuredatalakestore.net",
26 "azureFrontDoorEndpointSuffix": "azurefd.net",
27 "keyvaultDns": ".vault.azure.net",
28 "sqlServerHostname": ".database.windows.net",
29 "storage": "core.windows.net"
30 }
31}
Deployment functions for Bicep
Docs: Avoid hardcoded URLs
Author
BEN ABT
Ben is a Principal Software Engineer at Medialesson.de, with a strong focus on .NET and Microsoft Azure. In his professional role, he designs and builds highly scalable platforms for hybrid and cloud-based scenarios. He also advises companies and C-levels on migrating to the sovereign cloud.
He runs myCSharp.de, the largest and most active German-speaking C# community forum, actively contributes to both his own and external open-source projects, and regularly shares his knowledge through his blog, at community events, conferences, and as a writer for technical magazines.
Comments