我有两个 repos,一个用于资源二头肌,另一个使用资源作为模块以实现可重用性。 现在我已经创建了一个二头肌来部署一个 sql server 和一个 db
// sqldb.bicep
param name string
param location string = resourceGroup().location
param sqlAdministratorLogin string
@secure()
param sqlAdministratorLoginPassword string
param sqldatabaseNames array
param skuName string
param srvPostFix string = 'ss'
var sqlserverName = '${name}-${srvPostFix}'
resource sqlServer 'Microsoft.Sql/servers@2021-11-01' = {
name: sqlserverName
location: location
properties: {
administratorLogin: sqlAdministratorLogin
administratorLoginPassword: sqlAdministratorLoginPassword
version: '12.0'
}
}
resource sqlDatabase 'Microsoft.Sql/servers/databases@2021-11-01' = [for item in sqldatabaseNames:{
parent: sqlServer
name: '${item}'
location: location
sku: {
name: skuName
}
properties: {
maxSizeBytes: 1073741824
}
}]
我从部署一个 azure sql db 的另一个 repo 调用它,下面是 main.bicep 和参数 json
Key vault 存在我添加了秘密 SqlAdminPassword
param rgLocation string = resourceGroup().location
param name string
param sqlAdministratorLogin string
param sqlSkuName string
param sqldatabaseNames array = [
toLower('${name}-db')
]
param keyVaultName string
param keyVaultResourceGroup string
var dbModule = '${name}-DBModule'
resource keyVault 'Microsoft.KeyVault/vaults@2022-11-01' existing = {
name: keyVaultName
scope: resourceGroup(keyVaultResourceGroup)
}
module sqlDbModule 'br:myacr.azurecr.io/bicepmodules/sqldb.bicep:2023-03-17-12-15' = {
name: dbModule
params: {
name: prefixRName
location: rgLocation
sqlAdministratorLogin: sqlAdministratorLogin
sqlAdministratorLoginPassword: keyVault.getSecret('SqlAdminPassword')
sqldatabaseNames: sqldatabaseNames
skuName: sqlSkuName
}
}
//parameter file
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"name": {
"value": "my-web"
},
"sqlAdministratorLogin": {
"value": "admin"
},
"sqlAdministratorLoginPassword": {
"reference": {
"keyVault": {
"id": "/subscriptions/subid/resourceGroups/my-rg/providers/Microsoft.KeyVault/vaults/my-kv"
},
"secretName": "SqlAdminPassword"
}
},
"sqlSkuName": {
"value": "Basic"
},
"keyVaultName": {
"value": "my-kv"
},
"keyVaultResourceGroup": {
"value": "my-rg"
}
}
}
现在我在通过 azure pipeline 部署它时遇到错误:
部署模板验证失败:'参数文件中的模板参数'sqlAdministratorLoginPassword'无效;它们不存在于原始模板中,因此无法在部署时提供。此模板唯一支持的参数是“名称、sqlAdministratorLogin、sqlSkuName、sqldatabaseNames、keyVaultName、keyVaultResourceGroup”。
您的第二个模板的参数中没有 sqlAdministratorLoginPassword。您正在引用二头肌中密钥库中的密码秘密。因此,您应该能够从参数文件中删除 sqlAdministratorLoginPassword。