Refactor of outputs to simplify bicep deployments

bicep/ccw.bicep

@@ -12,7 +12,7 @@ param adminUsername string
 @secure()
 param adminPassword string
 param adminSshPublicKey string
-param storedKey types.storedKey_t
+param storedKeyId string
 param ccVMName string
 param ccVMSize string
 param resourceGroup string
@@ -44,7 +44,7 @@ var useEnteredKey = adminSshPublicKey != ''
 module ccwPublicKey './publicKey.bicep' = if (!useEnteredKey && !infrastructureOnly) {
   name: 'ccwPublicKey'
   params: {
-    storedKey: storedKey
+    storedKeyId: storedKeyId
   }
 }
 var publicKey = infrastructureOnly ? '' : (useEnteredKey ? adminSshPublicKey : ccwPublicKey.outputs.publicKey)
@@ -78,26 +78,19 @@ module ccwNetwork './network-new.bicep' = if (create_new_vnet) {
 var subnets = create_new_vnet
   ? ccwNetwork.outputs.subnetsCCW
   : {
-      cyclecloud: { id: join([network.?id, 'subnets', network.?cyclecloudSubnet], '/') }
-      compute: { id: join([network.?id, 'subnets', network.?computeSubnet], '/') }
-      home: { id: join([network.?id, 'subnets', network.?sharedFilerSubnet ?? 'null'], '/') }
-      additional: { id: join([network.?id, 'subnets', network.?additionalFilerSubnet ?? 'null'], '/') }
+      cyclecloud: join([network.?id, 'subnets', network.?cyclecloudSubnet], '/') 
+      compute: join([network.?id, 'subnets', network.?computeSubnet], '/') 
+      home: join([network.?id, 'subnets', network.?sharedFilerSubnet ?? 'null'], '/') 
+      additional: join([network.?id, 'subnets', network.?additionalFilerSubnet ?? 'null'], '/') 
     }
 
-output vnet types.networkOutput_t = union(
-  create_new_vnet
-    ? ccwNetwork.outputs.vnetCCW
-    : {
-        id: network.?id ?? ''
-        name: network.?name
-        rg: split(network.?id ?? '////', '/')[4]
-      },
-  {
-    type: network.type
-    computeSubnetName: network.?computeSubnet ?? 'ccw-compute-subnet'
-    computeSubnetId: subnets.compute.id
-  }
-)
+var existingNetworkId = network.?id ?? 'a0a0a0a0/bbbb/cccc/dddd/eeee/ffff/aaaa/bbbb/c8c8c8c8'
+
+output vnet types.networkOutput_t = {
+  type: network.type
+  id: create_new_vnet ? ccwNetwork.outputs.vnetCCWId : existingNetworkId
+  computeSubnetId: subnets.compute
+}
 
 var deploy_bastion = network.?bastion ?? false
 module ccwBastion './bastion.bicep' = if (deploy_bastion) {
@@ -106,7 +99,7 @@ module ccwBastion './bastion.bicep' = if (deploy_bastion) {
   params: {
     location: location
     tags: getTags('Microsoft.Network/bastionHosts', tags)
-    subnetId: subnets.bastion.id
+    subnetId: subnets.?bastion ?? ''
   }
 }
 
@@ -134,7 +127,7 @@ module ccwVM './vm.bicep' = if (!infrastructureOnly) {
             version: split(cyclecloudBaseImage, ':')[3]
           }
     }
-    subnetId: subnets.cyclecloud.id
+    subnetId: subnets.cyclecloud
     adminUser: adminUsername
     adminPassword: adminPassword
     databaseAdminPassword: databaseAdminPassword
@@ -188,7 +181,7 @@ module ccwStorage './storage.bicep' = {
     location: location
     tags: getTags('Microsoft.Storage/storageAccounts', tags)
     saName: 'ccwstorage${uniqueString(az.resourceGroup().id)}'
-    subnetId: subnets.cyclecloud.id 
+    subnetId: subnets.cyclecloud
     storagePrivateDnsZone: storagePrivateDnsZone
   }
 }
@@ -204,7 +197,7 @@ module mySQLccw './mysql.bicep' = if (create_database) {
     Name: db_name
     adminUser: adminUsername
     adminPassword: databaseAdminPassword
-    subnetId: subnets.database.id
+    subnetId: subnets.?database ?? ''
   }
 }
 
@@ -214,7 +207,7 @@ module ccwAMLFS 'amlfs.bicep' = if (additionalFilesystem.type == 'aml-new') {
     location: location
     tags: getTags('Microsoft.StorageCache/amlFileSystems', tags)
     name: 'ccw-lustre'
-    subnetId: subnets.?additional.id ?? ''
+    subnetId: subnets.?additional ?? ''
     sku: additionalFilesystem.?lustreTier
     capacity: additionalFilesystem.?lustreCapacityInTib
     infrastructureOnly: infrastructureOnly
@@ -238,8 +231,8 @@ module ccwANF 'anf.bicep' = [
       location: location
       tags: getTags('Microsoft.NetApp/netAppAccounts', tags)
       name: filer.key
-      subnetId: subnets[filer.key].id
-      serviceLevel: filer.value.anfServiceTier
+      subnetId: subnets[filer.key]
+      serviceLevel: filer.value.anfServiceLevel
       sizeTiB: filer.value.anfCapacityInTiB
       defaultMountOptions: anfDefaultMountOptions
       infrastructureOnly: infrastructureOnly
@@ -344,6 +337,7 @@ output partitions types.partitions_t = {
   gpu: gpu
 }
 
+
 var envNameToCloudMap = {
   AzureCloud: 'AZUREPUBLICCLOUD'
   AzureUSGovernment: 'AZUREUSGOVERNMENT'

bicep/files-to-load/create_cc_param.py

@@ -18,16 +18,13 @@ def get_json_dict(file_name):
 
 def set_slurm_params(params, dbPassword, outputs):
     params['Region'] = outputs['location']['value']
-    if outputs['vnet']['value']['type'] == 'new':
-        subnetID = outputs['vnet']['value']['computeSubnetId']
-        subnet_toks = subnetID.split("/")
-        if len(subnet_toks) >= 11:
-            params['SubnetId'] = "/".join([subnet_toks[4], subnet_toks[8], subnet_toks[10]])
-        else:
-            print(f"Unexpected subnet id {subnetID} - passing as SubnetId directly instead of resource_group/vnet_name/subnet_name", file=sys.stderr)
-            params['SubnetId'] = subnetID
+    subnetID = outputs['vnet']['value']['computeSubnetId']
+    subnet_toks = subnetID.split("/")
+    if len(subnet_toks) >= 11:
+        params['SubnetId'] = "/".join([subnet_toks[4], subnet_toks[8], subnet_toks[10]])
     else:
-        params['SubnetId'] = '/'.join([outputs['vnet']['value']['rg'], outputs['vnet']['value']['name'], outputs['vnet']['value']['computeSubnetName']])
+        print(f"Unexpected subnet id {subnetID} - passing as SubnetId directly instead of resource_group/vnet_name/subnet_name", file=sys.stderr)
+        params['SubnetId'] = subnetID
 
     #HTC
     params['HTCMachineType'] = outputs['partitions']['value']['htc']['sku']

bicep/mainTemplate.bicep

@@ -6,7 +6,7 @@ param adminUsername string
 @secure()
 param adminPassword string
 param adminSshPublicKey string = '' 
-param storedKey types.storedKey_t = {id: 'foo', location: 'foo', name:'foo'}
+param storedKeyId string = ''
 @minLength(1)
 @maxLength(64)
 param ccVMName string

bicep/network-new.bicep

@@ -277,12 +277,7 @@ var securityRules = [ for rule in nsgRules : {
     rule.value[7] == 'ips' ? { destinationAddressPrefixes: rule.value[8] } : {}
   )
 }]
-//var asgNames = []
 
-var peeringEnabled = contains(network,'vnetToPeer')
-var peeredVnetName = peeringEnabled ? network.?vnetToPeer.name : 'foo'
-var peeredVnetResourceGroup = peeringEnabled ? split(network.?vnetToPeer.id,'/')[4] : 'foo'
-var peeredVnetId = peeringEnabled ? network.?vnetToPeer.id : 'foo'
 
 resource ccwCommonNsg 'Microsoft.Network/networkSecurityGroups@2023-11-01' = {
   name: 'nsg-ccw-common'
@@ -325,13 +320,18 @@ resource ccwVirtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = {
   }
 }
 
+var peeringEnabled = contains(network,'vnetToPeer')
+var peeredVnetId = network.?vnetToPeer.?id ?? 'a0a0a0a0/bbbb/cccc/dddd/eeee/ffff/aaaa/bbbb/c8c8c8c8'
+var peeredVnetName = split(peeredVnetId,'/')[8] 
+var peeredVnetResourceGroup = split(peeredVnetId,'/')[4]
+
 resource ccw_to_peer 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2023-11-01' = if (peeringEnabled) {
   name: '${ccwVirtualNetwork.name}-to-${peeredVnetName}-${uniqueString(resourceGroup().id)}'
   parent: ccwVirtualNetwork
   properties: {
     allowVirtualNetworkAccess: true
     allowForwardedTraffic: false
-    useRemoteGateways: network.?peeringAllowGatewayTransit
+    useRemoteGateways: network.?vnetToPeer.?allowGatewayTransit
     remoteVirtualNetwork: {
       id: peeredVnetId
     }
@@ -349,71 +349,59 @@ module peer_to_ccw './network-peering.bicep' = if (peeringEnabled) {
   }
 }
 
-//generate outputs for ccw.bicep
-func fetch_rsc_id(subId string, rg string, rscId string) string =>
-  '/subscriptions/${subId}/resourceGroups/${rg}/providers/${rscId}'
-func fetch_rsc_name(rscId string) string => last(split(rscId, '/'))
-func rsc_output(rsc object) types.rsc_t => {
-  id: fetch_rsc_id(rsc.subscriptionId, rsc.resourceGroupName, rsc.resourceId)
-  name: fetch_rsc_name(rsc.resourceId)
-  rg: rsc.resourceGroupName
-}
-
 resource subnetCycleCloud 'Microsoft.Network/virtualNetworks/subnets@2023-11-01' existing = {
   name: vnet.subnets.cyclecloud.name
   parent: ccwVirtualNetwork
 }
-var subnet_cyclecloud = rsc_output(subnetCycleCloud)
 
 resource subnetCompute 'Microsoft.Network/virtualNetworks/subnets@2023-11-01' existing = {
   name: vnet.subnets.compute.name
   parent: ccwVirtualNetwork
 }
-var subnet_compute = rsc_output(subnetCompute)
 
 resource subnetNetApp 'Microsoft.Network/virtualNetworks/subnets@2023-11-01' existing = if (create_anf) {
   name: contains(vnet.subnets,'netapp') ? vnet.subnets.netapp.name : 'foo'
   parent: ccwVirtualNetwork
 }
-var subnet_netapp = create_anf ? rsc_output(subnetNetApp) : {}
+var subnet_netapp_id = create_anf ? subnetNetApp.id : ''
 
 resource subnetLustre 'Microsoft.Network/virtualNetworks/subnets@2023-11-01' existing = if (create_lustre) {
   name: contains(vnet.subnets,'lustre') ? vnet.subnets.lustre.name : 'foo'
   parent: ccwVirtualNetwork
 }
-//var subnet_lustre = lustre_count > 0 ? rsc_output(subnetLustre) : {}
-var subnet_lustre = create_lustre ? rsc_output(subnetLustre) : {}
+var subnet_lustre_id = create_lustre ? subnetLustre.id : ''
 
 resource subnetBastion 'Microsoft.Network/virtualNetworks/subnets@2023-11-01' existing = if (deploy_bastion) {
   name: contains(vnet.subnets,'bastion') ? vnet.subnets.bastion.name : 'foo'
   parent: ccwVirtualNetwork
 }
-var subnet_bastion = deploy_bastion ? rsc_output(subnetBastion) : {}
+var subnet_bastion_id = deploy_bastion ? subnetBastion.id : ''
 
 resource subnetDatabase 'Microsoft.Network/virtualNetworks/subnets@2023-11-01' existing = if (create_database) {
   name: contains(vnet.subnets,'database') ? vnet.subnets.database.name : 'foo'
   parent: ccwVirtualNetwork
 }
-var subnet_database = create_database ? rsc_output(subnetDatabase) : {}
+var subnet_database_id = create_database ? subnetDatabase.id : ''
 
 var filerTypeHome = sharedFilesystem.type
 var filerTypeAddl = additionalFilesystem.type
 var output_home_subnet = filerTypeHome == 'anf-new' 
 var output_addl_subnet = contains(['aml-new','anf-new'],filerTypeAddl)
-var home_filer = output_home_subnet ? (filerTypeHome == 'anf-new' ? { home: subnet_netapp } : { home: subnet_lustre }) : {}
-var addl_filer = output_addl_subnet ? (filerTypeAddl == 'anf-new' ? { additional: subnet_netapp } : { additional: subnet_lustre }) : {}
+var home_filer = output_home_subnet ? (filerTypeHome == 'anf-new' ? { home: subnet_netapp_id } : { home: subnet_lustre_id }) : {}
+var addl_filer = output_addl_subnet ? (filerTypeAddl == 'anf-new' ? { additional: subnet_netapp_id } : { additional: subnet_lustre_id }) : {}
 var subnets = union(
-  { cyclecloud: subnet_cyclecloud },
-  { compute: subnet_compute },
+  { cyclecloud: subnetCycleCloud.id },
+  { compute: subnetCompute.id },
   home_filer,
   addl_filer,
-  deploy_bastion ? { bastion: subnet_bastion } : {},
-  create_database ? { database: subnet_database } : {}
+  deploy_bastion ? { bastion: subnet_bastion_id } : {},
+  create_database ? { database: subnet_database_id } : {}
 )
 
+var dbID = databaseConfig.?dbId ?? 'a0a0a0a0/bbbb/cccc/dddd/eeee/ffff/aaaa/bbbb/c8c8c8c8'
 resource ccwDatabase 'Microsoft.DBforMySQL/flexibleServers@2023-10-01-preview' existing = if (create_private_endpoint && databaseConfig.type != 'disabled') {
-  name: databaseConfig.?dbInfo.?name ?? 'disabled'
-  scope: resourceGroup(split(databaseConfig.?dbInfo.?id ?? '////','/')[4])
+  name: split(dbID,'/')[8]
+  scope: resourceGroup(split(dbID,'/')[4])
 }
 
 var privateEndpointName = 'ccw-mysql-pe'
@@ -437,7 +425,7 @@ resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-11-01' = if (c
   }
 }
 
-output nsgCCW types.rsc_t = rsc_output(ccwCommonNsg)
-output vnetCCW types.rsc_t = rsc_output(ccwVirtualNetwork)
+output nsgCCWId string = ccwCommonNsg.id
+output vnetCCWId string = ccwVirtualNetwork.id
 output subnetsCCW types.subnets_t = subnets
 output databaseFQDN string = create_private_endpoint ? privateEndpoint.properties.customDnsConfigs[0].ipAddresses[0] : ''

bicep/publicKey.bicep

@@ -1,18 +1,9 @@
-import {storedKey_t} from './types.bicep'
-param storedKey storedKey_t
+param storedKeyId string
 
-//TODO: Add autogenerate public key logic via REST API call in uidefinition file
-/*
-resource autogenerate_publickey 'Microsoft.Compute/sshPublicKeys@2023-09-01' = if (autogenerateSecrets) {
-  name: 'autoGeneratedKey'
-  location: location
+resource storedPublicKey 'Microsoft.Compute/sshPublicKeys@2024-03-01' existing = {
+  name: split(storedKeyId,'/')[8]
+  scope: resourceGroup(split(storedKeyId,'/')[4])
 }
-*/
-resource stored_publickey 'Microsoft.Compute/sshPublicKeys@2024-03-01' existing = {
-  name: storedKey.name
-  scope: resourceGroup(split(storedKey.id,'/')[4])
-}
-//var public_key = autogenerateSecrets ? autogenerate_publickey.properties.generateKey : stored_publickey.properties.publicKey
-var public_key = stored_publickey.properties.publicKey
-output publicKey string = public_key
-//output useStoredKey bool = useStoredKey //satisfy arm-ttk
+
+var publicKey = storedPublicKey.properties.publicKey
+output publicKey string = publicKey