[LocalDeploy] Migrate to extensibility v2 contract

[jorgecotillo]

Contributing a Pull Request

If you haven't already, read the full contribution guide. The guide may have changed since the last time you read it, so please double-check. Once you are done and ready to submit your PR, run through the relevant checklist below.

Contributing to documentation

• All documentation contributions should be made directly in the Bicep documentation on Microsoft Docs.

Contributing an example

We are integrating the Bicep examples into the Azure QuickStart Templates. If you'd like to contribute new example .bicep files that showcase abilities of the language, please follow these instructions to add them directly there. We can still take bug reports and fixes for the existing examples for the time being.

• This is a bug fix for an existing example
• I have resolved all warnings and errors shown by the Bicep VS Code extension
• I have checked that all tests are passing by running dotnet test
• I have consistent casing for all of my identifiers and am using camelCasing unless I have a justification to use another casing style

Contributing a feature

• I have opened a new issue for the proposal, or commented on an existing one, and ensured that the Bicep maintainers are good with the design of the feature being implemented
• I have included "Fixes #{issue_number}" in the PR description, so GitHub can link to the issue and close it when the PR is merged
• I have appropriate test coverage of my new feature

Contributing a snippet

• I have a snippet that is either a single, generic resource or multi resource that uses parent-child syntax

• I have checked that there is not an equivalent snippet already submitted

• I have used camelCasing unless I have a justification to use another casing style

• I have placeholders values that correspond to their property names (e.g. dnsPrefix: 'dnsPrefix'), unless it's a property that MUST be changed or parameterized in order to deploy. In that case, I use 'REQUIRED' e.g. keyData

• I have my symbolic name as the first tab stop ($1) in the snippet. e.g. res-aks-cluster.bicep

• I have a resource name property equal to "name"

• If applicable, I have set the location property to location: /*${<id>:location}*/'location' (not resourceGroup().location) where <id> is a placeholder id, and added param location string to the test's main.bicep file so that the resulting main.combined.bicep file used in the tests compiles without errors

• I have verified that the snippet deploys correctly when used in the context of an actual bicep file

  e.g.

  resource aksCluster 'Microsoft.ContainerService/managedClusters@2021-03-01' = {
    name: 'name'

Microsoft Reviewers: Open in CodeFlow

[github-actions]

Test this change out locally with the following install scripts (Action run 9843996390)

VSCode

• Mac/Linux

  bash <(curl -Ls https://aka.ms/bicep/nightly-vsix.sh) --run-id 9843996390

• Windows

  iex "& { $(irm https://aka.ms/bicep/nightly-vsix.ps1) } -RunId 9843996390"

Azure CLI

• Mac/Linux

  bash <(curl -Ls https://aka.ms/bicep/nightly-cli.sh) --run-id 9843996390

• Windows

  iex "& { $(irm https://aka.ms/bicep/nightly-cli.ps1) } -RunId 9843996390"

[github-actions]

Dotnet Test Results

    72 files   -     36      72 suites   - 36   23m 57s ⏱️ - 9m 5s
10 938 tests  -     14  10 938 ✅  -     14  0 💤 ±0  0 ❌ ±0 
25 772 runs   - 12 864  25 772 ✅  - 12 864  0 💤 ±0  0 ❌ ±0 

Results for commit 232ef21. ± Comparison against base commit 9864b14.

♻️ This comment has been updated with latest results.

[anthony-c-martin]

Is there an expected contract for the InnerError field?

[shenglol]

Yes, that's defined by the OData 4.0 error response format: https://docs.oasis-open.org/odata/odata-json-format/v4.0/os/odata-json-format-v4.0-os.html#_Toc372793091, which is used by the Graph API and some Azure data plane APIs. The deployment engine converts it to error.details[*].additionalInfo to ensure compatibility with ARM RPC.

[anthony-c-martin]

Thanks - so sounds like using JsonObject rather than defining a custom record for it is the way to go?

[jorgecotillo]

Yup

[shenglol]

Do we need to support the other built-in types as well?

[jorgecotillo]

Good point, does config items will support all types - like in Template parameters?

[shenglol]

Yeah, the runtime (deployment engine) supports all types except for user-defined types.

[jorgecotillo]

Extension suffix might be confusing as well, people might confuse with C# extension classes.

[anthony-c-martin]

I think it's fine, the convention for C# extension classes is to pluralize.

[anthony-c-martin]

Although looking at the existing name which I picked, I'm wondering if we could call it something more indicative of what it's actually doing like NestedDeploymentExtension?

[anthony-c-martin]

See my other comment on LocalExtensibilityExtension.cs - I'm learning more towards NestedDeploymentExtensibilityHost as a name for this class.

[shenglol]

Does it make more sense to make this a built-in local extension rather than an extension host?

[jorgecotillo]

NestedDeploymentBuiltInExtension ?

[jorgecotillo]

I noticed a bunch of deletions - packages.lock.json - I cleaned the solution and rebuilt but files are gone, doesn't seem expected.

[anthony-c-martin]

I would recommend just reverting this part of the change - the bicep-vs solution should be unaffected. It's a separate .sln file, so rebuilding the main solution file won't cause these files to be updated.

[anthony-c-martin]

Since this is just a convenience property, and you don't want the value to differ from what is on the model, could we replace it with the following?

public bool LocalDeployEnabled => model.Features.LocalDeployEnabled;

[jorgecotillo]

I moved to use Context.SemanticModel.Features.LocalDeployEnabled instead.

[anthony-c-martin]

For consistency, could we either access this property with Context.Settings.LocalDeployEnabled everywhere (the convenience property you added), or with Context.SemanticModel.Features.LocalDeployEnabled everywhere?

[jorgecotillo]

Got it, I didn't know you get access to Settings or SemanticModel from Context. I'll remove the convenience property and use Context.SemanticModel.Features.LocalDeployEnabled everywhere instead.

[anthony-c-martin]

Is it worth handling secureString here?

[jorgecotillo]

I am avoiding it because secureString requires bicep to read the value from KeyVault and not sure if all the wiring is in place right now.

[jorgecotillo]

after chatting with Shenglong, will be including the same types that we support today in Deployments

[anthony-c-martin]

...ExtensibilityExtension is a bit strange - what about LocalDeployExtension?

[anthony-c-martin]

On second thoughts, I actually think it's fine to keep Provider here (GrpcExtensibilityProvider, NestedDeploymentExtensibilityProvider). This is a different concept to the extension which a user would think about - the GrpcExtensibilityProvider is a host for multiple user-defined extensions, rather than being an extension in itself. Maybe GrpcExtensibilityHost / LocalExtensibilityHost would be a more appropriate name? @shenglol thoughts?

[shenglol]

Agree that the class functions more as an extension host / dispatcher. I think either 'LocalExtensibilityHost' or 'LocalExtensionHost' would be suitable names.

[anthony-c-martin]

[nit] Remove this

[jorgecotillo]

(facepalm) moved to copy the arg names and omit to remove these.

[anthony-c-martin]

What are these headers used for? Would you mind adding a code comment to explain?

[jorgecotillo]

@shenglol are we going to relax echo these header values in deployment engine? If so, these headers are just temporal additions and can add a comment but if is permanent, are these values ok?

To give you some context Anthony, deployment engine performs validations on header values and expects these two to be present, but it might not apply to local extensibility.

[shenglol]

Yeah, I'll send a PR to relax the validation for the headers. We can remove them from LocalDeploymentEngineHost later.

[anthony-c-martin]

It feels odd that this method deserializes the request (content.ReadAsAsync<ResourceReferenceRequestBody>) but then returns an unserialized response (ResourceResponseBody). Should we instead just have it return a HttpContent or equivalent?

[anthony-c-martin]

I also noticed that for response serialization you are using ResourceStack (.ToJson()), but for request deserialization you are using the ASP.NET defaults (content.ReadAsAsync()). This may yield different results.

My preference here would be to remove the dependency on HttpContent and its built-in serializer at this layer, and instead take a Stream for the body, and return a Stream.

This removes the coupling with the HTTP layer, and puts us in full control the serialization + deserialization in one place (here).

@shenglol should we be using NewtonSoft or STJ for the classes under Azure.Deployments.Engine.Host.Azure.ExtensibilityV2.Contract.Models?

[shenglol]

I would prefer using STJ for better performance. @jorgecotillo, we discussed using v2 models from Azure.Deployments.Extensibility instead. Could we switch to using those models?

[jorgecotillo]

Done

[anthony-c-martin]

What about ExtensionHostManager?

[shenglol]

I'm just thinking out loud here - what if we tweak the architecture? To me it seems a bit odd to have a manager or registry of extension hosts. Does it make sense to do the opposite? Instead of having a manager invoking an extension host, the LocalExtensionHost could reference a LocalExtensionRegistry. The LocalExtensionHost would use the LocalExtensionRegistry to resolve an extension based on a given extension name and version. Then, the LocalExtensionHost would dispatch the resolved extension to handle resource operations.

[shenglol]

Created a diagram to illustrate the idea:

[shenglol]

This shouldn't block the PR, though. Since it's a design change, we may need to discuss it first and implement it later in subsequent PRs.

[anthony-c-martin]

Agreed, feels like there's definitely scope to simplify the design, and I like the above proposal. Working off it, some additional things to think about:

• Lifecycle management of IExtension instances - I assume we'd want this to be the responsibility of the ExtensionRegistry?
  • Activating extensions that aren't currently running (currently I believe this happens implicitly when an IExtension method call happens, but I think it should be more explicitly managed)
  • Deactivating unused extensions
  • Keepalives (not currently implemented, but may need to be to avoid leaving orphaned processes running)
• Resolving extensions by name & version leaves room for mixups to occur. I think we should key off the file system (cache) path to avoid this. This would need to be represented in the intermediate template somehow for the deployment layer to understand it.

[anthony-c-martin]

Rather than deleting this, could we move it to the Config property to be more representative of a real-life scenario?

[jorgecotillo]

Added back

[anthony-c-martin]

It's a risk when parsing untrusted data, so it makes sense that we're forced to handle null. My recommendation would be to just throw an exception if it happens.

I also think there's a lot going on in this function, so might be worth simplifying by using a traditional function rather than the expression body syntax:

private Protocol.ResourceRequestBody Convert(ResourceRequestBody request)
{
    JsonObject? config = null;
    if (request.Config is {})
    {
        config = JsonNode.Parse(request.Config)?.AsObject()
            ?? throw new ...;
    }

    var properties = JsonNode.Parse(request.Properties)?.AsObject()
        ?? throw new ...;

    return new(config, request.Type, properties, request.ApiVersion);
}

[anthony-c-martin]

This was intended as a response to your comment // TODO: Is there a better way to parse to ensure result might not be null? FYI

[jorgecotillo]

yup, I updated the code and will push in the upcoming iteration

[anthony-c-martin]

Do you know why this was necessary?

[jorgecotillo]

No clue, might be VS adding references when performing autocompletion, I just removed the unnecessary using statements btw.

[anthony-c-martin]

LGTM!