use new metadata to persist parameters required for deploy

cli/azd/pkg/apphost/generate.go

@@ -321,15 +321,19 @@ func BicepTemplate(name string, manifest *Manifest, options AppHostOptions) (*me
 
 	// order to be deterministic when writing bicep
 	genParametersKeys := slices.Sorted(maps.Keys(generator.bicepContext.InputParameters))
+	metadataType := azure.AzdMetadataTypeGenerate
 	for _, key := range genParametersKeys {
 		parameter := generator.bicepContext.InputParameters[key]
 		parameterMetadata := ""
 		var parameterDefaultValue *string
 		if parameter.Default != nil {
 			// main.bicep template handles *string for default.Value. If the value is nil, it will be ignored.
 			// if not nil, like empty string or any other string, it is used as `= '<value>'`
-			parameterDefaultValue = parameter.Default.Value
-			if parameter.Default.Generate != nil {
+			if parameter.Default.Value != nil {
+				parameterDefaultValue = parameter.Default.Value
+				metadataType = azure.AzdMetadataTypeNeedForDeploy
+				parameterMetadata = "{}"
+			} else if parameter.Default.Generate != nil { // Note: .Value and .Generate are mutually exclusive
 				pMetadata, err := inputMetadata(*parameter.Default.Generate)
 				if err != nil {
 					return nil, fmt.Errorf("generating input metadata for %s: %w", key, err)
@@ -343,7 +347,7 @@ func BicepTemplate(name string, manifest *Manifest, options AppHostOptions) (*me
 		parameters = append(parameters, autoGenInput{
 			genInput:       input,
 			MetadataConfig: parameterMetadata,
-			MetadataType:   azure.AzdMetadataTypeGenerate})
+			MetadataType:   metadataType})
 		if slices.Contains(generator.bicepContext.mappedParameters, strings.ReplaceAll(key, "-", "_")) {
 			mapToResourceParams = append(mapToResourceParams, input)
 		}

cli/azd/pkg/azure/arm_template.go

@@ -102,6 +102,7 @@ type AzdMetadataType string
 const AzdMetadataTypeLocation AzdMetadataType = "location"
 const AzdMetadataTypeGenerate AzdMetadataType = "generate"
 const AzdMetadataTypeGenerateOrManual AzdMetadataType = "generateOrManual"
+const AzdMetadataTypeNeedForDeploy AzdMetadataType = "needForDeploy"
 
 type AzdMetadata struct {
 	Type               *AzdMetadataType `json:"type,omitempty"`

cli/azd/pkg/infra/provisioning/bicep/bicep_provider.go

@@ -1826,6 +1826,7 @@ func (p *BicepProvider) ensureParameters(
 	for _, key := range sortedKeys {
 		param := template.Parameters[key]
 		parameterType := p.mapBicepTypeToInterfaceType(param.Type)
+		azdMetadata, hasMetadata := param.AzdMetadata()
 
 		// If a value is explicitly configured via a parameters file, use it.
 		// unless the parameter value inference is nil/empty
@@ -1835,6 +1836,10 @@ func (p *BicepProvider) ensureParameters(
 				configuredParameters[key] = azure.ArmParameterValue{
 					Value: paramValue,
 				}
+				if hasMetadata && azdMetadata.Type != nil && *azdMetadata.Type == azure.AzdMetadataTypeNeedForDeploy {
+					mustSetParamAsConfig(key, paramValue, p.env.Config, param.Secure())
+					configModified = true
+				}
 				continue
 			}
 		}
@@ -1863,7 +1868,6 @@ func (p *BicepProvider) ensureParameters(
 
 		// If the parameter is tagged with {type: "generate"}, skip prompting.
 		// We generate it once, then save to config for next attempts.`.
-		azdMetadata, hasMetadata := param.AzdMetadata()
 		if hasMetadata && parameterType == provisioning.ParameterTypeString && azdMetadata.Type != nil &&
 			*azdMetadata.Type == azure.AzdMetadataTypeGenerate {
 
@@ -1999,7 +2003,7 @@ func armParameterFileValue(paramType provisioning.ParameterType, value any, defa
 
 		defaultVal, hasDefault := defaultValue.(string)
 		if hasDefault && paramValid && paramVal != defaultVal {
-			return paramVal
+			return defaultVal
 		}
 	default:
 		return value

cli/azd/test/functional/aspire_test.go

@@ -69,7 +69,7 @@ func restoreDotnetWorkload(t *testing.T) {
 
 // Test_CLI_Aspire_DetectGen tests the detection and generation of an Aspire project.
 func Test_CLI_Aspire_DetectGen(t *testing.T) {
-	restoreDotnetWorkload(t)
+	//restoreDotnetWorkload(t)
 
 	sn := snapshot.NewDefaultConfig().WithOptions(cupaloy.SnapshotFileExtension(""))
 	snRoot := filepath.Join("testdata", "snaps", "aspire-full")

cli/azd/test/functional/testdata/samples/aspire-full/AspireAzdTests.AppHost/Program.cs

@@ -2,6 +2,9 @@
 
 var builder = DistributedApplication.CreateBuilder(args);
 
+// test param with default value
+var goVersion = builder.AddParameter("goversion", "1.22", publishValueAsDefault: true);
+
 // redis instance the app will use for simple messages
 var redisPubSub = builder.AddRedis("pubsub");
 
@@ -38,6 +41,7 @@
                             .WithReference(messageQueue)
                             .WithReference(apiservice)
                             .WithReference(cosmosDb)
-                            .WithReference(workerProj);
+                            .WithReference(workerProj)
+                            .WithEnvironment("GOVERSION", goVersion);
 
 builder.Build().Run();

cli/azd/test/functional/testdata/samples/aspire-full/Directory.Build.props

@@ -1,5 +1,5 @@
 <Project>
     <PropertyGroup>
-        <AspireVersion>8.2.0</AspireVersion>
+        <AspireVersion>9.0.0-rc.1.24511.1</AspireVersion>
     </PropertyGroup>
 </Project>

cli/azd/test/functional/testdata/snaps/aspire-full/AspireAzdTests.AppHost/infra/webfrontend.tmpl.yaml

@@ -41,6 +41,8 @@ properties:
             value: {{ .Env.MANAGED_IDENTITY_CLIENT_ID }}
           - name: ASPNETCORE_FORWARDEDHEADERS_ENABLED
             value: "true"
+          - name: GOVERSION
+            value: '{{ parameterWithDefault "goversion" "1.22"}}'
           - name: HTTP_PORTS
             value: '{{ targetPortOrDefault 0 }}'
           - name: OTEL_DOTNET_EXPERIMENTAL_OTLP_EMIT_EVENT_LOG_ATTRIBUTES

cli/azd/test/functional/testdata/snaps/aspire-full/cosmos.module.bicep

@@ -1,54 +1,48 @@
-targetScope = 'resourceGroup'
-
-@description('')
+@description('The location for the resource(s) to be deployed.')
 param location string = resourceGroup().location
 
-@description('')
 param keyVaultName string
 
-
-resource keyVault_IeF8jZvXV 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
+resource keyVault 'Microsoft.KeyVault/vaults@2023-07-01' existing = {
   name: keyVaultName
 }
 
-resource cosmosDBAccount_MZyw35gqp 'Microsoft.DocumentDB/databaseAccounts@2023-04-15' = {
-  name: toLower(take('cosmos${uniqueString(resourceGroup().id)}', 24))
+resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = {
+  name: take('cosmos-${uniqueString(resourceGroup().id)}', 44)
   location: location
-  tags: {
-    'aspire-resource-name': 'cosmos'
-  }
-  kind: 'GlobalDocumentDB'
   properties: {
-    databaseAccountOfferType: 'Standard'
-    consistencyPolicy: {
-      defaultConsistencyLevel: 'Session'
-    }
     locations: [
       {
         locationName: location
         failoverPriority: 0
       }
     ]
+    consistencyPolicy: {
+      defaultConsistencyLevel: 'Session'
+    }
+    databaseAccountOfferType: 'Standard'
+  }
+  kind: 'GlobalDocumentDB'
+  tags: {
+    'aspire-resource-name': 'cosmos'
   }
 }
 
-resource cosmosDBSqlDatabase_tiaTwUqx8 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2023-04-15' = {
-  parent: cosmosDBAccount_MZyw35gqp
+resource db3 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2024-08-15' = {
   name: 'db3'
   location: location
   properties: {
     resource: {
       id: 'db3'
     }
   }
+  parent: cosmos
 }
 
-resource keyVaultSecret_Ddsc3HjrA 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
-  parent: keyVault_IeF8jZvXV
+resource connectionString 'Microsoft.KeyVault/vaults/secrets@2023-07-01' = {
   name: 'connectionString'
-  location: location
   properties: {
-    value: 'AccountEndpoint=${cosmosDBAccount_MZyw35gqp.properties.documentEndpoint};AccountKey=${cosmosDBAccount_MZyw35gqp.listkeys(cosmosDBAccount_MZyw35gqp.apiVersion).primaryMasterKey}'
+    value: 'AccountEndpoint=${cosmos.properties.documentEndpoint};AccountKey=${cosmos.listKeys().primaryMasterKey}'
   }
+  parent: keyVault
 }
-

cli/azd/test/functional/testdata/snaps/aspire-full/infra/cosmos/cosmos.module.bicep

@@ -1,54 +1,48 @@
-targetScope = 'resourceGroup'
-
-@description('')
+@description('The location for the resource(s) to be deployed.')
 param location string = resourceGroup().location
 
-@description('')
 param keyVaultName string
 
-
-resource keyVault_IeF8jZvXV 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
+resource keyVault 'Microsoft.KeyVault/vaults@2023-07-01' existing = {
   name: keyVaultName
 }
 
-resource cosmosDBAccount_MZyw35gqp 'Microsoft.DocumentDB/databaseAccounts@2023-04-15' = {
-  name: toLower(take('cosmos${uniqueString(resourceGroup().id)}', 24))
+resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2024-08-15' = {
+  name: take('cosmos-${uniqueString(resourceGroup().id)}', 44)
   location: location
-  tags: {
-    'aspire-resource-name': 'cosmos'
-  }
-  kind: 'GlobalDocumentDB'
   properties: {
-    databaseAccountOfferType: 'Standard'
-    consistencyPolicy: {
-      defaultConsistencyLevel: 'Session'
-    }
     locations: [
       {
         locationName: location
         failoverPriority: 0
       }
     ]
+    consistencyPolicy: {
+      defaultConsistencyLevel: 'Session'
+    }
+    databaseAccountOfferType: 'Standard'
+  }
+  kind: 'GlobalDocumentDB'
+  tags: {
+    'aspire-resource-name': 'cosmos'
   }
 }
 
-resource cosmosDBSqlDatabase_tiaTwUqx8 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2023-04-15' = {
-  parent: cosmosDBAccount_MZyw35gqp
+resource db3 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2024-08-15' = {
   name: 'db3'
   location: location
   properties: {
     resource: {
       id: 'db3'
     }
   }
+  parent: cosmos
 }
 
-resource keyVaultSecret_Ddsc3HjrA 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
-  parent: keyVault_IeF8jZvXV
+resource connectionString 'Microsoft.KeyVault/vaults/secrets@2023-07-01' = {
   name: 'connectionString'
-  location: location
   properties: {
-    value: 'AccountEndpoint=${cosmosDBAccount_MZyw35gqp.properties.documentEndpoint};AccountKey=${cosmosDBAccount_MZyw35gqp.listkeys(cosmosDBAccount_MZyw35gqp.apiVersion).primaryMasterKey}'
+    value: 'AccountEndpoint=${cosmos.properties.documentEndpoint};AccountKey=${cosmos.listKeys().primaryMasterKey}'
   }
+  parent: keyVault
 }
-

cli/azd/test/functional/testdata/snaps/aspire-full/infra/main.bicep

@@ -12,6 +12,12 @@ param location string
 @description('Id of the user or app to assign application roles')
 param principalId string = ''
 
+@metadata({azd: {
+  type: 'needForDeploy'
+  config: {}
+  }
+})
+param goversion string = '1.22'
 
 var tags = {
   'azd-env-name': environmentName

cli/azd/test/functional/testdata/snaps/aspire-full/infra/main.parameters.json

@@ -5,6 +5,9 @@
       "principalId": {
         "value": "${AZURE_PRINCIPAL_ID}"
       },
+      "goversion": {
+        "value": "${AZURE_GOVERSION}"
+      },
       "environmentName": {
         "value": "${AZURE_ENV_NAME}"
       },

cli/azd/test/functional/testdata/snaps/aspire-full/infra/storage/storage.module.bicep

@@ -1,73 +1,67 @@
-targetScope = 'resourceGroup'
-
-@description('')
+@description('The location for the resource(s) to be deployed.')
 param location string = resourceGroup().location
 
-@description('')
 param principalId string
 
-@description('')
 param principalType string
 
-
-resource storageAccount_1XR3Um8QY 'Microsoft.Storage/storageAccounts@2022-09-01' = {
-  name: toLower(take('storage${uniqueString(resourceGroup().id)}', 24))
+resource storage 'Microsoft.Storage/storageAccounts@2024-01-01' = {
+  name: take('storage${uniqueString(resourceGroup().id)}', 24)
+  kind: 'StorageV2'
   location: location
-  tags: {
-    'aspire-resource-name': 'storage'
-  }
   sku: {
     name: 'Standard_GRS'
   }
-  kind: 'StorageV2'
   properties: {
     accessTier: 'Hot'
+    allowSharedKeyAccess: false
+    minimumTlsVersion: 'TLS1_2'
     networkAcls: {
       defaultAction: 'Allow'
     }
-    minimumTlsVersion: 'TLS1_2'
-    allowSharedKeyAccess: false
+  }
+  tags: {
+    'aspire-resource-name': 'storage'
   }
 }
 
-resource blobService_vTLU20GRg 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01' = {
-  parent: storageAccount_1XR3Um8QY
+resource blobs 'Microsoft.Storage/storageAccounts/blobServices@2024-01-01' = {
   name: 'default'
-  properties: {
-  }
+  parent: storage
 }
 
-resource roleAssignment_Gz09cEnxb 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-  scope: storageAccount_1XR3Um8QY
-  name: guid(storageAccount_1XR3Um8QY.id, principalId, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'))
+resource storage_StorageBlobDataContributor 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+  name: guid(storage.id, principalId, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'))
   properties: {
-    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe')
     principalId: principalId
+    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe')
     principalType: principalType
   }
+  scope: storage
 }
 
-resource roleAssignment_HRj6MDafS 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-  scope: storageAccount_1XR3Um8QY
-  name: guid(storageAccount_1XR3Um8QY.id, principalId, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3'))
+resource storage_StorageTableDataContributor 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+  name: guid(storage.id, principalId, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3'))
   properties: {
-    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3')
     principalId: principalId
+    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3')
     principalType: principalType
   }
+  scope: storage
 }
 
-resource roleAssignment_r0wA6OpKE 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-  scope: storageAccount_1XR3Um8QY
-  name: guid(storageAccount_1XR3Um8QY.id, principalId, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '974c5e8b-45b9-4653-ba55-5f855dd0fb88'))
+resource storage_StorageQueueDataContributor 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+  name: guid(storage.id, principalId, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '974c5e8b-45b9-4653-ba55-5f855dd0fb88'))
   properties: {
-    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '974c5e8b-45b9-4653-ba55-5f855dd0fb88')
     principalId: principalId
+    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '974c5e8b-45b9-4653-ba55-5f855dd0fb88')
     principalType: principalType
   }
+  scope: storage
 }
 
-output blobEndpoint string = storageAccount_1XR3Um8QY.properties.primaryEndpoints.blob
-output queueEndpoint string = storageAccount_1XR3Um8QY.properties.primaryEndpoints.queue
-output tableEndpoint string = storageAccount_1XR3Um8QY.properties.primaryEndpoints.table
+output blobEndpoint string = storage.properties.primaryEndpoints.blob
+
+output queueEndpoint string = storage.properties.primaryEndpoints.queue
 
+output tableEndpoint string = storage.properties.primaryEndpoints.table