feat: improve bicep templating

src/ALZ/ALZ.psd1

@@ -40,6 +40,7 @@ Included Cmdlets:
 - Deploy-Accelerator: Deploys the Azure Landing Zone accelerator to your Azure subscription.
 - Grant-SubscriptionCreatorRole: Grants the Subscription Creator role to a specified user or service principal.
 - Remove-PlatformLandingZone: Removes the deployed Azure Landing Zone from your Azure subscription
+- New-AcceleratorFolderStructure: Creates a new folder structure for the Azure Landing Zone accelerator with necessary configuration files.
 '@
 
     CompatiblePSEditions = 'Core'
@@ -85,7 +86,8 @@ Included Cmdlets:
         'Test-AcceleratorRequirement',
         'Deploy-Accelerator',
         'Grant-SubscriptionCreatorRole',
-        'Remove-PlatformLandingZone'
+        'Remove-PlatformLandingZone',
+        'New-AcceleratorFolderStructure'
     )
 
     # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.

src/ALZ/Private/Config-Helpers/Convert-BicepConfigToInputConfig.ps1

@@ -44,6 +44,8 @@ function Convert-BicepConfigToInputConfig {
                 $configItem | Add-Member -NotePropertyName "targets" -NotePropertyValue $variable.Value.targets
             }
 
+            $configItem | Add-Member -NotePropertyName "Sensitive" -NotePropertyValue $false
+
             $configItem | Add-Member -NotePropertyName "Description" -NotePropertyValue $description
             $configItems | Add-Member -NotePropertyName $variable.Name -NotePropertyValue $configItem
         }

src/ALZ/Private/Config-Helpers/Convert-HCLVariablesToInputConfig.ps1

@@ -41,6 +41,13 @@ function Convert-HCLVariablesToInputConfig {
 
             $configItem | Add-Member -NotePropertyName "Description" -NotePropertyValue $description
 
+            $sensitive = $false
+            if ($variable.Value[0].PSObject.Properties.Name -contains "sensitive" -and $variable.Value[0].sensitive -eq $true) {
+                $sensitive = $true
+                Write-Verbose "Marking variable $($variable.Name) as sensitive..."
+            }
+            $configItem | Add-Member -NotePropertyName "Sensitive" -NotePropertyValue $sensitive
+
             Write-Verbose "Adding variable $($variable.Name) to the configuration..."
             $configItems | Add-Member -NotePropertyName $variable.Name -NotePropertyValue $configItem
         }

src/ALZ/Private/Config-Helpers/Convert-ParametersToInputConfig.ps1

@@ -15,8 +15,9 @@ function Convert-ParametersToInputConfig {
                 Write-Verbose "Alias $parameterAlias exists in input config, renaming..."
                 $configItem = $inputConfig.PSObject.Properties | Where-Object { $_.Name -eq $parameterAlias }
                 $inputConfig | Add-Member -NotePropertyName $parameterKey -NotePropertyValue @{
-                    Value  = $configItem.Value.Value
-                    Source = $configItem.Value.Source
+                    Value     = $configItem.Value.Value
+                    Source    = $configItem.Value.Source
+                    Sensitive = $configItem.Value.Sensitive
                 }
                 $inputConfig.PSObject.Properties.Remove($configItem.Name)
                 continue
@@ -38,8 +39,9 @@ function Convert-ParametersToInputConfig {
             }
             Write-Verbose "Adding parameter $parameterKey with value $variableValue"
             $inputConfig | Add-Member -NotePropertyName $parameterKey -NotePropertyValue @{
-                Value  = $variableValue
-                Source = "parameter"
+                Value     = $variableValue
+                Source    = "parameter"
+                Sensitive = $false
             }
         }
     }

src/ALZ/Private/Config-Helpers/Get-ALZConfig.ps1

@@ -57,8 +57,9 @@ function Get-ALZConfig {
 
     foreach ($property in $config.PSObject.Properties) {
         $inputConfig | Add-Member -NotePropertyName $property.Name -NotePropertyValue @{
-            Value  = $property.Value
-            Source = $extension
+            Value     = $property.Value
+            Source    = $extension
+            Sensitive = $false
         }
     }
 

src/ALZ/Private/Config-Helpers/Write-JsonFile.ps1

@@ -5,7 +5,10 @@ function Write-JsonFile {
         [string] $jsonFilePath,
 
         [Parameter(Mandatory = $false)]
-        [PSObject] $configuration
+        [PSObject[]] $configurations,
+
+        [Parameter(Mandatory = $false)]
+        [switch] $all
     )
 
     if ($PSCmdlet.ShouldProcess("Download Terraform Tools", "modify")) {
@@ -16,10 +19,24 @@ function Write-JsonFile {
 
         $environmentVariables = [ordered]@{}
 
-        foreach ($configKey in $configuration.PsObject.Properties | Sort-Object Name) {
-            foreach ($target in $configKey.Value.Targets) {
-                if ($target.Destination -eq "Environment") {
-                    $environmentVariables.$($target.Name) = $configKey.Value.Value
+        foreach ($configuration in $configurations) {
+            Write-Verbose "Processing configuration for JSON output to $($jsonFilePath)"
+            foreach ($configKey in $configuration.PsObject.Properties | Sort-Object Name) {
+                Write-Verbose "Processing configuration key $($configKey.Name) for $($jsonFilePath)"
+                Write-Verbose "Configuration key value: $(ConvertTo-Json $configKey.Value -Depth 100)"
+                if($configKey.Value.Sensitive) {
+                    Write-Verbose "Obfuscating sensitive configuration $($configKey.Name) from JSON output"
+                    $environmentVariables.$($configKey.Name) = "<sensitive>"
+                    continue
+                }
+                if($all) {
+                    $environmentVariables.$($configKey.Name) = $configKey.Value.Value
+                    continue
+                }
+                foreach ($target in $configKey.Value.Targets) {
+                    if ($target.Destination -eq "Environment") {
+                        $environmentVariables.$($target.Name) = $configKey.Value.Value
+                    }
                 }
             }
         }

src/ALZ/Private/Deploy-Accelerator-Helpers/New-Bootstrap.ps1

@@ -34,9 +34,6 @@ function New-Bootstrap {
         [Parameter(Mandatory = $false)]
         [switch] $destroy,
 
-        [Parameter(Mandatory = $false)]
-        [PSCustomObject] $zonesSupport = $null,
-
         [Parameter(Mandatory = $false, HelpMessage = "An extra level of logging that is turned off by default for easier debugging.")]
         [switch]
         $writeVerboseLogs,
@@ -125,8 +122,9 @@ function New-Bootstrap {
 
                 # Add the root module folder to bootstrap input config
                 $inputConfig | Add-Member -NotePropertyName "root_module_folder_relative_path" -NotePropertyValue @{
-                    Value  = $starterRootModuleFolder
-                    Source = "calculated"
+                    Value     = $starterRootModuleFolder
+                    Source    = "calculated"
+                    Sensitive = $false
                 }
 
                 # Set the starter root module folder full path
@@ -146,6 +144,8 @@ function New-Bootstrap {
             $bootstrapParameters = Convert-HCLVariablesToInputConfig -targetVariableFile $terraformFile.FullName -hclParserToolPath $hclParserToolPath -appendToObject $bootstrapParameters
         }
 
+        Write-Verbose "Bootstrap Parameters before setting config: $(ConvertTo-Json $bootstrapParameters -Depth 100)"
+
         # Getting the configuration for the starter module user input
         $starterParameters = [PSCustomObject]@{}
 
@@ -165,30 +165,26 @@ function New-Bootstrap {
 
         # Set computed inputs
         $inputConfig | Add-Member -NotePropertyName "module_folder_path" -NotePropertyValue @{
-            Value  = $starterModulePath
-            Source = "calculated"
-        }
-        $inputConfig | Add-Member -NotePropertyName "availability_zones_bootstrap" -NotePropertyValue @{
-            Value  = @(Get-AvailabilityZonesSupport -region $inputConfig.bootstrap_location.Value -zonesSupport $zonesSupport)
-            Source = "calculated"
+            Value     = $starterModulePath
+            Source    = "calculated"
+            Sensitive = $false
         }
 
-        if ($inputConfig.PSObject.Properties.Name -contains "starter_location" -and $inputConfig.PSObject.Properties.Name -notcontains "starter_locations") {
-            Write-Verbose "Converting starter_location $($inputConfig.starter_location.Value) to starter_locations..."
-            $inputConfig | Add-Member -NotePropertyName "starter_locations" -NotePropertyValue @{
-                Value  = @($inputConfig.starter_location.Value)
-                Source = "calculated"
-            }
-        }
+        if ($iac -eq "bicep-classic" -and $inputConfig.PSObject.Properties.Name -contains "starter_locations") {
+            # Get the supported regions and availability zones
+            Write-Verbose "Getting Supported Regions and Availability Zones with Terraform"
+            $regionsAndZones = Get-AzureRegionData -toolsPath $toolsPath
+            Write-Verbose "Supported Regions: $($regionsAndZones.supportedRegions)"
+            $zonesSupport = $regionsAndZones.zonesSupport
 
-        if ($inputConfig.PSObject.Properties.Name -contains "starter_locations") {
             $availabilityZonesStarter = @()
             foreach ($region in $inputConfig.starter_locations.Value) {
                 $availabilityZonesStarter += , @(Get-AvailabilityZonesSupport -region $region -zonesSupport $zonesSupport)
             }
             $inputConfig | Add-Member -NotePropertyName "availability_zones_starter" -NotePropertyValue @{
-                Value  = $availabilityZonesStarter
-                Source = "calculated"
+                Value     = $availabilityZonesStarter
+                Source    = "calculated"
+                Sensitive = $false
             }
         }
 
@@ -200,20 +196,25 @@ function New-Bootstrap {
             -configurationParameters $bootstrapParameters `
             -inputConfig $inputConfig
 
+        Write-Verbose "Final Bootstrap Parameters: $(ConvertTo-Json $bootstrapConfiguration -Depth 100)"
+
         # Getting the input for the starter module
         Write-Verbose "Setting the configuration for the starter module..."
         $starterConfiguration = Set-Config `
             -configurationParameters $starterParameters `
             -inputConfig $inputConfig `
             -copyEnvVarToConfig
 
-        Write-Verbose "Final Starter Parameters: $(ConvertTo-Json $starterParameters -Depth 100)"
+        Write-Verbose "Final Starter Parameters: $(ConvertTo-Json $starterConfiguration -Depth 100)"
 
         # Creating the tfvars files for the bootstrap and starter module
         $tfVarsFileName = "terraform.tfvars.json"
         $bootstrapTfvarsPath = Join-Path -Path $bootstrapModulePath -ChildPath $tfVarsFileName
         $starterTfvarsPath = Join-Path -Path $starterRootModuleFolderPath -ChildPath "terraform.tfvars.json"
-        $starterBicepVarsPath = Join-Path -Path $starterModulePath -ChildPath "parameters.json"
+        $starterBicepVarsFileName = "parameters.json"
+        $starterBicepAllVarsFileName = "template-parameters.json"
+        $starterBicepVarsPath = Join-Path -Path $starterModulePath -ChildPath $starterBicepVarsFileName
+        $starterBicepAllVarsPath = Join-Path -Path $starterModulePath -ChildPath $starterBicepAllVarsFileName
 
         # Write the tfvars file for the bootstrap and starter module
         Write-TfvarsJsonFile -tfvarsFilePath $bootstrapTfvarsPath -configuration $bootstrapConfiguration
@@ -270,10 +271,12 @@ function New-Bootstrap {
             Set-ComputedConfiguration -configuration $starterConfiguration
             Edit-ALZConfigurationFilesInPlace -alzEnvironmentDestination $starterModulePath -configuration $starterConfiguration
             Write-JsonFile -jsonFilePath $starterBicepVarsPath -configuration $starterConfiguration
+            Write-JsonFile -jsonFilePath $starterBicepAllVarsPath -configuration @($inputConfig, $starterConfiguration, $bootstrapConfiguration) -all
 
             # Remove unrequired files
             $foldersOrFilesToRetain = $starterConfig.starter_modules.Value.$($inputConfig.starter_module_name.Value).folders_or_files_to_retain
-            $foldersOrFilesToRetain += "parameters.json"
+            $foldersOrFilesToRetain += $starterBicepVarsFileName
+            $foldersOrFilesToRetain += $starterBicepAllVarsFileName
             $foldersOrFilesToRetain += "config"
             $foldersOrFilesToRetain += ".config"
 

src/ALZ/Public/Deploy-Accelerator.ps1

@@ -211,6 +211,12 @@ function Deploy-Accelerator {
 
     if ($PSCmdlet.ShouldProcess("Accelerator setup", "modify")) {
 
+        # Normalize output folder path
+        if($output_folder_path.StartsWith("~/" )) {
+            $output_folder_path = Join-Path $HOME $output_folder_path.Replace("~/", "")
+        }
+        $output_folder_path = (Resolve-Path -Path $output_folder_path).Path
+
         # Check and install tools needed
         $toolsPath = Join-Path -Path $output_folder_path -ChildPath ".tools"
         if ($skipInternetChecks) {
@@ -235,6 +241,11 @@ function Deploy-Accelerator {
 
         # Get the input config from yaml and json files
         foreach ($inputConfigFilePath in $inputConfigFilePaths) {
+            if($inputConfigFilePath.StartsWith("~/" )) {
+                $inputConfigFilePath = Join-Path $HOME $inputConfigFilePath.Replace("~/", "")
+            }
+            $inputConfigFilePath = (Resolve-Path -Path $inputConfigFilePath).Path
+            Write-Verbose "Loading input config from file: $inputConfigFilePath"
             $inputConfig = Get-ALZConfig -configFilePath $inputConfigFilePath -inputConfig $inputConfig -hclParserToolPath $hclParserToolPath
         }
 
@@ -259,6 +270,8 @@ function Deploy-Accelerator {
         }
         $inputConfig = Convert-ParametersToInputConfig -inputConfig $inputConfig -parameters $parametersWithValues
 
+        Write-Verbose "Initial Input config: $(ConvertTo-Json $inputConfig -Depth 100)"
+
         # Throw if IAC type is not specified
         if (!$inputConfig.iac_type.Value) {
             Write-InformationColored "No Infrastructure as Code type has been specified. Please supply the IAC type you wish to deploy..." -ForegroundColor Red -InformationAction Continue
@@ -269,15 +282,17 @@ function Deploy-Accelerator {
             Write-InformationColored "Although you have selected Bicep, the Accelerator leverages the Terraform tool to bootstrap your Version Control System and Azure. This will not impact your choice of Bicep post this initial bootstrap. Please refer to our documentation for further details..." -ForegroundColor Yellow -InformationAction Continue
         }
 
-        Write-Verbose "Initial Input config: $(ConvertTo-Json $inputConfig -Depth 100)"
-
         # Download the bootstrap modules
         $bootstrapReleaseTag = ""
         $bootstrapPath = ""
         $bootstrapTargetFolder = "bootstrap"
 
         Write-InformationColored "Checking and Downloading the bootstrap module..." -ForegroundColor Green -NewLineBefore -InformationAction Continue
 
+        if($inputConfig.bootstrap_module_override_folder_path.Value.StartsWith("~/" )) {
+            $inputConfig.bootstrap_module_override_folder_path.Value = Join-Path $HOME $inputConfig.bootstrap_module_override_folder_path.Value.Replace("~/", "")
+        }
+
         $versionAndPath = New-ModuleSetup `
             -targetDirectory $inputConfig.output_folder_path.Value `
             -targetFolder $bootstrapTargetFolder `
@@ -304,7 +319,6 @@ function Deploy-Accelerator {
         $starterConfigFilePath = ""
 
         $bootstrapDetails = $null
-        $zonesSupport = $null
 
         # Request the bootstrap type if not already specified
         if(!$inputConfig.bootstrap_module_name.Value) {
@@ -327,7 +341,6 @@ function Deploy-Accelerator {
         $starterModuleSourceFolder = $bootstrapAndStarterConfig.starterModuleSourceFolder
         $starterReleaseArtifactName = $bootstrapAndStarterConfig.starterReleaseArtifactName
         $starterConfigFilePath = $bootstrapAndStarterConfig.starterConfigFilePath
-        $zonesSupport = $bootstrapAndStarterConfig.zonesSupport
 
         # Download the starter modules
         $starterReleaseTag = ""
@@ -336,6 +349,10 @@ function Deploy-Accelerator {
         if ($hasStarterModule) {
             Write-InformationColored "Checking and downloading the starter module..." -ForegroundColor Green -NewLineBefore -InformationAction Continue
 
+            if($inputConfig.starter_module_override_folder_path.Value.StartsWith("~/" )) {
+                $inputConfig.starter_module_override_folder_path.Value = Join-Path $HOME $inputConfig.starter_module_override_folder_path.Value.Replace("~/", "")
+            }
+
             $versionAndPath = New-ModuleSetup `
                 -targetDirectory $inputConfig.output_folder_path.Value `
                 -targetFolder $starterModuleTargetFolder `
@@ -354,30 +371,46 @@ function Deploy-Accelerator {
 
         # Set computed interface inputs
         $inputConfig | Add-Member -MemberType NoteProperty -Name "bicep_config_file_path" -Value @{
-            Value  = $starterConfigFilePath
-            Source = "calculated"
+            Value     = $starterConfigFilePath
+            Source    = "calculated"
+            Sensitive = $false
         }
         $inputConfig | Add-Member -MemberType NoteProperty -Name "on_demand_folder_repository" -Value @{
-            Value  = $starterModuleUrl
-            Source = "calculated"
+            Value     = $starterModuleUrl
+            Source    = "calculated"
+            Sensitive = $false
         }
         $inputConfig | Add-Member -MemberType NoteProperty -Name "on_demand_folder_artifact_name" -Value @{
-            Value  = $starterReleaseArtifactName
-            Source = "calculated"
+            Value     = $starterReleaseArtifactName
+            Source    = "calculated"
+            Sensitive = $false
         }
         $inputConfig | Add-Member -MemberType NoteProperty -Name "release_version" -Value @{
-            Value  = ($starterReleaseTag -eq "local" ? $inputConfig.starter_module_version.Value : $starterReleaseTag)
-            Source = "calculated"
+            Value     = ($starterReleaseTag -eq "local" ? $inputConfig.starter_module_version.Value : $starterReleaseTag)
+            Source    = "calculated"
+            Sensitive = $false
         }
         $inputConfig | Add-Member -MemberType NoteProperty -Name "time_stamp" -Value @{
-            Value  = (Get-Date).ToString("yyyy-MM-dd-HH-mm-ss")
-            Source = "calculated"
+            Value     = (Get-Date).ToString("yyyy-MM-dd-HH-mm-ss")
+            Source    = "calculated"
+            Sensitive = $false
         }
 
         # Run the bootstrap
         $bootstrapTargetPath = Join-Path $inputConfig.output_folder_path.Value $bootstrapTargetFolder
         $starterTargetPath = Join-Path $inputConfig.output_folder_path.Value $starterFolder
 
+        # Normalize starter additional files input
+        $starterAdditionalFiles = @()
+        foreach ($additionalFile in $inputConfig.starter_additional_files.Value) {
+            if($additionalFile.StartsWith("~/" )) {
+                $additionalFile = Join-Path $HOME $additionalFile.Replace("~/", "")
+            }
+            $additionalFile = (Resolve-Path -Path $additionalFile).Path
+            $starterAdditionalFiles += $additionalFile
+        }
+        $inputConfig.starter_additional_files.Value = $starterAdditionalFiles
+
         New-Bootstrap `
             -iac $inputConfig.iac_type.Value `
             -bootstrapDetails $bootstrapDetails `
@@ -390,7 +423,6 @@ function Deploy-Accelerator {
             -starterConfig $starterConfig `
             -autoApprove:$inputConfig.auto_approve.Value `
             -destroy:$inputConfig.destroy.Value `
-            -zonesSupport $zonesSupport `
             -writeVerboseLogs:$inputConfig.write_verbose_logs.Value `
             -hclParserToolPath $hclParserToolPath `
             -convertTfvarsToJson:$inputConfig.convert_tfvars_to_json.Value `