branch_policy_build_validation and filename_patterns list order issues

[thesutex]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and Azure DevOps Provider) Version

Terraform v1.1.6
on linux_amd64

• provider registry.terraform.io/hashicorp/azurerm v2.97.0
• provider registry.terraform.io/hashicorp/external v2.0.0
• provider registry.terraform.io/hashicorp/local v2.1.0
• provider registry.terraform.io/microsoft/azuredevops v0.2.0

Affected Resource(s)

• azuredevops_branch_policy_build_validation

Terraform Configuration Files

input example (from terragrunt)

tf_modules = {
    #azurerm
    "app_service_plan"              = {}
    "data_factory"                  = {}

    #azuredevops
    "pipelines_modules"             = { cloud_provider = "azuredevops", pipeline_env = "azure/core", azdevops_service_connection = "xxx" }
    "pipelines_module_docs"         = { cloud_provider = "azuredevops", pipeline_env = "azure/core", azdevops_service_connection = "xxx" }
    "pipelines_live_infra"          = { cloud_provider = "azuredevops" }
  
    #fortios
    "address"                       = { cloud_provider = "fortios", pipeline_env = "azure/core" }
    "addressgrp"                    = { cloud_provider = "fortios", pipeline_env = "azure/core" }
}

terraform:

variable "tf_modules" {
  type = map(any)
}
resource "azuredevops_branch_policy_build_validation" "branchpolicy_modules" {
  # oparulesv1: "azuredevops_branch_policy_build_validation": {"delete": 100, "create": 1, "modify": 1}
  for_each   = var.tf_modules
  project_id = data.azuredevops_project.azdevops_project.id

  enabled  = true
  blocking = true

  settings {
    display_name                = "Update_Module_${lookup(each.value, "cloud_provider", var.cloud_provider)}_${each.key}_CheckoutToEnv_${element(split("/", lookup(each.value, "pipeline_env", var.pipeline_env)), 1)}"
    build_definition_id         = azuredevops_build_definition.builddef_modules[each.key].id
    valid_duration              = 720
    queue_on_source_update_only = true
    filename_patterns           = ["/${lookup(each.value, "cloud_provider", var.cloud_provider)}/${each.key}/*","!/${lookup(each.value, "cloud_provider", var.cloud_provider)}/${each.key}/*.md"]

    scope {
      repository_id  = data.azuredevops_git_repository.modulerepo.id
      repository_ref = data.azuredevops_git_repository.modulerepo.default_branch
      match_type     = "Exact"
    }
  }
}  

Debug Output

Panic Output

Expected Behavior

This module takes a map of terraform modules and creates build validation resources in AzureDevops. It should do this and keep the order used in settings block - filename_patterns

Actual Behavior

In around 50% of the cases the order of the filepattern in is wrong, and since ADO considers the list sequentially left to right (as noted on resource) half of the rules has wrong filenamepattern. It seems to ignore order of list in code,

code

filename_patterns = ["/${lookup(each.value, "cloud_provider", var.cloud_provider)}/${each.key}/*","!/${lookup(each.value, "cloud_provider", var.cloud_provider)}/${each.key}/*.md"]

examples of azdevops gui:

in the state they all look the same with the exclude first

It seems to be related to the lookup function , if I set the filter to this:

filename_patterns = ["/${lookup(each.value, "cloud_provider", var.cloud_provider)}/${each.key}/*", "!/*.md"]

it corrects "most" of the policies

It shouldnt sort the list at all if I read the documentation correct.

Steps to Reproduce

This codebit is a part of a bigger module that creates pipelines, generates yaml, creates build definitions etc. Its been working like a charm untill i added the exeption for the "*.md" files in the buld validation step.

1. terra{grunt/form} apply

Important Factoids

References

• #0000

[SimonAlling]

Interestingly, this issue was opened around the same time as v0.2.0 of this provider was released – the first release in about three months, and we first noticed this bug today. Coincidence? Seems unlikely to me. Apparently.

[thesutex]

Interestingly, this issue was opened around the same time as v0.2.0 of this provider was released – the first release in about three months, and we first noticed this bug today. Coincidence? Seems unlikely to me.

I've tested this with 0.1.8 , as well as different terraform versions .same results

[lindhe]

Interestingly, this issue was opened around the same time as v0.2.0 of this provider was released – the first release in about three months, and we first noticed this bug today. Coincidence? Seems unlikely to me.

We are running 0.1.8.

[thesutex]

When will this be released ?

[xuzhang3]

When will this be released ?

will released in v0.2.1

[thesutex]

When will this be released ?

will released in v0.2.1

Do you have a timeframe for that release ? Weeks , months ?

[xuzhang3]

@thesutex weeks, depends on the new features and bug fixes.