fix: update Azure Container Registry cache-rule to support unauthenticated repositories and wildcards

[seesharprun]

Description

Updating the ACR module to allow for unauthenticated cache rules and wildcard repositories. Today, the module:

• Errantly tries to include the asterisk from a wildcard repository in the name, causing a deployment failure
• Errantly marks the credentialSetResourceId property as required when it's not required for some repositories like Microsoft Artifact Registry (mcr.microsoft.com)

Changes

• Make credentialSetResourceId optional (nullable)
• Fix name parameter to replace wilcards in the sourceRepository parameter
• Run generation of readme files
• Update existing unit test to create a cache rule for MCR without an explicit name or credential set specified.
• Ran generation on all modules since Bicep no-longer requires dependsOn
  • This was required to get a successful build

Resolves

• Fixes [AVM Module Issue]: Unable to create cache rule with CredentialSetResourceId #3741

Pipeline Reference

Pipeline

Type of Change

• Update to CI Environment or utilities (Non-module affecting changes)
• Azure Verified Module updates:
  • Bugfix containing backwards-compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in version.json:
    • Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description.
    • The bug was found by the module author, and no one has opened an issue to report it yet.
  • Feature update backwards compatible feature updates, and I have bumped the MINOR version in version.json.
  • Breaking changes and I have bumped the MAJOR version in version.json.
  • Update to documentation

Checklist

• I'm sure there are no other open Pull Requests for the same update/change
• I have run Set-AVMModule locally to generate the supporting module files.
• My corresponding pipelines / checks run clean and green without any errors or warnings

[microsoft-github-policy-service]

Important

The "Needs: Triage 🔍" label must be removed once the triage process is complete!

Tip

For additional guidance on how to triage this issue/PR, see the BRM Issue Triage documentation.

[microsoft-github-policy-service]

Important

If this is a module-related PR, being submitted by the sole owner of the module, the AVM core team must review and approve it (as module owners can't approve their own PRs).

To indicate this PR needs the core team''s attention, apply the "Needs: Core Team 🧞" label!

The core team will only review and approve PRs that have this label applied!

[seesharprun]

I'm still working on the cache unit test to figure out what went wrong.

[jtracey93]

Hey @seesharprun ,

Firstly, thanks for your work on this PR!

We have made some changes to the AVM CI, detailed below, which means we need you to update your fork to pull in these latest changes and re-run your tests to show they still are passing prior to approving and merging this PR, as we don't and it fails once merged the publishing of your module will fail and will be blocked going forward until the test pass again via additional PRs.

Changes to CI That Have Been Made That You Need To Take Action On

• feat: Add WAF Security PS Rule Config #3745
  • Adds WAF Security PSRule Checks using this custom baseline of rules (/avm/utilities/pipelines/staticValidation/psrule/.ps-rule/cb-waf-security.Rule.yaml)
  • Action Required By You:
    • Ingest/pull-in these changes into your PR branch and re-run your tests to ensure they pass
      • If any issues with the rules and you think it should apply, please ping/reach out to the core team

Any questions reach out to the AVM Core Team by tagging us in your PR here or internally via Teams

Thanks

Jack (AVM Core Team)

[seesharprun]

Here's the problem, there's a regression in the Azure Container Registry service that causes the cache test to fail as-is. I validated this by running my test suite on the main branch.

Someone reported it here: Azure/acr#790

and here: https://learn.microsoft.com/en-gb/answers/questions/1604049/error-in-container-app-deployment-service-principa?page=1&orderby=Helpful#answers

[seesharprun]

@Azure/avm-res-containerregistry-registry-module-owners-bicep & @Azure/avm-module-reviewers-bicep

I'm having a hard time getting this cache test to run successfully. I'm getting a generic Failed to perform resource identity operation error.