[Modules] Updated Compute/VirtualMachineScaleSets to new dependency approach

.github/workflows/ms.compute.virtualmachinescalesets.yml

@@ -106,8 +106,7 @@ jobs:
       - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
         uses: ./.github/actions/templates/validateModuleDeployment
         with:
-          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
-          parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
+          templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
           location: '${{ env.location }}'
           resourceGroupName: '${{ env.resourceGroupName }}'
           subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'

modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/New-SSHKey.ps1

@@ -0,0 +1,19 @@
+param(
+    [string] $SSHKeyName,
+    [string] $ResourceGroupName
+)
+
+if (-not ($sshKey = Get-AzSshKey -ResourceGroupName $ResourceGroupName | Where-Object { $_.Name -eq $SSHKeyName })) {
+    Write-Verbose "No SSH key [$SSHKeyName] found in Resource Group [$ResourceGroupName]. Generating new." -Verbose
+    $null = ssh-keygen -f generated -N (Get-Random -Maximum 99999)
+    $publicKey = Get-Content 'generated.pub' -Raw
+    # $privateKey = cat generated | Out-String
+} else {
+    Write-Verbose "SSH key [$SSHKeyName] found in Resource Group [$ResourceGroupName]. Returning." -Verbose
+    $publicKey = $sshKey.publicKey
+}
+# Write into Deployment Script output stream
+$DeploymentScriptOutputs = @{
+    # Requires conversion as the script otherwise returns an object instead of the plain public key string
+    publicKey = $publicKey | Out-String
+}

modules/Microsoft.Compute/virtualMachineScaleSets/.test/.scripts/Set-BlobContent.ps1

@@ -0,0 +1,15 @@
+param(
+    [string] $StorageAccountName,
+    [string] $ResourceGroupName,
+    [string] $ContainerName,
+    [string] $FileName
+)
+
+Write-Verbose "Create file [$FileName]" -Verbose
+$file = New-Item -Value "Write-Host 'I am content'" -Path $FileName -Force
+
+Write-Verbose "Getting storage account [$StorageAccountName|$ResourceGroupName] context." -Verbose
+$storageAccount = Get-AzStorageAccount -ResourceGroupName $ResourceGroupName -StorageAccountName $StorageAccountName -ErrorAction 'Stop'
+
+Write-Verbose 'Uploading file [$fileName]' -Verbose
+Set-AzStorageBlobContent -File $file.FullName -Container $ContainerName -Context $storageAccount.Context -Force -ErrorAction 'Stop' | Out-Null

modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/dependencies.bicep

@@ -0,0 +1,84 @@
+@description('Optional. The location to deploy to.')
+param location string = resourceGroup().location
+
+@description('Required. The name of the Virtual Network to create.')
+param virtualNetworkName string
+
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+@description('Required. The name of the Deployment Script to create for the SSH Key generation.')
+param sshDeploymentScriptName string
+
+@description('Required. The name of the SSH Key to create.')
+param sshKeyName string
+
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+    name: virtualNetworkName
+    location: location
+    properties: {
+        addressSpace: {
+            addressPrefixes: [
+                '10.0.0.0/24'
+            ]
+        }
+        subnets: [
+            {
+                name: 'defaultSubnet'
+                properties: {
+                    addressPrefix: '10.0.0.0/24'
+                }
+            }
+        ]
+    }
+}
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+    name: managedIdentityName
+    location: location
+}
+
+resource msiRGContrRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+    name: guid(resourceGroup().id, 'Contributor', managedIdentity.id)
+    scope: resourceGroup()
+    properties: {
+        principalId: managedIdentity.properties.principalId
+        roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') // Contributor
+        principalType: 'ServicePrincipal'
+    }
+}
+
+resource sshDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
+    name: sshDeploymentScriptName
+    location: location
+    kind: 'AzurePowerShell'
+    identity: {
+        type: 'UserAssigned'
+        userAssignedIdentities: {
+            '${managedIdentity.id}': {}
+        }
+    }
+    properties: {
+        azPowerShellVersion: '9.0'
+        retentionInterval: 'P1D'
+        arguments: '-SSHKeyName "${sshKeyName}" -ResourceGroupName "${resourceGroup().name}"'
+        scriptContent: loadTextContent('../.scripts/New-SSHKey.ps1')
+    }
+    dependsOn: [
+        msiRGContrRoleAssignment
+    ]
+}
+
+resource sshKey 'Microsoft.Compute/sshPublicKeys@2022-03-01' = {
+    name: sshKeyName
+    location: location
+    properties: {
+        publicKey: sshDeploymentScript.properties.outputs.publicKey
+    }
+}
+
+@description('The resource ID of the created Virtual Network Subnet.')
+output subnetResourceId string = virtualNetwork.properties.subnets[0].id
+
+@description('The Public Key of the created SSH Key.')
+output SSHKeyPublicKey string = sshKey.properties.publicKey

modules/Microsoft.Compute/virtualMachineScaleSets/.test/linux.min/deploy.test.bicep

@@ -0,0 +1,86 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'cvmsslinmin'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    virtualNetworkName: 'dep-<<namePrefix>>-vnet-${serviceShort}'
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+    sshDeploymentScriptName: 'dep-<<namePrefix>>-ds-${serviceShort}'
+    sshKeyName: 'dep-<<namePrefix>>-ssh-${serviceShort}'
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../deploy.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    name: '<<namePrefix>>${serviceShort}001'
+    adminUsername: 'scaleSetAdmin'
+    imageReference: {
+      offer: 'UbuntuServer'
+      publisher: 'Canonical'
+      sku: '18.04-LTS'
+      version: 'latest'
+    }
+    osDisk: {
+      createOption: 'fromImage'
+      diskSizeGB: '128'
+      managedDisk: {
+        storageAccountType: 'Premium_LRS'
+      }
+    }
+    osType: 'Linux'
+    skuName: 'Standard_B12ms'
+    disablePasswordAuthentication: true
+    nicConfigurations: [
+      {
+        ipConfigurations: [
+          {
+            name: 'ipconfig1'
+            properties: {
+              subnet: {
+                id: resourceGroupResources.outputs.subnetResourceId
+              }
+            }
+          }
+        ]
+        nicSuffix: '-nic01'
+      }
+    ]
+    publicKeys: [
+      {
+        keyData: resourceGroupResources.outputs.SSHKeyPublicKey
+        path: '/home/scaleSetAdmin/.ssh/authorized_keys'
+      }
+    ]
+  }
+}