I'm looking to implement CI/CD practices for an existing Bicep project. I'm having some trouble finding good examples of how to build a complete pipeline that assesses Bicep code for integration. Currently, I have `bicep lint` and SonarQube in place for security insights, and I'm looking to add `bicep build`. I'm also exploring what elements I should consider in the ARM templates that might get overlooked by Bicep, but there seems to be less information available on this topic compared to other infrastructure coding practices I've encountered. Additionally, I've found the Bicep 'what-if' feature to be unreliable and not very helpful in showing the actual changes that would occur. I'm also curious about how to handle configuration drift, particularly in identifying when resources are specified for removal by code but aren't actually deleted from the environment. I appreciate any insights or experiences you can share!
2 Answers
I’m hesitant to switch my company from Terraform to Bicep until Microsoft resolves the 'what-if' issue. Our Terraform setup includes an approval gate between the plan and the apply steps, so users can review the plan beforehand. With Bicep, there’s no guarantee that the plan reflects what will really happen, and until there's a fix, I wouldn't trust it for production use. You can find more details about this issue on GitHub.
I've been using Bicep for a while now, but recently revisited Terraform. While both tools have their advantages and disadvantages, Terraform’s plans feel way more reliable. Given that you’re working with an existing Bicep deployment, switching to Terraform would be a huge task, but it’s definitely feasible. For guidance on CI/CD with Bicep, I'd suggest checking out Microsoft's learning modules—they cover the basics well, though they might not go too in-depth.
True, but the basics aren't enough! I'm sure there's more extensive content out there.
Glad to hear they’re finally working on fixing it!
Here's a solid link to the video you mentioned: (https://youtu.be/jlkwH-fP--M).