Posted on 1 Comment

Azure policy require specific tags on resources

Azure policies can help you control your azure management especially when it comes to best practices. A nice to have policy for your setup would be to require tags on specific resources in order to organize better your infrastructure.

Tag resources, resource groups, and subscriptions for logical organization – Azure Resource Manager | Microsoft Learn

First you will need to create your policy. By searching for Policy on Azure you should select Definitions and then Add policy definition.

In this scenario we will examine how we can request for specific tags on resource creation. The policy uses anyOf keyword which means that if any of the tags are not set then the effect will be deny. The tags that I request are: created-by, Team, Application, TBD. All those tags should be set before creating the resource. The tag should be spelled correctly and policy will not work for different deviations of the worlds. For example createdBy is different from created-by.

{
  "mode": "Indexed",
  "policyRule": {
    "if": {
      "anyOf": [
        {
          "field": "[concat('tags[', parameters('tag_createdBy'), ']')]",
          "exists": "false"
        },
        {
          "field": "[concat('tags[', parameters('tag_team'), ']')]",
          "exists": "false"
        },
        {
          "field": "[concat('tags[', parameters('tag_tbd'), ']')]",
          "exists": "false"
        },
        {
          "field": "[concat('tags[', parameters('tag_application'), ']')]",
          "exists": "false"
        }
      ]
    },
    "then": {
      "effect": "deny"
    }
  },
  "parameters": {
    "tag_createdBy": {
      "type": "String",
      "metadata": {
        "displayName": "created-by",
        "description": "example: Gerasimos Alexiou"
      }
    },
    "tag_team": {
      "type": "String",
      "metadata": {
        "displayName": "Team",
        "description": "example: DevOps"
      }
    },
    "tag_tbd": {
      "type": "String",
      "metadata": {
        "displayName": "TBD",
        "description": "example: (to be deleted) true or false"
      }
    },
    "tag_application": {
      "type": "String",
      "metadata": {
        "displayName": "Application",
        "description": "example: Grafana,Teamcity"
      }
    }
  }
}

After the creation of the policy you will need to assign it on a specific location/resource-group/subscription. In the parameters dialog you will need to provide the evaluation parameters. For the sake of simplicity I provided the same name for policy parameters and azure parameters. In the end Azure will request from the user the specific parameters, created-by, Team, TBD, Application.

We can test the behavior by creating a new resource with missing tags.

When TBD tag is missing, the validation will fail and the deployment cannot start until the tags are created.

After providing all the tags

The validation will pass and the deployment will be successful.

Posted on Leave a comment

error NETSDK1127: The targeting pack Microsoft.NETCore.App is not installed. Please restore and try again

When you try to build a .NET6 solution using .NET7 as the latest installed version of SDK you may notice the below issue.

C:\Program Files\dotnet\sdk\7.0.302\Sdks\Microsoft.NET.Sdk\targets\Microsoft.NET.Sdk.FrameworkReferenceResolution.targets(376,5): error NETSDK1127: The targeting pack Microsoft.NETCore.App is not installed. Please restore and try again.

This issue is related to some variables that are not set properly and the right location for the tools cannot be determined although they are installed inside the operating system.

The task is using the default .NET runner of Teamcity and the default MSbuild version is set to Cross-platform MSBuild.

Switch to another version of MSBuild will most probably resolve the issue. For example in the setup I was working switching to MSBuild Tools 2022 removed the issue and build could be performed successfully.

Posted on Leave a comment

npm ERR! ERESOLVE could not resolve dependency

I was working on a project which had a node install task as a part of a docker file build. The build was not successful due to the error shown below. This is a dependency error and can be solved by choosing the right versions on your package-lock.json.

package-lock.json is automatically generated for any operations where npm modifies either the node_modules tree, or package.json. It describes the exact tree that was generated, such that subsequent installs are able to generate identical trees, regardless of intermediate dependency updates.

However there is also another way you can get rid of such cases. If you do have specific dependencies inside your package-lock.json you can proceed with the following steps.

Remove package-lock.json from your project
Remove node_modules folder 
Run npm install