getSecret() Unhandled exception. System.InvalidOperationException: Cannot emit parameter's KeyVault secret reference.

[slavizh]

Bicep version
Bicep CLI version 0.3.539 (c8b397d)

Describe the bug
I have the following code

resource sqlPassKeyVaults 'Microsoft.KeyVault/vaults@2021-04-01-preview' existing = [for keyVault in sqlLogicalServers: {
  name: keyVault.passwordFromKeyVault.name
  scope: resourceGroup(union(defaultSqlLogicalServerProperties, keyVault).passwordFromKeyVault.subscriptionId, keyVault.passwordFromKeyVault.resourceGroupName)
}]

module sqlLogicalServer 'sql-logical-server.bicep' = [for (sqlLogicalServer, index) in sqlLogicalServers: {
  name: 'sqlLogicalServer-${index}'
  params: {
    sqlLogicalServer: union(defaultSqlLogicalServerProperties, sqlLogicalServer)
    password: sqlPassKeyVaults[index].getSecret(sqlLogicalServer.passwordFromKeyVault.secretName)
    tags: union(tags, union(defaultSqlLogicalServerProperties, sqlLogicalServer).tags)
  }
}]

When I run bicep build I get:

Unhandled exception. System.InvalidOperationException: Cannot emit parameter's KeyVault secret reference.
   at Bicep.Core.Emit.ExpressionEmitter.EmitModuleParameterValue(SyntaxBase syntax)
   at Bicep.Core.Emit.TemplateWriter.EmitModuleParameters(JsonTextWriter jsonWriter, ModuleSymbol moduleSymbol, ExpressionEmitter emitter)
   at Bicep.Core.Emit.TemplateWriter.EmitModule(JsonTextWriter jsonWriter, ModuleSymbol moduleSymbol, ExpressionEmitter emitter)
   at Bicep.Core.Emit.TemplateWriter.EmitResources(JsonTextWriter jsonWriter, ExpressionEmitter emitter)
   at Bicep.Core.Emit.TemplateWriter.GenerateTemplateWithoutHash()
   at Bicep.Core.Emit.TemplateWriter.Write(JsonTextWriter writer)
   at Bicep.Core.Emit.TemplateWriter.EmitModule(JsonTextWriter jsonWriter, ModuleSymbol moduleSymbol, ExpressionEmitter emitter)
   at Bicep.Core.Emit.TemplateWriter.EmitResources(JsonTextWriter jsonWriter, ExpressionEmitter emitter)
   at Bicep.Core.Emit.TemplateWriter.GenerateTemplateWithoutHash()
   at Bicep.Core.Emit.TemplateWriter.Write(JsonTextWriter writer)
   at Bicep.Core.Emit.TemplateEmitter.<>c__DisplayClass5_0.<Emit>b__0()
   at Bicep.Core.Emit.TemplateEmitter.EmitOrFail(Action write)
   at Bicep.Core.Emit.TemplateEmitter.Emit(Stream stream)
   at Bicep.Cli.Program.BuildToFile(IDiagnosticLogger logger, String bicepPath, String outputPath)
   at Bicep.Cli.Program.Build(ILogger logger, BuildOrDecompileArguments arguments)
   at Bicep.Cli.Program.Run(String[] args)
   at Bicep.Cli.Program.Main(String[] args)

Seems there is some problem with using getSecret with multiple existing references.

To Reproduce
Described above

Additional context

[slavizh]

@alex-frankel I think this might be important bug. Noticed it when I was trying to improve my example with the new functionality. Overall every new function should work with:

• loops
• conditions

if they are applicable for them.

[alex-frankel]

@miqm - can you take a look at this one?

[miqm]

TBH I forgot that we allow loops on existing resources...

Error is thrown because var objectSymbol = context.SemanticModel.GetSymbolInfo(instanceFunctionCall.BaseExpression) is returning null, because the BaseExpression is ArrayAccessSyntax. I need to handle that case and construct resourceId function call taking into account the loop on the existing resource.

[slavizh]

Thank you guys!