Emit an error diagnostic when a secure output is dereferenced indirectly (#17453)

jeskew · web-flow · commit 42d97bb96151 · 2025-07-23T07:27:49.000-04:00
Resolves #16992 Indirect references to module outputs don't support compilation to the `listOutputsWithSecureValues` function due to a combination of limitations in the compiler and the backend. This PR adds an error diagnostic to expressions that will cause a deployment error today. ###### Microsoft Reviewers: [Open in CodeFlow](https://microsoft.github.io/open-pr/?codeflow=https://github.com/Azure/bicep/pull/17453)
diff --git a/src/Bicep.Core.IntegrationTests/SecureOutputsTests.cs b/src/Bicep.Core.IntegrationTests/SecureOutputsTests.cs
@@ -344,4 +344,56 @@ public void Non_sensitive_outputs_of_collection_module_with_secure_outputs_shoul
         result.Template.Should().HaveValueAtPath("$.outputs.sensitive.value", "[listOutputsWithSecureValues(format('mod[{0}]', 0), '2022-09-01').sensitive]");
         result.Template.Should().HaveValueAtPath("$.outputs.notSensitive.value", "[reference(format('mod[{0}]', 0)).outputs.notSensitive.value]");
     }
+
+    [TestMethod]
+    public void Secure_output_access_should_be_blocked_on_reference_via_inlined_variable()
+    {
+        var result = CompilationHelper.Compile(
+            ("mod.bicep", """
+                @secure()
+                output sensitive string = 'foo'
+
+                output notSensitive string = 'bar'
+                """),
+            ("main.bicep", """
+                param condition bool
+
+                module mod 'mod.bicep' = {}
+                module mod2 'mod.bicep' = {}
+
+                var modToUse = condition ? mod : mod2
+
+                @secure()
+                output sensitive string = modToUse.outputs.sensitive
+                output notSensitive string = modToUse.outputs.notSensitive
+                """));
+
+        result.Should().HaveDiagnostics(
+        [
+            ("BCP426", DiagnosticLevel.Error, "Secure outputs may only be accessed via a direct module reference. Only non-sensitive outputs are supported when dereferencing a module indirectly via a variable or lambda."),
+        ]);
+    }
+
+    [TestMethod]
+    public void Secure_output_access_should_be_blocked_on_reference_via_lambda_variable()
+    {
+        var result = CompilationHelper.Compile(
+            ("mod.bicep", """
+                @secure()
+                output sensitive string = 'foo'
+
+                output notSensitive string = 'bar'
+                """),
+            ("main.bicep", """
+                module mod 'mod.bicep' = [for i in range(0, 1): {}]
+
+                output out1 array = map(mod, m => m.outputs.sensitive)
+                output out2 array = map(mod, m => m.outputs.notSensitive)
+                """));
+
+        result.ExcludingLinterDiagnostics().Should().HaveDiagnostics(
+        [
+            ("BCP426", DiagnosticLevel.Error, "Secure outputs may only be accessed via a direct module reference. Only non-sensitive outputs are supported when dereferencing a module indirectly via a variable or lambda."),
+        ]);
+    }
 }
diff --git a/src/Bicep.Core/Diagnostics/DiagnosticBuilder.cs b/src/Bicep.Core/Diagnostics/DiagnosticBuilder.cs
@@ -1937,6 +1937,10 @@ public Diagnostic MissingExtensionConfigAssignments(IEnumerable<string> identifi
             public Diagnostic ExtensionConfigAssignmentDoesNotMatchToExtension(string identifier) => CoreError(
                 "BCP425",
                 $"The extension configuration assignment for \"{identifier}\" does not match an extension in the Bicep file.");
+
+            public Diagnostic SecureOutputsOnlyAllowedOnDirectModuleReference() => CoreError(
+                "BCP426",
+                "Secure outputs may only be accessed via a direct module reference. Only non-sensitive outputs are supported when dereferencing a module indirectly via a variable or lambda.");
         }
 
         public static DiagnosticBuilderInternal ForPosition(TextSpan span)
diff --git a/src/Bicep.Core/Emit/EmitLimitationCalculator.cs b/src/Bicep.Core/Emit/EmitLimitationCalculator.cs
@@ -56,6 +56,7 @@ public static EmitLimitationInfo Calculate(SemanticModel model)
             BlockResourceDerivedTypesThatDoNotDereferenceProperties(model, diagnostics);
             BlockSpreadInUnsupportedLocations(model, diagnostics);
             BlockSecureOutputsWithLocalDeploy(model, diagnostics);
+            BlockSecureOutputAccessOnIndirectReference(model, diagnostics);
             BlockExtendsWithoutFeatureFlagEnabled(model, diagnostics);
 
             var paramAssignments = CalculateParameterAssignments(model, diagnostics);
@@ -992,5 +993,37 @@ private static void BlockSecureOutputsWithLocalDeploy(SemanticModel model, IDiag
                 }
             }
         }
+
+        private static void BlockSecureOutputAccessOnIndirectReference(
+            SemanticModel model,
+            IDiagnosticWriter diagnostics)
+        {
+            // we're looking for access expressions...
+            foreach (var accessExpr in SyntaxAggregator.AggregateByType<AccessExpressionSyntax>(model.Root.Syntax))
+            {
+                // ... whose base expression is a match for `<something>.outputs`
+                if (accessExpr.BaseExpression is AccessExpressionSyntax baseAccessExpr &&
+                    baseAccessExpr.AccessExpressionMatches(
+                        SyntaxFactory.CreateStringLiteral(LanguageConstants.ModuleOutputsPropertyName)) &&
+                    // ... and whose base expression is a module...
+                    TypeHelper.SatisfiesCondition(model.GetTypeInfo(baseAccessExpr.BaseExpression), t => t is ModuleType) &&
+                    // ... when the type of the output dereferenced would trigger the use of `listOutputsWithSecureValues`
+                    TypeHelper.IsOrContainsSecureType(model.GetTypeInfo(accessExpr)))
+                {
+                    if (model.GetSymbolInfo(baseAccessExpr.BaseExpression) is ModuleSymbol ||
+                        (baseAccessExpr.BaseExpression is ArrayAccessSyntax grandBaseArrayAccess &&
+                            model.GetSymbolInfo(grandBaseArrayAccess.BaseExpression) is ModuleSymbol greatGrandBaseModule &&
+                            greatGrandBaseModule.IsCollection))
+                    {
+                        // if the module reference is **direct** (e.g., `mod.outputs.sensitive` or
+                        // `mod[0].outputs.sensitive`, don't raise a diagnostic
+                        continue;
+                    }
+
+                    diagnostics.Write(DiagnosticBuilder.ForPosition(accessExpr.IndexExpression)
+                        .SecureOutputsOnlyAllowedOnDirectModuleReference());
+                }
+            }
+        }
     }
 }
diff --git a/src/Bicep.Core/Syntax/AccessExpressionSyntax.cs b/src/Bicep.Core/Syntax/AccessExpressionSyntax.cs
@@ -22,6 +22,8 @@ protected AccessExpressionSyntax(SyntaxBase baseExpression, Token? safeAccessMar
 
     public Token? SafeAccessMarker { get; }
 
+    public abstract SyntaxBase IndexExpression { get; }
+
     public bool IsSafeAccess => SafeAccessMarker is not null;
 
     public abstract AccessExpressionSyntax AsSafeAccess();
diff --git a/src/Bicep.Core/Syntax/ArrayAccessSyntax.cs b/src/Bicep.Core/Syntax/ArrayAccessSyntax.cs
@@ -30,7 +30,7 @@ public ArrayAccessSyntax(
 
         public Token? FromEndMarker { get; }
 
-        public SyntaxBase IndexExpression { get; }
+        public override SyntaxBase IndexExpression { get; }
 
         public Token CloseSquare { get; }
 
diff --git a/src/Bicep.Core/Syntax/PropertyAccessSyntax.cs b/src/Bicep.Core/Syntax/PropertyAccessSyntax.cs
@@ -20,6 +20,8 @@ public PropertyAccessSyntax(SyntaxBase baseExpression, Token dot, Token? safeAcc
 
         public IdentifierSyntax PropertyName { get; }
 
+        public override SyntaxBase IndexExpression => PropertyName;
+
         public override PropertyAccessSyntax AsSafeAccess() => SafeAccessMarker is null
             ? new(BaseExpression, Dot, SyntaxFactory.QuestionToken, PropertyName)
             : this;
diff --git a/src/Bicep.Core/TypeSystem/TypeHelper.cs b/src/Bicep.Core/TypeSystem/TypeHelper.cs
@@ -183,10 +183,40 @@ public static TypeSymbol GetNamedPropertyType(
                     isSafeAccess,
                     shouldWarn,
                     diagnostics),
+                null when TryGetModuleUnionBodyType(unionType) is UnionType bodyUnion
+                    => GetNamedPropertyType(
+                        bodyUnion,
+                        propertyExpressionPositionable,
+                        propertyName,
+                        isSafeAccess,
+                        shouldWarn,
+                        diagnostics),
                 // TODO improve later here if necessary - we should be able to block stuff that is obviously wrong
                 _ => LanguageConstants.Any,
             };
 
+        private static UnionType? TryGetModuleUnionBodyType(UnionType union)
+        {
+            if (union.Members.Length < 2)
+            {
+                return null;
+            }
+
+            var memberModuleBodies = ImmutableArray.CreateBuilder<ITypeReference>(union.Members.Length);
+
+            foreach (var member in union.Members)
+            {
+                if (member.Type is not ModuleType moduleType)
+                {
+                    return null;
+                }
+
+                memberModuleBodies.Add(moduleType.Body.Type);
+            }
+
+            return new(string.Empty, memberModuleBodies.ToImmutable());
+        }
+
         public static TypeSymbol GetNamedPropertyType(
             DiscriminatedObjectType discriminatedObjectType,
             IPositionable propertyExpressionPositionable,
