psrule.rules.azure-quickstart's Introduction

PSRule for Azure Quick Start

This repository contains a sample code you can use to quickly start using PSRule for Azure. To learn more about PSRule for Azure, see https://aka.ms/ps-rule-azure.

What's included?

This repository includes:

Azure Bicep deployment — Starter Azure Bicep deployments.
- Use the files in the deployments/ folder if you are using Bicep to deploy resources.
Azure Bicep modules — Starter Azure Bicep modules.
- Use the files in the modules/ folder if you are using Bicep to create reusable modules with tests.
GitHub Actions — Starter workflow for checking Azure Infrastructure as Code (IaC).
- Use the files in the .github/workflows/ to check your Azure IaC with GitHub Actions.
- The ms-analyze.yaml file can be ignore or removed as this will not execute outside this repository.
Azure Pipelines — Starter pipeline for checking Azure Infrastructure as Code (IaC).
- Use the files in the .pipelines/ to check your Azure IaC with Azure Pipelines.
Custom rules — Example custom rules that enforce organization specific requirements.
- Use the files in the .ps-rule/ folder to configure custom rules.
PSRule options — Example options for using PSRule for Azure.
- PSRule options are configures within ps-rule.yaml.
- Options include suppressing rules, configuring input/ output, and any rules modules.

ARM templates PSRule for Azure supports ARM templates in addition to Bicep code. However going forward this repository will focus on Bicep deployments and modules. Existing ARM templates samples are no longer maintained and have been archived. To access these samples jump to the archive/with-arm-templates branch.

What to expect?

This repository shows valid uses of PSRule for Azure, both pass and failure cases. Inspect the following files for instructions to test PSRule for Azure rules by creating a failure.

Support

This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates.

For new issues, file your bug or feature request as a new issue.
For help, discussion, and support questions about using this project, join or start a discussion.

Support for this project/ product is limited to the resources listed above.

Contributing

This project welcomes contributions and suggestions. If you are ready to contribute, please visit the contribution guide.

Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

Maintainers

Bernie White

License

This project is licensed under the MIT License.

Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

psrule.rules.azure-quickstart's People

Contributors

Stargazers

Watchers

psrule.rules.azure-quickstart's Issues

Update repo structure to focus on Bicep

Most customers with interest in PSRule for Azure are moving to Bicep from ARM templates. We should:

Archive the current repo structure into a branch archive/with-arm-templates.
Remove directories and anything specific to ARM templates.
Flatten the repository to root deployments/ and modules/ paths that focus on Bicep.
Add a link to readme to flag old ARM template structure is available in the archive branch.
Update any documentation to focus and make Bicep configuration clear and easily usable by customers.

Unsure of results and behaviour when using this repo

I've just cloned this repo into my Azure DevOps org, added a pipeline based on .pipelines/azure-analyze.yaml, made one small change (see screenshot below) to generate a fail, and ran the pipeline.

The pipeline runs, but fails—is it meant to fail given I've literally just cloned the repo and made a small modification? In short, I'm unsure of what the expected output should be. I'm not sure if everything is working as expected or there is indeed something broken within this repo or the pipeline has changed its behaviour.

I've included the screenshots of the pipeline job so I'd appreciate it if you/I/we can work through it together.

So the below screenshot shows an error against AZR-000355 which I'm expecting given the modification I made. That's fine. I'm guessing the next line, "One or more assertions failed" is also fine since that is true.

This next screenshot shows the warnings.

I'm not sure why that first warning ("refs/heads/main has not been processed") is there?
Apart from the suppressed rules, what do the other warnings mean about "not been processed because no matching rules were found" and how do I correct this

The next screenshot shows the Extensions tab.
This looks fine to me.

Finally, there are no artifacts produced (under the Scans tab) as the pipeline never got to that task.

From what I've seen in the YT videos and my expectations given the minimal modifications, the job should complete with a status of Warning as opposed to Failed so that one can view the prettyfied output under Scans?

Edit: ok so I just re-read some of the documentation and have configured the pipeline to continue on error. Now I can see the Scans output which is great. But if this is set to true just so I can get some pretty outputs, then wouldn't it be more suited to permanently leave this to true?

Thank you and I appreciate your time!

Recommend Projects

azure / psrule.rules.azure-quickstart Goto Github PK