GH PS Rule config fix

Azure · Mar 4, 2024 · 99ca0a5 · 99ca0a5
1 parent cdace73
commit 99ca0a5
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 11 deletions.
diff --git a/.github/actions/templates/validateModulePSRule/action.yml b/.github/actions/templates/validateModulePSRule/action.yml
@@ -10,13 +10,14 @@
 ## ACTION PARAMETERS                         ##
 ##-------------------------------------------##
 ##
-##   |=================================================================================================================================================================|
-##   | Parameter                | Required | Default | Description                          | Example                                                                  |
-##   |--------------------------|----------|---------|--------------------------------------|--------------------------------------------------------------------------|
-##   | templateFilePath         | true     | ''      | The path to the module PSRule tests. | 'modules/api-management/service/.test/common/main.test.bicep'            |
-##   | subscriptionId           | false    | ''      | The subscriptionId to deploy to      | '1a97b80a-4dda-4f50-ab53-349e29344654'                                   |
-##   | managementGroupId        | false    | ''      | The managementGroupId to deploy to   | '1a97b80a-4dda-4f50-ab53-349e29344654'                                   |
-##   |=================================================================================================================================================================|
+##   |=============================================================================================================================================================================================|
+##   | Parameter                | Required | Default                                       | Description                           | Example                                                       |
+##   |--------------------------|----------|-----------------------------------------------|---------------------------------------|---------------------------------------------------------------|
+##   | templateFilePath         | true     | ''                                            | The path to the module PSRule tests.  | 'modules/api-management/service/.test/common/main.test.bicep' |
+##   | subscriptionId           | false    | ''                                            | The subscriptionId to deploy to       | '1a97b80a-4dda-4f50-ab53-349e29344654'                        |
+##   | managementGroupId        | false    | ''                                            | The managementGroupId to deploy to    | '1a97b80a-4dda-4f50-ab53-349e29344654'                        |
+##   | psrulePath               | false    | 'utilities/pipelines/staticValidation/psrule' | The path to the PS-Rule configuration | 'utilities/pipelines/staticValidation/psrule'                 |
+##   |=============================================================================================================================================================================================|
 ##
 ##---------------------------------------------##
 
@@ -34,6 +35,10 @@ inputs:
   managementGroupId:
     description: 'The management group ID to deploy to'
     required: false
+  psrulePath:
+    description: 'The path to PSRule configurations'
+    required: false
+    default: 'utilities/pipelines/staticValidation/psrule'
 
 runs:
   using: 'composite'
@@ -89,15 +94,19 @@ runs:
 
           Write-Output '::endgroup::'
 
-    # Run analysis by using the PSRule GitHub action.
+    # [PSRule validation] task(s)
+    #-----------------------------
     - name: Run PSRule analysis
-      uses: microsoft/ps-rule@v2.4.0
+      uses: microsoft/ps-rule@v2.9.0
       continue-on-error: true # Setting this whilst PSRule gets bedded in, in this project
       with:
         modules: 'PSRule.Rules.Azure'
         inputPath: '${{ inputs.templateFilePath}}'
         outputFormat: Csv
         outputPath: '${{ inputs.templateFilePath}}-PSRule-output.csv'
+        option: '${{ github.workspace }}/${{ inputs.psrulePath}}/ps-rule.yaml' # Path to PSRule configuration options file
+        source: '${{ inputs.psrulePath}}/.ps-rule/' # Path to folder containing suppression rules to use for analysis.
+        summary: false # Disabling as taken care in customized task
 
     - name: 'Parse CSV content'
       if: always()
@@ -109,7 +118,7 @@ runs:
           Write-Output '::group::Parse CSV content'
 
           # Load used functions
-          . (Join-Path $env:GITHUB_WORKSPACE 'utilities' 'pipelines' 'PSRuleValidation' 'Set-PSRuleGitHubOutput.ps1')
+          . (Join-Path $env:GITHUB_WORKSPACE 'utilities' 'pipelines' 'staticValidation' 'psrule' 'Set-PSRuleGitHubOutput.ps1')
 
           # Populate parameter input
           $ParameterInput = @{

diff --git a/.github/workflows/template.module.yml b/.github/workflows/template.module.yml
@@ -76,7 +76,6 @@ jobs:
           templateFilePath: "${{ inputs.modulePath }}/${{ matrix.testCases.moduleTestFilePath }}"
           subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
           managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
-          psrulePath: "utilities/pipelines/staticValidation/psrule"
 
   #############################
   #   Deployment validation   #