Comments (4)
will try that, thanks!
from psrule-pipelines.
@dkaubar Thanks for logging the issue.
We might need to enable verbose logging to understand what error code 5 is related to, as it is not a PSRule specific error. It means access denied.
However I suspect that the issue may be related to the inputType
parameter.
For bicep expansion to work, inputType
needs to be set to repository
.
For example:
- task: ps-rule-assert@1
displayName: "Run PSRule scan"
inputs:
path: "$(System.DefaultWorkingDirectory)"
inputType: "repository"
inputPath: "$(projectDirectory)/devops/infrastructure/bicep/*.bicep"
modules: "PSRule.Rules.Azure"
outputFormat: "NUnit3"
outputPath: "$(Pipeline.Workspace)/PSRule/ps-rule-results.xml"
See Creating your pipeline for additional required configuration.
If that does not resolve the issue. Can you please enable verbose logging by setting the SYSTEM_DEBUG
pipeline variable to true
.
This should generate a lot of additional output and should give us an idea where the problem is.
from psrule-pipelines.
so far I was not able to reproduce the issue with inputType: repository
I would however like to ask a bit about this configuration:
what is the benefit of using repository as a value? is it only to allow multiple directories to be scanned? because if we set
input path to repo root, it takes way more time to execute. all solution files are unnecessarily scanned and skipped, until template files are found.
Is it a valid use to have it like
inputType: "repository"
inputPath: "$(projectDirectory)/devops/infrastructure/bicep/*.bicep"
where only inputType is different (inputPath -> repository) and the path itself points to the exact files we want to target (and not the repository)?
also, unrelated, but in logs we see warnings for every .bicep file, like:
##[warning]Target object 'Project/devops/infrastructure/bicep/function-app.bicep' has not been processed because no matching rules were found.
In a way it makes sense, rules are for ARM templates that are decompiled from bicep (for which they find and run rules), but it's still misleading to say that this template was not processed, no?
from psrule-pipelines.
@dkaubar That's great. Thanks for the feedback.
When inputType: inputPath
is used a limited number of file formats are loaded from disk a read as objects. Supported formats are listed under the Input.Format.
For example, a JSON file:
[
{
"name": "object1"
},
{
"name": "object2"
}
]
Bicep and Azure template formats are a little tricky, they have parameters, variables, functions, loops, conditions, etc within their structure. Reading the objects is not a good indication of what resources would be deployed to Azure, or what their final state would be.
The repository
option discovers the files and passed them through some additional functions to expand the Azure resources from the Bicep/ Template code.
With inputPath: "$(projectDirectory)/devops/infrastructure/bicep/*.bicep"
only the files matching the path would be scanned regardless of if inputType
set to inputPath
or repository
.
Additionally, with repository
the Input.PathIgnore
option can be set. See Configuring path exclusions and Input.PathIgnore.
In terms of the warning, yes that is expected. You are correct, the files are not being processed by any rule which is the reason for the warning. We could do better to hide this by default, however you can disable the warning by setting the Execution.NotProcessedWarning option to false
.
I hope that helps.
from psrule-pipelines.
Related Issues (20)
- Custom rule always fails HOT 1
- Add support for alternative option file
- Allow installation of modules from other sources
- Failure loading VstsTaskSdk
- Handling of unset path
- Extension version not clear from task version
- Dependency conflict with older module versions
- Update extension flags for v2 release
- 'file not found' error when running the task HOT 3
- Task fails on self-hosted agent when PSRule and/or PSRule.Rules.Azure already installed HOT 3
- Verification of marketplace item HOT 3
- Add outcome filtering parameter
- Stale task version
- Node 10 tasks require minimum agent version
- Bump V2 task support for Node 16
- Add warning to V1 tasks and update V0 tasks
- Remove V0 and V1 tasks
- Add job summaries
- Fix summary with job summary
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from psrule-pipelines.