зеркало из https://github.com/Azure/ALZ-Bicep.git
Azure Commercial Cloud - Policy Update Issue in Workflow (#350)
* added autocrlf input * autocrlf input * testing purposes * testing line endings * remove working directory * cd to right place in workflow * parameter * import module case sensitivity * remove crlf * Fix `Invoke-RunFilesThroughLineEndings` * update-policy yml if condition in job * quick test * back to main for review * function name update * suppress BOM Co-authored-by: Kevin Rowlandson <kevin.rowlandson@microsoft.com>
This commit is contained in:
JamJarchitect
GitHub
Родитель
1bfd8d1f16
Коммит
d05e7c8152
|
|
@ -32,8 +32,7 @@ param (
|
|||
$ErrorActionPreference = "Stop"
|
||||
|
||||
# This script relies on a custom set of classes and functions
|
||||
# defined within the EnterpriseScaleLibraryTools PowerShell
|
||||
# module.
|
||||
# defined within the Alz.Tools PowerShell module.
|
||||
Import-Module $AlzToolsPath -ErrorAction Stop
|
||||
|
||||
# To avoid needing to authenticate with Azure, the following
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ AUTHOR/S: jtracey93, seseicht
|
|||
VERSION: 2.0.0
|
||||
#>
|
||||
[Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSReviewUnusedParameter", "", Justification = "False Positive")]
|
||||
[Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseBOMForUnicodeEncodedFile", "", Justification = "False Positive")]
|
||||
|
||||
[CmdletBinding(SupportsShouldProcess)]
|
||||
param (
|
||||
|
|
@ -12,8 +13,12 @@ param (
|
|||
[string]
|
||||
$rootPath = "./infra-as-code/bicep/modules/policy",
|
||||
[string]
|
||||
$alzToolsPath = "$PWD/../Enterprise-Scale/src/Alz.Tools",
|
||||
[string]
|
||||
$definitionsRoot = "definitions",
|
||||
[string]
|
||||
$lineEnding = "unix",
|
||||
[string]
|
||||
$definitionsPath = "lib/policy_definitions",
|
||||
[string]
|
||||
$definitionsLongPath = "$definitionsRoot/$definitionsPath",
|
||||
|
|
@ -35,6 +40,21 @@ param (
|
|||
$assignmentsTxtFileName = "_policyAssignmentsBicepInput.txt"
|
||||
)
|
||||
|
||||
# This script relies on a custom set of classes and functions
|
||||
# defined within the Alz.Tools PowerShell module.
|
||||
Import-Module $alzToolsPath -ErrorAction Stop
|
||||
|
||||
# Line Endings function to be used in three functions below
|
||||
function Update-FileLineEndingType {
|
||||
[CmdletBinding(SupportsShouldProcess)]
|
||||
param(
|
||||
[string]
|
||||
$filePath
|
||||
)
|
||||
|
||||
(Get-Content $filePath | Edit-LineEndings -LineEnding $LineEnding) | Out-File $filePath
|
||||
}
|
||||
|
||||
#region Policy Definitions
|
||||
function New-PolicyDefinitionsBicepInputTxtFile {
|
||||
[CmdletBinding(SupportsShouldProcess)]
|
||||
|
|
@ -54,6 +74,9 @@ function New-PolicyDefinitionsBicepInputTxtFile {
|
|||
Add-Content -Path "$rootPath/$definitionsLongPath/$defintionsTxtFileName" -Encoding "utf8" -Value "{`r`n`tname: '$policyDefinitionName'`r`n`tlibDefinition: loadJsonContent('$definitionsPath/$fileName')`r`n}"
|
||||
}
|
||||
|
||||
Write-Information "====> Running '$defintionsTxtFileName' through Line Endings" -InformationAction Continue
|
||||
Update-FileLineEndingType -filePath "$rootPath/$definitionsLongPath/$defintionsTxtFileName"
|
||||
|
||||
$policyDefCount = Get-ChildItem -Recurse -Path "$rootPath/$definitionsLongPath" -Filter "*.json" | Measure-Object
|
||||
$policyDefCountString = $policyDefCount.Count
|
||||
Write-Information "====> Policy Definitions Total: $policyDefCountString" -InformationAction Continue
|
||||
|
|
@ -187,6 +210,9 @@ function New-PolicySetDefinitionsBicepInputTxtFile {
|
|||
Add-Content -Path "$rootPath/$definitionsSetLongPath/$defintionsSetTxtFileName" -Encoding "utf8" -Value "$_`r`n"
|
||||
}
|
||||
|
||||
Write-Information "====> Running '$defintionsSetTxtFileName' through Line Endings" -InformationAction Continue
|
||||
Update-FileLineEndingType -filePath "$rootPath/$definitionsSetLongPath/$defintionsSetTxtFileName"
|
||||
|
||||
$policyDefCount = Get-ChildItem -Recurse -Path "$rootPath/$definitionsSetLongPath" -Filter "*.json" -Exclude "*.parameters.json" | Measure-Object
|
||||
$policyDefCountString = $policyDefCount.Count
|
||||
Write-Information "====> Policy Set/Initiative Definitions Total: $policyDefCountString" -InformationAction Continue
|
||||
|
|
@ -216,6 +242,9 @@ function New-PolicyAssignmentsBicepInputTxtFile {
|
|||
Add-Content -Path "$rootPath/$assignmentsLongPath/$assignmentsTxtFileName" -Encoding "utf8" -Value "var varPolicyAssignment$policyAssignmentNameNoHyphens = {`r`n`tdefinitionId: '$policyAssignmentDefinitionID'`r`n`tlibDefinition: loadJsonContent('../../policy/$assignmentsLongPath/$fileName')`r`n}`r`n"
|
||||
}
|
||||
|
||||
Write-Information "====> Running '$assignmentsTxtFileName' through Line Endings" -InformationAction Continue
|
||||
Update-FileLineEndingType -filePath "$rootPath/$assignmentsLongPath/$assignmentsTxtFileName"
|
||||
|
||||
$policyAssignmentCount = Get-ChildItem -Recurse -Path "$rootPath/$assignmentsLongPath" -Filter "*.json" | Measure-Object
|
||||
$policyAssignmentCountString = $policyAssignmentCount.Count
|
||||
Write-Information "====> Policy Assignments Total: $policyAssignmentCountString" -InformationAction Continue
|
||||
|
|
|
|||
|
|
@ -69,18 +69,21 @@ jobs:
|
|||
azPSVersion: "latest"
|
||||
|
||||
- name: Update Policy Definition Bicep Input Files
|
||||
run: |
|
||||
Write-Information "==> Running script..." -InformationAction Continue
|
||||
.github/scripts/Invoke-PolicyToBicep.ps1
|
||||
shell: pwsh
|
||||
working-directory: ${{ github.repository }}
|
||||
uses: azure/powershell@v1
|
||||
with:
|
||||
inlineScript: |
|
||||
cd ${{ github.workspace }}/${{ github.repository }}
|
||||
Write-Information "==> Running script..." -InformationAction Continue
|
||||
.github/scripts/Invoke-PolicyToBicep.ps1 `
|
||||
-alzToolsPath "${{ github.workspace }}/${{ env.remote_repository }}/src/Alz.Tools/"
|
||||
azPSVersion: "latest"
|
||||
|
||||
- name: Check for changes
|
||||
id: git_status
|
||||
run: |
|
||||
CHECK_GIT_STATUS=($(git status -s))
|
||||
git status -s
|
||||
echo "::set-output name=changes::${#CHECK_GIT_STATUS[@]}"
|
||||
echo "changes=${#CHECK_GIT_STATUS[@]}" >> $GITHUB_OUTPUT
|
||||
working-directory: ${{ github.repository }}
|
||||
|
||||
- name: Add files, commit and push
|
||||
|
|
@ -89,6 +92,7 @@ jobs:
|
|||
echo "Pushing changes to origin..."
|
||||
git add infra-as-code/bicep/modules/policy/definitions/lib
|
||||
git add infra-as-code/bicep/modules/policy/assignments/lib
|
||||
git config --global core.autocrlf input
|
||||
git commit -m '${{ env.pr_title }}'
|
||||
git push origin ${{ env.branch_name }}
|
||||
working-directory: ${{ github.repository }}
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче