Add community files and documentation updates (#8)
- Updated manifest inputs - Return error in inputType is not set - Updated README * Added community files
This commit is contained in:
Родитель
dd1a91b163
Коммит
c0a47f76f2
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
name: Bug report
|
||||
about: Report errors or an unexpected issue
|
||||
---
|
||||
|
||||
**Description of the issue**
|
||||
|
||||
A clear and concise description of what the bug is.
|
||||
|
||||
**Expected behaviour**
|
||||
|
||||
A clear and concise description of what you expected to happen.
|
||||
|
||||
**To Reproduce**
|
||||
|
||||
Steps to reproduce the issue:
|
||||
|
||||
```yaml
|
||||
|
||||
```
|
||||
|
||||
**Error output**
|
||||
|
||||
Capture any error messages and or run output.
|
||||
|
||||
```text
|
||||
|
||||
```
|
||||
|
||||
**Action version:**
|
||||
|
||||
- Version: **[e.g. 0.1.0]**
|
||||
|
||||
**Additional context**
|
||||
|
||||
Add any other context about the problem here.
|
|
@ -0,0 +1,20 @@
|
|||
---
|
||||
name: Feature request
|
||||
about: Suggest an idea
|
||||
---
|
||||
|
||||
**Is your feature request related to a problem? Please describe.**
|
||||
|
||||
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
|
||||
|
||||
**Describe the solution you'd like**
|
||||
|
||||
A clear and concise description of what you want to happen.
|
||||
|
||||
**Describe alternatives you've considered**
|
||||
|
||||
A clear and concise description of any alternative solutions or features you've considered.
|
||||
|
||||
**Additional context**
|
||||
|
||||
Add any other context or screenshots about the feature request here.
|
|
@ -0,0 +1,9 @@
|
|||
# Microsoft Open Source Code of Conduct
|
||||
|
||||
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
|
||||
|
||||
Resources:
|
||||
|
||||
- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
|
||||
- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
|
||||
- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns
|
|
@ -0,0 +1,52 @@
|
|||
# Contributing
|
||||
|
||||
This project welcomes contributions and suggestions. Most contributions require you to
|
||||
agree to a Contributor License Agreement (CLA) declaring that you have the right to,
|
||||
and actually do, grant us the rights to use your contribution. For details, visit
|
||||
https://cla.microsoft.com.
|
||||
|
||||
When you submit a pull request, a CLA-bot will automatically determine whether you need
|
||||
to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the
|
||||
instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
|
||||
|
||||
## Code of Conduct
|
||||
|
||||
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
|
||||
For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
|
||||
or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
|
||||
|
||||
## How to contribute
|
||||
|
||||
- File or vote up issues
|
||||
- Improve documentation
|
||||
- Fix bugs or add features
|
||||
|
||||
### Intro to Git and GitHub
|
||||
|
||||
When contributing to documentation or code changes, you'll need to have a GitHub account and a basic understanding of Git.
|
||||
Check out the links below to get started.
|
||||
|
||||
- Make sure you have a [GitHub account][github-signup].
|
||||
- GitHub Help:
|
||||
- [Git and GitHub learning resources][learn-git].
|
||||
- [GitHub Flow Guide][github-flow].
|
||||
- [Fork a repo][github-fork].
|
||||
- [About Pull Requests][github-pr].
|
||||
|
||||
## Contributing to issues
|
||||
|
||||
- Check if the issue you are going to file already exists in our GitHub [issues](https://github.com/BernieWhite/PSRule-actions/issues).
|
||||
- If you do not see your problem captured, please file a new issue and follow the provided template.
|
||||
- If the an open issue exists for the problem you are experiencing, vote up the issue or add a comment.
|
||||
|
||||
## Contributing to code
|
||||
|
||||
- Before writing a fix or feature enhancement, ensure that an issue is logged.
|
||||
- Be prepared to discuss a feature and take feedback.
|
||||
- Include unit tests and updates documentation to complement the change.
|
||||
|
||||
[learn-git]: https://help.github.com/en/articles/git-and-github-learning-resources
|
||||
[github-flow]: https://guides.github.com/introduction/flow/
|
||||
[github-signup]: https://github.com/signup/free
|
||||
[github-fork]: https://help.github.com/en/github/getting-started-with-github/fork-a-repo
|
||||
[github-pr]: https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests
|
2
LICENSE
2
LICENSE
|
@ -1,6 +1,6 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) 2019 Bernard White
|
||||
Copyright (c) Microsoft Corporation.
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
|
|
100
README.md
100
README.md
|
@ -1,14 +1,83 @@
|
|||
# PSRule
|
||||
|
||||
A GitHub action for IT Pros using the PSRule PowerShell module.
|
||||
Validate infrastructure as code (IaC) and DevOps repositories using rules.
|
||||
PSRule allows you to analyse a repository with pre-built rules or create your own.
|
||||
Analysis can be performed from input files or the repository structure.
|
||||
|
||||
![ci-badge]
|
||||
|
||||
## Disclaimer
|
||||
## Usage
|
||||
|
||||
This project is to be considered a **proof-of-concept** and **not a supported product**.
|
||||
```yaml
|
||||
- name: Run PSRule analysis
|
||||
uses: BernieWhite/PSRule-actions@master
|
||||
```
|
||||
|
||||
If you have any problems please check our GitHub [issues](https://github.com/BernieWhite/PSRule-actions/issues) page. If you do not see your problem captured, please file a new issue and follow the provided template.
|
||||
## Inputs
|
||||
|
||||
```yaml
|
||||
- name: Run PSRule analysis
|
||||
uses: BernieWhite/PSRule-actions@master
|
||||
with:
|
||||
inputType: repository, inputPath # Required. Determines the type of input to use for PSRule.
|
||||
inputPath: string # Required. The path PSRule will look for files to validate.
|
||||
modules: string # Optional. A comma separated list of modules to use for analysis.
|
||||
source: string # Optional. An path containing rules to use for analysis.
|
||||
outputFormat: None, Yaml, Json, NUnit3, Csv # Optional. The format to use when writing results to disk.
|
||||
outputPath: string # Optional. The file path to write results to.
|
||||
path: string # Optional. The working directory PSRule is run from.
|
||||
```
|
||||
|
||||
### `inputType`
|
||||
|
||||
Determines the type of input to use for PSRule.
|
||||
|
||||
Either `repository` or `inputPath`.
|
||||
When `inputType: inputPath` is used, supported file formats within `inputPath` will be read as objects.
|
||||
When `inputType: repository` is used, the structure of the repository will be analyzed instead.
|
||||
|
||||
### `inputPath`
|
||||
|
||||
Set the `inputPath` to determine where PSRule will look for input files.
|
||||
|
||||
When `inputType: inputPath` this is binds to the [-InputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-inputpath) parameter.
|
||||
When `inputType: repository` this will be the repository root that PSRule analyzes.
|
||||
|
||||
### `modules`
|
||||
|
||||
A comma separated list of modules to use for analysis.
|
||||
|
||||
Install PSRule modules using the `ps-rule-install` task.
|
||||
If the modules have not been installed,
|
||||
the latest stable version will be installed from the PowerShell Gallery automatically.
|
||||
For example: _PSRule.Rules.Azure,PSRule.Rules.Kubernetes_
|
||||
|
||||
### `source`
|
||||
|
||||
An path containing rules to use for analysis.
|
||||
|
||||
Use this option to include rules not installed as a PowerShell module.
|
||||
This binds to the [-Path](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-path) parameter.
|
||||
|
||||
### `outputFormat`
|
||||
|
||||
Output results can be written to disk in addition to the default output.
|
||||
|
||||
Use this option to determine the format to write results.
|
||||
By default, results are not written to disk.
|
||||
This binds to the [-OutputFormat](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputformat) parameter.
|
||||
|
||||
### `outputPath`
|
||||
|
||||
The file path to write results to.
|
||||
|
||||
This binds to the [-OutputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputpath) parameter.
|
||||
|
||||
### `path`
|
||||
|
||||
The working directory PSRule is run from.
|
||||
|
||||
Options specified in `ps-rule.yaml` from this directory will be used unless overridden by inputs.
|
||||
|
||||
## Using the action
|
||||
|
||||
|
@ -17,7 +86,7 @@ To get started [create a workflow](https://help.github.com/en/articles/configuri
|
|||
To include PSRule:
|
||||
|
||||
1. Reference `BernieWhite/PSRule-actions@master`.
|
||||
2. Configure `source`.
|
||||
2. Configure `inputType`.
|
||||
|
||||
For example:
|
||||
|
||||
|
@ -31,17 +100,28 @@ jobs:
|
|||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@master
|
||||
- name: Run PSRule
|
||||
- name: Run PSRule analysis
|
||||
uses: BernieWhite/PSRule-actions@master
|
||||
with:
|
||||
source: '.ps-rule/'
|
||||
inputType: 'repository'
|
||||
```
|
||||
|
||||
### Action reference
|
||||
## Contributing
|
||||
|
||||
The following action options exist:
|
||||
This project welcomes contributions and suggestions. Most contributions require you to
|
||||
agree to a Contributor License Agreement (CLA) declaring that you have the right to,
|
||||
and actually do, grant us the rights to use your contribution. For details, visit
|
||||
https://cla.microsoft.com.
|
||||
|
||||
- [Action](docs/actions.md)
|
||||
When you submit a pull request, a CLA-bot will automatically determine whether you need
|
||||
to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the
|
||||
instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
|
||||
|
||||
## Code of Conduct
|
||||
|
||||
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
|
||||
For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
|
||||
or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
|
||||
|
||||
## Maintainers
|
||||
|
||||
|
|
|
@ -0,0 +1,43 @@
|
|||
# Security policy
|
||||
|
||||
<!-- BEGIN MICROSOFT SECURITY.MD V0.0.3 BLOCK -->
|
||||
|
||||
## Security
|
||||
|
||||
Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
|
||||
|
||||
If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)) of a security vulnerability, please report it to us as described below.
|
||||
|
||||
## Reporting Security Issues
|
||||
|
||||
**Please do not report security vulnerabilities through public GitHub issues.**
|
||||
|
||||
Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).
|
||||
|
||||
If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
|
||||
|
||||
You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
|
||||
|
||||
Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
|
||||
|
||||
* Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
|
||||
* Full paths of source file(s) related to the manifestation of the issue
|
||||
* The location of the affected source code (tag/branch/commit or direct URL)
|
||||
* Any special configuration required to reproduce the issue
|
||||
* Step-by-step instructions to reproduce the issue
|
||||
* Proof-of-concept or exploit code (if possible)
|
||||
* Impact of the issue, including how an attacker might exploit the issue
|
||||
|
||||
This information will help us triage your report more quickly.
|
||||
|
||||
If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs.
|
||||
|
||||
## Preferred Languages
|
||||
|
||||
We prefer all communications to be in English.
|
||||
|
||||
## Policy
|
||||
|
||||
Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
|
||||
|
||||
<!-- END MICROSOFT SECURITY.MD BLOCK -->
|
10
action.yaml
10
action.yaml
|
@ -2,8 +2,8 @@ name: 'PSRule'
|
|||
description: 'Run rules in a GitHub repository.'
|
||||
author: 'Bernie White'
|
||||
branding:
|
||||
icon: 'chevrons-right'
|
||||
color: 'blue'
|
||||
icon: 'check-circle'
|
||||
color: 'green'
|
||||
inputs:
|
||||
|
||||
inputType:
|
||||
|
@ -13,26 +13,32 @@ inputs:
|
|||
inputPath:
|
||||
description: 'The path PSRule will look for files to validate.'
|
||||
default: ''
|
||||
required: false
|
||||
|
||||
modules:
|
||||
description: 'A comma separated list of modules to use for analysis.'
|
||||
default: ''
|
||||
required: false
|
||||
|
||||
source:
|
||||
description: 'An path containing rules to use for analysis.'
|
||||
default: '.ps-rule/'
|
||||
required: false
|
||||
|
||||
outputFormat:
|
||||
description: 'The format to use when writing results to disk. When set to None results are not written to disk.'
|
||||
default: 'None'
|
||||
required: false
|
||||
|
||||
outputPath:
|
||||
description: 'The file path to write results to.'
|
||||
default: ''
|
||||
required: false
|
||||
|
||||
path:
|
||||
description: 'The working directory PSRule is run from.'
|
||||
default: ''
|
||||
required: false
|
||||
|
||||
runs:
|
||||
using: 'docker'
|
||||
|
|
|
@ -1,46 +0,0 @@
|
|||
# Action reference
|
||||
|
||||
## PSRule-actions
|
||||
|
||||
Perform analysis and assert PSRule conditions.
|
||||
Analysis can be perform from input files or the repository structure.
|
||||
|
||||
### Syntax
|
||||
|
||||
```yaml
|
||||
steps:
|
||||
- name: string
|
||||
uses: BernieWhite/PSRule-actions@master
|
||||
with:
|
||||
inputType: repository, inputPath # Required. Determines the type of input to use for PSRule.
|
||||
inputPath: string # Required. The path PSRule will look for files to validate.
|
||||
modules: string # Optional. A comma separated list of modules to use for analysis.
|
||||
source: string # Optional. An path containing rules to use for analysis.
|
||||
outputFormat: None, Yaml, Json, NUnit3, Csv # Optional. The format to use when writing results to disk.
|
||||
outputPath: string # Optional. The file path to write results to.
|
||||
path: string # Optional. The working directory PSRule is run from.
|
||||
```
|
||||
|
||||
- **inputType**: Determines the type of input to use for PSRule.
|
||||
Either `repository` or `inputPath`.
|
||||
When `inputType: inputPath` is used, supported file formats within `inputPath` will be read as objects.
|
||||
When `inputType: repository` is used, the structure of the repository will be analyzed instead.
|
||||
- **inputPath**: Set the `inputPath` to determine where PSRule will look for input files.
|
||||
When `inputType: inputPath` this is binds to the [-InputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-inputpath) parameter.
|
||||
When `inputType: repository` this will be the repository root that PSRule analyzes.
|
||||
- **modules**: A comma separated list of modules to use for analysis.
|
||||
Install PSRule modules using the `ps-rule-install` task.
|
||||
If the modules have not been installed,
|
||||
the latest stable version will be installed from the PowerShell Gallery automatically.
|
||||
For example: _PSRule.Rules.Azure,PSRule.Rules.Kubernetes_
|
||||
- **source**: An path containing rules to use for analysis.
|
||||
Use this option to include rules not installed as a PowerShell module.
|
||||
This binds to the [-Path](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-path) parameter.
|
||||
- **outputFormat**: Output results can be written to disk in addition to the default output.
|
||||
Use this option to determine the format to write results.
|
||||
By default, results are not written to disk.
|
||||
This binds to the [-OutputFormat](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputformat) parameter.
|
||||
- **outputPath**: The file path to write results to.
|
||||
This binds to the [-OutputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputpath) parameter.
|
||||
- **path**: The working directory PSRule is run from.
|
||||
Options specified in `ps-rule.yaml` from this directory will be used unless overridden by inputs.
|
|
@ -43,6 +43,12 @@ if ($Env:SYSTEM_DEBUG -eq 'true') {
|
|||
$VerbosePreference = [System.Management.Automation.ActionPreference]::Continue;
|
||||
}
|
||||
|
||||
# Check inputType
|
||||
if ([String]::IsNullOrEmpty($InputType) -or $InputType -notin 'repository', 'inputPath') {
|
||||
Write-Host "::error::Required input 'inputType' must be set to 'repository' or 'inputPath'.";
|
||||
$Host.SetShouldExit(1);
|
||||
}
|
||||
|
||||
# Set workspace
|
||||
if ([String]::IsNullOrEmpty($workspacePath)) {
|
||||
$workspacePath = $PWD;
|
||||
|
@ -162,7 +168,7 @@ try {
|
|||
WriteDebug ([String]::Concat('-OutputFormat ', $OutputFormat, ' -OutputPath ''', $OutputPath, ''''));
|
||||
}
|
||||
|
||||
# Repository
|
||||
# repository
|
||||
if ($InputType -eq 'repository') {
|
||||
$items = New-Object -TypeName System.Collections.ArrayList;
|
||||
WriteDebug 'Running ''Assert-PSRule'' with repository as input.';
|
||||
|
@ -172,7 +178,7 @@ try {
|
|||
Write-Host '---';
|
||||
$items.ToArray() | Assert-PSRule @invokeParams;
|
||||
}
|
||||
# Repository
|
||||
# inputPath
|
||||
elseif ($InputType -eq 'inputPath') {
|
||||
WriteDebug 'Running ''Assert-PSRule'' with input from path.';
|
||||
Write-Host '';
|
||||
|
|
Загрузка…
Ссылка в новой задаче