Add community files and documentation updates (#8)

- Updated manifest inputs
- Return error in inputType is not set
- Updated README
* Added community files

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,36 @@
+---
+name: Bug report
+about: Report errors or an unexpected issue
+---
+
+**Description of the issue**
+
+A clear and concise description of what the bug is.
+
+**Expected behaviour**
+
+A clear and concise description of what you expected to happen.
+
+**To Reproduce**
+
+Steps to reproduce the issue:
+
+```yaml
+
+```
+
+**Error output**
+
+Capture any error messages and or run output.
+
+```text
+
+```
+
+**Action version:**
+
+- Version: **[e.g. 0.1.0]**
+
+**Additional context**
+
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea
+---
+
+**Is your feature request related to a problem? Please describe.**
+
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+
+Add any other context or screenshots about the feature request here.

CODE_OF_CONDUCT.md

@@ -0,0 +1,9 @@
+# Microsoft Open Source Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+
+Resources:
+
+- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns

CONTRIBUTING.md

@@ -0,0 +1,52 @@
+# Contributing
+
+This project welcomes contributions and suggestions. Most contributions require you to
+agree to a Contributor License Agreement (CLA) declaring that you have the right to,
+and actually do, grant us the rights to use your contribution. For details, visit
+https://cla.microsoft.com.
+
+When you submit a pull request, a CLA-bot will automatically determine whether you need
+to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the
+instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
+
+## Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+
+## How to contribute
+
+- File or vote up issues
+- Improve documentation
+- Fix bugs or add features
+
+### Intro to Git and GitHub
+
+When contributing to documentation or code changes, you'll need to have a GitHub account and a basic understanding of Git.
+Check out the links below to get started.
+
+- Make sure you have a [GitHub account][github-signup].
+- GitHub Help:
+  - [Git and GitHub learning resources][learn-git].
+  - [GitHub Flow Guide][github-flow].
+  - [Fork a repo][github-fork].
+  - [About Pull Requests][github-pr].
+
+## Contributing to issues
+
+- Check if the issue you are going to file already exists in our GitHub [issues](https://github.com/BernieWhite/PSRule-actions/issues).
+- If you do not see your problem captured, please file a new issue and follow the provided template.
+- If the an open issue exists for the problem you are experiencing, vote up the issue or add a comment.
+
+## Contributing to code
+
+- Before writing a fix or feature enhancement, ensure that an issue is logged.
+- Be prepared to discuss a feature and take feedback.
+- Include unit tests and updates documentation to complement the change.
+
+[learn-git]: https://help.github.com/en/articles/git-and-github-learning-resources
+[github-flow]: https://guides.github.com/introduction/flow/
+[github-signup]: https://github.com/signup/free
+[github-fork]: https://help.github.com/en/github/getting-started-with-github/fork-a-repo
+[github-pr]: https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2019 Bernard White
+Copyright (c) Microsoft Corporation.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,14 +1,83 @@
 # PSRule
 
-A GitHub action for IT Pros using the PSRule PowerShell module.
+Validate infrastructure as code (IaC) and DevOps repositories using rules.
+PSRule allows you to analyse a repository with pre-built rules or create your own.
+Analysis can be performed from input files or the repository structure.
 
 ![ci-badge]
 
-## Disclaimer
+## Usage
 
-This project is to be considered a **proof-of-concept** and **not a supported product**.
+```yaml
+- name: Run PSRule analysis
+  uses: BernieWhite/PSRule-actions@master
+```
 
-If you have any problems please check our GitHub [issues](https://github.com/BernieWhite/PSRule-actions/issues) page. If you do not see your problem captured, please file a new issue and follow the provided template.
+## Inputs
+
+```yaml
+- name: Run PSRule analysis
+  uses: BernieWhite/PSRule-actions@master
+  with:
+    inputType: repository, inputPath              # Required. Determines the type of input to use for PSRule.
+    inputPath: string                             # Required. The path PSRule will look for files to validate.
+    modules: string                               # Optional. A comma separated list of modules to use for analysis.
+    source: string                                # Optional. An path containing rules to use for analysis.
+    outputFormat: None, Yaml, Json, NUnit3, Csv   # Optional. The format to use when writing results to disk.
+    outputPath: string                            # Optional. The file path to write results to.
+    path: string                                  # Optional. The working directory PSRule is run from.
+```
+
+### `inputType`
+
+Determines the type of input to use for PSRule.
+
+Either `repository` or `inputPath`.
+When `inputType: inputPath` is used, supported file formats within `inputPath` will be read as objects.
+When `inputType: repository` is used, the structure of the repository will be analyzed instead.
+
+### `inputPath`
+
+Set the `inputPath` to determine where PSRule will look for input files.
+
+When `inputType: inputPath` this is binds to the [-InputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-inputpath) parameter.
+When `inputType: repository` this will be the repository root that PSRule analyzes.
+
+### `modules`
+
+A comma separated list of modules to use for analysis.
+
+Install PSRule modules using the `ps-rule-install` task.
+If the modules have not been installed,
+the latest stable version will be installed from the PowerShell Gallery automatically.
+For example: _PSRule.Rules.Azure,PSRule.Rules.Kubernetes_
+
+### `source`
+
+An path containing rules to use for analysis.
+
+Use this option to include rules not installed as a PowerShell module.
+This binds to the [-Path](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-path) parameter.
+
+### `outputFormat`
+
+Output results can be written to disk in addition to the default output.
+
+Use this option to determine the format to write results.
+By default, results are not written to disk.
+This binds to the [-OutputFormat](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputformat) parameter.
+
+### `outputPath`
+
+The file path to write results to.
+
+This binds to the [-OutputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputpath) parameter.
+
+### `path`
+
+The working directory PSRule is run from.
+
+Options specified in `ps-rule.yaml` from this directory will be used unless overridden by inputs.
 
 ## Using the action
 
@@ -17,7 +86,7 @@ To get started [create a workflow](https://help.github.com/en/articles/configuri
 To include PSRule:
 
 1. Reference `BernieWhite/PSRule-actions@master`.
-2. Configure `source`.
+2. Configure `inputType`.
 
 For example:
 
@@ -31,17 +100,28 @@ jobs:
     steps:
     - name: Checkout
       uses: actions/checkout@master
-    - name: Run PSRule
+    - name: Run PSRule analysis
       uses: BernieWhite/PSRule-actions@master
       with:
-        source: '.ps-rule/'
+        inputType: 'repository'
 ```
 
-### Action reference
+## Contributing
 
-The following action options exist:
+This project welcomes contributions and suggestions. Most contributions require you to
+agree to a Contributor License Agreement (CLA) declaring that you have the right to,
+and actually do, grant us the rights to use your contribution. For details, visit
+https://cla.microsoft.com.
 
-- [Action](docs/actions.md)
+When you submit a pull request, a CLA-bot will automatically determine whether you need
+to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the
+instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
+
+## Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
 
 ## Maintainers
 

SECURITY.md

@@ -0,0 +1,43 @@
+# Security policy
+
+<!-- BEGIN MICROSOFT SECURITY.MD V0.0.3 BLOCK -->
+
+## Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)) of a security vulnerability, please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).
+
+If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com).  If possible, encrypt your message with our PGP key; please download it from the the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
+
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

action.yaml

@@ -2,8 +2,8 @@ name: 'PSRule'
 description: 'Run rules in a GitHub repository.'
 author: 'Bernie White'
 branding:
-  icon: 'chevrons-right'
-  color: 'blue'
+  icon: 'check-circle'
+  color: 'green'
 inputs:
 
   inputType:
@@ -13,26 +13,32 @@ inputs:
   inputPath:
     description: 'The path PSRule will look for files to validate.'
     default: ''
+    required: false
 
   modules:
     description: 'A comma separated list of modules to use for analysis.'
     default: ''
+    required: false
 
   source:
     description: 'An path containing rules to use for analysis.'
     default: '.ps-rule/'
+    required: false
 
   outputFormat:
     description: 'The format to use when writing results to disk. When set to None results are not written to disk.'
     default: 'None'
+    required: false
 
   outputPath:
     description: 'The file path to write results to.'
     default: ''
+    required: false
 
   path:
     description: 'The working directory PSRule is run from.'
     default: ''
+    required: false
 
 runs:
   using: 'docker'

docs/actions.md

@@ -1,46 +0,0 @@
-# Action reference
-
-## PSRule-actions
-
-Perform analysis and assert PSRule conditions.
-Analysis can be perform from input files or the repository structure.
-
-### Syntax
-
-```yaml
-steps:
-- name: string
-  uses: BernieWhite/PSRule-actions@master
-  with:
-    inputType: repository, inputPath              # Required. Determines the type of input to use for PSRule.
-    inputPath: string                             # Required. The path PSRule will look for files to validate.
-    modules: string                               # Optional. A comma separated list of modules to use for analysis.
-    source: string                                # Optional. An path containing rules to use for analysis.
-    outputFormat: None, Yaml, Json, NUnit3, Csv   # Optional. The format to use when writing results to disk.
-    outputPath: string                            # Optional. The file path to write results to.
-    path: string                                  # Optional. The working directory PSRule is run from.
-```
-
-- **inputType**: Determines the type of input to use for PSRule.
-Either `repository` or `inputPath`.
-When `inputType: inputPath` is used, supported file formats within `inputPath` will be read as objects.
-When `inputType: repository` is used, the structure of the repository will be analyzed instead.
-- **inputPath**: Set the `inputPath` to determine where PSRule will look for input files.
-When `inputType: inputPath` this is binds to the [-InputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-inputpath) parameter.
-When `inputType: repository` this will be the repository root that PSRule analyzes.
-- **modules**: A comma separated list of modules to use for analysis.
-Install PSRule modules using the `ps-rule-install` task.
-If the modules have not been installed,
-the latest stable version will be installed from the PowerShell Gallery automatically.
-For example: _PSRule.Rules.Azure,PSRule.Rules.Kubernetes_
-- **source**: An path containing rules to use for analysis.
-Use this option to include rules not installed as a PowerShell module.
-This binds to the [-Path](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-path) parameter.
-- **outputFormat**: Output results can be written to disk in addition to the default output.
-Use this option to determine the format to write results.
-By default, results are not written to disk.
-This binds to the [-OutputFormat](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputformat) parameter.
-- **outputPath**: The file path to write results to.
-This binds to the [-OutputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputpath) parameter.
-- **path**: The working directory PSRule is run from.
-Options specified in `ps-rule.yaml` from this directory will be used unless overridden by inputs.

powershell.ps1

@@ -43,6 +43,12 @@ if ($Env:SYSTEM_DEBUG -eq 'true') {
     $VerbosePreference = [System.Management.Automation.ActionPreference]::Continue;
 }
 
+# Check inputType
+if ([String]::IsNullOrEmpty($InputType) -or $InputType -notin 'repository', 'inputPath') {
+    Write-Host "::error::Required input 'inputType' must be set to 'repository' or 'inputPath'.";
+    $Host.SetShouldExit(1);
+}
+
 # Set workspace
 if ([String]::IsNullOrEmpty($workspacePath)) {
     $workspacePath = $PWD;
@@ -162,7 +168,7 @@ try {
         WriteDebug ([String]::Concat('-OutputFormat ', $OutputFormat, ' -OutputPath ''', $OutputPath, ''''));
     }
 
-    # Repository
+    # repository
     if ($InputType -eq 'repository') {
         $items = New-Object -TypeName System.Collections.ArrayList;
         WriteDebug 'Running ''Assert-PSRule'' with repository as input.';
@@ -172,7 +178,7 @@ try {
         Write-Host '---';
         $items.ToArray() | Assert-PSRule @invokeParams;
     }
-    # Repository
+    # inputPath
     elseif ($InputType -eq 'inputPath') {
         WriteDebug 'Running ''Assert-PSRule'' with input from path.';
         Write-Host '';