Add community files and documentation updates (#8)

- Updated manifest inputs
- Return error in inputType is not set
- Updated README
* Added community files
This commit is contained in:
Bernie White 2020-06-07 17:04:48 +10:00 коммит произвёл GitHub
Родитель dd1a91b163
Коммит c0a47f76f2
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
10 изменённых файлов: 267 добавлений и 61 удалений

36
.github/ISSUE_TEMPLATE/bug_report.md поставляемый Normal file
Просмотреть файл

@ -0,0 +1,36 @@
---
name: Bug report
about: Report errors or an unexpected issue
---
**Description of the issue**
A clear and concise description of what the bug is.
**Expected behaviour**
A clear and concise description of what you expected to happen.
**To Reproduce**
Steps to reproduce the issue:
```yaml
```
**Error output**
Capture any error messages and or run output.
```text
```
**Action version:**
- Version: **[e.g. 0.1.0]**
**Additional context**
Add any other context about the problem here.

20
.github/ISSUE_TEMPLATE/feature_request.md поставляемый Normal file
Просмотреть файл

@ -0,0 +1,20 @@
---
name: Feature request
about: Suggest an idea
---
**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
**Describe the solution you'd like**
A clear and concise description of what you want to happen.
**Describe alternatives you've considered**
A clear and concise description of any alternative solutions or features you've considered.
**Additional context**
Add any other context or screenshots about the feature request here.

9
CODE_OF_CONDUCT.md Normal file
Просмотреть файл

@ -0,0 +1,9 @@
# Microsoft Open Source Code of Conduct
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
Resources:
- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns

52
CONTRIBUTING.md Normal file
Просмотреть файл

@ -0,0 +1,52 @@
# Contributing
This project welcomes contributions and suggestions. Most contributions require you to
agree to a Contributor License Agreement (CLA) declaring that you have the right to,
and actually do, grant us the rights to use your contribution. For details, visit
https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need
to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the
instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
## Code of Conduct
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
## How to contribute
- File or vote up issues
- Improve documentation
- Fix bugs or add features
### Intro to Git and GitHub
When contributing to documentation or code changes, you'll need to have a GitHub account and a basic understanding of Git.
Check out the links below to get started.
- Make sure you have a [GitHub account][github-signup].
- GitHub Help:
- [Git and GitHub learning resources][learn-git].
- [GitHub Flow Guide][github-flow].
- [Fork a repo][github-fork].
- [About Pull Requests][github-pr].
## Contributing to issues
- Check if the issue you are going to file already exists in our GitHub [issues](https://github.com/BernieWhite/PSRule-actions/issues).
- If you do not see your problem captured, please file a new issue and follow the provided template.
- If the an open issue exists for the problem you are experiencing, vote up the issue or add a comment.
## Contributing to code
- Before writing a fix or feature enhancement, ensure that an issue is logged.
- Be prepared to discuss a feature and take feedback.
- Include unit tests and updates documentation to complement the change.
[learn-git]: https://help.github.com/en/articles/git-and-github-learning-resources
[github-flow]: https://guides.github.com/introduction/flow/
[github-signup]: https://github.com/signup/free
[github-fork]: https://help.github.com/en/github/getting-started-with-github/fork-a-repo
[github-pr]: https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests

Просмотреть файл

@ -1,6 +1,6 @@
MIT License MIT License
Copyright (c) 2019 Bernard White Copyright (c) Microsoft Corporation.
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal

100
README.md
Просмотреть файл

@ -1,14 +1,83 @@
# PSRule # PSRule
A GitHub action for IT Pros using the PSRule PowerShell module. Validate infrastructure as code (IaC) and DevOps repositories using rules.
PSRule allows you to analyse a repository with pre-built rules or create your own.
Analysis can be performed from input files or the repository structure.
![ci-badge] ![ci-badge]
## Disclaimer ## Usage
This project is to be considered a **proof-of-concept** and **not a supported product**. ```yaml
- name: Run PSRule analysis
uses: BernieWhite/PSRule-actions@master
```
If you have any problems please check our GitHub [issues](https://github.com/BernieWhite/PSRule-actions/issues) page. If you do not see your problem captured, please file a new issue and follow the provided template. ## Inputs
```yaml
- name: Run PSRule analysis
uses: BernieWhite/PSRule-actions@master
with:
inputType: repository, inputPath # Required. Determines the type of input to use for PSRule.
inputPath: string # Required. The path PSRule will look for files to validate.
modules: string # Optional. A comma separated list of modules to use for analysis.
source: string # Optional. An path containing rules to use for analysis.
outputFormat: None, Yaml, Json, NUnit3, Csv # Optional. The format to use when writing results to disk.
outputPath: string # Optional. The file path to write results to.
path: string # Optional. The working directory PSRule is run from.
```
### `inputType`
Determines the type of input to use for PSRule.
Either `repository` or `inputPath`.
When `inputType: inputPath` is used, supported file formats within `inputPath` will be read as objects.
When `inputType: repository` is used, the structure of the repository will be analyzed instead.
### `inputPath`
Set the `inputPath` to determine where PSRule will look for input files.
When `inputType: inputPath` this is binds to the [-InputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-inputpath) parameter.
When `inputType: repository` this will be the repository root that PSRule analyzes.
### `modules`
A comma separated list of modules to use for analysis.
Install PSRule modules using the `ps-rule-install` task.
If the modules have not been installed,
the latest stable version will be installed from the PowerShell Gallery automatically.
For example: _PSRule.Rules.Azure,PSRule.Rules.Kubernetes_
### `source`
An path containing rules to use for analysis.
Use this option to include rules not installed as a PowerShell module.
This binds to the [-Path](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-path) parameter.
### `outputFormat`
Output results can be written to disk in addition to the default output.
Use this option to determine the format to write results.
By default, results are not written to disk.
This binds to the [-OutputFormat](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputformat) parameter.
### `outputPath`
The file path to write results to.
This binds to the [-OutputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputpath) parameter.
### `path`
The working directory PSRule is run from.
Options specified in `ps-rule.yaml` from this directory will be used unless overridden by inputs.
## Using the action ## Using the action
@ -17,7 +86,7 @@ To get started [create a workflow](https://help.github.com/en/articles/configuri
To include PSRule: To include PSRule:
1. Reference `BernieWhite/PSRule-actions@master`. 1. Reference `BernieWhite/PSRule-actions@master`.
2. Configure `source`. 2. Configure `inputType`.
For example: For example:
@ -31,17 +100,28 @@ jobs:
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@master uses: actions/checkout@master
- name: Run PSRule - name: Run PSRule analysis
uses: BernieWhite/PSRule-actions@master uses: BernieWhite/PSRule-actions@master
with: with:
source: '.ps-rule/' inputType: 'repository'
``` ```
### Action reference ## Contributing
The following action options exist: This project welcomes contributions and suggestions. Most contributions require you to
agree to a Contributor License Agreement (CLA) declaring that you have the right to,
and actually do, grant us the rights to use your contribution. For details, visit
https://cla.microsoft.com.
- [Action](docs/actions.md) When you submit a pull request, a CLA-bot will automatically determine whether you need
to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the
instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
## Code of Conduct
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
## Maintainers ## Maintainers

43
SECURITY.md Normal file
Просмотреть файл

@ -0,0 +1,43 @@
# Security policy
<!-- BEGIN MICROSOFT SECURITY.MD V0.0.3 BLOCK -->
## Security
Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)) of a security vulnerability, please report it to us as described below.
## Reporting Security Issues
**Please do not report security vulnerabilities through public GitHub issues.**
Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).
If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
* Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
* Full paths of source file(s) related to the manifestation of the issue
* The location of the affected source code (tag/branch/commit or direct URL)
* Any special configuration required to reproduce the issue
* Step-by-step instructions to reproduce the issue
* Proof-of-concept or exploit code (if possible)
* Impact of the issue, including how an attacker might exploit the issue
This information will help us triage your report more quickly.
If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs.
## Preferred Languages
We prefer all communications to be in English.
## Policy
Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
<!-- END MICROSOFT SECURITY.MD BLOCK -->

Просмотреть файл

@ -2,8 +2,8 @@ name: 'PSRule'
description: 'Run rules in a GitHub repository.' description: 'Run rules in a GitHub repository.'
author: 'Bernie White' author: 'Bernie White'
branding: branding:
icon: 'chevrons-right' icon: 'check-circle'
color: 'blue' color: 'green'
inputs: inputs:
inputType: inputType:
@ -13,26 +13,32 @@ inputs:
inputPath: inputPath:
description: 'The path PSRule will look for files to validate.' description: 'The path PSRule will look for files to validate.'
default: '' default: ''
required: false
modules: modules:
description: 'A comma separated list of modules to use for analysis.' description: 'A comma separated list of modules to use for analysis.'
default: '' default: ''
required: false
source: source:
description: 'An path containing rules to use for analysis.' description: 'An path containing rules to use for analysis.'
default: '.ps-rule/' default: '.ps-rule/'
required: false
outputFormat: outputFormat:
description: 'The format to use when writing results to disk. When set to None results are not written to disk.' description: 'The format to use when writing results to disk. When set to None results are not written to disk.'
default: 'None' default: 'None'
required: false
outputPath: outputPath:
description: 'The file path to write results to.' description: 'The file path to write results to.'
default: '' default: ''
required: false
path: path:
description: 'The working directory PSRule is run from.' description: 'The working directory PSRule is run from.'
default: '' default: ''
required: false
runs: runs:
using: 'docker' using: 'docker'

Просмотреть файл

@ -1,46 +0,0 @@
# Action reference
## PSRule-actions
Perform analysis and assert PSRule conditions.
Analysis can be perform from input files or the repository structure.
### Syntax
```yaml
steps:
- name: string
uses: BernieWhite/PSRule-actions@master
with:
inputType: repository, inputPath # Required. Determines the type of input to use for PSRule.
inputPath: string # Required. The path PSRule will look for files to validate.
modules: string # Optional. A comma separated list of modules to use for analysis.
source: string # Optional. An path containing rules to use for analysis.
outputFormat: None, Yaml, Json, NUnit3, Csv # Optional. The format to use when writing results to disk.
outputPath: string # Optional. The file path to write results to.
path: string # Optional. The working directory PSRule is run from.
```
- **inputType**: Determines the type of input to use for PSRule.
Either `repository` or `inputPath`.
When `inputType: inputPath` is used, supported file formats within `inputPath` will be read as objects.
When `inputType: repository` is used, the structure of the repository will be analyzed instead.
- **inputPath**: Set the `inputPath` to determine where PSRule will look for input files.
When `inputType: inputPath` this is binds to the [-InputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-inputpath) parameter.
When `inputType: repository` this will be the repository root that PSRule analyzes.
- **modules**: A comma separated list of modules to use for analysis.
Install PSRule modules using the `ps-rule-install` task.
If the modules have not been installed,
the latest stable version will be installed from the PowerShell Gallery automatically.
For example: _PSRule.Rules.Azure,PSRule.Rules.Kubernetes_
- **source**: An path containing rules to use for analysis.
Use this option to include rules not installed as a PowerShell module.
This binds to the [-Path](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-path) parameter.
- **outputFormat**: Output results can be written to disk in addition to the default output.
Use this option to determine the format to write results.
By default, results are not written to disk.
This binds to the [-OutputFormat](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputformat) parameter.
- **outputPath**: The file path to write results to.
This binds to the [-OutputPath](https://microsoft.github.io/PSRule/commands/PSRule/en-US/Assert-PSRule.html#-outputpath) parameter.
- **path**: The working directory PSRule is run from.
Options specified in `ps-rule.yaml` from this directory will be used unless overridden by inputs.

Просмотреть файл

@ -43,6 +43,12 @@ if ($Env:SYSTEM_DEBUG -eq 'true') {
$VerbosePreference = [System.Management.Automation.ActionPreference]::Continue; $VerbosePreference = [System.Management.Automation.ActionPreference]::Continue;
} }
# Check inputType
if ([String]::IsNullOrEmpty($InputType) -or $InputType -notin 'repository', 'inputPath') {
Write-Host "::error::Required input 'inputType' must be set to 'repository' or 'inputPath'.";
$Host.SetShouldExit(1);
}
# Set workspace # Set workspace
if ([String]::IsNullOrEmpty($workspacePath)) { if ([String]::IsNullOrEmpty($workspacePath)) {
$workspacePath = $PWD; $workspacePath = $PWD;
@ -162,7 +168,7 @@ try {
WriteDebug ([String]::Concat('-OutputFormat ', $OutputFormat, ' -OutputPath ''', $OutputPath, '''')); WriteDebug ([String]::Concat('-OutputFormat ', $OutputFormat, ' -OutputPath ''', $OutputPath, ''''));
} }
# Repository # repository
if ($InputType -eq 'repository') { if ($InputType -eq 'repository') {
$items = New-Object -TypeName System.Collections.ArrayList; $items = New-Object -TypeName System.Collections.ArrayList;
WriteDebug 'Running ''Assert-PSRule'' with repository as input.'; WriteDebug 'Running ''Assert-PSRule'' with repository as input.';
@ -172,7 +178,7 @@ try {
Write-Host '---'; Write-Host '---';
$items.ToArray() | Assert-PSRule @invokeParams; $items.ToArray() | Assert-PSRule @invokeParams;
} }
# Repository # inputPath
elseif ($InputType -eq 'inputPath') { elseif ($InputType -eq 'inputPath') {
WriteDebug 'Running ''Assert-PSRule'' with input from path.'; WriteDebug 'Running ''Assert-PSRule'' with input from path.';
Write-Host ''; Write-Host '';