From 92837e4471e736a312115877ea16863848f62aec Mon Sep 17 00:00:00 2001 From: Eskil Larsen Date: Sun, 23 Apr 2023 23:36:47 +0200 Subject: [PATCH 1/6] added initial accelerator pipelines for azdo --- .../.azuredevops/pipelines/alz-bicep-1.yml | 92 +++++++++++++++++++ .../.azuredevops/pipelines/alz-bicep-2.yml | 36 ++++++++ .../.azuredevops/pipelines/alz-bicep-3.yml | 36 ++++++++ .../.azuredevops/pipelines/alz-bicep-4a.yml | 48 ++++++++++ .../.azuredevops/pipelines/alz-bicep-4b.yml | 48 ++++++++++ .../.azuredevops/pipelines/alz-bicep-pr-1.yml | 78 ++++++++++++++++ .../.azuredevops/pipelines/alz-bicep-pr-2.yml | 37 ++++++++ 7 files changed, 375 insertions(+) create mode 100644 accelerator/.azuredevops/pipelines/alz-bicep-1.yml create mode 100644 accelerator/.azuredevops/pipelines/alz-bicep-2.yml create mode 100644 accelerator/.azuredevops/pipelines/alz-bicep-3.yml create mode 100644 accelerator/.azuredevops/pipelines/alz-bicep-4a.yml create mode 100644 accelerator/.azuredevops/pipelines/alz-bicep-4b.yml create mode 100644 accelerator/.azuredevops/pipelines/alz-bicep-pr-1.yml create mode 100644 accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-1.yml b/accelerator/.azuredevops/pipelines/alz-bicep-1.yml new file mode 100644 index 000000000..0e12c6e16 --- /dev/null +++ b/accelerator/.azuredevops/pipelines/alz-bicep-1.yml @@ -0,0 +1,92 @@ +name: ALZ-Bicep-1 Workflow + + +trigger: + branches: + include: + - "main" + paths: + include: + - "config/custom-parameters/managementGroups.parameters.all.json" + - "config/custom-parameters/resourceGroupLoggingAndSentinel.parameters.all.json" + - "config/custom-parameters/logging.parameters.all.json" + - "config/custom-parameters/customPolicyDefinitions.parameters.all.json" + - "config/custom-parameters/customRoleDefinitions.parameters.all.json" + - "config/custom-parameters/mgDiagSettingsAll.parameters.all.json" + + +variables: + SERVICE_CONNECTION_NAME: "" + LOCATION: "" + UPSTREAM_RELEASE_VERSION: "" + MANAGEMENT_SUBSCRIPTION_ID: "" + TOP_LEVEL_MG_PREFIX: "" + + +jobs: + - job: ALZ_Bicep_1_Workflow_Job + pool: + vmImage: ubuntu-latest + steps: + - checkout: self + displayName: Checkout Repo + + - task: AzurePowerShell@5 + displayName: "Management Groups Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZManagementGroups.ps1 + + - task: AzurePowerShell@5 + displayName: "Logging and Sentinel Resource Group Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZLoggingAndSentinelResourceGroup.ps1 + + - task: AzurePowerShell@5 + displayName: "Logging and Sentinel Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZLoggingAndSentinel.ps1 + + - task: AzurePowerShell@5 + displayName: "Custom Policy Definitions Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZCustomPolicyDefinitions.ps1 + + - task: AzurePowerShell@5 + displayName: "Custom Role Definitions Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZCustomRoleDefinitions.ps1 + + - task: AzurePowerShell@5 + displayName: "Custom Management Group Diagnostic Settings" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZMGDiagnosticSettings.ps1 diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-2.yml b/accelerator/.azuredevops/pipelines/alz-bicep-2.yml new file mode 100644 index 000000000..ab94cf27d --- /dev/null +++ b/accelerator/.azuredevops/pipelines/alz-bicep-2.yml @@ -0,0 +1,36 @@ +name: ALZ-Bicep-2 Workflow + + +trigger: + branches: + include: + - "main" + paths: + include: + - "config/custom-parameters/alzDefaultPolicyAssignments.parameters.all.json" + + +variables: + SERVICE_CONNECTION_NAME: "" + LOCATION: "" + UPSTREAM_RELEASE_VERSION: "" + TOP_LEVEL_MG_PREFIX: "" + + +jobs: + - job: ALZ_Bicep_2_Workflow_Job + pool: + vmImage: ubuntu-latest + steps: + - checkout: self + displayName: Checkout Repo + + - task: AzurePowerShell@5 + displayName: "Built-in and Custom Policy Assignments Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZPolicyAssignments.ps1 diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-3.yml b/accelerator/.azuredevops/pipelines/alz-bicep-3.yml new file mode 100644 index 000000000..98c4402ae --- /dev/null +++ b/accelerator/.azuredevops/pipelines/alz-bicep-3.yml @@ -0,0 +1,36 @@ +name: ALZ-Bicep-3 Workflow + + +trigger: + branches: + include: + - "main" + paths: + include: + - "config/custom-parameters/subPlacementAll.parameters.all.json" + + +variables: + SERVICE_CONNECTION_NAME: "" + LOCATION: "" + UPSTREAM_RELEASE_VERSION: "" + TOP_LEVEL_MG_PREFIX: "" + + +jobs: + - job: ALZ_Bicep_3_Workflow_Job + pool: + vmImage: ubuntu-latest + steps: + - checkout: self + displayName: Checkout Repo + + - task: AzurePowerShell@5 + displayName: "Deploy Subscription Placement" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZSubscriptionPlacement.ps1 diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml b/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml new file mode 100644 index 000000000..0909121a3 --- /dev/null +++ b/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml @@ -0,0 +1,48 @@ +name: ALZ-Bicep-4a Workflow + + +trigger: + branches: + include: + - "main" + paths: + include: + - "config/custom-parameters/resourceGroupConnectivity.parameters.all.json" + - "config/custom-parameters/hubNetworking.parameters.all.json" + + +variables: + SERVICE_CONNECTION_NAME: "" + LOCATION: "" + UPSTREAM_RELEASE_VERSION: "" + CONNECTIVITY_SUBSCRIPTION_ID: "" + TOP_LEVEL_MG_PREFIX: "" + + +jobs: + - job: ALZ_Bicep_4a_Workflow_Job + pool: + vmImage: ubuntu-latest + steps: + - checkout: self + displayName: Checkout Repo + + - task: AzurePowerShell@5 + displayName: "Connectivity Resource Group Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZConnectivityResourceGroup.ps1 + + - task: AzurePowerShell@5 + displayName: "Hub (Hub-and-Spoke) Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZHub-HubAndSpoke.ps1 diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml b/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml new file mode 100644 index 000000000..0f7a48366 --- /dev/null +++ b/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml @@ -0,0 +1,48 @@ +name: ALZ-Bicep-4b Workflow + + +trigger: + branches: + include: + - "main" + paths: + include: + - "config/custom-parameters/resourceGroupConnectivity.parameters.all.json" + - "config/custom-parameters/vwanConnectivity.parameters.all.json" + + +variables: + SERVICE_CONNECTION_NAME: "" + LOCATION: "" + UPSTREAM_RELEASE_VERSION: "" + CONNECTIVITY_SUBSCRIPTION_ID: "" + TOP_LEVEL_MG_PREFIX: "" + + +jobs: + - job: ALZ_Bicep_4b_Workflow_Job + pool: + vmImage: ubuntu-latest + steps: + - checkout: self + displayName: Checkout Repo + + - task: AzurePowerShell@5 + displayName: "Connectivity Resource Group Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZConnectivityResourceGroup.ps1 + + - task: AzurePowerShell@5 + displayName: "Hub (VWAN) Deployment" + inputs: + azureSubscription: ${{ variables.SERVICE_CONNECTION_NAME }} + azurePowerShellVersion: "LatestVersion" + pwsh: true + ScriptType: "InlineScript" + Inline: | + .\accelerator\pipeline-scripts\Deploy-ALZHub-VWAN.ps1 diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-pr-1.yml b/accelerator/.azuredevops/pipelines/alz-bicep-pr-1.yml new file mode 100644 index 000000000..cef32e8ef --- /dev/null +++ b/accelerator/.azuredevops/pipelines/alz-bicep-pr-1.yml @@ -0,0 +1,78 @@ +name: ALZ-Bicep-PR-1 Workflow + + +trigger: none +# YAML PR triggers are supported only in GitHub and Bitbucket Cloud. +# If you use Azure Repos Git, you can configure a branch policy for build validation to trigger your build pipeline for validation. +# https://learn.microsoft.com/en-us/azure/devops/repos/git/branch-policies#build-validation +pr: + branches: + include: + - "main" + paths: + include: + - "**/bicepconfig.json" + - "**.bicep" + + +jobs: + - job: pr_lint + displayName: Bicep Build & Lint All Modules + pool: + vmImage: ubuntu-latest + steps: + - checkout: self + displayName: Checkout Repo + + - pwsh: | + $bicepVersion = bicep --version + Write-Information "=====> Currently installed Bicep version is: $bicepVersion <=====" -InformationAction Continue + displayName: List Currently Installed Bicep Version + + - bash: | + curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep /usr/local/bin/bicep + bicep --help + displayName: Install Latest Version of Bicep + + - pwsh: | + $bicepVersion = bicep --version + Write-Information "=====> Now installed Bicep version is: $bicepVersion <=====" -InformationAction Continue + displayName: List Now Installed Bicep Version + + - pwsh: | + if (Test-Path -Path ./custom-modules/*) + { + echo "##vso[task.setvariable variable=CUSTOM_MODULES;]true" + echo "Set CUSTOM_MODULES to true" + } + else + { + echo "Set CUSTOM_MODULES to false" + } + workingDirectory: config + displayName: Check for Custom Modules + + - pwsh: | + $output = @() + Get-ChildItem -Recurse -Filter '*.bicep' | ForEach-Object { + Write-Information "==> Attempting Bicep Build For File: $_" -InformationAction Continue + $bicepOutput = bicep build $_.FullName 2>&1 + if ($LastExitCode -ne 0) + { + foreach ($item in $bicepOutput) { + $output += "$($item) `r`n" + } + } + else + { + echo "Bicep Build Successful for File: $_" + } + } + if ($output.length -gt 0) { + throw $output + } + workingDirectory: config/custom-modules + condition: eq(variables['CUSTOM_MODULES'], 'true') + displayName: Bicep Build & Lint All Custom Modules diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml b/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml new file mode 100644 index 000000000..657b90636 --- /dev/null +++ b/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml @@ -0,0 +1,37 @@ +name: ALZ-Bicep-PR-2 Workflow + + +trigger: none +# YAML PR triggers are supported only in GitHub and Bitbucket Cloud. +# If you use Azure Repos Git, you can configure a branch policy for build validation to trigger your build pipeline for validation. +# https://learn.microsoft.com/en-us/azure/devops/repos/git/branch-policies#build-validation +pr: + branches: + include: + - "main" + + +jobs: + - job: pr_lint + displayName: Lint Code Base (except Bicep Modules and Files) + pool: + vmImage: ubuntu-latest + steps: + - checkout: self + displayName: Checkout Repo + + - bash: | + docker pull github/super-linter:latest + docker run \ + -e RUN_LOCAL=true \ + -e VALIDATE_ALL_CODEBASE=false \ + -e VALIDATE_JSON=true \ + -e VALIDATE_MARKDOWN=true \ + -e VALIDATE_JSON=true \ + -e VALIDATE_POWERSHELL=true \ + -e VALIDATE_YAML=true \ + -e VALIDATE_EDITORCONFIG=true \ + -e FILTER_REGEX_EXCLUDE=".*generateddocs/.*.bicep.md" \ + -v $(System.DefaultWorkingDirectory):/tmp/lint \ + github/super-linter + displayName: Run github/super-linter From d88c8d1a4e6cc7c4201567fdcd7ca27c151c1016 Mon Sep 17 00:00:00 2001 From: Eskil Larsen Date: Mon, 24 Apr 2023 23:07:17 +0200 Subject: [PATCH 2/6] added support for .env file in azdo pipelines --- .../.azuredevops/pipelines/alz-bicep-1.yml | 20 ++++++++++++++----- .../.azuredevops/pipelines/alz-bicep-2.yml | 19 ++++++++++++++---- .../.azuredevops/pipelines/alz-bicep-3.yml | 19 ++++++++++++++---- .../.azuredevops/pipelines/alz-bicep-4a.yml | 20 ++++++++++++++----- .../.azuredevops/pipelines/alz-bicep-4b.yml | 20 ++++++++++++++----- 5 files changed, 75 insertions(+), 23 deletions(-) diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-1.yml b/accelerator/.azuredevops/pipelines/alz-bicep-1.yml index 0e12c6e16..d93057375 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-1.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-1.yml @@ -16,11 +16,8 @@ trigger: variables: - SERVICE_CONNECTION_NAME: "" - LOCATION: "" - UPSTREAM_RELEASE_VERSION: "" - MANAGEMENT_SUBSCRIPTION_ID: "" - TOP_LEVEL_MG_PREFIX: "" + ENV_FILE: ".env" + SERVICE_CONNECTION_NAME: "[your service connection name here]" jobs: @@ -31,6 +28,19 @@ jobs: - checkout: self displayName: Checkout Repo + - pwsh: | + (Get-Content -Path $env:ENV_FILE -Encoding UTF8) | ForEach-Object {$_ -replace '"',''} | Out-File -FilePath $env:ENV_FILE -Encoding UTF8 + displayName: Remove Quotation Marks from Environment File + + - pwsh: | + Write-Host $env:ENV_FILE + Get-Content -Path $env:ENV_FILE -Encoding UTF8 | ForEach-Object { + $envVarName, $envVarValue = ($_ -replace '"','').split('=') + echo "##vso[task.setvariable variable=$envVarName;]$envVarValue" + echo "Set $envVarName to $envVarValue]" + } + displayName: Import Environment Variables from File + - task: AzurePowerShell@5 displayName: "Management Groups Deployment" inputs: diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-2.yml b/accelerator/.azuredevops/pipelines/alz-bicep-2.yml index ab94cf27d..b1870c78e 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-2.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-2.yml @@ -11,10 +11,8 @@ trigger: variables: - SERVICE_CONNECTION_NAME: "" - LOCATION: "" - UPSTREAM_RELEASE_VERSION: "" - TOP_LEVEL_MG_PREFIX: "" + ENV_FILE: ".env" + SERVICE_CONNECTION_NAME: "[your service connection name here]" jobs: @@ -25,6 +23,19 @@ jobs: - checkout: self displayName: Checkout Repo + - pwsh: | + (Get-Content -Path $env:ENV_FILE -Encoding UTF8) | ForEach-Object {$_ -replace '"',''} | Out-File -FilePath $env:ENV_FILE -Encoding UTF8 + displayName: Remove Quotation Marks from Environment File + + - pwsh: | + Write-Host $env:ENV_FILE + Get-Content -Path $env:ENV_FILE -Encoding UTF8 | ForEach-Object { + $envVarName, $envVarValue = ($_ -replace '"','').split('=') + echo "##vso[task.setvariable variable=$envVarName;]$envVarValue" + echo "Set $envVarName to $envVarValue]" + } + displayName: Import Environment Variables from File + - task: AzurePowerShell@5 displayName: "Built-in and Custom Policy Assignments Deployment" inputs: diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-3.yml b/accelerator/.azuredevops/pipelines/alz-bicep-3.yml index 98c4402ae..854b1c5b6 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-3.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-3.yml @@ -11,10 +11,8 @@ trigger: variables: - SERVICE_CONNECTION_NAME: "" - LOCATION: "" - UPSTREAM_RELEASE_VERSION: "" - TOP_LEVEL_MG_PREFIX: "" + ENV_FILE: ".env" + SERVICE_CONNECTION_NAME: "[your service connection name here]" jobs: @@ -25,6 +23,19 @@ jobs: - checkout: self displayName: Checkout Repo + - pwsh: | + (Get-Content -Path $env:ENV_FILE -Encoding UTF8) | ForEach-Object {$_ -replace '"',''} | Out-File -FilePath $env:ENV_FILE -Encoding UTF8 + displayName: Remove Quotation Marks from Environment File + + - pwsh: | + Write-Host $env:ENV_FILE + Get-Content -Path $env:ENV_FILE -Encoding UTF8 | ForEach-Object { + $envVarName, $envVarValue = ($_ -replace '"','').split('=') + echo "##vso[task.setvariable variable=$envVarName;]$envVarValue" + echo "Set $envVarName to $envVarValue]" + } + displayName: Import Environment Variables from File + - task: AzurePowerShell@5 displayName: "Deploy Subscription Placement" inputs: diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml b/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml index 0909121a3..1f245a6fc 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml @@ -12,11 +12,8 @@ trigger: variables: - SERVICE_CONNECTION_NAME: "" - LOCATION: "" - UPSTREAM_RELEASE_VERSION: "" - CONNECTIVITY_SUBSCRIPTION_ID: "" - TOP_LEVEL_MG_PREFIX: "" + ENV_FILE: ".env" + SERVICE_CONNECTION_NAME: "[your service connection name here]" jobs: @@ -27,6 +24,19 @@ jobs: - checkout: self displayName: Checkout Repo + - pwsh: | + (Get-Content -Path $env:ENV_FILE -Encoding UTF8) | ForEach-Object {$_ -replace '"',''} | Out-File -FilePath $env:ENV_FILE -Encoding UTF8 + displayName: Remove Quotation Marks from Environment File + + - pwsh: | + Write-Host $env:ENV_FILE + Get-Content -Path $env:ENV_FILE -Encoding UTF8 | ForEach-Object { + $envVarName, $envVarValue = ($_ -replace '"','').split('=') + echo "##vso[task.setvariable variable=$envVarName;]$envVarValue" + echo "Set $envVarName to $envVarValue]" + } + displayName: Import Environment Variables from File + - task: AzurePowerShell@5 displayName: "Connectivity Resource Group Deployment" inputs: diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml b/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml index 0f7a48366..4e203da8e 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml @@ -12,11 +12,8 @@ trigger: variables: - SERVICE_CONNECTION_NAME: "" - LOCATION: "" - UPSTREAM_RELEASE_VERSION: "" - CONNECTIVITY_SUBSCRIPTION_ID: "" - TOP_LEVEL_MG_PREFIX: "" + ENV_FILE: ".env" + SERVICE_CONNECTION_NAME: "[your service connection name here]" jobs: @@ -27,6 +24,19 @@ jobs: - checkout: self displayName: Checkout Repo + - pwsh: | + (Get-Content -Path $env:ENV_FILE -Encoding UTF8) | ForEach-Object {$_ -replace '"',''} | Out-File -FilePath $env:ENV_FILE -Encoding UTF8 + displayName: Remove Quotation Marks from Environment File + + - pwsh: | + Write-Host $env:ENV_FILE + Get-Content -Path $env:ENV_FILE -Encoding UTF8 | ForEach-Object { + $envVarName, $envVarValue = ($_ -replace '"','').split('=') + echo "##vso[task.setvariable variable=$envVarName;]$envVarValue" + echo "Set $envVarName to $envVarValue]" + } + displayName: Import Environment Variables from File + - task: AzurePowerShell@5 displayName: "Connectivity Resource Group Deployment" inputs: From fdd75ef060909c3e1aadb38dafbc775f469e83dc Mon Sep 17 00:00:00 2001 From: Eskil Larsen Date: Mon, 24 Apr 2023 23:11:55 +0200 Subject: [PATCH 3/6] updated more regex to super-liner in pr-2 pipeline --- accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml b/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml index 657b90636..731586465 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml @@ -24,14 +24,12 @@ jobs: docker pull github/super-linter:latest docker run \ -e RUN_LOCAL=true \ - -e VALIDATE_ALL_CODEBASE=false \ -e VALIDATE_JSON=true \ -e VALIDATE_MARKDOWN=true \ - -e VALIDATE_JSON=true \ -e VALIDATE_POWERSHELL=true \ -e VALIDATE_YAML=true \ -e VALIDATE_EDITORCONFIG=true \ - -e FILTER_REGEX_EXCLUDE=".*generateddocs/.*.bicep.md" \ + -e "FILTER_REGEX_EXCLUDE=.*infra-as-code/bicep/modules/policy/(definitions|assignments)/lib/.*/.*.json|.*generateddocs/.*.bicep.md" \ -v $(System.DefaultWorkingDirectory):/tmp/lint \ github/super-linter displayName: Run github/super-linter From ecdfc616ec2264ad6ade972bdc01f37ef58f6372 Mon Sep 17 00:00:00 2001 From: Eskil Larsen Date: Mon, 24 Apr 2023 23:14:32 +0200 Subject: [PATCH 4/6] fixed path to pipeline-scripts in azdo pipelines --- accelerator/.azuredevops/pipelines/alz-bicep-1.yml | 12 ++++++------ accelerator/.azuredevops/pipelines/alz-bicep-2.yml | 2 +- accelerator/.azuredevops/pipelines/alz-bicep-3.yml | 2 +- accelerator/.azuredevops/pipelines/alz-bicep-4a.yml | 4 ++-- accelerator/.azuredevops/pipelines/alz-bicep-4b.yml | 4 ++-- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-1.yml b/accelerator/.azuredevops/pipelines/alz-bicep-1.yml index d93057375..a6b3857fb 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-1.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-1.yml @@ -49,7 +49,7 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZManagementGroups.ps1 + .\pipeline-scripts\Deploy-ALZManagementGroups.ps1 - task: AzurePowerShell@5 displayName: "Logging and Sentinel Resource Group Deployment" @@ -59,7 +59,7 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZLoggingAndSentinelResourceGroup.ps1 + .\pipeline-scripts\Deploy-ALZLoggingAndSentinelResourceGroup.ps1 - task: AzurePowerShell@5 displayName: "Logging and Sentinel Deployment" @@ -69,7 +69,7 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZLoggingAndSentinel.ps1 + .\pipeline-scripts\Deploy-ALZLoggingAndSentinel.ps1 - task: AzurePowerShell@5 displayName: "Custom Policy Definitions Deployment" @@ -79,7 +79,7 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZCustomPolicyDefinitions.ps1 + .\pipeline-scripts\Deploy-ALZCustomPolicyDefinitions.ps1 - task: AzurePowerShell@5 displayName: "Custom Role Definitions Deployment" @@ -89,7 +89,7 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZCustomRoleDefinitions.ps1 + .\pipeline-scripts\Deploy-ALZCustomRoleDefinitions.ps1 - task: AzurePowerShell@5 displayName: "Custom Management Group Diagnostic Settings" @@ -99,4 +99,4 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZMGDiagnosticSettings.ps1 + .\pipeline-scripts\Deploy-ALZMGDiagnosticSettings.ps1 diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-2.yml b/accelerator/.azuredevops/pipelines/alz-bicep-2.yml index b1870c78e..d66c1125f 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-2.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-2.yml @@ -44,4 +44,4 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZPolicyAssignments.ps1 + .\pipeline-scripts\Deploy-ALZPolicyAssignments.ps1 diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-3.yml b/accelerator/.azuredevops/pipelines/alz-bicep-3.yml index 854b1c5b6..a3f2fab3d 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-3.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-3.yml @@ -44,4 +44,4 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZSubscriptionPlacement.ps1 + .\pipeline-scripts\Deploy-ALZSubscriptionPlacement.ps1 diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml b/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml index 1f245a6fc..88a214d7b 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml @@ -45,7 +45,7 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZConnectivityResourceGroup.ps1 + .\pipeline-scripts\Deploy-ALZConnectivityResourceGroup.ps1 - task: AzurePowerShell@5 displayName: "Hub (Hub-and-Spoke) Deployment" @@ -55,4 +55,4 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZHub-HubAndSpoke.ps1 + .\pipeline-scripts\Deploy-ALZHub-HubAndSpoke.ps1 diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml b/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml index 4e203da8e..6b71fbb32 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml @@ -45,7 +45,7 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZConnectivityResourceGroup.ps1 + .\pipeline-scripts\Deploy-ALZConnectivityResourceGroup.ps1 - task: AzurePowerShell@5 displayName: "Hub (VWAN) Deployment" @@ -55,4 +55,4 @@ jobs: pwsh: true ScriptType: "InlineScript" Inline: | - .\accelerator\pipeline-scripts\Deploy-ALZHub-VWAN.ps1 + .\pipeline-scripts\Deploy-ALZHub-VWAN.ps1 From e7a4bb04b509e6ea9e4ccfaa594872938b25a734 Mon Sep 17 00:00:00 2001 From: Zach Trocinski Date: Mon, 22 May 2023 16:01:04 -0500 Subject: [PATCH 5/6] Moved additional spaces for uniformity --- accelerator/.azuredevops/pipelines/alz-bicep-1.yml | 3 --- accelerator/.azuredevops/pipelines/alz-bicep-2.yml | 3 --- accelerator/.azuredevops/pipelines/alz-bicep-3.yml | 3 --- accelerator/.azuredevops/pipelines/alz-bicep-4a.yml | 3 --- accelerator/.azuredevops/pipelines/alz-bicep-4b.yml | 3 --- accelerator/.azuredevops/pipelines/alz-bicep-pr-1.yml | 4 +--- accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml | 4 +--- 7 files changed, 2 insertions(+), 21 deletions(-) diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-1.yml b/accelerator/.azuredevops/pipelines/alz-bicep-1.yml index a6b3857fb..f202b0fe0 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-1.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-1.yml @@ -1,6 +1,5 @@ name: ALZ-Bicep-1 Workflow - trigger: branches: include: @@ -14,12 +13,10 @@ trigger: - "config/custom-parameters/customRoleDefinitions.parameters.all.json" - "config/custom-parameters/mgDiagSettingsAll.parameters.all.json" - variables: ENV_FILE: ".env" SERVICE_CONNECTION_NAME: "[your service connection name here]" - jobs: - job: ALZ_Bicep_1_Workflow_Job pool: diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-2.yml b/accelerator/.azuredevops/pipelines/alz-bicep-2.yml index d66c1125f..28c6f2740 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-2.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-2.yml @@ -1,6 +1,5 @@ name: ALZ-Bicep-2 Workflow - trigger: branches: include: @@ -9,12 +8,10 @@ trigger: include: - "config/custom-parameters/alzDefaultPolicyAssignments.parameters.all.json" - variables: ENV_FILE: ".env" SERVICE_CONNECTION_NAME: "[your service connection name here]" - jobs: - job: ALZ_Bicep_2_Workflow_Job pool: diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-3.yml b/accelerator/.azuredevops/pipelines/alz-bicep-3.yml index a3f2fab3d..5c845ec2a 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-3.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-3.yml @@ -1,6 +1,5 @@ name: ALZ-Bicep-3 Workflow - trigger: branches: include: @@ -9,12 +8,10 @@ trigger: include: - "config/custom-parameters/subPlacementAll.parameters.all.json" - variables: ENV_FILE: ".env" SERVICE_CONNECTION_NAME: "[your service connection name here]" - jobs: - job: ALZ_Bicep_3_Workflow_Job pool: diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml b/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml index 88a214d7b..1d470dbec 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-4a.yml @@ -1,6 +1,5 @@ name: ALZ-Bicep-4a Workflow - trigger: branches: include: @@ -10,12 +9,10 @@ trigger: - "config/custom-parameters/resourceGroupConnectivity.parameters.all.json" - "config/custom-parameters/hubNetworking.parameters.all.json" - variables: ENV_FILE: ".env" SERVICE_CONNECTION_NAME: "[your service connection name here]" - jobs: - job: ALZ_Bicep_4a_Workflow_Job pool: diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml b/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml index 6b71fbb32..1fd8fa40c 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-4b.yml @@ -1,6 +1,5 @@ name: ALZ-Bicep-4b Workflow - trigger: branches: include: @@ -10,12 +9,10 @@ trigger: - "config/custom-parameters/resourceGroupConnectivity.parameters.all.json" - "config/custom-parameters/vwanConnectivity.parameters.all.json" - variables: ENV_FILE: ".env" SERVICE_CONNECTION_NAME: "[your service connection name here]" - jobs: - job: ALZ_Bicep_4b_Workflow_Job pool: diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-pr-1.yml b/accelerator/.azuredevops/pipelines/alz-bicep-pr-1.yml index cef32e8ef..53c4da438 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-pr-1.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-pr-1.yml @@ -1,8 +1,7 @@ name: ALZ-Bicep-PR-1 Workflow - trigger: none -# YAML PR triggers are supported only in GitHub and Bitbucket Cloud. +# YAML PR triggers are supported only in GitHub and Bitbucket Cloud. # If you use Azure Repos Git, you can configure a branch policy for build validation to trigger your build pipeline for validation. # https://learn.microsoft.com/en-us/azure/devops/repos/git/branch-policies#build-validation pr: @@ -14,7 +13,6 @@ pr: - "**/bicepconfig.json" - "**.bicep" - jobs: - job: pr_lint displayName: Bicep Build & Lint All Modules diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml b/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml index 731586465..99fcffd05 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml @@ -1,8 +1,7 @@ name: ALZ-Bicep-PR-2 Workflow - trigger: none -# YAML PR triggers are supported only in GitHub and Bitbucket Cloud. +# YAML PR triggers are supported only in GitHub and Bitbucket Cloud. # If you use Azure Repos Git, you can configure a branch policy for build validation to trigger your build pipeline for validation. # https://learn.microsoft.com/en-us/azure/devops/repos/git/branch-policies#build-validation pr: @@ -10,7 +9,6 @@ pr: include: - "main" - jobs: - job: pr_lint displayName: Lint Code Base (except Bicep Modules and Files) From 9ea91eec87fc0c9a2b731f30583d027654427f58 Mon Sep 17 00:00:00 2001 From: Zach Trocinski Date: Mon, 22 May 2023 16:38:37 -0500 Subject: [PATCH 6/6] Modified filter to exlude upstream-releases folder --- accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml b/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml index 99fcffd05..3a6369f9a 100644 --- a/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml +++ b/accelerator/.azuredevops/pipelines/alz-bicep-pr-2.yml @@ -27,7 +27,7 @@ jobs: -e VALIDATE_POWERSHELL=true \ -e VALIDATE_YAML=true \ -e VALIDATE_EDITORCONFIG=true \ - -e "FILTER_REGEX_EXCLUDE=.*infra-as-code/bicep/modules/policy/(definitions|assignments)/lib/.*/.*.json|.*generateddocs/.*.bicep.md" \ + -e "FILTER_REGEX_EXCLUDE=.*upstream-releases/*|.*generateddocs/.*.bicep.md" \ -v $(System.DefaultWorkingDirectory):/tmp/lint \ github/super-linter displayName: Run github/super-linter