In development
This repository contains sample code you can use to create your own governed pipelines for deploying Azure solutions. To learn more about PSRule for Azure, see https://aka.ms/ps-rule-azure.
Building enterprise scale pipelines can be challenging. Without a standard approach, pipelines can become complex and difficult to maintain. Governed pipelines provides a set of patterns to help you build and maintain pipelines for deploying Azure solutions.
- Who should consider using governed pipelines? — Any organzation that need to scale one or two pipelines to many.
- Why use governed pipelines? — A central set of governed pipelines allows you to manage quality and security across projects or teams.
- What systems are supported? — In the current interation governed pipelines support Azure Pipelines. In the future we plan to add support for GitHub Actions.
Governed Pipelines allow an organization to enforce controls within deployment pipelines by extending on built-in features of Azure and GitHub.
Pipelines must prove they have extended from a secure pipeline that enforces an organization's DevSecOps requirements.
- When a pipeline extends from a governed pipeline it is entitled to use credentials with permissions to deploy to Azure.
- If the pipeline does not use a governed pipeline the credentials are not provides to the pipeline and deployment is blocked.
The implementation for Azure Piplines and GitHub Action is slightly different as follows:
- Azure Pipelines — Security through templates requires a specific pipeline template to be used.
- GitHub Actions (available in the future) — Open ID Connect with reusable workflows requires a specific workflow template to be used.
To get started, please check out our consumer guide for:
This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates.
- For new issues, file your bug or feature request as a new issue.
- For help, discussion, and support questions about using this project, join or start a discussion.
Support for this project/ product is limited to the resources listed above.
This project welcomes contributions and suggestions. If you are ready to contribute, please visit the contribution guide.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
This project is licensed under the MIT License.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.