Add support for Bicep Linter

.automation/generated/linter-links-previews.json

@@ -24,6 +24,16 @@
     "image": null,
     "title": "The GNU Bourne-Again Shell"
   },
+  "bicep": {
+    "description": "Learn how to use Bicep linter.",
+    "image": "https://learn.microsoft.com/en-us/media/logos/logo-ms-social.png",
+    "title": "Use Bicep linter - Azure Resource Manager"
+  },
+  "bicep_linter": {
+    "description": "Learn how to use Bicep linter.",
+    "image": "https://learn.microsoft.com/en-us/media/logos/logo-ms-social.png",
+    "title": "Use Bicep linter - Azure Resource Manager"
+  },
   "black": {
     "description": "The uncompromising Python code formatter. Contribute to psf/black development by creating an account on GitHub.",
     "image": "https://repository-images.githubusercontent.com/125266328/48aef880-6cce-11e9-9e3c-3ca0dd3ac138",

.automation/test/bicep/bicep_bad_1.bicep

@@ -0,0 +1,99 @@
+@description('Web app name.')
+@minLength(2)
+param webAppName string = 'webApp-${uniqueString(resourceGroup().id)}'
+
+@description('Location for all resources.')
+param location string = resourceGroup().location
+
+@description('Describes plan\'s pricing tier and instance size. Check details at https://azure.microsoft.com/en-us/pricing/details/app-service/')
+@allowed([
+  'F1'
+  'D1'
+  'B1'
+  'B2'
+  'B3'
+  'S1'
+  'S2'
+  'S3'
+  'P1'
+  'P2'
+  'P3'
+  'P4'
+])
+param sku string = 'F1'
+
+@description('The language stack of the app.')
+@allowed([
+  '.net'
+  'php'
+  'node'
+  'html'
+])
+param language string = '.net'
+
+@description('Optional Git Repo URL, if empty a \'hello world\' app will be deploy from the Azure-Samples repo')
+param repoUrl string = ''
+
+var unusedVarThatShouldError = ''
+var appServicePlanName = 'AppServicePlan-${webAppName}'
+var gitRepoReference = {
+  '.net': 'https://github.com/Azure-Samples/app-service-web-dotnet-get-started'
+  node: 'https://github.com/Azure-Samples/nodejs-docs-hello-world'
+  php: 'https://github.com/Azure-Samples/php-docs-hello-world'
+  html: 'https://github.com/Azure-Samples/html-docs-hello-world'
+}
+var gitRepoUrl = (empty(repoUrl) ? gitRepoReference[language] : repoUrl)
+var configReference = {
+  '.net': {
+    comments: '.Net app. No additional configuration needed.'
+  }
+  html: {
+    comments: 'HTML app. No additional configuration needed.'
+  }
+  php: {
+    phpVersion: '7.4'
+  }
+  node: {
+    appSettings: [
+      {
+        name: 'WEBSITE_NODE_DEFAULT_VERSION'
+        value: '12.15.0'
+      }
+    ]
+  }
+}
+
+resource asp 'Microsoft.Web/serverfarms@2021-03-01' = {
+  name: appServicePlanName
+  location: location
+  sku: {
+    name: sku
+  }
+}
+
+resource webApp 'Microsoft.Web/sites@2021-03-01' = {
+  name: webAppName
+  location: location
+  identity: {
+    type: 'SystemAssigned'
+  }
+  properties: {
+    siteConfig: union(configReference[language],{
+      minTlsVersion: '1.2'
+      scmMinTlsVersion: '1.2'
+      ftpsState: 'FtpsOnly'
+    })
+    serverFarmId: asp.id
+    httpsOnly: true
+  }
+}
+
+resource gitsource 'Microsoft.Web/sites/sourcecontrols@2021-03-01' = {
+  parent: webApp
+  name: 'web'
+  properties: {
+    repoUrl: gitRepoUrl
+    branch: 'master'
+    isManualIntegration: true
+  }
+}

.automation/test/bicep/bicep_good_1.bicep

@@ -0,0 +1,98 @@
+@description('Web app name.')
+@minLength(2)
+param webAppName string = 'webApp-${uniqueString(resourceGroup().id)}'
+
+@description('Location for all resources.')
+param location string = resourceGroup().location
+
+@description('Describes plan\'s pricing tier and instance size. Check details at https://azure.microsoft.com/en-us/pricing/details/app-service/')
+@allowed([
+  'F1'
+  'D1'
+  'B1'
+  'B2'
+  'B3'
+  'S1'
+  'S2'
+  'S3'
+  'P1'
+  'P2'
+  'P3'
+  'P4'
+])
+param sku string = 'F1'
+
+@description('The language stack of the app.')
+@allowed([
+  '.net'
+  'php'
+  'node'
+  'html'
+])
+param language string = '.net'
+
+@description('Optional Git Repo URL, if empty a \'hello world\' app will be deploy from the Azure-Samples repo')
+param repoUrl string = ''
+
+var appServicePlanName = 'AppServicePlan-${webAppName}'
+var gitRepoReference = {
+  '.net': 'https://github.com/Azure-Samples/app-service-web-dotnet-get-started'
+  node: 'https://github.com/Azure-Samples/nodejs-docs-hello-world'
+  php: 'https://github.com/Azure-Samples/php-docs-hello-world'
+  html: 'https://github.com/Azure-Samples/html-docs-hello-world'
+}
+var gitRepoUrl = (empty(repoUrl) ? gitRepoReference[language] : repoUrl)
+var configReference = {
+  '.net': {
+    comments: '.Net app. No additional configuration needed.'
+  }
+  html: {
+    comments: 'HTML app. No additional configuration needed.'
+  }
+  php: {
+    phpVersion: '7.4'
+  }
+  node: {
+    appSettings: [
+      {
+        name: 'WEBSITE_NODE_DEFAULT_VERSION'
+        value: '12.15.0'
+      }
+    ]
+  }
+}
+
+resource asp 'Microsoft.Web/serverfarms@2021-03-01' = {
+  name: appServicePlanName
+  location: location
+  sku: {
+    name: sku
+  }
+}
+
+resource webApp 'Microsoft.Web/sites@2021-03-01' = {
+  name: webAppName
+  location: location
+  identity: {
+    type: 'SystemAssigned'
+  }
+  properties: {
+    siteConfig: union(configReference[language],{
+      minTlsVersion: '1.2'
+      scmMinTlsVersion: '1.2'
+      ftpsState: 'FtpsOnly'
+    })
+    serverFarmId: asp.id
+    httpsOnly: true
+  }
+}
+
+resource gitsource 'Microsoft.Web/sites/sourcecontrols@2021-03-01' = {
+  parent: webApp
+  name: 'web'
+  properties: {
+    repoUrl: gitRepoUrl
+    branch: 'master'
+    isManualIntegration: true
+  }
+}

.automation/test/bicep/bicepconfig.json

@@ -0,0 +1,13 @@
+{
+    "analyzers": {
+        "core": {
+            "enabled": true,
+            "verbose": true,
+            "rules": {
+                "no-unused-vars": {
+                    "level": "error"
+                }
+            }
+        }
+    }
+}

.github/linters/.cspell.json

@@ -411,6 +411,7 @@
         "bestpractices",
         "bfseries",
         "bibitem",
+        "bicepconfig",
         "bigskip",
         "bikeshedding",
         "bmod",

CHANGELOG.md

@@ -13,6 +13,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l
 - Add quotes to arm-ttk linter command ([#1879](https://github.com/oxsecurity/megalinter/issues/1879))
 - Improve support for devcontainers by using Python base image
   - Fixed Python version in devcontainer from 3.9 -> 3.10
+- Add [bicep](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) linter
 - Add Makefile linter in [java flavor](https://oxsecurity.github.io/megalinter/latest/flavors/java/)
 - Fix build command on linux (thanks a lot to [Edouard Choinière](https://github.com/echoix) for the investigation and solution !)
 

Dockerfile

@@ -38,6 +38,9 @@ ARG PWSH_DIRECTORY='/opt/microsoft/powershell'
 ARG ARM_TTK_NAME='master.zip'
 ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip'
 ARG ARM_TTK_DIRECTORY='/opt/microsoft'
+ARG BICEP_EXE='bicep'
+ARG BICEP_URI='https://github.com/Azure/bicep/releases/latest/download/bicep-linux-musl-x64'
+ARG BICEP_DIR='/usr/local/bin'
 ARG DART_VERSION='2.8.4'
 ARG GLIBC_VERSION='2.31-r0'
 ARG PMD_VERSION=6.48.0
@@ -398,6 +401,11 @@ RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \
 # shfmt installation
 # Managed with COPY --from=shfmt /bin/shfmt /usr/bin/
 
+# bicep_linter installation
+    && curl --retry 5 --retry-delay 5 -sLo ${BICEP_EXE} "${BICEP_URI}" \
+    && chmod +x "${BICEP_EXE}" \
+    && mv "${BICEP_EXE}" "${BICEP_DIR}" \
+
 # clj-kondo installation
 # Managed with COPY --from=clj-kondo /bin/clj-kondo /usr/bin/
 

flavors/dotnet/Dockerfile

@@ -33,6 +33,9 @@ ARG PWSH_DIRECTORY='/opt/microsoft/powershell'
 ARG ARM_TTK_NAME='master.zip'
 ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip'
 ARG ARM_TTK_DIRECTORY='/opt/microsoft'
+ARG BICEP_EXE='bicep'
+ARG BICEP_URI='https://github.com/Azure/bicep/releases/latest/download/bicep-linux-musl-x64'
+ARG BICEP_DIR='/usr/local/bin'
 ARG PSSA_VERSION='latest'
 #ARG__END
 
@@ -278,6 +281,11 @@ RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \
 # shfmt installation
 # Managed with COPY --from=shfmt /bin/shfmt /usr/bin/
 
+# bicep_linter installation
+    && curl --retry 5 --retry-delay 5 -sLo ${BICEP_EXE} "${BICEP_URI}" \
+    && chmod +x "${BICEP_EXE}" \
+    && mv "${BICEP_EXE}" "${BICEP_DIR}" \
+
 # dotnet-format installation
     && /usr/share/dotnet/dotnet tool install -g dotnet-format \
 

flavors/dotnet/flavor.json

@@ -16,6 +16,7 @@
         "BASH_EXEC",
         "BASH_SHELLCHECK",
         "BASH_SHFMT",
+        "BICEP_BICEP_LINTER",
         "C_CPPLINT",
         "COPYPASTE_JSCPD",
         "CPP_CPPLINT",

megalinter/descriptors/all_flavors.json

@@ -101,6 +101,7 @@
             "BASH_EXEC",
             "BASH_SHELLCHECK",
             "BASH_SHFMT",
+            "BICEP_BICEP_LINTER",
             "C_CPPLINT",
             "COPYPASTE_JSCPD",
             "CPP_CPPLINT",

megalinter/descriptors/bicep.megalinter-descriptor.yml

@@ -0,0 +1,45 @@
+descriptor_id: BICEP
+descriptor_type: tooling_format
+descriptor_flavors:
+  - dotnet
+linters:
+  - cli_help_arg_name: --help
+    cli_executable: bicep
+    cli_lint_errors_count: "\\.bicep\\(\\d+,\\d+\\) : Error "
+    cli_lint_extra_args: 
+      - "build"
+    cli_lint_mode: file
+    cli_version_arg_name: --version
+    file_extensions:
+      - ".bicep"
+    linter_image_url: https://raw.githubusercontent.com/Azure/bicep/main/docs/images/BicepLogoImage.png
+    linter_name: bicep_linter
+    linter_text: |
+      By default, Bicep linter errors are set as warnings. To customize linter settings,
+      use a `bicepconfig.json` file. For more information, see the [documentation for the Bicep Linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/bicep-config-linter#customize-linter)
+    linter_repo: https://github.com/Azure/bicep
+    linter_rules_configuration_url: https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/bicep-config
+    linter_rules_inline_disable_url: https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter#silencing-false-positives
+    linter_rules_url: https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter#default-rules
+    linter_url: https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter
+    version_extract_regex: "Bicep CLI version (\\d+)\\.(\\d+)\\.(\\d+)"
+    examples:
+      - |
+        # Bicep CLI 
+        bicep build infra.bicep;
+
+        # Azure CLI 
+        az bicep build -f infra.bicep
+    install:
+      dockerfile:
+        - ARG BICEP_EXE='bicep'
+        - ARG BICEP_URI='https://github.com/Azure/bicep/releases/latest/download/bicep-linux-musl-x64'
+        - ARG BICEP_DIR='/usr/local/bin'
+        - |
+          RUN curl --retry 5 --retry-delay 5 -sLo ${BICEP_EXE} "${BICEP_URI}" \
+              && chmod +x "${BICEP_EXE}" \
+              && mv "${BICEP_EXE}" "${BICEP_DIR}"
+    ide:
+      vscode:
+        - name: VSCode Bicep
+          url: https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-bicep

megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json

@@ -43,6 +43,7 @@
         "ANSIBLE",
         "ARM",
         "BASH",
+        "BICEP",
         "C",
         "CLOJURE",
         "CLOUDFORMATION",
@@ -109,6 +110,7 @@
         "BASH_EXEC",
         "BASH_SHELLCHECK",
         "BASH_SHFMT",
+        "BICEP_BICEP_LINTER",
         "C_CPPLINT",
         "CLOJURE_CLJ_KONDO",
         "CLOUDFORMATION_CFN_LINT",

megalinter/tests/test_megalinter/linters/bicep_bicep_linter_test.py

@@ -0,0 +1,14 @@
+# !/usr/bin/env python3
+"""
+Unit tests for BICEP linter bicep_linter
+This class has been automatically @generated by .automation/build.py, please do not update it manually
+"""
+
+from unittest import TestCase
+
+from megalinter.tests.test_megalinter.LinterTestRoot import LinterTestRoot
+
+
+class bicep_bicep_linter_test(TestCase, LinterTestRoot):
+    descriptor_id = "BICEP"
+    linter_name = "bicep_linter"