/
bicep-pr-pipeline.yaml
59 lines (50 loc) · 1.78 KB
/
bicep-pr-pipeline.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# The ultimate Bicep validation Pull Request Pipeline
trigger: none
variables:
vmImageName: 'ubuntu-latest'
azureServiceConnection: 'ConnectionNameHere'
pool:
vmImage: $(vmImageName)
stages:
- stage: BicepValidation
displayName: 'Bicep Validation'
jobs:
- job: BicepLinter
displayName: 'Bicep Linter'
steps:
- task: AzureCLI@2
inputs:
azureSubscription: $(azureServiceConnection)
scriptType: 'pscore'
scriptLocation: 'inlineScript'
inlineScript: |
$bicepfiles = Get-ChildItem -Path "$(System.DefaultWorkingDirectory)\*" -Recurse -Include *.bicep
foreach ($bicepfile in $bicepfiles) {
write-host "##[section] Running Bicep Linter for $bicepfile"
az bicep build -f $bicepfile
}
- job: 'MicrosoftSecurityDevOps'
displayName: 'Microsoft Security DevOps scan'
steps:
- task: MicrosoftSecurityDevOps@1
- job: SuperLinter
displayName: Super Linter
steps:
- script: |
docker pull github/super-linter:latest
docker run -e RUN_LOCAL=true -v $(System.DefaultWorkingDirectory):/tmp/lint github/super-linter
displayName: 'Super Linter'
- stage: Build
jobs:
- job: ArtifactDrop
displayName: "Build Bicep Artifact"
steps:
- task: ArchiveFiles@2
inputs:
includeRootFolder: true
replaceExistingArchive: true
rootFolderOrFile: $(System.DefaultWorkingDirectory)
archiveType: tar
archiveFile: "$(Build.ArtifactStagingDirectory)/$(Build.BuildId)-bicep-plan.tgz"
- upload: $(Build.ArtifactStagingDirectory)/$(Build.BuildId)-bicep-plan.tgz
artifact: $(Build.BuildId)-bicep-plan.tgz