From cbbf81d07ba80b6b1bef770a813178a42a935a52 Mon Sep 17 00:00:00 2001 From: Jan Faurskov <22591930+jfaurskov@users.noreply.github.com> Date: Tue, 8 Oct 2024 15:57:14 +0200 Subject: [PATCH 1/4] Add workflow and tests --- .../Test-ArmTemplates.Tests.ps1 | 73 +++++++++++++++++++ .github/workflows/unit-test-arm-templates.yml | 42 +++++++++++ 2 files changed, 115 insertions(+) create mode 100644 .github/actions-pester/Test-ArmTemplates.Tests.ps1 create mode 100644 .github/workflows/unit-test-arm-templates.yml diff --git a/.github/actions-pester/Test-ArmTemplates.Tests.ps1 b/.github/actions-pester/Test-ArmTemplates.Tests.ps1 new file mode 100644 index 000000000..8becfbe40 --- /dev/null +++ b/.github/actions-pester/Test-ArmTemplates.Tests.ps1 @@ -0,0 +1,73 @@ +<# Script to validate ARM templates using the Test-AzTemplate cmdlet #> + +# Define a function to get the list of changed files in a pull request +function Get-ChangedFiles { + [CmdletBinding(SupportsShouldProcess)] + param ( + # Parameter to filter files by path + [Parameter()] + [String]$pathFilter, + + # Parameter to filter files by extension + [Parameter()] + [String]$extensionFilter, + + # Parameter to specify the pull request branch, defaulting to the GitHub head reference + [Parameter()] + [String]$PRBranch = "$($env:GITHUB_HEAD_REF)" + ) + + # Get the list of changed files between the main branch and the pull request branch + $changedFiles = git diff --name-only origin/main origin/$PRBranch + + # Create a regex pattern to filter files based on the provided path and extension + $regex = "$pathFilter.*\.$extensionFilter" + + # Filter the changed files using the regex pattern + $resultFiles = $changedFiles | Where-Object { $PSItem -match $regex } + + # Return the filtered files + $resultFiles | ForEach-Object { + return $_ + } +} + +# Get the list of modified ARM template files +$ModifiedFiles = @(Get-ChangedFiles -pathFilter 'templates/arm' -extensionFilter 'json') + +# Check if there are any modified ARM template files +if ($null -ne $ModifiedFiles) { + Write-Output "These are the modified ARM templates: $($ModifiedFiles)" +} else { + Write-Output "There are no modified ARM templates" +} + +# Initialize a counter for the number of failed tests +$NumberOfFailedTests = 0 + +# Iterate over each modified ARM template file +$ModifiedFiles | ForEach-Object { + $TemplatePath = $PSItem + Write-Output "Test $TemplatePath" + + # Run the Test-AzTemplate cmdlet to test the ARM template + $testResults = Test-AzTemplate -TemplatePath $TemplatePath -Test deploymentTemplate -ErrorAction Continue + + # Filter the test results to find any failed tests + $failedTests = $testResults | Where-Object { $PSItem.Passed -ne $True } + + # If there are failed tests, log a warning and increment the failed tests counter + if ($failedTests -ne $null) { + $failedTests | ForEach-Object { + Write-Warning "$($PSItem | Out-String)" + $NumberOfFailedTests++ + } + } +} + +# If there are any failed tests, log an error and exit with a non-zero status +If ($NumberOfFailedTests -gt 0) { + Write-Error "There are $NumberOfFailedTests failed tests" + exit 1 +} + diff --git a/.github/workflows/unit-test-arm-templates.yml b/.github/workflows/unit-test-arm-templates.yml new file mode 100644 index 000000000..80e81237c --- /dev/null +++ b/.github/workflows/unit-test-arm-templates.yml @@ -0,0 +1,42 @@ +name: Unit Test ARM templates with arm-ttk + +########################################## +# Start the job on PR for all branches # +######################################### + +# yamllint disable-line rule:truthy +on: + pull_request: + types: + - opened + - reopened + - synchronize + - ready_for_review + paths: + - "services/**/**/templates/arm/**.json" + workflow_dispatch: {} + +permissions: + id-token: write + contents: read + +jobs: + validate-arm-files: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + ref: ${{github.event.pull_request.head.ref}} + repository: ${{github.event.pull_request.head.repo.full_name}} + - name: Clone ARM-TTK repo + uses: GuillaumeFalourd/clone-github-repo-action@v3 + with: + owner: 'Azure' + repository: 'arm-ttk' + - name: Test Modified ARM templates + shell: pwsh + run: | + Import-Module ./arm-ttk/arm-ttk/arm-ttk.psd1 + ./.github/actions-pester/Test-ArmTemplates.Tests.ps1 From 7d2f88c1ccbdcc53ac2095626293efe519a0f166 Mon Sep 17 00:00:00 2001 From: Jan Faurskov <22591930+jfaurskov@users.noreply.github.com> Date: Tue, 8 Oct 2024 16:06:10 +0200 Subject: [PATCH 2/4] rm space --- .github/actions-pester/Test-ArmTemplates.Tests.ps1 | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/actions-pester/Test-ArmTemplates.Tests.ps1 b/.github/actions-pester/Test-ArmTemplates.Tests.ps1 index 8becfbe40..c4f967882 100644 --- a/.github/actions-pester/Test-ArmTemplates.Tests.ps1 +++ b/.github/actions-pester/Test-ArmTemplates.Tests.ps1 @@ -16,13 +16,12 @@ function Get-ChangedFiles { [Parameter()] [String]$PRBranch = "$($env:GITHUB_HEAD_REF)" ) - # Get the list of changed files between the main branch and the pull request branch $changedFiles = git diff --name-only origin/main origin/$PRBranch - + # Create a regex pattern to filter files based on the provided path and extension $regex = "$pathFilter.*\.$extensionFilter" - + # Filter the changed files using the regex pattern $resultFiles = $changedFiles | Where-Object { $PSItem -match $regex } @@ -49,13 +48,13 @@ $NumberOfFailedTests = 0 $ModifiedFiles | ForEach-Object { $TemplatePath = $PSItem Write-Output "Test $TemplatePath" - + # Run the Test-AzTemplate cmdlet to test the ARM template $testResults = Test-AzTemplate -TemplatePath $TemplatePath -Test deploymentTemplate -ErrorAction Continue - + # Filter the test results to find any failed tests $failedTests = $testResults | Where-Object { $PSItem.Passed -ne $True } - + # If there are failed tests, log a warning and increment the failed tests counter if ($failedTests -ne $null) { $failedTests | ForEach-Object { From 82dba6d819e1354ee8869f96b0a19517a9a48537 Mon Sep 17 00:00:00 2001 From: Jan Faurskov <22591930+jfaurskov@users.noreply.github.com> Date: Tue, 8 Oct 2024 16:07:29 +0200 Subject: [PATCH 3/4] yml syntax --- .github/workflows/unit-test-arm-templates.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/unit-test-arm-templates.yml b/.github/workflows/unit-test-arm-templates.yml index 80e81237c..1a59510c6 100644 --- a/.github/workflows/unit-test-arm-templates.yml +++ b/.github/workflows/unit-test-arm-templates.yml @@ -1,3 +1,4 @@ +--- name: Unit Test ARM templates with arm-ttk ########################################## @@ -14,7 +15,7 @@ on: - ready_for_review paths: - "services/**/**/templates/arm/**.json" - workflow_dispatch: {} + workflow_dispatch: { } permissions: id-token: write From 338f4aeeec54075b70f90f028ccc7e25a4a4a4e9 Mon Sep 17 00:00:00 2001 From: Jan Faurskov <22591930+jfaurskov@users.noreply.github.com> Date: Tue, 8 Oct 2024 16:11:39 +0200 Subject: [PATCH 4/4] linter error --- .github/actions-pester/Test-ArmTemplates.Tests.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions-pester/Test-ArmTemplates.Tests.ps1 b/.github/actions-pester/Test-ArmTemplates.Tests.ps1 index c4f967882..b2cb2cfbc 100644 --- a/.github/actions-pester/Test-ArmTemplates.Tests.ps1 +++ b/.github/actions-pester/Test-ArmTemplates.Tests.ps1 @@ -1,7 +1,7 @@ <# Script to validate ARM templates using the Test-AzTemplate cmdlet #> # Define a function to get the list of changed files in a pull request -function Get-ChangedFiles { +function Get-ChangedFile { [CmdletBinding(SupportsShouldProcess)] param ( # Parameter to filter files by path @@ -32,7 +32,7 @@ function Get-ChangedFiles { } # Get the list of modified ARM template files -$ModifiedFiles = @(Get-ChangedFiles -pathFilter 'templates/arm' -extensionFilter 'json') +$ModifiedFiles = @(Get-ChangedFile -pathFilter 'templates/arm' -extensionFilter 'json') # Check if there are any modified ARM template files if ($null -ne $ModifiedFiles) {