-
Notifications
You must be signed in to change notification settings - Fork 87
125 lines (97 loc) · 5.62 KB
/
consistency-check.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: Consistency Check
on:
workflow_dispatch:
schedule:
- cron: '0 0 * * *' # every day at midnight
env:
SCHEMA_FOLDER: schemas/latest/landingzones
LOGGING_PATH_FROM_ROOT: config/logging
NETWORKING_PATH_FROM_ROOT: config/networking
IDENTITY_PATH_FROM_ROOT: config/identity
SUBSCRIPTIONS_PATH_FROM_ROOT: config/subscriptions
jobs:
consistency_check:
name: Consistency Check Job
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v2
- name: Run schema test cases
shell: pwsh
working-directory: ${{env.working-directory}}
run: |
# Validate schema test cases
$SchemaTestsFolder="tests/schemas"
Write-Host "Validating schema test cases..."
Write-Host "Schema Test Folder: $SchemaTestsFolder"
Write-Host "Schema Folder: ${{env.SCHEMA_FOLDER}}"
Get-ChildItem -Directory -Path $SchemaTestsFolder | Foreach-Object {
$archetypeName = $_.BaseName
Write-Host "Archetype: $archetypeName"
Get-ChildItem -Recurse -Filter '*.json' -Path "$SchemaTestsFolder/$archetypeName" | ForEach-Object {
Write-Host " Validating: $_ with ${{env.SCHEMA_FOLDER}}/$archetypeName.json"
Get-Content -Raw $_ | Test-Json -SchemaFile "${{env.SCHEMA_FOLDER}}/$archetypeName.json"
}
}
- name: Validate existing subscription archetype parameter files
shell: pwsh
working-directory: ${{env.working-directory}}
run: |
# Validate existing subscription archetype parameter files
Write-Host "Validate existing subscription archetype parameter files..."
$LoggingFileFilter="*.json"
$LoggingSchemaFile="${{env.SCHEMA_FOLDER}}/lz-platform-logging.json"
Get-ChildItem -Recurse -Filter $LoggingFileFilter -Path "${{env.LOGGING_PATH_FROM_ROOT}}" | ForEach-Object {
Write-Host "Validating: $_ with $LoggingSchemaFile"
Get-Content -Raw $_ | Test-Json -SchemaFile $LoggingSchemaFile
}
$HubNetworkWithAzureFirewallFileFilter="*.json"
$HubNetworkWithAzureFirewallSchemaFile="${{env.SCHEMA_FOLDER}}/lz-platform-connectivity-hub-azfw.json"
Get-ChildItem -Recurse -Filter $HubNetworkWithAzureFirewallFileFilter -Path "${{env.NETWORKING_PATH_FROM_ROOT}}/*/hub-azfw/" | ForEach-Object {
Write-Host "Validating: $_ with $HubNetworkWithAzureFirewallSchemaFile"
Get-Content -Raw $_ | Test-Json -SchemaFile $HubNetworkWithAzureFirewallSchemaFile
}
$HubNetworkWithAzureFirewallPolicyFileFilter="*.json"
$HubNetworkWithAzureFirewallPolicySchemaFile="${{env.SCHEMA_FOLDER}}/lz-platform-connectivity-hub-azfw-policy.json"
Get-ChildItem -Recurse -Filter $HubNetworkWithAzureFirewallPolicyFileFilter -Path "${{env.NETWORKING_PATH_FROM_ROOT}}/*/hub-azfw-policy/" | ForEach-Object {
Write-Host "Validating: $_ with $HubNetworkWithAzureFirewallPolicySchemaFile"
Get-Content -Raw $_ | Test-Json -SchemaFile $HubNetworkWithAzureFirewallPolicySchemaFile
}
$HubNetworkWithNVAFileFilter="*.json"
$HubNetworkWithNVASchemaFile="${{env.SCHEMA_FOLDER}}/lz-platform-connectivity-hub-nva.json"
Get-ChildItem -Recurse -Filter $HubNetworkWithNVAFileFilter -Path "${{env.NETWORKING_PATH_FROM_ROOT}}/*/hub-nva/" | ForEach-Object {
Write-Host "Validating: $_ with $HubNetworkWithNVASchemaFile"
Get-Content -Raw $_ | Test-Json -SchemaFile $HubNetworkWithNVASchemaFile
}
$IdentityFileFilter="*.json"
$IdentitySchemaFile="${{env.SCHEMA_FOLDER}}/lz-platform-identity.json"
Get-ChildItem -Recurse -Filter $IdentityFileFilter -Path "${{env.IDENTITY_PATH_FROM_ROOT}}" | ForEach-Object {
Write-Host "Validating: $_ with $IdentitySchemaFile"
Get-Content -Raw $_ | Test-Json -SchemaFile $IdentitySchemaFile
}
$GenericSubscriptionFileFilter="*generic-subscription*.json"
$GenericSubscriptionSchemaFile="${{env.SCHEMA_FOLDER}}/lz-generic-subscription.json"
Get-ChildItem -Recurse -Filter $GenericSubscriptionFileFilter -Path "${{env.SUBSCRIPTIONS_PATH_FROM_ROOT}}" | ForEach-Object {
Write-Host "Validating: $_ with $GenericSubscriptionSchemaFile"
Get-Content -Raw $_ | Test-Json -SchemaFile $GenericSubscriptionSchemaFile
}
$MachineLearningFileFilter="*machinelearning*.json"
$MachineLearningSchemaFile="${{env.SCHEMA_FOLDER}}/lz-machinelearning.json"
Get-ChildItem -Recurse -Filter $MachineLearningFileFilter -Path "${{env.SUBSCRIPTIONS_PATH_FROM_ROOT}}" | ForEach-Object {
Write-Host "Validating: $_ with $MachineLearningSchemaFile"
Get-Content -Raw $_ | Test-Json -SchemaFile $MachineLearningSchemaFile
}
$HealthcareFileFilter="*healthcare*.json"
$HealthcareSchemaFile="${{env.SCHEMA_FOLDER}}/lz-healthcare.json"
Get-ChildItem -Recurse -Filter $HealthcareFileFilter -Path "${{env.SUBSCRIPTIONS_PATH_FROM_ROOT}}" | ForEach-Object {
Write-Host "Validating: $_ with $HealthcareSchemaFile"
Get-Content -Raw $_ | Test-Json -SchemaFile $HealthcareSchemaFile
}
- name: Validate Bicep Templates using latest version of Bicep
shell: bash
run: |
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
az bicep upgrade
az version
az bicep version
find . -type f -name '*.bicep' | xargs -tn1 az bicep build -f