Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow to skip the powershell rules #378

Closed
wants to merge 10 commits into from
Closed

Allow to skip the powershell rules #378

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
34faa9a
Update TemplateAnalyzer.cs
borisf94 Dec 22, 2024
8b85fc8
add ability to skip powershell rules run
Dec 22, 2024
0409965
fix
Dec 22, 2024
c5f7060
fix from pr
Jan 7, 2025
685450c
fix from PR
Jan 8, 2025
922fe22
Fix indentation in TemplateAnalyzer
borisf94 Jan 8, 2025
a42e4e1
Merge branch 'main' into borisf/skip_powershell_rules
reynoldsa Jan 9, 2025
7da70ac
Merge branch 'main' into borisf/skip_powershell_rules
reynoldsa Jan 9, 2025
8c20f08
Merge branch 'borisf/skip_powershell_rules' of https://github.com/bor…
Jan 12, 2025
8d2e387
Merge branch 'main' into borisf/skip_powershell_rules
JohnathonMohr Jan 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions src/Analyzer.Core.UnitTests/TemplateAnalyzerTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -226,6 +226,22 @@ public void FilterRules_ValidConfiguration_NoExceptionThrown()
TemplateAnalyzer.Create(false).FilterRules(new ConfigurationDefinition());
}

[TestMethod]
public void AnalyzeTemplate_NoPowershellRulesRunning_ReturnsLessEvaluations()
{
string[] resourceProperties = {
GenerateResource(
@"{ ""azureActiveDirectory"": { ""tenantId"": ""tenantIdValue"" } }",
"Microsoft.ServiceFabric/clusters", "resource1")
};
string template = GenerateTemplate(resourceProperties);

var noPowershellEvaluations = TemplateAnalyzer.Create(includeNonSecurityRules: true, includePowerShellRules: false).AnalyzeTemplate(template, "aFilePath");
var allRules = templateAnalyzerAllRules.AnalyzeTemplate(template, "aFilePath");
borisf94 marked this conversation as resolved.
Show resolved Hide resolved

Assert.IsTrue(noPowershellEvaluations.Count() < allRules.Count());
}

[TestMethod]
public void CustomRulesFileIsProvided_NoExceptionThrown()
{
Expand Down
15 changes: 10 additions & 5 deletions src/Analyzer.Core/TemplateAnalyzer.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright (c) Microsoft Corporation.
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.

using System;
Expand Down Expand Up @@ -52,8 +52,9 @@ private TemplateAnalyzer(JsonRuleEngine jsonRuleEngine, PowerShellRuleEngine pow
/// <param name="includeNonSecurityRules">Whether or not to run also non-security rules against the template.</param>
/// <param name="logger">A logger to report errors and debug information</param>
/// <param name="customJsonRulesPath">An optional custom rules json file path.</param>
/// <param name="includePowerShellRules">Whether or not to run also powershell rules against the template.</param>
/// <returns>A new <see cref="TemplateAnalyzer"/> instance.</returns>
public static TemplateAnalyzer Create(bool includeNonSecurityRules, ILogger logger = null, FileInfo customJsonRulesPath = null)
public static TemplateAnalyzer Create(bool includeNonSecurityRules, ILogger logger = null, FileInfo customJsonRulesPath = null, bool includePowerShellRules = true)
{
string rules;
try
Expand All @@ -72,7 +73,7 @@ public static TemplateAnalyzer Create(bool includeNonSecurityRules, ILogger logg
? new BicepSourceLocationResolver(templateContext)
: new JsonSourceLocationResolver(templateContext),
logger),
new PowerShellRuleEngine(includeNonSecurityRules, logger),
includePowerShellRules ? new PowerShellRuleEngine(includeNonSecurityRules, logger) : null,
logger);
}
borisf94 marked this conversation as resolved.
Show resolved Hide resolved

Expand Down Expand Up @@ -158,7 +159,11 @@ private IEnumerable<IEvaluation> AnalyzeAllIncludedTemplates(string populatedTem
try
{
IEnumerable<IEvaluation> evaluations = this.jsonRuleEngine.AnalyzeTemplate(templateContext);
evaluations = evaluations.Concat(this.powerShellRuleEngine.AnalyzeTemplate(templateContext));

if (this.powerShellRuleEngine is not null)
{
evaluations = evaluations.Concat(this.powerShellRuleEngine.AnalyzeTemplate(templateContext));
}
borisf94 marked this conversation as resolved.
Show resolved Hide resolved

// Recursively handle nested templates
var jsonTemplate = JObject.Parse(populatedTemplate);
Expand Down Expand Up @@ -187,7 +192,7 @@ private IEnumerable<IEvaluation> AnalyzeAllIncludedTemplates(string populatedTem
// Variables, parameters and functions inherited from parent template
string functionsKey = populatedNestedTemplate.InsensitiveToken("functions")?.Parent.Path ?? "functions";
string variablesKey = populatedNestedTemplate.InsensitiveToken("variables")?.Parent.Path ?? "variables";
string parametersKey = populatedNestedTemplate.InsensitiveToken("parameters")?.Parent.Path ?? "parameters" ;
string parametersKey = populatedNestedTemplate.InsensitiveToken("parameters")?.Parent.Path ?? "parameters";

populatedNestedTemplate[functionsKey] = jsonTemplate.InsensitiveToken("functions");
populatedNestedTemplate[variablesKey] = jsonTemplate.InsensitiveToken("variables");
Expand Down
Loading