Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using PSRule v. 3.0.0-B0203 returning unexpected ''helper'' value when testing deployment names using custom rules #1847

Closed
lassehastrup opened this issue May 31, 2024 · 3 comments
Closed

Using PSRule v. 3.0.0-B0203 returning unexpected ''helper'' value when testing deployment names using custom rules #1847

lassehastrup opened this issue May 31, 2024 · 3 comments
Labels
downstream An issue for downstream tracking of PSRule repositories enhancement New feature or request waiting-feedback An issue or PR that needs author feedback.

Comments

@lassehastrup
Copy link

lassehastrup commented May 31, 2024
edited
Loading

Description of the issue

I have previously created a bug report in regards to outputting the 'Reason' when validating resource names.
Therefore, I'm using the 3.0.0-B0203 version you released to perform some further testing, as we're in the process of adding a bunch of custom rules.

However, the 'Reason' is now outputting a strange message ''Helper'' which doesn't exist in the repository at all.
We're using a custom Rule to verify naming standards in bicep deployments using this type:

  • 'Microsoft.Resources/deployments'

It seems to be populated from the backend in some way, as I'm getting the same error in every single repository I have tested this on; and none of the repos contains the words 'helper'.

To Reproduce

Steps to reproduce the issue:

I have created a small test scenario with the custom rule, option file and a simple bicep file to show the error received:
Download the folder below, and run the 'PSRulePreDeployment.ps1' script.
PSRule.zip

./PSRulePreDeployment.ps1

Expected behaviour

We don't expect to receive any errors in regards to the naming.

Error output


[FAIL] Local.YAML.NamingConvention.Resources.deployments
    | Template: templates/main.bicep:0:0
    | Parameter: tenants/FMP/dev.fes.Azure.parameters.json:0:0

    | RECOMMEND:
    | Valid text: 'Alphanumerics, underscores, parentheses, hyphens, and periods.'

    | REASON:
    | - The value ''helper'' does not start with any of 'deploy'.

Module in use and version:

Using PSRule v3.0.0-B0203
Using PSRule.Rules.Azure v1.36.0
Using PSRule.Rules.CAF v0.3.0

Captured output from $PSVersionTable:

PSVersion                      7.4.2
PSEdition                      Core
GitCommitId                    7.4.2
OS                             Darwin 23.4.0 Darwin Kernel Version 23.4.0: Fri Mar 15 00:10:42 PDT 2024; root:xnu-10063.101.17~1/RELEASE_ARM64_T6000
Platform                       Unix
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Additional context

I hope this is the correct place to report issues on pre-releases.
@BernieWhite
Copy link
Member

BernieWhite commented Jun 1, 2024
edited
Loading

Hi @lassehastrup, this is intended. It is the name used for the root deployment. i.e. the bicep + json parameter file.

During a az deployment group create --name <name> --template-file <file> this would be effectively the <name>.

I agree the name helper is probably less intuitive, but has some advantages for your case. You can easily exclude this name, and we use this for some rules in PSRule for Azure.

Does that make sense? Or is there a clear preference for something different?

@BernieWhite BernieWhite added waiting-feedback An issue or PR that needs author feedback. enhancement New feature or request downstream An issue for downstream tracking of PSRule repositories labels Jun 1, 2024
@lassehastrup
Copy link
Author

Thanks, @BernieWhite .

I'm still a little unsure to why this 'helper' is being used, but I assume you have good reasons. I will create another rule for this to 'allow' it.

@BernieWhite
Copy link
Member

BernieWhite commented Jun 3, 2024
edited
Loading

@lassehastrup Not sure if this helps the explanation, however:

In a bicep file, each module reference becomes a deployment.

For example this deployment is called deployment1 in the deploy.bicep file.

module example './main.bicep' = {
  name: 'deployment1'
  params: {}
}

However, there is actually two deployments occurring in the block of code.

  1. the root deployment in deploy.bicep.
  2. the nested deployment called deployment1 from main.bicep.

You never specified the name of the root deployment in code, but when you trigger a deployment to Azure by running the Azure CLI/ Azure PowerShell/ Portal it is automatically created, based on the contents of deploy.bicep.

The deployment in Azure would look like this:

  • Root deployment
    • deployment1

Root deployment isn't the name of the deployment though, neither is deployment1 because it's not specified in code.

If you ran the deployment on the command line i.e. az deployment group create -g rg1 -n deployment0 --template-file deploy.bicep --parameters @params.json you would be specifying the name deployment0 for the root deployment.

In PSRule for Azure, we choose the name of the root deployment when using bicep code to be helper.

https://github.com/Azure/PSRule.Rules.Azure/blob/167f20562e1b197f73fc3da9703d9f2bb6d9893a/src/PSRule.Rules.Azure/Data/Bicep/BicepHelper.cs#L339

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
downstream An issue for downstream tracking of PSRule repositories enhancement New feature or request waiting-feedback An issue or PR that needs author feedback.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@BernieWhite @lassehastrup