Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Lint ARM Templates step #2091

Merged
merged 33 commits into from
Apr 24, 2024
Merged

Add Lint ARM Templates step #2091

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
53364b6
Add Lint ARM Templates step
romulets Apr 4, 2024
0d4adf6
Update template to force check
romulets Apr 4, 2024
a4611c3
Comment paths to check it's working
romulets Apr 4, 2024
ff6df4f
Specificy workdir
romulets Apr 4, 2024
b3e9027
Copy files to another dir
romulets Apr 4, 2024
6eb2cac
Add matrix
romulets Apr 4, 2024
7478d75
Bring path back
romulets Apr 4, 2024
bc27405
Fix paths
romulets Apr 4, 2024
a0c38ee
Remove any changes to see if doesn't trigger
romulets Apr 4, 2024
27092a3
Fix all linting issues from organizational template
romulets Apr 4, 2024
50aa79a
Fix all linting issues from single template
romulets Apr 4, 2024
c1a9777
Bring back MSI Extension
romulets Apr 5, 2024
b775352
Add reasoning to remove files
romulets Apr 5, 2024
55de72e
List arm-ttk files
romulets Apr 5, 2024
af9bc80
Ditch ARM TTK Action and implement ourselves
romulets Apr 5, 2024
75bcf8e
Fix typo
romulets Apr 5, 2024
8caa1db
Add comment over ignored rules
romulets Apr 5, 2024
c495e55
Fix resourceGroup location
romulets Apr 5, 2024
2b0d082
Add parameter on nested deployment
romulets Apr 5, 2024
bfb1d05
Fix github action version
romulets Apr 22, 2024
c12def9
Fix location parameter
romulets Apr 22, 2024
deb1d9f
Fix location parameter
romulets Apr 22, 2024
fbc847b
Fix Location Parameter
romulets Apr 22, 2024
6313fff
Fix Location Parameter
romulets Apr 22, 2024
bc437c7
Fix uneven parenthesis
romulets Apr 22, 2024
3d515f1
Fix uneven parenthesis
romulets Apr 22, 2024
9b5532a
Fix uneven parenthesis
romulets Apr 22, 2024
6fc065c
Fix uneven parenthesis
romulets Apr 22, 2024
9e16479
Add AdminUsername a value
romulets Apr 22, 2024
6a669a8
Add AdminUsername a value
romulets Apr 22, 2024
d755866
Remove deprecated VM extension
romulets Apr 23, 2024
485e02c
Use official gh action
romulets Apr 23, 2024
e45fda3
Remove unnecessary edit
romulets Apr 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 36 additions & 0 deletions .github/workflows/arm-template-lint.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: ARM Templates

on:
pull_request:
paths:
- "deploy/azure/*.json"
push:
branches:
- main
paths:
- "deploy/azure/*.json"

jobs:
lint-arm-ttk:
name: Lint
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
template: [ "ARM-for-organization-account", "ARM-for-single-account" ]
steps:
- uses: actions/checkout@v4

# Copy files to its own folder because it's what the official ARM-TTK action expects
# Docs https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/test-toolkit#test-parameters
- name: copy file
working-directory: ./deploy/azure
run: |
mkdir ${{ matrix.template }}
cp ${{ matrix.template }}.json ${{ matrix.template }}/azuredeploy.json

- uses: microsoft/action-armttk@v1
name: lint ${{ matrix.template }}
with:
github_token: ${{ secrets.github_token }}
workdir: "./deploy/azure/${{ matrix.template }}"
81 changes: 37 additions & 44 deletions deploy/azure/ARM-for-organization-account.dev.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,13 @@
"description": "The enrollment token of elastic-agent"
}
},
"DeploymentLocation": {
"type": "string",
"defaultValue": "[deployment().location]",
"metadata": {
"description": "Deployment location"
}
},
"PublicKeyDevOnly": {
"type": "string",
"metadata": {
Expand All @@ -49,16 +56,16 @@
}
},
"variables": {
"resourceGroupDeployment": "[concat('resource-group-deployment-', deployment().location)]",
"roleAssignmentDeployment": "[concat('role-assignment-deployment-', deployment().location)]",
"roleGUID": "[guid(parameters('SubscriptionId'))]"
"resourceGroupDeployment": "[concat('resource-group-deployment-', parameters('DeploymentLocation'))]",
"roleAssignmentDeployment": "[concat('role-assignment-deployment-', parameters('DeploymentLocation'))]",
"roleGUID": "[guid(parameters('SubscriptionId'), parameters('ResourceGroupName'))]"
},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2022-09-01",
"name": "[variables('resourceGroupDeployment')]",
"location": "[deployment().location]",
"location": "[parameters('DeploymentLocation')]",
"subscriptionId": "[parameters('SubscriptionId')]",
"properties": {
"expressionEvaluationOptions": {
Expand All @@ -69,8 +76,8 @@
"ResourceGroupName": {
"value": "[parameters('ResourceGroupName')]"
},
"Location": {
"value": "[deployment().location]"
"DeploymentLocation": {
"value": "[parameters('DeploymentLocation')]"
}
},
"template": {
Expand All @@ -80,7 +87,7 @@
"ResourceGroupName": {
"type": "string"
},
"Location": {
"DeploymentLocation": {
"type": "string"
}
},
Expand All @@ -89,7 +96,7 @@
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2022-09-01",
"name": "[parameters('ResourceGroupName')]",
"location": "[parameters('Location')]"
"location": "[parameters('DeploymentLocation')]"
}
]
}
Expand All @@ -99,7 +106,7 @@
"type": "Microsoft.Resources/deployments",
"apiVersion": "2022-09-01",
"name": "[variables('roleAssignmentDeployment')]",
"location": "[deployment().location]",
"location": "[parameters('DeploymentLocation')]",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
Expand Down Expand Up @@ -143,7 +150,7 @@
"name": "[guid(parameters('ManagementGroupID'), parameters('SubscriptionId'), parameters('ResourceGroupName'), deployment().name, 'securityaudit')]",
"properties": {
"roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7",
"principalId": "[reference(resourceId(parameters('SubscriptionId'), parameters('ResourceGroupName'), 'Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2019-07-01', 'Full').identity.principalId]",
"principalId": "[reference(resourceId(parameters('SubscriptionId'), parameters('ResourceGroupName'), 'Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
"principalType": "ServicePrincipal"
}
},
Expand All @@ -153,7 +160,7 @@
"name": "[guid(parameters('SubscriptionId'), parameters('ResourceGroupName'), deployment().name, 'additional-role')]",
"properties": {
"roleDefinitionId": "[concat('/providers/Microsoft.Authorization/roleDefinitions/', parameters('AdditionalRoleGUID'))]",
"principalId": "[reference(resourceId(parameters('SubscriptionId'), parameters('ResourceGroupName'), 'Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2019-07-01', 'Full').identity.principalId]",
"principalId": "[reference(resourceId(parameters('SubscriptionId'), parameters('ResourceGroupName'), 'Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2023-09-01', 'Full').identity.principalId]",
"principalType": "ServicePrincipal"
}
}
Expand Down Expand Up @@ -192,15 +199,15 @@
"resources": [
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2021-04-01",
"apiVersion": "2023-09-01",
"name": "cloudbeatVM",
"location": "[resourceGroup().location]",
"location": "[parameters('ResourceGroupLocation')]",
"dependsOn": [
"cloudbeatNic"
],
"properties": {
"hardwareProfile": {
"vmSize": "Standard_DS2_v2"
"vmSize": "[parameters('VMSize')]"
},
"storageProfile": {
"osDisk": {
Expand All @@ -218,7 +225,7 @@
},
"osProfile": {
"computerName": "cloudbeatVM",
"adminUsername": "cloudbeat",
"adminUsername": "[parameters('AdminUsername')]",
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"ssh": {
Expand All @@ -245,9 +252,9 @@
},
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2021-04-01",
"apiVersion": "2023-06-01",
"name": "cloudbeatVNet",
"location": "[resourceGroup().location]",
"location": "[parameters('ResourceGroupLocation')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
Expand All @@ -272,9 +279,9 @@
},
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2021-04-01",
"apiVersion": "2023-06-01",
"name": "cloudbeatNic",
"location": "[resourceGroup().location]",
"location": "[parameters('ResourceGroupLocation')]",
"dependsOn": [
"cloudbeatVNet",
"[resourceId('Microsoft.Network/publicIPAddresses', 'cloudbeatPublicIPDevOnly')]"
Expand All @@ -295,24 +302,6 @@
]
}
},
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2021-04-01",
"name": "cloudbeatVM/EnableMSIExtension",
"location": "[resourceGroup().location]",
"dependsOn": [
"cloudbeatVM"
],
"properties": {
"publisher": "Microsoft.ManagedIdentity",
"type": "ManagedIdentityExtensionForLinux",
"typeHandlerVersion": "1.0",
"autoUpgradeMinorVersion": true,
"settings": {
"port": 50342
}
}
},
{
"type": "Microsoft.Authorization/roleDefinitions",
"apiVersion": "2022-04-01",
Expand All @@ -330,13 +319,10 @@
"Microsoft.Web/sites/*/read",
"Microsoft.Web/sites/config/Read",
"Microsoft.Web/sites/config/list/Action"
],
"dataActions": [],
"notActions": [],
"notDataActions": []
]
}
],
"roleName": "cloudbeatVM additional permissions",
"roleName": "[concat('cloudbeatVM additional permissions ', parameters('ResourceGroupName'))]",
"type": "CustomRole"
}
},
Expand Down Expand Up @@ -419,14 +405,21 @@
},
"ElasticAgentVersion": {
"type": "string"
},
"ResourceGroupLocation": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Resource Group Location"
}
}
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2021-04-01",
"apiVersion": "2023-09-01",
"name": "cloudbeatVM/customScriptExtension",
"location": "[resourceGroup().location]",
"location": "[parameters('ResourceGroupLocation')]",
"properties": {
"publisher": "Microsoft.Azure.Extensions",
"type": "CustomScript",
Expand Down
Loading
Loading