microsoft / ps-rule Goto Github PK

Conventions provide additional extensibility for PSRule, we should allow these to be specified from the assert task.

Update included PSRule version to v1.0.1.

Related to microsoft/PSRule#1431

Currently the PSRule action support specific releases:

- name: Run PSRule analysis
  uses: microsoft/[email protected]

Or latest commit:

- name: Run PSRule analysis
  uses: microsoft/ps-rule@main

However we should provide some additional options to provide even more flexibility such as:

• microsoft/ps-rule@v2 - The latest stable release >= 2.0.0 and < 3.0.0
• microsoft/ps-rule@latest - The latest stable release.

When PSRule v3 is available microsoft/ps-rule@v3.

Currently rules modules can be installed from the PowerShell Gallery. There isn't a way currently to use a private feed, however this would be helpful for internal publishing within an organization.

Update Docker image to the latest patch release for PowerShell 7.1.

Bump PowerShell image to 7.2.1.

Update included PSRule version to v0.20.0.

Bump PSRule dependency to v1.4.0.

Update included PSRule version to v1.0.0.

Description of the issue

Problem with pathing from recent PR #146.

Error output

/home/runner/work/_actions/Microsoft/ps-rule/mainpowershell.ps1: /home/runner/work/_temp/f38679bf-c3f0-43d2-9d4c-208a6552bd8b.ps1:2
Line |
   2 |  /home/runner/work/_actions/Microsoft/ps-rule/mainpowershell.ps1 -Inpu …
     |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | The term
     | '/home/runner/work/_actions/Microsoft/ps-rule/mainpowershell.ps1' is not recognized as a name of a cmdlet, function, script file, or executable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Action version:

• Version: main

Turn on dependency updates for Docker files and GitHub Actions.

Description of the issue

When a module installs a newer version of PSRule then currently supported by PSRule action an error occurs.

Expected behaviour

PSRule action should allow a newer version of PSRule module to be installed.

Error output

One or more assertions failed.

Action version:

• Version: 2.0.0

Bump PSRule dependency to v1.10.0.

Update docker image to use the latest PowerShell version tag 7.1.0-alpine-3.10.

Bump PSRule module dependency to v1.6.0.

Update included PSRule version to v0.22.0.

Update PSRule module dependency to v1.2.0.

Update PSRule module to the latest stable version. i.e. v0.18.1.

Description of the issue

If a module fails to install, an PowerShell error will be generated in output but this doesn't stop the pipeline.

If the module is not installed, included rules can not be run.

Expected behaviour

If any module fails to install, the action should error.

Failing to install a module could be a transient issue.

Error output

> Checking module: PSRule.Rules.MSFT.OSS
  - Installing module
Install-Package: /opt/microsoft/powershell/7/Modules/PowerShellGet/PSModule.psm1:9711
Line |
9711 |  … talledPackages = PackageManagement\Install-Package @PSBoundParameters
     |                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | No match was found for the specified search criteria and
     | module name 'PSRule.Rules.MSFT.OSS'. Try Get-PSRepository to
     | see all available registered module repositories.

Get-Package: /opt/microsoft/powershell/7/Modules/PowerShellGet/PSModule.psm1:9445
Line |
9445 |          PackageManagement\Get-Package @PSBoundParameters | Microsoft. …
     |          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | No match was found for the specified search criteria and
     | module names 'PSRule.Rules.MSFT.OSS'.

  - Failed to install

Action version:

• Version: 1.5.0

Bump PSRule dependency to v1.7.0.

Currently only stable release rule module versions are installed. Add support for optionally installing pre-release module versions.

PSRule v2.6.0 introduced support for write job summaries. You can configure this using the Output.JobSummaryPath option.

We should automatically write job summaries by default when using the GitHub action and provide an input to disable.

Currently the inputType of repository uses custom code to scan the repository for files.

PSRule v0.20.0 introduces a similar process natively within the engine. It also observes file exclusions from .gitignore and the Input.PathIgnore option.

We should update to use this feature.

References

PSRule change log

PSRule v0.21.0 added support for an additional output format Markdown. Support should be added for Markdown with the outputFormat input parameter.

Is your feature request related to a problem? Please describe.

Continuing from https://github.com/microsoft/PSRule/discussions/962

As shown here:

Sometimes it would be useful to show more error output here to understand what the issue is.

Describe the solution you'd like

Catch the specific exception type in https://github.com/microsoft/ps-rule/blob/main/powershell.ps1#L181.

Describe alternatives you've considered

Other solutions:

• Add all exception messages with $_.Exception.Message inside the error message: https://github.com/microsoft/ps-rule/blob/main/powershell.ps1#L182. May not want to do this because some messages should not be shown in CI, such as the Pipeline Stopped... exception.
• Add a CI option to expose full exception message. Could be useful if customer wants to set this option in ps-rule.yaml to control the verbosity of the output.

Additional context

Should be included for Azure Pipelines as well.

Team,
We are planning to upgrade the logo for all 13 GitHub Actions projects listed on the GitHub Marketplace to the official Microsoft logo.

We'd like to make this change by the end of May 2021.

Please let us know if you have any objection, otherwise we'll proceed.

https://github.com/microsoft/raft-action
https://github.com/microsoft/sarif-actions
https://github.com/microsoft/powerplatform-actions
https://github.com/microsoft/psscriptanalyzer-action
https://github.com/microsoft/vs-intellicode
https://github.com/microsoft/setup-msbuild
https://github.com/microsoft/ps-rule
https://github.com/microsoft/RichCodeNavIndexer
https://github.com/microsoft/playwright-github-action
https://github.com/microsoft/DevSkim-Action
https://github.com/microsoft/infersharpaction
https://github.com/microsoft/android-app-size-diff
https://github.com/microsoft/variable-substitution

Currently the PSRule version is directly tied to the version of the action.

Moving forward with PSRule v2. In the short term we need to test PSRule v2 preview versions. But longer term, giving a choice of PSRule version would be helpful.

Update PSRule dependency to v1.1.0.

Update documentation to make it clear that inputPath is a relative path, because it is appended to path. A fully qualified path will fail.

Bump PSRule dependency to v1.5.0.

The latest PSRule version v2.0.0-B2201161 supports SARIF as an output format. We need to update the action validation set to permit Sarif to be used as an output format.

Currently output from PSRule can be filtered to a specific set of outcomes by setting Output.Outcome through an environment variable or ps-rule.yaml.

However this is common case that a parameter to configure directly on the action can be provided.

Update PSRule dependency to v1.0.3

Description of the issue

When using the current release of PSRule my rules are no longer found/detected in the .ps-rule directory nested in my .github directory.

Expected behaviour

*.Rule.ps1 files should be detected.

To Reproduce

Steps to reproduce the issue:

• Nest .ps-rule directory under .gitlab directory

Working

Rule file is detected

    - name: Checkout
      uses: actions/checkout@v2
 
    - name: Check GitHub Community Rules
      uses: Microsoft/[email protected]
      with:
        source: .github/.ps-rule/

Not Working

Rule file is NOT detected

    - name: Checkout
      uses: actions/checkout@v2
 
    - name: Check GitHub Community Rules
      uses: Microsoft/ps-rule@main
      with:
        source: .github/.ps-rule/

Error output

Capture any error messages and or run output.

2020-09-18T16:57:34.2793671Z [info] Using Action: Microsoftps-rule
2020-09-18T16:57:34.2882599Z [info] Using PWD: /github/workspace
2020-09-18T16:57:34.2883150Z [info] Using Path: /github/workspace
2020-09-18T16:57:34.2884218Z [info] Using Source: /github/workspace/.github/.ps-rule/
2020-09-18T16:57:34.2884795Z [info] Using InputType: repository
2020-09-18T16:57:34.2885291Z [info] Using InputPath: /github/workspace
2020-09-18T16:57:34.2886346Z [info] Using OutputFormat: Json
2020-09-18T16:57:34.2887120Z [info] Using OutputPath: ./rule-analysis.txt
2020-09-18T16:57:34.3332291Z 
2020-09-18T16:57:34.3333830Z ---
2020-09-18T16:57:35.0057504Z     ____  _____ ____        __
2020-09-18T16:57:35.0057871Z    / __ \/ ___// __ \__  __/ /__
2020-09-18T16:57:35.0058130Z   / /_/ /\__ \/ /_/ / / / / / _ \
2020-09-18T16:57:35.0071629Z  / ____/___/ / _, _/ /_/ / /  __/
2020-09-18T16:57:35.0071961Z /_/    /____/_/ |_|\__,_/_/\___/
2020-09-18T16:57:35.0072134Z 
2020-09-18T16:57:35.0096588Z Using PSRule v0.20.0
2020-09-18T16:57:35.0096815Z 
2020-09-18T16:57:35.1181542Z ##[warning]Target object '.github/.ps-rule/GitHub.Community.Rule.ps1' has not been processed because no matching rules were found.
2020-09-18T16:57:35.1186964Z 
2020-09-18T16:57:35.1187351Z Rules processed: 0, failed: 0, errored: 0

Action version:

• Version: 0.3.0 (Broken)
• Version: 0.2.0 (Working)

Additional context

• Rule Directory
  • REPO/.github/.ps-rule
• Rules Used
  • GitHub.Community.Rule.ps1 (From Example)

This format has previously worked for me on other repositories in the past by targeting main but now I have to explicitly target v0.2.0 to have it work correctly as expected.

Currently PSRule will automatically detect and use ps-rule.yaml for options from the current working path when the action is run.

In some cases it may be desirable to have an options file for different use cases. While Assert-PSRule exposes an -Option parameter that can be set to an alternative file path, it is not currently exposed as an option that can be set in the pipeline.

Adding an additional parameter to set the option file would be useful for some use cases.

Update Docker base image to use PowerShell 7.0.2.

Bump PSRule dependency to v1.7.2.

Update Docker image to the latest patch release for PowerShell 7.1.

There are still some exceptions which are hard to troubleshoot. We should add additional output logging for exceptions.

Update PSRule module dependency to v1.3.0.

PSRule provides an ability to use a baseline to configure binding and rule sets.

Currently this option is not exposed as a configurable input for this action.

Update included PSRule version to v0.19.0.

Update included PSRule version to v0.21.0.

Bump PSRule dependency to v1.11.0.

Is your feature request related to a problem? Please describe.

The current PSRule release is 3 weeks old.
I wish to test a recent change in the main branch.

I tried using both of these syntaxes, however the first continued to reference 2.7.0 and the second failed. Apologies if this is documented somewhere that i didn't spot.

      - name: PSRule for Azure - Well Architected
        #uses: microsoft/[email protected]
        uses: microsoft/ps-rule@main
        continue-on-error: true #Setting this whilst PSRule gets bedded in, in this project
        with:
          modules: 'PSRule.Rules.Azure'
          inputPath: "${{ env.ParamFilePath }}"

      - name: PSRule for Azure - Well Architected
        #uses: microsoft/[email protected]
        uses: microsoft/ps-rule@main
        continue-on-error: true #Setting this whilst PSRule gets bedded in, in this project
        with:
          modules: 'PSRule.Rules.Azure'
          inputPath: "${{ env.ParamFilePath }}"
          version: 'main' #Assume this relates to the repo tag

Describe the solution you'd like

An easy way to use the version in main

Describe alternatives you've considered

None

Additional context

https://github.com/Azure/AKS-Construction/blob/gb-wellarchfixup/.github/workflows/ByoVnetCI.yml

Add support information into standard SUPPORT.md.

Bump PSRule dependency to v1.8.0

Bump PSRule dependency to v1.9.0.

Description of the issue

When running with a pre-release version of PSRule, errors importing the module. However the module is still imported and run.

Expected behaviour

Resolve issue parsing pre-release Sem Version string to Import-Module cmdlet.

Error output

Error: An error occured importing module 'PSRule'.

Action version:

• Version: main - pre-v2