| Stage | Status |
|---|---|
| DevOps Secure Scanning | |
| Build | |
| Release to Production |
This repository contains common Bicep modules and associated Azure DevOps pipelines for the validation and deployment of them to an Azure Container Registry.
The Azure Container Registry is deployed by the platform-strategic-services project and therefore a dependency.
- frasermolyneux/platform-strategic-services - The Azure Container Registry is deployed by this project.
- frasermolyneux/azure-landing-zones - The deploy service principal is managed by this project.
The included Bicep modules have been extracted out of a series of projects that I have worked on through my learning and development. They are largely focused on Azure Integration Services such as API Management, Azure Functions, App Services and Key Vault.
Each module within the solution has a metadata .json file that is within the metadata folder. Currently this contains a JSON payload that simply has a version object containing major, minor and revision properties - there is the future potential to add additional metadata here such as tagging, author and description. For each module file there must be a metadata file and for a new version to be pushed the metadata file must be updated.
If the build is running from any branch other than main then a -preview suffix is added to the tag and the .x and latest tags will not be pushed.
As such, for a new version to be pushed the metadata file is required to be updated. There is no automation at present as it is not warranted.
The one-pipeline is within the .azure-pipelines folder and output is visible on the frasermolyneux/Personal-Public Azure DevOps project.
The Publish-BicepModuleToAcr.ps1 script is executed per module and uses the following rules to publish:
- Will only push a new version if the
major.minor.revisiontag does not already exist - When pushing a new version will also push that version using the a
.xandlatesttag
Please read the contributing guidance; this is a learning and development project.
Please read the security guidance; I am always open to security feedback through email or opening an issue.