[Hackathon] Refined PSRule results, uncommented Deploy and Publish jobs and added condition to run deployment if psrule fails

.github/actions/templates/validateModulePSRule/action.yml

@@ -98,7 +98,6 @@ runs:
         inputPath: '${{ env.modulePath }}/${{ inputs.moduleTestFilePath }}'
         outputFormat: Csv
         outputPath: '${{ env.modulePath }}/${{ inputs.moduleTestFilePath }}-output.csv'
-        # option: '${{ env.modulePath }}/.test/vnet-ps-rule.yaml'
 
     - name: 'Set PSRule Output'
       if: always()

.github/workflows/ms.keyvault.vaults.yml

@@ -104,66 +104,67 @@ jobs:
           subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
           managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
 
-  # #############################
-  # #   Deployment validation   #
-  # #############################
-  # job_module_deploy_validation:
-  #   runs-on: ubuntu-20.04
-  #   name: 'Deployment validation'
-  #   needs:
-  #     - job_initialize_pipeline
-  #     - job_module_pester_validation
-  #     - job_psrule_test
-  #   strategy:
-  #     fail-fast: false
-  #     matrix:
-  #       moduleTestFilePaths: ${{ fromJSON(needs.job_initialize_pipeline.outputs.moduleTestFilePaths) }}
-  #   steps:
-  #     - name: 'Checkout'
-  #       uses: actions/checkout@v2
-  #       with:
-  #         fetch-depth: 0
-  #     - name: Set environment variables
-  #       uses: ./.github/actions/templates/setEnvironmentVariables
-  #       with:
-  #         variablesPath: ${{ env.variablesPath }}
-  #     - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
-  #       uses: ./.github/actions/templates/validateModuleDeployment
-  #       with:
-  #         templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
-  #         location: '${{ env.location }}'
-  #         resourceGroupName: '${{ env.resourceGroupName }}'
-  #         subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
-  #         managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
-  #         removeDeployment: '${{ needs.job_initialize_pipeline.outputs.removeDeployment }}'
+  #############################
+  #   Deployment validation   #
+  #############################
+  job_module_deploy_validation:
+    runs-on: ubuntu-20.04
+    if: ${{ always() && (needs.job_module_pester_validation.result == 'success') }} # Deployment validation will not be blocked by the failing PSRule validation stage (for the time being). <- Remove the condition block to change behavior
+    name: 'Deployment validation'
+    needs:
+      - job_initialize_pipeline
+      - job_module_pester_validation
+      - job_psrule_test
+    strategy:
+      fail-fast: false
+      matrix:
+        moduleTestFilePaths: ${{ fromJSON(needs.job_initialize_pipeline.outputs.moduleTestFilePaths) }}
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Set environment variables
+        uses: ./.github/actions/templates/setEnvironmentVariables
+        with:
+          variablesPath: ${{ env.variablesPath }}
+      - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
+        uses: ./.github/actions/templates/validateModuleDeployment
+        with:
+          templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
+          location: '${{ env.location }}'
+          resourceGroupName: '${{ env.resourceGroupName }}'
+          subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
+          managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
+          removeDeployment: '${{ needs.job_initialize_pipeline.outputs.removeDeployment }}'
 
-  # ##################
-  # #   Publishing   #
-  # ##################
-  # job_publish_module:
-  #   name: 'Publishing'
-  #   if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.event.inputs.prerelease == 'true'
-  #   runs-on: ubuntu-20.04
-  #   needs:
-  #     - job_module_deploy_validation
-  #   steps:
-  #     - name: 'Checkout'
-  #       uses: actions/checkout@v2
-  #       with:
-  #         fetch-depth: 0
-  #     - name: Set environment variables
-  #       uses: ./.github/actions/templates/setEnvironmentVariables
-  #       with:
-  #         variablesPath: ${{ env.variablesPath }}
-  #     - name: 'Publishing'
-  #       uses: ./.github/actions/templates/publishModule
-  #       with:
-  #         templateFilePath: '${{ env.modulePath }}/deploy.bicep'
-  #         templateSpecsRGName: '${{ env.templateSpecsRGName }}'
-  #         templateSpecsRGLocation: '${{ env.templateSpecsRGLocation }}'
-  #         templateSpecsDescription: '${{ env.templateSpecsDescription }}'
-  #         templateSpecsDoPublish: '${{ env.templateSpecsDoPublish }}'
-  #         bicepRegistryName: '${{ env.bicepRegistryName }}'
-  #         bicepRegistryRGName: '${{ env.bicepRegistryRGName }}'
-  #         bicepRegistryRgLocation: '${{ env.bicepRegistryRgLocation }}'
-  #         bicepRegistryDoPublish: '${{ env.bicepRegistryDoPublish }}'
+  ##################
+  #   Publishing   #
+  ##################
+  job_publish_module:
+    name: 'Publishing'
+    if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.event.inputs.prerelease == 'true'
+    runs-on: ubuntu-20.04
+    needs:
+      - job_module_deploy_validation
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Set environment variables
+        uses: ./.github/actions/templates/setEnvironmentVariables
+        with:
+          variablesPath: ${{ env.variablesPath }}
+      - name: 'Publishing'
+        uses: ./.github/actions/templates/publishModule
+        with:
+          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
+          templateSpecsRGName: '${{ env.templateSpecsRGName }}'
+          templateSpecsRGLocation: '${{ env.templateSpecsRGLocation }}'
+          templateSpecsDescription: '${{ env.templateSpecsDescription }}'
+          templateSpecsDoPublish: '${{ env.templateSpecsDoPublish }}'
+          bicepRegistryName: '${{ env.bicepRegistryName }}'
+          bicepRegistryRGName: '${{ env.bicepRegistryRGName }}'
+          bicepRegistryRgLocation: '${{ env.bicepRegistryRgLocation }}'
+          bicepRegistryDoPublish: '${{ env.bicepRegistryDoPublish }}'

.github/workflows/ms.network.virtualnetworks.yml

@@ -104,66 +104,67 @@ jobs:
           subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
           managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
 
-  # #############################
-  # #   Deployment validation   #
-  # #############################
-  # job_module_deploy_validation:
-  #   runs-on: ubuntu-20.04
-  #   name: 'Deployment validation'
-  #   needs:
-  #     - job_initialize_pipeline
-  #     - job_module_pester_validation
-  #     - job_psrule_test
-  #   strategy:
-  #     fail-fast: false
-  #     matrix:
-  #       moduleTestFilePaths: ${{ fromJSON(needs.job_initialize_pipeline.outputs.moduleTestFilePaths) }}
-  #   steps:
-  #     - name: 'Checkout'
-  #       uses: actions/checkout@v2
-  #       with:
-  #         fetch-depth: 0
-  #     - name: Set environment variables
-  #       uses: ./.github/actions/templates/setEnvironmentVariables
-  #       with:
-  #         variablesPath: ${{ env.variablesPath }}
-  #     - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
-  #       uses: ./.github/actions/templates/validateModuleDeployment
-  #       with:
-  #         templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
-  #         location: '${{ env.location }}'
-  #         resourceGroupName: '${{ env.resourceGroupName }}'
-  #         subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
-  #         managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
-  #         removeDeployment: '${{ needs.job_initialize_pipeline.outputs.removeDeployment }}'
+  #############################
+  #   Deployment validation   #
+  #############################
+  job_module_deploy_validation:
+    runs-on: ubuntu-20.04
+    if: ${{ always() && (needs.job_module_pester_validation.result == 'success') }} # Deployment validation will not be blocked by the failing PSRule validation stage (for the time being). <- Remove the condition block to change behavior
+    name: 'Deployment validation'
+    needs:
+      - job_initialize_pipeline
+      - job_module_pester_validation
+      - job_psrule_test
+    strategy:
+      fail-fast: false
+      matrix:
+        moduleTestFilePaths: ${{ fromJSON(needs.job_initialize_pipeline.outputs.moduleTestFilePaths) }}
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Set environment variables
+        uses: ./.github/actions/templates/setEnvironmentVariables
+        with:
+          variablesPath: ${{ env.variablesPath }}
+      - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
+        uses: ./.github/actions/templates/validateModuleDeployment
+        with:
+          templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
+          location: '${{ env.location }}'
+          resourceGroupName: '${{ env.resourceGroupName }}'
+          subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
+          managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
+          removeDeployment: '${{ needs.job_initialize_pipeline.outputs.removeDeployment }}'
 
-  # ##################
-  # #   Publishing   #
-  # ##################
-  # job_publish_module:
-  #   name: 'Publishing'
-  #   if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.event.inputs.prerelease == 'true'
-  #   runs-on: ubuntu-20.04
-  #   needs:
-  #     - job_module_deploy_validation
-  #   steps:
-  #     - name: 'Checkout'
-  #       uses: actions/checkout@v2
-  #       with:
-  #         fetch-depth: 0
-  #     - name: Set environment variables
-  #       uses: ./.github/actions/templates/setEnvironmentVariables
-  #       with:
-  #         variablesPath: ${{ env.variablesPath }}
-  #     - name: 'Publishing'
-  #       uses: ./.github/actions/templates/publishModule
-  #       with:
-  #         templateFilePath: '${{ env.modulePath }}/deploy.bicep'
-  #         templateSpecsRGName: '${{ env.templateSpecsRGName }}'
-  #         templateSpecsRGLocation: '${{ env.templateSpecsRGLocation }}'
-  #         templateSpecsDescription: '${{ env.templateSpecsDescription }}'
-  #         templateSpecsDoPublish: '${{ env.templateSpecsDoPublish }}'
-  #         bicepRegistryName: '${{ env.bicepRegistryName }}'
-  #         bicepRegistryRGName: '${{ env.bicepRegistryRGName }}'
-  #         bicepRegistryRgLocation: '${{ env.bicepRegistryRgLocation }}'
-  #         bicepRegistryDoPublish: '${{ env.bicepRegistryDoPublish }}'
+  ##################
+  #   Publishing   #
+  ##################
+  job_publish_module:
+    name: 'Publishing'
+    if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.event.inputs.prerelease == 'true'
+    runs-on: ubuntu-20.04
+    needs:
+      - job_module_deploy_validation
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Set environment variables
+        uses: ./.github/actions/templates/setEnvironmentVariables
+        with:
+          variablesPath: ${{ env.variablesPath }}
+      - name: 'Publishing'
+        uses: ./.github/actions/templates/publishModule
+        with:
+          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
+          templateSpecsRGName: '${{ env.templateSpecsRGName }}'
+          templateSpecsRGLocation: '${{ env.templateSpecsRGLocation }}'
+          templateSpecsDescription: '${{ env.templateSpecsDescription }}'
+          templateSpecsDoPublish: '${{ env.templateSpecsDoPublish }}'
+          bicepRegistryName: '${{ env.bicepRegistryName }}'
+          bicepRegistryRGName: '${{ env.bicepRegistryRGName }}'
+          bicepRegistryRgLocation: '${{ env.bicepRegistryRgLocation }}'
+          bicepRegistryDoPublish: '${{ env.bicepRegistryDoPublish }}'

.github/workflows/ms.resources.resourcegroups.yml

@@ -104,66 +104,67 @@ jobs:
           subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
           managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
 
-  # #############################
-  # #   Deployment validation   #
-  # #############################
-  # job_module_deploy_validation:
-  #   runs-on: ubuntu-20.04
-  #   name: 'Deployment validation'
-  #   needs:
-  #     - job_initialize_pipeline
-  #     - job_module_pester_validation
-  #     - job_psrule_test
-  #   strategy:
-  #     fail-fast: false
-  #     matrix:
-  #       moduleTestFilePaths: ${{ fromJSON(needs.job_initialize_pipeline.outputs.moduleTestFilePaths) }}
-  #   steps:
-  #     - name: 'Checkout'
-  #       uses: actions/checkout@v2
-  #       with:
-  #         fetch-depth: 0
-  #     - name: Set environment variables
-  #       uses: ./.github/actions/templates/setEnvironmentVariables
-  #       with:
-  #         variablesPath: ${{ env.variablesPath }}
-  #     - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
-  #       uses: ./.github/actions/templates/validateModuleDeployment
-  #       with:
-  #         templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
-  #         location: '${{ env.location }}'
-  #         resourceGroupName: '${{ env.resourceGroupName }}'
-  #         subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
-  #         managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
-  #         removeDeployment: '${{ needs.job_initialize_pipeline.outputs.removeDeployment }}'
+  #############################
+  #   Deployment validation   #
+  #############################
+  job_module_deploy_validation:
+    runs-on: ubuntu-20.04
+    if: ${{ always() && (needs.job_module_pester_validation.result == 'success') }} # Deployment validation will not be blocked by the failing PSRule validation stage (for the time being). <- Remove the condition block to change behavior
+    name: 'Deployment validation'
+    needs:
+      - job_initialize_pipeline
+      - job_module_pester_validation
+      - job_psrule_test
+    strategy:
+      fail-fast: false
+      matrix:
+        moduleTestFilePaths: ${{ fromJSON(needs.job_initialize_pipeline.outputs.moduleTestFilePaths) }}
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Set environment variables
+        uses: ./.github/actions/templates/setEnvironmentVariables
+        with:
+          variablesPath: ${{ env.variablesPath }}
+      - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
+        uses: ./.github/actions/templates/validateModuleDeployment
+        with:
+          templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
+          location: '${{ env.location }}'
+          resourceGroupName: '${{ env.resourceGroupName }}'
+          subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'
+          managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}'
+          removeDeployment: '${{ needs.job_initialize_pipeline.outputs.removeDeployment }}'
 
-  # ##################
-  # #   Publishing   #
-  # ##################
-  # job_publish_module:
-  #   name: 'Publishing'
-  #   if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.event.inputs.prerelease == 'true'
-  #   runs-on: ubuntu-20.04
-  #   needs:
-  #     - job_module_deploy_validation
-  #   steps:
-  #     - name: 'Checkout'
-  #       uses: actions/checkout@v2
-  #       with:
-  #         fetch-depth: 0
-  #     - name: Set environment variables
-  #       uses: ./.github/actions/templates/setEnvironmentVariables
-  #       with:
-  #         variablesPath: ${{ env.variablesPath }}
-  #     - name: 'Publishing'
-  #       uses: ./.github/actions/templates/publishModule
-  #       with:
-  #         templateFilePath: '${{ env.modulePath }}/deploy.bicep'
-  #         templateSpecsRGName: '${{ env.templateSpecsRGName }}'
-  #         templateSpecsRGLocation: '${{ env.templateSpecsRGLocation }}'
-  #         templateSpecsDescription: '${{ env.templateSpecsDescription }}'
-  #         templateSpecsDoPublish: '${{ env.templateSpecsDoPublish }}'
-  #         bicepRegistryName: '${{ env.bicepRegistryName }}'
-  #         bicepRegistryRGName: '${{ env.bicepRegistryRGName }}'
-  #         bicepRegistryRgLocation: '${{ env.bicepRegistryRgLocation }}'
-  #         bicepRegistryDoPublish: '${{ env.bicepRegistryDoPublish }}'
+  ##################
+  #   Publishing   #
+  ##################
+  job_publish_module:
+    name: 'Publishing'
+    if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.event.inputs.prerelease == 'true'
+    runs-on: ubuntu-20.04
+    needs:
+      - job_module_deploy_validation
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Set environment variables
+        uses: ./.github/actions/templates/setEnvironmentVariables
+        with:
+          variablesPath: ${{ env.variablesPath }}
+      - name: 'Publishing'
+        uses: ./.github/actions/templates/publishModule
+        with:
+          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
+          templateSpecsRGName: '${{ env.templateSpecsRGName }}'
+          templateSpecsRGLocation: '${{ env.templateSpecsRGLocation }}'
+          templateSpecsDescription: '${{ env.templateSpecsDescription }}'
+          templateSpecsDoPublish: '${{ env.templateSpecsDoPublish }}'
+          bicepRegistryName: '${{ env.bicepRegistryName }}'
+          bicepRegistryRGName: '${{ env.bicepRegistryRGName }}'
+          bicepRegistryRgLocation: '${{ env.bicepRegistryRgLocation }}'
+          bicepRegistryDoPublish: '${{ env.bicepRegistryDoPublish }}'