Update to use PSRule v0.15.0 (#44)

- Update to use latest PSRule version
- Update CI pipeline to use PS 7.0 #45
- Add culture option for build
- Update variable used by code coverage

Author: BernieWhite

.azure-pipelines/azure-pipelines.yaml

@@ -5,8 +5,9 @@ variables:
   version: '0.2.0'
   buildConfiguration: 'Release'
   disable.coverage.autogenerate: 'true'
+  imageName: 'ubuntu-18.04'
 
- # Use build number format, i.e. 0.2.0-B1811001
+ # Use build number format, i.e. 0.2.0-B2002001
 name: $(version)-B$(date:yyMM)$(rev:rrr)
 
 trigger:
@@ -27,25 +28,12 @@ stages:
 # Build pipeline
 - stage: Build
   displayName: Build
+  dependsOn: []
   jobs:
   - job:
-    strategy:
-      matrix:
-        Linux:
-          displayName: 'Linux'
-          imageName: 'ubuntu-latest'
-        MacOS:
-          displayName: 'MacOS'
-          imageName: 'macOS-latest'
-        Windows:
-          displayName: 'Windows'
-          imageName: 'vs2017-win2016'
-          publish: 'true'
-          analysis: 'true'
-          coverage: 'true'
     pool:
       vmImage: $(imageName)
-    displayName: 'PowerShell'
+    displayName: 'Module'
     steps:
 
     # Install pipeline dependencies
@@ -56,19 +44,6 @@ stages:
     - powershell: Invoke-Build -Configuration $(buildConfiguration) -Build $(Build.BuildNumber)
       displayName: 'Build module'
 
-    # Pester test results
-    - task: PublishTestResults@2
-      displayName: 'Publish Pester results'
-      inputs:
-        testRunTitle: 'Pester on $(imageName)'
-        testRunner: NUnit
-        testResultsFiles: 'reports/pester-unit.xml'
-        mergeTestResults: true
-        platform: $(imageName)
-        configuration: $(buildConfiguration)
-        publishRunAttachments: true
-      condition: succeededOrFailed()
-
     # PSRule results
     - task: PublishTestResults@2
       displayName: 'Publish PSRule results'
@@ -82,52 +57,104 @@ stages:
         publishRunAttachments: true
       condition: succeededOrFailed()
 
-    # Generate Code Coverage report
-    - task: Palmmedia.reportgenerator.reportgenerator-build-release-task.reportgenerator@4
-      displayName: 'Code coverage report generator'
-      inputs:
-        reports: 'reports\pester-coverage.xml'
-        targetdir: 'reports\coverage'
-        sourcedirs: 'src\PSRule.Rules.Kubernetes'
-        reporttypes: 'HtmlInline_AzurePipelines;Cobertura;Badges'
-        tag: $(Build.BuildNumber)
-      condition: eq(variables['coverage'], 'true')
-
-    # Publish Code Coverage report
-    - task: PublishCodeCoverageResults@1
-      displayName: 'Publish Pester code coverage'
-      inputs:
-        codeCoverageTool: 'Cobertura'
-        summaryFileLocation: 'reports/coverage/Cobertura.xml'
-        reportDirectory: 'reports/coverage'
-      condition: eq(variables['coverage'], 'true')
-
     # Generate artifacts
     - publish: out/modules/PSRule.Rules.Kubernetes
       displayName: 'Publish module'
       artifact: PSRule.Rules.Kubernetes
-      condition: and(succeeded(), eq(variables['publish'], 'true'))
+
+# Analysis pipeline
+- stage: Analysis
+  displayName: Analysis
+  dependsOn: []
+  jobs:
+  - job: Secret_Scan
+    pool: 'Hosted VS2017'
+    displayName: Secret scan
+
+    steps:
+    - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
+      displayName: 'Scan for secrets'
+      inputs:
+        debugMode: false
+        toolMajorVersion: V2
+
+    - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
+      displayName: 'Publish scan logs'
+      continueOnError: true
+
+    - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
+      displayName: 'Check for failures'
+      inputs:
+        CredScan: true
+        ToolLogsNotFoundAction: Error
+
+# Test pipeline
+- stage: Test
+  dependsOn: Build
+  jobs:
+
+  - template: jobs/test.yaml
+    parameters:
+      name: ubuntu_18_04_coverage
+      imageName: 'ubuntu-18.04'
+      displayName: 'PowerShell coverage'
+      coverage: 'true'
+      publishResults: 'false'
+
+  - template: jobs/test.yaml
+    parameters:
+      name: macOS_10_15
+      displayName: 'PowerShell 6.2.4 - macOS-10.15'
+      imageName: 'macOS-10.15'
+
+  - template: jobs/test.yaml
+    parameters:
+      name: windows
+      displayName: 'PowerShell 5.1 - win2016'
+      imageName: 'vs2017-win2016'
+
+  # Currently can't use alpine because addtional tools for Azure DevOps are required
+  # - template: jobs/testContainer.yaml
+  #   parameters:
+  #     name: alpine_3_10
+  #     displayName: 'PowerShell 7.0  - alpine-3.10'
+  #     imageName: mcr.microsoft.com/powershell
+  #     imageTag: 7.0.0-alpine-3.10
+
+  - template: jobs/testContainer.yaml
+    parameters:
+      name: ps_7_ubuntu_18_04
+      displayName: 'PowerShell 7.0 - ubuntu-18.04'
+      imageName: mcr.microsoft.com/powershell
+      imageTag: 7.0.0-ubuntu-18.04
+
+  - template: jobs/testContainer.yaml
+    parameters:
+      name: ps_6_ubuntu_18_04
+      displayName: 'PowerShell 6.2.4 - ubuntu-18.04'
+      imageName: mcr.microsoft.com/powershell
+      imageTag: 6.2.4-ubuntu-18.04
 
 # Release pipeline
 - stage: Release
   displayName: Release
-  dependsOn: Build
+  dependsOn: [ 'Test', 'Analysis' ]
   condition: and(succeeded(), startsWith(variables['Build.SourceBranch'], 'refs/tags/v0.'))
   jobs:
   - job:
     displayName: Live
     pool:
-      vmImage: 'ubuntu-latest'
+      vmImage: $(imageName)
     variables:
       isPreRelease: $[contains(variables['Build.SourceBranchName'], '-B')]
     steps:
 
     # Download module from build
-    - task: DownloadPipelineArtifact@1
+    - task: DownloadPipelineArtifact@2
       displayName: 'Download module'
       inputs:
-        artifactName: PSRule.Rules.Kubernetes
-        downloadPath: $(Build.SourcesDirectory)/out/modules/PSRule.Rules.Kubernetes
+        artifact: PSRule.Rules.Kubernetes
+        path: $(Build.SourcesDirectory)/out/modules/PSRule.Rules.Kubernetes
 
     # Install pipeline dependencies
     - powershell: ./.azure-pipelines/pipeline-deps.ps1
@@ -138,15 +165,15 @@ stages:
       displayName: 'Publish module'
 
     # Update GitHub release
-    - task: GitHubRelease@0
+    - task: GitHubRelease@1
       displayName: 'GitHub release'
       inputs:
         gitHubConnection: 'AzureDevOps-PSRule.Rules.Kubernetes'
         repositoryName: '$(Build.Repository.Name)'
         action: edit
         tag: '$(Build.SourceBranchName)'
-        releaseNotesSource: input
-        releaseNotes: 'See [change log](https://github.com/Microsoft/PSRule.Rules.Kubernetes/blob/master/CHANGELOG.md)'
+        releaseNotesSource: inline
+        releaseNotesInline: 'See [change log](https://github.com/Microsoft/PSRule.Rules.Kubernetes/blob/master/CHANGELOG.md)'
         assetUploadMode: replace
         addChangeLog: false
         isPreRelease: $(isPreRelease)

.azure-pipelines/jobs/test.yaml

@@ -0,0 +1,71 @@
+# Azure DevOps
+# CI job for running VM pipelines
+
+parameters:
+  name: ''
+  displayName: ''
+  buildConfiguration: 'Release'
+  imageName: ''
+  coverage: 'false'
+  publishResults: 'true'
+
+jobs:
+- job: ${{ parameters.name }}
+  displayName: ${{ parameters.displayName }}
+  pool:
+    vmImage: ${{ parameters.imageName }}
+  variables:
+    COVERAGE: ${{ parameters.coverage }}
+    PUBLISHRESULTS: ${{ parameters.publishResults }}
+    skipComponentGovernanceDetection: true
+  steps:
+
+  # Install pipeline dependencies
+  - powershell: ./.azure-pipelines/pipeline-deps.ps1
+    displayName: 'Install dependencies'
+
+  # Download module
+  - task: DownloadPipelineArtifact@2
+    displayName: 'Download module'
+    inputs:
+      artifact: PSRule.Rules.Kubernetes
+      path: $(Build.SourcesDirectory)/out/modules/PSRule.Rules.Kubernetes
+
+  # Build module
+  - powershell: Invoke-Build TestModule -Configuration ${{ parameters.buildConfiguration }} -Build $(Build.BuildNumber)
+    env:
+      COVERAGE: ${{ parameters.coverage }}
+    displayName: 'Test module'
+
+  # Pester test results
+  - task: PublishTestResults@2
+    displayName: 'Publish Pester results'
+    inputs:
+      testRunTitle: 'Pester on ${{ parameters.imageName }}'
+      testRunner: NUnit
+      testResultsFiles: 'reports/pester-unit.xml'
+      mergeTestResults: true
+      platform: ${{ parameters.name }}
+      configuration: ${{ parameters.buildConfiguration }}
+      publishRunAttachments: true
+    condition: and(succeededOrFailed(), eq(variables['PUBLISHRESULTS'], 'true'))
+
+  # Generate Code Coverage report
+  - task: Palmmedia.reportgenerator.reportgenerator-build-release-task.reportgenerator@4
+    displayName: 'Code coverage report generator'
+    inputs:
+      reports: 'reports/pester-coverage.xml'
+      targetdir: 'reports/coverage'
+      sourcedirs: 'src/PSRule.Rules.Kubernetes'
+      reporttypes: 'HtmlInline_AzurePipelines;Cobertura;SonarQube;Badges'
+      tag: $(Build.BuildNumber)
+    condition: eq(variables['COVERAGE'], 'true')
+
+  # Publish Code Coverage report
+  - task: PublishCodeCoverageResults@1
+    displayName: 'Publish Pester code coverage'
+    inputs:
+      codeCoverageTool: 'Cobertura'
+      summaryFileLocation: 'reports/coverage/Cobertura.xml'
+      reportDirectory: 'reports/coverage'
+    condition: eq(variables['COVERAGE'], 'true')

.azure-pipelines/jobs/testContainer.yaml

@@ -0,0 +1,76 @@
+# Azure DevOps
+# CI job for running container pipelines
+
+parameters:
+  name: ''
+  displayName: ''
+  buildConfiguration: 'Release'
+  vmImage: 'ubuntu-16.04'
+  imageName: ''
+  imageTag: ''
+  coverage: 'false'
+  publishResults: 'true'
+
+jobs:
+- job: ${{ parameters.name }}
+  displayName: ${{ parameters.displayName }}
+  pool:
+    vmImage: ${{ parameters.vmImage }}
+  container:
+    image: '${{ parameters.imageName }}:${{ parameters.imageTag }}'
+    env:
+      COVERAGE: ${{ parameters.coverage }}
+      PUBLISHRESULTS: ${{ parameters.publishResults }}
+  variables:
+    COVERAGE: ${{ parameters.coverage }}
+    PUBLISHRESULTS: ${{ parameters.publishResults }}
+    skipComponentGovernanceDetection: true
+  steps:
+
+  # Install pipeline dependencies
+  - powershell: ./.azure-pipelines/pipeline-deps.ps1
+    displayName: 'Install dependencies'
+
+  # Download module
+  - task: DownloadPipelineArtifact@2
+    displayName: 'Download module'
+    inputs:
+      artifact: PSRule.Rules.Kubernetes
+      path: $(Build.SourcesDirectory)/out/modules/PSRule.Rules.Kubernetes
+
+  # Build module
+  - powershell: Invoke-Build TestModule -Configuration ${{ parameters.buildConfiguration }} -Build $(Build.BuildNumber)
+    displayName: 'Test module'
+
+  # Pester test results
+  - task: PublishTestResults@2
+    displayName: 'Publish Pester results'
+    inputs:
+      testRunTitle: 'Pester on ${{ parameters.imageTag }}'
+      testRunner: NUnit
+      testResultsFiles: 'reports/pester-unit.xml'
+      mergeTestResults: true
+      platform: ${{ parameters.imageTag }}
+      configuration: ${{ parameters.buildConfiguration }}
+      publishRunAttachments: true
+    condition: and(succeededOrFailed(), eq(variables['PUBLISHRESULTS'], 'true'))
+
+  # Generate Code Coverage report
+  - task: Palmmedia.reportgenerator.reportgenerator-build-release-task.reportgenerator@4
+    displayName: 'Code coverage report generator'
+    inputs:
+      reports: 'reports\pester-coverage.xml'
+      targetdir: 'reports\coverage'
+      sourcedirs: 'src\PSRule.Rules.Kubernetes'
+      reporttypes: 'HtmlInline_AzurePipelines;Cobertura;SonarQube;Badges'
+      tag: $(Build.BuildNumber)
+    condition: eq(variables['COVERAGE'], 'true')
+
+  # Publish Code Coverage report
+  - task: PublishCodeCoverageResults@1
+    displayName: 'Publish Pester code coverage'
+    inputs:
+      codeCoverageTool: 'Cobertura'
+      summaryFileLocation: 'reports/coverage/Cobertura.xml'
+      reportDirectory: 'reports/coverage'
+    condition: eq(variables['COVERAGE'], 'true')

.vscode/extensions.json

@@ -1,6 +1,9 @@
 {
     "recommendations": [
+        "ms-vscode.powershell",
+        "ms-azure-devops.azure-pipelines",
         "redhat.vscode-yaml",
-        "bewhite.psrule-vscode-preview"
+        "bewhite.psrule-vscode-preview",
+        "streetsidesoftware.code-spell-checker"
     ]
 }

.vscode/settings.json

@@ -15,7 +15,8 @@
         "editor.tabSize": 2
     },
     "files.associations": {
-        "**/.azure-pipelines/*.yaml": "azure-pipelines"
+        "**/.azure-pipelines/*.yaml": "azure-pipelines",
+        "**/.azure-pipelines/jobs/*.yaml": "azure-pipelines"
     },
     "cSpell.words": [
         "Kubernetes",