Skip to content

ci: Add Bicep Parameter Validation Workflow and Script #499

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Harsh-Microsoft wants to merge 11 commits into
base: dev
Choose a base branch
from
+528 −0
Open

ci: Add Bicep Parameter Validation Workflow and Script #499

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
ca0a186
ci: Add Bicep Parameter Validation Workflow and Script
Harsh-Microsoft Mar 31, 2026
8d7f989
fix: Update workflow triggers and notification conditions in validate…
Harsh-Microsoft Mar 31, 2026
86c3682
fix: Update Bicep validation workflow and script for improved error h…
Harsh-Microsoft Mar 31, 2026
ea19139
Update infra/scripts/validate_bicep_params.py
Harsh-Microsoft Mar 31, 2026
3b7b09d
fix: Remove push trigger and refine schedule notification conditions …
Harsh-Microsoft Apr 1, 2026
98028e3
Merge branch 'hb-psl-38859' of https://github.com/microsoft/content-p…
Harsh-Microsoft Apr 1, 2026
13c027d
Update infra/scripts/validate_bicep_params.py
Harsh-Microsoft Apr 1, 2026
65656cd
fix: Update Bicep validation workflow to include push trigger and sim…
Harsh-Microsoft Apr 1, 2026
b9459b6
fix: Remove push trigger from Bicep validation workflow and refine no…
Harsh-Microsoft Apr 1, 2026
09f8114
Update infra/scripts/validate_bicep_params.py
Harsh-Microsoft Apr 1, 2026
eebde0d
fix: Add AZURE_EXISTING_AIPROJECT_RESOURCE_ID to exempt environment v…
Harsh-Microsoft Apr 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
107 changes: 107 additions & 0 deletions .github/workflows/validate-bicep-params.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
name: Validate Bicep Parameters

permissions:
contents: read

on:
schedule:
- cron: '30 6 * * 3' # Wednesday 12:00 PM IST (6:30 AM UTC)
pull_request:
branches:
- main
- dev
paths:
- 'infra/**/*.bicep'
- 'infra/**/*.parameters.json'
workflow_dispatch:

env:
accelerator_name: "Content Processing"

jobs:
validate:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'

- name: Validate infra/ parameters
id: validate_infra
continue-on-error: true
run: |
set +e
python infra/scripts/validate_bicep_params.py --dir infra --strict --no-color --json-output infra_results.json 2>&1 | tee infra_output.txt
EXIT_CODE=${PIPESTATUS[0]}
set -e
echo "## Infra Param Validation" >> "$GITHUB_STEP_SUMMARY"
echo '```' >> "$GITHUB_STEP_SUMMARY"
cat infra_output.txt >> "$GITHUB_STEP_SUMMARY"
echo '```' >> "$GITHUB_STEP_SUMMARY"
exit $EXIT_CODE

- name: Set overall result
id: result
run: |
if [[ "${{ steps.validate_infra.outcome }}" == "failure" ]]; then
echo "status=failure" >> "$GITHUB_OUTPUT"
else
echo "status=success" >> "$GITHUB_OUTPUT"
fi

- name: Upload validation results
if: always()
uses: actions/upload-artifact@v4
with:
name: bicep-validation-results
path: |
infra_results.json
retention-days: 30

- name: Send schedule notification on failure
if: github.event_name == 'schedule' && steps.result.outputs.status == 'failure'
env:
LOGICAPP_URL: ${{ secrets.EMAILNOTIFICATION_LOGICAPP_URL_TA }}
GITHUB_REPOSITORY: ${{ github.repository }}
GITHUB_RUN_ID: ${{ github.run_id }}
ACCELERATOR_NAME: ${{ env.accelerator_name }}
run: |
RUN_URL="https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}"
INFRA_OUTPUT=$(sed 's/&/\&amp;/g; s/</\&lt;/g; s/>/\&gt;/g' infra_output.txt)

jq -n \
--arg name "${ACCELERATOR_NAME}" \
--arg infra "$INFRA_OUTPUT" \
--arg url "$RUN_URL" \
'{subject: ("Bicep Parameter Validation Report - " + $name + " - Issues Detected"), body: ("<p>Dear Team,</p><p>The scheduled <strong>Bicep Parameter Validation</strong> for <strong>" + $name + "</strong> has detected parameter mapping errors.</p><p><strong>infra/ Results:</strong></p><pre>" + $infra + "</pre><p><strong>Run URL:</strong> <a href=\"" + $url + "\">" + $url + "</a></p><p>Please fix the parameter mapping issues at your earliest convenience.</p><p>Best regards,<br>Your Automation Team</p>")}' \
| curl -X POST "${LOGICAPP_URL}" \
-H "Content-Type: application/json" \
-d @- || echo "Failed to send notification"

- name: Send schedule notification on success
if: github.event_name == 'schedule' && steps.result.outputs.status == 'success'
env:
LOGICAPP_URL: ${{ secrets.EMAILNOTIFICATION_LOGICAPP_URL_TA }}
GITHUB_REPOSITORY: ${{ github.repository }}
GITHUB_RUN_ID: ${{ github.run_id }}
ACCELERATOR_NAME: ${{ env.accelerator_name }}
run: |
RUN_URL="https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}"
INFRA_OUTPUT=$(sed 's/&/\&amp;/g; s/</\&lt;/g; s/>/\&gt;/g' infra_output.txt)

jq -n \
--arg name "${ACCELERATOR_NAME}" \
--arg infra "$INFRA_OUTPUT" \
--arg url "$RUN_URL" \
'{subject: ("Bicep Parameter Validation Report - " + $name + " - Passed"), body: ("<p>Dear Team,</p><p>The scheduled <strong>Bicep Parameter Validation</strong> for <strong>" + $name + "</strong> has completed successfully. All parameter mappings are valid.</p><p><strong>infra/ Results:</strong></p><pre>" + $infra + "</pre><p><strong>Run URL:</strong> <a href=\"" + $url + "\">" + $url + "</a></p><p>Best regards,<br>Your Automation Team</p>")}' \
| curl -X POST "${LOGICAPP_URL}" \
-H "Content-Type: application/json" \
-d @- || echo "Failed to send notification"

- name: Fail if errors found
if: steps.result.outputs.status == 'failure'
run: exit 1
Loading