From f3c8c0c8588c00effc9eb8e62de0935eb0a67fec Mon Sep 17 00:00:00 2001
From: Anthony Shaw <anthony.p.shaw@gmail.com>
Date: Mon, 15 Jul 2024 17:11:14 +1000
Subject: [PATCH] Disable Postgres AAD rule and expand PSrule trigger

---
 .cruft.json                       | 2 +-
 .github/workflows/audit-bicep.yml | 2 ++
 ps-rule.yaml                      | 3 +++
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/.cruft.json b/.cruft.json
index d37be58..5baee85 100644
--- a/.cruft.json
+++ b/.cruft.json
@@ -1,6 +1,6 @@
 {
   "template": "https://github.com/Azure-Samples/Azure-Python-Standardization-Template-Generator",
-  "commit": "895511f3a3fb63b5e485f9efd3769c844e5b3296",
+  "commit": "573edb00d58171b2848ed4d1032fc6aae8fe0cea",
   "checkout": null,
   "context": {
     "cookiecutter": {
diff --git a/.github/workflows/audit-bicep.yml b/.github/workflows/audit-bicep.yml
index 5633e15..e178258 100644
--- a/.github/workflows/audit-bicep.yml
+++ b/.github/workflows/audit-bicep.yml
@@ -6,12 +6,14 @@ on:
       - cruft/update
     paths:
       - "infra/**"
+      - "ps-rule.yaml"
   pull_request:
     branches: 
       - main
       - cruft/update
     paths:
       - "infra/**"
+      - "ps-rule.yaml"
   workflow_dispatch:
 
 jobs:
diff --git a/ps-rule.yaml b/ps-rule.yaml
index 3bc10f5..80a3862 100644
--- a/ps-rule.yaml
+++ b/ps-rule.yaml
@@ -12,3 +12,6 @@ rule:
   - Azure.ContainerApp.PublicAccess
   # Don't require NSG for an internal VNET for connecting apps to keyvaults
   - Azure.VNET.UseNSGs
+  # Don't require Postgres AAD/MI for now 
+  - Azure.PostgreSQL.AAD
+  - Azure.PostgreSQL.AADOnly