From 68303dbbec0e165c276be0ae43833ff401824c75 Mon Sep 17 00:00:00 2001 From: rozkurt <72864397+rozkurt@users.noreply.github.com> Date: Fri, 26 Apr 2024 16:14:47 +0200 Subject: [PATCH] fix: FrontDoor - Updated HealthProbeSettings in test for WAF compliance - `avm/res/network/front-door` (#1702) ## Description fix - This PR is offering updated parameters for E2E scenario in order to help with testing WAF alignment of the module Fixes #1603 --> ## Pipeline Reference | Pipeline | | -------- | | [![avm.res.network.front-door](https://github.com/rozkurt/bicep-registry-modules/actions/workflows/avm.res.network.front-door.yml/badge.svg?branch=AFD_WAF_Alignment)](https://github.com/rozkurt/bicep-registry-modules/actions/workflows/avm.res.network.front-door.yml) | ## Type of Change - [ ] Update to CI Environment or utlities (Non-module effecting changes) - [ ] Azure Verified Module updates: - [X] Bugfix containing backwards compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in `version.json`: - [ ] Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description. - [ ] The bug was found by the module author, and no one has opened an issue to report it yet. - [ ] Feature update backwards compatible feature updates, and I have bumped the MINOR version in `version.json`. - [ ] Breaking changes and I have bumped the MAJOR version in `version.json`. - [ ] Update to documentation ## Checklist - [X] I'm sure there are no other open Pull Requests for the same update/change - [ ] I have run `Set-AVMModule` locally to generate the supporting module files. - [ ] My corresponding pipelines / checks run clean and green without any errors or warnings --------- Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> Co-authored-by: Recep Ozkurt --- avm/res/network/front-door/README.md | 12 ++++++------ avm/res/network/front-door/main.json | 4 ++-- .../front-door/tests/e2e/waf-aligned/main.test.bicep | 8 ++++---- .../psrule/.ps-rule/min-suppress.Rule.yaml | 4 ++++ 4 files changed, 16 insertions(+), 12 deletions(-) diff --git a/avm/res/network/front-door/README.md b/avm/res/network/front-door/README.md index 3ca3f86595..06dd319027 100644 --- a/avm/res/network/front-door/README.md +++ b/avm/res/network/front-door/README.md @@ -639,10 +639,10 @@ module frontDoor 'br/public:avm/res/network/front-door:' = { { name: 'heathProbe' properties: { - enabledState: '' - healthProbeMethod: '' + enabledState: 'Enabled' + healthProbeMethod: 'HEAD' intervalInSeconds: 60 - path: '/' + path: '/healthz' protocol: 'Https' } } @@ -765,10 +765,10 @@ module frontDoor 'br/public:avm/res/network/front-door:' = { { "name": "heathProbe", "properties": { - "enabledState": "", - "healthProbeMethod": "", + "enabledState": "Enabled", + "healthProbeMethod": "HEAD", "intervalInSeconds": 60, - "path": "/", + "path": "/healthz", "protocol": "Https" } } diff --git a/avm/res/network/front-door/main.json b/avm/res/network/front-door/main.json index 067451e5f1..532598ea9a 100644 --- a/avm/res/network/front-door/main.json +++ b/avm/res/network/front-door/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.26.54.24096", - "templateHash": "11688367630078848691" + "version": "0.26.170.59819", + "templateHash": "10103314410755472523" }, "name": "Azure Front Doors", "description": "This module deploys an Azure Front Door.", diff --git a/avm/res/network/front-door/tests/e2e/waf-aligned/main.test.bicep b/avm/res/network/front-door/tests/e2e/waf-aligned/main.test.bicep index fd7839f280..f05335784f 100644 --- a/avm/res/network/front-door/tests/e2e/waf-aligned/main.test.bicep +++ b/avm/res/network/front-door/tests/e2e/waf-aligned/main.test.bicep @@ -32,7 +32,7 @@ resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = { } // Diagnostics -// =========== +// ============ module diagnosticDependencies '../../../../../../utilities/e2e-template-assets/templates/diagnostic.dependencies.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name, resourceLocation)}-diagnosticDependencies' @@ -99,10 +99,10 @@ module testDeployment '../../../main.bicep' = [ { name: 'heathProbe' properties: { - enabledState: '' - healthProbeMethod: '' + enabledState: 'Enabled' + healthProbeMethod: 'HEAD' intervalInSeconds: 60 - path: '/' + path: '/healthz' protocol: 'Https' } } diff --git a/avm/utilities/pipelines/staticValidation/psrule/.ps-rule/min-suppress.Rule.yaml b/avm/utilities/pipelines/staticValidation/psrule/.ps-rule/min-suppress.Rule.yaml index dbea639dbf..ed2666de72 100644 --- a/avm/utilities/pipelines/staticValidation/psrule/.ps-rule/min-suppress.Rule.yaml +++ b/avm/utilities/pipelines/staticValidation/psrule/.ps-rule/min-suppress.Rule.yaml @@ -31,6 +31,10 @@ spec: # Azure App Service - Azure.AppService.WebProbe # Supressed as the probe path is specific to the app - Azure.AppService.WebProbePath # Supressed as the probe path is specific to the app + # Azure Front Door + - Azure.FrontDoor.Probe # Supressed as the probe is being provided as parameter and we are not able to enforce as default value + - Azure.FrontDoor.ProbeMethod # Supressed as the probe method is being provided as parameter and we are not able to enforce as default value + - Azure.FrontDoor.ProbePath # Supressed as the probe path is being provided as parameter and we are not able to enforce as default value if: name: "." contains: