fix bicep install #10
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Validate AZD Template | |
| on: | |
| push: | |
| branches: [ main ] | |
| paths: | |
| - 'azure.yaml' | |
| - 'infra/**' | |
| - '.github/workflows/validate-azd-template.yml' | |
| pull_request: | |
| branches: [ main ] | |
| paths: | |
| - 'azure.yaml' | |
| - 'infra/**' | |
| - '.github/workflows/validate-azd-template.yml' | |
| schedule: | |
| # Run every Sunday at 9 PM UTC (Sunday night) | |
| - cron: '0 21 * * 0' | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| security-events: write | |
| actions: read | |
| jobs: | |
| validate: | |
| name: Validate Bicep Template | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Azure CLI | |
| run: | | |
| curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash | |
| az bicep upgrade | |
| - name: Validate Bicep template | |
| run: | | |
| echo "Validating Bicep template..." | |
| az bicep build -f infra/main.bicep --stdout | |
| echo "Bicep template validation completed successfully!" | |
| - name: Run Microsoft Security DevOps Analysis | |
| uses: microsoft/security-devops-action@v1 | |
| id: msdo | |
| with: | |
| categories: 'IaC' | |
| tools: 'templateanalyzer' | |
| - name: Upload results to Security tab | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: ${{ steps.msdo.outputs.sarifFile }} |