Skip to content

Commit 513e7b9

Browse files
chore: align project workflows and metadata with fleet standards
1 parent 6e6de2f commit 513e7b9

File tree

3 files changed

+54
-21
lines changed

3 files changed

+54
-21
lines changed

.github/copilot-instructions.md

Lines changed: 40 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,33 @@
11
# Copilot Instructions
22

3-
- **Purpose**: Catalog of reusable Azure Bicep modules published to ACR `acrty7og2i6qpv3s` under `bicep/modules/{module}`; registry is provisioned by the platform-strategic-services project.
4-
- **Layout**: Each module lives in `modules/<name>/` with `main.bicep` plus `metadata.json` carrying `version.major|minor|revision`. Publishing fails if either file is missing.
5-
- **Versioning behavior**: Non-main builds publish `V{major}.{minor}.{revision}-preview` only. Main builds also push `V{major}.x`, `V{major}.{minor}.x`, and `latest` when the full version tag is new.
6-
- **Publish script**: [Publish-BicepModuleToAcr.ps1](../.azure-pipelines/scripts/Publish-BicepModuleToAcr.ps1) drives tagging; it skips publishing when the `V{major}.{minor}.{revision}` tag already exists. Repository prefix defaults to `bicep/modules`.
7-
- **Pipelines**: [devops-secure-scanning](../.azure-pipelines/devops-secure-scanning.yml) runs weekly and on PRs to main using `jobs/devops-secure-scanning.yml` from the `ado-pipeline-templates` repo. [release-to-production](../.azure-pipelines/release-to-production.yml) builds with `bicep-lint-code` then loops modules to publish via service connection `spn-bicep-modules-production`; scheduled weekly and on main.
8-
- **Local workflow**: Update `metadata.json` when changing `main.bicep`; validate with `az bicep build --file modules/<name>/main.bicep`. Manual publish example:
3+
## Project Overview
4+
5+
This repository is a catalogue of reusable Azure Bicep modules published to Azure Container Registry (ACR) `acrty7og2i6qpv3s` under `bicep/modules/{module}`. The registry is provisioned by the `platform-strategic-services` project.
6+
7+
## Repository Layout
8+
9+
- `modules/<name>/` — Each module contains `main.bicep` and `metadata.json` (with `version.major|minor|revision`). Publishing fails if either file is missing.
10+
- `.azure-pipelines/` — Azure DevOps pipeline definitions and the publish script.
11+
- `.github/workflows/` — GitHub Actions workflows for CI, code quality, and PR verification.
12+
- `scripts/` — Utility scripts for app registration and role assignment.
13+
- `docs/` — Project documentation ([overview.md](../docs/overview.md), [development-workflows.md](../docs/development-workflows.md)).
14+
15+
## Module Catalogue
16+
17+
`apiManagementLogger`, `apiManagementSubscription`, `appConfigurationStore`, `appInsights`, `frontDoorCNAME`, `frontDoorEndpoint`, `keyVault`, `keyVaultAccessPolicy`, `keyVaultRoleAssignment`, `keyVaultSecret`, `sqlDatabase`, `storageAccount`, `webTest`.
18+
19+
## Build and Validation
20+
21+
- **Local validation**: `az bicep build --file modules/<name>/main.bicep`
22+
- **GitHub Actions**: `build-and-test.yml` validates all modules on feature/bugfix/hotfix branches; `pr-verify.yml` validates on PRs to main; `codequality.yml` runs SonarCloud scanning, DevOps secure scanning, and dependency review.
23+
- **Azure DevOps**: `release-to-production.yml` lints and publishes modules to ACR via `spn-bicep-modules-production`.
24+
25+
## Versioning and Publishing
26+
27+
- Non-main builds publish `V{major}.{minor}.{revision}-preview` only.
28+
- Main builds also push `V{major}.x`, `V{major}.{minor}.x`, and `latest` when the full version tag is new.
29+
- The publish script (`Publish-BicepModuleToAcr.ps1`) skips publishing when a tag already exists.
30+
- Manual publish example:
931
```powershell
1032
pwsh ./.azure-pipelines/scripts/Publish-BicepModuleToAcr.ps1 `
1133
-moduleName keyvault `
@@ -14,6 +36,15 @@
1436
-previewRelease $true
1537
```
1638
Requires `az login` and rights to the registry.
17-
- **Module catalogue**: modules include `apiManagementLogger`, `apiManagementSubscription`, `appConfigurationStore`, `appInsights`, `frontDoorCNAME`, `frontDoorEndpoint`, `keyVault`, `keyVaultAccessPolicy`, `keyVaultRoleAssignment`, `keyVaultSecret`, `sqlDatabase`, `storageAccount`, `webTest`.
18-
- **Dependencies**: Pipelines consume templates from the `ado-pipeline-templates` GitHub repo and require Azure CLI with Bicep installed.
19-
- **Docs**: See [docs/overview.md](../docs/overview.md) and [docs/development-workflows.md](../docs/development-workflows.md) for module layout and pipeline details.
39+
40+
## Conventions
41+
42+
- Always update `metadata.json` when changing a module's `main.bicep`.
43+
- Bicep files should pass `az bicep build` without errors before committing.
44+
- Pipelines consume templates from the `ado-pipeline-templates` GitHub repo and require Azure CLI with Bicep installed.
45+
46+
## Dependencies
47+
48+
- Azure CLI with Bicep extension
49+
- `ado-pipeline-templates` repository (for Azure DevOps pipeline templates)
50+
- `frasermolyneux/actions` repository (for reusable GitHub Actions workflows)

.github/workflows/copilot-setup-steps.yml

Lines changed: 7 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -16,13 +16,11 @@ jobs:
1616
runs-on: ubuntu-latest
1717
permissions:
1818
contents: read
19-
2019
steps:
21-
- name: Checkout code
22-
uses: actions/checkout@v6
23-
24-
- name: Checkout additional repo
25-
uses: actions/checkout@v6
26-
with:
27-
repository: frasermolyneux/.github-copilot
28-
path: .github-copilot
20+
- name: Checkout code
21+
uses: actions/checkout@v6
22+
23+
- name: Checkout additional repo
24+
uses: actions/checkout@v6
25+
with:
26+
repository: frasermolyneux/.github-copilot

README.md

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
# Bicep Modules
22

3-
[![DevOps Secure Scanning](https://dev.azure.com/frasermolyneux/Personal-Public/_apis/build/status%2fbicep-modules.DevOpsSecureScanning?branchName=main)](https://dev.azure.com/frasermolyneux/Personal-Public/_build/latest?definitionId=209&branchName=main)
4-
[![Pipeline Build](https://dev.azure.com/frasermolyneux/Personal-Public/_apis/build/status%2fbicep-modules.OnePipeline?repoName=frasermolyneux%2fbicep-modules&branchName=main&stageName=Build)](https://dev.azure.com/frasermolyneux/Personal-Public/_build/latest?definitionId=175&repoName=frasermolyneux%2fbicep-modules&branchName=main)
5-
[![Pipeline Deploy](https://dev.azure.com/frasermolyneux/Personal-Public/_apis/build/status%2fbicep-modules.OnePipeline?repoName=frasermolyneux%2fbicep-modules&branchName=main&stageName=Deploy)](https://dev.azure.com/frasermolyneux/Personal-Public/_build/latest?definitionId=175&repoName=frasermolyneux%2fbicep-modules&branchName=main)
3+
[![Build and Test](https://github.com/frasermolyneux/bicep-modules/actions/workflows/build-and-test.yml/badge.svg)](https://github.com/frasermolyneux/bicep-modules/actions/workflows/build-and-test.yml)
4+
[![Code Quality](https://github.com/frasermolyneux/bicep-modules/actions/workflows/codequality.yml/badge.svg)](https://github.com/frasermolyneux/bicep-modules/actions/workflows/codequality.yml)
5+
[![Copilot Setup Steps](https://github.com/frasermolyneux/bicep-modules/actions/workflows/copilot-setup-steps.yml/badge.svg)](https://github.com/frasermolyneux/bicep-modules/actions/workflows/copilot-setup-steps.yml)
6+
[![Dependabot Auto-Merge](https://github.com/frasermolyneux/bicep-modules/actions/workflows/dependabot-automerge.yml/badge.svg)](https://github.com/frasermolyneux/bicep-modules/actions/workflows/dependabot-automerge.yml)
7+
[![PR Verify](https://github.com/frasermolyneux/bicep-modules/actions/workflows/pr-verify.yml/badge.svg)](https://github.com/frasermolyneux/bicep-modules/actions/workflows/pr-verify.yml)
68

79
## Documentation
10+
811
- [Overview](docs/overview.md) - Module layout, catalogue, and registry dependencies
912
- [Development Workflows](docs/development-workflows.md) - Pipelines, local validation, and publish guidance
1013

1114
## Overview
15+
1216
Reusable Azure Bicep modules for Integration Services workloads, published to `acrty7og2i6qpv3s` under `bicep/modules/{module}`. Modules ship with per-folder metadata for versioning and are linted/published through Azure DevOps using templates from `ado-pipeline-templates`. The registry itself is deployed by the `platform-strategic-services` project.
1317

1418
## Contributing

0 commit comments

Comments
 (0)