Move from template analyser to psrule for security audits

Azure-Samples / contoso-chat

This sample has the full End2End process of creating RAG application with Prompt Flow and AI Studio. It includes GPT 3.5 Turbo LLM application code, evaluations, deployment automation with AZD CLI, GitHub actions for evaluation and deployment and intent mapping for multiple LLM task mapping.

MIT License

366 stars 2.28k forks source link

Move from template analyser to psrule for security audits #133

Closed tonybaloney closed 3 weeks ago

tonybaloney commented 3 weeks ago

This replaces the MSDO/template analyser tool with PSRule and adds a specific main.test.bicep file with the specific configuration we want to validate.

Overall, it reduces false positives but means if we add features like private networking as optional you can test that specific profile.

github-advanced-security[bot] commented 3 weeks ago

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

tonybaloney commented 3 weeks ago

Reduces the number of issues from 38 to 22. Will address those 22 in separate PRs once this is merged.