Create bicep-audit for security best practice validation

Azure / reliable-web-app-pattern-dotnet

The Reliable Web App Pattern is a set of objectives to help your web application converge on the cloud. This repo contains a reference implementation of a reliable web application for .NET.

https://aka.ms/eap/rwa/dotnet/doc

MIT License

369 stars 118 forks source link

Create bicep-audit for security best practice validation #374

Open tonybaloney opened 5 months ago

tonybaloney commented 5 months ago

This PR adds an extra workflow that is either triggered manually or whenever anyone changes the files in infra/

It scans the templates against the best practice rule list, primarily for security and adds the results to the GitHub Security tab. Exceptions can be fixed or dismissed with reasons.

adrianhall commented 3 months ago

Is there any way we can check out the output prior to adding this into every single check-in? I would like to validate the output prior to accepting.