Using PSRule v. 3.0.0-B0203 returning unexpected ''helper'' value when testing deployment names using custom rules

[lassehastrup]

Description of the issue

I have previously created a bug report in regards to outputting the 'Reason' when validating resource names. Therefore, I'm using the 3.0.0-B0203 version you released to perform some further testing, as we're in the process of adding a bunch of custom rules.

However, the 'Reason' is now outputting a strange message ''Helper'' which doesn't exist in the repository at all. We're using a custom Rule to verify naming standards in bicep deployments using this type:

• 'Microsoft.Resources/deployments'

It seems to be populated from the backend in some way, as I'm getting the same error in every single repository I have tested this on; and none of the repos contains the words 'helper'.

To Reproduce

Steps to reproduce the issue:

I have created a small test scenario with the custom rule, option file and a simple bicep file to show the error received: Download the folder below, and run the 'PSRulePreDeployment.ps1' script. PSRule.zip

./PSRulePreDeployment.ps1

Expected behaviour

We don't expect to receive any errors in regards to the naming.

Error output

[FAIL] Local.YAML.NamingConvention.Resources.deployments
    | Template: templates/main.bicep:0:0
    | Parameter: tenants/FMP/dev.fes.Azure.parameters.json:0:0

    | RECOMMEND:
    | Valid text: 'Alphanumerics, underscores, parentheses, hyphens, and periods.'

    | REASON:
    | - The value ''helper'' does not start with any of 'deploy'.

Module in use and version:

Using PSRule v3.0.0-B0203 Using PSRule.Rules.Azure v1.36.0 Using PSRule.Rules.CAF v0.3.0

Captured output from $PSVersionTable:

PSVersion                      7.4.2
PSEdition                      Core
GitCommitId                    7.4.2
OS                             Darwin 23.4.0 Darwin Kernel Version 23.4.0: Fri Mar 15 00:10:42 PDT 2024; root:xnu-10063.101.17~1/RELEASE_ARM64_T6000
Platform                       Unix
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Additional context

I hope this is the correct place to report issues on pre-releases.

[BernieWhite]

Hi @lassehastrup, this is intended. It is the name used for the root deployment. i.e. the bicep + json parameter file.

During a az deployment group create --name <name> --template-file <file> this would be effectively the <name>.

I agree the name helper is probably less intuitive, but has some advantages for your case. You can easily exclude this name, and we use this for some rules in PSRule for Azure.

Does that make sense? Or is there a clear preference for something different?

[lassehastrup]

Thanks, @BernieWhite .

I'm still a little unsure to why this 'helper' is being used, but I assume you have good reasons. I will create another rule for this to 'allow' it.

[BernieWhite]

@lassehastrup Not sure if this helps the explanation, however:

In a bicep file, each module reference becomes a deployment.

For example this deployment is called deployment1 in the deploy.bicep file.

module example './main.bicep' = {
  name: 'deployment1'
  params: {}
}

However, there is actually two deployments occurring in the block of code.

1. the root deployment in deploy.bicep.
2. the nested deployment called deployment1 from main.bicep.

You never specified the name of the root deployment in code, but when you trigger a deployment to Azure by running the Azure CLI/ Azure PowerShell/ Portal it is automatically created, based on the contents of deploy.bicep.

The deployment in Azure would look like this:

• Root deployment
  • deployment1

Root deployment isn't the name of the deployment though, neither is deployment1 because it's not specified in code.

If you ran the deployment on the command line i.e. az deployment group create -g rg1 -n deployment0 --template-file deploy.bicep --parameters @params.json you would be specifying the name deployment0 for the root deployment.

In PSRule for Azure, we choose the name of the root deployment when using bicep code to be helper.

https://github.com/Azure/PSRule.Rules.Azure/blob/167f20562e1b197f73fc3da9703d9f2bb6d9893a/src/PSRule.Rules.Azure/Data/Bicep/BicepHelper.cs#L339