cloudflare/Azure-Sentinel
Publicmirrored fromhttps://github.com/cloudflare/Azure-Sentinel
.script/ReadMe.md
67lines · modecode
| 1 | # How to add new PR validation |
| 2 | |
| 3 | At the time of submitting your Pull Request, automatic GitHub validations using Azure Pipelines is enabled on this repository for basic syntactical checks of the contributions. You can add custom tests as needed based on your scenario following this guidance. |
| 4 | |
| 5 | ## What is Azure Pipelines |
| 6 | |
| 7 | [Azure Pipelines](https://docs.microsoft.com/azure/devops/pipelines/get-started/what-is-azure-pipelines?view=azure-devops) is a cloud service that you can use to automatically build and test your code project and make it available to other users. It works with just about any language or project type. |
| 8 | |
| 9 | |
| 10 | ## How to add new PR validation: |
| 11 | 1. Install the following extensions, if you use [VS Code](https://code.visualstudio.com/docs/azure/extensions) editor: |
| 12 | - [Azure Pipelines](https://marketplace.visualstudio.com/items?itemName=ms-azure-devops.azure-pipelines) |
| 13 | - [Yaml](https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml) |
| 14 | |
| 15 | 2. Run "npm install" cmd, in order to install the libraries used in this project. |
| 16 | The libraries are defined in package.json |
| 17 | |
| 18 | 3. Create an Azure Pipeline job for the new validation. |
| 19 | Add new yaml file under [.azure-pipelines](https://github.com/Azure/Azure-Sentinel/blob/master/.azure-pipelines/) folder, see example in [yamlFileValidator.yaml](https://github.com/Azure/Azure-Sentinel/blob/master/.azure-pipelines/yamlFileValidator.yaml) file (note - the script code should be added on another file for clearer code, see in step #5). |
| 20 | * Add scripts those are relevant to the specific folder under one yaml file in the same job. The validation infrastructure and the examples are in TypeScript, but you can use other languages if you prefer |
| 21 | * Azure Pipelines work with many languages such as Python, Java,JavaScript, PHP, Ruby, C#, C++, and Go. Refer to [Azure Pipelines documentation](https://docs.microsoft.com/azure/devops/pipelines/?view=azure-devops) for further information on this. |
| 22 | |
| 23 | 4. Add the new job to [azure-pipelines.yml](https://github.com/Azure/Azure-Sentinel/blob/master/azure-pipelines.yml) file as a new template under jobs property |
| 24 | |
| 25 | 5. Create script file for the new validation. The job from step #3 has reference to this file. See instructions in [How to add script validation](#how-to-add-scipt-validation) section. |
| 26 | A step is a failure if it either explicitly reports failure (using a ##vso command) or ends the script with a non-zero exit code |
| 27 | |
| 28 | 6. Test the new validation. See instruction in [How to test the new validation](#How-to-test-the-new-validation) section |
| 29 | |
| 30 | ### How to add scipt validation |
| 31 | |
| 32 | **Note**: All script logs are public and display in DevOps pipeline. |
| 33 | By default, the logs color is white. In case you want another color you can use [logging commands](https://docs.microsoft.com/azure/devops/pipelines/scripts/logging-commands?view=azure-devops&tabs=bash) |
| 34 | |
| 35 | 1. Create script file under [.script](https://github.com/Azure/Azure-Sentinel/tree/master/.script) folder |
| 36 | |
| 37 | 2. In case you use TypeScript language, you can use the infrastructure script. See example in [yamlFileValidator.ts](https://github.com/Azure/Azure-Sentinel/blob/master/.script/yamlFileValidator.ts): |
| 38 | - Create an async validation function that gets the file path. |
| 39 | In case the validation pass the function returns success, otherwise throws an exception (don't return an error, this will handle by the infrastructure). |
| 40 | - Create CheckOptions object with 3 properties: |
| 41 | - onCheckFile: the validation validetion function that will run on each file (from step one) |
| 42 | - onExecError: error behavior in case that the file validation failed |
| 43 | - onFinalFailed: error behavior at the end of the validation, execute in case one of the validation failed |
| 44 | - Call runCheckOverChangedFiles with properties: |
| 45 | - checkOptions: the object you create in the earlier step 2 |
| 46 | - fileKinds: file kind filter, there are 3 kinds- "Added", "Modified", "Deleted" |
| 47 | - fileTypeSuffixes : file type filter, example: ["yaml", "yml"] |
| 48 | - filePathFolderPreffixes: folder path filter, example: ["Detections"] |
| 49 | - Run prettier command to fix type script files format. |
| 50 | - install "npm install -g prettier" if needed |
| 51 | - Run cmd: prettier --write --print-width 200 ".script/**/*.ts" |
| 52 | |
| 53 | ### How to test the new validation |
| 54 | |
| 55 | 1. In case the language script is TypeScript, check the new validation function by local tests. Since most of the code are the same, these tests will help you validate your changes before it gets merged to master. |
| 56 | See example in [yamlFileValidatorTest](https://github.com/Azure/Azure-Sentinel/tree/master/.script/tests/yamlFileValidatorTest) folder. |
| 57 | |
| 58 | - Create new folder under [.script/test](https://github.com/Azure/Azure-Sentinel/tree/master/.script/tests). folder name format: TestedFileName+Test |
| 59 | - Create tests file. File name format: TestedFileName.test.ts |
| 60 | - Run the test by execute from cmd "npm test". |
| 61 | Since it is run locally you will see "Azure DevOps CI for a Pull Request wasn't found. If issue persists - please open an issue" message. You can ignore it. |
| 62 | - In order to debug the test file, select "Mocha Current File" option in VSCode |
| 63 | |
| 64 | 5. After the code is merged to master, create a Draft PR to test the new validation. Check both options, pass and failed. |
| 65 | * (Draft PR marked as "Work in Progress" and cannot be merged, more info [here](https://help.github.com/en/articles/about-pull-requests#draft-pull-requests)). |
| 66 | * Remember to delete the draft PR. |