On current one I will cover how to use bicep in our Continuous Integration Azure DevOps yaml pipeline. We start from setup branch policy/branch protection. We link out CI build and make this required for purpose to protect our main branches and not allow breaking code.

How to setup branch protection in

• Azure Devops
• GitHub Action

Validation task

We create additional task in out ci pipeline used also for branch protection.

- task: AzureCLI@2
  displayName: Bicep Validate
  inputs:
    azureSubscription: AzureServiceConnection
    scriptType: bash
    scriptLocation: inlineScript
    inlineScript: |
      az group create --name pr-validation-rg --location $(locationRG)
      az deployment group validate --resource-group pr-validation-rg --template-file '$(Pipeline.Workspace)--template-file '$(Pipeline.Workspace)/$/drop bicep/main.bicep' --parameters '$(Pipeline.Workspace)/$/drop bicep/main.$.parameters.json'

The task is very similar what we use in post with difference that instead using az deployment group create we will use az deployment group validate with is causing validation on bicep. In addition depending from out need if we use multiple environments for staging. We can use --resource-group parameter with can be dynamic/calculated or we can use dedicated resource group for validation purpose. The good way would we using dedicated RG for PR to not affect production resource manager, and use the same validation step on Continuous Delivery/Continuous Deployment with will validate our bicep against target deployment as prerequisite before any other action. One of example can be issues limitation or quotas on target Resource Group/Subscription.

This blog featured as part of Azure Week. Find more great Azure content here.

About the Author:

Hi, there ! My name is Janusz Nowak, let share few words about me 🙂

I Graduated 2008 University of Warsaw, Faculty of Mathematics, Informatics and Mechanics MIMUW where I study computer science.

I am passionate about Lean, DevOps, Application Life Cycle Management, Cloud, Server less and Infrastructure as Code. I try to share knowledge, expertise. Involved in many different activities, like this blog, workshops/session/event/online videos/community meetings/conferences speaking/creating software/open source.

You can find lates activities on profile blog, linkedin, twitter, github, youtube, stackoverflow

Reference:

Nowak, J. (2022). Available at: https://blog.janono.pl/AzureBicepValidationOnPR%20-%20Azure%20-%20Bicep [Accessed: 8th July 2022].