Skip to content

feat: add option to deploy with enhanced security (closes #34) #26

feat: add option to deploy with enhanced security (closes #34)

feat: add option to deploy with enhanced security (closes #34) #26

Workflow file for this run

name: Validate AZD template
on:
push:
branches: [main]
paths:
- 'infra/**'
pull_request:
branches: [main]
paths:
- 'infra/**'
jobs:
build:
runs-on: ubuntu-latest
permissions:
security-events: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Build Bicep for linting
uses: azure/CLI@v2
with:
inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f infra/main.bicep --stdout
- name: Run Microsoft Security DevOps Analysis
uses: microsoft/security-devops-action@preview
id: msdo
continue-on-error: true
with:
tools: templateanalyzer
- name: Upload alerts to Security tab
if: github.repository_owner == 'Azure-Samples'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.msdo.outputs.sarifFile }}