Contributions to this Blueprint are very welcome! We follow a fairly standard pull request process for contributions, subject to the following guidelines:
- File a GitHub issue
- Update the documentation
- Update the tests
- Update the code
- Create a pull request
- Merge and release
Before starting any work, we recommend filing a GitHub issue in this repo. This is your chance to ask questions and get feedback from the maintainers and the community before you sink a lot of time into writing (possibly the wrong) code. If there is anything you're unsure about, just ask!
We recommend updating the documentation before updating any code (see Readme Driven Development). This ensures the documentation stays up to date and allows you to think through the problem at a high level before you get lost in the weeds of coding.
We also recommend updating the automated tests before updating any code (see Test Driven Development). That means you add or update a test case, verify that it's failing with a clear error message, and then make the code changes to get that test to pass. This ensures the tests stay up to date and verify all the functionality in this Blueprint, including whatever new functionality you're adding in your contribution. In this case, this means ensure there are instructions or terraform modules in sample-deploy/ that generates infrastructure that can be checked by the scanner. The sample should include a passing and a failing variant of the infrastructure targeted by the test. Check out the tests folder for instructions on running the automated tests.
At this point, make your code changes and use your new test case to verify that everything is working. As you work, keep in mind these things:
- Backwards compatibility
- Account independence
- Sane defaults
Please make every effort to avoid unnecessary backwards incompatible changes. With Terraform code, this means:
- Do not delete, rename, or change the type of input variables.
- If you add an input variable, it should have a
default. - Do not delete, rename, or change the type of output variables.
- Do not delete or rename a module in the
modulesfolder.
If a backwards incompatible change cannot be avoided, please make sure to call that out when you submit a pull request, explaining why the change is absolutely necessary.
Ensure as much as possible that you are wiping clean any resource-group, subscription etc for your tests.
Make a best effort to reduce the number of required variables to a minimum by supplying sane (secure) defaults whenever possible.
Create a pull request with your changes. Please make sure to include the following:
- A description of the change, including a link to your GitHub issue.
- The output of your automated test run, preferably in a GitHub Gist. We cannot run automated tests for pull requests automatically due to security concerns, so we need you to manually provide this test output so we can verify that everything is working.
- Any notes on backwards incompatibility or downtime.
The maintainers for this repo will review your code and provide feedback. If everything looks good, they will merge the code and release a new version, which you'll be able to find in the releases page.