Testing your Bicep code is important to ensure the integrity and reliability of your infrastructure as code. Combining different testing methods provides a comprehensive validation process. This post will cover various techniques to test and review your Bicep code effectively.
1 Bicep Linter
The Bicep linter is your first line of defense for identifying syntax errors and best practice violations. By enforcing coding standards, it ensures that your Bicep code is clean and maintainable. You can customize the linter’s behavior by modifying the bicepconfig.json file. This flexibility allows you to tailor the rules to your specific project needs.
az bicep lint --file main.bicep
An example output message of the Linter might look like this:
Warning outputs-should-not-contain-secrets: Outputs should not contain secrets. Found possible secret: function 'listConnectionStrings' [https://aka.ms/bicep/linter/outputs-should-not-contain-secrets]
Learn more:
- https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter
- https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/bicep-config-linter
2 Previewing Changes with What-If Operations
Azure’s What-If operations enable you to preview potential changes to your infrastructure before applying them. This is particularly useful for ensuring that deployments won’t introduce unexpected modifications.
Command Example
Run a What-If operation to visualize the changes:
New-AzResourceGroupDeployment -WhatIf -ResourceGroupName rg-kv-prod-001 -Mode Complete -TemplateFile ./main.bicep
Output Example
Here’s an example of what the command output might look like:
This step provides a detailed preview, helping you catch potential issues early in the deployment process.
3 Testing with PSRule for Azure Well-Architected Framework
Another method is to test your Bicep code against the Azure Well-Architected Framework using PSRule. This helps you ensure that your resources are configured according to best practices.
Gettings Started with PSRule
- Install PSRule by following the Installation Guide
- Create a configuration file named
ps-rule.yamlwith the following content:
include:
module:
- PSRule.Rules.Azure
configuration:
AZURE_BICEP_FILE_EXPANSION: true
AZURE_BICEP_CHECK_TOOL: true
input:
pathIgnore:
- '**/*.json'
output:
outcome: 'Processed'
Ensure your Bicep template parameters are set before running the analysis. Then execute:
Invoke-PSRule -InputPath ./deploy/main.bicep -Module PSRule.Rules.Azure
Intepreting the Output
PSRule will evaluate your resources against numerous best practice rules. A typical output might look like this:
By incorporating these testing methods, you can confidently validate and review your Bicep code, ensuring it meets both functional requirements and best practices. Regular testing helps catch errors early and maintains the quality and security of your deployments.
Top comments (2)
Excellent post!
Thanks Olivier!