qnrl · rohancragg · Jul 7, 2023 · Jul 7, 2023 · Jul 7, 2023 · Jul 7, 2023
diff --git a/examples/bicep/storage.bicepparam b/examples/bicep/storage.bicepparam
diff --git a/modules/storage/v1/.tests/storage.tests.bicep b/modules/storage/v1/.tests/storage.tests.bicep
@@ -0,0 +1,10 @@
+param location string = resourceGroup().location
+
+module storageAccount '../storage.bicep' = {
+  name: deployment().name
+  params: {
+    storageAccountName: 'sapsruledemoqrgc'
+    storageAccountType: 'Standard_LRS'
+    location: location
+  }
+}
diff --git a/examples/bicep/storage.bicep → modules/storage/v1/storage.bicep b/examples/bicep/storage.bicep → modules/storage/v1/storage.bicep
@@ -9,13 +9,13 @@
     'Standard_RAGZRS'
     'Standard_ZRS'
 ])
-param storageAccountType string = 'Standard_LRS'
+param storageAccountType string
 
 @description('The storage account location.')
 param location string = resourceGroup().location
 
 @description('The name of the storage account')
-param storageAccountName string = 'storagedefaultname'
+param storageAccountName string
 
 resource sa 'Microsoft.Storage/storageAccounts@2022-09-01' = {
     name: storageAccountName

diff --git a/out/results.md b/out/results.md
@@ -1,28 +1,31 @@
 # PSRule
 
-## /workspaces/PsRule-Demo/examples/bicep/storage.bicepparam : Microsoft.Resources/deployments
+## /workspaces/PsRule-Demo/modules/storage/v1/.tests/storage.tests.bicep : Microsoft.Resources/deployments
 
 - [X] Azure.Deployment.OutputSecretValue
 - [X] Azure.Deployment.AdminUsername
 - [X] Azure.Deployment.SecureValue
+- [X] Azure.Deployment.OuterSecret
 - [X] Azure.Template.ParameterStrongType
 - [X] Azure.Template.ExpressionLength
 
-## sapsruledemoqrgc : Microsoft.Storage/storageAccounts
+## helper : Microsoft.Resources/deployments
 
-- [ ] Azure.Resource.UseTags
+- [X] Azure.Deployment.OutputSecretValue
+- [X] Azure.Deployment.AdminUsername
+- [X] Azure.Deployment.SecureValue
+- [X] Azure.Template.ParameterStrongType
+- [X] Azure.Template.ExpressionLength
+- [X] Azure.Deployment.Name
 
-Consider tagging resources using a standard convention. Identify mandatory and optional tags then tag all resources and resource groups using this standard.
-Also consider using Azure Policy to enforce mandatory tags.
+## sapsruledemoqrgc : Microsoft.Storage/storageAccounts
 
+- [X] Azure.Resource.UseTags
 - [X] Azure.Storage.SoftDelete
 - [X] Azure.Storage.BlobAccessType
 - [X] Azure.Storage.Name
 - [X] Azure.Storage.ContainerSoftDelete
-- [ ] Azure.Storage.Firewall
-
-Consider configuring storage firewall to restrict network access to permitted clients only. Also consider enforcing this setting using Azure Policy.
-
+- [X] Azure.Storage.Firewall
 - [X] Azure.Storage.MinTLS
 - [X] Azure.Storage.SecureTransfer
 - [X] Azure.Storage.BlobPublicAccess
diff --git a/ps-rule-invoke.ps1 b/ps-rule-invoke.ps1
@@ -13,7 +13,7 @@ Install-Module -Name 'PSRule.Rules.Azure' -Repository PSGallery -Scope CurrentUs
 # Run PSRule:
 ####################################################################################################
 
-Invoke-PSRule -Format File -InputPath 'examples/bicep/*' -Module 'PSRule.Rules.Azure' -As Summary
+Invoke-PSRule -Format File -InputPath '.' -Module 'PSRule.Rules.Azure' -As Summary
 <# Expected output:
 
 RuleName                            Pass  Fail  Outcome
@@ -34,7 +34,7 @@ Azure.Storage.SecureTransfer        1     0     Pass
 Azure.Storage.BlobPublicAccess      1     0     Pass
 #>
 
-Invoke-PSRule -Format File -InputPath 'examples/bicep/' -Module 'PSRule.Rules.Azure' -Outcome Fail, Error;
+Invoke-PSRule -Format File -InputPath '.' -Module 'PSRule.Rules.Azure' -Outcome Fail, Error;
 <# Expected output:
 
    TargetName: sapsruledemoqrgc
@@ -46,7 +46,7 @@ Azure.Storage.Firewall              Fail       Consider configuring storage fire
 
 #>
 
-Assert-PSRule -Format File -InputPath 'examples/bicep/'  -Module 'PSRule.Rules.Azure' -Outcome Fail, Error;
+Assert-PSRule -Format File -InputPath '.'  -Module 'PSRule.Rules.Azure' -Outcome Fail, Error;
 <# Expected output:
 
 > sapsruledemoqrgc : Microsoft.Storage/storageAccounts [7/9]
@@ -92,10 +92,10 @@ Assert-PSRule: One or more rules reported failure.
 
 #>
 
-Invoke-PSRule -Format File -InputPath 'examples/bicep/' -Module 'PSRule.Rules.Azure' -OutputFormat Markdown -OutputPath 'out/results.md'
+Invoke-PSRule -Format File -InputPath '.' -Module 'PSRule.Rules.Azure' -OutputFormat Markdown -OutputPath 'out/results.md'
 
 # Read resources in from file
-$resources = Get-Content -Path 'examples/resources/resources.json' | ConvertFrom-Json;
+$resources = Get-Content -Path './resources/resources.json' | ConvertFrom-Json;
 
 # Process resources
 $resources | Invoke-PSRule  -Module 'PSRule.Rules.Azure';

diff --git a/ps-rule.yaml b/ps-rule.yaml
@@ -38,13 +38,17 @@ configuration:
 
 input:
   pathIgnore:
-  # Ignore other files in the repository.
+    # Ignore other files in the repository.
   - '.vscode/'
   - '.github/'
   - '*.md'
 
   # Exclude bicepconfig.json
   - 'bicepconfig.json'
+
+  # ignore all bicep files except the ones that have been created to test modules
+  - 'modules/**/*.bicep'
+  - '!modules/**/*.tests.bicep'
 
 rule:
   exclude:
@@ -67,8 +71,8 @@ execution:
   unprocessedObject: Ignore
 
 output:
-   as: Detail
-   banner: Default
-   culture: [en-GB]
-   encoding: Default
-   footer: Default
+  as: Detail
+  banner: Default
+  culture: [en-GB]
+  encoding: Default
+  footer: Default
diff --git a/examples/resources/resources.json → resources/resources.json b/examples/resources/resources.json → resources/resources.json