Since the initial release of PSRule.Rules.AzureDevOps last Saturday, development has gone fast. Today marks the release of version 0.0.7 and quite a few features have been added along the way. The PowerShell module is a rules module for PSRule and helps to analyze an Azure DevOps project for configuration and security best-practices.
Recently added features include rules for:
Variable Group secrets should be linked to KeyVault
Azure pipelines should be defined as YAML
Release pipelines should use approvals for production stages
The module, available as open source on GitHub and PowerShell gallery, can easily be run from your desktop in a PowerShell terminal, or through CI/CD pipelines as a routine governance check of your Azure DevOps project. Besides the new features, PSRule.Rules.AzureDevOps already has support for checks on including license and readme files in your repos, protecting your repos, environments and service connections with branch policies, checks and approvals and it even checks if your Azure Resource Manager Service Connection has a scope assigned as advised in the best practices.
The near future will bring some new features and improve the existing codebase with descriptive error handling and test cases. All of your ideas, inspiration, remarks and other contributions are very welcome through opening an issue on GitHub.