microsoft/template-validation-action

February 20, 2025 ยท View on GitHub

The Microsoft Template Validation Action is a GitHub action used to validate whether a GitHub repository meets the requirements of the Definition of Done (DoD) for AI-Gallery templates.

Usage

Refer to the azure.yaml

Step-by-Step Guide

  1. Clone your repository locally:

    git clone YOUR-REPOSITORY-URL 
    
  2. Install AZD

  3. In the local repository folder, run:

    azd pipeline config
    
  4. Add the microsoft/template-validation-action action to any workflow YAML file under the .github/workflows folder. Below is a sample YAML configuration: Sample Workflow for Linux

    name: Template Validation Sample Workflow
    on: 
      workflow_dispatch:
    
    permissions:
      contents: read
      id-token: write
      pull-requests: write
    
    jobs:
      template_validation_job:
        runs-on: ubuntu-latest
        name: template validation
        steps:
          - uses: actions/checkout@v4
    
          - uses: microsoft/template-validation-action@Latest
            id: validation
            env:
              AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
              AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
              AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
              AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
              AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    
          - name: print result
            run: cat ${{ steps.validation.outputs.resultFile }}
    

Other examples

Run in Windows

Need change the job runs-on to windows-latest and diable useDevContainer in action. The sample workflow is Sample Workflow for Win

    template_validation_job:
        runs-on: windows-latest
        name: template validation
        steps:
          - uses: actions/checkout@v4

          - uses: microsoft/template-validation-action@Latest
            id: validation
            with: 
              useDevContainer: false
            env:
              AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
              AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
              AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
              AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
              AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

          - name: print result
            run: cat ${{ steps.validation.outputs.resultFile }}

Run in Subfolder

Suppose there is a folder at root-level, called ai-template, where the azure.yml configuration is found:

  - uses: microsoft/template-validation-action@Latest
    with:
      workingDirectory: ./ai-template
    env:
      AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
      AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
      AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
      AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
      AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Customized Validation Rules

By default, the action validates all paths, unless specific paths are configured. You can find the reference input name in the [#Inputs] table below.

  - uses: microsoft/template-validation-action@Latest
    with:
      validatePaths: "README.md, LICENSE, ISSUE_TEMPLATE"
      topics: "azure, chatgpt, javascript"
      validateAzd: false
      securityAction: "PSRule"
    env:
      README_H2_TAG: "Getting Started, Guidance"
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Validate Azd in GitHub Runner Environment

  # Install any dependencies for the template. For example, java
  - uses: actions/setup-java@v2
    with:
      distribution: 'temurin'
      java-version: '17'
      cache: 'maven'

  - uses: microsoft/template-validation-action@Latest
    with:
      validateAzd: true
      useDevContainer: false
    env:
      AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
      AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
      AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
      AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
      AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Inputs

NameRequiredDescription
workingDirectoryfalseThe directory to run the validation in. Defaults to . (the root of the repository). Use this if your template is in a subdirectory.
validatePathsfalseA comma-separated list of static files or folder path to check for existence. Defaults to README.md, LICENSE, SECURITY.md, CONTRIBUTING.md, CODE_OF_CONDUCT.md, ISSUE_TEMPLATE.md, azure-dev.yaml, azure.yaml, infra, .devcontainer. Pass "None" to skip this check.
topicsfalseA comma-separated list of topics to check for in the repository. Defaults to azd-template, ai-azd-template. Pass None to skip this check.
validateAzdfalseWhether to validate the deployment functionality with Azure Developer CLI (azd). Defaults to true. Set to false to skip azd validation.
useDevContainerfalseWhether to use a development container for validation. Defaults to true.
securityActionfalseSpecify the security action to use. Defaults to PSRule. Available values: PSRule for microsoft/PSRule action. Pass "None" to skip this check.

Outputs

NameDescription
resultFilePath to the file containing the validation results.

Action Environment Variables

Environment Variable NameDescription
AZURE_CLIENT_IDAzure Client ID for authentication. Required for azd validation.
AZURE_TENANT_IDAzure Tenant ID for authentication. Required for azd validation.
AZURE_SUBSCRIPTION_IDAzure Subscription ID for authentication. Required for azd validation.
AZURE_ENV_NAMEAzure environment name. Required for azd validation.
AZURE_LOCATIONAzure location for resources. Required for azd validation.
GITHUB_TOKENGitHub token for authentication. Required for GitHub topics validation.
README_H2_TAGExpected H2 tag(s) in the README file for validation. Pass None to skip this check.
REPOSITORY_NAMEThe name of the repository for GitHub topics validation. Using the name of current repository if not set.

Built-in Rules

  • When a YAML filename is assigned to validatePaths, the .yml extension is also acceptable.
  • When ISSUE_TEMPLATE.md is not explicitly assigned to validatePaths, an ISSUE_TEMPLATE folder is also acceptable.