Add support for reading XML files

Question

Add support for reading XML files

ronaldbosma opened this issue a year ago · comments

I would like to be able to read XML files so I can create custom rules to check the XML. In particular, I want to check my Azure API Management policies. We define our policies in separate XML files, so I would like to be able to load these and check them with PSRule.

An extra XML option for Input.Format would most likely be the best approach. Handling both elements & attributes might be a bit tricky, but both should be supported. Also note that elements with the same name can occur multiple times, while attribute names should be unique for a given element.

Alternatives I looked at:

The PSRule.Rules.Azure suite provides the Azure.APIM.PolicyBase rule that asserts the contents of a policy. This rule expects the policy XML to be defined directly in the Bicep file. We use separate XML files for our policies because these are more readable and maintainable. So, the approach used for Azure.APIM.PolicyBase doesn't work for us.

I've tried converting the Bicep into an JSON ARM template and then using a similar approach as is done by Azure.APIM.PolicyBase, but the policy contents is set via a generated variable as you can see in the sample below. Most likely because we use the loadTextContent Bicep function when loading the policy XML file.

"variables": {
  "$fxv#1": "<policies>\r\n   ... \r\n</policies>"
},
"resources": [
  {
    "type": "Microsoft.ApiManagement/service/apis/policies",
    "apiVersion": "2022-08-01",
    "name": "[format('{0}/{1}/{2}', parameters('apimResourceName'), parameters('apiName'), 'policy')]",
    "properties": {
      "format": "rawxml",
      "value": "[variables('$fxv#1')]"
    },
    "dependsOn": [
      "[resourceId('Microsoft.ApiManagement/service/apis', parameters('apimResourceName'), parameters('apiName'))]"
    ]
  },

github-actions · Answer 1 · Fri May 26 2023 19:17:11 GMT+0800 (China Standard Time)

Thanks for raising your first issue, the team appreciates the time you have taken 😉

Bernie White · Answer 2 · Sun May 28 2023 23:04:49 GMT+0800 (China Standard Time)

@ronaldbosma Thanks for raising the issue. We'd like to improve XML support too since we found a few things that could be better such as #1518.

Currently you can use PowerShell based rules to work with XML by using a convention. Similar to this https://github.com/microsoft/PSRule-samples/tree/main/samples/azure/BicepModuleRequires

For example:

# Synopsis: Imports XML policy in for analysis.
Export-PSRuleConvention 'APIMPolicy.Import' -Initialize {
    $policies = @(Get-ChildItem -Path 'policies/' -Include '*.xml' -Recurse -File | ForEach-Object {
        $name = $_.Name
        [PSCustomObject]@{
            Name = $name
            Content = [Xml](Get-Content -Path $_.FullName -Raw)
        }
    })
    $PSRule.ImportWithType('APIMPolicy', $policies);
}

# Synopsis: Your rule
Rule 'Rule001' -Type 'APIMPolicy' {
    $policy = $TargetObject.Content
}

See conventions

Ronald Bosma · Answer 3 · Wed May 31 2023 00:24:45 GMT+0800 (China Standard Time)

Hi @BernieWhite. Thanks for answering and for your suggestion to use a convention. I was working a workaround which had several issues, but using a convention that includes the file name and importing them as custom types fixed all of them.