Skip to content

Commit

Permalink
Update schema for draft 2020-12 compliance (#851)
Browse files Browse the repository at this point in the history 
* Make schema draft 2020-12 compliant

* Make schema draft 2020-12 compliant

* additional fixes
  • Loading branch information
@JBuildman
JBuildman authored Jan 30, 2025
1 parent 4d02c21 commit 6fd76db
Show file tree
Hide file tree
Showing 6 changed files with 689 additions and 756 deletions.
222 changes: 105 additions & 117 deletions Schemas/global-settings-schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,133 +14,121 @@
},
"pacEnvironments": {
"type": "array",
"items": [
{
"type": "object",
"properties": {
"pacSelector": {
"type": "string"
},
"cloud": {
"type": "string"
},
"tenantId": {
"type": "string"
},
"deployedBy": {
"type": "string"
},
"managedIdentityLocation": {
"items": {
"type": "object",
"properties": {
"pacSelector": {
"type": "string"
},
"cloud": {
"type": "string"
},
"tenantId": {
"type": "string"
},
"deployedBy": {
"type": "string"
},
"managedIdentityLocation": {
"type": "string"
},
"managingTenant": {
"type": "array",
"item": [
{
"managingTenantId": "string"
},
{
"managingTenantRootScopes": "array"
}
],
"additionalProperties": false,
"required": [
"managingTenantId",
"managingTenantRootScopes"
]
},
"deploymentRootScope": {
"type": "string"
},
"skipResourceValidationForExemptions": {
"type": "boolean"
},
"defaultContext": {
"type": "string"
},
"globalNotScopes": {
"type": "array",
"items": {
"type": "string"
},
"managingTenant": {
"type": "array",
"item": [
{
"managingTenantId": "string"
},
{
"managingTenantRootScopes": "array"
}
},
"desiredState": {
"type": "object",
"properties": {
"strategy": {
"type": "string",
"enum": [
"full",
"ownedOnly"
]
},
"keepDfcSecurityAssignments": {
"type": "boolean"
},
"doNotDisableDeprecatedPolicies": {
"type": "boolean"
},
"excludedScopes": {
"type": "array",
"items": {
"type": "string"
}
],
"additionalProperties": false,
"required": [
"managingTenantId",
"managingTenantRootScopes"
]
},
"deploymentRootScope": {
"type": "string"
},
"skipResourceValidationForExemptions": {
"type": "boolean"
},
"defaultContext": {
"type": "string"
},
"globalNotScopes": {
"type": "array",
"items": [
{
},
"excludedPolicyDefinitions": {
"type": "array",
"items": {
"type": "string"
}
]
},
"desiredState": {
"type": "object",
"properties": {
"strategy": {
"type": "string",
"enum": [
"full",
"ownedOnly"
]
},
"keepDfcSecurityAssignments": {
"type": "boolean"
},
"doNotDisableDeprecatedPolicies": {
"type": "boolean"
},
"excludedScopes": {
"type": "array",
"items": [
{
"type": "string"
}
]
},
"excludedPolicyDefinitions": {
"type": "array",
"items": [
{
"type": "string"
}
]
},
"excludedPolicySetDefinitions": {
"type": "array",
"items": [
{
"type": "string"
}
]
},
"excludedPolicyAssignments": {
"type": "array",
"items": [
{
"type": "string"
}
]
},
"excludeSubscriptions": {
"type": "boolean"
},
"excludedPolicySetDefinitions": {
"type": "array",
"items": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"strategy",
"keepDfcSecurityAssignments"
]
}
},
"additionalProperties": false,
"required": [
"pacSelector",
"cloud",
"tenantId",
"deploymentRootScope",
"managedIdentityLocation",
"desiredState"
]
}
]
"excludedPolicyAssignments": {
"type": "array",
"items": {
"type": "string"
}
},
"excludeSubscriptions": {
"type": "boolean"
}
},
"additionalProperties": false,
"required": [
"strategy",
"keepDfcSecurityAssignments"
]
}
},
"additionalProperties": false,
"required": [
"pacSelector",
"cloud",
"tenantId",
"deploymentRootScope",
"managedIdentityLocation",
"desiredState"
]
}
}
},
"additionalProperties": false,
"required": [
"pacOwnerId",
"pacEnvironments"
]
}
}
Loading

1 comment on commit 6fd76db

@krallsm
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there somewhere else that these schemas are being pulled from? I notice some small things the schema doesn't define like a lot of the properties under metadata, so if you're performing scripted/automated updates of your policies based on these schemas, then you get a lot of properties swapping around, creating unnecessary changes in the code.

I'd be open to updating some of the schemas myself through a pull request since I'm interested in making these modifications even just for myself, but it'd be good to know prior if there's a reason some of these properties were not included initially or even in subsequent updates like this one or if they're just being programically produced from another source.

Please sign in to comment.