From b85a9653a37b37800e026e847e184676b5d7268f Mon Sep 17 00:00:00 2001 From: Daniel Ciborowski Date: Mon, 5 Dec 2022 12:36:37 -0500 Subject: [PATCH] Update Password-params-must-be-secure.test.ps1 (#720) * Update Password-params-must-be-secure.test.ps1 * Update no-password-params.json * Update no-password-params.json --- .../Password-params-must-be-secure.test.ps1 | 2 +- .../Pass/no-password-params.json | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/arm-ttk/testcases/deploymentTemplate/Password-params-must-be-secure.test.ps1 b/arm-ttk/testcases/deploymentTemplate/Password-params-must-be-secure.test.ps1 index 4364b844..16db6644 100644 --- a/arm-ttk/testcases/deploymentTemplate/Password-params-must-be-secure.test.ps1 +++ b/arm-ttk/testcases/deploymentTemplate/Password-params-must-be-secure.test.ps1 @@ -38,7 +38,7 @@ foreach ($parameter in $templateObject.parameters.psobject.properties) { $name -like "*accountkey*") { # if it's not secure, flag it - if ($type -ne 'securestring' -and $type -ne 'secureobject') { + if ($type -ne 'securestring' -and $type -ne 'secureobject' -and $type -ne 'bool') { #except certain patterns we know about in ARM # secret + Permissions (keyVault secret perms is an accessPolicy property) # secret + Version (url or simply the version property of a secret) diff --git a/unit-tests/Password-params-must-be-secure/Pass/no-password-params.json b/unit-tests/Password-params-must-be-secure/Pass/no-password-params.json index dc4f7554..2878c71d 100644 --- a/unit-tests/Password-params-must-be-secure/Pass/no-password-params.json +++ b/unit-tests/Password-params-must-be-secure/Pass/no-password-params.json @@ -4,7 +4,10 @@ "parameters": { "my_Parameter": { "type": "string" + }, + "secretToggle": { + "type": "bool" } }, "resources": [] -} \ No newline at end of file +}