microsoft · WilliamBerryiii · Apr 8, 2026
@@ -271,26 +271,8 @@ jobs:
         run: |
           python scripts/aio-version-checker.py \
             --iac-type ${{ inputs.iac-types }} \
-            --output-format json \
-            --output-path aio-version-check-results.json
-
-          # Parse results for outputs
-          if [[ -f "aio-version-check-results.json" ]]; then
-            issues=$(jq '.issues | length' aio-version-check-results.json 2>/dev/null || echo "0")
-            echo "issues=$issues" >> $GITHUB_OUTPUT
-            echo "AIO version check completed with $issues issues"
-          else
-            echo "issues=0" >> $GITHUB_OUTPUT
-            echo "AIO version check completed (no results file)"
-          fi
-
-      - name: Upload AIO version results
-        if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: aio-version-check-results
-          path: aio-version-check-results.json
-          retention-days: 30
+            --error-on-mismatch \
+            --verbose
 
   # Comprehensive dependency pinning analysis
   security-analysis:

@@ -180,16 +180,8 @@ jobs:
         run: |
           python scripts/aio-version-checker.py \
             --iac-type ${{ inputs.iac-types }} \
-            --break-build ${{ inputs.break-build }} \
-            --output-format json
-
-      - name: Upload AIO version results
-        if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: aio-version-check-results
-          path: aio-version-check-results.json
-          retention-days: 30
+            --error-on-mismatch \
+            --verbose
 
   # Comprehensive security validation summary
   security-validation-summary:

@@ -79,7 +79,7 @@ jobs:
         id: shellcheck
         run: |
           find . -name '*.sh' -not -path './node_modules/*' -not -path './.copilot-tracking/*' -print0 \
-            | xargs -0 -r shellcheck --rcfile .shellcheckrc --format=gcc > shellcheck-output.txt 2>&1 || echo "SHELLCHECK_FAILED=true" >> "$GITHUB_ENV"
+            | xargs -0 -r shellcheck --format=gcc > shellcheck-output.txt 2>&1 || echo "SHELLCHECK_FAILED=true" >> "$GITHUB_ENV"
           cat shellcheck-output.txt
         continue-on-error: true
 

@@ -73,8 +73,8 @@ jobs:
       - name: TFLint init and check
         id: tflint
         run: |
-          tflint --init
-          tflint --recursive > tflint-output.txt 2>&1 || echo "TFLINT_FAILED=true" >> "$GITHUB_ENV"
+          tflint --init --config "$(pwd)/.tflint.hcl"
+          tflint --recursive --config "$(pwd)/.tflint.hcl" > tflint-output.txt 2>&1 || echo "TFLINT_FAILED=true" >> "$GITHUB_ENV"
           cat tflint-output.txt
         continue-on-error: true
 

@@ -15,7 +15,7 @@ BLUE='\033[0;34m'
 NC='\033[0m' # No Color
 
 print_usage() {
-    cat << EOF
+  cat <<EOF
 Usage: $0 [terraform|bicep|both] [options]
 
 Run static contract tests to validate IaC outputs match test requirements.
@@ -53,25 +53,25 @@ TEST_TYPE="both"
 VERBOSE_FLAG=""
 
 while [[ $# -gt 0 ]]; do
-    case $1 in
-        terraform|bicep|both)
-            TEST_TYPE="$1"
-            shift
-            ;;
-        -v|--verbose)
-            VERBOSE_FLAG="-v"
-            shift
-            ;;
-        -h|--help)
-            print_usage
-            exit 0
-            ;;
-        *)
-            echo -e "${RED}Unknown option: $1${NC}"
-            print_usage
-            exit 1
-            ;;
-    esac
+  case $1 in
+    terraform | bicep | both)
+      TEST_TYPE="$1"
+      shift
+      ;;
+    -v | --verbose)
+      VERBOSE_FLAG="-v"
+      shift
+      ;;
+    -h | --help)
+      print_usage
+      exit 0
+      ;;
+    *)
+      echo -e "${RED}Unknown option: $1${NC}"
+      print_usage
+      exit 1
+      ;;
+  esac
 done
 
 echo -e "${BLUE}╔════════════════════════════════════════════════════════════╗${NC}"
@@ -86,36 +86,36 @@ echo ""
 echo -e "${YELLOW}Checking dependencies...${NC}"
 
 # Check Go
-if ! command -v go &> /dev/null; then
-    echo -e "${RED}✗ Go not found. Please install Go toolchain.${NC}"
-    exit 1
+if ! command -v go &>/dev/null; then
+  echo -e "${RED}✗ Go not found. Please install Go toolchain.${NC}"
+  exit 1
 fi
 echo -e "${GREEN}✓ Go:            $(go version | awk '{print $3}')${NC}"
 
 # Check terraform-docs
 if [[ "$TEST_TYPE" == "terraform" || "$TEST_TYPE" == "both" ]]; then
-    if ! command -v terraform-docs &> /dev/null; then
-        echo -e "${RED}✗ terraform-docs not found${NC}"
-        echo -e "${YELLOW}  Install: brew install terraform-docs${NC}"
-        exit 1
-    fi
-    echo -e "${GREEN}✓ terraform-docs: $(terraform-docs version | head -n1)${NC}"
+  if ! command -v terraform-docs &>/dev/null; then
+    echo -e "${RED}✗ terraform-docs not found${NC}"
+    echo -e "${YELLOW}  Install: brew install terraform-docs${NC}"
+    exit 1
+  fi
+  echo -e "${GREEN}✓ terraform-docs: $(terraform-docs version | head -n1)${NC}"
 fi
 
 # Check az bicep
 if [[ "$TEST_TYPE" == "bicep" || "$TEST_TYPE" == "both" ]]; then
-    if ! command -v az &> /dev/null; then
-        echo -e "${RED}✗ Azure CLI not found${NC}"
-        echo -e "${YELLOW}  Install: https://docs.microsoft.com/cli/azure/install-azure-cli${NC}"
-        exit 1
-    fi
-
-    # Check bicep is installed
-    if ! az bicep version &> /dev/null; then
-        echo -e "${RED}✗ Bicep not installed${NC}"
-        echo -e "${YELLOW}  Install: az bicep install${NC}"
-        exit 1
-    fi
+  if ! command -v az &>/dev/null; then
+    echo -e "${RED}✗ Azure CLI not found${NC}"
+    echo -e "${YELLOW}  Install: https://docs.microsoft.com/cli/azure/install-azure-cli${NC}"
+    exit 1
+  fi
+
+  # Check bicep is installed
+  if ! az bicep version &>/dev/null; then
+    echo -e "${RED}✗ Bicep not installed${NC}"
+    echo -e "${YELLOW}  Install: az bicep install${NC}"
+    exit 1
+  fi
 fi
 
 echo ""
@@ -124,41 +124,41 @@ echo ""
 EXIT_CODE=0
 
 run_test() {
-    local test_name=$1
-    local test_pattern=$2
-
-    echo -e "${BLUE}──────────────────────────────────────────────────────────${NC}"
-    echo -e "${YELLOW}Running: $test_name${NC}"
-    echo -e "${BLUE}──────────────────────────────────────────────────────────${NC}"
-
-    if go test $VERBOSE_FLAG -run "$test_pattern" .; then
-        echo -e "${GREEN}✓ $test_name PASSED${NC}"
-    else
-        echo -e "${RED}✗ $test_name FAILED${NC}"
-        EXIT_CODE=1
-    fi
-    echo ""
+  local test_name=$1
+  local test_pattern=$2
+
+  echo -e "${BLUE}──────────────────────────────────────────────────────────${NC}"
+  echo -e "${YELLOW}Running: $test_name${NC}"
+  echo -e "${BLUE}──────────────────────────────────────────────────────────${NC}"
+
+  if go test $VERBOSE_FLAG -run "$test_pattern" .; then
+    echo -e "${GREEN}✓ $test_name PASSED${NC}"
+  else
+    echo -e "${RED}✗ $test_name FAILED${NC}"
+    EXIT_CODE=1
+  fi
+  echo ""
 }
 
 case $TEST_TYPE in
-    terraform)
-        run_test "Terraform Contract Test" "TestTerraformOutputsContract"
-        ;;
-    bicep)
-        run_test "Bicep Contract Test" "TestBicepOutputsContract"
-        ;;
-    both)
-        run_test "Terraform Contract Test" "TestTerraformOutputsContract"
-        run_test "Bicep Contract Test" "TestBicepOutputsContract"
-        ;;
+  terraform)
+    run_test "Terraform Contract Test" "TestTerraformOutputsContract"
+    ;;
+  bicep)
+    run_test "Bicep Contract Test" "TestBicepOutputsContract"
+    ;;
+  both)
+    run_test "Terraform Contract Test" "TestTerraformOutputsContract"
+    run_test "Bicep Contract Test" "TestBicepOutputsContract"
+    ;;
 esac
 
 # Summary
 echo -e "${BLUE}╔════════════════════════════════════════════════════════════╗${NC}"
 if [[ $EXIT_CODE -eq 0 ]]; then
-    echo -e "${BLUE}║${GREEN}                   All Tests PASSED ✓                       ${BLUE}║${NC}"
+  echo -e "${BLUE}║${GREEN}                   All Tests PASSED ✓                       ${BLUE}║${NC}"
 else
-    echo -e "${BLUE}║${RED}                   Some Tests FAILED ✗                      ${BLUE}║${NC}"
+  echo -e "${BLUE}║${RED}                   Some Tests FAILED ✗                      ${BLUE}║${NC}"
 fi
 echo -e "${BLUE}╚════════════════════════════════════════════════════════════╝${NC}"