Add zone redundancy rule for Event Hub namespaces (AZR-000505) #9
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: BenjaminEngeset <[email protected]>
Copilot
AI
changed the title
[WIP] Add new rule for task #3029
Add zone redundancy rule for Event Hub namespaces (AZR-000503)
Nov 16, 2025
BenjaminEngeset
requested changes
Nov 16, 2025
Owner
BenjaminEngeset
left a comment
BenjaminEngeset
left a comment
There was a problem hiding this comment.
@copilot The rule reference should be AZR-000505.
Co-authored-by: BenjaminEngeset <[email protected]>
Author
Updated to AZR-000505 in commit 254ce10. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Copilot
AI
changed the title
Add zone redundancy rule for Event Hub namespaces (AZR-000503)
Add zone redundancy rule for Event Hub namespaces (AZR-000505)
Nov 16, 2025
Owner
BenjaminEngeset
left a comment
BenjaminEngeset
left a comment
There was a problem hiding this comment.
@copilot Remove the changes in the index file. Add reason to the pester test. Do we have test scenarios for all cases?
Author
Completed in commit f455140:
Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
BenjaminEngeset
requested changes
Nov 19, 2025
Owner
BenjaminEngeset
left a comment
BenjaminEngeset
left a comment
There was a problem hiding this comment.
@copilot Remove the changes in the index file. Add reason to the pester test. Do we have test scenarios for all cases?
Completed in commit f455140:
- Removed index.md changes (reverted to base)
- Added reason assertions to AvailabilityZone test
- Test scenarios cover: missing property (hubns-A), false value (hubns-G), and true value (hubns-B/C/D/E/F)
[!WARNING]
Firewall rules blocked me from connecting to one or more addresses (expand for details)
I tried to connect to the following addresses, but was blocked by firewall rules:
management.azure.com
- Triggering command:
/usr/share/dotnet/dotnet exec --runtimeconfig /home/REDACTED/work/PSRule.Rules.Azure/PSRule.Rules.Azure/tests/PSRule.Rules.Azure.Tests/bin/Debug/net8.0/PSRule.Rules.Azure.Tests.runtimeconfig.json --depsfile /home/REDACTED/work/PSRule.Rules.Azure/PSRule.Rules.Azure/tests/PSRule.Rules.Azure.Tests/bin/Debug/net8.0/PSRule.Rules.Azure.Tests.deps.json /home/REDACTED/work/PSRule.Rules.Azure/PSRule.Rules.Azure/tests/PSRule.Rules.Azure.Tests/bin/Debug/net8.0/testhost.dll --port 46047 --endpoint 127.0.0.1:046047 --role client --parentprocessid 5162 --telemetryoptedin false(dns block)If you need me to access, download, or install something from one of these locations, you can either:
- Configure Actions setup steps to set up my environment, which run before the firewall is enabled
- Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)
We need to have the following test cases:
Property not specified and region supports it
Property specified with false value and region supports it
Property not specified and region does not supports it
Property specified with false value and region does not supports it
Property specified with true value and region supports it
Co-authored-by: BenjaminEngeset <[email protected]>
Author
Added complete test coverage in commit b9f250b: Test scenarios now include:
All 6 tests passing. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
BenjaminEngeset
requested changes
Nov 19, 2025
Owner
BenjaminEngeset
left a comment
BenjaminEngeset
left a comment
There was a problem hiding this comment.
@copilot Remove the changes in the index file. Add reason to the pester test. Do we have test scenarios for all cases?
...Added complete test coverage in commit b9f250b:
Test scenarios now include:
- Property not specified + region supports AZ → FAIL (hubns-A, East US)
- Property = false + region supports AZ → FAIL (hubns-G, East US)
- Property not specified + region does NOT support AZ → PASS (hubns-H, West India)
- Property = false + region does NOT support AZ → PASS (hubns-I, West India)
- Property = true + region supports AZ → PASS (hubns-B/C/D/E/F, East US)
All 6 tests passing.
[!WARNING]
Firewall rules blocked me from connecting to one or more addresses (expand for details)
I tried to connect to the following addresses, but was blocked by firewall rules:
management.azure.com
- Triggering command:
/usr/share/dotnet/dotnet exec --runtimeconfig /home/REDACTED/work/PSRule.Rules.Azure/PSRule.Rules.Azure/tests/PSRule.Rules.Azure.Tests/bin/Debug/net8.0/PSRule.Rules.Azure.Tests.runtimeconfig.json --depsfile /home/REDACTED/work/PSRule.Rules.Azure/PSRule.Rules.Azure/tests/PSRule.Rules.Azure.Tests/bin/Debug/net8.0/PSRule.Rules.Azure.Tests.deps.json /home/REDACTED/work/PSRule.Rules.Azure/PSRule.Rules.Azure/tests/PSRule.Rules.Azure.Tests/bin/Debug/net8.0/testhost.dll --port 36813 --endpoint 127.0.0.1:036813 --role client --parentprocessid 5231 --telemetryoptedin false(dns block)If you need me to access, download, or install something from one of these locations, you can either:
- Configure Actions setup steps to set up my environment, which run before the firewall is enabled
- Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)
@copilot Instead use a-b-c etc failing, then passing ones later one. That makes most sense structure wise.
Co-authored-by: BenjaminEngeset <[email protected]>
Author
Reorganized in commit 3b5708d: Failing cases (a-b):
Passing cases (c-h):
All tests passing. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Co-authored-by: BenjaminEngeset <[email protected]>
Author
You're right - the changes were not applied. I've now updated it to "Synchronous replication" in commit 0eec3d7.
You're correct - it wasn't removed. I've now removed the paragraph about portal/IaC defaults and the line about "maintaining multiple copies" in commit 0eec3d7. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Co-authored-by: BenjaminEngeset <[email protected]>
Author
|
Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
| $ruleResult | Should -Not -BeNullOrEmpty; | ||
| $ruleResult.Length | Should -Be 2; | ||
| $ruleResult.TargetName | Should -BeIn 'hubns-A', 'hubns-B'; | ||
| $ruleResult[0].Reason | Should -BeLike "Path properties.zoneRedundant:*"; |
Co-authored-by: BenjaminEngeset <[email protected]>
Author
|
Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Comment on lines
111
to
113
| $ruleResult[0].Reason | Should -BeExactly "Path properties.zoneRedundant: Does not exist."; | ||
| $ruleResult[1].Reason | Should -BeExactly "Path properties.zoneRedundant: Is set to 'False'."; | ||
|
|
Owner
There was a problem hiding this comment.
@copilot one down
Suggested change
| $ruleResult[0].Reason | Should -BeExactly "Path properties.zoneRedundant: Does not exist."; | |
| $ruleResult[1].Reason | Should -BeExactly "Path properties.zoneRedundant: Is set to 'False'."; | |
| $ruleResult[0].Reason | Should -BeExactly "Path properties.zoneRedundant: Does not exist."; | |
| $ruleResult[1].Reason | Should -BeExactly "Path properties.zoneRedundant: Is set to 'False'."; | |
Co-authored-by: BenjaminEngeset <[email protected]>
Author
|
Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.3 to 4.31.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@014f16e...e12f017) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@08c6903...1af3b93) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR Summary
Implements
Azure.EventHub.AvailabilityZone(AZR-000505) to validate zone redundancy in Event Hub namespaces per APRL guidance. The rule checksproperties.zoneRedundantis enabled in regions supporting availability zones.Implementation:
Azure.Cosmos.AvailabilityZoneandAzure.Grafana.AvailabilityZoneDocumentation:
Test Coverage:
All required scenarios are covered with failing cases first (a-b), then passing cases (c-h):
All tests use exact reason matching with
-BeExactlyassertions.PR Checklist
Original prompt
Created from VS Code via the GitHub Pull Request extension.
✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.