bicep_linter
Bicep is a Domain Specific Language (DSL) for deploying Azure resources that provides a cleaner, more maintainable alternative to ARM templates. It serves as a transparent abstraction over ARM templates while offering significantly improved authoring experience and enhanced type safety.
Key Features:
- Simplified Syntax: Drastically cleaner and more readable syntax compared to equivalent ARM Template JSON
- Day 0 Resource Support: Any Azure resource can be provisioned using Bicep on the day it's available
- Advanced Type Validation: Built-in type checking based on Azure resource type API definitions
- No State Management: All deployment state is stored in Azure, eliminating external state file management
- Native Modularity: Built-in module system for code reuse and better organization
- ARM Template Compatibility: Transpiles to standard ARM Template JSON files, treating ARM as Intermediate Language
- Built-in Linting: Comprehensive linting with customizable rules via
bicepconfig.json - Zero-Downtime Deployment: Supports incremental deployments and what-if operations for safe infrastructure changes
By default, Bicep linter errors are set as warnings. To customize linter settings, use a bicepconfig.json file. For more information, see the documentation for the Bicep Linter
bicep_linter documentation
- Version in MegaLinter: 0.44.1
- Visit Official Web Site
- See How to configure bicep_linter rules
- See How to disable bicep_linter rules in files
- See Index of problems detected by bicep_linter
Configuration in MegaLinter
- Enable bicep_linter by adding
BICEP_BICEP_LINTERin ENABLE_LINTERS variable - Disable bicep_linter by adding
BICEP_BICEP_LINTERin DISABLE_LINTERS variable
| Variable | Description | Default value |
|---|---|---|
| BICEP_BICEP_LINTER_ARGUMENTS | User custom arguments to add in linter CLI call Ex: -s --foo "bar" |
|
| BICEP_BICEP_LINTER_COMMAND_REMOVE_ARGUMENTS | User custom arguments to remove from command line before calling the linter Ex: -s --foo "bar" |
|
| BICEP_BICEP_LINTER_FILTER_REGEX_INCLUDE | Custom regex including filter Ex: (src\|lib) |
Include every file |
| BICEP_BICEP_LINTER_FILTER_REGEX_EXCLUDE | Custom regex excluding filter Ex: (test\|examples) |
Exclude no file |
| BICEP_BICEP_LINTER_CLI_LINT_MODE | Override default CLI lint mode - file: Calls the linter for each file- project: Call the linter from the root of the project |
file |
| BICEP_BICEP_LINTER_FILE_EXTENSIONS | Allowed file extensions. "*" matches any extension, "" matches empty extension. Empty list excludes all filesEx: [".py", ""] |
[".bicep"] |
| BICEP_BICEP_LINTER_FILE_NAMES_REGEX | File name regex filters. Regular expression list for filtering files by their base names using regex full match. Empty list includes all files Ex: ["Dockerfile(-.+)?", "Jenkinsfile"] |
Include every file |
| BICEP_BICEP_LINTER_PRE_COMMANDS | List of bash commands to run before the linter | None |
| BICEP_BICEP_LINTER_POST_COMMANDS | List of bash commands to run after the linter | None |
| BICEP_BICEP_LINTER_UNSECURED_ENV_VARIABLES | List of env variables explicitly not filtered before calling BICEP_BICEP_LINTER and its pre/post commands | None |
| BICEP_BICEP_LINTER_DISABLE_ERRORS | Run linter but consider errors as warnings | false |
| BICEP_BICEP_LINTER_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | 0 |
| BICEP_BICEP_LINTER_CLI_EXECUTABLE | Override CLI executable | ['bicep'] |
IDE Integration
Use bicep_linter in your favorite IDE to catch errors before MegaLinter !
| IDE | Extension Name | Install | |
|---|---|---|---|
| Visual Studio Code | VSCode Bicep |  |
MegaLinter Flavors
This linter is available in the following flavors
| Flavor | Description | Embedded linters | Info | |
|---|---|---|---|---|
 |
all | Default MegaLinter Flavor | 136 |   |
| dotnet | Optimized for C, C++, C# or VB based projects | 67 |   |
|
| dotnetweb | Optimized for C, C++, C# or VB based projects with JS/TS | 76 |   |
Behind the scenes
How are identified applicable files
- File extensions:
.bicep
How the linting is performed
- bicep_linter is called one time by identified file (
fileCLI lint mode)
Example calls
# Bicep CLI
bicep build infra.bicep;
# Azure CLI
az bicep build -f infra.bicep
Help content
Description:
Bicep CLI
Usage:
bicep [command] [options]
Options:
-v, --version Shows bicep version information.
--license Prints license information.
--third-party-notices Prints third-party notices.
-?, -h, --help Show help and usage information
Commands:
build <Input file> Builds a .bicep file.
test <Input file> Runs tests in a .bicep file.
build-params <Input file> Builds a .json file from a .bicepparam file.
format <Input file> Formats a .bicep file.
generate-params <Input file> Builds parameters file from the given bicep file, updates if there is an existing parameters file.
decompile <Input file> Attempts to decompile a template .json file to .bicep.
decompile-params <Input file> Attempts to decompile a parameters .json file to .bicepparam.
publish <Input file> Publishes the .bicep file to the module registry.
publish-extension <Index file> [Experimental] Publishes a Bicep extension to a registry.
restore <Input file> Restores external modules from the specified Bicep file to the local module cache.
lint <Input file> Lints a .bicep file.
jsonrpc Starts the Bicep CLI listening for JSONRPC messages, for programatically interacting with Bicep.
local-deploy <Parameters file> [Experimental] Performs a local deployment.
snapshot <Parameters file> Generates or validates a deployment snapshot from a .bicepparam file.
deploy <Parameters file> [Experimental] Deploys infrastructure using a .bicepparam file.
what-if <Parameters file> [Experimental] Previews the changes a deployment would make.
teardown <Parameters file> [Experimental] Tears down resources deployed by a .bicepparam file.
console Opens an interactive Bicep console.
Installation on mega-linter Docker image
- Dockerfile commands :
ARG TARGETPLATFORM
# renovate: datasource=github-tags depName=Azure/bicep
ARG BICEP_VERSION=0.44.1
ARG BICEP_EXE='bicep'
ARG BICEP_DIR='/usr/local/bin'
RUN case ${TARGETPLATFORM} in \
"linux/amd64") BICEP_ARCH=musl-x64 ;; \
"linux/arm64") BICEP_ARCH=arm64 ;; \
esac \
&& curl --retry 5 --retry-delay 5 -sLo ${BICEP_EXE} "https://github.com/Azure/bicep/releases/download/v${BICEP_VERSION}/bicep-linux-${BICEP_ARCH}" \
&& chmod +x "${BICEP_EXE}" \
&& mv "${BICEP_EXE}" "${BICEP_DIR}"
- APK packages (Linux):