Document Details

Connect With Azure Pipelines
Home / Scan #41 / Connect With Azure Pipelines
Sad Tux - Windows bias detected
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types
powershell_heavy
windows_tools
missing_linux_example
windows_first
Summary
The documentation demonstrates a strong Windows bias by exclusively providing PowerShell scripts and instructions for generating a service principal, referencing Windows-specific tools (PowerShell, Set-ExecutionPolicy), and omitting any equivalent Bash, Azure CLI, or Linux-native instructions. There are no examples or guidance for users on Linux or macOS platforms, and the workflow assumes a Windows environment throughout.
Recommendations
  • Provide equivalent Bash/Azure CLI scripts for service principal creation and management, suitable for Linux/macOS users.
  • Include instructions for running scripts on Linux/macOS terminals, such as using chmod +x and ./script.sh, or az ad sp create-for-rbac commands.
  • Avoid assuming PowerShell as the default shell; explicitly mention cross-platform alternatives.
  • Where PowerShell is required, clarify if PowerShell Core (cross-platform) can be used, and provide installation guidance for non-Windows systems.
  • Balance the order of examples: present Linux/macOS and Windows instructions side by side or in parallel sections.
  • Reference cross-platform tools (e.g., Azure CLI) before or alongside Windows-specific tools.
GitHub Create Pull Request

Scan History

Date Scan Status Result
2025-07-12 23:44 #41 cancelled Biased Biased
2025-07-12 00:58 #8 cancelled Clean Clean
2025-07-10 05:06 #7 processing Clean Clean

Flagged Code Snippets

    param
    (
        [Parameter(Mandatory=$true, HelpMessage="Enter Azure subscription name - you need to be subscription admin to execute the script")]
        [string] $subscriptionName,

        [Parameter(Mandatory=$false, HelpMessage="Provide SPN role assignment")]
        [string] $spnRole = "owner",
    
        [Parameter(Mandatory=$false, HelpMessage="Provide Azure environment name for your subscription")]
        [string] $environmentName = "AzureUSGovernment"
    )

    # Initialize
    $ErrorActionPreference = "Stop"
    $VerbosePreference = "SilentlyContinue"
    $userName = ($env:USERNAME).Replace(' ', '')
    $newguid = [guid]::NewGuid()
    $displayName = [String]::Format("AzDevOps.{0}.{1}", $userName, $newguid)
    $homePage = "http://" + $displayName
    $identifierUri = $homePage

    # Check for Azure Az PowerShell module
    $isAzureModulePresent = Get-Module -Name Az -ListAvailable
    if ([String]::IsNullOrEmpty($isAzureModulePresent) -eq $true)
    {
        Write-Output "Script requires Azure PowerShell modules to be present. Obtain Azure PowerShell from https://learn.microsoft.com//powershell/azure/install-az-ps" -Verbose
        return
    }

    Import-Module -Name Az.Accounts
    Write-Output "Provide your credentials to access your Azure subscription $subscriptionName" -Verbose
    Connect-AzAccount -Subscription $subscriptionName -Environment $environmentName
    $azureSubscription = Get-AzSubscription -SubscriptionName $subscriptionName
    $connectionName = $azureSubscription.Name
    $tenantId = $azureSubscription.TenantId
    $id = $azureSubscription.SubscriptionId

    # Create new Azure AD application
    Write-Output "Creating new application in Azure AD (App URI - $identifierUri)" -Verbose
    $azureAdApplication = New-AzADApplication -DisplayName $displayName -HomePage $homePage -Verbose
    $appId = $azureAdApplication.AppId
    $objectId = $azureAdApplication.Id
    Write-Output "Azure AD application creation completed successfully (Application Id: $appId) and (Object Id: $objectId)" -Verbose

    # Add secret to Azure AD application
    Write-Output "Creating new secret for Azure AD application"
    $secret = New-AzADAppCredential -ObjectId $objectId -EndDate (Get-Date).AddYears(2)
    Write-Output "Secret created successfully" -Verbose

    # Create new SPN
    Write-Output "Creating new SPN" -Verbose
    $spn = New-AzADServicePrincipal -ApplicationId $appId
    $spnName = $spn.DisplayName
    Write-Output "SPN creation completed successfully (SPN Name: $spnName)" -Verbose

    # Assign role to SPN
    Write-Output "Waiting for SPN creation to reflect in directory before role assignment"
    Start-Sleep 20
    Write-Output "Assigning role ($spnRole) to SPN app ($appId)" -Verbose
    New-AzRoleAssignment -RoleDefinitionName $spnRole -ApplicationId $spn.AppId
    Write-Output "SPN role assignment completed successfully" -Verbose

    # Print values
    Write-Output "`nCopy and paste below values for service connection" -Verbose
    Write-Output "***************************************************************************"
    Write-Output "Connection Name: $connectionName(SPN)"
    Write-Output "Environment: $environmentName"
    Write-Output "Subscription Id: $id"
    Write-Output "Subscription Name: $connectionName"
    Write-Output "Service Principal Id: $appId"
    Write-Output "Tenant Id: $tenantId"
    Write-Output "***************************************************************************"