azure-survey

azure-survey is a Go-based Azure inventory utility that exports subscription snapshots and generates human-readable Markdown findings reports.

Project home: russlank/azure-survey Maintainer: Russlan Kafri

Quick navigation

Topic	File
Architecture	doc/architecture.md
Configuration	doc/configuration.md
Operations runbook	doc/operations-run.md
Testing guide	doc/testing-guide.md
CI pipelines	doc/ci-pipeline.md
Compatibility notes	doc/compatibility-notes.md
Report reference	doc/report-reference.md
Onboarding	doc/onboarding.md

What It Does

• Exports Azure subscription inventory snapshots into timestamped JSON artifact trees.
• Generates Markdown findings reports from snapshots (online run flow and offline report flow).
• Surfaces deployment and governance risk signals with deterministic, test-backed report rendering.

Current deep-dive report coverage includes:

• API gateways (APIM services and APIs)
• Firewall and ACL posture across key platform services
• Tri-state exposure classification (Open, Restricted, Unknown)
• Data completeness and confidence notes
• Virtual networking relationships (VNet/subnet/NSG/private endpoint/public IP/Azure Firewall/Application Gateway)
• Azure SQL estate (servers, databases, pools, firewall rules)
• Cosmos DB accounts

Build Prerequisites

• Go 1.26 (see go.mod)
• Azure CLI (az) for export/run commands
• Authenticated Azure context for live inventory operations

Prepare Azure CLI:

az --version
az login
az account set --subscription "<subscription-id>"

Build And Test

make fmt
make vet
make test
make build

Build cross-platform release artifacts:

make dist

This produces:

dist/azure-survey-linux-amd64
dist/azure-survey-linux-arm64
dist/azure-survey-windows-amd64.exe
dist/SHA256SUMS

Refresh report golden files only for intentional report-output changes:

AZU_UPDATE_GOLDEN=1 go test ./internal/inventory/report -run TestServiceRun_GoldenFixtures -count=1

CLI

azure-survey inventory run [flags]
azure-survey inventory export [flags]
azure-survey inventory report [flags]
azure-survey version
azure-survey help

Quick Usage

./dist/azure-survey inventory run \
  --subscription-id "<subscription-id>" \
  --output-root "artifacts/azure-inventory"

./dist/azure-survey inventory export \
  --subscription-id "<subscription-id>" \
  --output-root "artifacts/azure-inventory" \
  --activity-log-days 30

./dist/azure-survey inventory report \
  --inventory-root "artifacts/azure-inventory" \
  --subscription-id "<subscription-id>"

Project Layout

azure-survey/
├── .github/workflows/ci.yml        # GitHub Actions CI + release pipeline
├── .woodpecker.yml                 # Woodpecker CI + release pipeline
├── cmd/azure-survey/               # CLI entrypoint
├── internal/                       # application packages
├── testdata/                       # fixtures and golden outputs
├── doc/                            # project documentation
├── scripts/                        # helper scripts
├── Makefile
└── go.mod

CI And Releases

• GitHub Actions workflow: .github/workflows/ci.yml
• Woodpecker workflow: .woodpecker.yml
• Both pipelines run the same quality gates (gofmt, go vet, go test, make dist)
• Tagged releases (v*) publish release artifacts to GitHub releases

Versioning

Semantic Versioning is used: vMAJOR.MINOR.PATCH.

License

MIT — see LICENSE.

Support

If this project helps you, you can support ongoing maintenance here:

• Buy Me A Coffee