Rules¶
Azure Functions Doctor executes declarative rules from a JSON ruleset.
Built-in rules are defined in:
src/azure_functions_doctor/assets/rules/v2.json
You can replace the built-in set with --rules <file>.
Rule execution model¶
Each rule contains:
- identity (
id,label) - grouping (
category,section) - behavior (
type,condition) - severity intent (
required) - ordering (
check_order) - remediation (
hint, optionalhint_url)
Rules are validated by:
src/azure_functions_doctor/schemas/rules.schema.json
Required vs optional¶
required: true+ raw handler fail -> item statusfailrequired: false+ raw handler fail -> item statuswarn
Only required failures produce non-zero process exit code.
Built-in rule types¶
compare_versionenv_var_existspath_existsfile_existspackage_installedpackage_declaredsource_code_containsconditional_existscallable_detectionexecutable_existsany_of_existsfile_glob_checkhost_json_property
Rule-by-rule reference¶
1) check_programming_model_v2¶
- What it checks: Source contains Azure Functions decorator usage (
@app.) via AST detection. - Why it matters: Doctor targets Python v2 projects; this check protects model compatibility.
- How to fix: Use
func.FunctionApp()and decorator-based triggers.
Example failing detail:
2) check_python_version¶
- What it checks: Current interpreter version is
>=3.10. - Why it matters: Package and diagnostics support baseline starts at Python 3.10.
- How to fix: Use Python 3.10+ locally and in CI.
Example output:
3) check_venv¶
- What it checks: Environment variable
VIRTUAL_ENVexists. - Why it matters: Virtual environments reduce dependency drift and environment pollution.
- How to fix: Create and activate
.venvbefore running diagnostics.
Example failing detail:
4) check_python_executable¶
- What it checks:
sys.executablepoints to an existing path. - Why it matters: Broken interpreter paths indicate unstable runtime environment.
- How to fix: Reinstall or reactivate Python environment.
Example detail:
5) check_requirements_txt¶
- What it checks:
requirements.txtexists at project root. - Why it matters: Deployability and reproducibility depend on declared dependencies.
- How to fix: Add
requirements.txtand include runtime dependencies.
Example failing detail:
6) check_azure_functions_library¶
- What it checks:
azure-functionsappears inrequirements.txt. - Why it matters: Function app code depends on Azure Functions Python library.
- How to fix: Add
azure-functionsto dependency declarations.
Example failing detail:
7) check_host_json¶
- What it checks:
host.jsonexists at project root. - Why it matters: Azure Functions host configuration is required for valid app structure.
- How to fix: Add a valid
host.json(at minimum{ "version": "2.0" }).
Example failing detail:
8) check_local_settings¶
- What it checks:
local.settings.jsonexists. - Why it matters: Local development often needs this file for settings and connection values.
- How to fix: Create local settings file for local runs (do not commit secrets).
Example warning detail:
9) check_func_cli¶
- What it checks:
funcexecutable is available onPATH. - Why it matters: Core Tools enable local hosting and rich runtime tooling.
- How to fix: Install Azure Functions Core Tools v4+.
Example warning detail:
10) check_func_core_tools_version¶
- What it checks: Core Tools version is
>=4.0. - Why it matters: Older versions can diverge from current host/runtime expectations.
- How to fix: Upgrade Core Tools installation.
Example warning detail:
11) check_durabletask_config¶
- What it checks: If durable usage is detected in source,
$.extensions.durableTaskexists inhost.json. - Why it matters: Durable Functions need matching host configuration.
- How to fix: Add durableTask configuration when using durable features.
Example details:
or
12) check_app_insights¶
- What it checks: At least one telemetry signal exists:
APPLICATIONINSIGHTS_CONNECTION_STRINGAPPINSIGHTS_INSTRUMENTATIONKEYhost.json:instrumentationKey- Why it matters: Telemetry is critical for production diagnostics.
- How to fix: Configure one supported telemetry source.
Example warning detail:
13) check_extension_bundle¶
- What it checks:
$.extensionBundleexists inhost.json. - Why it matters: Extension bundles help ensure binding dependencies are available.
- How to fix: Add extensionBundle section to host config.
Example warning detail:
14) check_asgi_wsgi_exposure¶
- What it checks: Source has ASGI/WSGI exposure patterns.
- Why it matters: Useful signal for framework-host integration readiness.
- How to fix: Ensure framework callable exposure follows expected patterns.
Example warning detail:
15) check_unused_files¶
- What it checks: Presence of unwanted patterns (for example
**/*.pyc,**/__pycache__,.venv,tests/). - Why it matters: Reduces deployment package clutter and risk.
- How to fix: Clean or exclude unwanted files from deployment artifacts.
Example warning detail:
Rule authoring template¶
{
"id": "check_example",
"category": "structure",
"section": "project_structure",
"label": "host.json",
"description": "Checks host.json exists.",
"type": "file_exists",
"required": true,
"condition": {
"target": "host.json"
},
"hint": "Add host.json to project root.",
"check_order": 10
}
Guidance for custom rules¶
- Keep IDs stable and descriptive
- Use deterministic
check_ordervalues - Start policy experiments as optional rules
- Promote to required only after false-positive review
- Include clear
hinttext for faster remediation
Custom rules docs: Examples: Custom Rules
Safety and trust model¶
Rules may inspect local files, source code, environment variables, executable presence, and importable modules.
Warning
Only run trusted custom rules files, especially in shared CI environments.