Merge branch 'Azure:master' into master

SecureHats · Feb 2, 2024 · 5d6290c · 5d6290c
2 parents 2f47c06 + 871953a
commit 5d6290c
Show file tree

Hide file tree

Showing 1,829 changed files with 155,701 additions and 59,663 deletions.
diff --git a/.azure-pipelines/kqlValidations.yaml b/.azure-pipelines/kqlValidations.yaml
@@ -14,6 +14,10 @@ jobs:
         version: '$(dotnetSdkVersion)'
     - task: DotNetCoreCLI@2
       displayName: 'Run kql validation tests'
+      env:
+        GITHUBAPPID: $(GitHubAppID)
+        GITHUBAPPINSTALLATIONID: $(GitHubAppInstallationID)
+        GITHUBAPPPRIVATEKEY: $(GitHubAppPrivateKey)
       inputs:
         command: 'test'
         arguments: '--configuration $(buildConfiguration)'

diff --git a/.github/workflows/checkAutomatedPR.yaml b/.github/workflows/checkAutomatedPR.yaml
@@ -7,35 +7,25 @@ on:
         description: "Is Automated PR"
         value: ${{ jobs.checkAutomatedPR.outputs.isAutomatedPR }}
 
-permissions:
-  contents: read
-  pull-requests: read
-
 env:
-  BRANCH_NAME: ${{ github.event.client_payload.pull_request.head.ref || github.event.client_payload.pullRequestBranchName }}
-  BODY: ${{ github.event.issue.body }}
+  BranchName: ${{ github.event.client_payload.pull_request.head.ref || github.event.client_payload.pullRequestBranchName || github.event.pull_request.head.ref }}
 
 jobs:
   checkAutomatedPR:
-    if: ${{ !github.event.pull_request.head.repo.fork }}
     runs-on: ubuntu-latest
     outputs:
       isAutomatedPR: ${{ steps.ValidateAutomatedPR.outputs.isAutomatedPR }}
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
-        with:
-          fetch-depth: 2
-          ref: "${{ env.BRANCH_NAME }}"
       - shell: pwsh
         id: ValidateAutomatedPR
-
         run: |
-          $prBodyContent = '${{ env.BODY }}'
+          $pullRequestBranchName = "$env:BranchName"
+          Write-Host "Pull Request Branch Name is $pullRequestBranchName"
           $isAutomatedPR = $false
-          if ($prBodyContent -like '*Automation have successfully*')
+          if ($pullRequestBranchName -like '*automated-pr')
           {
-            Write-Host "This Pull Request is autogenerated!"
+            Write-Host "Skipping packaging as it is an automated pr!"
             $isAutomatedPR = $true
           }
           Write-Output "isAutomatedPR=$isAutomatedPR" >> $env:GITHUB_OUTPUT
-          Write-Host "Is this Pull Request autogenerated $isAutomatedPR"
+          Write-Host "Is this Pull Request autogenerated $isAutomatedPR"
diff --git a/.github/workflows/deployToPartnerCenter.yaml b/.github/workflows/deployToPartnerCenter.yaml
diff --git a/.github/workflows/package-command.yaml b/.github/workflows/package-command.yaml
@@ -2,144 +2,126 @@ name: Package Command
 env:
   APPINSIGHTS: "${{ vars.APPINSIGHTS }}"
   DEFAULTPACKAGEVERSION: "${{ vars.DEFAULTPACKAGEVERSION }}"
-  BLOB_CONN_STRING: "${{ secrets.BLOB_CONN_STRING }}"
   BASE_FOLDER_PATH: "${{ vars.BASEFOLDERPATH }}"
   BRANCH_NAME: "${{ github.event.client_payload.pull_request.head.ref || github.event.client_payload.pullRequestBranchName }}"
-  ADO_TOKEN: "${{ secrets.ADO_TOKEN }}"
-  ADO_BASE_URL: "${{ vars.ADO_BASE_URL }}"
-  ADO_AREAPATH: "${{ vars.ADO_AREAPATH }}"
-  ADO_TEAMPROJECT: "${{ vars.ADO_TEAMPROJECT }}"
-  ADO_PARENT_LINK: "${{ vars.ADO_PARENT_LINK }}"
-  GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
-  PAT_TOKEN: ${{ secrets.PAT }}
+  GITHUB_APPS_ID: "${{ secrets.APPLICATION_ID }}"
+  GITHUB_APPS_KEY: "${{ secrets.APPLICATION_PRIVATE_KEY }}"
 
 on:
   repository_dispatch:
     types: [package-command, Package-command, PACKAGE-command]
-jobs:
-  solutionNameDetails:
-    if: ${{ !github.event.pull_request.head.repo.fork && !contains(github.event.client_payload.pull_request.head.ref , 'dependabot/') && !contains(github.event.client_payload.pullRequestBranchName , 'dependabot/') }}
-    uses: ./.github/workflows/getSolutionName.yaml
-    secrets: inherit
 
-  # BELOW JOB WILL CHECK IF WE NEED TO SKIP PACKAGE CREATION OR NOT
-  checkSkipPackagingDetails:
-    if: ${{ needs.solutionNameDetails.outputs.solutionName != '' && !github.event.pull_request.head.repo.fork }}
-    uses: ./.github/workflows/checkSkipPackagingInfo.yaml
-    secrets: inherit
-    needs: solutionNameDetails
-    with: 
-      solutionName: "${{ needs.solutionNameDetails.outputs.solutionName }}"
+concurrency:
+  group: "GroupName-PackageCommand-${{ github.event.client_payload.pull_request.number || github.run_id }}"
+  cancel-in-progress: true
 
-  neworexistingsolution:
-    needs: [solutionNameDetails, checkSkipPackagingDetails]
-    uses: ./.github/workflows/neworexistingsolution.yaml
-    if: ${{ needs.solutionNameDetails.outputs.solutionName != '' && needs.checkSkipPackagingDetails.outputs.isPackagingRequired == 'True' }}
-    with: 
-      solutionName: "${{ needs.solutionNameDetails.outputs.solutionName }}"
-    secrets: inherit
-
-  createpackage:
+jobs:
+  validate-and-create-package:
+    if: ${{ !github.event.pull_request.head.repo.fork && !contains(github.event.client_payload.pull_request.head.ref , 'dependabot/') && !contains(github.event.client_payload.pullRequestBranchName , 'dependabot/') }}
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    needs: [solutionNameDetails, neworexistingsolution]
-    env:
-      RUNID: "${{ github.run_id }}" 
-      PULL_REQUEST_NUMBER: "${{ github.event.client_payload.pull_request.number && github.event.client_payload.pull_request.number || github.event.client_payload.pullRequestNumber }}"
-      SOLUTION_NAME: "${{ needs.solutionNameDetails.outputs.solutionName }}"
-      SOLUTION_SUPPORTED_BY: "${{ needs.neworexistingsolution.outputs.solutionSupportedBy }}"
-      SOLUTION_OFFER_ID: "${{ needs.neworexistingsolution.outputs.solutionOfferId }}"
-      IS_NEW_SOLUTION: "${{ needs.neworexistingsolution.outputs.isNewSolution }}"
-    outputs:
-      isCreatePackage: ${{ steps.step1.outputs.isCreatePackage }}
-      packageCreationPath: "${{ steps.step1.outputs.packageCreationPath }}"
-      packageVersion: "${{ steps.step1.outputs.packageVersion }}"
-      blobName: "${{ steps.step1.outputs.blobName }}"
-      dataFileLink: "${{ steps.step1.outputs.dataFileLink }}"
-      dataFolderPath: "${{ steps.step1.outputs.dataFolderPath }}"
-      solutionBaseFolderPath: "${{ steps.step1.outputs.solutionBaseFolderPath }}"
-      dataInputFileName: "${{ steps.step1.outputs.dataInputFileName }}"
     steps:
+      - name: Generate a token
+        id: generate_token
+        uses: actions/create-github-app-token@46e4a501e119d39574a54e53a06c9a705efc55c9
+        with:
+          app-id: ${{ env.GITHUB_APPS_ID }}
+          private-key: ${{ env.GITHUB_APPS_KEY }}
+
       - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
+        env:
+          GeneratedToken: ${{ steps.generate_token.outputs.token }}
         with:
+          ref: "${{ env.BRANCH_NAME }}"
           fetch-depth: 2
-          ref: ${{ env.BRANCH_NAME }}
-          token: ${{ env.PAT_TOKEN }}
-      - shell: pwsh
-        id: step1
-        name: Check & Initiate Package Creation Process
-        run: |
-          $instrumentationKey = "${{ env.APPINSIGHTS }}"
-          $defaultPackageVersion = "${{ vars.defaultPackageVersion }}"
-          $solutionSupportedBy = "${{ env.SOLUTION_SUPPORTED_BY }}"
-          $solutionOfferId = "${{ env.SOLUTION_OFFER_ID }}"
-          $runId = "${{ env.RUNID }}"
-          $solutionName = "${{ needs.solutionNameDetails.outputs.solutionName }}"
-          $pullRequestNumber = "${{ github.event.client_payload.pull_request.number && github.event.client_payload.pull_request.number || github.event.client_payload.pullRequestNumber }}"
-          $isNewSolution = "${{ env.IS_NEW_SOLUTION }}"
-
-          Write-Host "RunId = $runId, defaultPackageVersion = $defaultPackageVersion, solutionOfferId = $solutionOfferId, SOLUTION_NAME = $solutionName, PULL_REQUEST_NUMBER = $pullRequestNumber, isNewSolution = $isNewSolution"
-          . ./Tools/Create-Azure-Sentinel-Solution/common/LogAppInsights.ps1
-          try
-          {
-            $customProperties = @{ 'RunId'="$runId"; 'PullRequestNumber'="$pullRequestNumber"; 'EventName'="Create Package"; 'IsNewSolution'='$isNewSolution';'SolutionOfferId'='$solutionOfferId';'SolutionSupportedBy'='$solutionSupportedBy';'SolutionName'='$solutionName'; }
-            Send-AppInsightsEventTelemetry -InstrumentationKey $instrumentationKey -EventName "Create Package" -CustomProperties $customProperties
+          token: ${{ env.GeneratedToken}}
 
-            if ($solutionName -eq '' -or $null -eq $solutionName)
-            {
-              Write-Output "::warning:: Package-Creation : Skipping as Solution name is blank."
-              Send-AppInsightsTraceTelemetry -InstrumentationKey $instrumentationKey -Message "Execution for create-package started and received blank solutionName for Job Run Id : $runId" -Severity Information -CustomProperties $customProperties
-            }
-            else
-            {
-              Send-AppInsightsTraceTelemetry -InstrumentationKey $instrumentationKey -Message "Execution for create-package started for Solution Name : $solutionName, Job Run Id : $runId" -Severity Information -CustomProperties $customProperties
-
-              $baseFolderPath = "/home/runner/work/Azure-Sentinel/Azure-Sentinel/"
-              Set-PSRepository PSGallery -InstallationPolicy Trusted
-              Install-Module powershell-yaml
-              ./.script/package-automation/package-generator.ps1 $solutionName $pullRequestNumber $runId $instrumentationKey $defaultPackageVersion $solutionOfferId $baseFolderPath $isNewSolution
-            }
-          }
-          catch
+      - id: checkAutomatedPR
+        name: check-Automated-PR
+        if: ${{ success() }}
+        env:
+          BranchName: ${{ github.event.pull_request.head.ref || github.event.client_payload.pull_request.head.ref || github.event.client_payload.pullRequestBranchName }}
+        shell: pwsh
+        run: |
+          $pullRequestBranchName = "$env:BranchName"
+          Write-Host "Pull Request Branch Name is $pullRequestBranchName"
+          $isAutomatedPR = $false
+          if ($pullRequestBranchName -like '*automated-pr')
           {
-            Send-AppInsightsExceptionTelemetry -InstrumentationKey $instrumentationKey -Exception $_.Exception -CustomProperties @{ 'RunId'="$runId"; 'SolutionName'="$solutionName"; 'PullRequestNumber'="$pullRequestNumber"; 'ErrorDetails'="CreatePackage : Error occured in catch block: $_"; 'EventName'="Create Package"; 'SolutionOfferId'="$solutionOfferId"; }
-            exit 1
+            Write-Host "Skipping packaging as it is an automated pr!"
+            $isAutomatedPR = $true
           }
+          Write-Output "isAutomatedPR=$isAutomatedPR" >> $env:GITHUB_OUTPUT
+          Write-Host "Is this Pull Request autogenerated $isAutomatedPR"
+
+      - id: validateAndCreatePackage
+        name: validate-create-package
+        if: ${{ success() && steps.checkAutomatedPR.outputs.isAutomatedPR == 'False' }}
+        env:
+          RUNID: "${{ github.run_id }}" 
+          PULL_REQUEST_NUMBER: "${{ github.event.client_payload.pull_request.number || github.event.client_payload.pullRequestNumber }}"
+        shell: pwsh
+        run: |
+          $runId = "${{ env.RUNID }}"
+          $instrumentationKey = "${{ env.APPINSIGHTS }}"
+          $pullRequestNumber = "${{ env.PULL_REQUEST_NUMBER }}"
+          $defaultPackageVersion = "${{ env.DEFAULTPACKAGEVERSION }}"
+          $baseFolderPath = "${{ env.BASE_FOLDER_PATH }}"
+          Set-PSRepository PSGallery -InstallationPolicy Trusted
+          Install-Module powershell-yaml
+          ./.script/package-automation/package-service.ps1 $runId $pullRequestNumber $instrumentationKey $baseFolderPath $defaultPackageVersion
 
       - name: Upload Artifacts
         id: uploadPackageArtifacts
+        if: ${{ success() && (steps.validateAndCreatePackage.outcome == 'success' && env.IS_CREATE_PACKAGE && env.PACKAGE_CREATION_PATH != '' && env.BLOBNAME != '') }}
         uses: actions/upload-artifact@e0057a5b76f2fdad976135e8dd7b691e632b9056
         env:
-          BLOBNAME: "${{ steps.step1.outputs.blobName }}"
-          PACKAGE_CREATION_PATH: "${{ steps.step1.outputs.packageCreationPath }}"
-          DATA_FOLDER_PATH: "${{ steps.step1.outputs.dataFolderPath }}"
-          DATA_INPUT_FILE_NAME: "${{ steps.step1.outputs.dataInputFileName }}"
-          SOLUTION_NAME: "${{ needs.solutionNameDetails.outputs.solutionName }}"
-          SOLUTION_SUPPORTED_BY: "${{ needs.neworexistingsolution.outputs.solutionSupportedBy }}"
+          BLOBNAME: "${{ steps.validateAndCreatePackage.outputs.blobName }}"
+          PACKAGE_CREATION_PATH: "${{ steps.validateAndCreatePackage.outputs.packageCreationPath }}"
+          DATA_FOLDER_PATH: "${{ steps.validateAndCreatePackage.outputs.dataFolderPath }}"
+          DATA_INPUT_FILE_NAME: "${{ steps.validateAndCreatePackage.outputs.dataInputFileName }}"
+          SOLUTION_NAME: "${{ steps.validateAndCreatePackage.outputs.solutionName }}"
+          SOLUTION_SUPPORTED_BY: "${{ steps.validateAndCreatePackage.outputs.solutionSupportedBy }}"
           RUNID: "${{ github.run_id }}" 
-          PULL_REQUEST_NUMBER: "${{ github.event.client_payload.pull_request.number && github.event.client_payload.pull_request.number || github.event.client_payload.pullRequestNumber }}"
-          IS_CREATE_PACKAGE: ${{ steps.step1.outputs.isCreatePackage }}
-        if: ${{ success() && (steps.step1.outcome == 'success' && env.IS_CREATE_PACKAGE && env.PACKAGE_CREATION_PATH != '' && env.BLOBNAME != '') }}
+          PULL_REQUEST_NUMBER: "${{ github.event.client_payload.pull_request.number || github.event.client_payload.pullRequestNumber }}"
+          IS_CREATE_PACKAGE: ${{ steps.validateAndCreatePackage.outputs.isCreatePackage }}
         with: 
           name: "${{ env.BLOBNAME }}"
           path: "${{ env.PACKAGE_CREATION_PATH }}"
 
       - name: Upload Data File Artifacts
         id: uploadDataFileArtifact
+        if: ${{ success() && (steps.validateAndCreatePackage.outcome == 'success' && env.DATA_FOLDER_PATH != '' && env.DATA_INPUT_FILE_NAME != '') }}
         uses: actions/upload-artifact@e0057a5b76f2fdad976135e8dd7b691e632b9056
         env:
-          DATA_FOLDER_PATH: "${{ steps.step1.outputs.dataFolderPath }}"
-          DATA_INPUT_FILE_NAME: "${{ steps.step1.outputs.dataInputFileName }}"
-        if: ${{ success() && (steps.step1.outcome == 'success' && env.DATA_FOLDER_PATH != '' && env.DATA_INPUT_FILE_NAME != '') }}
+          DATA_FOLDER_PATH: "${{ steps.validateAndCreatePackage.outputs.dataFolderPath }}"
+          DATA_INPUT_FILE_NAME: "${{ steps.validateAndCreatePackage.outputs.dataInputFileName }}"
         with: 
           name: "${{ env.DATA_INPUT_FILE_NAME }}"
           path: "${{ env.DATA_FOLDER_PATH }}"
 
       - name: Push changes to Existing PR
+        if: ${{ success() && steps.uploadDataFileArtifact.outcome == 'success'}}
         run: |
           git config --global user.email "noreply@github.com"
           git config --global user.name "Github Bot"
           git add -A
           git commit -m '[skip ci] Github Bot Added package to Pull Request!'
-          git push
+          git push
+
+      - uses: docker/build-push-action@v2
+        id: publishGithubPackage
+        name: Run ARM-TTK
+        if: ${{ success() }}
+        continue-on-error: true
+        env: 
+          SolutionName: "${{ steps.validateAndCreatePackage.outputs.solutionName }}"
+          mainTemplateChanged: "True"
+          createUiChanged: "True"
+        with:
+          context: .
+          file: ./.github/actions/Dockerfile
+          push: false
+          build-args: |
+            SolutionName
+            mainTemplateChanged
+            createUiChanged