From 03e69762816e6149117f06d1fae21d9bb93dff79 Mon Sep 17 00:00:00 2001 From: "azure-sentinel-canary[bot]" <81647351+azure-sentinel-canary[bot]@users.noreply.github.com> Date: Tue, 17 Oct 2023 21:09:25 +0000 Subject: [PATCH] Workflow file for Sentinel-Deploy --- ...y-a66005c1-cbb2-4c1e-a427-fc3c3683b5b4.yml | 81 +++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 .github/workflows/sentinel-deploy-a66005c1-cbb2-4c1e-a427-fc3c3683b5b4.yml diff --git a/.github/workflows/sentinel-deploy-a66005c1-cbb2-4c1e-a427-fc3c3683b5b4.yml b/.github/workflows/sentinel-deploy-a66005c1-cbb2-4c1e-a427-fc3c3683b5b4.yml new file mode 100644 index 00000000..c9979de8 --- /dev/null +++ b/.github/workflows/sentinel-deploy-a66005c1-cbb2-4c1e-a427-fc3c3683b5b4.yml @@ -0,0 +1,81 @@ +name: Deploy Content to luna-west-central-us [a66005c1-cbb2-4c1e-a427-fc3c3683b5b4] +# Note: This workflow will deploy everything in the root directory. +# To deploy content only from a specific path (for example SentinelContent): +# 1. Add the target path to the "paths" property like such +# paths: +# - 'SentinelContent/**' +# - '!.github/workflows/**' +# - '.github/workflows/sentinel-deploy-a66005c1-cbb2-4c1e-a427-fc3c3683b5b4.yml' +# 2. Append the path to the directory environment variable below +# directory: '${{ github.workspace }}/SentinelContent' + +on: + push: + branches: [ patch-1-sentinel-deployment ] + paths: + - '**' + - '!.github/workflows/**' # this filter prevents other workflow changes from triggering this workflow + - '.github/workflows/sentinel-deploy-a66005c1-cbb2-4c1e-a427-fc3c3683b5b4.yml' + +jobs: + deploy-content: + runs-on: windows-latest + env: + resourceGroupName: 'luna-west-cental-us' + workspaceName: 'luna-west-central-us' + workspaceId: '6ce1cd18-35af-48e4-ae9f-8e1db4caa0fe' + directory: '${{ github.workspace }}' + cloudEnv: 'AzureCloud' + creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_a66005c1cbb24c1ea427fc3c3683b5b4 }} + contentTypes: 'AnalyticsRule,AutomationRule,HuntingQuery,Parser,Playbook,Workbook' + branch: 'patch-1-sentinel-deployment' + sourceControlId: 'a66005c1-cbb2-4c1e-a427-fc3c3683b5b4' + rootDirectory: '${{ github.workspace }}' + githubAuthToken: ${{ secrets.GITHUB_TOKEN }} + smartDeployment: 'true' + + steps: + - name: Login to Azure (Attempt 1) + continue-on-error: true + id: login1 + uses: azure/login@v1 + if: ${{ env.cloudEnv == 'AzureCloud' }} + with: + creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_a66005c1cbb24c1ea427fc3c3683b5b4 }} + enable-AzPSSession: true + + - name: Wait 30 seconds if login attempt 1 failed + if: ${{ env.cloudEnv == 'AzureCloud' && steps.login1.outcome=='failure' }} + run: powershell Start-Sleep -s 30 + + - name: Login to Azure (Attempt 2) + continue-on-error: true + id: login2 + uses: azure/login@v1 + if: ${{ env.cloudEnv == 'AzureCloud' && steps.login1.outcome=='failure' }} + with: + creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_a66005c1cbb24c1ea427fc3c3683b5b4 }} + enable-AzPSSession: true + + - name: Wait 30 seconds if login attempt 2 failed + if: ${{ env.cloudEnv == 'AzureCloud' && steps.login2.outcome=='failure' }} + run: powershell Start-Sleep -s 30 + + - name: Login to Azure (Attempt 3) + continue-on-error: false + id: login3 + uses: azure/login@v1 + if: ${{ env.cloudEnv == 'AzureCloud' && steps.login2.outcome=='failure' }} + with: + creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_a66005c1cbb24c1ea427fc3c3683b5b4 }} + enable-AzPSSession: true + + - name: Checkout + uses: actions/checkout@v3 + + - name: Deploy Content to Azure Sentinel + uses: azure/powershell@v1 + with: + azPSVersion: 'latest' + inlineScript: | + ${{ github.workspace }}//.github/workflows/azure-sentinel-deploy-a66005c1-cbb2-4c1e-a427-fc3c3683b5b4.ps1 \ No newline at end of file