Workflow file for Sentinel-Deploy

azure-sentinel[bot] · web-flow · commit 4e6affae56f4 · 2025-03-11T09:53:57.000Z
diff --git a/.github/workflows/sentinel-deploy-b7c98d6c-4bb4-4c94-98fd-2b2fc95222c9.yml b/.github/workflows/sentinel-deploy-b7c98d6c-4bb4-4c94-98fd-2b2fc95222c9.yml
@@ -0,0 +1,83 @@
+name: Deploy Content to logworkspace [b7c98d6c-4bb4-4c94-98fd-2b2fc95222c9]
+# Note: This workflow will deploy everything in the root directory.
+# To deploy content only from a specific path (for example SentinelContent):
+#   1. Add the target path to the "paths" property like such
+#    paths:
+#    - 'SentinelContent/**'
+#    - '!.github/workflows/**'
+#    - '.github/workflows/sentinel-deploy-b7c98d6c-4bb4-4c94-98fd-2b2fc95222c9.yml'
+#   2. Append the path to the directory environment variable below
+#       directory: '${{ github.workspace }}/SentinelContent'
+
+on: 
+  push:
+    branches: [ BugFix ]
+    paths:
+    - '**'
+    - '!.github/workflows/**'  # this filter prevents other workflow changes from triggering this workflow
+    - '.github/workflows/sentinel-deploy-b7c98d6c-4bb4-4c94-98fd-2b2fc95222c9.yml'
+
+jobs:
+  deploy-content:
+    runs-on: windows-latest
+    env:
+      resourceGroupName: 'sentineldemo'
+      workspaceName: 'logworkspace'
+      workspaceId: '6202d0f0-3e8c-44a1-bc49-6f37e1b7fc99'
+      directory: '${{ github.workspace }}'
+      cloudEnv: 'AzureCloud'
+      creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_b7c98d6c4bb44c9498fd2b2fc95222c9 }}
+      contentTypes: 'AnalyticsRule'
+      branch: 'BugFix'
+      sourceControlId: 'b7c98d6c-4bb4-4c94-98fd-2b2fc95222c9'
+      rootDirectory: '${{ github.workspace }}'
+      githubAuthToken: ${{ secrets.GITHUB_TOKEN }}
+      smartDeployment: 'true'
+    permissions:
+      contents: write
+
+    steps:
+    - name: Login to Azure (Attempt 1)
+      continue-on-error: true
+      id: login1
+      uses: azure/login@v2
+      if: ${{ env.cloudEnv == 'AzureCloud' }}
+      with:
+        creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_b7c98d6c4bb44c9498fd2b2fc95222c9 }}
+        enable-AzPSSession: true
+
+    - name: Wait 30 seconds if login attempt 1 failed
+      if: ${{ env.cloudEnv == 'AzureCloud' && steps.login1.outcome=='failure' }}
+      run: powershell Start-Sleep -s 30
+    
+    - name: Login to Azure (Attempt 2)
+      continue-on-error: true
+      id: login2
+      uses: azure/login@v2
+      if: ${{ env.cloudEnv == 'AzureCloud' && steps.login1.outcome=='failure' }}
+      with:
+        creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_b7c98d6c4bb44c9498fd2b2fc95222c9 }}
+        enable-AzPSSession: true
+
+    - name: Wait 30 seconds if login attempt 2 failed
+      if: ${{ env.cloudEnv == 'AzureCloud' && steps.login2.outcome=='failure' }}
+      run: powershell Start-Sleep -s 30
+    
+    - name: Login to Azure (Attempt 3)
+      continue-on-error: false
+      id: login3
+      uses: azure/login@v2
+      if: ${{ env.cloudEnv == 'AzureCloud' && steps.login2.outcome=='failure'  }}
+      with:
+        creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_b7c98d6c4bb44c9498fd2b2fc95222c9 }}
+        enable-AzPSSession: true
+
+    - name: Checkout
+      uses: actions/checkout@v3
+    
+    - name: Deploy Content to Microsoft Sentinel
+      uses: azure/powershell@v1
+      with:
+        azPSVersion: 'latest'
+        inlineScript: |
+          ${{ github.workspace }}//.github/workflows/azure-sentinel-deploy-b7c98d6c-4bb4-4c94-98fd-2b2fc95222c9.ps1
