Workflow file for Sentinel-Deploy

azure-sentinel[bot] · web-flow · commit ceb3425c9044 · 2025-03-13T09:24:25.000Z
diff --git a/.github/workflows/sentinel-deploy-e66b44f5-0bd1-458b-9b32-39f9c43e9e2c.yml b/.github/workflows/sentinel-deploy-e66b44f5-0bd1-458b-9b32-39f9c43e9e2c.yml
@@ -0,0 +1,83 @@
+name: Deploy Content to testgithubrepo [e66b44f5-0bd1-458b-9b32-39f9c43e9e2c]
+# Note: This workflow will deploy everything in the root directory.
+# To deploy content only from a specific path (for example SentinelContent):
+#   1. Add the target path to the "paths" property like such
+#    paths:
+#    - 'SentinelContent/**'
+#    - '!.github/workflows/**'
+#    - '.github/workflows/sentinel-deploy-e66b44f5-0bd1-458b-9b32-39f9c43e9e2c.yml'
+#   2. Append the path to the directory environment variable below
+#       directory: '${{ github.workspace }}/SentinelContent'
+
+on: 
+  push:
+    branches: [ Testbranch ]
+    paths:
+    - '**'
+    - '!.github/workflows/**'  # this filter prevents other workflow changes from triggering this workflow
+    - '.github/workflows/sentinel-deploy-e66b44f5-0bd1-458b-9b32-39f9c43e9e2c.yml'
+
+jobs:
+  deploy-content:
+    runs-on: windows-latest
+    env:
+      resourceGroupName: 'sentineldemo'
+      workspaceName: 'testgithubrepo'
+      workspaceId: '2bfb904e-111d-4728-90e3-7f83b9e9f0a3'
+      directory: '${{ github.workspace }}'
+      cloudEnv: 'AzureCloud'
+      creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_e66b44f50bd1458b9b3239f9c43e9e2c }}
+      contentTypes: 'AnalyticsRule,Playbook,Workbook'
+      branch: 'Testbranch'
+      sourceControlId: 'e66b44f5-0bd1-458b-9b32-39f9c43e9e2c'
+      rootDirectory: '${{ github.workspace }}'
+      githubAuthToken: ${{ secrets.GITHUB_TOKEN }}
+      smartDeployment: 'true'
+    permissions:
+      contents: write
+
+    steps:
+    - name: Login to Azure (Attempt 1)
+      continue-on-error: true
+      id: login1
+      uses: azure/login@v2
+      if: ${{ env.cloudEnv == 'AzureCloud' }}
+      with:
+        creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_e66b44f50bd1458b9b3239f9c43e9e2c }}
+        enable-AzPSSession: true
+
+    - name: Wait 30 seconds if login attempt 1 failed
+      if: ${{ env.cloudEnv == 'AzureCloud' && steps.login1.outcome=='failure' }}
+      run: powershell Start-Sleep -s 30
+    
+    - name: Login to Azure (Attempt 2)
+      continue-on-error: true
+      id: login2
+      uses: azure/login@v2
+      if: ${{ env.cloudEnv == 'AzureCloud' && steps.login1.outcome=='failure' }}
+      with:
+        creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_e66b44f50bd1458b9b3239f9c43e9e2c }}
+        enable-AzPSSession: true
+
+    - name: Wait 30 seconds if login attempt 2 failed
+      if: ${{ env.cloudEnv == 'AzureCloud' && steps.login2.outcome=='failure' }}
+      run: powershell Start-Sleep -s 30
+    
+    - name: Login to Azure (Attempt 3)
+      continue-on-error: false
+      id: login3
+      uses: azure/login@v2
+      if: ${{ env.cloudEnv == 'AzureCloud' && steps.login2.outcome=='failure'  }}
+      with:
+        creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_e66b44f50bd1458b9b3239f9c43e9e2c }}
+        enable-AzPSSession: true
+
+    - name: Checkout
+      uses: actions/checkout@v3
+    
+    - name: Deploy Content to Microsoft Sentinel
+      uses: azure/powershell@v1
+      with:
+        azPSVersion: 'latest'
+        inlineScript: |
+          ${{ github.workspace }}//.github/workflows/azure-sentinel-deploy-e66b44f5-0bd1-458b-9b32-39f9c43e9e2c.ps1
