-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathsentinel-deploy-a629e061-4009-42b2-8f0e-4d67c7f8ddc3.yml
More file actions
80 lines (71 loc) · 3.07 KB
/
sentinel-deploy-a629e061-4009-42b2-8f0e-4d67c7f8ddc3.yml
File metadata and controls
80 lines (71 loc) · 3.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
name: Deploy Content to cicdtest2 [a629e061-4009-42b2-8f0e-4d67c7f8ddc3]
# Note: This workflow will deploy everything in the root directory.
# To deploy content only from a specific path (for example SentinelContent):
# 1. Add the target path to the "paths" property like such
# paths:
# - 'SentinelContent/**'
# - '!.github/workflows/**'
# - '.github/workflows/sentinel-deploy-a629e061-4009-42b2-8f0e-4d67c7f8ddc3.yml'
# 2. Append the path to the directory environment variable below
# directory: '${{ github.workspace }}/SentinelContent'
on:
push:
branches: [ master ]
paths:
- '**'
- '!.github/workflows/**' # this filter prevents other workflow changes from triggering this workflow
- '.github/workflows/sentinel-deploy-a629e061-4009-42b2-8f0e-4d67c7f8ddc3.yml'
jobs:
deploy-content:
runs-on: windows-latest
env:
resourceGroupName: 'cxe-malowe'
workspaceName: 'cicdtest2'
workspaceId: '6914326a-c8d4-4a14-be6d-64b148cd9c70'
directory: '${{ github.workspace }}'
cloudEnv: 'AzureCloud'
creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_a629e061400942b28f0e4d67c7f8ddc3 }}
contentTypes: 'AnalyticsRule,AutomationRule,HuntingQuery,Parser,Workbook,Playbook'
branch: 'master'
sourceControlId: 'a629e061-4009-42b2-8f0e-4d67c7f8ddc3'
githubAuthToken: ${{ secrets.GITHUB_TOKEN }}
smartDeployment: 'true'
steps:
- name: Login to Azure (Attempt 1)
continue-on-error: true
id: login1
uses: azure/login@v1
if: ${{ env.cloudEnv == 'AzureCloud' }}
with:
creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_a629e061400942b28f0e4d67c7f8ddc3 }}
enable-AzPSSession: true
- name: Wait 30 seconds if login attempt 1 failed
if: ${{ env.cloudEnv == 'AzureCloud' && steps.login1.outcome=='failure' }}
run: powershell Start-Sleep -s 30
- name: Login to Azure (Attempt 2)
continue-on-error: true
id: login2
uses: azure/login@v1
if: ${{ env.cloudEnv == 'AzureCloud' && steps.login1.outcome=='failure' }}
with:
creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_a629e061400942b28f0e4d67c7f8ddc3 }}
enable-AzPSSession: true
- name: Wait 30 seconds if login attempt 2 failed
if: ${{ env.cloudEnv == 'AzureCloud' && steps.login2.outcome=='failure' }}
run: powershell Start-Sleep -s 30
- name: Login to Azure (Attempt 3)
continue-on-error: false
id: login3
uses: azure/login@v1
if: ${{ env.cloudEnv == 'AzureCloud' && steps.login2.outcome=='failure' }}
with:
creds: ${{ secrets.AZURE_SENTINEL_CREDENTIALS_a629e061400942b28f0e4d67c7f8ddc3 }}
enable-AzPSSession: true
- name: Checkout
uses: actions/checkout@v1
- name: Deploy Content to Azure Sentinel
uses: azure/powershell@v1
with:
azPSVersion: 'latest'
inlineScript: |
${{ github.workspace }}//.github/workflows/azure-sentinel-deploy-a629e061-4009-42b2-8f0e-4d67c7f8ddc3.ps1