From 3ab4c4d6b34f3e3366faba221b9f2282d0c857fd Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 12:38:57 +0300 Subject: [PATCH 01/40] Converted weekly generation pipeline to 1es --- .azure-pipelines/weekly-generation.yml | 309 +++++++++++++------------ 1 file changed, 163 insertions(+), 146 deletions(-) diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 9b54c3eb495..c1b233f2c1e 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -1,170 +1,187 @@ -# Copyright (c) Microsoft Corporation. All rights reserved. -# Licensed under the MIT License. - +# This Yaml Document has been converted by ESAI Yaml Pipeline Conversion Tool. +# Please make sure to check all the converted content, it is your team's responsibility to make sure that the pipeline is still valid and functions as expected. +# This pipeline will be extended to the OneESPT template +# If you are not using the E+D shared hosted pool with windows-2022, replace the pool section with your hosted pool, os, and image name. If you are using a Linux image, you must specify an additional windows image for SDL: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-pipeline-templates/features/sdlanalysis/overview#how-to-specify-a-windows-pool-for-the-sdl-source-analysis-stage +# The Task 'PublishBuildArtifacts@1' has been converted to an output named 'Publish Module Artifacts' in the templateContext section. +# The Task 'NuGetCommand@2' has been converted to an output named 'Publish NuGet to feed' in the templateContext section. +# Output added to job "MsGraphPsSdkWeeklyGeneration" with YAML conditionals extracted using AI. Review this expression against the originating file for correctness. +# Output added to job "MsGraphPsSdkWeeklyGeneration" with YAML conditionals extracted using AI. Review this expression against the originating file for correctness. name: $(BuildDefinitionName)_$(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r) - parameters: - - name: BuildAgent - displayName: Build Agent - default: 1es-windows-ps-compute - - name: BaseBranch - displayName: Base Branch - default: dev - - name: GenerationBranch - displayName: Generation branch - default: v2/generation - - name: SkipForceRefresh - displayName: Skip Force Refresh - default: false - type: boolean - - name: Test - type: boolean - default: true - - name: Pack - type: boolean - default: true - - name: Sign - type: boolean - default: true - - name: CreatePullRequest - type: boolean - default: true - - name: SkipOpenAPIDocsDownload - displayName: Skip OpenAPI Docs Download - default: false - type: boolean - +- name: BuildAgent + displayName: Build Agent + default: 1es-windows-ps-compute +- name: BaseBranch + displayName: Base Branch + default: dev +- name: GenerationBranch + displayName: Generation branch + default: v2/generation +- name: SkipForceRefresh + displayName: Skip Force Refresh + default: false + type: boolean +- name: Test + type: boolean + default: true +- name: Pack + type: boolean + default: true +- name: Sign + type: boolean + default: true +- name: CreatePullRequest + type: boolean + default: true +- name: SkipOpenAPIDocsDownload + displayName: Skip OpenAPI Docs Download + default: false + type: boolean variables: Branch: "WeeklyApiRefresh" BaseBranch: ${{ parameters.BaseBranch }} GenerationBranch: ${{ parameters.GenerationBranch }} BuildAgent: ${{ parameters.BuildAgent }} SkipForceRefresh: ${{ parameters.SkipForceRefresh }} - -pool: $(BuildAgent) trigger: none pr: none schedules: - - cron: "0 12 * * TUE" # Run every Tuesday at noon UTC - displayName: "PS SDK Weekly Refresh" - branches: - include: - - dev - always: true -jobs: - - job: RefreshOpenAPIDocuments - displayName: Refresh OpenApi documents - timeoutInMinutes: 240 - pool: $(BuildAgent) - steps: - - template: common-templates/download-openapi-docs.yml - parameters: - Branch: $(Branch) - BaseBranch: $(BaseBranch) - BuildAgent: $(BuildAgent) - SkipForceRefresh: $(SkipForceRefresh) - SkipOpenAPIDocsDownload: ${{ parameters.SkipOpenAPIDocsDownload }} - - - job: MsGraphPsSdkWeeklyGeneration - dependsOn: RefreshOpenAPIDocuments - displayName: Microsoft Graph PowerShell SDK Generation - condition: and(succeeded(), ne(dependencies.RefreshOpenAPIDocuments.outputs['OpenAPIDocDiff.ModulesWithChanges'], '')) - timeoutInMinutes: 840 - variables: - WeeklyBranch: $[ dependencies.RefreshOpenAPIDocuments.outputs['ComputeBranch.WeeklyBranch'] ] - steps: - - template: ./common-templates/checkout.yml - parameters: - TargetBranch: $(WeeklyBranch) - - template: ./common-templates/install-tools.yml - - template: ./common-templates/security-pre-checks.yml - - template: ./generation-templates/authentication-module.yml - parameters: - Test: ${{ parameters.Test }} - Pack: ${{ parameters.Pack }} - Sign: ${{ parameters.Sign }} - - template: ./generation-templates/workload-modules.yml - parameters: - Test: ${{ parameters.Test }} - Pack: ${{ parameters.Pack }} - Sign: ${{ parameters.Sign }} - - template: ./generation-templates/meta-module.yml - parameters: - Test: ${{ parameters.Test }} - Pack: ${{ parameters.Pack }} - Sign: ${{ parameters.Sign }} - - ${{ if and(eq(parameters.Pack, true), eq(parameters.Sign, true)) }}: - - template: ./common-templates/esrp/codesign-nuget.yml - parameters: - FolderPath: "$(Build.ArtifactStagingDirectory)" - Pattern: "Microsoft.Graph*.nupkg" - - task: PublishBuildArtifacts@1 - displayName: Publish Module Artifacts - inputs: - PathtoPublish: "$(Build.ArtifactStagingDirectory)" - ArtifactName: "drop" +- cron: "0 12 * * TUE" + displayName: "PS SDK Weekly Refresh" + branches: + include: + - dev + always: true +resources: + repositories: + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-2022 + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: stage + jobs: + - job: RefreshOpenAPIDocuments + displayName: Refresh OpenApi documents + timeoutInMinutes: 240 + steps: + - template: /temp/common-templates/download-openapi-docs.yml@self + parameters: + Branch: $(Branch) + BaseBranch: $(BaseBranch) + BuildAgent: $(BuildAgent) + SkipForceRefresh: $(SkipForceRefresh) + SkipOpenAPIDocsDownload: ${{ parameters.SkipOpenAPIDocsDownload }} + - job: MsGraphPsSdkWeeklyGeneration + dependsOn: RefreshOpenAPIDocuments + displayName: Microsoft Graph PowerShell SDK Generation + condition: and(succeeded(), ne(dependencies.RefreshOpenAPIDocuments.outputs['OpenAPIDocDiff.ModulesWithChanges'], '')) + timeoutInMinutes: 840 + variables: + WeeklyBranch: $[ dependencies.RefreshOpenAPIDocuments.outputs['ComputeBranch.WeeklyBranch'] ] + templateContext: + outputs: + - ${{ if and(eq(parameters.Pack, true), eq(parameters.Sign, true)) }}: + - output: pipelineArtifact + displayName: 'Publish Module Artifacts' + targetPath: "$(Build.ArtifactStagingDirectory)" + artifactName: "drop" publishLocation: "Container" - - task: NuGetCommand@2 - displayName: Publish NuGet to feed - inputs: - command: push + - ${{ if and(eq(parameters.Pack, true), eq(parameters.Sign, true)) }}: + - output: nuget + displayName: 'Publish NuGet to feed' + packageParentPath: '$(Build.ArtifactStagingDirectory)' packagesToPush: $(Build.ArtifactStagingDirectory)/**/Microsoft.Graph.*.nupkg publishVstsFeed: $(PROJECT_NAME)/$(FEED_NAME) allowPackageConflicts: true - - template: ./generation-templates/generate-command-metadata.yml - - template: ./common-templates/security-post-checks.yml - - ${{ if eq(parameters.CreatePullRequest, true) }}: - - template: common-templates/create-pr.yml + steps: + - template: /temp/common-templates/checkout.yml@self + parameters: + TargetBranch: $(WeeklyBranch) + - template: /temp/common-templates/install-tools.yml@self + - template: /temp/common-templates/security-pre-checks.yml@self + - template: /temp/generation-templates/authentication-module.yml@self + parameters: + Test: ${{ parameters.Test }} + Pack: ${{ parameters.Pack }} + Sign: ${{ parameters.Sign }} + - template: /temp/generation-templates/workload-modules.yml@self + parameters: + Test: ${{ parameters.Test }} + Pack: ${{ parameters.Pack }} + Sign: ${{ parameters.Sign }} + - template: /temp/generation-templates/meta-module.yml@self + parameters: + Test: ${{ parameters.Test }} + Pack: ${{ parameters.Pack }} + Sign: ${{ parameters.Sign }} + - ${{ if and(eq(parameters.Pack, true), eq(parameters.Sign, true)) }}: + - template: /temp/common-templates/esrp/codesign-nuget.yml@self + parameters: + FolderPath: "$(Build.ArtifactStagingDirectory)" + Pattern: "Microsoft.Graph*.nupkg" + - template: /temp/generation-templates/generate-command-metadata.yml@self + - template: /temp/common-templates/security-post-checks.yml@self + - ${{ if eq(parameters.CreatePullRequest, true) }}: + - template: /temp/common-templates/create-pr.yml@self parameters: BaseBranch: $(BaseBranch) TargetBranch: $(WeeklyBranch) Title: "[v2] Weekly OpenApiDocs Refresh" Body: "This pull request was automatically created by Azure Pipelines. **Important** Check for unexpected deletions or changes in this PR." - # Push SDK artifacts to generation branch. - - task: PowerShell@2 - name: "ComputeGenerationBranch" - displayName: "Compute weekly generation branch name" - inputs: - targetType: inline - script: | - $branch = "{0}/{1}" -f "WeeklyGeneration", (Get-Date -Format yyyyMMddHHmm) - Write-Host "##vso[task.setvariable variable=WeeklyGenerationBranch;isOutput=true]$branch" - - task: Bash@3 - displayName: "Create weekly generation branch" - inputs: - targetType: inline - script: | - git status - git branch $(ComputeGenerationBranch.WeeklyGenerationBranch) - git checkout $(ComputeGenerationBranch.WeeklyGenerationBranch) - git status - - task: Bash@3 - displayName: Commit Generated SDK artifacts - enabled: true - env: - GITHUB_TOKEN: $(GITHUB_TOKEN) - inputs: - targetType: inline - script: | - git add . - git commit -m 'Adds generated module artifacts' - git push "https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git" - git status - - task: Bash@3 - displayName: Sync with generation branch - enabled: true - env: - GITHUB_TOKEN: $(GITHUB_TOKEN) - inputs: - targetType: inline - script: | - git merge $(GenerationBranch) -s ours - git push "https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git" - git status - - ${{ if eq(parameters.CreatePullRequest, true) }}: - - template: common-templates/create-pr.yml + - task: PowerShell@2 + name: "ComputeGenerationBranch" + displayName: "Compute weekly generation branch name" + inputs: + targetType: inline + script: | + $branch = "{0}/{1}" -f "WeeklyGeneration", (Get-Date -Format yyyyMMddHHmm) + Write-Host "##vso[task.setvariable variable=WeeklyGenerationBranch;isOutput=true]$branch" + - task: Bash@3 + displayName: "Create weekly generation branch" + inputs: + targetType: inline + script: | + git status + git branch $(ComputeGenerationBranch.WeeklyGenerationBranch) + git checkout $(ComputeGenerationBranch.WeeklyGenerationBranch) + git status + - task: Bash@3 + displayName: Commit Generated SDK artifacts + enabled: true + env: + GITHUB_TOKEN: $(GITHUB_TOKEN) + inputs: + targetType: inline + script: | + git add . + git commit -m 'Adds generated module artifacts' + git push "https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git" + git status + - task: Bash@3 + displayName: Sync with generation branch + enabled: true + env: + GITHUB_TOKEN: $(GITHUB_TOKEN) + inputs: + targetType: inline + script: | + git merge $(GenerationBranch) -s ours + git push "https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git" + git status + - ${{ if eq(parameters.CreatePullRequest, true) }}: + - template: /temp/common-templates/create-pr.yml@self parameters: BaseBranch: $(GenerationBranch) TargetBranch: $(ComputeGenerationBranch.WeeklyGenerationBranch) Title: "[v2] Weekly Generated Module Artifacts" - Body: "This pull request was automatically created by Azure Pipelines. **Important** Check for unexpected deletions or changes in this PR." + Body: "This pull request was automatically created by Azure Pipelines. **Important** Check for unexpected deletions or changes in this PR." \ No newline at end of file From f2116dae8c00cd111272034cccd4168a7b4920d1 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 12:44:06 +0300 Subject: [PATCH 02/40] Updated file to remove invalid paths to referenced yml files --- .azure-pipelines/weekly-generation.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index c1b233f2c1e..3e9268bd2a6 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -74,7 +74,7 @@ extends: displayName: Refresh OpenApi documents timeoutInMinutes: 240 steps: - - template: /temp/common-templates/download-openapi-docs.yml@self + - template: common-templates/download-openapi-docs.yml parameters: Branch: $(Branch) BaseBranch: $(BaseBranch) @@ -104,35 +104,35 @@ extends: publishVstsFeed: $(PROJECT_NAME)/$(FEED_NAME) allowPackageConflicts: true steps: - - template: /temp/common-templates/checkout.yml@self + - template: /common-templates/checkout.yml parameters: TargetBranch: $(WeeklyBranch) - - template: /temp/common-templates/install-tools.yml@self - - template: /temp/common-templates/security-pre-checks.yml@self - - template: /temp/generation-templates/authentication-module.yml@self + - template: /common-templates/install-tools.yml + - template: /common-templates/security-pre-checks.yml + - template: /generation-templates/authentication-module.yml parameters: Test: ${{ parameters.Test }} Pack: ${{ parameters.Pack }} Sign: ${{ parameters.Sign }} - - template: /temp/generation-templates/workload-modules.yml@self + - template: /generation-templates/workload-modules.yml parameters: Test: ${{ parameters.Test }} Pack: ${{ parameters.Pack }} Sign: ${{ parameters.Sign }} - - template: /temp/generation-templates/meta-module.yml@self + - template: /generation-templates/meta-module.yml parameters: Test: ${{ parameters.Test }} Pack: ${{ parameters.Pack }} Sign: ${{ parameters.Sign }} - ${{ if and(eq(parameters.Pack, true), eq(parameters.Sign, true)) }}: - - template: /temp/common-templates/esrp/codesign-nuget.yml@self + - template: /common-templates/esrp/codesign-nuget.ym parameters: FolderPath: "$(Build.ArtifactStagingDirectory)" Pattern: "Microsoft.Graph*.nupkg" - - template: /temp/generation-templates/generate-command-metadata.yml@self - - template: /temp/common-templates/security-post-checks.yml@self + - template: /generation-templates/generate-command-metadata.yml + - template: /common-templates/security-post-checks.yml - ${{ if eq(parameters.CreatePullRequest, true) }}: - - template: /temp/common-templates/create-pr.yml@self + - template: /common-templates/create-pr.yml parameters: BaseBranch: $(BaseBranch) TargetBranch: $(WeeklyBranch) @@ -179,7 +179,7 @@ extends: git push "https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git" git status - ${{ if eq(parameters.CreatePullRequest, true) }}: - - template: /temp/common-templates/create-pr.yml@self + - template: /common-templates/create-pr.yml parameters: BaseBranch: $(GenerationBranch) TargetBranch: $(ComputeGenerationBranch.WeeklyGenerationBranch) From 8404502ceee42d552a505b38bcf1fdd3c7fd3187 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 13:05:18 +0300 Subject: [PATCH 03/40] Updated file to reference yml files correclty --- .azure-pipelines/weekly-generation.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 3e9268bd2a6..8a46e68b1d1 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -74,7 +74,7 @@ extends: displayName: Refresh OpenApi documents timeoutInMinutes: 240 steps: - - template: common-templates/download-openapi-docs.yml + - template: common-templates/download-openapi-docs.yml@self parameters: Branch: $(Branch) BaseBranch: $(BaseBranch) @@ -104,35 +104,35 @@ extends: publishVstsFeed: $(PROJECT_NAME)/$(FEED_NAME) allowPackageConflicts: true steps: - - template: /common-templates/checkout.yml + - template: ./common-templates/checkout.yml@self parameters: TargetBranch: $(WeeklyBranch) - - template: /common-templates/install-tools.yml - - template: /common-templates/security-pre-checks.yml - - template: /generation-templates/authentication-module.yml + - template: ./common-templates/install-tools.yml@self + - template: ./common-templates/security-pre-checks.yml@self + - template: ./generation-templates/authentication-module.yml@self parameters: Test: ${{ parameters.Test }} Pack: ${{ parameters.Pack }} Sign: ${{ parameters.Sign }} - - template: /generation-templates/workload-modules.yml + - template: ./generation-templates/workload-modules.yml@self parameters: Test: ${{ parameters.Test }} Pack: ${{ parameters.Pack }} Sign: ${{ parameters.Sign }} - - template: /generation-templates/meta-module.yml + - template: ./generation-templates/meta-module.yml@self parameters: Test: ${{ parameters.Test }} Pack: ${{ parameters.Pack }} Sign: ${{ parameters.Sign }} - ${{ if and(eq(parameters.Pack, true), eq(parameters.Sign, true)) }}: - - template: /common-templates/esrp/codesign-nuget.ym + - template: ./common-templates/esrp/codesign-nuget.yml@self parameters: FolderPath: "$(Build.ArtifactStagingDirectory)" Pattern: "Microsoft.Graph*.nupkg" - - template: /generation-templates/generate-command-metadata.yml - - template: /common-templates/security-post-checks.yml + - template: ./generation-templates/generate-command-metadata.yml@self + - template: ./common-templates/security-post-checks.yml@self - ${{ if eq(parameters.CreatePullRequest, true) }}: - - template: /common-templates/create-pr.yml + - template: ./common-templates/create-pr.yml@self parameters: BaseBranch: $(BaseBranch) TargetBranch: $(WeeklyBranch) @@ -179,7 +179,7 @@ extends: git push "https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git" git status - ${{ if eq(parameters.CreatePullRequest, true) }}: - - template: /common-templates/create-pr.yml + - template: ./common-templates/create-pr.yml@self parameters: BaseBranch: $(GenerationBranch) TargetBranch: $(ComputeGenerationBranch.WeeklyGenerationBranch) From 5f66f10d61f98b3dca6723dc207dc4904401cf39 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 13:12:14 +0300 Subject: [PATCH 04/40] Corrected file path --- .azure-pipelines/weekly-generation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 8a46e68b1d1..7ea14e5d3c6 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -74,7 +74,7 @@ extends: displayName: Refresh OpenApi documents timeoutInMinutes: 240 steps: - - template: common-templates/download-openapi-docs.yml@self + - template: ./common-templates/download-openapi-docs.yml@self parameters: Branch: $(Branch) BaseBranch: $(BaseBranch) From 3b4c0da50737c1c1d45e4035c60a81fc25d29afa Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 13:23:05 +0300 Subject: [PATCH 05/40] Removed self annotation --- .azure-pipelines/weekly-generation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 7ea14e5d3c6..b4446635ccf 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -74,7 +74,7 @@ extends: displayName: Refresh OpenApi documents timeoutInMinutes: 240 steps: - - template: ./common-templates/download-openapi-docs.yml@self + - template: common-templates/download-openapi-docs.yml parameters: Branch: $(Branch) BaseBranch: $(BaseBranch) From d33786b8ac66c34f97b7a141cf2edef3abef8166 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 13:43:58 +0300 Subject: [PATCH 06/40] Updated weekly update for examples --- .azure-pipelines/weekly-examples-update.yml | 175 ++++++++++---------- 1 file changed, 92 insertions(+), 83 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index 8c275cabd00..1484c2dade0 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -1,15 +1,18 @@ -# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. - -trigger: none # disable triggers based on commits. -pr: none # disable as a PR gate. +# This Yaml Document has been converted by ESAI Yaml Pipeline Conversion Tool. +# Please make sure to check all the converted content, it is your team's responsibility to make sure that the pipeline is still valid and functions as expected. +# This pipeline will be extended to the OneESPT template +# If you are not using the E+D shared hosted pool with windows-2022, replace the pool section with your hosted pool, os, and image name. If you are using a Linux image, you must specify an additional windows image for SDL: https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/1es-pipeline-templates/features/sdlanalysis/overview#how-to-specify-a-windows-pool-for-the-sdl-source-analysis-stage +# The Task 'PublishBuildArtifacts@1' has been converted to an output named 'Publish Examples to be reviewed as artifact' in the templateContext section. +trigger: none +pr: none name: 'PowerShellExamplesUpdateV2 Check' schedules: - - cron: "0 3 * * FRI" # every Friday at 3AM UTC (off hours for Redmond, Nairobi and Montréal) - displayName: 'PowerShellExamplesUpdateV2' - branches: - include: - - dev - always: true +- cron: "0 3 * * FRI" + displayName: 'PowerShellExamplesUpdateV2' + branches: + include: + - dev + always: true parameters: - name: PipelineTimeout displayName: PipelineTimeout @@ -18,77 +21,83 @@ parameters: - name: BuildAgent displayName: Build Agent default: 1es-windows-ps-compute - resources: - repositories: - - repository: msgraph-sdk-powershell - type: github - endpoint: MicrosoftDocs - name: microsoftgraph/msgraph-sdk-powershell - ref: dev - -jobs: -- job: PowerShellExamplesUpdateV2 - pool: - name: ${{ parameters.BuildAgent }} - timeoutInMinutes: ${{ parameters.PipelineTimeout }} - steps: - - template: ./common-templates/install-sdk.yml - - task: PowerShell@2 - name: "ComputeBranch" - displayName: "Compute weekly examples update branch name" - inputs: - targetType: inline - script: | - $branch = "{0}/{1}" -f "WeeklyExamplesUpdate", (Get-Date -Format yyyyMMddHHmm) - Write-Host "Compute branch: $branch" - Write-Host "##vso[task.setvariable variable=WeeklyExamplesBranch;isOutput=true]$branch" - - - task: Bash@3 - displayName: "Create weekly examples branch" - inputs: - targetType: inline - script: | - git status - git branch $(ComputeBranch.WeeklyExamplesBranch) - git checkout $(ComputeBranch.WeeklyExamplesBranch) - git status - - - task: PowerShell@2 - displayName: 'Import Examples From API reference - V2' - continueOnError: false - inputs: - targetType: 'filePath' - pwsh: true - filePath: tools\ImportExamples.ps1 - - - task: PublishBuildArtifacts@1 - displayName: 'Publish Examples to be reviewed as artifact' - inputs: - PathtoPublish: 'examplesreport' - ArtifactName: 'ExamplesToBeReviewed' - publishLocation: 'Container' - # StoreAsTar: true - - - task: PowerShell@2 - displayName: Pushing to github - env: - GITHUB_TOKEN: $(GITHUB_TOKEN) - inputs: - targetType: inline - pwsh: true - script: | - git config --global user.email "GraphTooling@service.microsoft.com" - git config --global user.name "Microsoft Graph DevX Tooling" - git status - git add . - git commit -m "Updating examples" - git push --set-upstream https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git $(ComputeBranch.WeeklyExamplesBranch) - git status - - - template: ./common-templates/create-pr.yml - parameters: - BaseBranch: "dev" - TargetBranch: $(ComputeBranch.WeeklyExamplesBranch) - Title: "[v2] Examples Update" - Body: "This pull request was automatically created by Azure Pipelines. **Important** Check for unexpected deletions or changes in this PR." \ No newline at end of file + repositories: + - repository: msgraph-sdk-powershell + type: github + endpoint: MicrosoftDocs + name: microsoftgraph/msgraph-sdk-powershell + ref: dev + - repository: 1ESPipelineTemplates + type: git + name: 1ESPipelineTemplates/1ESPipelineTemplates + ref: refs/tags/release +extends: + template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates + parameters: + pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-2022 + os: windows + customBuildTags: + - ES365AIMigrationTooling + stages: + - stage: stage + jobs: + - job: PowerShellExamplesUpdateV2 + timeoutInMinutes: ${{ parameters.PipelineTimeout }} + templateContext: + outputs: + - output: pipelineArtifact + displayName: 'Publish Examples to be reviewed as artifact' + targetPath: 'examplesreport' + artifactName: 'ExamplesToBeReviewed' + publishLocation: 'Container' + steps: + - template: ./common-templates/install-sdk.yml@self + - task: PowerShell@2 + name: "ComputeBranch" + displayName: "Compute weekly examples update branch name" + inputs: + targetType: inline + script: | + $branch = "{0}/{1}" -f "WeeklyExamplesUpdate", (Get-Date -Format yyyyMMddHHmm) + Write-Host "Compute branch: $branch" + Write-Host "##vso[task.setvariable variable=WeeklyExamplesBranch;isOutput=true]$branch" + - task: Bash@3 + displayName: "Create weekly examples branch" + inputs: + targetType: inline + script: | + git status + git branch $(ComputeBranch.WeeklyExamplesBranch) + git checkout $(ComputeBranch.WeeklyExamplesBranch) + git status + - task: PowerShell@2 + displayName: 'Import Examples From API reference - V2' + continueOnError: false + inputs: + targetType: 'filePath' + pwsh: true + filePath: tools\ImportExamples.ps1 + - task: PowerShell@2 + displayName: Pushing to github + env: + GITHUB_TOKEN: $(GITHUB_TOKEN) + inputs: + targetType: inline + pwsh: true + script: | + git config --global user.email "GraphTooling@service.microsoft.com" + git config --global user.name "Microsoft Graph DevX Tooling" + git status + git add . + git commit -m "Updating examples" + git push --set-upstream https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git $(ComputeBranch.WeeklyExamplesBranch) + git status + - template: ./common-templates/create-pr.yml@self + parameters: + BaseBranch: "dev" + TargetBranch: $(ComputeBranch.WeeklyExamplesBranch) + Title: "[v2] Examples Update" + Body: "This pull request was automatically created by Azure Pipelines. **Important** Check for unexpected deletions or changes in this PR." \ No newline at end of file From b39fbc84d414cafc45b06a4ee17249c5353a31cf Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 13:56:30 +0300 Subject: [PATCH 07/40] Corrected path --- .azure-pipelines/weekly-examples-update.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index 1484c2dade0..52af548a674 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -54,7 +54,7 @@ extends: artifactName: 'ExamplesToBeReviewed' publishLocation: 'Container' steps: - - template: ./common-templates/install-sdk.yml@self + - template: /common-templates/install-sdk.yml@self - task: PowerShell@2 name: "ComputeBranch" displayName: "Compute weekly examples update branch name" @@ -95,7 +95,7 @@ extends: git commit -m "Updating examples" git push --set-upstream https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git $(ComputeBranch.WeeklyExamplesBranch) git status - - template: ./common-templates/create-pr.yml@self + - template: /common-templates/create-pr.yml@self parameters: BaseBranch: "dev" TargetBranch: $(ComputeBranch.WeeklyExamplesBranch) From 5ef444badf08126fc6697c8f079eb843d9d7062d Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 14:10:01 +0300 Subject: [PATCH 08/40] Removed the self annotation --- .azure-pipelines/weekly-examples-update.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index 52af548a674..ea387844d14 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -54,7 +54,7 @@ extends: artifactName: 'ExamplesToBeReviewed' publishLocation: 'Container' steps: - - template: /common-templates/install-sdk.yml@self + - template: common-templates/install-sdk.yml - task: PowerShell@2 name: "ComputeBranch" displayName: "Compute weekly examples update branch name" @@ -95,7 +95,7 @@ extends: git commit -m "Updating examples" git push --set-upstream https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git $(ComputeBranch.WeeklyExamplesBranch) git status - - template: /common-templates/create-pr.yml@self + - template: common-templates/create-pr.yml parameters: BaseBranch: "dev" TargetBranch: $(ComputeBranch.WeeklyExamplesBranch) From 61c43453f3e9bb1f375d3cb9a915fd2d776de552 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 14:13:13 +0300 Subject: [PATCH 09/40] Rolled back to the original file created during migration --- .azure-pipelines/weekly-examples-update.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index ea387844d14..f208a57d694 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -54,7 +54,7 @@ extends: artifactName: 'ExamplesToBeReviewed' publishLocation: 'Container' steps: - - template: common-templates/install-sdk.yml + - template: /temp/powershell/common-templates/install-sdk.yml@self - task: PowerShell@2 name: "ComputeBranch" displayName: "Compute weekly examples update branch name" @@ -95,7 +95,7 @@ extends: git commit -m "Updating examples" git push --set-upstream https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git $(ComputeBranch.WeeklyExamplesBranch) git status - - template: common-templates/create-pr.yml + - template: /temp/powershell/common-templates/create-pr.yml@self parameters: BaseBranch: "dev" TargetBranch: $(ComputeBranch.WeeklyExamplesBranch) From 52ccec9f69ed9dde6a196e67e07f94974ec0f88b Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 14:22:15 +0300 Subject: [PATCH 10/40] Fixed paths --- .azure-pipelines/weekly-examples-update.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index f208a57d694..b3865686ad8 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -54,7 +54,7 @@ extends: artifactName: 'ExamplesToBeReviewed' publishLocation: 'Container' steps: - - template: /temp/powershell/common-templates/install-sdk.yml@self + - template: .azure-pipelines/common-templates/install-sdk.yml - task: PowerShell@2 name: "ComputeBranch" displayName: "Compute weekly examples update branch name" @@ -95,7 +95,7 @@ extends: git commit -m "Updating examples" git push --set-upstream https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git $(ComputeBranch.WeeklyExamplesBranch) git status - - template: /temp/powershell/common-templates/create-pr.yml@self + - template: .azure-pipelines/common-templates/create-pr.yml parameters: BaseBranch: "dev" TargetBranch: $(ComputeBranch.WeeklyExamplesBranch) From 12209563924b290ce2f22e384af222861b3352b3 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 14:24:08 +0300 Subject: [PATCH 11/40] Returned @self --- .azure-pipelines/weekly-examples-update.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index b3865686ad8..4d6120f00eb 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -54,7 +54,7 @@ extends: artifactName: 'ExamplesToBeReviewed' publishLocation: 'Container' steps: - - template: .azure-pipelines/common-templates/install-sdk.yml + - template: .azure-pipelines/common-templates/install-sdk.yml@self - task: PowerShell@2 name: "ComputeBranch" displayName: "Compute weekly examples update branch name" @@ -95,7 +95,7 @@ extends: git commit -m "Updating examples" git push --set-upstream https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git $(ComputeBranch.WeeklyExamplesBranch) git status - - template: .azure-pipelines/common-templates/create-pr.yml + - template: .azure-pipelines/common-templates/create-pr.yml@self parameters: BaseBranch: "dev" TargetBranch: $(ComputeBranch.WeeklyExamplesBranch) From 98ef8dd40584953f45befb7925f856449658f3c6 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 14:27:46 +0300 Subject: [PATCH 12/40] Fixed paths --- .azure-pipelines/weekly-generation.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index b4446635ccf..6d819fc3ed9 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -74,7 +74,7 @@ extends: displayName: Refresh OpenApi documents timeoutInMinutes: 240 steps: - - template: common-templates/download-openapi-docs.yml + - template: .azure-pipelines/common-templates/download-openapi-docs.yml parameters: Branch: $(Branch) BaseBranch: $(BaseBranch) @@ -104,35 +104,35 @@ extends: publishVstsFeed: $(PROJECT_NAME)/$(FEED_NAME) allowPackageConflicts: true steps: - - template: ./common-templates/checkout.yml@self + - template: .azure-pipelines/common-templates/checkout.yml@self parameters: TargetBranch: $(WeeklyBranch) - - template: ./common-templates/install-tools.yml@self - - template: ./common-templates/security-pre-checks.yml@self - - template: ./generation-templates/authentication-module.yml@self + - template: .azure-pipelines/common-templates/install-tools.yml@self + - template: .azure-pipelines/common-templates/security-pre-checks.yml@self + - template: .azure-pipelines/generation-templates/authentication-module.yml@self parameters: Test: ${{ parameters.Test }} Pack: ${{ parameters.Pack }} Sign: ${{ parameters.Sign }} - - template: ./generation-templates/workload-modules.yml@self + - template: .azure-pipelines/generation-templates/workload-modules.yml@self parameters: Test: ${{ parameters.Test }} Pack: ${{ parameters.Pack }} Sign: ${{ parameters.Sign }} - - template: ./generation-templates/meta-module.yml@self + - template: .azure-pipelines/generation-templates/meta-module.yml@self parameters: Test: ${{ parameters.Test }} Pack: ${{ parameters.Pack }} Sign: ${{ parameters.Sign }} - ${{ if and(eq(parameters.Pack, true), eq(parameters.Sign, true)) }}: - - template: ./common-templates/esrp/codesign-nuget.yml@self + - template: .azure-pipelines/common-templates/esrp/codesign-nuget.yml@self parameters: FolderPath: "$(Build.ArtifactStagingDirectory)" Pattern: "Microsoft.Graph*.nupkg" - - template: ./generation-templates/generate-command-metadata.yml@self - - template: ./common-templates/security-post-checks.yml@self + - template: .azure-pipelines/generation-templates/generate-command-metadata.yml@self + - template: .azure-pipelines/common-templates/security-post-checks.yml@self - ${{ if eq(parameters.CreatePullRequest, true) }}: - - template: ./common-templates/create-pr.yml@self + - template: .azure-pipelines/common-templates/create-pr.yml@self parameters: BaseBranch: $(BaseBranch) TargetBranch: $(WeeklyBranch) @@ -179,7 +179,7 @@ extends: git push "https://$(GITHUB_TOKEN)@github.com/microsoftgraph/msgraph-sdk-powershell.git" git status - ${{ if eq(parameters.CreatePullRequest, true) }}: - - template: ./common-templates/create-pr.yml@self + - template: .azure-pipelines/common-templates/create-pr.yml@self parameters: BaseBranch: $(GenerationBranch) TargetBranch: $(ComputeGenerationBranch.WeeklyGenerationBranch) From b1fe943bbc1645b69bca1cac33b36f96282af210 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 14:40:51 +0300 Subject: [PATCH 13/40] Added @self --- .azure-pipelines/weekly-generation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 6d819fc3ed9..3cc4272fec5 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -74,7 +74,7 @@ extends: displayName: Refresh OpenApi documents timeoutInMinutes: 240 steps: - - template: .azure-pipelines/common-templates/download-openapi-docs.yml + - template: .azure-pipelines/common-templates/download-openapi-docs.yml@self parameters: Branch: $(Branch) BaseBranch: $(BaseBranch) From 53badcf0161417f44aa5c0096fd140298c89cfe6 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 15:12:30 +0300 Subject: [PATCH 14/40] Added credscan suppressions --- .azure-pipelines/weekly-examples-update.yml | 2 ++ .azure-pipelines/weekly-generation.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index 4d6120f00eb..ac1382c1c4c 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -39,6 +39,8 @@ extends: name: Azure-Pipelines-1ESPT-ExDShared image: windows-2022 os: windows + sdl: + suppressionFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json customBuildTags: - ES365AIMigrationTooling stages: diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 3cc4272fec5..84d04f6a528 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -65,6 +65,8 @@ extends: name: Azure-Pipelines-1ESPT-ExDShared image: windows-2022 os: windows + sdl: + suppressionFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json customBuildTags: - ES365AIMigrationTooling stages: From e54f3aa28c0b11b528ece18c266db7196e43ae78 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 15:28:51 +0300 Subject: [PATCH 15/40] Corrected credscans declarations --- .azure-pipelines/weekly-examples-update.yml | 2 +- .azure-pipelines/weekly-generation.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index ac1382c1c4c..8879a5e1dbf 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -40,7 +40,7 @@ extends: image: windows-2022 os: windows sdl: - suppressionFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json + suppressionsFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json customBuildTags: - ES365AIMigrationTooling stages: diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 84d04f6a528..28beb76438a 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -66,7 +66,7 @@ extends: image: windows-2022 os: windows sdl: - suppressionFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json + suppressionsFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json customBuildTags: - ES365AIMigrationTooling stages: From f0e821c6c500fe2bc918bb2103db33fe2385dabf Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 15:31:27 +0300 Subject: [PATCH 16/40] Corrected credscan step --- .azure-pipelines/weekly-examples-update.yml | 3 ++- .azure-pipelines/weekly-generation.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index 8879a5e1dbf..51b4351ee19 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -40,7 +40,8 @@ extends: image: windows-2022 os: windows sdl: - suppressionsFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json + credscan: + suppressionsFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json customBuildTags: - ES365AIMigrationTooling stages: diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 28beb76438a..71f29b03f4f 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -66,7 +66,8 @@ extends: image: windows-2022 os: windows sdl: - suppressionsFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json + credscan: + suppressionsFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json customBuildTags: - ES365AIMigrationTooling stages: From ee9c7dd75152184ef67f6246675a8102507af40d Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 16:05:45 +0300 Subject: [PATCH 17/40] Excluded policheck --- .azure-pipelines/weekly-examples-update.yml | 4 +++- .azure-pipelines/weekly-generation.yml | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index 51b4351ee19..fdd30910bf6 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -41,7 +41,9 @@ extends: os: windows sdl: credscan: - suppressionsFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json + suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/cresdscan-suppressions.json + policheck: + exclusionFile: $(Build.SourcesDirectory)/.azure-pipelines/config/policheck/policheck-exclusions.xml customBuildTags: - ES365AIMigrationTooling stages: diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 71f29b03f4f..b5436b63b7c 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -67,7 +67,9 @@ extends: os: windows sdl: credscan: - suppressionsFile: .azure-pipelines/config/credscan/cresdscan-suppressions.json + suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/cresdscan-suppressions.json + policheck: + exclusionFile: $(Build.SourcesDirectory)/.azure-pipelines/config/policheck/policheck-exclusions.xml customBuildTags: - ES365AIMigrationTooling stages: From 4db016b430f364f18e1ea05b9d358a78fd9dbc52 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 16:12:47 +0300 Subject: [PATCH 18/40] Fixed typo --- .azure-pipelines/weekly-examples-update.yml | 2 +- .azure-pipelines/weekly-generation.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index fdd30910bf6..8dc49735d72 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -41,7 +41,7 @@ extends: os: windows sdl: credscan: - suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/cresdscan-suppressions.json + suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan-suppressions.json policheck: exclusionFile: $(Build.SourcesDirectory)/.azure-pipelines/config/policheck/policheck-exclusions.xml customBuildTags: diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index b5436b63b7c..a1edc6f40b7 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -67,7 +67,7 @@ extends: os: windows sdl: credscan: - suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/cresdscan-suppressions.json + suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan-suppressions.json policheck: exclusionFile: $(Build.SourcesDirectory)/.azure-pipelines/config/policheck/policheck-exclusions.xml customBuildTags: From 9a1b69581fe90a56122cfde438986131f45a7783 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 16:41:40 +0300 Subject: [PATCH 19/40] fixed location --- .azure-pipelines/weekly-examples-update.yml | 2 +- .azure-pipelines/weekly-generation.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index 8dc49735d72..7171288d172 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -41,7 +41,7 @@ extends: os: windows sdl: credscan: - suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan-suppressions.json + suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json policheck: exclusionFile: $(Build.SourcesDirectory)/.azure-pipelines/config/policheck/policheck-exclusions.xml customBuildTags: diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index a1edc6f40b7..da7c847470c 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -67,7 +67,7 @@ extends: os: windows sdl: credscan: - suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan-suppressions.json + suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json policheck: exclusionFile: $(Build.SourcesDirectory)/.azure-pipelines/config/policheck/policheck-exclusions.xml customBuildTags: From 9ad94fd142428d2fb98e1e05342e4607b42d44f1 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 17:02:47 +0300 Subject: [PATCH 20/40] Updated credscan file --- .../config/credscan/credscan-suppressions.json | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.azure-pipelines/config/credscan/credscan-suppressions.json b/.azure-pipelines/config/credscan/credscan-suppressions.json index bdea9194004..6e72d6c3c91 100644 --- a/.azure-pipelines/config/credscan/credscan-suppressions.json +++ b/.azure-pipelines/config/credscan/credscan-suppressions.json @@ -5,6 +5,18 @@ "placeholder": "pa$$w0rd", "_justification": "[Applications] hard code password in application password HTTP example" }, + { + "file": [ + "src\\Authentication\\Authentication\\test\\Get-MgContext.Tests.ps1" + ], + "_justification": "[Authentication] Examples contain random values recognized as secret" + }, + { + "file": [ + "autorest.powershell\\docs\\samples\\timeswire\\readme.md" + ], + "_justification": "[AutoRest] Examples contain random values recognized as secret" + }, { "file": [ "src\\Applications\\beta\\examples\\New-MgBetaServicePrincipalPasswordSingleSignOnCredentials.md", @@ -29,6 +41,12 @@ "src\\DeviceManagement.Actions\\beta\\examples\\Update-MgBetaDeviceManagementVirtualEndpointOnPremisConnectionAdDomainPassword.md" ], "_justification": "[DeviceManagement.Actions] Examples contain random values recognized as secret" + }, + { + "file": [ + "tools\\Tests\\loadEnv.md" + ], + "_justification": "[ToolsTest] Examples contain random values recognized as secret" } ] } From 411533e36c5ee7ca90a350935691b02306f82c80 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 17:49:31 +0300 Subject: [PATCH 21/40] Excluded files that have secure string conversion --- .azure-pipelines/config/policheck/policheck-exclusions.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/config/policheck/policheck-exclusions.xml b/.azure-pipelines/config/policheck/policheck-exclusions.xml index f4be34cafab..d69ed49a630 100644 --- a/.azure-pipelines/config/policheck/policheck-exclusions.xml +++ b/.azure-pipelines/config/policheck/policheck-exclusions.xml @@ -7,5 +7,5 @@ - + Get-MgContext.Tests.ps1|loadEnv.ps1 From d6f5b4a28f4ddf2ffba532f523f2595188c8984a Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 26 Mar 2024 18:07:07 +0300 Subject: [PATCH 22/40] Suppressed script analyzert secure string rules --- .azure-pipelines/config/policheck/policheck-exclusions.xml | 2 +- src/Authentication/Authentication/test/Get-MgContext.Tests.ps1 | 3 ++- tools/Tests/loadEnv.ps1 | 3 ++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.azure-pipelines/config/policheck/policheck-exclusions.xml b/.azure-pipelines/config/policheck/policheck-exclusions.xml index d69ed49a630..f4be34cafab 100644 --- a/.azure-pipelines/config/policheck/policheck-exclusions.xml +++ b/.azure-pipelines/config/policheck/policheck-exclusions.xml @@ -7,5 +7,5 @@ - Get-MgContext.Tests.ps1|loadEnv.ps1 + diff --git a/src/Authentication/Authentication/test/Get-MgContext.Tests.ps1 b/src/Authentication/Authentication/test/Get-MgContext.Tests.ps1 index 2cd35fb2e0b..3fcedc75409 100644 --- a/src/Authentication/Authentication/test/Get-MgContext.Tests.ps1 +++ b/src/Authentication/Authentication/test/Get-MgContext.Tests.ps1 @@ -1,7 +1,8 @@ # ------------------------------------------------------------------------------ # Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. # ------------------------------------------------------------------------------ - +[Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingConvertToSecureStringWithPlainText', '', Justification='Just an example for testing purposes.')] +param() BeforeAll { $ModuleName = "Microsoft.Graph.Authentication" $ModulePath = Join-Path $PSScriptRoot "..\artifacts\$ModuleName.psd1" diff --git a/tools/Tests/loadEnv.ps1 b/tools/Tests/loadEnv.ps1 index e9d8834c948..5bacbb633ea 100644 --- a/tools/Tests/loadEnv.ps1 +++ b/tools/Tests/loadEnv.ps1 @@ -11,7 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # ---------------------------------------------------------------------------------- - +[Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingConvertToSecureStringWithPlainText', '', Justification='Just an example for testing purposes.')] +param() if ($TestMode -eq 'live' -or $TestMode -eq 'record') { Connect-MgGraph -ClientId $env:testApp_clientId -TenantId $env:testApp_tenantId -CertificateThumbprint $env:testApp_certThumbprint } From 6128f8d4f178ec01b701b1a90e0ac83212cf2ff3 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 2 Apr 2024 09:42:24 +0300 Subject: [PATCH 23/40] Increased pipeline timeout --- .azure-pipelines/weekly-generation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index da7c847470c..754fea92aee 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -77,7 +77,7 @@ extends: jobs: - job: RefreshOpenAPIDocuments displayName: Refresh OpenApi documents - timeoutInMinutes: 240 + timeoutInMinutes: 1200 steps: - template: .azure-pipelines/common-templates/download-openapi-docs.yml@self parameters: From d43da5ec607581335d95eda18bd1060febb9ba1b Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Wed, 3 Apr 2024 07:49:04 +0300 Subject: [PATCH 24/40] Removed autorest installation step from npm because we are using a local version --- .azure-pipelines/common-templates/install-tools.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.azure-pipelines/common-templates/install-tools.yml b/.azure-pipelines/common-templates/install-tools.yml index 4e4dbfa13a4..753e2db60cb 100644 --- a/.azure-pipelines/common-templates/install-tools.yml +++ b/.azure-pipelines/common-templates/install-tools.yml @@ -30,12 +30,6 @@ steps: displayName: Install NodeJs inputs: versionSpec: 16.x - - - task: Npm@1 - displayName: Install AutoRest - inputs: - command: custom - customCommand: install -g autorest@latest - task: Npm@1 displayName: Install Rush From 2fe2b0c03c6203a7d0f7f9f92f7cfdb6f4c2228f Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Wed, 3 Apr 2024 08:18:15 +0300 Subject: [PATCH 25/40] Restricted autorest installation to 3.0.509 version --- .azure-pipelines/common-templates/install-tools.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.azure-pipelines/common-templates/install-tools.yml b/.azure-pipelines/common-templates/install-tools.yml index 753e2db60cb..4626b72f19b 100644 --- a/.azure-pipelines/common-templates/install-tools.yml +++ b/.azure-pipelines/common-templates/install-tools.yml @@ -30,6 +30,12 @@ steps: displayName: Install NodeJs inputs: versionSpec: 16.x + + - task: Npm@1 + displayName: Install AutoRest + inputs: + command: custom + customCommand: install -g autorest@3.0.509 - task: Npm@1 displayName: Install Rush From f968e16a0220efe29937cb0c5e502d9621427304 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Wed, 3 Apr 2024 08:47:26 +0300 Subject: [PATCH 26/40] Downgraded autorest version --- .azure-pipelines/common-templates/install-tools.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/common-templates/install-tools.yml b/.azure-pipelines/common-templates/install-tools.yml index 4626b72f19b..28120e10827 100644 --- a/.azure-pipelines/common-templates/install-tools.yml +++ b/.azure-pipelines/common-templates/install-tools.yml @@ -35,7 +35,7 @@ steps: displayName: Install AutoRest inputs: command: custom - customCommand: install -g autorest@3.0.509 + customCommand: install -g autorest@3.6.3 - task: Npm@1 displayName: Install Rush From 595290a5dbb3f28b001d1bac53054e8717cc869f Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 4 Apr 2024 12:17:04 +0300 Subject: [PATCH 27/40] Rolled back agent --- .azure-pipelines/weekly-examples-update.yml | 5 +---- .azure-pipelines/weekly-generation.yml | 5 +---- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index 7171288d172..f7aafb15254 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -35,10 +35,7 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: - name: Azure-Pipelines-1ESPT-ExDShared - image: windows-2022 - os: windows + pool: $(BuildAgent) sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 754fea92aee..48e936523f2 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -61,10 +61,7 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: - name: Azure-Pipelines-1ESPT-ExDShared - image: windows-2022 - os: windows + pool: $(BuildAgent) sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json From 535621372b227899dbcd39df45e8852897f7369f Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 4 Apr 2024 12:18:00 +0300 Subject: [PATCH 28/40] Pointed autorest to the latest version --- .azure-pipelines/common-templates/install-tools.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/common-templates/install-tools.yml b/.azure-pipelines/common-templates/install-tools.yml index 28120e10827..4e4dbfa13a4 100644 --- a/.azure-pipelines/common-templates/install-tools.yml +++ b/.azure-pipelines/common-templates/install-tools.yml @@ -35,7 +35,7 @@ steps: displayName: Install AutoRest inputs: command: custom - customCommand: install -g autorest@3.6.3 + customCommand: install -g autorest@latest - task: Npm@1 displayName: Install Rush From 9d33a20687495f7eb0a0d4d12adf87bf88bb42cc Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 4 Apr 2024 12:47:04 +0300 Subject: [PATCH 29/40] Separated pools for source analysis and build --- .azure-pipelines/weekly-generation.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 48e936523f2..bb15185d649 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -63,6 +63,10 @@ extends: parameters: pool: $(BuildAgent) sdl: + sourceAnalysisPool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-latest + os: windows credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json policheck: From 5932da7cc42b3b1510408951ace253816bd9c450 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 4 Apr 2024 15:26:50 +0300 Subject: [PATCH 30/40] Rolled back --- .azure-pipelines/weekly-examples-update.yml | 5 ++++- .azure-pipelines/weekly-generation.yml | 5 ++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index f7aafb15254..206905ba23b 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -35,7 +35,10 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: $(BuildAgent) + pool: + name: Azure-Pipelines-1ESPT-ExDShared + image: windows-latest + os: windows sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index bb15185d649..23d8a232ca1 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -61,12 +61,11 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: $(BuildAgent) - sdl: - sourceAnalysisPool: + pool: name: Azure-Pipelines-1ESPT-ExDShared image: windows-latest os: windows + sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json policheck: From 4a416ecc1e30bdb3084398129affe4c7c498d9f9 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 4 Apr 2024 23:16:39 +0300 Subject: [PATCH 31/40] Used custom build agent for 1ES --- .azure-pipelines/weekly-examples-update.yml | 5 +---- .azure-pipelines/weekly-generation.yml | 5 +---- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index 206905ba23b..f7aafb15254 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -35,10 +35,7 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: - name: Azure-Pipelines-1ESPT-ExDShared - image: windows-latest - os: windows + pool: $(BuildAgent) sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 23d8a232ca1..48e936523f2 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -61,10 +61,7 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: - name: Azure-Pipelines-1ESPT-ExDShared - image: windows-latest - os: windows + pool: $(BuildAgent) sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json From dc71165c08a0a84e6d19ea9cdfb5328213e66971 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Mon, 8 Apr 2024 17:11:15 +0300 Subject: [PATCH 32/40] Updated pool --- .azure-pipelines/weekly-examples-update.yml | 2 +- .azure-pipelines/weekly-generation.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index f7aafb15254..df5b25b8864 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -35,7 +35,7 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: $(BuildAgent) + pool: windows-2022-latest sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 48e936523f2..155b8885698 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -61,7 +61,7 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: $(BuildAgent) + pool: windows-2022-latest sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json From 5234d8a66ca2eee312830d4692c48b49cd9a8021 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 9 Apr 2024 08:57:13 +0300 Subject: [PATCH 33/40] rolled back to the original build agent --- .azure-pipelines/weekly-examples-update.yml | 2 +- .azure-pipelines/weekly-generation.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.azure-pipelines/weekly-examples-update.yml b/.azure-pipelines/weekly-examples-update.yml index df5b25b8864..f7aafb15254 100644 --- a/.azure-pipelines/weekly-examples-update.yml +++ b/.azure-pipelines/weekly-examples-update.yml @@ -35,7 +35,7 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: windows-2022-latest + pool: $(BuildAgent) sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json diff --git a/.azure-pipelines/weekly-generation.yml b/.azure-pipelines/weekly-generation.yml index 155b8885698..48e936523f2 100644 --- a/.azure-pipelines/weekly-generation.yml +++ b/.azure-pipelines/weekly-generation.yml @@ -61,7 +61,7 @@ resources: extends: template: v1/1ES.Official.PipelineTemplate.yml@1ESPipelineTemplates parameters: - pool: windows-2022-latest + pool: $(BuildAgent) sdl: credscan: suppressionsFile: $(Build.SourcesDirectory)/.azure-pipelines/config/credscan/credscan-suppressions.json From dab004642121f8143686c3b353c73a52d2815eb9 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 11 Apr 2024 10:24:54 +0300 Subject: [PATCH 34/40] Excluded bin folder from policheck --- .azure-pipelines/config/policheck/policheck-exclusions.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/config/policheck/policheck-exclusions.xml b/.azure-pipelines/config/policheck/policheck-exclusions.xml index f4be34cafab..1e14f77e1fc 100644 --- a/.azure-pipelines/config/policheck/policheck-exclusions.xml +++ b/.azure-pipelines/config/policheck/policheck-exclusions.xml @@ -3,7 +3,7 @@ - openApiDocs|docs\exports|src\.*\examples + openApiDocs|docs\exports|src\.*\examples|src\.*\bin|src\.*\generated From aef4ffea66cfb2deb829a64b59e89dd2e9fdb4f7 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 11 Apr 2024 10:25:41 +0300 Subject: [PATCH 35/40] Testing with change notifications module first --- config/ModulesMapping.jsonc | 78 ++++++++++++++++++------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/config/ModulesMapping.jsonc b/config/ModulesMapping.jsonc index f2b12132c89..55e513b58ca 100644 --- a/config/ModulesMapping.jsonc +++ b/config/ModulesMapping.jsonc @@ -1,42 +1,42 @@ { - "Applications": "^applicationTemplates\\.|^applications\\.|^servicePrincipals\\.|^onPremisesPublishingProfiles\\.|^users.appRoleAssignment$|^groups.appRoleAssignment$", - "Bookings": "^solutions\\.|^bookingBusinesses\\.|^bookingCurrencies\\.", - "Calendar": "^places\\.|^users.calendar$|^users.calendarGroup$|^users.event$|^groups.calendar$|^groups.event$", + // "Applications": "^applicationTemplates\\.|^applications\\.|^servicePrincipals\\.|^onPremisesPublishingProfiles\\.|^users.appRoleAssignment$|^groups.appRoleAssignment$", + // "Bookings": "^solutions\\.|^bookingBusinesses\\.|^bookingCurrencies\\.", + // "Calendar": "^places\\.|^users.calendar$|^users.calendarGroup$|^users.event$|^groups.calendar$|^groups.event$", "ChangeNotifications": "^subscriptions\\.", - "CloudCommunications": "^users.onlineMeeting$|^users.presence$|^communications\\.", - "Compliance": "^compliance\\.|^privacy.subjectRightsRequest$", - "CrossDeviceExperiences": "^users.userActivity$|^users.device$", - "Devices.CloudPrint": "^print\\.", - "Devices.CorporateManagement": "^deviceAppManagement\\.|^officeConfiguration\\.|^users.mobileAppIntentAndState$|^users.mobileAppTroubleshootingEvent$|^users.windowsInformationProtectionDeviceRegistration$|^users.managedAppRegistration$|^users.managedDevice$|^users.deviceManagementTroubleshootingEvent$|^users.deviceEnrollmentConfiguration$", - "Devices.ServiceAnnouncement": "^admin.serviceAnnouncement$|^admin.Actions$|^admin.Functions$", - "DeviceManagement": "^deviceManagement.(deviceCompliancePolicy.*|deviceManagementConfigurationPolicy.*|deviceManagementCompliancePolicy.*|deviceManagementConfigurationSettingDefinition.*|deviceConfiguration.*|managedDevice.*|managementCondition.*|microsoftTunnel.*|userExperienceAnalytics.*|windowsInformationProtection.*|deviceManagement|deviceManagement(DerivedCredentialSettings|Intent|ResourceAccessProfileBase|Script|SettingCategory|SettingDefinition|Template|TroubleshootingEvent)|androidForWork(AppConfigurationSchema|Settings)|androidManagedStore(AccountEnterpriseSettings|AppConfigurationSchema)|deviceAndAppManagementAssignmentFilter|deviceCategory|advancedThreatProtectionOnboardingStateSummary|dataSharingConsent|detectedApp|deviceHealthScript|deviceShellScript|embeddedSIMActivationCodePool|groupPolicyConfiguration|macOSSoftwareUpdateAccountSummary|mobileAppTroubleshootingEvent|notificationMessageTemplate|remoteActionAudit|softwareUpdateStatusSummary|windowsMalwareInformation|windowsQualityUpdateProfile)$|^admin.edge$|^deviceManagement.monitoring$|^users.ListCloudPCs$", - "DeviceManagement.Administration": "^deviceManagement.(virtualEndpoint.*|.*Partner.*|.*Certificate.*|.*role.*|deviceManagement(DomainJoinConnector|ExchangeConnector|ExchangeOnPremisesPolicy)|groupPolicy(Category|Definition|DefinitionFile|MigrationReport|ObjectFile|UploadedDefinitionFile)|auditEvent|cartToClassAssociation|comanagementEligibleDevice|deviceAndAppManagementRoleAssignment|intuneBrandingProfile|iosUpdateDeviceStatus|mobileThreatDefenseConnector|ndesConnector|resourceOperation|restrictedAppsViolation|termsAndConditions)", - "DeviceManagement.Enrollment": "^deviceManagement.(.*Enrollment.*|.*Autopilot.*|.*depOnboarding.*|importedDeviceIdentity|onPremisesConditionalAccessSettings|windowsFeatureUpdateProfile)$|^roleManagement.roleManagement$|^roleManagement.rbacApplicationMultiple$|^roleManagement.unifiedRbacApplication$", - "DeviceManagement.Actions": "^deviceManagement.Actions$", - "DeviceManagement.Functions": "^deviceManagement.Functions$", - "DirectoryObjects": "^directoryObjects\\.", - "Education": "^education\\.", - "Files": "^drives\\.|^shares\\.|^users.drive$|^groups.drive$", - "Financials": "^financials\\.", - "Groups": "^groups.group$|^groups.directoryObject$|^groups.conversation$|^groups.endpoint$|^groups.extension$|^groups.groupLifecyclePolicy$|^groups.resourceSpecificPermissionGrant$|^groups.profilePhoto$|^groups.conversationThread$|^groupLifecyclePolicies\\.|^users.group$|^groups.directorySetting$|^groups.Actions$|^groups.Functions$|^groupSettings\\.|^groups.groupSetting$|^groupSettingTemplates\\.", - "Identity.DirectoryManagement": "^administrativeUnits\\.|^contacts\\.|^devices\\.|^domains\\.|^directoryRoles\\.|^directoryRoleTemplates\\.|^directorySettingTemplates\\.|^settings\\.|^subscribedSkus\\.|^contracts\\.|^directory\\.|^users.scopedRoleMembership$|^organization.organization$|^organization.organizationalBranding$|^organization.organizationSettings$|^organization.Actions$|^organization.extension$|^tenantRelationships.Actions$|admin.peopleAdminSettings$|^organization\\.partnerInformation$", - "Identity.Governance": "^accessReviews\\.|^businessFlowTemplates\\.|^programs\\.|^programControls\\.|^programControlTypes\\.|^privilegedRoles\\.|^privilegedRoleAssignments\\.|^privilegedRoleAssignmentRequests\\.|^privilegedApproval\\.|^privilegedOperationEvents\\.|^privilegedAccess\\.|^agreements\\.|^users.agreementAcceptance$|^identityGovernance\\.|^roleManagement.rbacApplication$|^roleManagement.Functions$|roleManagement.Actions$", - "Identity.SignIns": "^organization.certificateBasedAuthConfiguration$|^invitations\\.|^identityProviders\\.|^oauth2PermissionGrants\\.|^identityProtection\\.|^dataPolicyOperations\\.|^identity\\.|^trustFramework\\.|^informationProtection\\.|^policies\\.|^users.authentication$|^users.informationProtection$|^tenantRelationships.multiTenantOrganization$", - "Identity.Partner": "^tenantRelationships.delegatedAdminRelationship$|^tenantRelationships.delegatedAdminCustomer$", - "Mail": "^users.inferenceClassification$|^users.mailFolder$|^users.message$", - "ManagedTenants": "^tenantRelationships.managedTenant$", - "Notes": "^users.onenote$|^groups.onenote$|^sites.onenote$", - "People": "^users.person$|^users.profile$|^users.officeGraphInsights$|^users.userAnalytics$", - "PersonalContacts": "^users.contactFolder$|^users.contact$", - "Planner": "^planner\\.|^users.plannerUser$|^groups.plannerGroup$", - "Reports": "^reports\\.|^auditLogs\\.|^deviceManagement.deviceManagementReports$|^admin.adminReportSetting", - "SchemaExtensions": "^schemaExtensions\\.", - "Search": "^search\\.|^external\\.", - "Security": "^security\\.|^users.security$", - "Sites": "^sites.baseSitePage$|^sites.site$|^sites.itemAnalytics$|^sites.columnDefinition$|^sites.contentType$|^sites.drive$|^sites.list$|^sites.sitePage$|^sites.permission$|^sites.store$|^users.site$|^groups.site$|^sites.Functions$|^sites.Actions$|^sites.richLongRunningOperation$|^termStore.sets.ListChildren$|^admin.sharepoint$", - "Teams": "^teams\\.|^chats\\.|^users.chat$|^appCatalogs.teamsApp$|^users.userTeamwork$|^teamwork\\.|^users.team$|^groups.team$", - "Users": "^users.user$|^users.directoryObject$|^users.licenseDetails$|^users.mailboxSettings|^users.notification$|^users.outlookUser$|^users.profilePhoto$|^users.userSettings$|^users.extension$|^users.oAuth2PermissionGrant$|^users.todo$|^users.itemInsights$|^users.servicePrincipal$", - "Users.Actions": "^users.Actions$", - "Users.Functions": "^users.Functions$", - "WindowsUpdates": "^admin.adminWindows$|^admin.Actions$|^admin.Functions$" + // "CloudCommunications": "^users.onlineMeeting$|^users.presence$|^communications\\.", + // "Compliance": "^compliance\\.|^privacy.subjectRightsRequest$", + // "CrossDeviceExperiences": "^users.userActivity$|^users.device$", + // "Devices.CloudPrint": "^print\\.", + // "Devices.CorporateManagement": "^deviceAppManagement\\.|^officeConfiguration\\.|^users.mobileAppIntentAndState$|^users.mobileAppTroubleshootingEvent$|^users.windowsInformationProtectionDeviceRegistration$|^users.managedAppRegistration$|^users.managedDevice$|^users.deviceManagementTroubleshootingEvent$|^users.deviceEnrollmentConfiguration$", + // "Devices.ServiceAnnouncement": "^admin.serviceAnnouncement$|^admin.Actions$|^admin.Functions$", + // "DeviceManagement": "^deviceManagement.(deviceCompliancePolicy.*|deviceManagementConfigurationPolicy.*|deviceManagementCompliancePolicy.*|deviceManagementConfigurationSettingDefinition.*|deviceConfiguration.*|managedDevice.*|managementCondition.*|microsoftTunnel.*|userExperienceAnalytics.*|windowsInformationProtection.*|deviceManagement|deviceManagement(DerivedCredentialSettings|Intent|ResourceAccessProfileBase|Script|SettingCategory|SettingDefinition|Template|TroubleshootingEvent)|androidForWork(AppConfigurationSchema|Settings)|androidManagedStore(AccountEnterpriseSettings|AppConfigurationSchema)|deviceAndAppManagementAssignmentFilter|deviceCategory|advancedThreatProtectionOnboardingStateSummary|dataSharingConsent|detectedApp|deviceHealthScript|deviceShellScript|embeddedSIMActivationCodePool|groupPolicyConfiguration|macOSSoftwareUpdateAccountSummary|mobileAppTroubleshootingEvent|notificationMessageTemplate|remoteActionAudit|softwareUpdateStatusSummary|windowsMalwareInformation|windowsQualityUpdateProfile)$|^admin.edge$|^deviceManagement.monitoring$|^users.ListCloudPCs$", + // "DeviceManagement.Administration": "^deviceManagement.(virtualEndpoint.*|.*Partner.*|.*Certificate.*|.*role.*|deviceManagement(DomainJoinConnector|ExchangeConnector|ExchangeOnPremisesPolicy)|groupPolicy(Category|Definition|DefinitionFile|MigrationReport|ObjectFile|UploadedDefinitionFile)|auditEvent|cartToClassAssociation|comanagementEligibleDevice|deviceAndAppManagementRoleAssignment|intuneBrandingProfile|iosUpdateDeviceStatus|mobileThreatDefenseConnector|ndesConnector|resourceOperation|restrictedAppsViolation|termsAndConditions)", + // "DeviceManagement.Enrollment": "^deviceManagement.(.*Enrollment.*|.*Autopilot.*|.*depOnboarding.*|importedDeviceIdentity|onPremisesConditionalAccessSettings|windowsFeatureUpdateProfile)$|^roleManagement.roleManagement$|^roleManagement.rbacApplicationMultiple$|^roleManagement.unifiedRbacApplication$", + // "DeviceManagement.Actions": "^deviceManagement.Actions$", + // "DeviceManagement.Functions": "^deviceManagement.Functions$", + // "DirectoryObjects": "^directoryObjects\\.", + // "Education": "^education\\.", + // "Files": "^drives\\.|^shares\\.|^users.drive$|^groups.drive$", + // "Financials": "^financials\\.", + // "Groups": "^groups.group$|^groups.directoryObject$|^groups.conversation$|^groups.endpoint$|^groups.extension$|^groups.groupLifecyclePolicy$|^groups.resourceSpecificPermissionGrant$|^groups.profilePhoto$|^groups.conversationThread$|^groupLifecyclePolicies\\.|^users.group$|^groups.directorySetting$|^groups.Actions$|^groups.Functions$|^groupSettings\\.|^groups.groupSetting$|^groupSettingTemplates\\.", + // "Identity.DirectoryManagement": "^administrativeUnits\\.|^contacts\\.|^devices\\.|^domains\\.|^directoryRoles\\.|^directoryRoleTemplates\\.|^directorySettingTemplates\\.|^settings\\.|^subscribedSkus\\.|^contracts\\.|^directory\\.|^users.scopedRoleMembership$|^organization.organization$|^organization.organizationalBranding$|^organization.organizationSettings$|^organization.Actions$|^organization.extension$|^tenantRelationships.Actions$|admin.peopleAdminSettings$|^organization\\.partnerInformation$", + // "Identity.Governance": "^accessReviews\\.|^businessFlowTemplates\\.|^programs\\.|^programControls\\.|^programControlTypes\\.|^privilegedRoles\\.|^privilegedRoleAssignments\\.|^privilegedRoleAssignmentRequests\\.|^privilegedApproval\\.|^privilegedOperationEvents\\.|^privilegedAccess\\.|^agreements\\.|^users.agreementAcceptance$|^identityGovernance\\.|^roleManagement.rbacApplication$|^roleManagement.Functions$|roleManagement.Actions$", + // "Identity.SignIns": "^organization.certificateBasedAuthConfiguration$|^invitations\\.|^identityProviders\\.|^oauth2PermissionGrants\\.|^identityProtection\\.|^dataPolicyOperations\\.|^identity\\.|^trustFramework\\.|^informationProtection\\.|^policies\\.|^users.authentication$|^users.informationProtection$|^tenantRelationships.multiTenantOrganization$", + // "Identity.Partner": "^tenantRelationships.delegatedAdminRelationship$|^tenantRelationships.delegatedAdminCustomer$", + // "Mail": "^users.inferenceClassification$|^users.mailFolder$|^users.message$", + // "ManagedTenants": "^tenantRelationships.managedTenant$", + // "Notes": "^users.onenote$|^groups.onenote$|^sites.onenote$", + // "People": "^users.person$|^users.profile$|^users.officeGraphInsights$|^users.userAnalytics$", + // "PersonalContacts": "^users.contactFolder$|^users.contact$", + // "Planner": "^planner\\.|^users.plannerUser$|^groups.plannerGroup$", + // "Reports": "^reports\\.|^auditLogs\\.|^deviceManagement.deviceManagementReports$|^admin.adminReportSetting", + // "SchemaExtensions": "^schemaExtensions\\.", + // "Search": "^search\\.|^external\\.", + // "Security": "^security\\.|^users.security$", + // "Sites": "^sites.baseSitePage$|^sites.site$|^sites.itemAnalytics$|^sites.columnDefinition$|^sites.contentType$|^sites.drive$|^sites.list$|^sites.sitePage$|^sites.permission$|^sites.store$|^users.site$|^groups.site$|^sites.Functions$|^sites.Actions$|^sites.richLongRunningOperation$|^termStore.sets.ListChildren$|^admin.sharepoint$", + // "Teams": "^teams\\.|^chats\\.|^users.chat$|^appCatalogs.teamsApp$|^users.userTeamwork$|^teamwork\\.|^users.team$|^groups.team$", + // "Users": "^users.user$|^users.directoryObject$|^users.licenseDetails$|^users.mailboxSettings|^users.notification$|^users.outlookUser$|^users.profilePhoto$|^users.userSettings$|^users.extension$|^users.oAuth2PermissionGrant$|^users.todo$|^users.itemInsights$|^users.servicePrincipal$", + // "Users.Actions": "^users.Actions$", + // "Users.Functions": "^users.Functions$", + // "WindowsUpdates": "^admin.adminWindows$|^admin.Actions$|^admin.Functions$" } \ No newline at end of file From e26e760192a78410eecadb1d760565586e91014e Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 11 Apr 2024 11:33:00 +0300 Subject: [PATCH 36/40] Added auth helper tests to credscan --- .azure-pipelines/config/credscan/credscan-suppressions.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.azure-pipelines/config/credscan/credscan-suppressions.json b/.azure-pipelines/config/credscan/credscan-suppressions.json index 6e72d6c3c91..5209673e8c9 100644 --- a/.azure-pipelines/config/credscan/credscan-suppressions.json +++ b/.azure-pipelines/config/credscan/credscan-suppressions.json @@ -7,7 +7,8 @@ }, { "file": [ - "src\\Authentication\\Authentication\\test\\Get-MgContext.Tests.ps1" + "src\\Authentication\\Authentication\\test\\Get-MgContext.Tests.ps1", + "src\\Authentication\\Authentication.Test\\Helpers\\AuthenticationHelpersTests.cs" ], "_justification": "[Authentication] Examples contain random values recognized as secret" }, From 1937a68593142ad0b68b62b79fcc7cfc6bf4826e Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 11 Apr 2024 12:20:39 +0300 Subject: [PATCH 37/40] Excluded AuthenticationHelperTests --- .azure-pipelines/config/policheck/policheck-exclusions.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure-pipelines/config/policheck/policheck-exclusions.xml b/.azure-pipelines/config/policheck/policheck-exclusions.xml index 1e14f77e1fc..5bb37092719 100644 --- a/.azure-pipelines/config/policheck/policheck-exclusions.xml +++ b/.azure-pipelines/config/policheck/policheck-exclusions.xml @@ -7,5 +7,5 @@ - + AuthenticationHelpersTests.cs From c5b2b23661b8723bd970df20327ebe54919083ae Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 11 Apr 2024 13:11:50 +0300 Subject: [PATCH 38/40] Added self cert password suppression --- .azure-pipelines/config/credscan/credscan-suppressions.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.azure-pipelines/config/credscan/credscan-suppressions.json b/.azure-pipelines/config/credscan/credscan-suppressions.json index 5209673e8c9..5f28ef7e574 100644 --- a/.azure-pipelines/config/credscan/credscan-suppressions.json +++ b/.azure-pipelines/config/credscan/credscan-suppressions.json @@ -5,9 +5,14 @@ "placeholder": "pa$$w0rd", "_justification": "[Applications] hard code password in application password HTTP example" }, + { + "placeholder": "P@55w0rd", + "_justification": "[AuthenticationTests] hard code password in AuthenticationTest for self signed certificate" + }, { "file": [ "src\\Authentication\\Authentication\\test\\Get-MgContext.Tests.ps1", + "src\\Authentication\\Authentication.Test\\Helpers\\AuthenticationHelpersTests.cs", "src\\Authentication\\Authentication.Test\\Helpers\\AuthenticationHelpersTests.cs" ], "_justification": "[Authentication] Examples contain random values recognized as secret" From f152a5dc6d2a0e21b327308eecdbbaf25925e586 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 11 Apr 2024 15:53:19 +0300 Subject: [PATCH 39/40] Disabled rosylyn error --- .../Authentication.Test/Helpers/AuthenticationHelpersTests.cs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Authentication/Authentication.Test/Helpers/AuthenticationHelpersTests.cs b/src/Authentication/Authentication.Test/Helpers/AuthenticationHelpersTests.cs index d9dbc26e8be..e337dae06a7 100644 --- a/src/Authentication/Authentication.Test/Helpers/AuthenticationHelpersTests.cs +++ b/src/Authentication/Authentication.Test/Helpers/AuthenticationHelpersTests.cs @@ -324,6 +324,8 @@ private static X509Certificate2 CreateAndStoreSelfSignedCert(string certName, St /// /// /// + + #pragma warning disable IA5352 private static X509Certificate2 CreateSelfSignedCert(string certName) { ECDsa ecdsaKey = ECDsa.Create(); From e2dab4db1dc1709015052b85b8b22e3a1878cfb0 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Thu, 11 Apr 2024 16:58:29 +0300 Subject: [PATCH 40/40] Added back the other modules after testing --- config/ModulesMapping.jsonc | 78 ++++++++++++++++++------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/config/ModulesMapping.jsonc b/config/ModulesMapping.jsonc index 55e513b58ca..f2b12132c89 100644 --- a/config/ModulesMapping.jsonc +++ b/config/ModulesMapping.jsonc @@ -1,42 +1,42 @@ { - // "Applications": "^applicationTemplates\\.|^applications\\.|^servicePrincipals\\.|^onPremisesPublishingProfiles\\.|^users.appRoleAssignment$|^groups.appRoleAssignment$", - // "Bookings": "^solutions\\.|^bookingBusinesses\\.|^bookingCurrencies\\.", - // "Calendar": "^places\\.|^users.calendar$|^users.calendarGroup$|^users.event$|^groups.calendar$|^groups.event$", + "Applications": "^applicationTemplates\\.|^applications\\.|^servicePrincipals\\.|^onPremisesPublishingProfiles\\.|^users.appRoleAssignment$|^groups.appRoleAssignment$", + "Bookings": "^solutions\\.|^bookingBusinesses\\.|^bookingCurrencies\\.", + "Calendar": "^places\\.|^users.calendar$|^users.calendarGroup$|^users.event$|^groups.calendar$|^groups.event$", "ChangeNotifications": "^subscriptions\\.", - // "CloudCommunications": "^users.onlineMeeting$|^users.presence$|^communications\\.", - // "Compliance": "^compliance\\.|^privacy.subjectRightsRequest$", - // "CrossDeviceExperiences": "^users.userActivity$|^users.device$", - // "Devices.CloudPrint": "^print\\.", - // "Devices.CorporateManagement": "^deviceAppManagement\\.|^officeConfiguration\\.|^users.mobileAppIntentAndState$|^users.mobileAppTroubleshootingEvent$|^users.windowsInformationProtectionDeviceRegistration$|^users.managedAppRegistration$|^users.managedDevice$|^users.deviceManagementTroubleshootingEvent$|^users.deviceEnrollmentConfiguration$", - // "Devices.ServiceAnnouncement": "^admin.serviceAnnouncement$|^admin.Actions$|^admin.Functions$", - // "DeviceManagement": "^deviceManagement.(deviceCompliancePolicy.*|deviceManagementConfigurationPolicy.*|deviceManagementCompliancePolicy.*|deviceManagementConfigurationSettingDefinition.*|deviceConfiguration.*|managedDevice.*|managementCondition.*|microsoftTunnel.*|userExperienceAnalytics.*|windowsInformationProtection.*|deviceManagement|deviceManagement(DerivedCredentialSettings|Intent|ResourceAccessProfileBase|Script|SettingCategory|SettingDefinition|Template|TroubleshootingEvent)|androidForWork(AppConfigurationSchema|Settings)|androidManagedStore(AccountEnterpriseSettings|AppConfigurationSchema)|deviceAndAppManagementAssignmentFilter|deviceCategory|advancedThreatProtectionOnboardingStateSummary|dataSharingConsent|detectedApp|deviceHealthScript|deviceShellScript|embeddedSIMActivationCodePool|groupPolicyConfiguration|macOSSoftwareUpdateAccountSummary|mobileAppTroubleshootingEvent|notificationMessageTemplate|remoteActionAudit|softwareUpdateStatusSummary|windowsMalwareInformation|windowsQualityUpdateProfile)$|^admin.edge$|^deviceManagement.monitoring$|^users.ListCloudPCs$", - // "DeviceManagement.Administration": "^deviceManagement.(virtualEndpoint.*|.*Partner.*|.*Certificate.*|.*role.*|deviceManagement(DomainJoinConnector|ExchangeConnector|ExchangeOnPremisesPolicy)|groupPolicy(Category|Definition|DefinitionFile|MigrationReport|ObjectFile|UploadedDefinitionFile)|auditEvent|cartToClassAssociation|comanagementEligibleDevice|deviceAndAppManagementRoleAssignment|intuneBrandingProfile|iosUpdateDeviceStatus|mobileThreatDefenseConnector|ndesConnector|resourceOperation|restrictedAppsViolation|termsAndConditions)", - // "DeviceManagement.Enrollment": "^deviceManagement.(.*Enrollment.*|.*Autopilot.*|.*depOnboarding.*|importedDeviceIdentity|onPremisesConditionalAccessSettings|windowsFeatureUpdateProfile)$|^roleManagement.roleManagement$|^roleManagement.rbacApplicationMultiple$|^roleManagement.unifiedRbacApplication$", - // "DeviceManagement.Actions": "^deviceManagement.Actions$", - // "DeviceManagement.Functions": "^deviceManagement.Functions$", - // "DirectoryObjects": "^directoryObjects\\.", - // "Education": "^education\\.", - // "Files": "^drives\\.|^shares\\.|^users.drive$|^groups.drive$", - // "Financials": "^financials\\.", - // "Groups": "^groups.group$|^groups.directoryObject$|^groups.conversation$|^groups.endpoint$|^groups.extension$|^groups.groupLifecyclePolicy$|^groups.resourceSpecificPermissionGrant$|^groups.profilePhoto$|^groups.conversationThread$|^groupLifecyclePolicies\\.|^users.group$|^groups.directorySetting$|^groups.Actions$|^groups.Functions$|^groupSettings\\.|^groups.groupSetting$|^groupSettingTemplates\\.", - // "Identity.DirectoryManagement": "^administrativeUnits\\.|^contacts\\.|^devices\\.|^domains\\.|^directoryRoles\\.|^directoryRoleTemplates\\.|^directorySettingTemplates\\.|^settings\\.|^subscribedSkus\\.|^contracts\\.|^directory\\.|^users.scopedRoleMembership$|^organization.organization$|^organization.organizationalBranding$|^organization.organizationSettings$|^organization.Actions$|^organization.extension$|^tenantRelationships.Actions$|admin.peopleAdminSettings$|^organization\\.partnerInformation$", - // "Identity.Governance": "^accessReviews\\.|^businessFlowTemplates\\.|^programs\\.|^programControls\\.|^programControlTypes\\.|^privilegedRoles\\.|^privilegedRoleAssignments\\.|^privilegedRoleAssignmentRequests\\.|^privilegedApproval\\.|^privilegedOperationEvents\\.|^privilegedAccess\\.|^agreements\\.|^users.agreementAcceptance$|^identityGovernance\\.|^roleManagement.rbacApplication$|^roleManagement.Functions$|roleManagement.Actions$", - // "Identity.SignIns": "^organization.certificateBasedAuthConfiguration$|^invitations\\.|^identityProviders\\.|^oauth2PermissionGrants\\.|^identityProtection\\.|^dataPolicyOperations\\.|^identity\\.|^trustFramework\\.|^informationProtection\\.|^policies\\.|^users.authentication$|^users.informationProtection$|^tenantRelationships.multiTenantOrganization$", - // "Identity.Partner": "^tenantRelationships.delegatedAdminRelationship$|^tenantRelationships.delegatedAdminCustomer$", - // "Mail": "^users.inferenceClassification$|^users.mailFolder$|^users.message$", - // "ManagedTenants": "^tenantRelationships.managedTenant$", - // "Notes": "^users.onenote$|^groups.onenote$|^sites.onenote$", - // "People": "^users.person$|^users.profile$|^users.officeGraphInsights$|^users.userAnalytics$", - // "PersonalContacts": "^users.contactFolder$|^users.contact$", - // "Planner": "^planner\\.|^users.plannerUser$|^groups.plannerGroup$", - // "Reports": "^reports\\.|^auditLogs\\.|^deviceManagement.deviceManagementReports$|^admin.adminReportSetting", - // "SchemaExtensions": "^schemaExtensions\\.", - // "Search": "^search\\.|^external\\.", - // "Security": "^security\\.|^users.security$", - // "Sites": "^sites.baseSitePage$|^sites.site$|^sites.itemAnalytics$|^sites.columnDefinition$|^sites.contentType$|^sites.drive$|^sites.list$|^sites.sitePage$|^sites.permission$|^sites.store$|^users.site$|^groups.site$|^sites.Functions$|^sites.Actions$|^sites.richLongRunningOperation$|^termStore.sets.ListChildren$|^admin.sharepoint$", - // "Teams": "^teams\\.|^chats\\.|^users.chat$|^appCatalogs.teamsApp$|^users.userTeamwork$|^teamwork\\.|^users.team$|^groups.team$", - // "Users": "^users.user$|^users.directoryObject$|^users.licenseDetails$|^users.mailboxSettings|^users.notification$|^users.outlookUser$|^users.profilePhoto$|^users.userSettings$|^users.extension$|^users.oAuth2PermissionGrant$|^users.todo$|^users.itemInsights$|^users.servicePrincipal$", - // "Users.Actions": "^users.Actions$", - // "Users.Functions": "^users.Functions$", - // "WindowsUpdates": "^admin.adminWindows$|^admin.Actions$|^admin.Functions$" + "CloudCommunications": "^users.onlineMeeting$|^users.presence$|^communications\\.", + "Compliance": "^compliance\\.|^privacy.subjectRightsRequest$", + "CrossDeviceExperiences": "^users.userActivity$|^users.device$", + "Devices.CloudPrint": "^print\\.", + "Devices.CorporateManagement": "^deviceAppManagement\\.|^officeConfiguration\\.|^users.mobileAppIntentAndState$|^users.mobileAppTroubleshootingEvent$|^users.windowsInformationProtectionDeviceRegistration$|^users.managedAppRegistration$|^users.managedDevice$|^users.deviceManagementTroubleshootingEvent$|^users.deviceEnrollmentConfiguration$", + "Devices.ServiceAnnouncement": "^admin.serviceAnnouncement$|^admin.Actions$|^admin.Functions$", + "DeviceManagement": "^deviceManagement.(deviceCompliancePolicy.*|deviceManagementConfigurationPolicy.*|deviceManagementCompliancePolicy.*|deviceManagementConfigurationSettingDefinition.*|deviceConfiguration.*|managedDevice.*|managementCondition.*|microsoftTunnel.*|userExperienceAnalytics.*|windowsInformationProtection.*|deviceManagement|deviceManagement(DerivedCredentialSettings|Intent|ResourceAccessProfileBase|Script|SettingCategory|SettingDefinition|Template|TroubleshootingEvent)|androidForWork(AppConfigurationSchema|Settings)|androidManagedStore(AccountEnterpriseSettings|AppConfigurationSchema)|deviceAndAppManagementAssignmentFilter|deviceCategory|advancedThreatProtectionOnboardingStateSummary|dataSharingConsent|detectedApp|deviceHealthScript|deviceShellScript|embeddedSIMActivationCodePool|groupPolicyConfiguration|macOSSoftwareUpdateAccountSummary|mobileAppTroubleshootingEvent|notificationMessageTemplate|remoteActionAudit|softwareUpdateStatusSummary|windowsMalwareInformation|windowsQualityUpdateProfile)$|^admin.edge$|^deviceManagement.monitoring$|^users.ListCloudPCs$", + "DeviceManagement.Administration": "^deviceManagement.(virtualEndpoint.*|.*Partner.*|.*Certificate.*|.*role.*|deviceManagement(DomainJoinConnector|ExchangeConnector|ExchangeOnPremisesPolicy)|groupPolicy(Category|Definition|DefinitionFile|MigrationReport|ObjectFile|UploadedDefinitionFile)|auditEvent|cartToClassAssociation|comanagementEligibleDevice|deviceAndAppManagementRoleAssignment|intuneBrandingProfile|iosUpdateDeviceStatus|mobileThreatDefenseConnector|ndesConnector|resourceOperation|restrictedAppsViolation|termsAndConditions)", + "DeviceManagement.Enrollment": "^deviceManagement.(.*Enrollment.*|.*Autopilot.*|.*depOnboarding.*|importedDeviceIdentity|onPremisesConditionalAccessSettings|windowsFeatureUpdateProfile)$|^roleManagement.roleManagement$|^roleManagement.rbacApplicationMultiple$|^roleManagement.unifiedRbacApplication$", + "DeviceManagement.Actions": "^deviceManagement.Actions$", + "DeviceManagement.Functions": "^deviceManagement.Functions$", + "DirectoryObjects": "^directoryObjects\\.", + "Education": "^education\\.", + "Files": "^drives\\.|^shares\\.|^users.drive$|^groups.drive$", + "Financials": "^financials\\.", + "Groups": "^groups.group$|^groups.directoryObject$|^groups.conversation$|^groups.endpoint$|^groups.extension$|^groups.groupLifecyclePolicy$|^groups.resourceSpecificPermissionGrant$|^groups.profilePhoto$|^groups.conversationThread$|^groupLifecyclePolicies\\.|^users.group$|^groups.directorySetting$|^groups.Actions$|^groups.Functions$|^groupSettings\\.|^groups.groupSetting$|^groupSettingTemplates\\.", + "Identity.DirectoryManagement": "^administrativeUnits\\.|^contacts\\.|^devices\\.|^domains\\.|^directoryRoles\\.|^directoryRoleTemplates\\.|^directorySettingTemplates\\.|^settings\\.|^subscribedSkus\\.|^contracts\\.|^directory\\.|^users.scopedRoleMembership$|^organization.organization$|^organization.organizationalBranding$|^organization.organizationSettings$|^organization.Actions$|^organization.extension$|^tenantRelationships.Actions$|admin.peopleAdminSettings$|^organization\\.partnerInformation$", + "Identity.Governance": "^accessReviews\\.|^businessFlowTemplates\\.|^programs\\.|^programControls\\.|^programControlTypes\\.|^privilegedRoles\\.|^privilegedRoleAssignments\\.|^privilegedRoleAssignmentRequests\\.|^privilegedApproval\\.|^privilegedOperationEvents\\.|^privilegedAccess\\.|^agreements\\.|^users.agreementAcceptance$|^identityGovernance\\.|^roleManagement.rbacApplication$|^roleManagement.Functions$|roleManagement.Actions$", + "Identity.SignIns": "^organization.certificateBasedAuthConfiguration$|^invitations\\.|^identityProviders\\.|^oauth2PermissionGrants\\.|^identityProtection\\.|^dataPolicyOperations\\.|^identity\\.|^trustFramework\\.|^informationProtection\\.|^policies\\.|^users.authentication$|^users.informationProtection$|^tenantRelationships.multiTenantOrganization$", + "Identity.Partner": "^tenantRelationships.delegatedAdminRelationship$|^tenantRelationships.delegatedAdminCustomer$", + "Mail": "^users.inferenceClassification$|^users.mailFolder$|^users.message$", + "ManagedTenants": "^tenantRelationships.managedTenant$", + "Notes": "^users.onenote$|^groups.onenote$|^sites.onenote$", + "People": "^users.person$|^users.profile$|^users.officeGraphInsights$|^users.userAnalytics$", + "PersonalContacts": "^users.contactFolder$|^users.contact$", + "Planner": "^planner\\.|^users.plannerUser$|^groups.plannerGroup$", + "Reports": "^reports\\.|^auditLogs\\.|^deviceManagement.deviceManagementReports$|^admin.adminReportSetting", + "SchemaExtensions": "^schemaExtensions\\.", + "Search": "^search\\.|^external\\.", + "Security": "^security\\.|^users.security$", + "Sites": "^sites.baseSitePage$|^sites.site$|^sites.itemAnalytics$|^sites.columnDefinition$|^sites.contentType$|^sites.drive$|^sites.list$|^sites.sitePage$|^sites.permission$|^sites.store$|^users.site$|^groups.site$|^sites.Functions$|^sites.Actions$|^sites.richLongRunningOperation$|^termStore.sets.ListChildren$|^admin.sharepoint$", + "Teams": "^teams\\.|^chats\\.|^users.chat$|^appCatalogs.teamsApp$|^users.userTeamwork$|^teamwork\\.|^users.team$|^groups.team$", + "Users": "^users.user$|^users.directoryObject$|^users.licenseDetails$|^users.mailboxSettings|^users.notification$|^users.outlookUser$|^users.profilePhoto$|^users.userSettings$|^users.extension$|^users.oAuth2PermissionGrant$|^users.todo$|^users.itemInsights$|^users.servicePrincipal$", + "Users.Actions": "^users.Actions$", + "Users.Functions": "^users.Functions$", + "WindowsUpdates": "^admin.adminWindows$|^admin.Actions$|^admin.Functions$" } \ No newline at end of file