Skip to content

Commit

Permalink
Merge pull request #83 from KelvinTegelaar/dev
Browse files Browse the repository at this point in the history
[pull] dev from KelvinTegelaar:dev
  • Loading branch information
kris6673 authored Aug 14, 2024
2 parents d2bcc59 + dedfff8 commit 546fe28
Show file tree
Hide file tree
Showing 144 changed files with 6,024 additions and 690 deletions.
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions

name: Build and deploy Powershell project to Azure Function App - cippz6s4d
name: Build and deploy Powershell project to Azure Function App - cipp4i6t3

on:
push:
Expand All @@ -24,7 +24,7 @@ jobs:
uses: Azure/functions-action@v1
id: fa
with:
app-name: 'cippz6s4d'
app-name: 'cipp4i6t3'
slot-name: 'Production'
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_D27E7CF0887F4E4591F3957CCA96F0FD }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_9D257A31ACA24925A112AF5FFC2BEAFE }}
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions

name: Build and deploy Powershell project to Azure Function App - cippacnqv
name: Build and deploy Powershell project to Azure Function App - cippkwn4s

on:
push:
Expand All @@ -23,17 +23,17 @@ jobs:
uses: actions/checkout@v4

- name: Login to Azure
uses: azure/login@v1
uses: azure/login@v2
with:
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_6085081ED1124B799258E9FF743FF4B9 }}
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_9BDB2DDBFAFA4BC19C20A58B204BFAF3 }}
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_02B5224812794971B05EDD557AF2B867 }}
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_B6BCC8886F40482FB8B43907FCDA6596 }}
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_0D1C65B9099F48FABDF7F7052EA6887F }}
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_76518AE5ECB34375A414DEEE1119C161 }}

- name: 'Run Azure Functions Action'
uses: Azure/functions-action@v1
id: fa
with:
app-name: 'cippacnqv'
app-name: 'cippkwn4s'
slot-name: 'Production'
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}

Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions

name: Build and deploy Powershell project to Azure Function App - cippckdtz
name: Build and deploy Powershell project to Azure Function App - cipplwwww

on:
push:
Expand All @@ -24,7 +24,7 @@ jobs:
uses: Azure/functions-action@v1
id: fa
with:
app-name: 'cippckdtz'
app-name: 'cipplwwww'
slot-name: 'Production'
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_726578DA8A7243BF9D82FE123C2F6E7F }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_00A9A6DFE9244C2EA8952190FFF10F45 }}
30 changes: 0 additions & 30 deletions .github/workflows/dev_cippopy3o.yml

This file was deleted.

29 changes: 0 additions & 29 deletions .github/workflows/dev_cipppwrro.yml

This file was deleted.

29 changes: 0 additions & 29 deletions .github/workflows/ninjaone_cipp426ns.yml

This file was deleted.

2 changes: 1 addition & 1 deletion Config/standards.json
Original file line number Diff line number Diff line change
Expand Up @@ -2235,7 +2235,7 @@
"value": "none"
},
{
"label": "Restirct sharing to specific domains",
"label": "Restrict sharing to specific domains",
"value": "allowList"
},
{
Expand Down
2 changes: 1 addition & 1 deletion Modules/CIPPCore/Public/Add-CIPPAzDataTableEntity.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,7 @@ function Add-CIPPAzDataTableEntity {
throw "Error processing entity: $ErrorMessage Linenumber: $($_.InvocationInfo.ScriptLineNumber)"
}
} else {
Write-Information "THE ERROR IS $($_.Exception.ErrorCode). The size of the entity is $entitySize."
Write-Information "THE ERROR IS $($_.Exception.message). The size of the entity is $entitySize."
throw $_
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,12 @@ function Push-BPACollectData {
}
}
$Table = Get-CippTable -tablename 'cachebpav2'
Write-Host "Working on BPA for $($TenantName.displayName) with GUID $($TenantName.customerId) - Report ID $($Item.Template)"
$Rerun = Test-CIPPRerun -Type 'BPA' -Tenant $TenantName.defaultDomainName -API $Item.Template
if ($Rerun) {
Write-Host 'Detected rerun. Exiting cleanly'
exit 0
}
Write-Host "Working on BPA for $($TenantName.defaultDomainName) with GUID $($TenantName.customerId) - Report ID $($Item.Template)"
$Template = $Templates | Where-Object -Property Name -EQ -Value $Item.Template
# Build up the result object that will be stored in tables
$Result = @{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,13 @@ function Push-CIPPStandard {
$Standard = $Item.Standard
$FunctionName = 'Invoke-CIPPStandard{0}' -f $Standard
Write-Host "We'll be running $FunctionName"
$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Item.Settings -API $Standard
if ($Rerun) {
Write-Host 'Detected rerun. Exiting cleanly'
exit 0
} else {
Write-Host "Rerun is set to false. We'll be running $FunctionName"
}
try {
& $FunctionName -Tenant $Item.Tenant -Settings $Item.Settings -ErrorAction Stop
} catch {
Expand Down
Original file line number Diff line number Diff line change
@@ -1,15 +1,24 @@
function Push-AuditLogTenant {
Param($Item)

# Get Table contexts
$AuditBundleTable = Get-CippTable -tablename 'AuditLogBundles'
$SchedulerConfig = Get-CIPPTable -TableName 'SchedulerConfig'
$CIPPURL = Get-CIPPAzDataTableEntity @SchedulerConfig -Filter "PartitionKey eq 'webhookcreation'" | Select-Object -First 1 -ExpandProperty CIPPURL
$SchedulerConfig = Get-CippTable -TableName 'SchedulerConfig'
$WebhookTable = Get-CippTable -tablename 'webhookTable'
$ConfigTable = Get-CippTable -TableName 'WebhookRules'

# Query CIPPURL for linking
$CIPPURL = Get-CIPPAzDataTableEntity @SchedulerConfig -Filter "PartitionKey eq 'webhookcreation'" | Select-Object -First 1 -ExpandProperty CIPPURL

# Get all webhooks for the tenant
$Webhooks = Get-CIPPAzDataTableEntity @WebhookTable -Filter "PartitionKey eq '$($Item.TenantFilter)' and Version eq '3'" | Where-Object { $_.Resource -match '^Audit' }
$ExistingBundles = Get-CIPPAzDataTableEntity @AuditBundleTable -Filter "PartitionKey eq '$($Item.TenantFilter)' and ContentType eq '$ContentType'"
$ConfigTable = Get-CIPPTable -TableName 'WebhookRules'

# Get webhook rules
$ConfigEntries = Get-CIPPAzDataTableEntity @ConfigTable

# Date filter for existing bundles
$LastHour = (Get-Date).AddHours(-1).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ss')

$NewBundles = [System.Collections.Generic.List[object]]::new()
foreach ($Webhook in $Webhooks) {
# only process webhooks that are configured in the webhookrules table
Expand All @@ -28,6 +37,7 @@ function Push-AuditLogTenant {
EndTime = $Item.EndTime
}
$LogBundles = Get-CIPPAuditLogContentBundles @ContentBundleQuery
$ExistingBundles = Get-CIPPAzDataTableEntity @AuditBundleTable -Filter "PartitionKey eq '$($Item.TenantFilter)' and ContentType eq '$LogType' and Timestamp ge datetime'$($LastHour)'"

foreach ($Bundle in $LogBundles) {
if ($ExistingBundles.RowKey -notcontains $Bundle.contentId) {
Expand Down Expand Up @@ -61,5 +71,4 @@ function Push-AuditLogTenant {
$InstanceId = Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress)
Write-Host "Started orchestration with ID = '$InstanceId'"
}

}
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
function Invoke-ExecServicePrincipals {
<#
.FUNCTIONALITY
Entrypoint
.ROLE
CIPP.Core.ReadWrite
#>
[CmdletBinding()]
param($Request, $TriggerMetadata)

$TenantFilter = $env:TenantId

$Success = $true

$Action = $Request.Query.Action ?? 'Default'
try {
switch ($Request.Query.Action) {
'Create' {
$Body = @{
'appId' = $Request.Query.AppId
} | ConvertTo-Json -Compress
$Results = New-GraphPostRequest -Uri 'https://graph.microsoft.com/beta/servicePrincipals' -tenantid $TenantFilter -type POST -body $Body
}
default {
if ($Request.Query.AppId) {
$Action = 'Get'
$Results = New-GraphGetRequest -Uri "https://graph.microsoft.com/beta/servicePrincipals(appId='$($Request.Query.AppId)')" -tenantid $TenantFilter -NoAuthCheck $true
} else {
$Action = 'List'
$Results = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/servicePrincipals?$top=999&$orderby=displayName&$count=true' -ComplexFilter -tenantid $TenantFilter -NoAuthCheck $true
}
}
}
} catch {
$Results = $_.Exception.Message
$Success = $false
}

$Metadata = @{
'Action' = $Action
'Success' = $Success
}

if ($Request.Query.AppId) {
$Metadata.AppId = $Request.Query.AppId
}

$Body = @{
'Results' = $Results
'Metadata' = $Metadata
}

$Json = $Body | ConvertTo-Json -Depth 10 -Compress
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $Json
})
}
Original file line number Diff line number Diff line change
Expand Up @@ -17,21 +17,22 @@ Function Invoke-ExecExtensionsConfig {
#Connect-AzAccount -UseDeviceAuthentication
# Write to the Azure Functions log stream.
Write-Information 'PowerShell HTTP trigger function processed a request.'
$Body = [PSCustomObject]$Request.Body
$results = try {
if ($Request.Body.CIPPAPI.Enabled) {
if ($Body.CIPPAPI.Enabled) {
try {
$APIConfig = New-CIPPAPIConfig -ExecutingUser $Request.Headers.'x-ms-client-principal' -resetpassword $Request.Body.CIPPAPI.ResetPassword
$APIConfig = New-CIPPAPIConfig -ExecutingUser $Request.Headers.'x-ms-client-principal' -resetpassword $Body.CIPPAPI.ResetPassword
$AddedText = $APIConfig.Results
} catch {
$AddedText = ' Could not enable CIPP-API. Check the CIPP documentation for API requirements.'
$Request.Body = $Request.Body | Select-Object * -ExcludeProperty CIPPAPI
$Body = $Body | Select-Object * -ExcludeProperty CIPPAPI
}
}

# Check if NinjaOne URL is set correctly and the instance has at least version 5.6
if ($Request.Body.NinjaOne) {
if ($Body.NinjaOne) {
try {
[version]$Version = (Invoke-WebRequest -Method GET -Uri "https://$(($Request.Body.NinjaOne.Instance -replace '/ws','') -replace 'https://','')/app-version.txt" -ea stop).content
[version]$Version = (Invoke-WebRequest -Method GET -Uri "https://$(($Body.NinjaOne.Instance -replace '/ws','') -replace 'https://','')/app-version.txt" -ea stop).content
} catch {
throw "Failed to connect to NinjaOne check your Instance is set correctly eg 'app.ninjarmmm.com'"
}
Expand All @@ -41,39 +42,39 @@ Function Invoke-ExecExtensionsConfig {
}

$Table = Get-CIPPTable -TableName Extensionsconfig
foreach ($APIKey in ([pscustomobject]$Request.Body).psobject.properties.name) {
foreach ($APIKey in $Body.PSObject.Properties.Name) {
Write-Information "Working on $apikey"
if ($Request.Body.$APIKey.APIKey -eq 'SentToKeyVault' -or $Request.Body.$APIKey.APIKey -eq '') {
if ($Body.$APIKey.APIKey -eq 'SentToKeyVault' -or $Body.$APIKey.APIKey -eq '') {
Write-Information 'Not sending to keyvault. Key previously set or left blank.'
} else {
Write-Information 'writing API Key to keyvault, and clearing.'
Write-Information "$ENV:WEBSITE_DEPLOYMENT_ID"
if ($Request.Body.$APIKey.APIKey) {
if ($Body.$APIKey.APIKey) {
if ($env:AzureWebJobsStorage -eq 'UseDevelopmentStorage=true') {
$DevSecretsTable = Get-CIPPTable -tablename 'DevSecrets'
$Secret = [PSCustomObject]@{
'PartitionKey' = $APIKey
'RowKey' = $APIKey
'APIKey' = $Request.Body.$APIKey.APIKey
'APIKey' = $Body.$APIKey.APIKey
}
Add-CIPPAzDataTableEntity @DevSecretsTable -Entity $Secret -Force
} else {
$null = Set-AzKeyVaultSecret -VaultName $ENV:WEBSITE_DEPLOYMENT_ID -Name $APIKey -SecretValue (ConvertTo-SecureString -AsPlainText -Force -String $Request.Body.$APIKey.APIKey)
$null = Set-AzKeyVaultSecret -VaultName $ENV:WEBSITE_DEPLOYMENT_ID -Name $APIKey -SecretValue (ConvertTo-SecureString -AsPlainText -Force -String $Body.$APIKey.APIKey)
}
}
if ($Request.Body.$APIKey.PSObject.Properties -notcontains 'APIKey') {
$Request.Body.$APIKey | Add-Member -MemberType NoteProperty -Name APIKey -Value 'SentToKeyVault'
if ($Body.$APIKey.PSObject.Properties.Name -notcontains 'APIKey') {
$Body.$APIKey | Add-Member -MemberType NoteProperty -Name APIKey -Value 'SentToKeyVault'
} else {
$Request.Body.$APIKey.APIKey = 'SentToKeyVault'
$Body.$APIKey.APIKey = 'SentToKeyVault'
}
}
$Request.Body.$APIKey = $Request.Body.$APIKey | Select-Object * -ExcludeProperty ResetPassword
$Body.$APIKey = $Body.$APIKey | Select-Object * -ExcludeProperty ResetPassword
}
$body = $Request.Body | Select-Object * -ExcludeProperty APIKey, Enabled | ConvertTo-Json -Depth 10 -Compress
$Body = $Body | Select-Object * -ExcludeProperty APIKey, Enabled | ConvertTo-Json -Depth 10 -Compress
$Config = @{
'PartitionKey' = 'CippExtensions'
'RowKey' = 'Config'
'config' = [string]$body
'config' = [string]$Body
}

Add-CIPPAzDataTableEntity @Table -Entity $Config -Force | Out-Null
Expand Down
Loading

0 comments on commit 546fe28

Please sign in to comment.