Initial release (#12)

* Docs, Templates and Settings (#1) * Add .github/ * Update README.md * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Add config.json * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Delete config.json * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Update .github/ * Add .pipelines/ * Add settings.json * Update README.md * Update settings.json * Update settings.json * Update README.md * Update README.md * Pipelines (#2) * Update pull.yml * Update push.yml * Pipelines and Comments (#3) * Update pull.yml * Update push.yml * Update pull.yml * Update push.yml * Pipelines (#4) * Update pull.yml * Update push.yml * Update pull.yml * Update push.yml * Update README.md (#5) * Repository (#6) * Update README.md * Update README.md * Actions (#7) * Update README.md * Update README.md * Update pull.yml * Update push.yml * Pipelines (#9) * Update .github/ * Update .pipelines/ * Update .pipelines/ * Adding Triggers for pull (#8) * Update pull.yml * Adding codeowners and Updating Support.md (#10) * adding codeowners * adding codeowners * Adding instruction to update from upstream (#11) Co-authored-by: uday31in <14359777+uday31in@users.noreply.github.com>
2021-03-04 22:46:27 +00:00 · 2021-03-04 22:46:27 +00:00 · ec2e78a312
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -0,0 +1,5 @@
+# See for instructions on this file https://help.github.com/articles/about-codeowners/
+
+* @azure/enterprisescale-vteam
+
+.github/CODEOWNERS @ljtill @uday31in
--- a/.github/ISSUE_TEMPLATE/BUG_REPORT.md
+++ b/.github/ISSUE_TEMPLATE/BUG_REPORT.md
@ -0,0 +1,22 @@
+---
+name: "Bug report \U0001F41B"
+about: Report errors or unexpected behaviour
+title: 'Bug Report'
+labels: 'needs triage :warning:'
+assignees: ''
+
+---
+
+<!-- Please read our Rules of Conduct: https://opensource.microsoft.com/codeofconduct/ -->
+<!-- Please search existing issues to avoid creating duplicates. -->
+
+**Describe the bug**
+
+
+**Steps to reproduce**
+
+1.
+2.
+
+**Screenshots**
+
--- a/.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md
+++ b/.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md
@ -0,0 +1,14 @@
+---
+name: "Feature request \U0001F680"
+about: Suggest an idea for this project
+title: 'Feature Request'
+labels: 'needs triage :warning:'
+assignees: ''
+
+---
+
+<!-- Please read our Rules of Conduct: https://opensource.microsoft.com/codeofconduct/ -->
+<!-- Please search existing issues to avoid creating duplicates. -->
+
+**Describe the solution you'd like**
+
--- a/.github/templates/README.md
+++ b/.github/templates/README.md
@ -0,0 +1 @@
+# Templates
--- a/.github/templates/simple/pull.yml
+++ b/.github/templates/simple/pull.yml
@ -0,0 +1,191 @@
+---
+name: 'AzOps - Pull'
+
+on:
+
+  #
+  # Schedule
+  # This is an [optional] event to get latest Azure 
+  # hierarchy of Management Grou and Subscription in 
+  # your Git in recurring manner. Default is every 6 hours
+  #
+  # Adjust frequency based on your organization need
+  #
+
+  schedule:
+    - cron: "0 */6 * * *"
+  
+  #
+  # Workflow Dispatch
+  # This is to invoke this action from portal
+  #
+  
+  workflow_dispatch:
+
+  #
+  # Repository Dispatch
+  # To invoke this action based on event/webhook
+  #
+  
+  repository_dispatch:
+    types:
+      - "Azure Activity Logs"
+
+on:
+  workflow_dispatch:
+
+jobs:
+
+  pull:
+
+    #
+    # Pull
+    #
+
+    name: 'Pull'
+    runs-on: ubuntu-20.04
+    steps:
+
+      #
+      # Checkout
+      # Checks-out the repository
+      #
+
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      #
+      # Configure
+      # Set global options
+      #
+
+      - name: 'Configure'
+        run: |
+          git config user.name github-actions
+          git config user.email action@github.com
+        shell: bash
+
+      #
+      # Checkout
+      # Switch branches
+      #
+
+      - name: 'Checkout'
+        run: |
+          git checkout -b automated
+        shell: bash
+
+      #
+      # Dependencies
+      # Install required runtime modules
+      #
+
+      - name: 'Dependencies'
+        run: |
+          Install-Module -Name "AzOps" -AllowPrerelease -Force
+          Install-Module -Name @("Az.Accounts", "Az.Billing", "Az.Resources", "PSFramework") -Force
+        shell: pwsh
+        env:
+          AZOPS: 1.0.0
+          AZ_ACCOUNTS: 2.2.5
+          AZ_BILLING: 2.0.0
+          AZ_RESOURCES: 3.2.1
+          PSFRAMEWORK: 1.5.17
+
+      #
+      # Connect
+      # Authenticate Azure context
+      #
+
+      - name: 'Connect'
+        run: |
+          $credential = New-Object System.Management.Automation.PSCredential `
+            -ArgumentList $env:ARM_CLIENT_ID, (ConvertTo-SecureString -String $env:ARM_CLIENT_SECRET -AsPlainText -Force)
+          Connect-AzAccount `
+            -TenantId $env:ARM_TENANT_ID -ServicePrincipal -Credential $credential -SubscriptionId $env:ARM_SUBSCRIPTION_ID
+        shell: pwsh
+        env:
+          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+          ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+
+      #
+      # Initialize
+      # Generate new state data
+      #
+
+      - name: 'Initialize'
+        run: |
+          Import-PSFConfig -Path settings.json -Schema MetaJson
+          Initialize-AzOpsRepository -Rebuild
+          Get-Job | Remove-Job -Force
+        shell: pwsh
+
+      #
+      # Status
+      # Check for data changes
+      #
+
+      - name: 'Status'
+        id: status
+        run: |
+          STATUS=$(git status --short)
+          if [ -z "$STATUS" ]
+          then
+            echo $STATUS
+            echo "::set-output name=state::stop"
+          else
+            echo $STATUS
+            echo "::set-output name=state::continue"
+          fi
+        shell: bash
+
+      #
+      # Add
+      # Add file content to index
+      #
+
+      - name: 'Add'
+        if: steps.status.outputs.state == 'continue'
+        run: |
+          git add ./azops
+        shell: bash
+
+      #
+      # Commit
+      # Record changes to the repository
+      #
+
+      - name: 'Commit'
+        if: steps.status.outputs.state == 'continue'
+        run: |
+          git commit -m "Automated commit"
+        shell: bash
+
+      #
+      # Push
+      # Update remote refs along with associated objects
+      #
+
+      - name: 'Push'
+        if: steps.status.outputs.state == 'continue'
+        run: |
+          git push origin automated -f
+        shell: bash
+
+      #
+      # Merge
+      # Update remote refs along with associated objects
+      #
+
+      - name: 'Merge'
+        if: steps.status.outputs.state == 'continue'
+        run: |
+          gh pr create --title "Automated State" --body "..." --base ${{ github.ref }} --head "automated"
+          gh pr merge "automated" --squash --delete-branch
+        shell: bash
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/templates/simple/push.yml
+++ b/.github/templates/simple/push.yml
@ -0,0 +1,326 @@
+---
+name: 'AzOps - Push'
+
+on:
+  workflow_dispatch:
+  pull_request:
+
+jobs:
+
+  pre:
+
+    #
+    # Pre
+    # - Before running the resource deployment,
+    # - we need to validate the repository state
+    # - is up to date and we won't encounter conflicts.
+    #
+
+    name: 'Pre'
+    runs-on: ubuntu-20.04
+    outputs:
+      diff: ${{ steps.diff.outputs.state }}
+
+    steps:
+
+      #
+      # Checkout
+      # Checks-out the repository
+      #
+
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+          ref: main
+
+      #
+      # Dependencies
+      # Install required runtime modules
+      #
+
+      - name: 'Dependencies'
+        run: |
+          Install-Module -Name "AzOps" -AllowPrerelease -Force
+          Install-Module -Name @("Az.Accounts", "Az.Billing", "Az.Resources", "PSFramework") -Force
+        shell: pwsh
+        env:
+          AZOPS: 1.0.0
+          AZ_ACCOUNTS: 2.2.5
+          AZ_BILLING: 2.0.0
+          AZ_RESOURCES: 3.2.1
+          PSFRAMEWORK: 1.5.17
+
+      #
+      # Connect
+      # Authenticate Azure context
+      #
+
+      - name: 'Connect'
+        run: |
+          $credential = New-Object System.Management.Automation.PSCredential `
+            -ArgumentList $env:ARM_CLIENT_ID, (ConvertTo-SecureString -String $env:ARM_CLIENT_SECRET -AsPlainText -Force)
+          Connect-AzAccount `
+            -TenantId $env:ARM_TENANT_ID -ServicePrincipal -Credential $credential -SubscriptionId $env:ARM_SUBSCRIPTION_ID
+        shell: pwsh
+        env:
+          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+          ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+
+      #
+      # Initialize
+      # Generate new state data
+      #
+
+      - name: 'Initialize'
+        run: |
+          Import-PSFConfig -Path settings.json -Schema MetaJson
+          Initialize-AzOpsRepository -Rebuild
+          Get-Job | Remove-Job -Force
+        shell: pwsh
+
+      #
+      # Diff
+      # List index changes
+      #
+
+      - name: 'Diff'
+        id: diff
+        run: |
+          DIFF=$(git diff --ignore-space-at-eol --name-status)
+          if [ -z "$DIFF" ]
+          then
+            echo $DIFF
+            echo "::set-output name=state::stop"
+          else
+            echo $DIFF
+            echo "::set-output name=state::continue"
+          fi
+        shell: bash
+
+      #
+      # Issue
+      # Write issue and stop workflow
+      #
+
+      - name: 'Issue'
+        if: steps.diff.outputs.state == 'continue'
+        run: |
+          gh pr comment ${{ github.event.pull_request.number }} --body "Job blocked...."
+        shell: bash
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  push:
+
+    #
+    # Push
+    # - Before running the resource deployment,
+    # - we need to validate the repository state
+    # - is up to date and we won't encounter conflicts.
+    #
+
+    name: 'Push'
+    runs-on: ubuntu-20.04
+    needs: pre
+    if: needs.pre.outputs.diff == 'stop'
+
+    steps:
+
+      #
+      # Checkout
+      # Checks-out the repository
+      #
+
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      #
+      # Dependencies
+      # Install required runtime modules
+      #
+
+      - name: 'Dependencies'
+        run: |
+          Install-Module -Name "AzOps" -AllowPrerelease -Force
+          Install-Module -Name @("Az.Accounts", "Az.Billing", "Az.Resources", "PSFramework") -Force
+        shell: pwsh
+        env:
+          AZOPS: 1.0.0
+          AZ_ACCOUNTS: 2.2.5
+          AZ_BILLING: 2.0.0
+          AZ_RESOURCES: 3.2.1
+          PSFRAMEWORK: 1.5.17
+
+      #
+      # Connect
+      # Authenticate Azure context
+      #
+
+      - name: 'Connect'
+        run: |
+          $credential = New-Object System.Management.Automation.PSCredential `
+            -ArgumentList $env:ARM_CLIENT_ID, (ConvertTo-SecureString -String $env:ARM_CLIENT_SECRET -AsPlainText -Force)
+          Connect-AzAccount `
+            -TenantId $env:ARM_TENANT_ID -ServicePrincipal -Credential $credential -SubscriptionId $env:ARM_SUBSCRIPTION_ID
+        shell: pwsh
+        env:
+          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+          ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+
+      #
+      # Diff
+      # List index changes
+      #
+
+      - name: 'Diff'
+        id: diff
+        run: |
+          echo $(git diff origin/main --name-status)
+          git diff origin/main --name-status > /tmp/diff.txt
+        shell: bash
+
+      #
+      # Deploy
+      # Initial deployment of any index changes
+      #
+
+      - name: 'Deploy'
+        run: |
+          Initialize-AzOpsEnvironment
+          Import-PSFConfig -Path settings.json -Schema MetaJson
+          $diff = Get-Content -Path /tmp/diff.txt
+          $module = Get-Module -Name AzOps
+          $module.Invoke({ Invoke-AzOpsChange -ChangeSet $diff })
+          Get-Job | Remove-Job -Force
+        shell: pwsh
+
+  post:
+
+    #
+    # Post
+    # - Before running the resource deployment,
+    # - we need to validate the repository state
+    # - is up to date and we won't encounter conflicts.
+    #
+
+    name: 'Post'
+    runs-on: ubuntu-20.04
+    needs: push
+    if: needs.pre.outputs.diff == 'stop'
+
+    steps:
+
+      #
+      # Checkout
+      # Checks-out the repository
+      #
+
+      - name: 'Checkout'
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      #
+      # Configure
+      # Set global options
+      #
+
+      - name: 'Configure'
+        run: |
+          git config user.name github-actions
+          git config user.email action@github.com
+        shell: bash
+
+      #
+      # Switch
+      # Change working branch
+      #
+
+      - name: 'Switch'
+        run: |
+          git switch -c ${{ github.head_ref }}
+
+      #
+      # Dependencies
+      # Install required runtime modules
+      #
+
+      - name: 'Dependencies'
+        run: |
+          Install-Module -Name "AzOps" -AllowPrerelease -Force
+          Install-Module -Name @("Az.Accounts", "Az.Billing", "Az.Resources", "PSFramework") -Force
+        shell: pwsh
+        env:
+          AZOPS: 1.0.0
+          AZ_ACCOUNTS: 2.2.5
+          AZ_BILLING: 2.0.0
+          AZ_RESOURCES: 3.2.1
+          PSFRAMEWORK: 1.5.17
+
+      #
+      # Connect
+      # Authenticate Azure context
+      #
+
+      - name: 'Connect'
+        run: |
+          $credential = New-Object System.Management.Automation.PSCredential `
+            -ArgumentList $env:ARM_CLIENT_ID, (ConvertTo-SecureString -String $env:ARM_CLIENT_SECRET -AsPlainText -Force)
+          Connect-AzAccount `
+            -TenantId $env:ARM_TENANT_ID -ServicePrincipal -Credential $credential -SubscriptionId $env:ARM_SUBSCRIPTION_ID
+        shell: pwsh
+        env:
+          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+          ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+
+      #
+      # Initialize
+      # Generate new state data
+      #
+
+      - name: 'Initialize'
+        run: |
+          Import-PSFConfig -Path settings.json -Schema MetaJson
+          Initialize-AzOpsRepository -Rebuild
+          Get-Job | Remove-Job -Force
+        shell: pwsh
+
+      #
+      # Add
+      # Add file content to index
+      #
+
+      - name: 'Add'
+        run: |
+          git add ./azops
+          git status --short
+        shell: bash
+
+      #
+      # Commit
+      # Record changes to the repository
+      #
+
+      - name: 'Commit'
+        run: |
+          git commit -m "Automated commit"
+        shell: bash
+
+      #
+      # Push
+      # Update remote refs along with associated objects
+      #
+
+      - name: 'Push'
+        run: |
+          git push origin ${{ github.head_ref }}
+        shell: bash
--- a/.pipelines/templates/README.md
+++ b/.pipelines/templates/README.md
@ -0,0 +1 @@
+# Templates
--- a/.pipelines/templates/simple/pull.yml
+++ b/.pipelines/templates/simple/pull.yml
@ -0,0 +1,178 @@
+---
+name: 'AzOps - Pull'
+
+trigger: none
+
+# Temporary
+
+pool:
+  name: 'Azure Self-hosted Pipelines'
+
+jobs:
+
+- job: pull
+
+  #
+  # Pull
+  #
+
+  displayName: 'Pull'
+  workspace:
+        clean: all
+  steps:
+
+  #
+  # Checkout
+  # Checks-out the repository
+  #
+
+  - checkout: self
+    fetchDepth: 0
+    persistCredentials: true
+
+  #
+  # Configure
+  # Set global options
+  #
+
+  - task: Bash@3
+    displayName: 'Configure'
+    inputs:
+      targetType: 'inline'
+      script: |
+          git config user.name "Azure DevOps"
+          git config user.email "azuredevops@microsoft.com"
+
+  #
+  # Checkout
+  # Switch branches
+  #
+
+  - task: Bash@3
+    displayName: 'Checkout'
+    inputs:
+      targetType: 'inline'
+      script: |
+        git checkout -b automated
+
+  #
+  # Dependencies
+  # Install required runtime modules
+  #
+
+  - task: PowerShell@2
+    displayName: 'Dependencies'
+    inputs:
+      targetType: 'inline'
+      script: |
+        Install-Module -Name "AzOps" -AllowPrerelease -Force
+        Install-Module -Name @("Az.Accounts", "Az.Billing", "Az.Resources", "PSFramework") -Force
+
+  #
+  # Connect
+  # Authenticate Azure context
+  #
+
+  - task: PowerShell@2
+    displayName: 'Connect'
+    inputs:
+      targetType: 'inline'
+      script: |
+          $credential = New-Object System.Management.Automation.PSCredential `
+            -ArgumentList $(ARM_CLIENT_ID), (ConvertTo-SecureString -String $(ARM_CLIENT_SECRET) -AsPlainText -Force)
+          Connect-AzAccount `
+            -TenantId $(ARM_TENANT_ID) -ServicePrincipal -Credential $credential -SubscriptionId $(ARM_SUBSCRIPTION_ID)
+
+  #
+  # Initialize
+  # Generate new state data
+  #
+
+  - task: PowerShell@2
+    displayName: 'Initialize'
+    inputs:
+      targetType: 'inline'
+      script: |
+          Import-PSFConfig -Path settings.json -Schema MetaJson
+          Initialize-AzOpsRepository -Rebuild
+          Get-Job | Remove-Job -Force
+
+  #
+  # Status
+  # Check for data changes
+  #
+
+  - task: Bash@3
+    displayName: 'Status'
+    inputs:
+      targetType: 'inline'
+      script: |
+        STATUS=$(git status --short)
+        if [ -z "$STATUS" ]
+        then
+          echo $STATUS
+          echo "##vso[task.setvariable variable=state]continue"
+        else
+          echo $STATUS
+          echo "##vso[task.setvariable variable=state]stop"
+        fi
+
+  #
+  # Add
+  # Add file content to index
+  #
+
+  - task: Bash@3
+    displayName: 'Add'
+    condition: contains(variables['state'], 'stop')
+    inputs:
+      targetType: 'inline'
+      script: |
+        git add ./azops
+
+  #
+  # Commit
+  # Record changes to the repository
+  #
+
+  - task: Bash@3
+    displayName: 'Commit'
+    condition: contains(variables['state'], 'stop')
+    inputs:
+      targetType: 'inline'
+      script: |
+        git commit -m "Automated commit"
+
+  #
+  # Push
+  # Update remote refs along with associated objects
+  #
+
+  - task: Bash@3
+    displayName: 'Push'
+    condition: contains(variables['state'], 'stop')
+    inputs:
+      targetType: 'inline'
+      script: |
+        git push origin automated -f
+
+  #
+  # Merge
+  # Update remote refs along with associated objects
+  #
+
+  - task: Bash@3
+    displayName: 'Merge'
+    condition: contains(variables['state'], 'stop')
+    inputs:
+      targetType: 'inline'
+      script: |
+        az repos pr create \
+          --title "Automated State" \
+          --source-branch "automated" \
+          --target-branch "main" \
+          --squash true \
+          --delete-source-branch true \
+          --auto-complete true
+    env:
+      AZURE_DEVOPS_EXT_PAT: $(System.AccessToken)
--- a/.pipelines/templates/simple/push.yml
+++ b/.pipelines/templates/simple/push.yml
@ -0,0 +1,331 @@
+---
+name: "AzOps - Push"
+
+trigger: none
+
+# Temporary
+
+pool:
+  name: 'Azure Self-hosted Pipelines'
+
+variables:
+  organization: 'lytill'
+  project: 'azops-test'
+  repository: 'azops-test'
+  branch: $(Build.SourceBranchName)
+  pullRequest: $(System.PullRequest.PullRequestId)
+  timeout: 30
+
+jobs:
+
+- job: pre
+
+  #
+  # Pre
+  # - Before running the resource deployment,
+  # - we need to validate the repository state
+  # - is up to date and we won't encounter conflicts.
+  #
+
+  displayName: 'Pre'
+  condition: ne(variables['System.PullRequest.SourceBranch'], 'refs/heads/automated')
+  workspace:
+    clean: all
+  steps:
+
+  #
+  # Checkout
+  # Checks-out the repository
+  #
+
+  - checkout: self
+    fetchDepth: 0
+    persistCredentials: true
+
+  #
+  # Dependencies
+  # Install required runtime modules
+  #
+
+  - task: PowerShell@2
+    displayName: 'Dependencies'
+    inputs:
+      targetType: 'inline'
+      script: |
+        Install-Module -Name "AzOps" -AllowPrerelease -Force
+        Install-Module -Name @("Az.Accounts", "Az.Billing", "Az.Resources", "PSFramework") -Force
+
+  #
+  # Connect
+  # Authenticate Azure context
+  #
+
+  - task: PowerShell@2
+    displayName: 'Connect'
+    inputs:
+      targetType: 'inline'
+      script: |
+          $credential = New-Object System.Management.Automation.PSCredential `
+            -ArgumentList $(ARM_CLIENT_ID), (ConvertTo-SecureString -String $(ARM_CLIENT_SECRET) -AsPlainText -Force)
+          Connect-AzAccount `
+            -TenantId $(ARM_TENANT_ID) -ServicePrincipal -Credential $credential -SubscriptionId $(ARM_SUBSCRIPTION_ID)
+
+  #
+  # Initialize
+  # Generate new state data
+  #
+
+  - task: PowerShell@2
+    displayName: 'Initialize'
+    inputs:
+      targetType: 'inline'
+      script: |
+          Import-PSFConfig -Path settings.json -Schema MetaJson
+          Initialize-AzOpsRepository
+          Get-Job | Remove-Job -Force
+
+  #
+  # Diff
+  # List index changes
+  #
+
+  - task: Bash@3
+    displayName: 'Diff'
+    inputs:
+      targetType: 'inline'
+      script: |
+        DIFF=$(git diff --ignore-space-at-eol --name-status)
+        if [ -z "$DIFF" ]
+        then
+          echo $DIFF
+          echo "##vso[task.setvariable variable=state]continue"
+        else
+          echo $DIFF
+          echo "##vso[task.setvariable variable=state]stop"
+        fi
+
+  #
+  # Issue
+  # Write issue and stop workflow
+  #
+
+  - task: Bash@3
+    displayName: 'Issue'
+    condition: contains(variables['state'], 'stop')
+    inputs:
+      targetType: 'inline'
+      script: |
+        curl --request POST \
+        --header "Authorization: Bearer $(System.AccessToken)" \
+        --header "Content-Type: application/json" \
+        --data '{ "comments": [ { "parentCommentId": 0, "content": "Hello!", "commentType": 1 } ], "status": 1 }' \
+        --url https://dev.azure.com/$(organization)/$(project)/_apis/git/repositories/$(repository)/pullRequests/$(pullRequest)/threads?api-version=6.0
+
+- job: push
+
+  #
+  # Push
+  # - Before running the resource deployment,
+  # - we need to validate the repository state
+  # - is up to date and we won't encounter conflicts.
+  #
+
+  displayName: 'Push'
+  condition: contains(variables['state'], 'continue')
+  dependsOn: pre
+  workspace:
+    clean: all
+  steps:
+
+  #
+  # Checkout
+  # Checks-out the repository
+  #
+
+  - checkout: self
+    fetchDepth: 0
+    persistCredentials: true
+
+  #
+  # Dependencies
+  # Install required runtime modules
+  #
+
+  - task: PowerShell@2
+    displayName: 'Dependencies'
+    inputs:
+      targetType: 'inline'
+      script: |
+        Install-Module -Name "AzOps" -AllowPrerelease -Force
+        Install-Module -Name @("Az.Accounts", "Az.Billing", "Az.Resources", "PSFramework") -Force
+
+  #
+  # Connect
+  # Authenticate Azure context
+  #
+
+  - task: PowerShell@2
+    displayName: 'Connect'
+    inputs:
+      targetType: 'inline'
+      script: |
+          $credential = New-Object System.Management.Automation.PSCredential `
+            -ArgumentList $(ARM_CLIENT_ID), (ConvertTo-SecureString -String $(ARM_CLIENT_SECRET) -AsPlainText -Force)
+          Connect-AzAccount `
+            -TenantId $(ARM_TENANT_ID) -ServicePrincipal -Credential $credential -SubscriptionId $(ARM_SUBSCRIPTION_ID)
+
+  #
+  # Diff
+  # List index changes
+  #
+
+  - task: Bash@3
+    displayName: 'Diff'
+    inputs:
+      targetType: 'inline'
+      script: |
+        git diff origin/main --name-status > /tmp/diff.txt
+
+  #
+  # Deploy
+  # Initial deployment of any index changes
+  #
+
+  - task: PowerShell@2
+    displayName: 'Deploy'
+    inputs:
+      targetType: 'inline'
+      script: |
+        Initialize-AzOpsEnvironment
+        Import-PSFConfig -Path settings.json -Schema MetaJson
+        $diff = Get-Content -Path /tmp/diff.txt
+        $module = Get-Module -Name AzOps
+        $module.Invoke({ Invoke-AzOpsChange -ChangeSet $diff })
+        Get-Job | Remove-Job -Force
+
+- job: post
+
+  #
+  # Post
+  # - Before running the resource deployment,
+  # - we need to validate the repository state
+  # - is up to date and we won't encounter conflicts.
+  #
+
+  displayName: 'Post'
+  condition: contains(variables['state'], 'continue')
+  dependsOn: push
+  workspace:
+    clean: all
+  steps:
+
+  #
+  # Checkout
+  # Checks-out the repository
+  #
+
+  - checkout: self
+    fetchDepth: 0
+    persistCredentials: true
+
+  #
+  # Configure
+  # Set global options
+  #
+
+  - task: Bash@3
+    displayName: 'Configure'
+    inputs:
+      targetType: 'inline'
+      script: |
+          git config user.name "Azure DevOps"
+          git config user.email "azuredevops@microsoft.com"
+
+  #
+  # Switch
+  # Change working branch
+  #
+
+  - task: Bash@3
+    displayName: 'Switch'
+    inputs:
+      targetType: 'inline'
+      script: |
+        git switch -c $(branch)
+
+  #
+  # Dependencies
+  # Install required runtime modules
+  #
+
+  - task: PowerShell@2
+    displayName: 'Dependencies'
+    inputs:
+      targetType: 'inline'
+      script: |
+        Install-Module -Name "AzOps" -AllowPrerelease -Force
+        Install-Module -Name @("Az.Accounts", "Az.Billing", "Az.Resources", "PSFramework") -Force
+
+  #
+  # Connect
+  # Authenticate Azure context
+  #
+
+  - task: PowerShell@2
+    displayName: 'Connect'
+    inputs:
+      targetType: 'inline'
+      script: |
+          $credential = New-Object System.Management.Automation.PSCredential `
+            -ArgumentList $(ARM_CLIENT_ID), (ConvertTo-SecureString -String $(ARM_CLIENT_SECRET) -AsPlainText -Force)
+          Connect-AzAccount `
+            -TenantId $(ARM_TENANT_ID) -ServicePrincipal -Credential $credential -SubscriptionId $(ARM_SUBSCRIPTION_ID)
+
+  #
+  # Initialize
+  # Generate new state data
+  #
+
+  - task: PowerShell@2
+    displayName: 'Initialize'
+    inputs:
+      targetType: 'inline'
+      script: |
+          Import-PSFConfig -Path settings.json -Schema MetaJson
+          Initialize-AzOpsRepository
+
+  #
+  # Add
+  # Add file content to index
+  #
+
+  - task: Bash@3
+    displayName: 'Add'
+    inputs:
+      targetType: 'inline'
+      script: |
+        git add ./azops
+
+  #
+  # Commit
+  # Record changes to the repository
+  #
+
+  - task: Bash@3
+    displayName: 'Commit'
+    inputs:
+      targetType: 'inline'
+      script: |
+        git commit -m "Automated commit"
+
+  #
+  # Push
+  # Update remote refs along with associated objects
+  #
+
+  - task: Bash@3
+    displayName: 'Push'
+    inputs:
+      targetType: 'inline'
+      script: |
+        git push origin $(branch)  -f
--- a/README.md
+++ b/README.md
@ -1,14 +1,94 @@
-# Project
+# AzOps Accelerator

-> This repo has been populated by an initial template to help get you started. Please
-> make sure to update the content to build a great experience for community-building.
+## Configuration

-As the maintainer of this project, please make a few updates:
+The following script blocks and steps will prepare the repository for Push and Pull operating models.
+
+### GitHub Actions
+
+Run either the `bash` or `powershell` script blocks from within the root of repository.
+
+```bash
+# Create workflows directory
+mkdir .github/workflows
+
+# Copy actions templates
+cp -R .github/templates/simple/ .github/workflows/
+
+# Remove pipelines artefacts
+rm -rf .pipelines/
+```
+
+```powershell
+# Create workflows directory
+New-Item -Path ./ -Name ".github/workflows" -ItemType Directory
+
+# Copy actions templates
+Copy-Item -Path ./.github/templates/simple/* -Destination ./.github/workflows/ -Recurse
+
+# Remove pipelines
+Remove-Item -Path ./.pipelines/ -Recurse -Force
+```
+
+After running the script blocks, the following repository secrets will need to be created.
+
+- ARM_CLIENT_ID
+- ARM_CLIENT_SECRET
+- ARM_TENANT_ID
+- ARM_SUBSCRIPTION_ID
+
+### Azure Pipelines
+
+Run either the `bash` or `powershell` script blocks from within the root of repository.
+
+```bash
+# Copy templates to the root
+cp -R .pipelines/templates/simple/ .pipelines/
+
+# Edit the following files
+.pipelines/pull.yml
+.pipelines/push.yml
+
+# Remove Actions
+rm -rf .github/
+```
+
+```powershell
+# Copy actions templates
+Copy-Item -Path ./.pipelines/templates/simple/* -Destination ./.pipelines/ -Recurse
+
+# Remove pipelines
+Remove-Item -Path ./.github/ -Recurse -Force
+```
+
+After running the script blocks, the following pipeline variables will need to be created.
+
+- ARM_CLIENT_ID
+- ARM_CLIENT_SECRET
+- ARM_TENANT_ID
+- ARM_SUBSCRIPTION_ID
+
+### Configure your repo to update changes from upstream
+
+1. Add upstream repo to your local repository to get latest changes
+
+Follow these steps in order to synchronize the latest changes from the upstream repo into your local repositories.
+
+Run the following git commands once you change your directory to your local fork to add a reference to the upstream repo
+
+```shell
+git remote -v
+git remote add upstream https://github.com/Azure/AzOps-Accelerator.git
+git remote -v
+```
+
+Execute the following git commands when you want to synchronize changes from upstream repo into your local fork:
+
+```shell
+git fetch upstream
+git pull upstream main --allow-unrelated-histories
+```

- Improving this README.MD file to provide a great experience
- Updating SUPPORT.MD with content about this project's support experience
- Understanding the security reporting process in SECURITY.MD
- Remove this section from the README

 ## Contributing

--- a/SUPPORT.md
+++ b/SUPPORT.md
@ -1,25 +1,26 @@
-# TODO: The maintainer of this repo has not yet edited this file
-
-**REPO OWNER**: Do you want Customer Service & Support (CSS) support for this product/project?
-
- **No CSS support:** Fill out this template with information about how to file issues and get help.
- **Yes CSS support:** Fill out an intake form at [aka.ms/spot](https://aka.ms/spot). CSS will work with/help you to determine next steps. More details also available at [aka.ms/onboardsupport](https://aka.ms/onboardsupport).
- **Not sure?** Fill out a SPOT intake as though the answer were "Yes". CSS will help you decide.
-
-*Then remove this first heading from this SUPPORT.MD file before publishing your repo.*
-
 # Support

-## How to file issues and get help  
-
-This project uses GitHub Issues to track bugs and feature requests. Please search the existing 
-issues before filing new issues to avoid duplicates.  For new issues, file your bug or 
-feature request as a new Issue.
-
-For help and questions about using this project, please **REPO MAINTAINER: INSERT INSTRUCTIONS HERE 
-FOR HOW TO ENGAGE REPO OWNERS OR COMMUNITY FOR HELP. COULD BE A STACK OVERFLOW TAG OR OTHER
-CHANNEL. WHERE WILL YOU HELP PEOPLE?**.
-
 ## Microsoft Support Policy

-Support for this **PROJECT or PRODUCT** is limited to the resources listed above.
+If issues are encountered when using template and code in this repo, users will be able to engage Microsoft support via their usual channels. Please provide corelation IDs where possible when contacting support to be able to investigate issue effectively and in timely fashion. For instruction on how to get deployments and correlation ID, please follow this link [here](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id).
+
+Following list of issues are within the scope of Microsoft support:
+
+- Tenant, Management Group, Subscription and Resource Group deployment
+- Az PowerShell commandlets e.g. Get-AzManagementGroup
+- ARM Deployment Issues e.g. template validation, CheckAccess API etc.
+- Git Actions/Azure DevOps pipeline itself however please note that PowerShell module will be supported via community support only.
+
+Any issues that deemed outside of the above list by Microsoft support and/or requires bugfix in the Template or Code in the repo, Microsoft support will redirect user to file the issue on GitHub.
+
+Project maintainers and community aim to get issues resolved in timely fashion as per community support policy of this repo.
+
+## Community Support Policy
+
+Project maintainers will aim to respond within 3 business days to get a meaningful response for any new issues.
+
+## How to file issues and get help
+
+This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates.  For new issues, file your bug or feature request as a new Issue.
+
+For help and questions about using this project, please submit a GitHub issue with corresponding [Issue Labels found here](https://github.com/Azure/AzOps/labels).
--- a/settings.json
+++ b/settings.json
@ -0,0 +1,34 @@
+{
+    "Version": 1,
+    "Static": {
+        "AzOps.Core.AutoInitialize": true,
+        "AzOps.Core.DefaultDeploymentRegion": "northeurope",
+        "AzOps.Core.EnrollmentAccountPrincipalName": "",
+        "AzOps.Core.ExcludedSubOffer": [
+            "AzurePass_2014-09-01",
+            "FreeTrial_2014-09-01",
+            "AAD_2015-09-01"
+        ],
+        "AzOps.Core.ExcludedSubState": [
+            "Disabled",
+            "Deleted",
+            "Warned",
+            "Expired"
+        ],
+        "AzOps.Core.ExportRawTemplate": false,
+        "AzOps.Core.GeneralizeTemplates": false,
+        "AzOps.Core.IgnoreContextCheck": false,
+        "AzOps.Core.InvalidateCache": true,
+        "AzOps.Core.MainTemplate": "",
+        "AzOps.Core.OfferType": "MS-AZR-0017P",
+        "AzOps.Core.PartialMgDiscoveryRoot": [],
+        "AzOps.Core.SkipPolicy": false,
+        "AzOps.Core.SkipResourceGroup": true,
+        "AzOps.Core.SkipRole": false,
+        "AzOps.Core.State": "",
+        "AzOps.Core.StateConfig": "",
+        "AzOps.Core.SupportPartialMgDiscovery": false,
+        "AzOps.Core.TemplateParameterFileSuffix": ".parameters.json",
+        "AzOps.Core.ThrottleLimit": 10
+    }
+}