Initial code review - add WinCerts Pack/Improve ADDS pack#202
Merged
josefehse merged 27 commits intoAzure:mainfrom Feb 16, 2026
Merged
Initial code review - add WinCerts Pack/Improve ADDS pack#202josefehse merged 27 commits intoAzure:mainfrom
josefehse merged 27 commits intoAzure:mainfrom
Conversation
added 27 commits
February 12, 2026 12:57
… all run.ps1 files and common.psm1 - Replace bare string outputs with Write-Host for consistent logging - Add Write-Log helper function to common.psm1 - Remove 4 commented-out functions (get-AMBAJsonFromRepo, get-AMBAJsonContent2, Install-azMonitorAgent, get-blobContentFromUrl2) - Remove ~300 lines of dead code total
- Add try/catch blocks to all 7 Function entry points - Return 400 Bad Request for missing/invalid inputs (Action, Resources, alerts) - Return 500 Internal Server Error on unhandled exceptions - Return 200 OK only on successful execution - Add input validation at top of each HTTP-triggered Function - Validate required fields before processing (Action, Resources, alerts, aGroup.id) - Add function name prefix to all Write-Host calls for log traceability - Remove dead/commented-out code (also covered by Phase 1 on separate branch) - Timer-triggered functions (opstasks, runDiscovery) now catch and log errors
- Add JSON Schema (Packs/PacksDef.schema.json) defining valid structure for pack definitions - Add validation script (tools/Validate-PacksDef.ps1) for local and CI use - Add GitHub Actions workflow (.github/workflows/validate-packs.yml) to validate on PR/push - Validates: required fields, Tag uniqueness/format, OS enum, RuleType enum, alertType enum, severity range (0-4), ISO 8601 durations, operator values, semver for clientAppVersion, .bicep extension for RuleNamePath - Current PacksDef.json (8 packs) passes all validations
- Add ErrorActionPreference=Stop so failures are not silent - Wrap all 8 build steps in individual try/catch blocks - Validate paths exist before Set-Location and Compress-Archive - Replace Set-Location navigation with absolute paths and Push/Pop-Location - Add numbered step progress output ([1/8] through [8/8]) - Add build summary with artifact list, sizes, and elapsed time - Exit with code 1 on any errors, code 0 on success - Script is now runnable from any working directory (uses repo-relative paths)
- Add Docs/function-api-reference.md with request/response format for all 6 HTTP endpoints - Update Docs/authoring.md with validation section (schema, script, CI, checks performed) - Update Docs/README.md to link to the new API reference
- Regenerated monstar.json and all zip artifacts via build.ps1 - Updated readmetest.md Deploy to Azure URL to point to revamp/test-all-phases branch
…cation package and alerts
…heduled task removal
…nt mismatch detected
- Replace wrong IIS alert with 39 AD-specific alerts: - 14 custom-table alerts (replication, time skew, bind, GC, FSMO, trusts, RID pool, disk, ATQ) - 1 event-based service alert (Service Control Manager 7036/7034/7031) - 24 event-based alerts (RID pool, auth, time sync, group policy, DNS, security) - Expand XPath queries: add System/Application logs for specific AD EventIDs - Expand adcollect.ps1 v1.1.0 with 10 new health checks: replication partners, pending ops, time skew, LDAP bind, GC response, FSMO reachability, trust validation, RID pool, SYSVOL/NETLOGON, GP, ATQ threads - Update Grafana dashboard with 14 new panels (health stats, replication, FSMO, charts) - Bump clientAppVersion to 1.1.0, repackage ADDS.zip
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Overview/Summary
New Packs/Code Review/Pack Update
This PR fixes/adds/changes/removes
Breaking Changes
N/A
Known Issues
Azure Monitor dashboards with Grafana are failing to import. Need to review mechanism and fix it.
Testing Evidence
Please provide any testing evidence to show that your Pull Request works/fixes as described and planned (include screenshots, if appropriate).
As part of this Pull Request I have
mainbranch