Pipelines: CI pipeline

[migfontinha]

In the release pipeline add automated tests.

1. List in a table what should be tested:

• resources created
• ... LZ working??

2. Mark in the table what can be automated and what needs to be tested manually.

3. Implement automated tests for what is possible to automate.

4. Enable trigger on code changes. (when merging in develop and release branches see: https://webgate.ec.europa.eu/fpfis/wikis/display/CVTF/Landing+Zone%3A+Collaboration+Strategy)

Reference: https://docs.github.com/en/actions/guides/about-continuous-integration

[augustincolle-digit]

test	possible to automate	remark
Check deployed resources:     storage account     event hub     log analytics     Sentinel     security center     automation	yes
Diagnostic setting auto-deployment	yes, if deployment runs more than 30 minutes after Landing Zone deployment	requires up to 24h for policies to report compliant
Mail notification for Security Center	attack can be automated (cron-job, functions, …) email read is manual	requires an attack (RDP brute-force, SSH brute-force) requires up to 24h after the deployment to install agents
Mail notification for Azure Sentinel	attack can be automated (cron-job, functions, …) email read is manual	requires an attack (RDP brute-force, SSH brute-force) requires up to 24h after the deployment to install agents
check log in storage account	no, key required	requires up to 10 minutes after step 2
check log in event hub	no, key required	requires up to 10 minutes after step 2
check log in log analytics	no, key required	requires up to 10 minutes after step 2