From 686542cdf9e719f698023a4ee3e4293c364de795 Mon Sep 17 00:00:00 2001 From: Frode Flaten <3436158+fflaten@users.noreply.github.com> Date: Sat, 13 Apr 2024 21:27:29 +0000 Subject: [PATCH 1/2] Move Mail.Send security note to permissions section --- website/docs/monitoring/email.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/website/docs/monitoring/email.md b/website/docs/monitoring/email.md index 639012f0..943b63b5 100644 --- a/website/docs/monitoring/email.md +++ b/website/docs/monitoring/email.md @@ -25,6 +25,11 @@ The app that sends the email alerts needs the `Mail.Send` permission to send ema - Select **Grant admin consent for [your organization]** - Select **Yes** to confirm +:::info Important +It is recommended to limit the scope of the `Mail.Send` permission to only the mailbox that will be used to send the email alerts. + +This can be done by configuring an Application Access Policy in Exchange Online. For more information, see [Limiting application permissions to specific Exchange Online mailboxes](https://learn.microsoft.com/graph/auth-limit-mailbox-access). +::: ## Add the email alert step to your workflow @@ -62,9 +67,3 @@ Send-MtMail $results -Recipient $recipients -UserId $userId -TestResultsUri $tes $testResultsUri = "$(System.CollectionUri)$(System.TeamProject)/_build/results?buildId=$(Build.BuildId)" Send-MtMail $results -Recipient $recipients -UserId $userId -TestResultsUri $testResultsUri ``` - -:::info Important -It is recommended to limit the scope of the `Mail.Send` permission to only the mailbox that will be used to send the email alerts. - -This can be done by configuring an Application Access Policy in Exchange Online. For more information, see [Limiting application permissions to specific Exchange Online mailboxes](https://learn.microsoft.com/graph/auth-limit-mailbox-access). -::: From 582965ce558cc96f9481c3b817c13cb5e172a3a9 Mon Sep 17 00:00:00 2001 From: Frode Flaten <3436158+fflaten@users.noreply.github.com> Date: Sat, 13 Apr 2024 21:30:25 +0000 Subject: [PATCH 2/2] Fix headings in email alerts docs --- website/docs/monitoring/email.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/monitoring/email.md b/website/docs/monitoring/email.md index 943b63b5..dfec31d2 100644 --- a/website/docs/monitoring/email.md +++ b/website/docs/monitoring/email.md @@ -51,7 +51,7 @@ The Send-MtMail cmdlet has a `-TestResultsUri` parameter that can be used to inc To use this parameter, you need to provide the URL of the Maester results page. Use the appropriate url format based on the CI/CD system you are using. -## GitHub +### GitHub **Link:** `${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}` @@ -60,7 +60,7 @@ $testResultsUri = "${{ github.server_url }}/${{ github.repository }}/actions/run Send-MtMail $results -Recipient $recipients -UserId $userId -TestResultsUri $testResultsUri ``` -## Azure DevOps +### Azure DevOps **Link:** `$(System.CollectionUri)$(System.TeamProject)/_build/results?buildId=$(Build.BuildId)` ```powershell