githubuniverseworkshops
diff --git a/‎LICENSE
+21 b/‎LICENSE
+21
diff --git a/‎azure_devops/1-configure.md
+86 b/‎azure_devops/1-configure.md
+86
diff --git a/‎azure_devops/2-audit.md
+208 b/‎azure_devops/2-audit.md
+208
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 GitHub
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
@@ -0,0 +1,86 @@
+# Configure credentials for GitHub Actions Importer
+
+In this lab, you will use the `configure` CLI command to set the required credentials and information for GitHub Actions Importer to use when working with Azure DevOps and GitHub.
+
+You will need to complete all of the setup instructions [here](./readme.md#configure-your-codespace) prior to performing this lab.
+
+## Configuring credentials
+
+1. Create an Azure DevOps personal access token (PAT).
+      __Note__: you can skip this step if you still have the PAT created during the setup steps [here](./readme.md#bootstrap-your-azure-devops-organization).
+      - Navigate to your existing organization (<https://dev.azure.com/:organization>) in your browser.
+      - In the top right corner of your screen, click `User settings`.
+      - Click `Personal access tokens`.
+      - Select `+ New Token`
+      - Name your token, select the organization where you want to use the token, and set your token to automatically expire after a set number of days.
+      - Select the following scopes (you may need to `Show all scopes` to reveal all scopes):
+         - Agents Pool: `Read`
+         - Build: `Read & execute`
+         - Code: `Read & write`
+         - Project and Team: `Read, write, & manage`
+         - Release: `Read`
+         - Service Connections: `Read`
+         - Task Groups: `Read`
+         - Variable Groups: `Read`
+      - Click `Create`.
+      - Copy the generated API token and save it in a safe location.
+
+2. Create a GitHub personal access token (PAT):
+      - Open github.com in a new browser tab.
+      - In the top right corner of the UI, click your profile photo and then click `Settings`.
+      - In the left panel, click `Developer Settings`.
+      - Click `Personal access tokens` and then `Tokens (classic)` (if present).
+      - Click `Generate new token` and then `Generate new token (classic)`. You may be required to authenticate with GitHub during this step.
+      - Name your token in the `Note` field.
+      - Select the following scope: `workflow`.
+      - Click `Generate token`.
+      - Copy the generated PAT and save it in a safe location.
+
+3. Run the `configure` CLI command:
+      - Select the `TERMINAL` tab from within the codespace terminal.
+      - Run the following command: `gh actions-importer configure`.
+      - Use the down arrow key to highlight `Azure DevOps`, press the spacebar to select, and then press enter to continue.
+      - At the GitHub PAT prompt, enter the GitHub PAT generated in step 2 and press enter.
+      - At the GitHub URL prompt, enter the GitHub instance URL or press enter to accept the default value (`https://github.com`).
+      - At the Azure DevOps token prompt, enter the access token from step 1 and press enter.
+      - At the Azure DevOps URL prompt, enter your Azure DevOps URL or press enter to accept the default value (`https://dev.azure.com`).
+      - At the prompt, enter your Azure DevOps organization name. This should be the same organization used in the setup steps [here](./readme.md#bootstrap-your-azure-devops-organization).
+      - At the prompt, enter your Azure DevOps project name. This should be the same project name used in the setup steps [here](./readme.md#bootstrap-your-azure-devops-organization).
+
+         ```console
+         $ gh actions-importer configure
+         ✔ Which CI providers are you configuring?: Azure DevOps
+         Enter the following values (leave empty to omit):
+         ✔ Personal access token for GitHub: ***************
+         ✔ Base url of the GitHub instance: https://github.com
+         ✔ Personal access token for Azure DevOps: ***************
+         ✔ Base url of the Azure DevOps instance: https://dev.azure.com
+         ✔ Azure DevOps organization name: :organization
+         ✔ Azure DevOps project name: :project
+         Environment variables successfully updated.
+         ```
+
+## Verify your environment
+
+To verify your environment is configured correctly, run the `update` CLI command. The `update` CLI command will download the latest version of GitHub Actions Importer to your codespace.
+
+1. In the codespace terminal, run the following command:
+
+   ```bash
+   gh actions-importer update
+   ```
+
+2. You should see a confirmation that you were logged into the GitHub Container Registry and the image was updated to the latest version.
+
+   ```console
+   $ gh actions-importer update
+   Login Succeeded
+   latest: Pulling from actions-importer/cli
+   Digest: sha256:a7d00dee8a37e25da59daeed44b1543f476b00fa2c41c47f48deeaf34a215bbb
+   Status: Image is up to date for ghcr.io/actions-importer/cli:latest
+   ghcr.io/actions-importer/cli:latest
+   ```
+
+### Next lab
+
+[Perform an audit of an Azure DevOps project](2-audit.md)
@@ -0,0 +1,208 @@
+# Perform an audit of an Azure DevOps project
+
+In this lab, you will use the `audit` command to get a high-level view of all pipelines in an Azure DevOps organization or project.
+
+The `audit` command will perform the following steps:
+
+1. Fetch all of the projects defined in an Azure DevOps organization.
+2. Convert each pipeline to their equivalent GitHub Actions workflow.
+3. Generate a report that summarizes how complete and complex of a migration is possible with GitHub Actions Importer.
+
+## Prerequisites
+
+1. Followed the steps [here](./readme.md#configure-your-codespace) to set up your GitHub Codespaces environment and bootstrap an Azure DevOps project.
+2. Completed the [configure lab](./1-configure.md#configuring-credentials).
+
+## Perform an audit
+
+You will now perform an audit against the bootstrapped Azure DevOps project. Answer the following questions before running this command:
+
+1. What is the Azure DevOps organization name that you want to audit?
+    - __:organization__. This should be the same organization used in the setup steps [here](./readme.md#bootstrap-your-azure-devops-organization)
+
+2. What is the Azure DevOps project name that you want to audit?
+    - __:project__. This should be the same project name used in the setup steps [here](./readme.md#bootstrap-your-azure-devops-organization)
+
+3. Where do you want to store the result?
+    - __tmp/audit__.  This can be any path within the working directory from which GitHub Actions Importer commands are executed.
+
+### Steps
+
+1. Navigate to the codespace terminal.
+2. Run the following command from the root directory:
+
+    ```bash
+    gh actions-importer audit azure-devops --output-dir tmp/audit
+    ```
+
+    __Note__: The Azure DevOps organization and project name can be omitted from the `audit` command because they were persisted in the `.env.local` file in the [configure lab](./1-configure.md). You can optionally provide these arguments on the command line with the `--azure-devops-organization` and `--azure-devops-project` CLI options.
+
+3. The command will list all the files written to disk in green when the command succeeds.
+
+## Inspect the output files
+
+1. Find the `audit_summary.md` file in the file explorer.
+2. Right-click the `audit_summary.md` file and select `Open Preview`.
+3. This file contains details that summarize what percentage of your pipelines were converted automatically.
+
+### Review audit summary
+
+#### Pipelines
+
+The pipeline summary section contains high level statistics regarding the conversion rate done by GitHub Actions Importer:
+
+```md
+## Pipelines
+
+Total: **5**
+
+- Successful: **5 (100%)**
+- Partially successful: **0 (0%)**
+- Unsupported: **0 (0%)**
+- Failed: **0 (0%)**
+
+### Job types
+
+Supported: **5 (100%)**
+
+- designer: **2**
+- YAML: **3**
+```
+
+Here are some key terms in the "Pipelines" section:
+
+- __Successful__ pipelines had 100% of the pipeline constructs and individual items converted automatically to their GitHub Actions equivalent.
+- __Partially successful__ pipelines had all of the pipeline constructs converted, however, there were some individual items (e.g. build tasks or build triggers) that were not converted automatically to their GitHub Actions equivalent.
+- __Unsupported__ pipelines are definition types that are not supported by GitHub Actions Importer. The following Azure DevOps pipeline types are supported:
+  - Classic (designer)
+  - YAML
+  - Release
+- __Failed__ pipelines encountered a fatal error when being converted. This can occur for one of three reasons:
+  - The pipeline was misconfigured and not valid in Azure DevOps.
+  - GitHub Actions Importer encountered an internal error when converting it.
+  - There was an unsuccessful network response, often due to invalid credentials, that caused the pipeline to be inaccessible.
+
+The "Job types" section will summarize which types of pipelines are being used and which are supported or unsupported by GitHub Actions Importer.
+
+#### Build steps
+
+The build steps summary section presents an overview of the individual build steps that are used across all pipelines and how many were automatically converted by GitHub Actions Importer.
+
+```md
+### Build steps
+
+Total: **14**
+
+Known: **14 (100%)**
+
+- script: **4**
+- DotNetCoreCLI@2: **2**
+- 2c65196a-54fd-4a02-9be8-d9d1837b7c5d@0: **2**
+- 333b11bd-d341-40d9-afcf-b32d5ce6f23b@2: **2**
+- e213ff0f-5d5c-4791-802d-52ea3e7be1f1@2: **2**
+- NodeTool@0: **1**
+- checkout: **1**
+
+Actions: **19**
+
+- run: **10**
+- actions/checkout@v2: **6**
+- nuget/setup-nuget@v1: **2**
+- actions/setup-node@v2: **1**
+```
+
+Here are some key terms in the "Build steps" section:
+
+- A __known__ build step is a step that was automatically converted to an equivalent action.
+- An __unknown__ build step is a step that was not automatically converted to an equivalent action.
+- An __unsupported__ build step is a step that is either:
+  - A step that is fundamentally not supported by GitHub Actions.
+  - A step that is configured in a way that is incompatible with GitHub Actions.
+- An __action__ is a list of the actions that were used in the converted workflows. This is important for the following scenarios:
+  - Gathering the list of actions to sync to your appliance if you use GitHub Enterprise Server.
+  - Defining an organization-level allowlist of actions that can be used. This list of actions is a comprehensive list of which actions their security and/or compliance teams will need to review.
+
+There is an equivalent breakdown of build triggers, environment variables, and other uncategorized items displayed in the audit summary file.
+
+#### Manual Tasks
+
+The manual tasks summary section presents an overview of the manual tasks that you will need to perform that GitHub Actions Importer is not able to complete automatically.
+
+```md
+### Manual tasks
+
+Total: **1**
+
+Self hosted runners: **1**
+
+- `mechamachine`: **1**
+```
+
+Here are some key terms in the "Manual tasks" section:
+
+- A __secret__ refers to a repository or organization level secret that is used by the converted pipelines. These secrets will need to be created manually in Actions in order for these pipelines to function properly.
+- A __self-hosted runner__ refers to a label of a runner that is referenced by a converted pipeline that is not a GitHub-hosted runner. You will need to manually define these runners in order for these pipelines to function properly.
+
+#### Files
+
+The final section of the audit report provides a manifest of all of the files that are written to disk during the audit. These files include:
+
+```md
+### Successful
+
+#### actions-importer-bootstrap/pipelines/pipeline2
+
+- [pipelines/actions-importer-bootstrap/pipelines/pipeline2/.github/workflows/pipeline2.yml](pipelines/actions-importer-bootstrap/pipelines/pipeline2/.github/workflows/pipeline2.yml)
+- [pipelines/actions-importer-bootstrap/pipelines/pipeline2/config.json](pipelines/actions-importer-bootstrap/pipelines/pipeline2/config.json)
+- [pipelines/actions-importer-bootstrap/pipelines/pipeline2/source.yml](pipelines/actions-importer-bootstrap/pipelines/pipeline2/source.yml)
+
+#### actions-importer-bootstrap/pipelines/pipeline1
+
+- [pipelines/actions-importer-bootstrap/pipelines/pipeline1/.github/workflows/pipeline1.yml](pipelines/actions-importer-bootstrap/pipelines/pipeline1/.github/workflows/pipeline1.yml)
+- [pipelines/actions-importer-bootstrap/pipelines/pipeline1/config.json](pipelines/actions-importer-bootstrap/pipelines/pipeline1/config.json)
+- [pipelines/actions-importer-bootstrap/pipelines/pipeline1/source.yml](pipelines/actions-importer-bootstrap/pipelines/pipeline1/source.yml)
+
+#### actions-importer-bootstrap/pipelines/custom-transformer-example
+
+- [pipelines/actions-importer-bootstrap/pipelines/custom-transformer-example/.github/workflows/custom-transformer-example.yml](pipelines/actions-importer-bootstrap/pipelines/custom-transformer-example/.github/workflows/custom-transformer-example.yml)
+- [pipelines/actions-importer-bootstrap/pipelines/custom-transformer-example/config.json](pipelines/actions-importer-bootstrap/pipelines/custom-transformer-example/config.json)
+- [pipelines/actions-importer-bootstrap/pipelines/custom-transformer-example/source.yml](pipelines/actions-importer-bootstrap/pipelines/custom-transformer-example/source.yml)
+```
+
+Each pipeline will have a variety of files written that include:
+
+- The original pipeline as it was defined in Azure DevOps.
+- Any network responses used to convert a pipeline.
+- The converted workflow.
+- Stack traces that can used to troubleshoot a failed pipeline conversion
+
+## Inspect the workflow usage .csv file
+
+1. Open the `tmp/audit/workflow_usage.csv` file in the file explorer.
+2. This file contains a comma-separated list of all actions, secrets, and runners that are used by each successfully converted pipeline:
+  
+    ```csv
+    Pipeline,Action,File path
+    actions-importer-bootstrap/pipelines/pipeline2,actions/checkout@v2,tmp/audit/pipelines/actions-importer-bootstrap/pipelines/pipeline2/.github/workflows/pipeline2.yml
+    actions-importer-bootstrap/pipelines/pipeline1,actions/checkout@v2,tmp/audit/pipelines/actions-importer-bootstrap/pipelines/pipeline1/.github/workflows/pipeline1.yml
+    actions-importer-bootstrap/pipelines/custom-transformer-example,actions/checkout@v2,tmp/audit/pipelines/actions-importer-bootstrap/pipelines/custom-transformer-example/.github/workflows/custom-transformer-example.yml
+    actions-importer-bootstrap/pipelines/custom-transformer-example,actions/setup-node@v2,tmp/audit/pipelines/actions-importer-bootstrap/pipelines/custom-transformer-example/.github/workflows/custom-transformer-example.yml
+
+    Pipeline,Secret,File path
+
+
+    Pipeline,Runner,File path
+    actions-importer-bootstrap/pipelines/pipeline2,mechamachine,tmp/audit/pipelines/actions-importer-bootstrap/pipelines/pipeline2/.github/workflows/pipeline2.yml
+    actions-importer-bootstrap/pipelines/custom-transformer-example,mechamachine,tmp/audit/pipelines/actions-importer-bootstrap/pipelines/custom-transformer-example/.github/workflows/custom-transformer-example.yml
+    ```
+
+The contents of this file can be useful in answering questions similar to the following:
+
+- What workflows will depend on which actions?
+- What workflows use an action that must go through a security review?
+- What workflows use specific secrets?
+- What workflows use specific runners?
+
+### Next lab
+
+[Forecast potential build runner usage](3-forecast.md)