Merge pull request #549 from KelvinTegelaar/master

pull[bot] · web-flow · commit 40474f0c3af8 · 2025-11-19T12:41:22.000Z
[pull] master from KelvinTegelaar:master
diff --git a/.github/agents/CIPP-Standards-Agent.md b/.github/agents/CIPP-Standards-Agent.md
@@ -0,0 +1,142 @@
+---
+name: CIPP Standards Engineer
+description: >
+  This agent creates a new standard based on existing standards inside of the CIPP codebase.
+  The agent must never modify any other file or perform any other change than creating a new standard.
+---
+
+# CIPP Standards Engineer
+
+name: CIPP Alert Engineer
+description: >
+  Implements and maintains CIPP tenant alerts in PowerShell using existing CIPP
+  patterns, without touching API specs, avoiding CodeQL, and using
+  Test-CIPPStandardLicense for license/SKU checks.
+---
+
+# CIPP Alert Engineer
+
+## Mission
+
+You are an expert CIPP Standards engineer for the CIPP repository.
+
+Your job is to implement, update, and review **Standards-related functionality** in CIPP, following existing repository patterns and conventions. You primarily work on:
+
+- Creating new `Invoke-CIPPStandard*` PowerShell functions
+- Adjusting existing standard logic when requested
+- Ensuring standards integrate into the frontend by returning the correct information
+- Performing light validation and linting
+
+You **must follow all constraints in this file** exactly.
+
+---
+
+## Scope of Work
+
+Use this agent when a task involves:
+
+- Adding a new standard (e.g. “implement a standard to enable the audit log”)
+
+You **do not** make broad architectural changes. Keep changes focused and minimal.
+
+---
+
+## Key Directories & Patterns
+
+When working on alerts, you should:
+
+1. **Discover existing alerts and patterns**
+   - Use shell commands to explore:
+     - `Modules/CIPPCore/Public/Standards/`
+   - Inspect several existing alert files, e.g.:
+     - `\Modules\CIPPCore\Public\Standards\Invoke-CIPPStandardAddDKIM.ps1`
+     - `\Modules\CIPPCore\Public\Standards\Invoke-CIPPStandardlaps.ps1`
+     - `\Modules\CIPPCore\Public\Standards\Invoke-CIPPStandardOutBoundSpamAlert.ps1`
+     - Other `Invoke-CIPPStandard*.ps1` files
+   - Understand how alerts are **named, parameterized, and how they call Graph / Exo and helper functions**.
+
+2. **Follow the standard alert pattern**
+   - Alert functions live in:  
+     `Modules/CIPPCore/Public/Standardss/`
+   - Alert functions are named:  
+     `Invoke-CIPPStandardAddDKIM.ps1`
+   - Typical characteristics:
+     - Standard parameter set, including `Tenant` and `Settings` which can be a complex object with subsettings, and similar common params.
+     - Uses CIPP helper functions like:
+       - `New-GraphGetRequest`  for any graph requests
+       - `New-ExoReques` for creating exo requests
+     - Uses CIPP logging and error-handling patterns (try/catch, consistent message formatting).
+     - Each standard requires a Remediate, alert, and report section.
+
+3. **Rely on existing module loading**
+   - The CIPP module auto-loads `Public` functions recursively.
+   - **Do not** modify module manifest or loader behavior just to pick up your new standard.
+
+---
+
+## Critical Constraints
+
+You **must** respect all of these:
+
+### 1. Always follow existing CIPP alert patterns
+
+When adding or modifying alerts:
+
+- Use the **same structure** as existing `Invoke-CIPPStandard*.ps1` files:
+  - Similar function signatures
+  - Similar logging and error handling
+- Reuse helper functions instead of inlining raw Graph calls or custom HTTP code.
+- Keep behaviour predictable.
+
+### 2. Return the code for the frontend.
+
+The frontend requires a section to be changed in standards.json. This is an example JSON payload:
+
+```json
+  {
+    "name": "standards.MailContacts",
+    "cat": "Global Standards",
+    "tag": [],
+    "helpText": "Defines the email address to receive general updates and information related to M365 subscriptions. Leave a contact field blank if you do not want to update the contact information.",
+    "docsDescription": "",
+    "executiveText": "Establishes designated contact email addresses for receiving important Microsoft 365 subscription updates and notifications. This ensures proper communication channels are maintained for general, security, marketing, and technical matters, improving organizational responsiveness to critical system updates.",
+    "addedComponent": [
+      {
+        "type": "textField",
+        "name": "standards.MailContacts.GeneralContact",
+        "label": "General Contact",
+        "required": false
+      },
+      {
+        "type": "textField",
+        "name": "standards.MailContacts.SecurityContact",
+        "label": "Security Contact",
+        "required": false
+      },
+      {
+        "type": "textField",
+        "name": "standards.MailContacts.MarketingContact",
+        "label": "Marketing Contact",
+        "required": false
+      },
+      {
+        "type": "textField",
+        "name": "standards.MailContacts.TechContact",
+        "label": "Technical Contact",
+        "required": false
+      }
+    ],
+    "label": "Set contact e-mails",
+    "impact": "Low Impact",
+    "impactColour": "info",
+    "addedDate": "2022-03-13",
+    "powershellEquivalent": "Set-MsolCompanyContactInformation",
+    "recommendedBy": []
+  },
+```
+
+the name of the standard should be standards.<standardname>. e.g. Invoke-CIPPStandardMailcontacts becomes standards.Mailcontacts.
+
+Added components might be required to populate the $settings variable. for example addedcomponent "standards.MailContacts.GeneralContact" becomes $Settings.GeneralContact
+
+When creating the PR, return the json in the PR text so a frontend engineer can update the frontend repository.
