From 3b4f38d45c8e7ac3bb24c174d81479b919ac1650 Mon Sep 17 00:00:00 2001
From: Jordan Montgomery <elijah.jordan.montgomery@gmail.com>
Date: Wed, 30 Jul 2025 16:18:37 -0400
Subject: [PATCH] Add Github Action to create issues when there are new MS MDM
 Protocol Changes to Review (#31424)

The impetus for this was #31232 . Some MDM migrations and enrollments
broke because MDM Enrollment Protocol changes snuck in that we didn't
see

Now within 24h of Microsoft publishing changes to the MDM or MDE2
protocols we will get a github issue to review them

See #31423 for an example

# Checklist for submitter

## Testing


- [x] QA'd all new/changed functionality manually
---
 .github/workflows/check-ms-protocol-feeds.yml | 41 +++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 .github/workflows/check-ms-protocol-feeds.yml

diff --git a/.github/workflows/check-ms-protocol-feeds.yml b/.github/workflows/check-ms-protocol-feeds.yml
new file mode 100644
index 0000000000..f34a7a790c
--- /dev/null
+++ b/.github/workflows/check-ms-protocol-feeds.yml
@@ -0,0 +1,41 @@
+name: Check Microsoft MDM related protocol specification feeds for changes
+
+# This action will check Microsoft MDM related protocol specification feeds
+# for changes and create a Github issue for MDM engineers to review the changes
+
+on:
+  schedule:
+    # Daily at 8:35pm CDT (1:35am UTC) -- run during off-hours to prevent hitting GitHub API rate limit
+    - cron: "35 1 * * *"
+
+jobs:
+  check-ms-mdm-protocol-docs:
+    if: github.event.repository.owner.login == 'fleetdm'
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+      - name: Check MS-MDE2 feed
+        uses: git-for-windows/rss-to-issues@07a39c615e25aaf70dc0fd84df7345ca8941d85f # v0.0.12
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          feed: https://winprotocoldocs-bhdugrdyduf5h2e4.b02.azurefd.net/MS-MDE2/%5bMS-MDE2%5d.rss
+          prefix: "MDM: Review Microsoft MS-MDE2 Proto Change for new Request/Enrollment Versions: "
+          dry-run: false
+          max-age: 36h
+          labels: "#g-mdm"
+          url-only: true
+      - name: Check MS-MDM feed
+        uses: git-for-windows/rss-to-issues@07a39c615e25aaf70dc0fd84df7345ca8941d85f # v0.0.12
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          feed: https://winprotocoldocs-bhdugrdyduf5h2e4.b02.azurefd.net/MS-MDM/%5bMS-MDM%5d.rss
+          prefix: "MDM: Review Microsoft MS-MDM Proto Change for compatibility: "
+          dry-run: false
+          max-age: 36h
+          labels: "#g-mdm"
+          url-only: true