Framework/Core/STMapping/AzSKADOServiceMapping.ps1

using namespace System.Management.Automation
Set-StrictMode -Version Latest 

class AzSKADOServiceMapping: CommandBase
{    
    [string] $OrgName
    [string] $ProjectName
    [string] $ProjectId
    [string] $BuildMappingsFilePath
    [string] $ReleaseMappingsFilePath
    [string] $RepositoryMappingsFilePath
    [string] $MappingType
    [string] $OutputFolderPath
    [string] $Auto = $false
    [switch] $UseCache #switch to read mapping details from cache
    [string] $StorageAccount; # Storage account name
    [string] $StorageRG;# Storage resource group name
    [string] $Container;# Storage Container to store ST mapping files
    [object] $StorageAccountCtx;     
    # Power BI Report Storage settings to store ST mapping files
    [string] $ReportStorageAccount;# Storage account name for Dashboard
    [string] $ReportStorageRG;# Storage resource group name for Dashboard
    [string] $ReportContainer;#Storage Container to store ST mapping files use by Power Bi resports
    [object] $ReportStorageAccountCtx; 
    [object] $Stopwatch;#Create a Stopwatch
    [string] $AzSKTempStatePath = [Constants]::AzSKTempFolderPath
    [ServiceMappingCacheHelper] $ServiceMappingCacheHelperObj;
    [int] $MappingExpirationLImit #Service id mapping expiration duration
    [bool] $resourceInCacheWithoutPipeline =$false #resource present in cache searched without pipeline reference
    $BuildSTDetails = @();
    $ReleaseSTDetails =@();
    $RepositorySTDetails =@();
    $storageCachedData = @();#inmemory cached mapping data
    $lastDuration =0 #track previous resource scan duration
    $IncrementalScan = $false;


    AzSKADOServiceMapping([string] $organizationName, [string] $projectName, [string] $buildFileLocation, [string] $releaseFileLocation, [string] $repositoryFileLocation,[string] $mappingType,[string] $auto,[switch] $useCache, [switch] $IncrementalScan, [InvocationInfo] $invocationContext): 
        Base($organizationName, $invocationContext) 
    { 
        $this.OrgName = $organizationName
        $this.ProjectName = $projectName
        $this.BuildMappingsFilePath = $buildFileLocation
        $this.ReleaseMappingsFilePath = $releaseFileLocation
        $this.RepositoryMappingsFilePath = $repositoryFileLocation
        $this.MappingType = $MappingType
        $this.Auto = $auto.ToLower();      
        $this.UseCache =  $useCache 
        $this.IncrementalScan = $IncrementalScan
        $this.StorageAccount = $env:StorageName;
        $this.StorageRG = $env:StorageRG;
        $this.Container = $env:Container;
        # Power BI Report Storage settings
        $this.ReportStorageAccount = $env:ReportStorageName;
        $this.ReportStorageRG = $env:ReportStorageRG;
        $this.ReportContainer = $env:ReportContainer;  
        # Set Service id mapping expiration duration
        $this.MappingExpirationLimit = $env:MappingExpirationLimit;         
        #get ServiceMapping cache helper instance
        $this.ServiceMappingCacheHelperObj = [ServiceMappingCacheHelper]::ServiceMappingCacheHelperInstance
        if (!$this.ServiceMappingCacheHelperObj) {
            $this.ServiceMappingCacheHelperObj = [ServiceMappingCacheHelper]::GetInstance($this.OrgName);
        }            
        [ServiceMappingCacheHelper]::TelemetryLogging("scan started",$null);
        #get storage details
        if($this.Auto -eq 'true'){
            if ($this.StorageRG -and $this.StorageAccount) {
                $keys = Get-AzStorageAccountKey -ResourceGroupName $this.StorageRG -Name $this.StorageAccount
                if ($null -eq $keys)
                {
                    $this.PublishCustomMessage("Status: Storage account not found.", [MessageType]::Error);
                }
                else {
                    #storage context to save ST files for ADO scanner
                    $StorageContext = New-AzStorageContext -StorageAccountName $this.StorageAccount -StorageAccountKey $keys[0].Value -Protocol Https                
                    $this.StorageAccountCtx = $StorageContext.Context;   
                }
                             
            }
            if ($this.ReportStorageRG -and $this.ReportStorageAccount) {
                $keys = Get-AzStorageAccountKey -ResourceGroupName $this.ReportStorageRG -Name $this.ReportStorageAccount
                if ($null -eq $keys)
                {
                    $this.PublishCustomMessage("Status: Storage account not found.", [MessageType]::Error);
                }
                else {
                   #storage context to save ST files for Power Bi reports
                    $ReportStorageContext = New-AzStorageContext -StorageAccountName $this.ReportStorageAccount -StorageAccountKey $keys[0].Value -Protocol Https                                
                    $this.ReportStorageAccountCtx = $ReportStorageContext.Context;  
                }
                             
            }
        }
    }
    
    [MessageData[]] GetSTmapping()
    {       
        $this.Stopwatch =  [system.diagnostics.stopwatch]::StartNew() 
        $this.Stopwatch.Start();   
        
        if(!$this.Auto -eq 'true')
        {
            if([string]::IsNullOrWhiteSpace($this.RepositoryMappingsFilePath) -or [string]::IsNullOrWhiteSpace($this.BuildMappingsFilePath) -or [string]::IsNullOrWhiteSpace($this.ReleaseMappingsFilePath))
            {
                return "File Path not valid.";
            }
            if(![string]::IsNullOrWhiteSpace($this.BuildMappingsFilePath) -and ![string]::IsNullOrWhiteSpace($this.ReleaseMappingsFilePath))
            {
                if(!(Test-Path $this.BuildMappingsFilePath) -or !(Test-Path $this.ReleaseMappingsFilePath))
                {   
                    return "File Path not valid.";
                }           
            }
        }
        $this.SaveScanDuration("Repository scan started", $false)            
        $this.GetRepositoryMapping();
        $this.SaveScanDuration("Repository scan ended",$true)
        
        #fetch all the cached mappings from cache and add to in-memory collection
        $this.storageCachedData = $this.ServiceMappingCacheHelperObj.GetWorkItemByHashAzureTable("All", "","","", $this.projectId)

        [ServiceMappingCacheHelper]::TelemetryLogging("GetSTmapping",$null);        
       
        $this.GetBuildReleaseMapping();              
        if ([string]::IsNullOrWhiteSpace($this.MappingType) -or $this.MappingType -eq "All" -or $this.MappingType -eq "ServiceConnection")
        {
            $this.SaveScanDuration("Service Connections scan started", $false)
            $this.FetchSvcConnMapping();
            $this.SaveScanDuration("Service Connections scan ended",$true)
        }
        if ([string]::IsNullOrWhiteSpace($this.MappingType) -or $this.MappingType -eq "All" -or $this.MappingType -eq "AgentPool")
        {
            $this.SaveScanDuration("Agent Pool scan started", $false)
            $this.FetchAgentPoolMapping();
            $this.SaveScanDuration("Agent Pool scan ended",$true)
        }
        if ([string]::IsNullOrWhiteSpace($this.MappingType) -or $this.MappingType -eq "All" -or $this.MappingType -eq "Environment")
        {
            $this.SaveScanDuration("Environment scan started", $false)
            $this.FetchEnvironmentMapping();
            $this.SaveScanDuration("Environment scan ended",$true)
        }
        if ([string]::IsNullOrWhiteSpace($this.MappingType) -or $this.MappingType -eq "All" -or $this.MappingType -eq "VariableGroup" -or $this.MappingType -eq "SecureFile")
        {
            $this.SaveScanDuration("VariableGroup/SecureFile scan started", $false)                    
            [ServiceMappingCacheHelper]::TelemetryLogging("GetSTmapping",$null);                   
            if($this.IncrementalScan){
                if ([string]::IsNullOrWhiteSpace($this.MappingType) -or $this.MappingType -eq "All" -or $this.MappingType -eq "VariableGroup"){
                    $this.FindSTForVGWithIncremental();
    
                }
                if ([string]::IsNullOrWhiteSpace($this.MappingType) -or $this.MappingType -eq "All" -or $this.MappingType -eq "SecureFile"){
                    $this.FindSTForSecureFileWithIncremental();
                }
            }
            else{
                $this.FetchVarGrpSecureFileMapping();
            }
            $this.SaveScanDuration("VariableGroup/SecureFile scan ended",$true)
        }
        if ([string]::IsNullOrWhiteSpace($this.MappingType) -or $this.MappingType -eq "All" -or $this.MappingType -eq "Feed")
        {
            $this.SaveScanDuration("Feed scan started", $false)
            $this.FetchFeedMapping();
            $this.SaveScanDuration("Feed scan ended",$true)
        }
    
        
        [MessageData[]] $returnMsgs = @();
        $returnMsgs += [MessageData]::new("Returning service mappings.");
        return $returnMsgs
    }
    
    hidden  GetBuildReleaseMapping()
    {  
        [ServiceMappingCacheHelper]::TelemetryLogging("GetBuildReleaseMapping",$null);
        $this.SaveScanDuration("Build's repo scan started", $false)
        if($this.Auto -eq 'true'){
            $response = Get-AzStorageBlob -Blob 'BuildServiceMappingData.json' -Container $this.Container -Context $this.StorageAccountCtx 
            $this.BuildSTDetails = $response.ICloudBlob.DownloadText() | ConvertFrom-Json         
        }
        else {
            $this.BuildSTDetails = Get-content $this.BuildMappingsFilePath | ConvertFrom-Json    
        }        
        if ([Helpers]::CheckMember($this.BuildSTDetails, "data") -and ($this.BuildSTDetails.data | Measure-Object).Count -gt 0){
            $this.BuildSTDetails.data = $this.BuildSTDetails.data | where-object {$_.ProjectName -eq $this.ProjectName}            
            if (($this.BuildSTDetails.data | Measure-Object).Count -gt 0){
                $this.ProjectId = $this.BuildSTDetails.data[0].projectId;
            }
        }   
        if($this.UseCache)
        {
            $buildRepoList = $this.storageCachedData | Where-Object {($_.ResourceType -eq 'Repo') -and ($_.PipelineType -eq 'Build')}            
            foreach($buildRepo in $buildRepoList)
            {
                $this.BuildSTDetails.data+=@([PSCustomObject] @{ buildDefinitionName = $buildRepo.PipelineName; buildDefinitionID = $buildRepo.PipelineID; serviceID = $buildRepo.ServiceTreeID; projectName = $this.ProjectName; projectID = $buildRepo.ProjectID; orgName = $buildRepo.OrgName } )                            
            }
        }
        else {
                   
            # Get Build-Repo mappings
            try {            
                $buildObjectListURL = ("https://dev.azure.com/{0}/{1}/_apis/build/definitions?queryOrder=lastModifiedDescending&api-version=6.0" +'&$top=10000') -f $($this.orgName), $this.projectName;       
                $buildObjectList = $this.GetBuildReleaseObjects($buildObjectListURL,'Build');
                $buildObjectList = $buildObjectList | Where-Object {$_.id -notin $this.BuildSTDetails.data.buildDefinitionID}            
                $counter =0
                foreach ($build in $buildObjectList) {               
                    try {                
                        $counter++
                        Write-Progress -Activity 'Build mappings...' -CurrentOperation $build.name -PercentComplete (($counter / $buildObjectList.count) * 100)                                   
                        $buildDefnObj = [WebRequestHelper]::InvokeGetWebRequest($build.url);
                        $repositoryName = $buildDefnObj.repository.name;
                        $repoSTData = $this.RepositorySTDetails.Data | Where-Object { ($_.repoName -eq $repositoryName)};                    
                        if($repoSTData -and $repoSTData.repoID -ne ""){
                            $this.BuildSTDetails.data+=@([PSCustomObject] @{ buildDefinitionName = $build.name; buildDefinitionID = $build.id; serviceID = $repoSTData.serviceID; projectName = $repoSTData.projectName; projectID = $repoSTData.projectID; orgName = $repoSTData.orgName } )                            
                            #Save repo mappings in azure table
                            $this.AddMappinginfoInCache( $this.OrgName,$this.projectId,$build.id,$build.name, $repoSTData.serviceID,$build.createdDate,$repoSTData.repoID,$repositoryName,"Repo","Build",(Get-date).AddDays($this.MappingExpirationLimit));                         
                        }
                    }
                    catch{

                    }           
                }   
                [ServiceMappingCacheHelper]::TelemetryLogging("GetBuildReleaseMapping completed",$null);     
            }
            catch {           
            }  
        } 
        if($this.UseCache)
        {
            $this.ExportObjToJsonFile($this.BuildSTDetails, 'BuildSTData.json');
            $this.ExportObjToJsonFileUploadToBlob($this.BuildSTDetails, 'BuildSTData.json');
        }
        $this.SaveScanDuration("Build's repo scan ended", $true)

        $this.SaveScanDuration("Release's repo releases scan started", $false)
        if($this.Auto -eq 'true'){
            $response = Get-AzStorageBlob -Blob 'ReleaseServiceMappingData.json' -Container $this.Container -Context $this.StorageAccountCtx 
            $this.ReleaseSTDetails = $response.ICloudBlob.DownloadText() | ConvertFrom-Json         
        }
        else {
            $this.ReleaseSTDetails = Get-content $this.ReleaseMappingsFilePath | ConvertFrom-Json     
        }        
               
        if ([Helpers]::CheckMember($this.ReleaseSTDetails, "data") -and ($this.ReleaseSTDetails.data | Measure-Object).Count -gt 0)
        {
            $this.ReleaseSTDetails.data = $this.ReleaseSTDetails.data | where-object {$_.ProjectName -eq $this.ProjectName}
            if (($this.ReleaseSTDetails.data | Measure-Object).Count -gt 0 -and [string]::IsNullOrWhiteSpace($this.ProjectId))
            {
                $this.ProjectId = $this.ReleaseSTDetails.data[0].projectId
            }
        }       
        [ServiceMappingCacheHelper]::TelemetryLogging("GetBuildReleaseMapping - release",$null); 
        
        if($this.UseCache)
        {
            $releaseRepoList = $this.storageCachedData | Where-Object {($_.ResourceType -in ('Repo','ArtifactBuild')) -and ($_.PipelineType -eq 'Release')}
            foreach($releaseRepo in $releaseRepoList)
            {   
                $this.ReleaseSTDetails.data+=@([PSCustomObject] @{ releaseDefinitionName = $releaseRepo.PipelineName; releaseDefinitionID = $releaseRepo.PipelineID; serviceID = $releaseRepo.ServiceTreeID; projectName = $this.ProjectName; projectID = $releaseRepo.ProjectID; orgName = $releaseRepo.OrgName } )                                                                                                                                                                                          
            }
        }
        else {       
            # Get Release-Repo mappings
            try {                         
                $releaseObjectListURL = ("https://vsrm.dev.azure.com/{0}/{1}/_apis/release/definitions?api-version=6.0" ) -f $($this.orgName), $this.projectName;    
                $releaseObjectList = $this.GetBuildReleaseObjects($ReleaseObjectListURL,'Release');
                $releaseObjectList = $releaseObjectList | Where-Object {$_.id -notin $this.ReleaseSTDetails.data.releaseDefinitionID}                     
                $counter =0
                foreach ($release in $releaseObjectList) {  
                    try { 
                        $counter++
                        Write-Progress -Activity 'Release mappings...' -CurrentOperation $release.name -PercentComplete (($counter / $releaseObjectList.count) * 100)                                                     
                        $releaseDefnObj = [WebRequestHelper]::InvokeGetWebRequest($release.url);                      
                            if($releaseDefnObj[0].artifacts)
                            {
                                    $type = $releaseDefnObj[0].artifacts.type;
                                    switch ($type)
                                        {
                                        {($_ -eq "GitHubRelease") -or ($_ -eq "Git")}{
                                            $repositoryName =$releaseDefnObj[0].artifacts.definitionReference.definition.name;
                                            $repoSTData = $this.RepositorySTDetails.Data | Where-Object { ($_.repoName -eq $repositoryName)};
                                            if($repoSTData -and $repoSTData.repoID -ne ""){
                                                $this.ReleaseSTDetails.data+=@([PSCustomObject] @{ releaseDefinitionName = $release.name; releaseDefinitionID = $release.id; serviceID = $repoSTData.serviceID; projectName = $repoSTData.projectName; projectID = $repoSTData.projectID; orgName = $repoSTData.orgName } )                            
                                                #Save repo mappings in azure table
                                                $this.AddMappinginfoInCache( $this.OrgName,$this.projectId,$release.id,$release.name, $repoSTData.serviceID,$release.modifiedOn,$repoSTData.repoID,$repositoryName,"Repo","Release",(Get-date).AddDays($this.MappingExpirationLimit));                         
                                            } 
                                        }
                                        Build {  
                                            $buildSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $releaseDefnObj[0].artifacts.definitionReference.definition.id) -and ($_.projectID -eq $releaseDefnObj[0].artifacts.definitionReference.project.id)};
                                            If($buildSTData){
                                                $this.ReleaseSTDetails.data+=@([PSCustomObject] @{ releaseDefinitionName = $release.name; releaseDefinitionID = $release.id; serviceID = $buildSTData.serviceID; projectName = $buildSTData.projectName; projectID = $buildSTData.projectID; orgName = $buildSTData.orgName } )                                                                                                                    
                                                $this.AddMappinginfoInCache( $this.OrgName,$this.projectId,$release.id,$release.name, $buildSTData.serviceID,$release.modifiedOn,$buildSTData.buildDefinitionID,$buildSTData.buildDefinitionName,"ArtifactBuild","Release",(Get-date).AddDays($this.MappingExpirationLimit));                         
                                            }
                                        }                                                                                                                                                                                           
                                    }
                            }                                           
                    }
                    catch{

                    }                
                }                                
            }
            catch {
            
            }
        }
        if($this.UseCache)
        {
            $this.ExportObjToJsonFile($this.ReleaseSTDetails, 'ReleaseSTData.json');
            $this.ExportObjToJsonFileUploadToBlob($this.ReleaseSTDetails, 'ReleaseSTData.json');            
        }
        $this.SaveScanDuration("Release's repo releases scan ended", $false)
        [ServiceMappingCacheHelper]::TelemetryLogging("GetBuildReleaseMapping - completed",$null);
    }

    hidden GetRepositoryMapping() {  
        [ServiceMappingCacheHelper]::TelemetryLogging("GetRepositoryMapping - started",$null);
        if($this.Auto -eq 'true'){
            $response = Get-AzStorageBlob -Blob 'RepoServiceMappingData.json' -Container $this.Container -Context $this.StorageAccountCtx 
            $this.RepositorySTDetails = $response.ICloudBlob.DownloadText() | ConvertFrom-Json         
        }
        else {
            $this.RepositorySTDetails = Get-content $this.RepositoryMappingsFilePath | ConvertFrom-Json     
        }         
        if ([Helpers]::CheckMember($this.RepositorySTDetails, "data") -and ($this.RepositorySTDetails.data | Measure-Object).Count -gt 0)
        {
            $this.RepositorySTDetails.data = $this.RepositorySTDetails.data | where-object {$_.ProjectName -eq $this.ProjectName}
            if (($this.RepositorySTDetails.data | Measure-Object).Count -gt 0)
            {
                $this.ProjectId = $this.RepositorySTDetails.data[0].projectId
            }
        }
        if($this.UseCache)
        {        
            $this.ExportObjToJsonFile($this.RepositorySTDetails, 'RepositorySTData.json');
            $this.ExportObjToJsonFileUploadToBlob($this.RepositorySTDetails, 'RepositorySTData.json');
        }
        [ServiceMappingCacheHelper]::TelemetryLogging("GetRepositoryMapping - completed",$null);
    }

    hidden ExportObjToJsonFile($serviceMapping, $fileName) {   
        $folderPath ="/" + $this.OrgName.ToLower() + "/" + $this.ProjectName.ToLower(); 
        if($this.auto -eq "true"){
            $this.OutputFolderPath = $this.AzSKTempStatePath + $folderPath;
        }
        else {
            $this.OutputFolderPath = [WriteFolderPath]::GetInstance().FolderPath + $folderPath;         
        }
        If(!(test-path $this.OutputFolderPath)){
            New-Item -ItemType Directory -Force -Path $this.OutputFolderPath
        }                    
        $serviceMapping | ConvertTo-Json -Depth 10 | Out-File (Join-Path $this.OutputFolderPath $fileName) -Encoding ASCII        
    }

    hidden ExportObjToJsonFileUploadToBlob($serviceMapping, $fileName) {
        if($this.auto -eq "true"){
            
        $fileName =$this.OrgName.ToLower() + "/" + $this.ProjectName.ToLower() + "/" + $fileName
            if ($null -ne $this.StorageAccountCtx){
                Set-AzStorageBlobContent -Container $this.Container -File (Join-Path $this.AzSKTempStatePath $fileName) -Blob $fileName -Context $this.StorageAccountCtx -Force
            }
            if ($null -ne $this.ReportStorageAccountCtx){
                Set-AzStorageBlobContent -Container $this.ReportContainer -File (Join-Path $this.AzSKTempStatePath $fileName) -Blob $fileName -Context $this.ReportStorageAccountCtx -Force
            }        
        }
    }
  
    hidden [bool] FetchSvcConnMapping() {  
        $svcConnSTMapping = @{
            data = @();
        };
        try{
            $serviceEndpointURL = ("https://dev.azure.com/{0}/{1}/_apis/serviceendpoint/endpoints?api-version=6.0-preview.4") -f $this.OrgName, $this.ProjectName;
            $serviceEndpointObj = [WebRequestHelper]::InvokeGetWebRequest($serviceEndpointURL)

            $Connections = $null
            if (([Helpers]::CheckMember($serviceEndpointObj, "count") -and $serviceEndpointObj[0].count -gt 0) -or (($serviceEndpointObj | Measure-Object).Count -gt 0 -and [Helpers]::CheckMember($serviceEndpointObj[0], "name"))) {
                $Connections = $serviceEndpointObj
            }

            $this.PublishCustomMessage(([Constants]::DoubleDashLine))
            $this.PublishCustomMessage("Generating service mappings of service connections for project [$($this.ProjectName)]...")
            $this.PublishCustomMessage("Total service connections to be mapped: $(($Connections | Measure-Object).Count)")
            $counter = 0
            
            $apiURL = "https://{0}.visualstudio.com/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1" -f $this.OrgName
            $sourcePageUrl = "https://{0}.visualstudio.com/{1}/_settings/adminservices" -f $this.OrgName, $this.ProjectName;

            #generate access token with datastudio api audience
            $accessToken = [ContextHelper]::GetDataExplorerAccessToken($true)

            $Connections | ForEach-Object {

                $counter++            
                Write-Progress -Activity 'Service connection mappings...' -CurrentOperation $_.Name -PercentComplete (($counter / $Connections.count) * 100)                            
                $inputbody = "{'contributionIds':['ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider'],'dataProviderContext':{'properties':{'serviceEndpointId':'$($_.id)','projectId':'$($this.projectId)','sourcePage':{'url':'$($sourcePageUrl)','routeId':'ms.vss-admin-web.project-admin-hub-route','routeValues':{'project':'$($this.ProjectName)','adminPivot':'adminservices','controller':'ContributedPage','action':'Execute'}}}}}" | ConvertFrom-Json
                $responseObj = [WebRequestHelper]::InvokePostWebRequest($apiURL, $inputbody); 
                
                try {
                    if ([Helpers]::CheckMember($responseObj, "dataProviders") -and $responseObj.dataProviders."ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider") {
                    
                        #set true when STMapping not found in build & release STData files and need to recheck for azurerm type
                        $unmappedSerConn = $true;                   
    
                        $serviceConnEndPointDetail = $responseObj.dataProviders."ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider"
                        if ($serviceConnEndPointDetail -and [Helpers]::CheckMember($serviceConnEndPointDetail, "serviceEndpointExecutionHistory") ) {
                            $svcConnJobs = $serviceConnEndPointDetail.serviceEndpointExecutionHistory.data
    
                            #Arranging in descending order of run time.
                            $svcConnJobs = $svcConnJobs | Sort-Object startTime -Descending
                            #Taking Unique runs
                            $svcConnJobs = $svcConnJobs | Select-Object @{l = 'id'; e ={$_.definition.id}}, @{l = 'name'; e ={$_.definition.name}}, @{l = 'planType'; e ={$_.planType}} -Unique
                                            
                            foreach ($job in $svcConnJobs)
                            {                         
                                if ($job.planType -eq "Build") {
                                    $buildSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $job.id) };
                                    if($buildSTData){
                                        $svcConnSTMapping.data += @([PSCustomObject] @{ serviceConnectionName = $_.Name; serviceConnectionID = $_.id; serviceID = $buildSTData.serviceID; projectName = $buildSTData.projectName; projectID = $buildSTData.projectID; orgName = $buildSTData.orgName } )
                                        $unmappedSerConn = $false; 
                                        break;
                                    }                                   
                                    
                                }
                                elseif ($job.planType -eq "Release") {
                                    $releaseSTData = $this.ReleaseSTDetails.Data | Where-Object { ($_.releaseDefinitionID -eq $job.id)};
                                    if($releaseSTData){
                                        $svcConnSTMapping.data += @([PSCustomObject] @{ serviceConnectionName = $_.Name; serviceConnectionID = $_.id; serviceID = $releaseSTData.serviceID; projectName = $releaseSTData.projectName; projectID = $releaseSTData.projectID; orgName = $releaseSTData.orgName } )
                                        $unmappedSerConn = $false; 
                                        break;
                                    }                                  
                                }
                            }
                        }
                        if($serviceConnEndPointDetail -and $unmappedSerConn) 
                        {
                            if ($serviceConnEndPointDetail.serviceEndpoint.type -eq "azurerm")
                            {
                                try {                                
                                    $responseObj = $this.GetServiceIdWithSubscrId($serviceConnEndPointDetail.serviceEndpoint.data.subscriptionId,$accessToken)                       
                                    if($responseObj)
                                    {
                                          $serviceId = $responseObj[2].Rows[0][4];
                                          $svcConnSTMapping.data += @([PSCustomObject] @{ serviceConnectionName = $_.Name; serviceConnectionID = $_.id; serviceID = $serviceId; projectName =  $_.serviceEndpointProjectReferences.projectReference.name; projectID = $_.serviceEndpointProjectReferences.projectReference.id; orgName = $this.OrgName } )                                    
                                    }
                                }
                                catch {
                                    
                                }                             
    
                            }   
                        }
                    }
                }
                catch {
                     #eat exception
                }   
                 
            }
        }
        catch
        {
            #eat exception
        }
        $this.PublishCustomMessage("Service mapping found: $(($svcConnSTMapping.data | Measure-Object).Count)", [MessageType]::Info)
        if($this.UseCache)
        {            
            $this.ExportObjToJsonFile($svcConnSTMapping.data, 'ServiceConnectionSTData.json');
            $this.ExportObjToJsonFileUploadToBlob($svcConnSTMapping.data, 'ServiceConnectionSTData.json');
        }
        return $true;
    }

    hidden [bool] FetchAgentPoolMapping() {
        $agentPoolSTMapping = @{
            data = @();
        };

        try{
            $agentPoolsDefnURL = ("https://{0}.visualstudio.com/{1}/_settings/agentqueues?__rt=fps&__ver=2") -f $this.OrgName, $this.ProjectName;
            $agentPoolsDefnsObj = [WebRequestHelper]::InvokeGetWebRequest($agentPoolsDefnURL);
            #generate access token with datastudio api audience
            $accessToken = [ContextHelper]::GetDataExplorerAccessToken($true)
            $taskAgentQueues = $null;           

            if (([Helpers]::CheckMember($agentPoolsDefnsObj, "fps.dataProviders.data") ) -and (($agentPoolsDefnsObj.fps.dataProviders.data."ms.vss-build-web.agent-queues-data-provider") -and $agentPoolsDefnsObj.fps.dataProviders.data."ms.vss-build-web.agent-queues-data-provider".taskAgentQueues)) {
                $taskAgentQueues = $agentPoolsDefnsObj.fps.dataProviders.data."ms.vss-build-web.agent-queues-data-provider".taskAgentQueues | where-object{$_.pool.isLegacy -eq $false}; 
            }
            
            $this.PublishCustomMessage(([Constants]::DoubleDashLine))
            $this.PublishCustomMessage("Generating service mappings of agent pool for project [$($this.ProjectName)]...")
            $this.PublishCustomMessage("Total agent pool to be mapped: $(($taskAgentQueues | Measure-Object).Count)")
            $counter = 0

            $taskAgentQueues | ForEach-Object {
                $counter++
                Write-Progress -Activity 'Agent pool mappings...' -CurrentOperation $_.Name -PercentComplete (($counter / $taskAgentQueues.count) * 100)
                $unmappedAgentPool = $true;
                $agtPoolId = $_.id
                $agtPoolName = $_.name
                $agentPoolsURL = "https://{0}.visualstudio.com/{1}/_settings/agentqueues?queueId={2}&__rt=fps&__ver=2" -f $this.orgName, $this.ProjectName, $agtPoolId
                $agentPool = [WebRequestHelper]::InvokeGetWebRequest($agentPoolsURL);

                if (([Helpers]::CheckMember($agentPool[0], "fps.dataProviders.data") ) -and ($agentPool[0].fps.dataProviders.data."ms.vss-build-web.agent-jobs-data-provider")) {
                    $agentPoolJobs = $agentPool[0].fps.dataProviders.data."ms.vss-build-web.agent-jobs-data-provider".jobs | Where-Object { $_.scopeId -eq $this.ProjectId };

                    #Arranging in descending order of run time.
                    $agentPoolJobs = $agentPoolJobs | Sort-Object queueTime -Descending
                    #Taking unique runs
                    $agentPoolJobs = $agentPoolJobs | Select-Object @{l = 'id'; e ={$_.definition.id}}, @{l = 'name'; e ={$_.definition.name}}, @{l = 'planType'; e ={$_.planType}} -Unique
                    #If agent pool has been queued at least once

                    foreach ($job in $agentPoolJobs){
                        if ($job.planType -eq "Build") {
                            $buildSTData = $this.BuildSTDetails.data | Where-Object { ($_.buildDefinitionID -eq $job.id)};
                            if($buildSTData){
                                $agentPoolSTMapping.data += @([PSCustomObject] @{ agentPoolName = $_.Name; agentPoolID = $_.id; serviceID = $buildSTData.serviceID; projectName = $buildSTData.projectName; projectID = $buildSTData.projectID; orgName = $buildSTData.orgName } )
                                $unmappedAgentPool = $false;
                                break;
                            }
                        }
                        elseif ($job.planType -eq "Release") {
                            $releaseSTData = $this.ReleaseSTDetails.data | Where-Object { ($_.releaseDefinitionID -eq $job.id)};
                            if($releaseSTData){
                                $agentPoolSTMapping.data += @([PSCustomObject] @{ agentPoolName = $_.Name; agentPoolID = $_.id; serviceID = $releaseSTData.serviceID; projectName = $releaseSTData.projectName; projectID = $releaseSTData.projectID; orgName = $releaseSTData.orgName } )
                                $unmappedAgentPool = $false;
                                break;
                            }
                        }
                    }
                }
                if($unmappedAgentPool)
                {
                    $agentList = $agentPool[0].fps.dataProviders.data."ms.vss-build-web.agent-pool-data-provider".agents;
                    $exit = $false
                    $agentList | Where-Object {$exit -eq $false} | ForEach-Object {                                                
                        $agtName = $_.Name 
                        $responseObj = $this.GetAgentSubscrId($agtName)
                        if($responseObj)
                        {
                           $logsRows = $responseObj.tables[0].rows;
                           if($logsRows.count -gt 0){
                               $agentSubscriptionID = $logsRows[0][18];
                               try {
                                        $response = $this.GetServiceIdWithSubscrId($agentSubscriptionID,$accessToken)                               
                                        if($response){
                                                $serviceId = $response[2].Rows[0][4];
                                                $agentPoolSTMapping.data += @([PSCustomObject] @{ agentPoolName = $agtPoolName; agentPoolID = $agtPoolId; serviceID = $serviceId; projectName = $this.projectName; projectID = $this.projectId; orgName = $organizationName } );
                                                $exit = $true
                                            } 
                                    }
                              catch {
                                }                                
                           }
                        }                                                
                    }
                }
            }
        }
        catch
        {
            #eat exception
        }
        $this.PublishCustomMessage("Service mapping found: $(($agentPoolSTMapping.data | Measure-Object).Count)", [MessageType]::Info)
        if($this.UseCache)
        {            
            $this.ExportObjToJsonFile($agentPoolSTMapping.data, 'AgentPoolSTData.json');
            $this.ExportObjToJsonFileUploadToBlob($agentPoolSTMapping.data, 'AgentPoolSTData.json');
        }
        return $true;
    }

    hidden [bool] FetchVarGrpSecureFileMapping() {  
      
        [ServiceMappingCacheHelper]::TelemetryLogging("FetchVarGrpSecureFileMapping - started",$null);
        $topNQueryString = '&$top=10000'
        [System.Collections.Generic.List[psobject]]$varGrps = @();
        #This variable is used to store details returned from variable group file api(fetching all the variable group details in one call)
        [System.Collections.Generic.List[psobject]]$vgDetails = @();        
        [System.Collections.Generic.List[psobject]]$secureFiles = @();
        #This variable is used to store details returned from secure file api(fetching all the secure file details in one call)
        [System.Collections.Generic.List[psobject]]$secureFileDetails = @();
        #generate access token with datastudio api audience
        $accessToken = [ContextHelper]::GetDataExplorerAccessToken($true)
        $variableGroupSTMapping = @{
            data = @();
        };

        $secureFileSTMapping = @{
            data = @();
        };

        try {                               
            $releaseDefnURL = ("https://vsrm.dev.azure.com/{0}/{1}/_apis/release/definitions?api-version=6.0" +$topNQueryString) -f $($this.OrgName), $this.ProjectName;
            $releaseDefnsObj = [WebRequestHelper]::InvokeGetWebRequest($releaseDefnURL);            
                
            if (([Helpers]::CheckMember($releaseDefnsObj, "count") -and $releaseDefnsObj[0].count -gt 0) -or (($releaseDefnsObj | Measure-Object).Count -gt 0 -and [Helpers]::CheckMember($releaseDefnsObj[0], "name"))) {
                
                $this.PublishCustomMessage(([Constants]::DoubleDashLine))
                $this.PublishCustomMessage("Generating service mappings of variable group/secure file using release for project [$($this.ProjectName)]...")
                $this.PublishCustomMessage("Total mappings to be evaluated: $(($releaseDefnsObj | Measure-Object).Count)")
                $counter = 0
    
                if (($secureFileDetails | Measure-Object).count -eq 0) {
                    $secureFilesURL = "https://dev.azure.com/{0}/{1}/_apis/distributedtask/securefiles?api-version=6.1-preview.1" -f $this.OrgName, $this.projectId;
                    $secureFileDetails = [WebRequestHelper]::InvokeGetWebRequest($secureFilesURL);                    
                }               

                if (($vgDetails | Measure-Object).count -eq 0) {
                    $vgFilesURL = "https://dev.azure.com/{0}/{1}/_apis/distributedtask/variablegroups?api-version=6.0-preview.2" -f $this.OrgName, $this.projectId;
                    $vgDetails = [WebRequestHelper]::InvokeGetWebRequest($vgFilesURL);
                }

                foreach ($relDef in $releaseDefnsObj) 
                {                   
                    $counter++                                        
                    Write-Progress -Activity 'Variable group/secure file mappings via release...' -CurrentOperation $relDef.Name -PercentComplete (($counter / $releaseDefnsObj.count) * 100)                                                                                            
                    try
                    {
                        $releaseObj = [WebRequestHelper]::InvokeGetWebRequest($relDef.url);
                        
                        #add var groups scoped at release scope.
                        if ($this.MappingType -eq "All" -or $this.MappingType -eq "VariableGroup") {
                            if((($releaseObj[0].variableGroups) | Measure-Object).Count -gt 0)
                            {
                                $varGrps.Add($releaseObj[0].variableGroups);
                            }
                        }                        
                        #get var grps from each env of release pipeline
                        foreach ($env in $releaseObj[0].environments) {
                            if ($this.MappingType -eq "All" -or $this.MappingType -eq "VariableGroup") {
                                if((($env.variableGroups) | Measure-Object).Count -gt 0)
                                {
                                    $varGrps.Add($env.variableGroups);
                                }
                            }                         
                            try {
                                if ($this.MappingType -eq "All" -or $this.MappingType -eq "SecureFile") {
                                    $workflowtasks = @();
                                    if([Helpers]::CheckMember($env, "deployPhases") )
                                    {
                                        foreach ($deployPhase in $env.deployPhases) {
                                            if ([Helpers]::CheckMember($deployPhase,"workflowtasks")) {
                                                foreach ($workflowtask in $deployPhase.workflowtasks) {
                                                    $workflowtasks += $workflowtask;   
                                                }
                                            }
                                        }
                                    }
                                    foreach ($item in $workflowtasks) {
                                        if ([Helpers]::CheckMember($item, "inputs") -and [Helpers]::CheckMember($item.inputs, "secureFile")) {
                                            $secureFiles.Add($item.inputs.secureFile);
                                        }
                                    }
                                }
                            }
                            catch {
                                #eat exception
                            }                            
                        }                        
                        if($this.UseCache)
                        {
                            # Find Service tree id for variable groups from cache
                            $this.FindSTWithReleaseForVGSecFileCache($relDef, $varGrps,$secureFiles,$accessToken,$vgDetails,$secureFileDetails,$variableGroupSTMapping, $secureFileSTMapping)
                        }
                        else {
                            $this.FindSTWithReleaseForVGSecFile($relDef, $varGrps,$secureFiles, $accessToken,$vgDetails, $secureFileDetails,$variableGroupSTMapping, $secureFileSTMapping)
                        }
                    }
                    Catch{
                        $this.PublishCustomMessage($_.Exception.Message)
                    }
                }               
                $releaseDefnsObj = $null;
            }
        }
        catch{
            #eat exception
        }

        try {
            $buildDefnURL = ("https://dev.azure.com/{0}/{1}/_apis/build/definitions?queryOrder=lastModifiedDescending&api-version=6.0" + $topNQueryString) -f $($this.OrgName), $this.ProjectName;
            $buildDefnsObj = [WebRequestHelper]::InvokeGetWebRequest($buildDefnURL) 
            
            if (([Helpers]::CheckMember($buildDefnsObj, "count") -and $buildDefnsObj[0].count -gt 0) -or (($buildDefnsObj | Measure-Object).Count -gt 0 -and [Helpers]::CheckMember($buildDefnsObj[0], "name"))) {

                $this.PublishCustomMessage(([Constants]::DoubleDashLine))
                $this.PublishCustomMessage("Generating service mappings of variable group/secure file using build for project [$($this.ProjectName)]...")
                $this.PublishCustomMessage("Total mappings to be evaluated: $(($buildDefnsObj | Measure-Object).Count)")
                $counter = 0

                foreach ($bldDef in $buildDefnsObj) {
                    $counter++
                    Write-Progress -Activity 'Variable group/secure file mappings via build...' -CurrentOperation $bldDef.Name -PercentComplete (($counter / $buildDefnsObj.count) * 100)

                    $buildObj = [WebRequestHelper]::InvokeGetWebRequest($bldDef.url.split('?')[0]);

                    #getting secure files added in all the tasks.
                    try {
                        if ($this.MappingType -eq "All" -or $this.MappingType -eq "SecureFile") {
                            $tasksSteps =@()
                            if([Helpers]::CheckMember($buildObj, "process") -and [Helpers]::CheckMember($buildObj.process, "Phases") )
                            {
                                foreach ($item in $buildObj.process.Phases) {
                                    if ([Helpers]::CheckMember($item, "steps")) {
                                        $tasksSteps += $item.steps;
                                    }
                                } 
                            }
                            foreach ($itemStep in $tasksSteps) {
                                if ([Helpers]::CheckMember($itemStep, "inputs") -and [Helpers]::CheckMember($itemStep.inputs, "secureFile")) {
                                    $secureFiles += $itemStep.inputs.secureFile;
                                }
                            }
                        }
                    }
                    catch {
                        #eat exception
                    }
                    if($this.UseCache)
                    {
                        # Find Service tree id for variable groups from cache
                        $this.FindSTWithBuildForVGSecFileCache($buildObj, $secureFiles, $accessToken,$vgDetails, $secureFileDetails, $variableGroupSTMapping, $secureFileSTMapping)
                    }
                    else {                        
                        $this.FindSTWithBuildForVGSecFile($buildObj, $secureFiles, $accessToken,$vgDetails, $secureFileDetails, $variableGroupSTMapping, $secureFileSTMapping)
                    }                                                                                           
                }
                $buildDefnsObj = $null;
            }
        }
        catch{
            #eat exception
        }
          #Removing duplicate entries of the tuple (variableGroupId,serviceId)
            if ($this.MappingType -eq "All" -or $this.MappingType -eq "VariableGroup") {
                $variableGroupSTMapping.data = $variableGroupSTMapping.data | Sort-Object -Unique variableGroupID,serviceID
                $this.PublishCustomMessage("Service mapping found: $(($variableGroupSTMapping.data | Measure-Object).Count)", [MessageType]::Info)
                if($this.UseCache)
                {          
                    $this.ExportObjToJsonFile($variableGroupSTMapping.data, 'VariableGroupSTData.json');
                    $this.ExportObjToJsonFileUploadToBlob($variableGroupSTMapping.data, 'VariableGroupSTData.json');
                }
            }
            #Removing duplicate entries of the tuple (securefile,serviceId)
            if ($this.MappingType -eq "All" -or $this.MappingType -eq "SecureFile") {
                $secureFileSTMapping.data = $secureFileSTMapping.data | Sort-Object -Unique secureFileID,serviceID
                $this.PublishCustomMessage("Service mapping found: $(($secureFileSTMapping.data | Measure-Object).Count)", [MessageType]::Info)
                if($this.UseCache)
                { 
                    $this.ExportObjToJsonFile($secureFileSTMapping.data, 'SecureFileSTData.json');
                    $this.ExportObjToJsonFileUploadToBlob($secureFileSTMapping.data, 'SecureFileSTData.json');
                }
            }        
        return $true;
    }

    hidden [bool] FetchEnvironmentMapping() {  
        $environmentSTMapping = @{
            data = @();
        };
        try{
            $environmentURL = 'https://dev.azure.com/{0}/{1}/_apis/distributedtask/environments?$top=10000&api-version=6.0-preview.1' -f $this.OrgName, $this.ProjectName;
            $environmentsObjList = @([WebRequestHelper]::InvokeGetWebRequest($environmentURL));
            #generate access token with datastudio api audience
            $accessToken = [ContextHelper]::GetDataExplorerAccessToken($true)
            $unmappedEnv = $true;   

            if ($environmentsObjList.count -gt 0 ) {
             
                $this.PublishCustomMessage(([Constants]::DoubleDashLine))
                $this.PublishCustomMessage("Generating service mappings of environments for project [$($this.ProjectName)]...")
                $this.PublishCustomMessage("Total environments to be mapped: $($environmentsObjList.count)")
                $counter = 0
                
                $environmentsObjList | ForEach-Object{
                    $counter++
                    Write-Progress -Activity 'Environments mappings...' -CurrentOperation $_.Name -PercentComplete (($counter / $environmentsObjList.count) * 100)                   

                    $apiURL = "https://dev.azure.com/{0}/{1}/_apis/distributedtask/environments/{2}/environmentdeploymentrecords?top=20&api-version=6.0-preview.1" -f $this.OrgName, $this.ProjectName, $_.id;
                    $envDeploymenyRecords = @([WebRequestHelper]::InvokeGetWebRequest($apiURL));                     
                    
                    if ($envDeploymenyRecords.Count -gt 0 -and [Helpers]::CheckMember($envDeploymenyRecords[0],"definition")) {
                        $envDeploymenyRecords = $envDeploymenyRecords | Select-Object -First 10
                        foreach ($envJob in $envDeploymenyRecords){
                            if ([Helpers]::CheckMember($envJob, "planType") -and $envJob.planType -eq "Build") {
                                $buildSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $envJob.definition.id) };
                                if($buildSTData){
                                    $environmentSTMapping.data += @([PSCustomObject] @{ environmentName = $_.Name; environmentID = $_.id; serviceID = $buildSTData.serviceID; projectName = $buildSTData.projectName; projectID = $buildSTData.projectID; orgName = $buildSTData.orgName } )
                                    $unmappedEnv =$false;
                                    break;
                                }
                                
                            }
                            elseif ([Helpers]::CheckMember($envJob, "planType") -and $envJob.planType -eq "Release") {
                                $releaseSTData = $this.ReleaseSTDetails.Data | Where-Object { ($_.releaseDefinitionID -eq $envJob.definition.id)};
                                if($releaseSTData){
                                    $environmentSTMapping.data += @([PSCustomObject] @{ environmentName = $_.Name; environmentID = $_.id; serviceID = $releaseSTData.serviceID; projectName = $releaseSTData.projectName; projectID = $releaseSTData.projectID; orgName = $releaseSTData.orgName } )
                                    $unmappedEnv =$false;
                                    break;
                                }
                            }
                        }
                    }
                    if($unmappedEnv){
                        $envResourceApiURL = "https://dev.azure.com/{0}/{1}/_environments/{2}?view=resources&__rt=fps&__ver=2" -f $this.OrgName, $this.ProjectName, $_.id;
                        $envResourceDetails = @([WebRequestHelper]::InvokeGetWebRequest($envResourceApiURL)); 

                        if ([Helpers]::CheckMember($envResourceDetails, "fps.dataProviders") -and $envResourceDetails.fps.dataProviders.data."ms.vss-environments-web.environment-resources-view-data-provider") {
                            # Type 2 for VM
                           $vmName =  $envResourceDetails.fps.dataProviders.data."ms.vss-environments-web.environment-resources-view-data-provider".environment.resources | Where-Object type -eq 2 | Select-Object name;
                           if($vmName){
                            $responseObj = $this.GetAgentSubscrId($vmName)
                                if($responseObj)
                                {
                                    $logsRows = $responseObj.tables[0].rows;
                                    if($logsRows.count -gt 0){
                                        $agentSubscriptionID = $logsRows[0][18];
                                        try {
                                                $response = $this.GetServiceIdWithSubscrId($agentSubscriptionID,$accessToken)                               
                                                if($response){
                                                        $serviceId = $response[2].Rows[0][4];
                                                        $environmentSTMapping.data += @([PSCustomObject] @{ environmentName = $_.Name; environmentID = $_.id; serviceID = $serviceId; projectName = $this.ProjectName; projectID = $this.ProjectId; orgName = $this.OrgName } )
                                                        $unmappedEnv = $false
                                                        break;
                                                    } 
                                                }
                                        catch {
                                            }                                
                                    }
                                }
                           }
                           if($unmappedEnv){
                               # Type 4 for AKS Cluster
                               $clusterId =  $envResourceDetails.fps.dataProviders.data."ms.vss-environments-web.environment-resources-view-data-provider".environment.resources | Where-Object type -eq 4 | Select-Object id;
                               if($clusterId){
                                $clusterApiURL = "https://dev.azure.com/{0}/{1}/_environments/{2}/providers/kubernetes/{3}?__rt=fps&__ver=2" -f $this.OrgName, $this.ProjectName, $_.id, $clusterId;
                                $clusterDetails = @([WebRequestHelper]::InvokeGetWebRequest($clusterApiURL));                             
                                if($clusterDetails -and [Helpers]::CheckMember($clusterDetails.fps.dataProviders.data,"ms.vss-environments-web.kubernetes-resource-data-provider"))
                                {
                                    $subscripId = $clusterDetails.fps.dataProviders.data."ms.vss-environments-web.kubernetes-resource-data-provider".kubernetesEndpoint.data | Where-Object authorizationType -eq "AzureSubscription" | Select-Object azureSubscriptionId;                                    
                                    if($subscripId){
                                        $response = $this.GetServiceIdWithSubscrId($subscripId,$accessToken)                                                                     
                                        if($response){
                                                $serviceId = $response[2].Rows[0][4];
                                                $environmentSTMapping.data += @([PSCustomObject] @{ environmentName = $_.Name; environmentID = $_.id; serviceID = $serviceId; projectName = $this.ProjectName; projectID = $this.ProjectId; orgName = $this.OrgName } )
                                                break;
                                            }                                                                                                                     
                                    }
                                }
                               }
                           }
                        }
                    }
                    
                }
            }
        }
        catch
        {
            #eat exception
        }
        $this.PublishCustomMessage("Service mapping found: $(($environmentSTMapping.data | Measure-Object).Count)", [MessageType]::Info)
        if($this.UseCache)
        {            
            $this.ExportObjToJsonFile($environmentSTMapping.data, 'EnvironmentSTData.json');
            $this.ExportObjToJsonFileUploadToBlob($environmentSTMapping.data, 'EnvironmentSTData.json');
        }
        return $true;
    }

    hidden [bool] FetchFeedMapping() {  
        $feedSTMapping = @{
            data = @();
        };
        $feedDefnURL = 'https://feeds.dev.azure.com/{0}/{1}/_apis/packaging/feeds?api-version=6.0-preview.1' -f $this.OrgName, $this.ProjectName;
        $feedDefnsObj = @([WebRequestHelper]::InvokeGetWebRequest($feedDefnURL));
        
        if ($feedDefnsObj.count -gt 0 ) {
             
                $this.PublishCustomMessage(([Constants]::DoubleDashLine))
                $this.PublishCustomMessage("Generating service mappings of feeds for project [$($this.ProjectName)]...")
                $this.PublishCustomMessage("Total feeds to be mapped: $($feedDefnsObj.count)")
                $counter = 0
                
                $feedDefnsObj | ForEach-Object {
                    try{

                        $counter++
                        Write-Progress -Activity 'Feeds mappings...' -CurrentOperation $_.Name -PercentComplete (($counter / $feedDefnsObj.count) * 100)

                        $feed = $_;
                        #Get feed packages
                        $packagesURL = $feed._links.packages.href;
                        $feedPackages = @([WebRequestHelper]::InvokeGetWebRequest($packagesURL)); 

                        if ($feedPackages.count -gt 0) {

                            $feedPackages = $feedPackages | Select-Object -First 10;
                            foreach ($package in $feedPackages){
                            $provenanceURL = "https://feeds.dev.azure.com/{0}/{1}/_apis/packaging/Feeds/{2}/Packages/{3}/Versions/{4}/provenance?api-version=6.0-preview.1" -f $this.OrgName, $this.ProjectName, $feed.id, $package.id, $package.versions[0].id;
                            $provenanceObj = @([WebRequestHelper]::InvokeGetWebRequest($provenanceURL)); 

                            if ($provenanceObj.Count -gt 0 -and [Helpers]::CheckMember($provenanceObj[0],"provenance.provenanceSource") -and [Helpers]::CheckMember($provenanceObj[0],"provenance.data")) {
                                if ($provenanceObj[0].provenance.provenanceSource -eq "InternalBuild") {
                                    
                                    $definitionId = $provenanceObj[0].provenance.data."System.DefinitionId";
                                    $buildSTData = $this.BuildSTDetails.Data | Where-Object { $_.buildDefinitionID -eq $definitionId };
                                    if($buildSTData){
                                        $feedSTMapping.data += @([PSCustomObject] @{ feedName = $feed.Name; feedID = $feed.id; serviceID = $buildSTData.serviceID; projectName = $buildSTData.projectName; projectID = $buildSTData.projectID; orgName = $buildSTData.orgName } )
                                        break;
                                    }
                                    #if no details found in buildST file the try in repoST file
                                    if (!$buildSTData -and $this.RepositorySTDetails -and $this.RepositorySTDetails.count -gt 0) {
                                        $repoId = $provenanceObj[0].provenance.data."Build.Repository.Id";
                                        $repoSTData = $this.RepositorySTDetails.Data | Where-Object { ($_.repoID -eq $repoId)};
                                        if($repoSTData){
                                            $feedSTMapping.data += @([PSCustomObject] @{ feedName = $feed.Name; feedID = $feed.id; serviceID = $repoSTData.serviceID; projectName = $repoSTData.projectName; projectID = $repoSTData.projectID; orgName = $repoSTData.orgName } )
                                            break;
                                        }
                                    }
                                } 
                                elseif ($provenanceObj[0].provenance.provenanceSource -eq "InternalRelease") {
                                    $definitionId = $provenanceObj[0].provenance.data."Release.DefinitionId";
                                    $releaseSTData = $this.ReleaseSTDetails.Data | Where-Object { $_.releaseDefinitionID -eq $definitionId };
                                    if($buildSTData){
                                        $feedSTMapping.data += @([PSCustomObject] @{ feedName = $feed.Name; feedID = $feed.id; serviceID = $releaseSTData.serviceID; projectName = $releaseSTData.projectName; projectID = $releaseSTData.projectID; orgName = $releaseSTData.orgName } )
                                        break;                                        
                                    }
                                }  
                            }
                            }
                        }
                    }
                    catch
                    {
                        #eat exception
                    }                   
                }
        }
        $this.PublishCustomMessage("Service mapping found: $(($feedSTMapping.data | Measure-Object).Count)", [MessageType]::Info)
        if($this.UseCache)
        {            
            $this.ExportObjToJsonFile($feedSTMapping.data, 'FeedSTData.json');
            $this.ExportObjToJsonFileUploadToBlob($feedSTMapping.data, 'FeedSTData.json');
        }
        return $true;
    }

    hidden [object] GetServiceIdWithSubscrId($subscriptionID,$accessToken)
    {
        $response = $null
        try {                     
            # call data studio to fetch azure subscription id and servce id mapping
            $apiURL = "https://genevareference.westcentralus.kusto.windows.net/v2/rest/query"                                                                    
            $inputbody = '{"db": "Shared","csl": "DataStudio_ServiceTree_AzureSubscription_Snapshot | where SubscriptionId contains ''{0}''", "properties": {"Options": {"query_language": "csl","servertimeout": "00:04:00","queryconsistency": "strongconsistency","request_readonly": false,"request_readonly_hardline": false}}}'                                            
            $inputbody = $inputbody.Replace("{0}", $subscriptionID)                                                                                        
            $header = @{
                            "Authorization" = "Bearer " + $accessToken
                        }
            $response = [WebRequestHelper]::InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod]::Post,$apiURL,$header,$inputbody,"application/json; charset=UTF-8");                             
        }
        catch {
            
        }  
        return $response     
    }

    hidden [object] GetAgentSubscrId($agentName)
    {
        $response = $null
        try {                                  
            
            #generate access token with datastudio api audience
            $accessToken = [ContextHelper]::GetLAWSAccessToken()
            # call data studio to fetch azure subscription id and servce id mapping
            $apiURL = "https://api.loganalytics.io/v1/workspaces/b32a5e40-0360-40db-a9d4-ec1083b90f0a/query?timespan=P7D"                                                                    
            $inputbody = '{"query":"AzSK_ResourceInvInfo_CL| where Name_s =~ ''{0}''| where ResourceType == ''Microsoft.Compute/virtualMachines''","options":{"truncationMaxSize":67108864},"maxRows":30001,"workspaceFilters":{"regions":[]}}'                                       
            $inputbody = $inputbody.Replace("{0}", $agentName)
            $header = @{
                "Authorization" = "Bearer " + $accessToken
            }                             
            $response = [WebRequestHelper]::InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod]::Post,$apiURL,$header,$inputbody,"application/json; charset=UTF-8");                           
        }
        catch {
            
        }  
        return $response     
    }

    hidden [object] GetBuildReleaseObjects($resourceUrl,$resourceType)
    {        
        $skipCount = 0        
        $applicableDefnsObj=@();     
        while (($resourceUrl)) 
        {              
            $skipCount = 10000;
            $responseAndUpdatedUri = [WebRequestHelper]::InvokeWebRequestForResourcesInBatch($resourceUrl, $resourceUrl, $skipCount,$resourceType);
            #API response with resources
            $resourceDefnsObj = @($responseAndUpdatedUri[0]);           
            #updated URI: null when there is no continuation token
            $resourceDfnUrl = $responseAndUpdatedUri[1];           
            $applicableDefnsObj+=$resourceDefnsObj;            
            if ( (($applicableDefnsObj | Measure-Object).Count -gt 0 -and [Helpers]::CheckMember($applicableDefnsObj[0], "name")) -or ([Helpers]::CheckMember($applicableDefnsObj, "count") -and $applicableDefnsObj[0].count -gt 0)) 
            {                
                $resourceUrl =$resourceDfnUrl;                                                                      
            }
            else {
                break;
            }           
        }
        Write-Progress -Activity "All $($resourceType)s fetched" -Status "Ready" -Completed
        $resourceDefnsObj = $null;        
        Remove-Variable resourceDefnsObj;        
        return $applicableDefnsObj;
    }

    #adding new mapping info
    hidden [void] AddMappinginfoInCache( [string]  $orgName, [string]  $projectID, [string]  $pipelineID,[string]  $pipelineName, [string]  $serviceTreeID,[string]  $pipelineLastModified,[string]  $resourceID,[string]  $resourceName,[string]  $resourceType,[string]  $pipelineType,$mappingExpiration) 
    {     
        if($this.IncrementalScan){
            $hash = $this.ServiceMappingCacheHelperObj.GetHashedTag($this.projectId, "", "",$resourceID,$resourceType) 
        }
        else{
            $hash = $this.ServiceMappingCacheHelperObj.GetHashedTag($this.projectId, $pipelineID, $pipelineType,$resourceID,$resourceType) 
        }
        $resourceInCache = $this.GetResourceDataFromCache($pipelineType,$pipelineID,$resourceType, $resourceID)
        if($resourceInCache)
        {
            $this.ServiceMappingCacheHelperObj.UpdateTableEntity($orgName,$projectID,$pipelineID,$pipelineName,$serviceTreeID,$pipelineLastModified, $resourceID, $resourceType, $resourceName, $pipelineType,$mappingExpiration, $this.IncrementalScan)
                #update mapping expiration date as per new scan
                $rowIndex = [array]::IndexOf($this.storageCachedData.RowKey,$hash)
                $this.storageCachedData[$rowIndex].MappingExpiration = $mappingExpiration 
            }                       
        else {
            $this.ServiceMappingCacheHelperObj.InsertMappingInfoInTable($orgName,$projectID,$pipelineID,$pipelineName,$serviceTreeID,$pipelineLastModified,$resourceID,$resourceType,$resourceName,$pipelineType, $mappingExpiration, $this.IncrementalScan)
                #update in-memory cache with new record
                $this.storageCachedData+=  @([PSCustomObject] @{"RowKey" =$hash; "OrgName" = $orgName; "ProjectID" = $projectID; "PipelineID" = $pipelineID;"PipelineName" = $pipelineName;"ServiceTreeID" = $serviceTreeID;"PipelineLastModified" = $pipelineLastModified;"ResourceID" = $resourceID;"ResourceType" = $resourceType;"ResourceName" = $resourceName;"PipelineType" = $pipelineType;  "MappingExpiration" = $MappingExpiration}; ) 
            }
    }        
            
     #fetch resource mapping details from in-memory collection
     hidden [object] GetResourceDataFromCache($pipelineType,$pipelineID,$resourceType, $resourceID)
     {  
         $resourceItem =@()         
         if($this.IncrementalScan){
             $hash = $this.ServiceMappingCacheHelperObj.GetHashedTag($this.projectId, "", "",$resourceID,$resourceType) 
         }
         else{
             $hash = $this.ServiceMappingCacheHelperObj.GetHashedTag($this.projectId, $pipelineID, $pipelineType,$resourceID,$resourceType) 
         }         
         $item = $this.storageCachedData | Where-Object -Property RowKey -eq $hash 
         #Check resource id present in cache without mapped with pipeline id
         if((!$item) -and  ($resourceType -notin ("Repo","ArtifactBuild"))){
             $item =  $this.storageCachedData | Where-Object {($_.ResourceID -eq $resourceID) -and ($_.ResourceType -eq $resourceType) -and ($_.ProjectID -eq $this.projectId) -and ($_.OrgName -eq $this.OrgName)}  
             if($item)
             {
                $this.resourceInCacheWithoutPipeline = $true
             }           
         }
         if($item){            
             return $item
         }   
         return  $resourceItem            
     }

    # attribution of variable group/ secure file linked with build
    hidden [void] FindSTWithBuildForVGSecFile($buildObj, $secureFiles, $accessToken,$vgDetails, $secureFileDetails, $variableGroupSTMapping, $secureFileSTMapping)
    {    
        [ServiceMappingCacheHelper]::TelemetryLogging("FetchVarGrpSecureFileMapping - getting mappings for build",$null);   
         #Variable to store current build STDATA
         $buildSTData = $null;

        if ($this.MappingType -eq "All" -or $this.MappingType -eq "VariableGroup") {
            if([Helpers]::CheckMember($buildObj[0],"variableGroups"))
            {
                $varGrps = @($buildObj[0].variableGroups)

                $apiURL = "https://{0}.visualstudio.com/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1" -f $this.OrgName
                $sourcePageUrl = "https://{0}.visualstudio.com/{1}/_settings/adminservices" -f $this.OrgName, $this.ProjectName;

                $varGrps | ForEach-Object{
                    $_ | ForEach-Object{
                        try {
                            [ServiceMappingCacheHelper]::TelemetryLogging("FetchVarGrpSecureFileMapping - getting mappings for variable group",$null);   
                            $buildSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $buildObj[0].id) -and ($_.projectName -eq $this.ProjectName) };
                            if($buildSTData)
                            {
                                $variableGroupSTMapping.data += @([PSCustomObject] @{ variableGroupName = $_.name; variableGroupID = $_.id; serviceID = $buildSTData.serviceID; projectName = $buildSTData.projectName; projectID = $buildSTData.projectID; orgName = $buildSTData.orgName } )
                                # add variable group mapping details in cache
                                $this.AddMappinginfoInCache($buildSTData.orgName,$buildSTData.projectID,$buildObj.id,$buildObj.name, $buildSTData.serviceID,$buildObj.createdDate,$_.id,"VariableGroup","Build",(Get-date).AddDays($this.MappingExpirationLimit)); 
                            }
                            else  {
                                if ($varGrps.Type -eq 'AzureKeyVault')
                                {   
                                    try {
                                        # get associated service connection id for variable group
                                        $servConnID =  $varGrps[0].providerData.serviceEndpointId;  
                                        
                                        # get azure subscription id from service connection
                                        $inputbody = "{'contributionIds':['ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider'],'dataProviderContext':{'properties':{'serviceEndpointId':'$($servConnID)','projectId':'$($this.projectId)','sourcePage':{'url':'$($sourcePageUrl)','routeId':'ms.vss-admin-web.project-admin-hub-route','routeValues':{'project':'$($this.ProjectName)','adminPivot':'adminservices','controller':'ContributedPage','action':'Execute'}}}}}" | ConvertFrom-Json
                                        $responseObj = [WebRequestHelper]::InvokePostWebRequest($apiURL, $inputbody); 

                                        if ([Helpers]::CheckMember($responseObj, "dataProviders") -and $responseObj.dataProviders."ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider") 
                                        {
                                            $serviceConnEndPointDetail = $responseObj.dataProviders."ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider"
                                            if ($serviceConnEndPointDetail.serviceEndpoint.type -eq "azurerm")
                                            {
                                                try {
                                                    $responseObj = $this.GetServiceIdWithSubscrId($serviceConnEndPointDetail.serviceEndpoint.data.subscriptionId,$accessToken)                                
                                                    if($responseObj)
                                                    {
                                                            $serviceId = $responseObj[2].Rows[0][4];  
                                                            $projectID = $serviceConnEndPointDetail.serviceEndpoint.serviceEndpointProjectReferences.projectReference.id;                                                  
                                                            $variableGroupSTMapping.data += @([PSCustomObject] @{ variableGroupName = $_.name; variableGroupID = $_.id; serviceID = $serviceId; projectName = $serviceConnEndPointDetail.serviceEndpoint.serviceEndpointProjectReferences.projectReference.name; projectID = $projectID; orgName = $this.OrgName } )
                                                            # add variable group mapping details in cache
                                                            $this.AddMappinginfoInCache($this.OrgName,$projectID,$buildObj.id,$buildObj.name, $serviceId,$buildObj.createdDate,$_.id,$_.name,"VariableGroup","Build",(Get-date).AddDays($this.MappingExpirationLimit)); 
                                                    }
                                                }
                                                catch {
                                                    
                                                }                                           
                                            }  
                                        }
                                        
                                    }
                                    catch {
                                        
                                    }                                            
                                }
                            }                                                                  
                        }
                        catch {
                            
                        }
                    }                                                    
                }
            }
        }
        if ($this.MappingType -eq "All" -or $this.MappingType -eq "SecureFile") {
            [ServiceMappingCacheHelper]::TelemetryLogging("FetchVarGrpSecureFileMapping - getting mappings for SecureFile",$null);   
            try {
                if(($secureFiles | Measure-Object).Count -gt 0)
                {
                    $secureFiles | ForEach-Object{ 
                        $_ | ForEach-Object{                 
                            $secureFile = $_;
                            $secureFilesObj = $secureFileDetails | Where-Object {$_.Name -eq $secureFile -or $_.Id -eq $secureFile}
                            $secFileExistinSt = $secureFileSTMapping.data | Where-Object -Property secureFileID -eq $secureFile
                            if(!$secFileExistinSt)
                            {
                                if ($secureFilesObj) {
                                    if (!$buildSTData) {
                                        $buildSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $buildObj[0].id) -and ($_.projectName -eq $this.ProjectName) };
                                    }
                                    if($buildSTData){
                                        $secureFileSTMapping.data += @([PSCustomObject] @{ secureFileName = $secureFilesObj.name; secureFileID = $secureFilesObj.id; serviceID = $buildSTData.serviceID; projectName = $buildSTData.projectName; projectID = $buildSTData.projectID; orgName = $buildSTData.orgName } )
                                        # add secure file mapping details in cache
                                        $this.AddMappinginfoInCache($buildSTData.orgName,$buildSTData.projectID,$buildObj.id,$buildObj.name, $buildSTData.serviceID,$buildObj.createdDate,$secureFilesObj.id,$secureFilesObj.name,"SecureFile","Build",(Get-date).AddDays($this.MappingExpirationLimit)); 
                                    }
                                }
                            }
                        }
                    }
                }
            }
            catch {
                #eat exception
            }
            
        }
    }

    # find cached mappings for variable group/ secure file linked with build
    hidden [void] FindSTWithBuildForVGSecFileCache($buildObj, $secureFiles, $accessToken,$vgDetails, $secureFileDetails, $variableGroupSTMapping, $secureFileSTMapping)
    {           
        if ($this.MappingType -eq "All" -or $this.MappingType -eq "VariableGroup") {
            if([Helpers]::CheckMember($buildObj[0],"variableGroups"))
            {
                $varGrps = @($buildObj[0].variableGroups)                                       
                $varGrps | ForEach-Object{
                    $_ | ForEach-Object{
                        try {
                                $varGroupExistinST = $variableGroupSTMapping.data | Where-Object -Property variableGroupID -eq $_
                                if(!$varGroupExistinST)
                                {                           
                                    $cachedVGItem = $this.GetResourceDataFromCache("Build",$relDef.id,"VariableGroup", $_)    
                                    $variableGroupSTMapping.data += @([PSCustomObject] @{ variableGroupName = $cachedVGItem.ResourceName; variableGroupID = $cachedVGItem.ResourceID; serviceID = $cachedVGItem.ServiceTreeID; projectName = $this.ProjectName; projectID = $cachedVGItem.ProjectID; orgName = $cachedVGItem.OrgName } )                                                                                                                           
                                }
                        }
                        catch {
                            
                        }
                    }
                                                    
                }
                
            }
        }
        if ($this.MappingType -eq "All" -or $this.MappingType -eq "SecureFile") {
            try {
                if(($secureFiles | Measure-Object).Count -gt 0)
                {
                $secureFiles | ForEach-Object{
                    $_ | ForEach-Object{                    
                        $secFileExistinST = $secureFileSTMapping.data | Where-Object -Property secureFileID -eq $_
                        if (!$secFileExistinST) {   
                                $cachedSecFileItem = $this.GetResourceDataFromCache("Build",$relDef.id,"SecureFile", $_)                   
                                $secureFileSTMapping.data += @([PSCustomObject] @{ secureFileName = $cachedSecFileItem.name; secureFileID = $cachedSecFileItem.id; serviceID = $cachedSecFileItem.serviceID; projectName = $this.ProjectName; projectID = $cachedSecFileItem.ProjectID; orgName = $cachedSecFileItem.OrgName } )
                            }                    
                        }
                    }
                }
            }
            catch {
                #eat exception
            }
            
        }
    }

    # attribution of variable group/ secure file linked with release
    hidden [void] FindSTWithReleaseForVGSecFile($relDef, $varGrps,$secureFiles,$accessToken,$vgDetails, $secureFileDetails , $variableGroupSTMapping, $secureFileSTMapping)
    {
        [ServiceMappingCacheHelper]::TelemetryLogging("FetchVarGrpSecureFileMapping - getting mappings for release",$null);       
        if ($this.MappingType -eq "All" -or $this.MappingType -eq "VariableGroup") {
            if(($varGrps | Measure-Object).Count -gt 0){                           
                $varGrps | ForEach-Object{
                    $_ | ForEach-Object{
                        try {  
                            $vg = $_;                                                                          
                            $varGrpObj = $vgDetails | Where-Object {$_.name -eq $vg -or $_.id -eq $vg}                                                                                                    
                            $varGroupExistinSt = $variableGroupSTMapping.data | Where-Object -Property variableGroupID -eq $vg 
                            $cachedVGItem = $this.GetResourceDataFromCache("Release",$relDef.id,"VariableGroup", $vg)
                            if($this.resourceInCacheWithoutPipeline -eq $true){
                                $this.resourceInCacheWithoutPipeline = $false                                                             
                            }
                            else{                           
                                $mappingValid = $false                      
                                if($cachedVGItem)
                                {
                                    $mappingValid= $cachedVGItem.MappingExpiration -ge (Get-Date).ToUniversalTime().ToString('dd/MM/yyyy HH:mm:ss') -and $cachedVGItem.PipelineLastModified -ge $relDef.modifiedOn
                                }
                                if(!$varGroupExistinSt -and !$mappingValid)                        
                                {                                                                   
                                    if($varGrpObj)
                                    {                                    
                                            $releaseSTData = $this.ReleaseSTDetails.Data | Where-Object { ($_.releaseDefinitionID -eq $releaseObj[0].id) };
                                            if($releaseSTData)
                                            {
                                                $variableGroupSTMapping.data += @([PSCustomObject] @{ variableGroupName = $varGrpObj.name; variableGroupID = $varGrpObj.id; serviceID = $releaseSTData.serviceID; projectName = $releaseSTData.projectName; projectID = $releaseSTData.projectID; orgName = $releaseSTData.orgName } )
                                                # add variable group mapping details in cache
                                                $this.AddMappinginfoInCache($releaseSTData.orgName,$releaseSTData.projectID,$relDef.id,$relDef.name, $releaseSTData.serviceID,$relDef.modifiedOn,$varGrpObj.id,$varGrpObj.name,"VariableGroup","Release",(Get-date).AddDays($this.MappingExpirationLimit));                                        
                                            }
                                            else {
                                                if ($varGrpObj.Type -eq 'AzureKeyVault') { 
                                                    try {
                                                        # get associated service connection id for variable group
                                                        $servConnID =  $varGrpObj[0].providerData.serviceEndpointId;  

                                                        # get azure subscription id from service connection
                                                        $inputbody = "{'contributionIds':['ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider'],'dataProviderContext':{'properties':{'serviceEndpointId':'$($servConnID)','projectId':'$($this.projectId)','sourcePage':{'url':'$($sourcePageUrl)','routeId':'ms.vss-admin-web.project-admin-hub-route','routeValues':{'project':'$($this.ProjectName)','adminPivot':'adminservices','controller':'ContributedPage','action':'Execute'}}}}}" | ConvertFrom-Json
                                                        $responseObj = [WebRequestHelper]::InvokePostWebRequest($apiURL, $inputbody); 
                    
                                                        if ([Helpers]::CheckMember($responseObj, "dataProviders") -and $responseObj.dataProviders."ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider") 
                                                        {
                                                            $serviceConnEndPointDetail = $responseObj.dataProviders."ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider"
                                                            if ($serviceConnEndPointDetail.serviceEndpoint.type -eq "azurerm")
                                                            {
                                                                try {
                                                                    $responseObj = $this.GetServiceIdWithSubscrId($serviceConnEndPointDetail.serviceEndpoint.data.subscriptionId,$accessToken)                               
                                                                    if($responseObj)
                                                                    {
                                                                            $serviceId = $responseObj[2].Rows[0][4];
                                                                            $projectID = $serviceConnEndPointDetail.serviceEndpoint.serviceEndpointProjectReferences.projectReference.id;
                                                                            $variableGroupSTMapping.data += @([PSCustomObject] @{ variableGroupName = $varGrpObj.name; variableGroupID = $varGrpObj.id; serviceID = $serviceId; projectName = $serviceConnEndPointDetail.serviceEndpoint.serviceEndpointProjectReferences.projectReference.name; projectID = $projectID; orgName = $this.OrgName } )
                                                                            # add variable group mapping details in cache
                                                                            $this.AddMappinginfoInCache($this.OrgName,$projectID ,$relDef.id,$relDef.name, $serviceId,$relDef.modifiedOn,$varGrpObj.id,$varGrpObj.name,"VariableGroup","Release",(Get-date).AddDays($this.MappingExpirationLimit)); 
                                                                    } 
                                                                }
                                                                catch {
                                                                    
                                                                }                                          
                    
                                                            }  
                                                        }
                                                        
                                                    }
                                                    catch {
                                                        
                                                    }                                         
                                                }                                         
                                            } 
                                    }
                                }
                            }                                                        
                        }
                        catch {
                            
                        }  
                    }                                                                                                        
                }
            }
        }

        if ($this.MappingType -eq "All" -or $this.MappingType -eq "SecureFile") {
            try {
                if(($secureFiles | Measure-Object).Count -gt 0)
                {
                    $secureFiles | ForEach-Object{                                            
                        $_ | ForEach-Object{
                            $secureFile = $_
                            $secureFilesObj = $secureFileDetails | Where-Object {$_.name -eq $secureFile -or $_.id -eq $secureFile}
                            $secFileExistinSt = $secureFileSTMapping.data | Where-Object -Property secureFileID -eq $secureFile
                            $cachedSecFileItem = $this.GetResourceDataFromCache("Release",$relDef.id,"SecureFile", $secureFile) 
                            if($this.resourceInCacheWithoutPipeline -eq $true){
                                $this.resourceInCacheWithoutPipeline = $false;                                
                            }
                            else {                                                            
                                $mappingValid = $false 
                                if($cachedSecFileItem)
                                {
                                    $mappingValid = $cachedSecFileItem.MappingExpiration -ge (Get-Date).ToUniversalTime().ToString('dd/MM/yyyy HH:mm:ss') -and  $cachedSecFileItem.PipelineLastModified -ge $relDef.modifiedOn
                                }
                                if(!$secFileExistinSt -and !$mappingValid)
                                {
                                    if ($secureFilesObj) {
                                        $releaseSTData = $this.ReleaseSTDetails.Data | Where-Object { ($_.releaseDefinitionID -eq $relDef.id) };
                                        if($releaseSTData){
                                            $secureFileSTMapping.data += @([PSCustomObject] @{ secureFileName = $secureFilesObj.name; secureFileID = $secureFilesObj.id; serviceID = $releaseSTData.serviceID; projectName = $releaseSTData.projectName; projectID = $releaseSTData.projectID; orgName = $releaseSTData.orgName } )
                                            # add secure file mapping details in cache
                                            $this.AddMappinginfoInCache($releaseSTData.orgName,$releaseSTData.projectID,$relDef.id,$relDef.name, $releaseSTData.serviceID,$relDef.modifiedOn,$secureFilesObj.id,$secureFilesObj.name,"SecureFile","Release",(Get-date).AddDays($this.MappingExpirationLimit)); 
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
            catch {
                #eat exception
            }
        }  
    }

    # find cached mappings for variable group/ secure file linked with release
    hidden [void] FindSTWithReleaseForVGSecFileCache($relDef, $varGrps,$secureFiles,$accessToken,$vgDetails, $secureFileDetails, $variableGroupSTMapping, $secureFileSTMapping)
    {
        if ($this.MappingType -eq "All" -or $this.MappingType -eq "VariableGroup") {
            if(($varGrps | Measure-Object).Count -gt 0)
            {               
                $varGrps | ForEach-Object{
                    $_ | ForEach-Object{
                        try {                           
                            [ServiceMappingCacheHelper]::TelemetryLogging("FetchVarGrpSecureFileMapping - getting mappings from cache - variable group",$null);                                                                                                                                
                            $varGroupExistinST = $variableGroupSTMapping.data | Where-Object -Property variableGroupID -eq $_
                            if(!$varGroupExistinST)
                            {                           
                                $cachedVGItem = $this.GetResourceDataFromCache("Release",$relDef.id,"VariableGroup", $_)                                                                                                                      
                                $variableGroupSTMapping.data += @([PSCustomObject] @{ variableGroupName = $cachedVGItem.ResourceName; variableGroupID = $cachedVGItem.ResourceID; serviceID = $cachedVGItem.ServiceTreeID; projectName = $this.ProjectName; projectID = $cachedVGItem.ProjectID; orgName = $cachedVGItem.OrgName } )                                                                                                                           
                            }
                                                        
                        }
                        catch {
                            
                        }   
                    }                                                                                                       
                }
            }
        }

        if ($this.MappingType -eq "All" -or $this.MappingType -eq "SecureFile") {
            [ServiceMappingCacheHelper]::TelemetryLogging("FetchVarGrpSecureFileMapping - getting mappings from cache - securefile",$null);   
            try {
                if(($secureFiles | Measure-Object).Count -gt 0)
                {
                    $secureFiles | ForEach-Object{     
                        $_ | ForEach-Object{                                   
                            $secureFilesObj = $secureFileSTMapping.data | Where-Object -Property secureFileID -eq $_
                            if (!$secureFilesObj) {   
                                    $cachedSecFileItem = $this.GetResourceDataFromCache("Release",$relDef.id,"SecureFile", $_)                       
                                    $secureFileSTMapping.data += @([PSCustomObject] @{ secureFileName = $secureFilesObj.name; secureFileID = $secureFilesObj.id; serviceID = $cachedSecFileItem.serviceID; projectName = $cachedSecFileItem.projectName; projectID = $cachedSecFileItem.projectID; orgName = $cachedSecFileItem.orgName } )                                                    
                                }
                            }
                    }
                }
            }
            catch {
                #eat exception
            }
        }  
    }

    # log scan time duration for all resources
    hidden [void] SaveScanDuration($message,[switch]  $finished)
    {
        $duration = [math]::Round($this.Stopwatch.Elapsed.TotalMinutes,0)        
        $this.PublishCustomMessage("$($message) : $($duration)", [MessageType]::Info);
        if($finished)
        {
            $this.PublishCustomMessage("Total duration to finish the resource scan : $($duration - $this.lastDuration)", [MessageType]::Info);
            [ServiceMappingCacheHelper]::TelemetryLogging("Total duration to finish the resource scan : $($duration - $this.lastDuration)",$null);   
            $this.lastDuration = $duration
        }
    }
    
    # method to fetch secure file mappings from cloudmine data
    hidden [void] FindSTForSecureFileWithIncremental() {
        $secureFileDetails = @();
        $secureFileSTMapping = @{
            data = [System.Collections.Generic.List[PSCustomObject]]@();
        };
        #get all secure file details in one common object
        if (($secureFileDetails | Measure-Object).count -eq 0) {
            $secureFilesURL = "https://dev.azure.com/{0}/{1}/_apis/distributedtask/securefiles?api-version=6.1-preview.1" -f $this.OrgName, $this.projectId;
            $secureFileDetails = [WebRequestHelper]::InvokeGetWebRequest($secureFilesURL);
        }
        #either retrieve access token for the cluster or use a token via env variable (to be used to generate mappings when user doesn't have access to cluster and can use another authorized token)
        if ($env:AccessToken) {
            $accessToken = $env:AccessToken
        }
        else {
            $accessToken = [ContextHelper]::GetDataExplorerAccessToken($true)
        }
        if ($env:DataDuration) {
            $dataDuration = $env:DataDuration
        }
        else {
            $dataDuration = 30
        }
        $apiURL = "https://1es.kusto.windows.net/v2/rest/query"       
        <#
            Query:
            BuildDefinitionPhaseStep
            | where OrganizationName =~ ""
            | where EtlProcessDate > ago(1500d)
            | where ProjectId ==""
            | extend securefile = parse_json(ProcessPhaseStepInput).secureFile
            | where isnotnull( securefile)
            | summarize arg_max(EtlProcessDate, *) by tostring(securefile)
            | project securefile, PipelineDefinition = tostring(BuildDefinitionId), EtlProcessDate, PipelineType="Build"
            | union (
            ReleaseEnvironment
            | where OrganizationName =~ ""
            | where EtlProcessDate > ago(1500d)
            | where ProjectId ==""
            | project EtlProcessDate,Data,ReleaseDefinitionId,ReleaseEnvironmentId
            | extend securefile= todynamic(Data)
            | mv-apply securefile on (project securefile.deployPhasesSnapshot)
            | mv-apply securefile_deployPhasesSnapshot on (project securefile_deployPhasesSnapshot.workflowTasks)
            | where isnotnull(securefile_deployPhasesSnapshot_workflowTasks) and isnotempty(securefile_deployPhasesSnapshot_workflowTasks)
            | mv-apply securefile_deployPhasesSnapshot_workflowTasks on (project securefile_deployPhasesSnapshot_workflowTasks.inputs)
            | extend securefilejson = dynamic_to_json(todynamic(securefile_deployPhasesSnapshot_workflowTasks_inputs))
            | extend securefile = parse_json(securefilejson).secureFile
            | where isnotnull( securefile)
            | summarize arg_max(EtlProcessDate, *) by tostring(securefile)
            | project securefile, PipelineDefinition = tostring(ReleaseDefinitionId), EtlProcessDate, PipelineType="Release"
            )
            | summarize arg_max(EtlProcessDate, *) by tostring(securefile)
         
        #>
                                                             
        $inputbody = '{"db":"AzureDevOps","csl":"BuildDefinitionPhaseStep\n| where OrganizationName =~ ''{0}''| where EtlProcessDate > ago({2}d)| where ProjectId ==''{1}'' | extend securefile = parse_json(ProcessPhaseStepInput).secureFile|where isnotnull( securefile)| summarize arg_max(EtlProcessDate, *) by tostring(securefile) | project securefile, PipelineDefinition = tostring(BuildDefinitionId), EtlProcessDate, PipelineType=\"Build\"\n| union (\nReleaseEnvironment\n| where OrganizationName =~ ''{0}''\n| where EtlProcessDate > ago({2}d)\n| where ProjectId ==''{1}'' \n| project EtlProcessDate,Data,ReleaseDefinitionId,ReleaseEnvironmentId\n| extend securefile= todynamic(Data)\n| mv-apply securefile on (project securefile.deployPhasesSnapshot)\n| mv-apply securefile_deployPhasesSnapshot on (project securefile_deployPhasesSnapshot.workflowTasks)\n| where isnotnull(securefile_deployPhasesSnapshot_workflowTasks) and isnotempty(securefile_deployPhasesSnapshot_workflowTasks)\n| mv-apply securefile_deployPhasesSnapshot_workflowTasks on (project securefile_deployPhasesSnapshot_workflowTasks.inputs)\n| extend securefilejson = dynamic_to_json(todynamic(securefile_deployPhasesSnapshot_workflowTasks_inputs))\n| extend securefile = parse_json(securefilejson).secureFile\n| where isnotnull( securefile)\n| summarize arg_max(EtlProcessDate, *) by tostring(securefile)\n| project securefile, PipelineDefinition = tostring(ReleaseDefinitionId), EtlProcessDate, PipelineType=\"Release\"\n)\n| summarize arg_max(EtlProcessDate, *) by tostring(securefile)","properties":{"Options":{"servertimeout":"00:04:00","queryconsistency":"strongconsistency","query_language":"csl","request_readonly":false,"request_readonly_hardline":false}}}'  
        $inputbody = $inputbody.Replace("{0}", $this.OrgName)   
        $inputbody = $inputbody.Replace("{1}", $this.projectId)       
        $inputbody = $inputbody.Replace("{2}", $dataDuration)                                                                                        
        $header = @{
            "Authorization" = "Bearer " + $accessToken
        }
        try {
            $response = [WebRequestHelper]::InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod]::Post, $apiURL, $header, $inputbody, "application/json; charset=UTF-8");  
            $sw = [System.Diagnostics.Stopwatch]::StartNew()
            $progressCount = 1;
            $response[2].Rows | foreach {
                if ($sw.Elapsed.TotalMilliseconds -ge 10000) {
                    Write-Progress -Activity "Processing secure files... " -Status "Progress: " -PercentComplete ($progressCount / $response[2].Rows.Count * 100)
                    $sw.Reset(); $sw.Start()
                }
                $secureFileId = $_[0].ToString();
                $pipelineId = $_[2].ToString();
                $pipelineProcessDate = $_[1].ToString();
                $secureFileName = $secureFileDetails | Where-Object { $_.Id -eq $secureFileId }
                #check if secure file exists currently or is the data from a deleted secure file
                if ($secureFileName) {
                    $secureFileName = $secureFileName.Name
                }
                else {
                    return;
                }
                $pipelineType = $_[3].ToString();
                #get ST mapping details depending on the pipeline
                if ($pipelineType -eq "Build") {
                    $pipelineSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $pipelineId) }     
                    if($pipelineSTData){
                        $pipelineName = $pipelineSTData.buildDefinitionName
                    }   
                }
                else {
                    $pipelineSTData = $this.ReleaseSTDetails.Data | Where-Object { ($_.releaseDefinitionID -eq $pipelineId) }    
                    if($pipelineSTData){
                        $pipelineName = $pipelineSTData.releaseDefinitionName
                    }
                }
                         
                if ($pipelineSTData) {               
                    $this.AddMappinginfoInCache(($pipelineSTData.orgName).ToLower(), $pipelineSTData.projectID, $pipelineId, $pipelineName, $pipelineSTData.serviceID, $pipelineProcessDate, $secureFileId, $secureFileName, "SecureFile", $pipelineType, (Get-date).AddDays($this.MappingExpirationLimit)); 
                                      
                }  
                
            }
            #The following query is for secure files used in YAML pipelines. A different query has to be made since this query only returns the secure file name as opposed to the secure file ID from above query
            <#
                Query:
                YamlBuildDefinitionPhaseStep
                | where OrganizationName =~ ""
                | where EtlProcessDate > ago(1500d)
                | where StepRefName =~ "DownloadSecureFile@1"
                | extend securefile = parse_json(ProcessPhaseStepInput).secureFile
                | summarize arg_max(EtlProcessDate,*) by tostring(securefile)
            #>

            $inputbody = '{"db":"AzureDevOps","csl":"YamlBuildDefinitionPhaseStep\n| where OrganizationName =~ ''{0}''\n| where EtlProcessDate > ago({2}d)\n| where ProjectId ==''{1}'' | where StepRefName =~ \"DownloadSecureFile@1\"\n| extend securefile = parse_json(ProcessPhaseStepInput).secureFile\n| summarize arg_max(EtlProcessDate,*) by tostring(securefile)","properties":{"Options":{"servertimeout":"00:04:00","queryconsistency":"strongconsistency","query_language":"csl","request_readonly":false,"request_readonly_hardline":false}}}'
            $inputbody = $inputbody.Replace("{0}", $this.OrgName) 
            $inputbody = $inputbody.Replace("{1}", $this.projectId)       
            $inputbody = $inputbody.Replace("{2}", $dataDuration)   
            $response = [WebRequestHelper]::InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod]::Post, $apiURL, $header, $inputbody, "application/json; charset=UTF-8"); 
            $response[2].Rows | foreach {
                $secureFileName = $_[0].ToString();
                $pipelineId = $_[4].ToString();
                $pipelineProcessDate = $_[1].ToString();
                $secureFileId = $secureFileDetails | Where-Object { $_.Name -eq $secureFileName }
                if ($secureFileId) {
                    $secureFileId = $secureFileId.Id
                }
                else {
                    return;
                }
                $pipelineType = "Build";
                $item = $this.GetResourceDataFromCache($pipelineType, $pipelineId, "SecureFile", $secureFileId)   
                $pipelineSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $pipelineId) }  
                #if data is already in the storage, we had found the mapping previously. Update the mapping only if this pipeline was modified recently.
                if ($item) {
                    if ([datetime] $item.PipelineLastModified -gt $pipelineProcessDate) {
                        return;
                    }
                    #if the pipeline was modified recently but the mapping for this new pipeline doesnt exist, do not do anything
                    if (!$pipelineSTData) {
                        return;
                    }
                }             
                                     
                if ($pipelineSTData) {               
                    $this.AddMappinginfoInCache(($pipelineSTData.orgName).ToLower(), $pipelineSTData.projectID, $pipelineId, $pipelineSTData.buildDefinitionName, $pipelineSTData.serviceID, $pipelineProcessDate, $secureFileId, $secureFileName, "SecureFile", $pipelineType, (Get-date).AddDays($this.MappingExpirationLimit)); 
                                      
                }  
                
            }
            $storageData = $this.ServiceMappingCacheHelperObj.GetWorkItemByHashAzureTable("SecureFile", "", "", "", $this.projectId)
            #Create the ST mapping file from the storage table
            $progressCount =1;
            $storageData | foreach {
                if ($sw.Elapsed.TotalMilliseconds -ge 10000) {
                    Write-Progress -Activity "Fetching service IDs for secure files... " -Status "Progress: " -PercentComplete ($progressCount / $storageData.Count * 100)
                    $sw.Reset(); $sw.Start()
                }
                $progressCount++;
                $dateDiff = New-TimeSpan -Start ([datetime]$_.Timestamp) -End ([datetime]::UtcNow)
                #if the mapping has been added in the table recently, we need not find the mapping again as it has been already done above
                #if data is not added today, pipeline mapping might have been changed, hence get the mapping again
                $resourceObj = $_;
                if ($dateDiff.Days -gt 1) {
                    if ($resourceObj.PipelineType -eq "Build") {
                        $pipelineSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $resourceObj.PipelineID) }  
                        if($pipelineSTData){
                            $pipelineName = $pipelineSTData.buildDefinitionName
                        }   
                    }
                    else {
                        $pipelineSTData = $this.ReleaseSTDetails.Data | Where-Object { ($_.releaseDefinitionID -eq $resourceObj.PipelineID) }    
                        if($pipelineSTData){
                            $pipelineName = $pipelineSTData.releaseDefinitionName
                        }
                    }
                    #if we have reached mapping expiration check if the secure file still exists or if the pipeline ST data exists
                    if($resourceObj.MappingExpiration -ge (Get-Date).ToUniversalTime().ToString('dd/MM/yyyy HH:mm:ss')){
                            $secureFileObj = $secureFileDetails | Where-Object { $_.Id -eq $resourceObj.ResourceID }
                            if (!$secureFileObj) {
                                $this.ServiceMappingCacheHelperObj.DeleteDataFromTable($resourceObj.ProjectID, $resourceObj.ResourceID, $resourceObj.ResourceType)
                                return;
                            }
                    }
                    if ($pipelineSTData) {     
                        if($pipelineSTData.serviceID -ne $resourceObj.ServiceTreeID){
                            $this.AddMappinginfoInCache(($pipelineSTData.orgName).ToLower(), $pipelineSTData.projectID, $_.PipelineID,$pipelineName, $pipelineSTData.serviceID, $_.PipelineLastModified, $_.ResourceID, $_.ResourceName, "SecureFile", $_.PipelineType, (Get-date).AddDays($this.MappingExpirationLimit)); 
                        }          
                        $secureFileSTMapping.data += @([PSCustomObject] @{ secureFileName = $_.ResourceName; secureFileID = $_.ResourceID; serviceID = $pipelineSTData.serviceID; projectName = $this.ProjectName; projectID = $_.projectID; orgName = $_.orgName } )                    
                    }
                    else{
                        $secureFileSTMapping.data += @([PSCustomObject] @{ secureFileName = $_.ResourceName; secureFileID = $_.ResourceID; serviceID = $_.ServiceTreeID; projectName = $this.ProjectName; projectID = $_.projectID; orgName = $_.orgName } )                    
                    }
                }
                else {
                    $secureFileSTMapping.data += @([PSCustomObject] @{ secureFileName = $_.ResourceName; secureFileID = $_.ResourceID; serviceID = $_.ServiceTreeID; projectName = $this.ProjectName; projectID = $_.projectID; orgName = $_.orgName } )
                }
            }
            $this.PublishCustomMessage("Service mapping found: $(($secureFileSTMapping.data | Measure-Object).Count)", [MessageType]::Info)

                $this.ExportObjToJsonFile($secureFileSTMapping, 'SecureFileSTData.json');
                $this.ExportObjToJsonFileUploadToBlob($secureFileSTMapping, 'SecureFileSTData.json');
            
            
        }
        catch {
            $_
        }        
    }

    #method to fetch variable group mappings from cloudmin data
    hidden [void] FindSTForVGWithIncremental() {
        $variableGroupDetails = @();
        $variableGroupSTMapping = @{
            data = [System.Collections.Generic.List[PSCustomObject]]@();
        };
        #get all variable group details in one object
        if (($variableGroupDetails | Measure-Object).count -eq 0) {
            $variableGroupsURL = "https://dev.azure.com/{0}/{1}/_apis/distributedtask/variablegroups?api-version=6.1-preview.1" -f $this.OrgName, $this.projectId;
            $variableGroupDetails = [WebRequestHelper]::InvokeGetWebRequest($variableGroupsURL);
        }
        #either retrieve access token for the cluster or use a token via env variable (to be used to generate mappings when user doesn't have access to cluster and can use another authorized token)
        if ($env:AccessToken) {
            $accessToken = $env:AccessToken
        }
        else {
            $accessToken = [ContextHelper]::GetDataExplorerAccessToken($true)
        }
        if ($env:DataDuration) {
            $dataDuration = $env:DataDuration
        }
        else {
            $dataDuration = 30
        }
        $apiURL = "https://1es.kusto.windows.net/v2/rest/query"    
        <#
            Query:
            BuildDefinition
            | where OrganizationName =~ ""
            | where EtlProcessDate > ago(1000d)
            | where ProjectId ==""
            | extend vargrp = parse_json(Data).variableGroups
            | mv-apply vargrp on (project vargrp.id)
            | where isnotnull( vargrp_id)
            | summarize arg_max(EtlProcessDate, *) by tostring(vargrp_id)
            | project varid = vargrp_id, PipelineId = tostring(BuildDefinitionId), EtlProcessDate, PipelineType = "Build"
            | union(
            Release
            | where OrganizationName =~ ""
            | where EtlProcessDate > ago(1000d)
            | where ProjectId ==""
            | extend varsdetails = todynamic(Data).variableGroups
            | mv-apply varsdetails on (project varsdetails.id)
            | summarize arg_max(EtlProcessDate, *) by tostring(varsdetails_id)
            | project varid = varsdetails_id, PipelineId = tostring(ReleaseDefinitionId), EtlProcessDate, PipelineType = "Release"
            | union (
            ReleaseEnvironment
            | where OrganizationName =~ ""
            | where EtlProcessDate > ago(1000d)
            | where ProjectId ==""
            | extend varsdetails = todynamic(Data).variableGroups
            | mv-apply varsdetails on (project varsdetails.id)
            | summarize arg_max(EtlProcessDate, *) by tostring(varsdetails_id)
            | project varid = varsdetails_id, PipelineId = tostring(ReleaseDefinitionId), EtlProcessDate, PipelineType = "Release"
            )
            )
            | summarize arg_max(EtlProcessDate, *) by tostring(varid)
         
        #>
                                                                
        $inputbody = '{"db":"AzureDevOps","csl":"set notruncation;\nBuildDefinition\n| where OrganizationName =~ ''{0}''\n| where EtlProcessDate > ago({2}d)\n| where ProjectId ==''{1}''\n| extend vargrp = parse_json(Data).variableGroups\n| mv-apply vargrp on (project vargrp.id)\n| where isnotnull( vargrp_id)\n| summarize arg_max(EtlProcessDate, *) by tostring(vargrp_id)\n| project varid = vargrp_id, PipelineId = tostring(BuildDefinitionId), EtlProcessDate, PipelineType = \"Build\", PipelineName = tostring(BuildDefinitionName)\n| union(\nRelease\n| where OrganizationName =~ ''{0}''\n| where EtlProcessDate > ago({2}d)\n| where ProjectId ==''{1}''\n| extend varsdetails = todynamic(Data).variableGroups\n| mv-apply varsdetails on (project varsdetails.id)\n| summarize arg_max(EtlProcessDate, *) by tostring(varsdetails_id)\n| project varid = varsdetails_id, PipelineId = tostring(ReleaseDefinitionId), EtlProcessDate, PipelineType = \"Release\", PipelineName = tostring(ReleaseDefinitionName)\n| union (\nReleaseEnvironment\n| where OrganizationName =~ ''{0}''\n| where EtlProcessDate > ago({2}d)\n| where ProjectId ==''{1}''\n| extend varsdetails = todynamic(Data).variableGroups\n| mv-apply varsdetails on (project varsdetails.id)\n| summarize arg_max(EtlProcessDate, *) by tostring(varsdetails_id)\n| project varid = varsdetails_id, PipelineId = tostring(ReleaseDefinitionId), EtlProcessDate, PipelineType = \"Release\", PipelineName = tostring(ReleaseDefinitionName)\n)\n)\n| summarize arg_max(EtlProcessDate, *) by tostring(varid)","properties":{"Options":{"servertimeout":"00:04:00","queryconsistency":"strongconsistency","query_language":"csl","request_readonly":false,"request_readonly_hardline":false}}}'  
        $inputbody = $inputbody.Replace("{0}", $this.OrgName)  
        $inputbody = $inputbody.Replace("{1}", $this.projectId)       
        $inputbody = $inputbody.Replace("{2}", $dataDuration)                                                                                             
        $header = @{
            "Authorization" = "Bearer " + $accessToken
        }
        try {
            $response = [WebRequestHelper]::InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod]::Post, $apiURL, $header, $inputbody, "application/json; charset=UTF-8");  
            $sw = [System.Diagnostics.Stopwatch]::StartNew()
            $progressCount = 1;
            $response[2].Rows | foreach {
                if ($sw.Elapsed.TotalMilliseconds -ge 10000) {
                    Write-Progress -Activity "Processing variable groups... " -Status "Progress: " -PercentComplete ($progressCount / $response[2].Rows.Count * 100)
                    $sw.Reset(); $sw.Start()
                }
                $progressCount++;
                $variableGroupId = $_[0].ToString();                
                $pipelineId = $_[2].ToString();
                $pipelineName = $_[4].ToString();
                $pipelineProcessDate = $_[1].ToString();
                $variableGroupObj = $variableGroupDetails | Where-Object { $_.Id -eq $variableGroupId }
                #check if variable group exists currently or is the data from a deleted variable group
                if ($variableGroupObj) {
                    $variableGroupName = $variableGroupObj.Name
                }
                else {
                    return;
                }
                $pipelineType = $_[3].ToString();  
                if ($pipelineType -eq "Build") {
                    $pipelineSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $pipelineId) }     
                    if($pipelineSTData){
                        $pipelineName = $pipelineSTData.buildDefinitionName
                    }   
                }
                else {
                    $pipelineSTData = $this.ReleaseSTDetails.Data | Where-Object { ($_.releaseDefinitionID -eq $pipelineId) }    
                    if($pipelineSTData){
                        $pipelineName = $pipelineSTData.releaseDefinitionName
                    }
                }
                         
                if ($pipelineSTData) {            
                    $this.AddMappinginfoInCache(($pipelineSTData.orgName).ToLower(), $pipelineSTData.projectID, $pipelineId, $pipelineName, $pipelineSTData.serviceID, $pipelineProcessDate, $variableGroupId, $variableGroupName, "VariableGroup", $pipelineType, (Get-date).AddDays($this.MappingExpirationLimit)); 
                                      
                }  
                #if pipeline ST data not found, attempt to get service id from Az key vault
                else {
                    if ($variableGroupObj.Type -eq 'AzureKeyVault') { 
                        $apiURL = "https://{0}.visualstudio.com/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1" -f $this.OrgName
                        $sourcePageUrl = "https://{0}.visualstudio.com/{1}/_settings/adminservices" -f $this.OrgName, $this.ProjectName;
                        try {
                            # get associated service connection id for variable group
                            $servConnID = $variableGroupObj[0].providerData.serviceEndpointId; 
                            # get azure subscription id from service connection
                            $inputbody = "{'contributionIds':['ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider'],'dataProviderContext':{'properties':{'serviceEndpointId':'$($servConnID)','projectId':'$($this.projectId)','sourcePage':{'url':'$($sourcePageUrl)','routeId':'ms.vss-admin-web.project-admin-hub-route','routeValues':{'project':'$($this.ProjectName)','adminPivot':'adminservices','controller':'ContributedPage','action':'Execute'}}}}}" | ConvertFrom-Json
                            $responseObj = [WebRequestHelper]::InvokePostWebRequest($apiURL, $inputbody); 

                            if ([Helpers]::CheckMember($responseObj, "dataProviders") -and $responseObj.dataProviders."ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider") {
                                $serviceConnEndPointDetail = $responseObj.dataProviders."ms.vss-serviceEndpoints-web.service-endpoints-details-data-provider"
                                if ([Helpers]::CheckMember($serviceConnEndPointDetail.serviceEndpoint, "type")  -and $serviceConnEndPointDetail.serviceEndpoint.type -eq "azurerm") {
                                    try {
                                        $responseObj = $this.GetServiceIdWithSubscrId($serviceConnEndPointDetail.serviceEndpoint.data.subscriptionId, $accessToken)                               
                                        if ($responseObj) {
                                            $serviceId = $responseObj[2].Rows[0][4];
                                            $this.AddMappinginfoInCache(($this.OrgName).ToLower(), $this.projectId, $pipelineId,$pipelineName, $serviceID, $pipelineProcessDate, $variableGroupId, $variableGroupName, "VariableGroup", $pipelineType, (Get-date).AddDays($this.MappingExpirationLimit)); 
                                        } 
                                    }
                                    catch {
                                        $_
                                    }                                          

                                }  
                            }
                            
                        }
                        catch {
                            $_
                        }                                         
                    } 
                }
                
            }            
            #after getting all mappings, create the ST mapping file
            $storageData = $this.ServiceMappingCacheHelperObj.GetWorkItemByHashAzureTable("VariableGroup", "", "", "", $this.projectId)
            $progressCount = 1;
            $storageData | foreach {
                if ($sw.Elapsed.TotalMilliseconds -ge 10000) {
                    Write-Progress -Activity "Fetching service IDs for variable groups... " -Status "Progress: " -PercentComplete ($progressCount / $storageData.Count * 100)
                    $sw.Reset(); $sw.Start()
                }
                $progressCount++;
                $dateDiff = New-TimeSpan -Start ([datetime]$_.Timestamp) -End ([datetime]::UtcNow)
                $resourceObj = $_;
                #if the mapping has been added in the table recently, we need not find the mapping again as it has been already done above
                if ($dateDiff.Days -gt 1) {
                    if ($resourceObj.PipelineType -eq "Build") {
                        $pipelineSTData = $this.BuildSTDetails.Data | Where-Object { ($_.buildDefinitionID -eq $resourceObj.PipelineID) }  
                        if($pipelineSTData){
                            $pipelineName = $pipelineSTData.buildDefinitionName
                        }   
                    }
                    else {
                        $pipelineSTData = $this.ReleaseSTDetails.Data | Where-Object { ($_.releaseDefinitionID -eq $resourceObj.PipelineID) }    
                        if($pipelineSTData){
                            $pipelineName = $pipelineSTData.releaseDefinitionName
                        }
                    }
                    #if we have reached mapping expiration check if the variable group still exists or if the pipeline ST data exists
                    if($resourceObj.MappingExpiration -ge (Get-Date).ToUniversalTime().ToString('dd/MM/yyyy HH:mm:ss')){
                            $varGrpObj = $variableGroupDetails | Where-Object { $_.Id -eq $resourceObj.ResourceID }
                            #if variable group no longer exists remove it
                            if (!$varGrpObj) {
                                $this.ServiceMappingCacheHelperObj.DeleteDataFromTable($resourceObj.ProjectID, $resourceObj.ResourceID, $resourceObj.ResourceType)
                                return;
                            }
                        } 
                        
                    if ($pipelineSTData) { 
                        if($pipelineSTData.serviceID -ne $resourceObj.ServiceTreeID){
                            $this.AddMappinginfoInCache(($pipelineSTData.orgName).ToLower(), $pipelineSTData.projectID, $_.PipelineID,$pipelineName, $pipelineSTData.serviceID, $_.PipelineLastModified, $_.ResourceID, $_.ResourceName, "VariableGroup", $_.PipelineType, (Get-date).AddDays($this.MappingExpirationLimit)); 
                        }                                   
                        $variableGroupSTMapping.data += @([PSCustomObject] @{ variableGroupName = $_.ResourceName; variableGroupID = $_.ResourceID; serviceID = $pipelineSTData.serviceID; projectName = $this.ProjectName; projectID = $_.projectID; orgName = $_.orgName } )                    
                    }
                    else{
                        $variableGroupSTMapping.data += @([PSCustomObject] @{ variableGroupName = $_.ResourceName; variableGroupID = $_.ResourceID; serviceID = $_.ServiceTreeID; projectName = $this.ProjectName; projectID = $_.projectID; orgName = $_.orgName } )                    
                    }
                }
                else {
                    $variableGroupSTMapping.data += @([PSCustomObject] @{ variableGroupName = $_.ResourceName; variableGroupID = $_.ResourceID; serviceID = $_.ServiceTreeID; projectName = $this.ProjectName; projectID = $_.projectID; orgName = $_.orgName } )
                }
            }
                $this.PublishCustomMessage("Service mapping found: $(($variableGroupSTMapping.data | Measure-Object).Count)", [MessageType]::Info)
                        
                    $this.ExportObjToJsonFile($variableGroupSTMapping, 'VariableGroupSTData.json');
                    $this.ExportObjToJsonFileUploadToBlob($variableGroupSTMapping, 'VariableGroupSTData.json');
                
            }
            catch {
                $_
            }        
        }
    
    }

# SIG # Begin signature block
# MIInuQYJKoZIhvcNAQcCoIInqjCCJ6YCAQExDzANBglghkgBZQMEAgEFADB5Bgor
# BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG
# KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDVdpFj/tKJIjJ6
# KaveVydl9mCsCbDGDutZUnW6ziIDCqCCDYEwggX/MIID56ADAgECAhMzAAACUosz
# qviV8znbAAAAAAJSMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD
# VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy
# b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p
# bmcgUENBIDIwMTEwHhcNMjEwOTAyMTgzMjU5WhcNMjIwOTAxMTgzMjU5WjB0MQsw
# CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u
# ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy
# b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
# AQDQ5M+Ps/X7BNuv5B/0I6uoDwj0NJOo1KrVQqO7ggRXccklyTrWL4xMShjIou2I
# sbYnF67wXzVAq5Om4oe+LfzSDOzjcb6ms00gBo0OQaqwQ1BijyJ7NvDf80I1fW9O
# L76Kt0Wpc2zrGhzcHdb7upPrvxvSNNUvxK3sgw7YTt31410vpEp8yfBEl/hd8ZzA
# v47DCgJ5j1zm295s1RVZHNp6MoiQFVOECm4AwK2l28i+YER1JO4IplTH44uvzX9o
# RnJHaMvWzZEpozPy4jNO2DDqbcNs4zh7AWMhE1PWFVA+CHI/En5nASvCvLmuR/t8
# q4bc8XR8QIZJQSp+2U6m2ldNAgMBAAGjggF+MIIBejAfBgNVHSUEGDAWBgorBgEE
# AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUNZJaEUGL2Guwt7ZOAu4efEYXedEw
# UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1
# ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAwMTIrNDY3NTk3MB8GA1UdIwQYMBaAFEhu
# ZOVQBdOCqhc3NyK1bajKdQKVMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly93d3cu
# bWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY0NvZFNpZ1BDQTIwMTFfMjAxMS0w
# Ny0wOC5jcmwwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3
# Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvZFNpZ1BDQTIwMTFfMjAx
# MS0wNy0wOC5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAFkk3
# uSxkTEBh1NtAl7BivIEsAWdgX1qZ+EdZMYbQKasY6IhSLXRMxF1B3OKdR9K/kccp
# kvNcGl8D7YyYS4mhCUMBR+VLrg3f8PUj38A9V5aiY2/Jok7WZFOAmjPRNNGnyeg7
# l0lTiThFqE+2aOs6+heegqAdelGgNJKRHLWRuhGKuLIw5lkgx9Ky+QvZrn/Ddi8u
# TIgWKp+MGG8xY6PBvvjgt9jQShlnPrZ3UY8Bvwy6rynhXBaV0V0TTL0gEx7eh/K1
# o8Miaru6s/7FyqOLeUS4vTHh9TgBL5DtxCYurXbSBVtL1Fj44+Od/6cmC9mmvrti
# yG709Y3Rd3YdJj2f3GJq7Y7KdWq0QYhatKhBeg4fxjhg0yut2g6aM1mxjNPrE48z
# 6HWCNGu9gMK5ZudldRw4a45Z06Aoktof0CqOyTErvq0YjoE4Xpa0+87T/PVUXNqf
# 7Y+qSU7+9LtLQuMYR4w3cSPjuNusvLf9gBnch5RqM7kaDtYWDgLyB42EfsxeMqwK
# WwA+TVi0HrWRqfSx2olbE56hJcEkMjOSKz3sRuupFCX3UroyYf52L+2iVTrda8XW
# esPG62Mnn3T8AuLfzeJFuAbfOSERx7IFZO92UPoXE1uEjL5skl1yTZB3MubgOA4F
# 8KoRNhviFAEST+nG8c8uIsbZeb08SeYQMqjVEmkwggd6MIIFYqADAgECAgphDpDS
# AAAAAAADMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
# V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0
# IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0
# ZSBBdXRob3JpdHkgMjAxMTAeFw0xMTA3MDgyMDU5MDlaFw0yNjA3MDgyMTA5MDla
# MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS
# ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMT
# H01pY3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTEwggIiMA0GCSqGSIb3DQEB
# AQUAA4ICDwAwggIKAoICAQCr8PpyEBwurdhuqoIQTTS68rZYIZ9CGypr6VpQqrgG
# OBoESbp/wwwe3TdrxhLYC/A4wpkGsMg51QEUMULTiQ15ZId+lGAkbK+eSZzpaF7S
# 35tTsgosw6/ZqSuuegmv15ZZymAaBelmdugyUiYSL+erCFDPs0S3XdjELgN1q2jz
# y23zOlyhFvRGuuA4ZKxuZDV4pqBjDy3TQJP4494HDdVceaVJKecNvqATd76UPe/7
# 4ytaEB9NViiienLgEjq3SV7Y7e1DkYPZe7J7hhvZPrGMXeiJT4Qa8qEvWeSQOy2u
# M1jFtz7+MtOzAz2xsq+SOH7SnYAs9U5WkSE1JcM5bmR/U7qcD60ZI4TL9LoDho33
# X/DQUr+MlIe8wCF0JV8YKLbMJyg4JZg5SjbPfLGSrhwjp6lm7GEfauEoSZ1fiOIl
# XdMhSz5SxLVXPyQD8NF6Wy/VI+NwXQ9RRnez+ADhvKwCgl/bwBWzvRvUVUvnOaEP
# 6SNJvBi4RHxF5MHDcnrgcuck379GmcXvwhxX24ON7E1JMKerjt/sW5+v/N2wZuLB
# l4F77dbtS+dJKacTKKanfWeA5opieF+yL4TXV5xcv3coKPHtbcMojyyPQDdPweGF
# RInECUzF1KVDL3SV9274eCBYLBNdYJWaPk8zhNqwiBfenk70lrC8RqBsmNLg1oiM
# CwIDAQABo4IB7TCCAekwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFEhuZOVQ
# BdOCqhc3NyK1bajKdQKVMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud
# DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFHItOgIxkEO5FAVO
# 4eqnxzHRI4k0MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwubWljcm9zb2Z0
# LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y
# Mi5jcmwwXgYIKwYBBQUHAQEEUjBQME4GCCsGAQUFBzAChkJodHRwOi8vd3d3Lm1p
# Y3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y
# Mi5jcnQwgZ8GA1UdIASBlzCBlDCBkQYJKwYBBAGCNy4DMIGDMD8GCCsGAQUFBwIB
# FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2RvY3MvcHJpbWFyeWNw
# cy5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AcABvAGwAaQBjAHkA
# XwBzAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAGfyhqWY
# 4FR5Gi7T2HRnIpsLlhHhY5KZQpZ90nkMkMFlXy4sPvjDctFtg/6+P+gKyju/R6mj
# 82nbY78iNaWXXWWEkH2LRlBV2AySfNIaSxzzPEKLUtCw/WvjPgcuKZvmPRul1LUd
# d5Q54ulkyUQ9eHoj8xN9ppB0g430yyYCRirCihC7pKkFDJvtaPpoLpWgKj8qa1hJ
# Yx8JaW5amJbkg/TAj/NGK978O9C9Ne9uJa7lryft0N3zDq+ZKJeYTQ49C/IIidYf
# wzIY4vDFLc5bnrRJOQrGCsLGra7lstnbFYhRRVg4MnEnGn+x9Cf43iw6IGmYslmJ
# aG5vp7d0w0AFBqYBKig+gj8TTWYLwLNN9eGPfxxvFX1Fp3blQCplo8NdUmKGwx1j
# NpeG39rz+PIWoZon4c2ll9DuXWNB41sHnIc+BncG0QaxdR8UvmFhtfDcxhsEvt9B
# xw4o7t5lL+yX9qFcltgA1qFGvVnzl6UJS0gQmYAf0AApxbGbpT9Fdx41xtKiop96
# eiL6SJUfq/tHI4D1nvi/a7dLl+LrdXga7Oo3mXkYS//WsyNodeav+vyL6wuA6mk7
# r/ww7QRMjt/fdW1jkT3RnVZOT7+AVyKheBEyIXrvQQqxP/uozKRdwaGIm1dxVk5I
# RcBCyZt2WwqASGv9eZ/BvW1taslScxMNelDNMYIZjjCCGYoCAQEwgZUwfjELMAkG
# A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx
# HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9z
# b2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAxMQITMwAAAlKLM6r4lfM52wAAAAACUjAN
# BglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor
# BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgPmRXSE+B
# YT1U8OYpe/R9u0gNiRpk9tvxJeI4dlwQIyUwRAYKKwYBBAGCNwIBDDE2MDSgFIAS
# AE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3Lm1pY3Jvc29mdC5jb20g
# MA0GCSqGSIb3DQEBAQUABIIBACQRjAgLuNAEOpdmC52VWjq4ozeQ7tVcAudql6V1
# kAQhD52w6z8L5zLsMh91ibZzHJv+BC4AEHBRDxzzY+cn3YqgCSmA2PpcnGYIWHpA
# sZtu+L1eVGBJK6i92JyEDv/4aRC0pTcjl7u7STkNWDCJq3wBQp2UHqAtENM/JeHc
# pwYDBqwzplGS2Y6xP6YLByFqolu6GsEqUAUmPxAwlmPU/oFd8kT1dOXLJ3u/w0GD
# pGoX2FpnZ3wWZ+MoPVby+/oylpbD0W0qTAYsM5f+4AhbhDeDnF3dWV9m0n9gZTOa
# NUgybonRs9yzV5WRRfZUXG/jlt6NTaIjLvCgC8sAP2wqcgahghcWMIIXEgYKKwYB
# BAGCNwMDATGCFwIwghb+BgkqhkiG9w0BBwKgghbvMIIW6wIBAzEPMA0GCWCGSAFl
# AwQCAQUAMIIBWQYLKoZIhvcNAQkQAQSgggFIBIIBRDCCAUACAQEGCisGAQQBhFkK
# AwEwMTANBglghkgBZQMEAgEFAAQgIjCPAE0GE9Ua43RsLLPzb6qJJHtJHyjV0iQV
# jURz9p8CBmH9XzcDoRgTMjAyMjAyMTQxMTA0MDYuMjE0WjAEgAIB9KCB2KSB1TCB
# 0jELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl
# ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMk
# TWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1U
# aGFsZXMgVFNTIEVTTjowODQyLTRCRTYtQzI5QTElMCMGA1UEAxMcTWljcm9zb2Z0
# IFRpbWUtU3RhbXAgU2VydmljZaCCEWUwggcUMIIE/KADAgECAhMzAAABh0IWZgRc
# 8/SNAAEAAAGHMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
# EwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv
# ZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBD
# QSAyMDEwMB4XDTIxMTAyODE5MjczOVoXDTIzMDEyNjE5MjczOVowgdIxCzAJBgNV
# BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w
# HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jvc29m
# dCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQGA1UECxMdVGhhbGVzIFRT
# UyBFU046MDg0Mi00QkU2LUMyOUExJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0
# YW1wIFNlcnZpY2UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+aXgZ
# Yz0Do9ERCIeBkAA8rqf5OHqb4tjApgtpAWVldtOquh2GyeLsdUhGSoEW4byiDUpm
# vLTbESaZt2nz07jTEIhB9bwUpbug7+Vhi1QBBbaSnS4y5gQnVeRnp4eNwy6oQnAL
# jtRqRnHcB6RqQ/4Z8a4MM72RkZBF7wimKInhCSfqZsOFtGmBxQ52wPOY3PqRcbuB
# 8h+ByzmTO4og/qc3i2yM+HIXnxVTRl8jQ9IL6fk5fSGxTyF5Z7elSIOvmCo/Xprq
# QiMUkeSA09iAyK8ZNApyM3E1xeefKZP8lW42ztm+TU/kpZ/wbVcb8y1lnn+O6qyD
# RChSZBmNWHRdGS7tikymS1btd8UDfL5gk4bWlXOLMHc/MldQLwxrwBTLC1S5QtaN
# hPnLv8TDAdaafVFPQ+Fin2Sal9Lochh8QFuhhS9QtbYecY1/Hrl/hSRzuSA1JBt4
# AfrKM7l2DoxTA9/Oj+sF01pl8nFntGxxMHJO2XFuV9RPjrI8cJcAKJf8GFocRjh5
# 0WCn9whvtccUlu7iY0MA/NGUCQiPVIa470bixuSMz1ek0xaCWPZ0L1As3/SB4EVe
# g0jwX4d8fDgmj6nqJI/yGfjeaSRYpIY6JPiEsnOhwSsWe0rmL095tdKrYG8yDNVz
# 4EG8I3fkN8PSaiRErFqba1AzTrRI5HLdLu5x6wIDAQABo4IBNjCCATIwHQYDVR0O
# BBYEFCJRwBa6QS1hgX7dYXOZkD8NpY0gMB8GA1UdIwQYMBaAFJ+nFV0AXmJdg/Tl
# 0mWnG1M1GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWljcm9zb2Z0
# LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAy
# MDEwKDEpLmNybDBsBggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0dHA6Ly93
# d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGltZS1T
# dGFtcCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAww
# CgYIKwYBBQUHAwgwDQYJKoZIhvcNAQELBQADggIBALmrflPZEqMAVE3/dxiOc8XO
# 09rsp6okomcqC+JSP0gx8Lz8VDajHpTDJ3jRNLvMq+24yXXUUWV9aQSdw3eWqKGJ
# ICogM851W+vWgljg0VAE4fMul616kecyDRQvZRcfO+MqDbhU4jNvR210/r35AjLt
# IOlxWH0ojQRcobZuiWkHKmpG20ZMN3QlCQ60x2JKloOk4fCAIw1cTzEi7jyGK5PT
# vmgiqccmFrfvz8Om6AjQNmNhxkfVwbzgnTq5yrnKCuh32zOvX05sJkl0kunK8lYL
# Lw9EMCRGM8mCVKZ+fZRHQq+ejII7OOzMDA0Kn8kmeRGnbTB4i3Ob3uI2D4VkXUn0
# TXp5YgHWwKvtWP1APoq37PzWs5wtF/GGU7b+wrT1TD4OJCQ9u7o5ndOwO8uyvzIb
# 1bYDzJdyCA2p3heku10SR/nY4g3QaBEtJjUs0MHggpj5mPfgjAxsNuzawKKDkuLY
# gtYQxX/qDIvfsnvU1tbtXOjt9was2d706rGAULZZfl16DHIndLHZsrDqVt/Tgppe
# dME5LPRAL5F8m7Pyc6kh/bz5aYw+JxfaXuCz8ysLlqebIr+dt4qRo7H4BeHBgvMR
# M2D7UhzKCN3CdupYpp8t0I0p+Gxv+AzlIVuAPkBMRfVsDHBQVXEq9C/R0hECbloO
# MXcNmmC/LeZKiNKsE3/zMIIHcTCCBVmgAwIBAgITMwAAABXF52ueAptJmQAAAAAA
# FTANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp
# bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw
# b3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0
# aG9yaXR5IDIwMTAwHhcNMjEwOTMwMTgyMjI1WhcNMzAwOTMwMTgzMjI1WjB8MQsw
# CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u
# ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNy
# b3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
# ADCCAgoCggIBAOThpkzntHIhC3miy9ckeb0O1YLT/e6cBwfSqWxOdcjKNVf2AX9s
# SuDivbk+F2Az/1xPx2b3lVNxWuJ+Slr+uDZnhUYjDLWNE893MsAQGOhgfWpSg0S3
# po5GawcU88V29YZQ3MFEyHFcUTE3oAo4bo3t1w/YJlN8OWECesSq/XJprx2rrPY2
# vjUmZNqYO7oaezOtgFt+jBAcnVL+tuhiJdxqD89d9P6OU8/W7IVWTe/dvI2k45GP
# sjksUZzpcGkNyjYtcI4xyDUoveO0hyTD4MmPfrVUj9z6BVWYbWg7mka97aSueik3
# rMvrg0XnRm7KMtXAhjBcTyziYrLNueKNiOSWrAFKu75xqRdbZ2De+JKRHh09/SDP
# c31BmkZ1zcRfNN0Sidb9pSB9fvzZnkXftnIv231fgLrbqn427DZM9ituqBJR6L8F
# A6PRc6ZNN3SUHDSCD/AQ8rdHGO2n6Jl8P0zbr17C89XYcz1DTsEzOUyOArxCaC4Q
# 6oRRRuLRvWoYWmEBc8pnol7XKHYC4jMYctenIPDC+hIK12NvDMk2ZItboKaDIV1f
# MHSRlJTYuVD5C4lh8zYGNRiER9vcG9H9stQcxWv2XFJRXRLbJbqvUAV6bMURHXLv
# jflSxIUXk8A8FdsaN8cIFRg/eKtFtvUeh17aj54WcmnGrnu3tz5q4i6tAgMBAAGj
# ggHdMIIB2TASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBQqp1L+
# ZMSavoKRPEY1Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cVXQBeYl2D9OXSZacbUzUZ6XIw
# XAYDVR0gBFUwUzBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDov
# L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMBMG
# A1UdJQQMMAoGCCsGAQUFBwMIMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsG
# A1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP6KJc
# YmjRPZSQW9fOmhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9z
# b2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIz
# LmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWlj
# cm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3J0
# MA0GCSqGSIb3DQEBCwUAA4ICAQCdVX38Kq3hLB9nATEkW+Geckv8qW/qXBS2Pk5H
# ZHixBpOXPTEztTnXwnE2P9pkbHzQdTltuw8x5MKP+2zRoZQYIu7pZmc6U03dmLq2
# HnjYNi6cqYJWAAOwBb6J6Gngugnue99qb74py27YP0h1AdkY3m2CDPVtI1TkeFN1
# JFe53Z/zjj3G82jfZfakVqr3lbYoVSfQJL1AoL8ZthISEV09J+BAljis9/kpicO8
# F7BUhUKz/AyeixmJ5/ALaoHCgRlCGVJ1ijbCHcNhcy4sa3tuPywJeBTpkbKpW99J
# o3QMvOyRgNI95ko+ZjtPu4b6MhrZlvSP9pEB9s7GdP32THJvEKt1MMU0sHrYUP4K
# WN1APMdUbZ1jdEgssU5HLcEUBHG/ZPkkvnNtyo4JvbMBV0lUZNlz138eW0QBjloZ
# kWsNn6Qo3GcZKCS6OEuabvshVGtqRRFHqfG3rsjoiV5PndLQTHa1V1QJsWkBRH58
# oWFsc/4Ku+xBZj1p/cvBQUl+fpO+y/g75LcVv7TOPqUxUYS8vwLBgqJ7Fx0ViY1w
# /ue10CgaiQuPNtq6TPmb/wrpNPgkNWcr4A245oyZ1uEi6vAnQj0llOZ0dFtq0Z4+
# 7X6gMTN9vMvpe784cETRkPHIqzqKOghif9lwY1NNje6CbaUFEMFxBmoQtB1VM1iz
# oXBm8qGCAtQwggI9AgEBMIIBAKGB2KSB1TCB0jELMAkGA1UEBhMCVVMxEzARBgNV
# BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv
# c29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0IElyZWxhbmQgT3Bl
# cmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjowODQyLTRC
# RTYtQzI5QTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaIj
# CgEBMAcGBSsOAwIaAxUAeHeTVAQoBkSGwsZgYe1//oMbg/OggYMwgYCkfjB8MQsw
# CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u
# ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNy
# b3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIFAOW0Y5ww
# IhgPMjAyMjAyMTQxMzE0MDRaGA8yMDIyMDIxNTEzMTQwNFowdDA6BgorBgEEAYRZ
# CgQBMSwwKjAKAgUA5bRjnAIBADAHAgEAAgIBiDAHAgEAAgIRWTAKAgUA5bW1HAIB
# ADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQow
# CAIBAAIDAYagMA0GCSqGSIb3DQEBBQUAA4GBAJMj/nrngCPmUR+E2vDpv4zFDQZj
# hNBoQr9L0ahMEKtn5u4yhwAzjPTZmhBNCs/+G4ajnHFrZc4UVPmBdeMNPlPv2TEG
# BoT7lc4HaPALUWJrUjqcNIE2iY4GTyBbVFB82kvdYfkmLMQIsHh6y7xaJQcoWRtX
# GUjnIep89qczdLDtMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNV
# BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv
# c29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAg
# UENBIDIwMTACEzMAAAGHQhZmBFzz9I0AAQAAAYcwDQYJYIZIAWUDBAIBBQCgggFK
# MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgA+XZ
# 4S+QV7Xc0kbghgZQjgbYdQu6WHQ0LFdUva6TPe4wgfoGCyqGSIb3DQEJEAIvMYHq
# MIHnMIHkMIG9BCDELPCgE26gH3bCwLZLFmHPgdUbK8JmfBg25zOkbJqbWDCBmDCB
# gKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH
# EwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNV
# BAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABh0IWZgRc8/SN
# AAEAAAGHMCIEIFOk/crJwyFlTZf0fQVfxc1GJAKt/hLvYSuc2oOGsnT3MA0GCSqG
# SIb3DQEBCwUABIICALcnTBZaZ34sJTCCvajP2/rUPwWnUu3W6QSI8flYtZPe0hQm
# 6Bvl2PcOk/8tslQzOvdE5aa7fvW93eT/83tOg/GgBML7fI9V0joF1sOtjxd/kkeF
# F8FCnTB4fri7RhC6nVgrCTJPewzQqb+vzwdyc1/ql6w8spGsSKQj2gnuczQkIUL6
# 05G30W9vSISHN7qbmXgGCHhpO23IkjVKcZy+pnZ4FM9XXtaYBuChicKcJyn9S1w0
# jyPxtFH3L0q7smi3V3rTnobyV7tRLYJjajA5rWsVpp3x+zqDMpL4iIVFVXXkIaWD
# 3KjOupwV4Hzdp+1/9obbA7MshGph3Fu6ZKy9ozFMlcJcZDqnBxIzr9DhwVj6rSXz
# QU6aModxZqTs1fg0lXCamvUgqF6B6UFFZUZCQdbSln0XfMOW7icey//vab7rzEWF
# EaOlho1VkskwbdzYUqQ9h90aHpbTMtA5A6g98hX1dC8HLl6PgaA/dAkxTDPesrDj
# HOaEJ2nCFWeWA40cZ+UIFpV9Va+GJt3UbA2kksIkZJUJZWoe2qlJyo4pTTeb3tZI
# xP7X4AOKQN4z/qhpUzVFSk0cqp7KeC/6tWoQINQYgqr3tpSJkOJmUhqk4bTpkyV0
# rlTdQhciXewSqC18qnf7i/hangMjMKIWGgVcpDyfeV8evTcejuL57/iwEhI8
# SIG # End signature block