Updated the network policy to allow the public maven feed access

[raych1]

We're seeing 1es pipeline template blocks the maven feed access in the pipeline runs.

Failed run

##[INFO] Successfully completed 'Enforce' command.
Summary of policies applied to this build:
Policy=[Permissive] AllowRulesCount=[65] DenyRulesCount=[1] Description=[The least secure policy. Only blocks well established malicious endpoints and allows all other connections to the internet. Teams should refrain from using this policy.]
Policy=[CFSClean] AllowRulesCount=[0] DenyRulesCount=[6] Description=[NI policy to block access to public package feeds and enforce CFS (Centralized Feed Service) for package management.]
##[DEBUG] StartupNITool: PolicySummary executed in 00:00:00.0000753

Override the network isolation policy to preferred. See the linked doc for more details.

[Copilot]

Pull request overview

This PR updates the Azure DevOps pipeline configuration to enable access to public Maven repositories during builds by setting the network isolation policy to Preferred. This change is necessary to allow builds to download dependencies from Maven Central and other public package repositories.

Key Changes

• Added networkIsolationPolicy: Preferred setting to the 1ES pipeline template configuration
• Included explanatory comment with link to Microsoft documentation about network isolation policies

[raych1]

@weshaggard the preferred policy is still too strict, and the java sdk repo is blocked. I lowered down the policy.

[hallipr]

the preferred policy is still too strict, and the java sdk repo is blocked.

The failure says that it couldn't connect to github.com. I wouldn't think that that the "preferred" policy should block being able to clone the repo.

[raych1]

The failure says that it couldn't connect to github.com. I wouldn't think that that the "preferred" policy should block being able to clone the repo.

I was surprised but seems that the github is blocked by the policy.