Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Store Secrets to Encrypted Storage #19929

Merged
merged 5 commits into from
Nov 24, 2022
Merged

Store Secrets to Encrypted Storage #19929

merged 5 commits into from
Nov 24, 2022

Conversation

msJinLei
Copy link
Contributor

@msJinLei msJinLei commented Oct 25, 2022

Description

  • Implement AzKeyStore to support multiple data structures of keys and values
  • Store ServicePrincipalSecret and CertificatePassword into AzKeyStore
  • Add test cases

Checklist

  • SHOULD select appropriate branch. Cmdlets from Autorest.PowerShell should go to generation branch.
  • SHOULD make the title of PR clear and informative, and in the present imperative tense.
  • SHOULD update ChangeLog.md file(s) appropriately
    • For any service, the ChangeLog.md file can be found at src/{{SERVICE}}/{{SERVICE}}/ChangeLog.md
    • A snippet outlining the change(s) made in the PR should be written under the ## Upcoming Release header in the past tense. Add changelog in description section if PR goes into generation branch.
    • Should not change ChangeLog.md if no new release is required, such as fixing test case only.
  • SHOULD have approved design review for the changes in this repository (Microsoft internal only) with following situations
    • Create new module from scratch
    • Create new resource types which are not easy to conform to Azure PowerShell Design Guidelines
    • Create new resource type which name doesn't use module name as prefix
    • Have design question before implementation
  • SHOULD regenerate markdown help files if there is cmdlet API change. Instruction
  • SHOULD have proper test coverage for changes in pull request.
  • SHOULD NOT introduce breaking changes in Az minor release except preview version.
  • SHOULD NOT adjust version of module manually in pull request

@msJinLei msJinLei force-pushed the keystore10 branch 2 times, most recently from 4d45c54 to a3f7dc7 Compare October 31, 2022 06:43
@msJinLei msJinLei force-pushed the keystore10 branch 5 times, most recently from d7d849a to 3ab1002 Compare November 6, 2022 15:56
@msJinLei msJinLei force-pushed the keystore10 branch 3 times, most recently from e5da91b to 4ded8ba Compare November 16, 2022 19:51
@msJinLei
Copy link
Contributor Author

/azp run azure-powershell - windows-powershell

@azure-pipelines
Copy link
Contributor

Azure Pipelines successfully started running 1 pipeline(s).

@msJinLei msJinLei force-pushed the keystore10 branch 2 times, most recently from 432c20d to 9fa59c9 Compare November 17, 2022 05:08
@msJinLei msJinLei marked this pull request as ready for review November 17, 2022 06:12
@msJinLei msJinLei force-pushed the keystore10 branch 2 times, most recently from e550f7f to dd11cf3 Compare November 22, 2022 02:00
@msJinLei msJinLei force-pushed the keystore10 branch 4 times, most recently from 42c071f to 3bb3283 Compare November 23, 2022 07:36
@msJinLei msJinLei merged commit e692a81 into Azure:main Nov 24, 2022
dolauli pushed a commit that referenced this pull request Dec 5, 2022
…-preview (#20364)

* Added .NET SDK for new api version (#20099)

Co-authored-by: Beisi Zhou <[email protected]>

* Added new parameters to AzApplicationGatewayFirewallPolicySettings for CustomBlockResponseFeature (#19971)

* Powershell changes for waf custom block response feature

* Added test record

* Update ChangeLog.md

* Updating sdk version for 2022-07-01

* Updated tests

* Update ChangeLog.md

Co-authored-by: Akshay Murali <[email protected]>
Co-authored-by: Adishree Mazumder <[email protected]>
Co-authored-by: Beisi Zhou <[email protected]>

* [UX] Fix the issues in UX files (#20198)

* update the UX files

* update the UX files

* update the UX files

* update the UX files

* Remove the suppressed exceptions

* Update subscriptions.json

Co-authored-by: wyunchi-ms <[email protected]>
Co-authored-by: Yunchi Wang <[email protected]>

* Fix error when repository is not provided (#20210)

Fix the #20209
(Repository is not set but used in installation and updating)

* Upgraded target framework of identity client (#20214)

* adding new cmdlet - Get-AzApplicationGatewayWafDynamicManifests (#20217)

* init commit

* add help, move to singular not plural

* fix help

* upadte changelog

* try to resolve conflict

* init commit

* get help file

Co-authored-by: Alon Pelled <[email protected]>

* [AKS] return NodeImageVersion for Get-AzAksNodePool (#20219)

* Move Compute to main (#20227)

* {ServiceFabric} Fix #20213: Fix a typo (#20228)

Fixes #20213

* Move Botservice to main (#20229)

* Store Secrets to Encrypted Storage (#19929)

* Store secrets to encrypted storage

* Uses unprotected files in Linux

* Update Changelog.md

* Fix the pipeline issue

* Update src/Accounts/Authentication/KeyStore/AzKeyStore.cs

Co-authored-by: Beisi Zhou <[email protected]>

Co-authored-by: Beisi Zhou <[email protected]>

* Update ChangeLog.md (#20204)

* Migrate Resources from generation to main (#20231)

* Move Resources to main

* Update ChangeLog.md

Co-authored-by: Yabo Hu <[email protected]>

* Move BotService to main (#20232)

* Change letter case in example of New-AzStorageBlobSASToken (#20018)

* {Network} Fix #11188: Add accepted values of Protocol (#20241)

Fixes #11188

* [KeyVault] Fixed import key from encrypted certificate in `Add-AzKeyVaultKey` (#20239)

* wip

* pfxWebKeyConverter

* Fixed certificate export parameter issue in Add-AzKeyVaultKey

* polish

* polish

* polish

* Update Changelog.md (#20233)

* Update Changelog.md

* Update src/BotService/Changelog.md

Co-authored-by: Beisi Zhou <[email protected]>

* Update online help url. (#20221)

* Update ChangeLog.md (#20234)

* Update ChangeLog.md

* Update src/Compute/Compute/ChangeLog.md

Co-authored-by: Beisi Zhou <[email protected]>

* {SQL} Fix #11023: Fix incorrect input type object reference (#20242)

* {SQL} Fix #11023: Fix incorrect input type object reference

Fixes #11023

* Update Restore-AzSqlInstanceDatabase.md

* The example was using the wrong command (#20237)

* Move StackHCI to main (#20253)

* Fixed `Set-AzPolicySetDefinition` InternalServerError when the initiative is too large [#20238] (#20252)

Co-authored-by: Xuejun Li <[email protected]>

* [AKS] support NodeLabels and Tags (#20240)

* [AKS] support NodeLabels

* [AKS] support Tags

* rename input parameters to singular nouns

* remove Install-AzAksKubectl.md

* Update docs.microsoft.com to learn.microsoft.com. (#20290)

* Update URL of docs from docs.microsoft.com to learn.microsoft.com. (#20263)

* [main - RedisCache|RedisEnterpriseCache|Relay|Reservations|ResourceGraph] domain name of online doc is changed from docs.microsoft.com to learn.microsoft.com. (#20286)

* [main - NetworkFunction|Nginx|NotificationHubs|OperationalInsights|Orbital] domain name of online doc is changed from docs.microsoft.com to learn.microsoft.com. (#20283)

* [main - ManagedServiceIdentity|ManagedServices|ManagementPartner|Maps|MariaDb] domain name of online doc is changed from docs.microsoft.com to learn.microsoft.com. (#20280)

* [main - DeviceUpdate|DevSpaces|DevTestLabs|DigitalTwins|DiskPool] domain name of online doc is changed from docs.microsoft.com to learn.microsoft.com. (#20273)

* [main - DataShare|DedicatedHsm|DeploymentManager|DesktopVirtualization|DeviceProvisioningServices] domain name of online doc is changed from docs.microsoft.com to learn.microsoft.com. (#20272)

* [main - Dashboard|DataBox|DataBoxEdge|Databricks|Datadog] domain name of online doc is changed from docs.microsoft.com to learn.microsoft.com. (#20270)

* Update ChangeLog.md (#20254)

* Update ChangeLog.md

* Update src/StackHCI/ChangeLog.md

Co-authored-by: Beisi Zhou <[email protected]>

Co-authored-by: Beisi Zhou <[email protected]>

* Implementation of interface IPSCmdletAction for test coverage (#19904)

* Added implementation for interface ITestCoverage and registered in Azure session

* Updated the reference of Azure PowerShell Common to 1.3.65-preview

* Renamed environment variable from Azure_PS_TestCoverage to EnableTestCoverage

* [Synapse] Support for setting spark pool configuration by artifact (#20024)

* Updated  and  to support for setting spark pool configuration artifact by

* add announce for deprecation of SparkConfigFilePath

* modify change log

* Enable token cache for client assertion login flow (#20297)

* Add client assert code for upcoming change

* cache token for client assertion

* work around AssemblyInformationalVersion issue

* changelog

* Update README.md

Co-authored-by: dingmeng-xue <[email protected]>

* Move StackHCI to main (#20306)

* update changelog (#20312)

* Migrate SignalR from generation to main (#20230)

* Move SignalR to main

* Update ChangeLog.md

* Update SignatureIssues.csv

* Update SignatureIssues.csv

Co-authored-by: Beisi Zhou <[email protected]>

* Migrate ServiceBus from generation to release-2022-12-06 (#20316)

* Move ServiceBus to release-2022-12-06

* Update ChangeLog.md

* Update SignatureIssues.csv

* Update ChangeLog.md

Co-authored-by: Beisi Zhou <[email protected]>
Co-authored-by: NanxiangLiu <[email protected]>

* Migrate EventHub from generation to release-2022-12-06 (#20315)

* Move EventHub to release-2022-12-06

* Update ChangeLog.md

* Update SignatureIssues.csv

* Update ChangeLog.md

Co-authored-by: Beisi Zhou <[email protected]>
Co-authored-by: NanxiangLiu <[email protected]>

* [AKS] support NodeTaints and AksCustomHeaders (#20319)

* [AKS] support NodeTaints

* [AKS] support AksCustomHeader

* [RecoveryServices.Backup] Added support for passing DiskEncryptionSetId for Cross region restore (#20295)

* Added CZR test case

added CRR DES support

re-recorded failed test

* fixing the issue in playback mode

* Update New-AzADAppCredential.md (#20317)

Clarify examples. Also fixes the "Unable to get certificate thumbprint" issue in the portal, by giving an example of passing $CertificateThumbprint variable to the -CustomKeyIdentifier parameter.

Co-authored-by: NanxiangLiu <[email protected]>

* {DesktopVitualization} Fix #20307: Update examples and add default values (#20322)

Fixes #20307

Co-authored-by: NanxiangLiu <[email protected]>

* Typo "resouce"→"resource" (#20321)

https://learn.microsoft.com/en-us/powershell/module/az.datafactory/add-azdatafactoryv2dataflowdebugsessionpackage?view=azps-9.1.0
https://github.com/Azure/azure-powershell/blob/main/src/DataFactory/DataFactoryV2/help/Add-AzDataFactoryV2DataFlowDebugSessionPackage.md
#PingMSFTDocs

Co-authored-by: NanxiangLiu <[email protected]>

* Enable AzKeyStore with keyring in Linux (#20296)

* Enable AzKeystore with keyring in Linux

* Update common library version.

* Upgraded reference of azure-powershell-common to 1.3.67-preview

Co-authored-by: Vincent Dai <[email protected]>
Co-authored-by: NanxiangLiu <[email protected]>

* Move StackHCI to release-2022-12-06 (#20337)

* Show ExpressRouteGatewayBypass and EnablePrivatelinkFastPath Properties in VirtualNetworkGatewayConnection Resource (#20333)

* Revert "Enable AzKeyStore with keyring in Linux (#20296)" (#20332)

This reverts commit 97452c6.

Co-authored-by: NanxiangLiu <[email protected]>

* Fix test failure (#20342)

* disable token cache for service principal (#20336)

Co-authored-by: NanxiangLiu <[email protected]>
Co-authored-by: Jin Lei <[email protected]>

* Upgraded reference of azure-powershell-common to 1.3.67-preview (#20329)

* Upgraded reference of azure-powershell-common to 1.3.67-preview

* Update Common.Netcore.Dependencies.targets

* Update ChangeLog.md

Co-authored-by: NanxiangLiu <[email protected]>
Co-authored-by: Beisi Zhou <[email protected]>

* Move Monitor to release-2022-12-06 (#20348)

* CosmosDB Mongo API RBAC Release (#19595)

* Add SDK source code

* Update AssemblyInfo.cs

* generated code

* build fix

* mongo rbac changes

* update test records

* Update New-AzCosmosDBMongoDBPrivilege.md

* Update New-AzCosmosDBMongoDBPrivilege.md

* Update New-AzCosmosDBMongoDBPrivilege.md

* Update New-AzCosmosDBMongoDBPrivilegeResource.md

* Update New-AzCosmosDBMongoDBRole.md

* update help

* update recordings

* update recordings

* update static analysis

* Cosmos DB Service related changes

* Added help files

* Resolved nit

* Static Analysis another nit

* Update Az.CosmosDB.psd1

* Added service tests recording

* Update ExampleIssues.csv

* Update ExampleIssues.csv

* Update New-AzCosmosDBAccount.md

* Delete ExampleIssues.csv

* Update New-AzCosmosDBMongoDBRoleDefinition.md

Added backtick for cmdlets in examples that were separated in multi-lines

* Update New-AzCosmosDBMongoDBUserDefinition.md

* Update Update-AzCosmosDBMongoDBRoleDefinition.md

* Update Update-AzCosmosDBMongoDBUserDefinition.md

* update examples

Co-authored-by: dingmeng-xue <[email protected]>
Co-authored-by: Praful Johari <[email protected]>
Co-authored-by: Vincent Dai <[email protected]>
Co-authored-by: Yunchi Wang <[email protected]>
Co-authored-by: NanxiangLiu <[email protected]>

* 2022-12-06 (#20318)

* update changelog

Co-authored-by: htippanaboya <[email protected]>
Co-authored-by: Beisi Zhou <[email protected]>
Co-authored-by: Beisi Zhou <[email protected]>
Co-authored-by: akshaym6 <[email protected]>
Co-authored-by: Akshay Murali <[email protected]>
Co-authored-by: Adishree Mazumder <[email protected]>
Co-authored-by: Alex <[email protected]>
Co-authored-by: wyunchi-ms <[email protected]>
Co-authored-by: Yunchi Wang <[email protected]>
Co-authored-by: Jin Lei <[email protected]>
Co-authored-by: Dingmeng Xue <[email protected]>
Co-authored-by: alon-microsoft <[email protected]>
Co-authored-by: Alon Pelled <[email protected]>
Co-authored-by: Yan Xu <[email protected]>
Co-authored-by: Azure PowerShell <[email protected]>
Co-authored-by: RakeshMohan-MSFT <[email protected]>
Co-authored-by: NanxiangLiu <[email protected]>
Co-authored-by: Yabo Hu <[email protected]>
Co-authored-by: Mo Zaatar <[email protected]>
Co-authored-by: Lucas Yao <[email protected]>
Co-authored-by: Ajay1250 <[email protected]>
Co-authored-by: Xuejun Li <[email protected]>
Co-authored-by: Xuejun Li <[email protected]>
Co-authored-by: Vincent Dai <[email protected]>
Co-authored-by: YanjunGao <[email protected]>
Co-authored-by: Yeming Liu <[email protected]>
Co-authored-by: lijinpei2008 <[email protected]>
Co-authored-by: Himanshu Agarwal <[email protected]>
Co-authored-by: Robin Malik <[email protected]>
Co-authored-by: Hiroshi Yoshioka <[email protected]>
Co-authored-by: Jesus Arango <[email protected]>
Co-authored-by: Ashwini Singh <[email protected]>
Co-authored-by: Praful Johari <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants