diff --git a/eng/common/pipelines/templates/steps/update-docsms-metadata.yml b/eng/common/pipelines/templates/steps/update-docsms-metadata.yml index ce57f620c90b..ddda7e6caf0d 100644 --- a/eng/common/pipelines/templates/steps/update-docsms-metadata.yml +++ b/eng/common/pipelines/templates/steps/update-docsms-metadata.yml @@ -94,7 +94,10 @@ steps: -Language '${{parameters.Language}}' ` -RepoId '${{ parameters.RepoId }}' ` -DocValidationImageId '${{ parameters.DocValidationImageId }}' ` - -PackageSourceOverride '${{ parameters.PackageSourceOverride }}' + -PackageSourceOverride '${{ parameters.PackageSourceOverride }}' ` + -TenantId '$(opensource-aad-tenant-id)' ` + -ClientId '$(opensource-aad-app-id)' ` + -ClientSecret '$(opensource-aad-secret)' displayName: Apply Documentation Updates - template: /eng/common/pipelines/templates/steps/git-push-changes.yml diff --git a/eng/common/scripts/Helpers/Metadata-Helpers.ps1 b/eng/common/scripts/Helpers/Metadata-Helpers.ps1 new file mode 100644 index 000000000000..49d6f68d9582 --- /dev/null +++ b/eng/common/scripts/Helpers/Metadata-Helpers.ps1 @@ -0,0 +1,59 @@ +function Generate-AadToken ($TenantId, $ClientId, $ClientSecret) +{ + $LoginAPIBaseURI = "https://login.microsoftonline.com/$TenantId/oauth2/token" + + $headers = @{ + "content-type" = "application/x-www-form-urlencoded" + } + + $body = @{ + "grant_type" = "client_credentials" + "client_id" = $ClientId + "client_secret" = $ClientSecret + "resource" = "api://repos.opensource.microsoft.com/audience/7e04aa67" + } + Write-Host "Generating aad token..." + $resp = Invoke-RestMethod $LoginAPIBaseURI -Method 'POST' -Headers $headers -Body $body + return $resp.access_token +} + +function GetMsAliasFromGithub ($TenantId, $ClientId, $ClientSecret, $GithubUser) +{ + $OpensourceAPIBaseURI = "https://repos.opensource.microsoft.com/api/people/links/github/$GithubUser" + + $Headers = @{ + "Content-Type" = "application/json" + "api-version" = "2019-10-01" + } + + try { + $opsAuthToken = Generate-AadToken -TenantId $TenantId -ClientId $ClientId -ClientSecret $ClientSecret + $Headers["Authorization"] = "Bearer $opsAuthToken" + Write-Host "Fetching aad identity for github user: $GithubUser" + $resp = Invoke-RestMethod $OpensourceAPIBaseURI -Method 'GET' -Headers $Headers + } + catch { + Write-Error $_ + return $null + } + + $resp | Write-Verbose + + if ($resp.aad) { + Write-Host "Fetched aad identity $($resp.aad.alias) for github user $GithubUser." + return $resp.aad.alias + } + Write-Error "Failed to retrieve the aad identity from given github user: $GithubName" + return $null +} + +function GetPrimaryCodeOwner ($TargetDirectory) +{ + $codeOwnerArray = &"$PSScriptRoot/../get-codeowners.ps1" -TargetDirectory $TargetDirectory + if ($codeOwnerArray) { + Write-Host "Code Owners are $codeOwnerArray." + return $codeOwnerArray[0] + } + Write-Error "No code owner found in $TargetDirectory." + return $null +} \ No newline at end of file diff --git a/eng/common/scripts/Update-DocsMsMetadata.ps1 b/eng/common/scripts/Update-DocsMsMetadata.ps1 index ae2e3c36ee0b..1684e967c09a 100644 --- a/eng/common/scripts/Update-DocsMsMetadata.ps1 +++ b/eng/common/scripts/Update-DocsMsMetadata.ps1 @@ -32,11 +32,14 @@ GitHub repository ID of the SDK. Typically of the form: 'Azure/azure-sdk-for-js' The docker image id in format of '$containerRegistry/$imageName:$tag' e.g. azuresdkimages.azurecr.io/jsrefautocr:latest -.PARAMETER PackageSourceOverride -Optional parameter to supply a different package source (useful for daily dev -docs generation from pacakges which are not published to the default feed). This -variable is meant to be used in the domain-specific business logic in -&$ValidateDocsMsPackagesFn +.PARAMETER TenantId +The aad tenant id/object id. + +.PARAMETER ClientId +The add client id/application id. + +.PARAMETER ClientSecret +The client secret of add app. #> param( @@ -56,10 +59,20 @@ param( [string]$DocValidationImageId, [Parameter(Mandatory = $false)] - [string]$PackageSourceOverride -) + [string]$PackageSourceOverride, + + [Parameter(Mandatory = $false)] + [string]$TenantId, + + [Parameter(Mandatory = $false)] + [string]$ClientId, + [Parameter(Mandatory = $false)] + [string]$ClientSecret +) +Set-StrictMode -Version 3 . (Join-Path $PSScriptRoot common.ps1) +. (Join-Path $PSScriptRoot Helpers Metadata-Helpers.ps1) $releaseReplaceRegex = "(https://github.com/$RepoId/(?:blob|tree)/)(?:master|main)" $TITLE_REGEX = "(\#\s+(?Azure .+? (?:client|plugin|shared) library for (?:JavaScript|Java|Python|\.NET|C)))" @@ -94,15 +107,18 @@ function GetAdjustedReadmeContent($ReadmeContent, $PackageInfo, $PackageMetadata } # Get the first code owners of the package. - $author = "ramya-rao-a" - $msauthor = "ramyar" Write-Host "Retrieve the code owner from $($PackageInfo.DirectoryPath)." - $codeOwnerArray = ."$PSScriptRoot/get-codeowners.ps1" ` - -TargetDirectory $PackageInfo.DirectoryPath - if ($codeOwnerArray) { - Write-Host "Code Owners are $($codeOwnerArray -join ",")" - $author = $codeOwnerArray[0] - $msauthor = $author # This is a placeholder for now. Will change to the right ms alias. + $author = GetPrimaryCodeOwner -TargetDirectory $PackageInfo.DirectoryPath + if (!$author) { + $author = "ramya-rao-a" + $msauthor = "ramyar" + } + else { + $msauthor = GetMsAliasFromGithub -TenantId $TenantId -ClientId $ClientId -ClientSecret $ClientSecret -GithubUser $author + } + # Default value + if (!$msauthor) { + $msauthor = $author } Write-Host "The author of package: $author" Write-Host "The ms author of package: $msauthor" @@ -129,7 +145,7 @@ function GetPackageInfoJson ($packageInfoJsonLocation) { LogWarning "Package metadata not found for $packageInfoJsonLocation" return } - + $packageInfoJson = Get-Content $packageInfoJsonLocation -Raw $packageInfo = ConvertFrom-Json $packageInfoJson if ($packageInfo.DevVersion) { @@ -149,8 +165,10 @@ function GetPackageInfoJson ($packageInfoJsonLocation) { function UpdateDocsMsMetadataForPackage($packageInfoJsonLocation, $packageInfo) { $originalVersion = [AzureEngSemanticVersion]::ParseVersionString($packageInfo.Version) - - $packageMetadataArray = (Get-CSVMetadata).Where({ $_.Package -eq $packageInfo.Name -and $_.GroupId -eq $packageInfo.Group -and $_.Hide -ne 'true' -and $_.New -eq 'true' }) + $packageMetadataArray = (Get-CSVMetadata).Where({ $_.Package -eq $packageInfo.Name -and $_.Hide -ne 'true' -and $_.New -eq 'true' }) + if ($packageInfo.Group) { + $packageMetadataArray = ($packageMetadataArray).Where({$_.GroupId -eq $packageInfo.Group}) + } if ($packageMetadataArray.Count -eq 0) { LogWarning "Could not retrieve metadata for $($packageInfo.Name) from metadata CSV. Using best effort defaults." $packageMetadata = $null @@ -161,12 +179,30 @@ function UpdateDocsMsMetadataForPackage($packageInfoJsonLocation, $packageInfo) $packageMetadata = $packageMetadataArray[0] } + # Copy package info file to the docs repo + $metadataMoniker = 'latest' + if ($originalVersion.IsPrerelease) { + $metadataMoniker = 'preview' + } + $packageMetadataName = Split-Path $packageInfoJsonLocation -Leaf + $packageInfoLocation = Join-Path $DocRepoLocation "metadata/$metadataMoniker" + $packageInfoJson = ConvertTo-Json $packageInfo + New-Item -ItemType Directory -Path $packageInfoLocation -Force + Set-Content ` + -Path $packageInfoLocation/$packageMetadataName ` + -Value $packageInfoJson + + # Update Readme Content + if (!$packageInfo.ReadMePath -or !(Test-Path $packageInfo.ReadMePath)) { + Write-Warning "$($packageInfo.Name) does not have Readme file. Skipping update readme." + return + } + $readmeContent = Get-Content $packageInfo.ReadMePath -Raw $outputReadmeContent = "" if ($readmeContent) { $outputReadmeContent = GetAdjustedReadmeContent $readmeContent $packageInfo $packageMetadata } - $docsMsMetadata = &$GetDocsMsMetadataForPackageFn $packageInfo $readMePath = $docsMsMetadata.LatestReadMeLocation if ($originalVersion.IsPrerelease) { @@ -179,33 +215,21 @@ function UpdateDocsMsMetadataForPackage($packageInfoJsonLocation, $packageInfo) $readmeLocation = Join-Path $DocRepoLocation $readMePath $readMeName Set-Content -Path $readmeLocation -Value $outputReadmeContent - - # Copy package info file to the docs repo - $metadataMoniker = 'latest' - if ($originalVersion.IsPrerelease) { - $metadataMoniker = 'preview' - } - $packageMetadataName = Split-Path $packageInfoJsonLocation -Leaf - $packageInfoLocation = Join-Path $DocRepoLocation "metadata/$metadataMoniker" - $packageInfoJson = ConvertTo-Json $packageInfo - New-Item -ItemType Directory -Path $packageInfoLocation -Force - Set-Content ` - -Path $packageInfoLocation/$packageMetadataName ` - -Value $packageInfoJson } foreach ($packageInfoLocation in $PackageInfoJsonLocations) { Write-Host "Updating metadata for package: $packageInfoLocation" - # Convert package metadata json file to metadata json property. $packageInfo = GetPackageInfoJson $packageInfoLocation # Add validation step for daily update and release if ($ValidateDocsMsPackagesFn -and (Test-Path "Function:$ValidateDocsMsPackagesFn")) { + Write-Host "Validating the package..." &$ValidateDocsMsPackagesFn -PackageInfo $packageInfo -PackageSourceOverride $PackageSourceOverride -DocValidationImageId $DocValidationImageId -DocRepoLocation $DocRepoLocation if ($LASTEXITCODE) { LogError "The package failed Doc.Ms validation. Check https://aka.ms/azsdk/docs/docker for more details on how to diagnose this issue." exit $LASTEXITCODE } } + Write-Host "Updating the package json ..." UpdateDocsMsMetadataForPackage $packageInfoLocation $packageInfo } diff --git a/sdk/azidentity/CHANGELOG.md b/sdk/azidentity/CHANGELOG.md index 897b67d64bce..4a2e32f71eba 100644 --- a/sdk/azidentity/CHANGELOG.md +++ b/sdk/azidentity/CHANGELOG.md @@ -7,6 +7,8 @@ ### Breaking Changes ### Bugs Fixed +* `ManagedIdentityCredential.GetToken()` now returns an error when configured for + a user assigned identity in Azure Cloud Shell (which doesn't support such identities) ### Other Changes diff --git a/sdk/azidentity/managed_identity_client.go b/sdk/azidentity/managed_identity_client.go index 40b594de08f4..f9292c464da1 100644 --- a/sdk/azidentity/managed_identity_client.go +++ b/sdk/azidentity/managed_identity_client.go @@ -381,6 +381,10 @@ func (c *managedIdentityClient) createAzureArcAuthRequest(ctx context.Context, k } func (c *managedIdentityClient) createCloudShellAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) { + if id != nil { + msg := "Cloud Shell doesn't support user assigned managed identities. To authenticate the signed in user, omit ManagedIdentityCredentialOptions.ID" + return nil, newAuthenticationFailedError(errors.New(msg), nil) //lint:ignore ST1005 Cloud Shell is a proper noun + } request, err := runtime.NewRequest(ctx, http.MethodPost, c.endpoint) if err != nil { return nil, err @@ -388,9 +392,6 @@ func (c *managedIdentityClient) createCloudShellAuthRequest(ctx context.Context, request.Raw().Header.Set(headerMetadata, "true") data := url.Values{} data.Set("resource", strings.Join(scopes, " ")) - if id != nil { - data.Set(qpClientID, id.String()) - } dataEncoded := data.Encode() body := streaming.NopCloser(strings.NewReader(dataEncoded)) if err := request.SetBody(body, "application/x-www-form-urlencoded"); err != nil { diff --git a/sdk/azidentity/managed_identity_credential_test.go b/sdk/azidentity/managed_identity_credential_test.go index e3b21bebdeaf..2d56d70cd152 100644 --- a/sdk/azidentity/managed_identity_credential_test.go +++ b/sdk/azidentity/managed_identity_credential_test.go @@ -164,6 +164,22 @@ func TestManagedIdentityCredential_CloudShell(t *testing.T) { } } +func TestManagedIdentityCredential_CloudShellUserAssigned(t *testing.T) { + setEnvironmentVariables(t, map[string]string{msiEndpoint: "http://localhost"}) + for _, id := range []ManagedIDKind{ClientID("client-id"), ResourceID("/resource/id")} { + options := ManagedIdentityCredentialOptions{ID: id} + msiCred, err := NewManagedIdentityCredential(&options) + if err != nil { + t.Fatal(err) + } + _, err = msiCred.GetToken(context.Background(), policy.TokenRequestOptions{Scopes: []string{liveTestScope}}) + var authErr AuthenticationFailedError + if !errors.As(err, &authErr) { + t.Fatal("expected AuthenticationFailedError") + } + } +} + func TestManagedIdentityCredential_GetTokenInAppServiceV20170901Mock_windows(t *testing.T) { srv, close := mock.NewServer() defer close() diff --git a/sdk/internal/CHANGELOG.md b/sdk/internal/CHANGELOG.md index d08c5820adf5..da9da086fa1d 100644 --- a/sdk/internal/CHANGELOG.md +++ b/sdk/internal/CHANGELOG.md @@ -1,9 +1,8 @@ # Release History -## 0.9.1 (Unreleased) +## 0.9.2 (Unreleased) ### Features Added -* Adds a `CustomDefaultMatcher` that adds headers `:path`, `:authority`, `:method`, and `:scheme` to the ### Breaking Changes @@ -11,6 +10,11 @@ ### Other Changes +## 0.9.1 (2022-02-01) + +### Features Added +* Adds a `CustomDefaultMatcher` that adds headers `:path`, `:authority`, `:method`, and `:scheme` to the default matcher. + ## 0.9.0 (2022-01-24) ### Breaking Changes diff --git a/sdk/internal/version.go b/sdk/internal/version.go index c3394cf66574..66ac40dd3b06 100644 --- a/sdk/internal/version.go +++ b/sdk/internal/version.go @@ -11,5 +11,5 @@ const ( Module = "internal" // Version is the semantic version (see http://semver.org) of this module. - Version = "v0.9.1" + Version = "v0.9.2" ) diff --git a/sdk/keyvault/internal/CHANGELOG.md b/sdk/keyvault/internal/CHANGELOG.md index c05574ab1471..5ce15f64802a 100644 --- a/sdk/keyvault/internal/CHANGELOG.md +++ b/sdk/keyvault/internal/CHANGELOG.md @@ -1,6 +1,6 @@ # Release History -## 0.2.1 (Unreleased) +## 0.2.2 (Unreleased) ### Features Added @@ -10,6 +10,11 @@ ### Other Changes +## 0.2.1 (2022-01-31) + +### Bugs Fixed +* Avoid retries on terminal failures (#16932) + ## 0.2.0 (2022-01-12) ### Bugs Fixed diff --git a/sdk/keyvault/internal/constants.go b/sdk/keyvault/internal/constants.go index 0b004c6b8f7c..58186e5d5288 100644 --- a/sdk/keyvault/internal/constants.go +++ b/sdk/keyvault/internal/constants.go @@ -7,5 +7,5 @@ package internal const ( - version = "v0.2.1" //nolint + version = "v0.2.2" //nolint ) diff --git a/sdk/messaging/azservicebus/CHANGELOG.md b/sdk/messaging/azservicebus/CHANGELOG.md index 1e34d3199046..6acd91f33ad3 100644 --- a/sdk/messaging/azservicebus/CHANGELOG.md +++ b/sdk/messaging/azservicebus/CHANGELOG.md @@ -2,15 +2,12 @@ ## 0.3.4 (Unreleased) -### Features Added - -### Breaking Changes - ### Bugs Fixed -- Fix unaligned 64-bit atomic operation on mips. Thanks to @jackesdavid for contributing this fix. - -### Other Changes +- Fix unaligned 64-bit atomic operation on mips. Thanks to @jackesdavid for contributing this fix. (#16847) +- Multiple fixes to address connection/link recovery (#16831) +- Fixing panic() when the links haven't been initialized (early cancellation) (#16941) +- Handle 500 as a retryable code (no recovery needed) (#16925) ## 0.3.3 (2022-01-12) diff --git a/sdk/messaging/azservicebus/internal/stress/templates/deploy-job.yaml b/sdk/messaging/azservicebus/internal/stress/templates/deploy-job.yaml index 37cf472c5c8c..e7cdb9db965e 100644 --- a/sdk/messaging/azservicebus/internal/stress/templates/deploy-job.yaml +++ b/sdk/messaging/azservicebus/internal/stress/templates/deploy-job.yaml @@ -9,6 +9,7 @@ spec: # az acr list -g rg-stress-cluster-test --subscription "Azure SDK Developer Playground" --query "[0].loginServer" image: {{ .Values.image }} command: ['/app/stress'] + imagePullPolicy: Always args: - "tests" # (this is injected automatically. The full list of scenarios is in `../values.yaml`)