Skip to content

Commit

Permalink
Merge main into datalake feature branch (#20833)
Browse files Browse the repository at this point in the history
* Enable gocritic during linting (#20715)

Enabled gocritic's evalOrder to catch dependencies on undefined behavior
on return statements.
Updated to latest version of golangci-lint.
Fixed issue in azblob flagged by latest linter.

* Cosmos DB: Enable merge support (#20716)

* Adding header and value

* Wiring and tests

* format

* Fixing value

* change log

* [azservicebus, azeventhubs] Stress test and logging improvement (#20710)

Logging improvements:

* Updating the logging to print more tracing information (per-link) in prep for the bigger release coming up.
* Trimming out some of the verbose logging, seeing if I can get it a bit more reasonable.

Stress tests:

* Add a timestamp to the log name we generate and also default to append, not overwrite.
* Use 0.5 cores, 0.5GB as our baseline. Some pods use more and I'll tune them more later.

* update proxy version (#20712)

Co-authored-by: Scott Beddall <[email protected]>

* Return an error when you try to send a message that's too large. (#20721)

This now works just like the message batch - you'll get an ErrMessageTooLarge
if you attempt to send a message that's too large for the link's configured
size.

NOTE: there's a patch to `internal/go-amqp/Sender.go` to match what's in go-amqp's
main so it returns a programmatically useful error when the message is too large.

Fixes #20647

* Changes in test that is failing in pipeline (#20693)

* [azservicebus, azeventhubs] Treat 'entity full' as a fatal error (#20722)

When the remote entity is full we get a resource-limit-exceeded condition. This isn't something we should keep retrying on and it's best to just abort and let the user know immediately, rather than hoping it might eventually clear out.

This affected both Event Hubs and Service Bus.

Fixes #20647

* [azservicebus/azeventhubs] Redirect stderr and stdout to tee (#20726)

* Update changelog with latest features (#20730)

* Update changelog with latest features

Prepare for upcoming release.

* bump minor version

* pass along the artifact name so we can override it later (#20732)

Co-authored-by: scbedd <[email protected]>

* [azeventhubs] Fixing checkpoint store race condition (#20727)

The checkpoint store wasn't guarding against multiple owners claiming for the first time - fixing this by using IfNoneMatch

Fixes #20717

* Fix azidentity troubleshooting guide link (#20736)

* [Release] sdk/resourcemanager/paloaltonetworksngfw/armpanngfw/0.1.0 (#20437)

* [Release] sdk/resourcemanager/paloaltonetworksngfw/armpanngfw/0.1.0 generation from spec commit: 85fb4ac6f8bfefd179e6c2632976a154b5c9ff04

* client factory

* fix

* fix

* update

* add sdk/resourcemanager/postgresql/armpostgresql live test (#20685)

* add sdk/resourcemanager/postgresql/armpostgresql live test

* update assets.json

* set subscriptionId default value

* format

* add sdk/resourcemanager/eventhub/armeventhub live test (#20686)

* add sdk/resourcemanager/eventhub/armeventhub live test

* update assets

* add sdk/resourcemanager/compute/armcompute live test (#20048)

* add sdk/resourcemanager/compute/armcompute live test

* skus filter

* fix subscriptionId default value

* fix

* gofmt

* update recording

* sdk/resourcemanager/network/armnetwork live test (#20331)

* sdk/resourcemanager/network/armnetwork live test

* update subscriptionId default value

* update recording

* add sdk/resourcemanager/cosmos/armcosmos live test (#20705)

* add sdk/resourcemanager/cosmos/armcosmos live test

* update assets.json

* update assets.json

* update assets.json

* update assets.json

* Increment package version after release of azcore (#20740)

* [azeventhubs] Improperly resetting etag in the checkpoint store (#20737)

We shouldn't be resetting the etag to nil - it's what we use to enforce a "single winner" when doing ownership claims.

The bug here was two-fold: I had bad logic in my previous claim ownership, which I fixed in a previous PR, but we need to reflect that same constraint properly in our in-memory checkpoint store for these tests.

* Eng workflows sync and branch cleanup additions (#20743)

Co-authored-by: James Suplizio <[email protected]>

* [azeventhubs] Latest start position can also be inclusive (ie, get the latest message) (#20744)

* Update GitHubEventProcessor version and remove pull_request_review procesing (#20751)

Co-authored-by: James Suplizio <[email protected]>

* Rename DisableAuthorityValidationAndInstanceDiscovery (#20746)

* fix (#20707)

* AzFile (#20739)

* azfile: Fixing connection string parsing logic (#20798)

* Fixing connection string parse logic

* Update README

* [azadmin] fix flaky test (#20758)

* fix flaky test

* charles suggestion

* Prepare azidentity v1.3.0 for release (#20756)

* Fix broken podman link (#20801)

Co-authored-by: Wes Haggard <[email protected]>

* [azquery] update doc comments (#20755)

* update doc comments

* update statistics and visualization generation

* prep-for-release

* Fixed contribution section (#20752)

Co-authored-by: Bob Tabor <[email protected]>

* [azeventhubs,azservicebus] Some API cleanup, renames (#20754)

* Adding options to UpdateCheckpoint(), just for future potential expansion
* Make Offset an int64, not a *int64 (it's not optional, it'll always come back with ReceivedEvents)
* Adding more logging into the checkpoint store.
* Point all imports at the production go-amqp

* Add supporting features to enable distributed tracing (#20301) (#20708)

* Add supporting features to enable distributed tracing

This includes new internal pipeline policies and other supporting types.
See the changelog for a full description.
Added some missing doc comments.

* fix linter issue

* add net.peer.name trace attribute

sequence custom HTTP header policy before logging policy.
sequence logging policy after HTTP trace policy.
keep body download policy at the end.

* add span for iterating over pages

* Restore ARM CAE support for azcore beta (#20657)

This reverts commit 9020972.

* Upgrade to stable azcore (#20808)

* Increment package version after release of data/azcosmos (#20807)

* Updating changelog (#20810)

* Add fake package to azcore (#20711)

* Add fake package to azcore

This is the supporting infrastructure for the generated SDK fakes.

* fix doc comment

* Updating CHANGELOG.md (#20809)

* changelog (#20811)

* Increment package version after release of storage/azfile (#20813)

* Update changelog (azblob) (#20815)

* Updating CHANGELOG.md

* Update the changelog with correct version

* [azquery] migration guide (#20742)

* migration guide

* Charles feedback

* Richard feedback

---------

Co-authored-by: Charles Lowell <[email protected]>

* Increment package version after release of monitor/azquery (#20820)

* [keyvault] prep for release (#20819)

* prep for release

* perf tests

* update date

---------

Co-authored-by: Joel Hendrix <[email protected]>
Co-authored-by: Matias Quaranta <[email protected]>
Co-authored-by: Richard Park <[email protected]>
Co-authored-by: Azure SDK Bot <[email protected]>
Co-authored-by: Scott Beddall <[email protected]>
Co-authored-by: siminsavani-msft <[email protected]>
Co-authored-by: scbedd <[email protected]>
Co-authored-by: Charles Lowell <[email protected]>
Co-authored-by: Peng Jiahui <[email protected]>
Co-authored-by: James Suplizio <[email protected]>
Co-authored-by: Sourav Gupta <[email protected]>
Co-authored-by: gracewilcox <[email protected]>
Co-authored-by: Wes Haggard <[email protected]>
Co-authored-by: Bob Tabor <[email protected]>
Co-authored-by: Bob Tabor <[email protected]>
  • Loading branch information
16 people authored May 11, 2023
1 parent ebf6f91 commit a93ed52
Show file tree
Hide file tree
Showing 476 changed files with 60,240 additions and 24,542 deletions.
4 changes: 1 addition & 3 deletions .github/workflows/event-processor.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,6 @@ on:
# pull request merged is the closed event with github.event.pull_request.merged = true
pull_request_target:
types: [closed, labeled, opened, reopened, review_requested, synchronize, unlabeled]
pull_request_review:
types: [submitted]

# This removes all unnecessary permissions, the ones needed will be set below.
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
Expand Down Expand Up @@ -57,7 +55,7 @@ jobs:
run: >
dotnet tool install
Azure.Sdk.Tools.GitHubEventProcessor
--version 1.0.0-dev.20230422.1
--version 1.0.0-dev.20230505.2
--add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json
--global
shell: bash
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/scheduled-event-processor.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
run: >
dotnet tool install
Azure.Sdk.Tools.GitHubEventProcessor
--version 1.0.0-dev.20230422.1
--version 1.0.0-dev.20230505.2
--add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json
--global
shell: bash
Expand Down
10 changes: 10 additions & 0 deletions eng/.golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,13 @@ run:
# default is true. Enables skipping of directories:
# vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
skip-dirs-use-default: true
timeout: 10m

linters:
enable:
- gocritic

linters-settings:
gocritic:
enabled-checks:
- evalOrder
2 changes: 2 additions & 0 deletions eng/common/pipelines/templates/steps/detect-api-changes.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
parameters:
ArtifactPath: $(Build.ArtifactStagingDirectory)
Artifacts: []
ArtifactName: 'packages'

steps:
- pwsh: |
Expand All @@ -20,6 +21,7 @@ steps:
-PullRequestNumber $(System.PullRequest.PullRequestNumber)
-RepoFullName $(Build.Repository.Name)
-APIViewUri $(ApiChangeDetectRequestUrl)
-ArtifactName ${{ parameters.ArtifactName }}
pwsh: true
displayName: Detect API changes
condition: and(succeededOrFailed(), eq(variables['Build.Reason'],'PullRequest'))
Original file line number Diff line number Diff line change
Expand Up @@ -19,5 +19,15 @@ steps:
exit 1
}
}
displayName: Prevent changes to eng/common outside of azure-sdk-tools repo
if ((!"$(System.PullRequest.SourceBranch)".StartsWith("sync-.github/workflows")) -and "$(System.PullRequest.TargetBranch)" -match "^(refs/heads/)?$(DefaultBranch)$")
{
$filesInCommonDir = & "eng/common/scripts/get-changedfiles.ps1" -DiffPath '.github/workflows/*'
if (($LASTEXITCODE -eq 0) -and ($filesInCommonDir.Count -gt 0))
{
Write-Host "##vso[task.LogIssue type=error;]Changes to files under '.github/workflows' directory should not be made in this Repo`n${filesInCommonDir}"
Write-Host "##vso[task.LogIssue type=error;]Please follow workflow at https://github.com/Azure/azure-sdk-tools/blob/main/doc/workflows/engsys_workflows.md"
exit 1
}
}
displayName: Prevent changes to eng/common and .github/workflows outside of azure-sdk-tools repo
condition: and(succeeded(), ne(variables['Skip.EngCommonWorkflowEnforcer'], 'true'), not(endsWith(variables['Build.Repository.Name'], '-pr')))
11 changes: 6 additions & 5 deletions eng/common/scripts/Delete-RemoteBranches.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ param(
$CentralRepoId,
# We start from the sync PRs, use the branch name to get the PR number of central repo. E.g. sync-eng/common-(<branchName>)-(<PrNumber>). Have group name on PR number.
# For sync-eng/common work, we use regex as "^sync-eng/common.*-(?<PrNumber>\d+).*$".
# For sync-.github/workflows work, we use regex as "^sync-.github/workflows.*-(?<PrNumber>\d+).*$".
$BranchRegex,
# Date format: e.g. Tuesday, April 12, 2022 1:36:02 PM. Allow to use other date format.
[AllowNull()]
Expand Down Expand Up @@ -69,7 +70,7 @@ foreach ($res in $responses)
LogError "No PR number found in the branch name. Please check the branch name [ $branchName ]. Skipping..."
continue
}

try {
$centralPR = Get-GitHubPullRequest -RepoId $CentralRepoId -PullRequestNumber $pullRequestNumber -AuthToken $AuthToken
LogDebug "Found central PR pull request: $($centralPR.html_url)"
Expand All @@ -78,7 +79,7 @@ foreach ($res in $responses)
continue
}
}
catch
catch
{
# If there is no central PR for the PR number, log error and skip.
LogError "Get-GitHubPullRequests failed with exception:`n$_"
Expand Down Expand Up @@ -107,15 +108,15 @@ foreach ($res in $responses)
LogDebug "The branch $branch last commit date [ $commitDate ] is newer than the date $LastCommitOlderThan. Skipping."
continue
}

LogDebug "Branch [ $branchName ] in repo [ $RepoId ] has a last commit date [ $commitDate ] that is older than $LastCommitOlderThan. "
}
catch {
LogError "Get-GithubReferenceCommitDate failed with exception:`n$_"
exit 1
}
}
}

try {
if ($PSCmdlet.ShouldProcess("[ $branchName ] in [ $RepoId ]", "Deleting branches on cleanup script")) {
Remove-GitHubSourceReferences -RepoId $RepoId -Ref $branch -AuthToken $AuthToken
Expand Down
2 changes: 1 addition & 1 deletion eng/common/testproxy/target_version.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.0.0-dev.20230417.1
1.0.0-dev.20230427.1
2 changes: 1 addition & 1 deletion eng/common/testproxy/transition-scripts/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ To utilize this methodology, the user must set input argument `TestProxyExe` to

Other requirements:

- [x] Install [docker](https://docs.docker.com/engine/install/) or [podman](https://podman.io/getting-started/installation.html)
- [x] Install [docker](https://docs.docker.com/engine/install/) or [podman](https://podman.io/)
- [x] Set the environment variable `GIT_TOKEN` a valid token representing YOUR user

## Permissions
Expand Down
4 changes: 4 additions & 0 deletions eng/config.json
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,10 @@
"Name": "azqueue",
"CoverageGoal": 0.60
},
{
"Name": "azfile",
"CoverageGoal": 0.75
},
{
"Name": "aztemplate",
"CoverageGoal": 0.50
Expand Down
2 changes: 1 addition & 1 deletion eng/pipelines/templates/variables/globals.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
variables:
GoLintCLIVersion: 'v1.51.1'
GoLintCLIVersion: 'v1.52.2'
Package.EnableSBOMSigning: true
# Enable go native component governance detection
# https://docs.opensource.microsoft.com/tools/cg/index.html
Expand Down
6 changes: 3 additions & 3 deletions eng/tools/generator/cmd/v2/common/fileProcessor.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,9 +94,9 @@ func ReadV2ModuleNameToGetNamespace(path string) (map[string][]PackageInfo, erro
return nil, fmt.Errorf("last `track2` section does not properly end")
}

s := strings.ReplaceAll(path, "\\", "/")
s1 := strings.Split(s, "/")
specName := s1[len(s1)-3]
_, after, _ := strings.Cut(strings.ReplaceAll(path, "\\", "/"), "specification")
before, _, _ := strings.Cut(after, "resource-manager")
specName := strings.Trim(before, "/")

for i := range start {
// get the content of the `track2` section
Expand Down
19 changes: 18 additions & 1 deletion sdk/azcore/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,15 +1,32 @@
# Release History

## 1.5.1 (Unreleased)
## 1.6.1 (Unreleased)

### Features Added
* Added supporting features to enable distributed tracing.
* Added func `runtime.StartSpan()` for use by SDKs to start spans.
* Added method `WithContext()` to `runtime.Request` to support shallow cloning with a new context.
* Added field `TracingNamespace` to `runtime.PipelineOptions`.
* Added field `Tracer` to `runtime.NewPollerOptions` and `runtime.NewPollerFromResumeTokenOptions` types.
* Added field `SpanFromContext` to `tracing.TracerOptions`.
* Added methods `Enabled()`, `SetAttributes()`, and `SpanFromContext()` to `tracing.Tracer`.
* Added supporting pipeline policies to include HTTP spans when creating clients.
* Added package `fake` to support generated fakes packages in SDKs.
* The package contains public surface area exposed by fake servers and supporting APIs intended only for use by the fake server implementations.
* Added an internal fake poller implementation.

### Breaking Changes

### Bugs Fixed

### Other Changes

## 1.6.0 (2023-05-04)

### Features Added
* Added support for ARM cross-tenant authentication. Set the `AuxiliaryTenants` field of `arm.ClientOptions` to enable.
* Added `TenantID` field to `policy.TokenRequestOptions`.

## 1.5.0 (2023-04-06)

### Features Added
Expand Down
3 changes: 2 additions & 1 deletion sdk/azcore/arm/runtime/pipeline.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
armpolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/policy"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/exported"
azpolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
azruntime "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
)
Expand All @@ -34,7 +35,7 @@ func NewPipeline(module, version string, cred azcore.TokenCredential, plOpts azr
})
perRetry := make([]azpolicy.Policy, len(plOpts.PerRetry), len(plOpts.PerRetry)+1)
copy(perRetry, plOpts.PerRetry)
plOpts.PerRetry = append(perRetry, authPolicy)
plOpts.PerRetry = append(perRetry, authPolicy, exported.PolicyFunc(httpTraceNamespacePolicy))
if !options.DisableRPRegistration {
regRPOpts := armpolicy.RegistrationOptions{ClientOptions: options.ClientOptions}
regPolicy, err := NewRPRegistrationPolicy(cred, &regRPOpts)
Expand Down
48 changes: 47 additions & 1 deletion sdk/azcore/arm/runtime/policy_bearer_token.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ package runtime

import (
"context"
"encoding/base64"
"fmt"
"net/http"
"strings"
Expand Down Expand Up @@ -63,11 +64,28 @@ func NewBearerTokenPolicy(cred azcore.TokenCredential, opts *armpolicy.BearerTok
p.scopes = make([]string, len(opts.Scopes))
copy(p.scopes, opts.Scopes)
p.btp = azruntime.NewBearerTokenPolicy(cred, opts.Scopes, &azpolicy.BearerTokenOptions{
AuthorizationHandler: azpolicy.AuthorizationHandler{OnRequest: p.onRequest},
AuthorizationHandler: azpolicy.AuthorizationHandler{
OnChallenge: p.onChallenge,
OnRequest: p.onRequest,
},
})
return p
}

func (b *BearerTokenPolicy) onChallenge(req *azpolicy.Request, res *http.Response, authNZ func(azpolicy.TokenRequestOptions) error) error {
challenge := res.Header.Get(shared.HeaderWWWAuthenticate)
claims, err := parseChallenge(challenge)
if err != nil {
// the challenge contains claims we can't parse
return err
} else if claims != "" {
// request a new token having the specified claims, send the request again
return authNZ(azpolicy.TokenRequestOptions{Claims: claims, Scopes: b.scopes})
}
// auth challenge didn't include claims, so this is a simple authorization failure
return azruntime.NewResponseError(res)
}

// onRequest authorizes requests with one or more bearer tokens
func (b *BearerTokenPolicy) onRequest(req *azpolicy.Request, authNZ func(azpolicy.TokenRequestOptions) error) error {
// authorize the request with a token for the primary tenant
Expand Down Expand Up @@ -97,3 +115,31 @@ func (b *BearerTokenPolicy) onRequest(req *azpolicy.Request, authNZ func(azpolic
func (b *BearerTokenPolicy) Do(req *azpolicy.Request) (*http.Response, error) {
return b.btp.Do(req)
}

// parseChallenge parses claims from an authentication challenge issued by ARM so a client can request a token
// that will satisfy conditional access policies. It returns a non-nil error when the given value contains
// claims it can't parse. If the value contains no claims, it returns an empty string and a nil error.
func parseChallenge(wwwAuthenticate string) (string, error) {
claims := ""
var err error
for _, param := range strings.Split(wwwAuthenticate, ",") {
if _, after, found := strings.Cut(param, "claims="); found {
if claims != "" {
// The header contains multiple challenges, at least two of which specify claims. The specs allow this
// but it's unclear what a client should do in this case and there's as yet no concrete example of it.
err = fmt.Errorf("found multiple claims challenges in %q", wwwAuthenticate)
break
}
// trim stuff that would get an error from RawURLEncoding; claims may or may not be padded
claims = strings.Trim(after, `\"=`)
// we don't return this error because it's something unhelpful like "illegal base64 data at input byte 42"
if b, decErr := base64.RawURLEncoding.DecodeString(claims); decErr == nil {
claims = string(b)
} else {
err = fmt.Errorf("failed to parse claims from %q", wwwAuthenticate)
break
}
}
}
return claims, err
}
8 changes: 3 additions & 5 deletions sdk/azcore/arm/runtime/policy_bearer_token_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,6 @@ func TestAuxiliaryTenants(t *testing.T) {
}

func TestBearerTokenPolicyChallengeParsing(t *testing.T) {
t.Skip("unskip this test after adding back CAE support")
for _, test := range []struct {
challenge, desc, expectedClaims string
err error
Expand Down Expand Up @@ -262,10 +261,9 @@ func TestBearerTokenPolicyChallengeParsing(t *testing.T) {
cred := mockCredential{
getTokenImpl: func(ctx context.Context, actual azpolicy.TokenRequestOptions) (azcore.AccessToken, error) {
calls += 1
// TODO: uncomment after restoring TokenRequestOptions.Claims
// if calls == 2 && test.expectedClaims != "" {
// require.Equal(t, test.expectedClaims, actual.Claims)
// }
if calls == 2 && test.expectedClaims != "" {
require.Equal(t, test.expectedClaims, actual.Claims)
}
return azcore.AccessToken{Token: "...", ExpiresOn: time.Now().Add(time.Hour).UTC()}, nil
},
}
Expand Down
31 changes: 31 additions & 0 deletions sdk/azcore/arm/runtime/policy_trace_namespace.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
//go:build go1.18
// +build go1.18

// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

package runtime

import (
"net/http"

"github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/internal/resource"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/tracing"
)

// httpTraceNamespacePolicy is a policy that adds the az.namespace attribute to the current Span
func httpTraceNamespacePolicy(req *policy.Request) (resp *http.Response, err error) {
rawTracer := req.Raw().Context().Value(shared.CtxWithTracingTracer{})
if tracer, ok := rawTracer.(tracing.Tracer); ok {
rt, err := resource.ParseResourceType(req.Raw().URL.Path)
if err == nil {
// add the namespace attribute to the current span
if span, ok := tracer.SpanFromContext(req.Raw().Context()); ok {
span.SetAttributes(tracing.Attribute{Key: "az.namespace", Value: rt.Namespace})
}
}
}
return req.Next()
}
Loading

0 comments on commit a93ed52

Please sign in to comment.