Merge branch 'Azure:main' into tpatterson/fix-write-deadlock

eng/common/pipelines/templates/steps/update-docsms-metadata.yml

@@ -94,7 +94,10 @@ steps:
       -Language '${{parameters.Language}}' `
       -RepoId '${{ parameters.RepoId }}' `
       -DocValidationImageId '${{ parameters.DocValidationImageId }}' `
-      -PackageSourceOverride '${{ parameters.PackageSourceOverride }}'
+      -PackageSourceOverride '${{ parameters.PackageSourceOverride }}' `
+      -TenantId '$(opensource-aad-tenant-id)' `
+      -ClientId '$(opensource-aad-app-id)' `
+      -ClientSecret '$(opensource-aad-secret)' 
   displayName: Apply Documentation Updates
 
 - template: /eng/common/pipelines/templates/steps/git-push-changes.yml

eng/common/scripts/Helpers/Metadata-Helpers.ps1

@@ -0,0 +1,59 @@
+function Generate-AadToken ($TenantId, $ClientId, $ClientSecret) 
+{
+    $LoginAPIBaseURI = "https://login.microsoftonline.com/$TenantId/oauth2/token"
+
+    $headers = @{
+        "content-type" = "application/x-www-form-urlencoded"
+    }
+
+    $body = @{
+        "grant_type" = "client_credentials"
+        "client_id" = $ClientId
+        "client_secret" = $ClientSecret
+        "resource" = "api://repos.opensource.microsoft.com/audience/7e04aa67"
+    }
+    Write-Host "Generating aad token..."
+    $resp = Invoke-RestMethod $LoginAPIBaseURI -Method 'POST' -Headers $headers -Body $body
+    return $resp.access_token
+}
+
+function GetMsAliasFromGithub ($TenantId, $ClientId, $ClientSecret, $GithubUser) 
+{
+    $OpensourceAPIBaseURI = "https://repos.opensource.microsoft.com/api/people/links/github/$GithubUser"
+
+    $Headers = @{
+        "Content-Type" = "application/json"
+        "api-version" = "2019-10-01"
+    }
+
+    try {
+        $opsAuthToken = Generate-AadToken -TenantId $TenantId -ClientId $ClientId -ClientSecret $ClientSecret
+        $Headers["Authorization"] = "Bearer $opsAuthToken"
+        Write-Host "Fetching aad identity for github user: $GithubUser"
+        $resp = Invoke-RestMethod $OpensourceAPIBaseURI -Method 'GET' -Headers $Headers
+    }
+    catch { 
+        Write-Error $_
+        return $null
+    }
+
+    $resp | Write-Verbose
+
+    if ($resp.aad) {
+        Write-Host "Fetched aad identity $($resp.aad.alias) for github user $GithubUser."
+        return $resp.aad.alias
+    }
+    Write-Error "Failed to retrieve the aad identity from given github user: $GithubName"
+    return $null
+}
+
+function GetPrimaryCodeOwner ($TargetDirectory) 
+{
+    $codeOwnerArray = &"$PSScriptRoot/../get-codeowners.ps1" -TargetDirectory $TargetDirectory
+    if ($codeOwnerArray) {
+        Write-Host "Code Owners are $codeOwnerArray."
+        return $codeOwnerArray[0]
+    }
+    Write-Error "No code owner found in $TargetDirectory."
+    return $null
+}

eng/common/scripts/Update-DocsMsMetadata.ps1

@@ -32,11 +32,14 @@ GitHub repository ID of the SDK. Typically of the form: 'Azure/azure-sdk-for-js'
 The docker image id in format of '$containerRegistry/$imageName:$tag'
 e.g. azuresdkimages.azurecr.io/jsrefautocr:latest
 
-.PARAMETER PackageSourceOverride
-Optional parameter to supply a different package source (useful for daily dev
-docs generation from pacakges which are not published to the default feed). This
-variable is meant to be used in the domain-specific business logic in
-&$ValidateDocsMsPackagesFn
+.PARAMETER TenantId
+The aad tenant id/object id.
+
+.PARAMETER ClientId
+The add client id/application id.
+
+.PARAMETER ClientSecret
+The client secret of add app.
 #>
 
 param(
@@ -56,10 +59,20 @@ param(
   [string]$DocValidationImageId,
 
   [Parameter(Mandatory = $false)]
-  [string]$PackageSourceOverride
-)
+  [string]$PackageSourceOverride,
+
+  [Parameter(Mandatory = $false)]
+  [string]$TenantId,
+
+  [Parameter(Mandatory = $false)]
+  [string]$ClientId,
 
+  [Parameter(Mandatory = $false)]
+  [string]$ClientSecret
+)
+Set-StrictMode -Version 3
 . (Join-Path $PSScriptRoot common.ps1)
+. (Join-Path $PSScriptRoot Helpers Metadata-Helpers.ps1)
 
 $releaseReplaceRegex = "(https://github.com/$RepoId/(?:blob|tree)/)(?:master|main)"
 $TITLE_REGEX = "(\#\s+(?<filetitle>Azure .+? (?:client|plugin|shared) library for (?:JavaScript|Java|Python|\.NET|C)))"
@@ -94,15 +107,18 @@ function GetAdjustedReadmeContent($ReadmeContent, $PackageInfo, $PackageMetadata
   }
 
   # Get the first code owners of the package.
-  $author = "ramya-rao-a"
-  $msauthor = "ramyar"
   Write-Host "Retrieve the code owner from $($PackageInfo.DirectoryPath)."
-  $codeOwnerArray = ."$PSScriptRoot/get-codeowners.ps1" `
-                    -TargetDirectory $PackageInfo.DirectoryPath 
-  if ($codeOwnerArray) {
-    Write-Host "Code Owners are $($codeOwnerArray -join ",")"
-    $author = $codeOwnerArray[0]
-    $msauthor = $author # This is a placeholder for now. Will change to the right ms alias.
+  $author = GetPrimaryCodeOwner -TargetDirectory $PackageInfo.DirectoryPath 
+  if (!$author) {
+    $author = "ramya-rao-a" 
+    $msauthor = "ramyar"
+  }
+  else {
+    $msauthor = GetMsAliasFromGithub -TenantId $TenantId -ClientId $ClientId -ClientSecret $ClientSecret -GithubUser $author
+  }
+  # Default value
+  if (!$msauthor) {
+    $msauthor = $author
   }
   Write-Host "The author of package: $author"
   Write-Host "The ms author of package: $msauthor"
@@ -129,7 +145,7 @@ function GetPackageInfoJson ($packageInfoJsonLocation) {
     LogWarning "Package metadata not found for $packageInfoJsonLocation"
     return
   }
-  
+
   $packageInfoJson = Get-Content $packageInfoJsonLocation -Raw
   $packageInfo = ConvertFrom-Json $packageInfoJson
   if ($packageInfo.DevVersion) {
@@ -149,8 +165,10 @@ function GetPackageInfoJson ($packageInfoJsonLocation) {
 
 function UpdateDocsMsMetadataForPackage($packageInfoJsonLocation, $packageInfo) { 
   $originalVersion = [AzureEngSemanticVersion]::ParseVersionString($packageInfo.Version)
-
-  $packageMetadataArray = (Get-CSVMetadata).Where({ $_.Package -eq $packageInfo.Name -and $_.GroupId -eq $packageInfo.Group -and $_.Hide -ne 'true' -and $_.New -eq 'true' })
+  $packageMetadataArray = (Get-CSVMetadata).Where({ $_.Package -eq $packageInfo.Name -and $_.Hide -ne 'true' -and $_.New -eq 'true' })
+  if ($packageInfo.Group) {
+    $packageMetadataArray = ($packageMetadataArray).Where({$_.GroupId -eq $packageInfo.Group})
+  }
   if ($packageMetadataArray.Count -eq 0) { 
     LogWarning "Could not retrieve metadata for $($packageInfo.Name) from metadata CSV. Using best effort defaults."
     $packageMetadata = $null
@@ -161,12 +179,30 @@ function UpdateDocsMsMetadataForPackage($packageInfoJsonLocation, $packageInfo)
     $packageMetadata = $packageMetadataArray[0]
   }
 
+  # Copy package info file to the docs repo
+  $metadataMoniker = 'latest'
+  if ($originalVersion.IsPrerelease) {
+    $metadataMoniker = 'preview'
+  }
+  $packageMetadataName = Split-Path $packageInfoJsonLocation -Leaf
+  $packageInfoLocation = Join-Path $DocRepoLocation "metadata/$metadataMoniker"
+  $packageInfoJson = ConvertTo-Json $packageInfo
+  New-Item -ItemType Directory -Path $packageInfoLocation -Force
+  Set-Content `
+    -Path $packageInfoLocation/$packageMetadataName `
+    -Value $packageInfoJson
+
+  # Update Readme Content
+  if (!$packageInfo.ReadMePath -or !(Test-Path $packageInfo.ReadMePath)) {
+    Write-Warning "$($packageInfo.Name) does not have Readme file. Skipping update readme."
+    return
+  }
+
   $readmeContent = Get-Content $packageInfo.ReadMePath -Raw
   $outputReadmeContent = "" 
   if ($readmeContent) { 
     $outputReadmeContent = GetAdjustedReadmeContent $readmeContent $packageInfo $packageMetadata
   }
-
   $docsMsMetadata = &$GetDocsMsMetadataForPackageFn $packageInfo
   $readMePath = $docsMsMetadata.LatestReadMeLocation
   if ($originalVersion.IsPrerelease) { 
@@ -179,33 +215,21 @@ function UpdateDocsMsMetadataForPackage($packageInfoJsonLocation, $packageInfo)
   $readmeLocation = Join-Path $DocRepoLocation $readMePath $readMeName
 
   Set-Content -Path $readmeLocation -Value $outputReadmeContent
-
-  # Copy package info file to the docs repo
-  $metadataMoniker = 'latest'
-  if ($originalVersion.IsPrerelease) {
-    $metadataMoniker = 'preview'
-  }
-  $packageMetadataName = Split-Path $packageInfoJsonLocation -Leaf
-  $packageInfoLocation = Join-Path $DocRepoLocation "metadata/$metadataMoniker"
-  $packageInfoJson = ConvertTo-Json $packageInfo
-  New-Item -ItemType Directory -Path $packageInfoLocation -Force
-  Set-Content `
-    -Path $packageInfoLocation/$packageMetadataName `
-    -Value $packageInfoJson
 }
 
 foreach ($packageInfoLocation in $PackageInfoJsonLocations) {
   Write-Host "Updating metadata for package: $packageInfoLocation"
-
   # Convert package metadata json file to metadata json property.
   $packageInfo = GetPackageInfoJson $packageInfoLocation
   # Add validation step for daily update and release
   if ($ValidateDocsMsPackagesFn -and (Test-Path "Function:$ValidateDocsMsPackagesFn")) {
+    Write-Host "Validating the package..."
     &$ValidateDocsMsPackagesFn -PackageInfo $packageInfo -PackageSourceOverride $PackageSourceOverride -DocValidationImageId $DocValidationImageId -DocRepoLocation $DocRepoLocation
     if ($LASTEXITCODE) {
       LogError "The package failed Doc.Ms validation. Check https://aka.ms/azsdk/docs/docker for more details on how to diagnose this issue."
       exit $LASTEXITCODE
     }
   }
+  Write-Host "Updating the package json ..."
   UpdateDocsMsMetadataForPackage $packageInfoLocation $packageInfo
 }

sdk/azidentity/CHANGELOG.md

@@ -7,6 +7,8 @@
 ### Breaking Changes
 
 ### Bugs Fixed
+* `ManagedIdentityCredential.GetToken()` now returns an error when configured for
+   a user assigned identity in Azure Cloud Shell (which doesn't support such identities)
 
 ### Other Changes
 

sdk/azidentity/managed_identity_client.go

@@ -381,16 +381,17 @@ func (c *managedIdentityClient) createAzureArcAuthRequest(ctx context.Context, k
 }
 
 func (c *managedIdentityClient) createCloudShellAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
+	if id != nil {
+		msg := "Cloud Shell doesn't support user assigned managed identities. To authenticate the signed in user, omit ManagedIdentityCredentialOptions.ID"
+		return nil, newAuthenticationFailedError(errors.New(msg), nil) //lint:ignore ST1005 Cloud Shell is a proper noun
+	}
 	request, err := runtime.NewRequest(ctx, http.MethodPost, c.endpoint)
 	if err != nil {
 		return nil, err
 	}
 	request.Raw().Header.Set(headerMetadata, "true")
 	data := url.Values{}
 	data.Set("resource", strings.Join(scopes, " "))
-	if id != nil {
-		data.Set(qpClientID, id.String())
-	}
 	dataEncoded := data.Encode()
 	body := streaming.NopCloser(strings.NewReader(dataEncoded))
 	if err := request.SetBody(body, "application/x-www-form-urlencoded"); err != nil {

sdk/azidentity/managed_identity_credential_test.go

@@ -164,6 +164,22 @@ func TestManagedIdentityCredential_CloudShell(t *testing.T) {
 	}
 }
 
+func TestManagedIdentityCredential_CloudShellUserAssigned(t *testing.T) {
+	setEnvironmentVariables(t, map[string]string{msiEndpoint: "http://localhost"})
+	for _, id := range []ManagedIDKind{ClientID("client-id"), ResourceID("/resource/id")} {
+		options := ManagedIdentityCredentialOptions{ID: id}
+		msiCred, err := NewManagedIdentityCredential(&options)
+		if err != nil {
+			t.Fatal(err)
+		}
+		_, err = msiCred.GetToken(context.Background(), policy.TokenRequestOptions{Scopes: []string{liveTestScope}})
+		var authErr AuthenticationFailedError
+		if !errors.As(err, &authErr) {
+			t.Fatal("expected AuthenticationFailedError")
+		}
+	}
+}
+
 func TestManagedIdentityCredential_GetTokenInAppServiceV20170901Mock_windows(t *testing.T) {
 	srv, close := mock.NewServer()
 	defer close()

sdk/internal/CHANGELOG.md

@@ -1,16 +1,20 @@
 # Release History
 
-## 0.9.1 (Unreleased)
+## 0.9.2 (Unreleased)
 
 ### Features Added
-* Adds a `CustomDefaultMatcher` that adds headers `:path`, `:authority`, `:method`, and `:scheme` to the 
 
 ### Breaking Changes
 
 ### Bugs Fixed
 
 ### Other Changes
 
+## 0.9.1 (2022-02-01)
+
+### Features Added
+* Adds a `CustomDefaultMatcher` that adds headers `:path`, `:authority`, `:method`, and `:scheme` to the default matcher.
+
 ## 0.9.0 (2022-01-24)
 
 ### Breaking Changes

sdk/internal/version.go

@@ -11,5 +11,5 @@ const (
 	Module = "internal"
 
 	// Version is the semantic version (see http://semver.org) of this module.
-	Version = "v0.9.1"
+	Version = "v0.9.2"
 )

sdk/keyvault/internal/CHANGELOG.md

@@ -1,6 +1,6 @@
 # Release History
 
-## 0.2.1 (Unreleased)
+## 0.2.2 (Unreleased)
 
 ### Features Added
 
@@ -10,6 +10,11 @@
 
 ### Other Changes
 
+## 0.2.1 (2022-01-31)
+
+### Bugs Fixed
+* Avoid retries on terminal failures (#16932)
+
 ## 0.2.0 (2022-01-12)
 
 ### Bugs Fixed

sdk/keyvault/internal/constants.go

@@ -7,5 +7,5 @@
 package internal
 
 const (
-	version = "v0.2.1" //nolint
+	version = "v0.2.2" //nolint
 )

sdk/messaging/azservicebus/CHANGELOG.md

@@ -2,15 +2,12 @@
 
 ## 0.3.4 (Unreleased)
 
-### Features Added
-
-### Breaking Changes
-
 ### Bugs Fixed
 
-- Fix unaligned 64-bit atomic operation on mips.  Thanks to @jackesdavid for contributing this fix.
-
-### Other Changes
+- Fix unaligned 64-bit atomic operation on mips.  Thanks to @jackesdavid for contributing this fix. (#16847)
+- Multiple fixes to address connection/link recovery (#16831)
+- Fixing panic() when the links haven't been initialized (early cancellation) (#16941)
+- Handle 500 as a retryable code (no recovery needed) (#16925)
 
 ## 0.3.3 (2022-01-12)
 

sdk/messaging/azservicebus/internal/stress/templates/deploy-job.yaml

@@ -9,6 +9,7 @@ spec:
       # az acr list -g rg-stress-cluster-test --subscription "Azure SDK Developer Playground" --query "[0].loginServer"
       image:  {{ .Values.image }}
       command: ['/app/stress']
+      imagePullPolicy: Always
       args: 
       - "tests"
       # (this is injected automatically. The full list of scenarios is in `../values.yaml`)