This is a regression from Python to C# version: the C# code was not checking the result of the AddExtensions function, so would transition Repro VMs or Proxy VMs into Running state potentially before they are ready to be used.
This could cause test failures or confusing errors when running `create_and_connect`.
* pass the machine_identity from the agent to the task
* clippy fix
* removing default from MachineIdenitty
* fix tests
* more tests fixes
* format
* clippy fix
* another fix
* fix test
* Update src/agent/onefuzz-task/src/local/common.rs
1. When parsing a `ValidatedString` from JSON and it fails, include a message about the expected format of the string.
- Reworked the classes using C#11 features to reduce the amount of boilerplate needed to add a new validated string type.
2. Change to use [RFC7807](https://www.rfc-editor.org/rfc/rfc7807) format for HTTP error responses. At the moment we returned the `Error` type which was undocumented.
3. Update CLI to parse RFC7807 responses.
Old error looked like:
```console
$ onefuzz containers create AbCd
ERROR:cli:command failed: request did not succeed: HTTP 500 -
```
New error looks like:
```console
$ onefuzz containers create AbCd
ERROR:cli:command failed: request did not succeed (400: INVALID_REQUEST): Unable
to parse 'AbCd' as a Container: Container name must be 3-63 lowercase letters, numbers,
or non-consecutive hyphens (see: https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/resource-name-rules#microsoftstorage)
```
Closes#2661.
Enabling some native code features which are SDL requirements. (Specifically, the requirement "Executable binary files must be hardened to leverage available platform security mitigations".)
I attempted to use BinSkim to enforce the requirements but it has trouble with Rust binaries at present.
The minidump file being generated did not have enough information for SOS to correctly locate the exception object. Switch to “full” minidumps instead.
- Fix a small bug with coverage reporting task ID as job ID.
- I had thought we needed .NET 6 installed as well to run SharpFuzz, but now I'm not so sure. In any case, installing both versions will not hurt (and may help users).
Using [`cargo-deny`](https://embarkstudios.github.io/cargo-deny/) to ensure that disallowed dependencies removed in #2423 do not accidentally make their way back in.
`cargo-deny` subsumes the `cargo-audit` functionality, so switch to the `cargo-deny` version.
Setting this up required explicitly stating the license which was not in some of our `Cargo.toml` files.
* bug fixes related to the unmanaged nodes
- fix the token request in the client
- adding a is_unmnaged field to the agentConfig
- fix typo in the appId claim type
- fix typo in the UnmanagedNode claim value
- fix query PoolOperation.GetByClientId
* remove unused import
* build fix
* change unmanaged field to managed
* Apply suggestions from code review
Co-authored-by: Teo Voinea <58236992+tevoinea@users.noreply.github.com>
Co-authored-by: Teo Voinea <58236992+tevoinea@users.noreply.github.com>
* Make --container_type a required parameter (#2574)
* Fix targetUrl so it no longer contains full exe path
* Make --container_type a required parameter (#2574)
The `Response` object must have the JSON loaded via `json()` (`backend.request` was updated but this callsite was missed).
Also, import the `Onefuzz` type so that this is type-checked to avoid the same problem in future.
Update CLI to attempt broker or browser-based authentication first; if you `Ctrl-C` to cancel it, you can fall back to device code login.
Also updated the MSAL dependency to latest version and pass `allow_broker=True` which will allow the use of Web Account Manager (WAM), if it is available.
Using browser auth requires the `http://localhost` redirect URI, and using the broker requires a special custom URI including the app ID (see code).
* create the config_path folder if it does not exist
* Update the Authorization layer to allow unmanaged nodes
* check the role assignment
* fix merge
* build fix
* fix typo
* formatting
* formatting
Switch to using the package provided by Azure Functions to set up Application Insights.
Using the provided setup method `AddApplicationInsightsTelemetry` will configure the dependency collector by default as well as set up some other things that we haven’t done manually, including application version, which would be very useful.
This also means that `operation_Id` is populated more consistently which permits joining `traces` or `dependencies` on the `requests` table.
This also means that the end-to-end data in AI is now correct, so the chart works:
* Remove one GET from ListInstanceIds
* Only invoke ListInstanceIds if needed
* Format code
* Downgrade Exception log to Verbose
* Insert InstanceID during CleanupNodes
Co-authored-by: Cheick Keita <chkeita@microsoft.com>
1. `ListVmss` was invoking `GetVirtualMachineScaleSetAsync` and then `GetVirtualMachineScaleSetVms`; instead we can get the VMSS resource directly and invoke `GetVirtualMachineScaleSetVms` on it.
2. I also removed some unneeded invocations of `AsAsyncEnumerable` which might be turning async enumerables into sync enumerables.
3. Do the same `HasData` check in the instance ID lookup that we were already doing in `ListVmss`.
After this change (#3) we no longer do any `GET`s against individual VMSS VMs during the `check-pr` run:
