Using [`cargo-deny`](https://embarkstudios.github.io/cargo-deny/) to ensure that disallowed dependencies removed in #2423 do not accidentally make their way back in.
`cargo-deny` subsumes the `cargo-audit` functionality, so switch to the `cargo-deny` version.
Setting this up required explicitly stating the license which was not in some of our `Cargo.toml` files.
* bug fixes related to the unmanaged nodes
- fix the token request in the client
- adding a is_unmnaged field to the agentConfig
- fix typo in the appId claim type
- fix typo in the UnmanagedNode claim value
- fix query PoolOperation.GetByClientId
* remove unused import
* build fix
* change unmanaged field to managed
* Apply suggestions from code review
Co-authored-by: Teo Voinea <58236992+tevoinea@users.noreply.github.com>
Co-authored-by: Teo Voinea <58236992+tevoinea@users.noreply.github.com>
* Make --container_type a required parameter (#2574)
* Fix targetUrl so it no longer contains full exe path
* Make --container_type a required parameter (#2574)
The `Response` object must have the JSON loaded via `json()` (`backend.request` was updated but this callsite was missed).
Also, import the `Onefuzz` type so that this is type-checked to avoid the same problem in future.
Update CLI to attempt broker or browser-based authentication first; if you `Ctrl-C` to cancel it, you can fall back to device code login.
Also updated the MSAL dependency to latest version and pass `allow_broker=True` which will allow the use of Web Account Manager (WAM), if it is available.
Using browser auth requires the `http://localhost` redirect URI, and using the broker requires a special custom URI including the app ID (see code).
* create the config_path folder if it does not exist
* Update the Authorization layer to allow unmanaged nodes
* check the role assignment
* fix merge
* build fix
* fix typo
* formatting
* formatting
Switch to using the package provided by Azure Functions to set up Application Insights.
Using the provided setup method `AddApplicationInsightsTelemetry` will configure the dependency collector by default as well as set up some other things that we haven’t done manually, including application version, which would be very useful.
This also means that `operation_Id` is populated more consistently which permits joining `traces` or `dependencies` on the `requests` table.
This also means that the end-to-end data in AI is now correct, so the chart works:
* Remove one GET from ListInstanceIds
* Only invoke ListInstanceIds if needed
* Format code
* Downgrade Exception log to Verbose
* Insert InstanceID during CleanupNodes
Co-authored-by: Cheick Keita <chkeita@microsoft.com>
1. `ListVmss` was invoking `GetVirtualMachineScaleSetAsync` and then `GetVirtualMachineScaleSetVms`; instead we can get the VMSS resource directly and invoke `GetVirtualMachineScaleSetVms` on it.
2. I also removed some unneeded invocations of `AsAsyncEnumerable` which might be turning async enumerables into sync enumerables.
3. Do the same `HasData` check in the instance ID lookup that we were already doing in `ListVmss`.
After this change (#3) we no longer do any `GET`s against individual VMSS VMs during the `check-pr` run:
Addressing #2550 but in a slightly different way:
1. Always include the machine name in the agent registration message. From the machine name we can extract the instance ID.
2. Use the stored value in preference to fetching it every time.
3. To back-fill existing nodes that do not have the value stored, update it in AcquireScaleInProtection if it is not already present.
* .
* 🧹
* Do backoff on main queue, kick off to poison queue after sufficient retries
* PR comments
Co-authored-by: Teo Voinea <Teodor.Voinea@microsoft.com>
As of #2529 we now fail if the coverage recording times out. The default timeout (5s) does not appear to be long enough for even simple tasks to run, so extend it to 120s.
