* Need to keep working on making dummy values
* Create endpoing to validate scriban templates
* Fix dev experience with app config manager, allow scriban validate endpoint to override jinja converssion
* Use strict validation
Co-authored-by: Teo Voinea <Teodor.Voinea@microsoft.com>
While I was investigating `llvm-symbolizer` issues, I found that we are installing LLVM-10 by default.
Now that we are using the Ubuntu 20.04 image as the default, use the latest LLVM version available for that release. (In addition, v12 is also available on 22.04, whereas v10 is not.)
* Foundation for feature flags
* Demo usage
* Use managed identity
* Add FFs using DI method
* missed a file
* Cleanup
* Forgot test context
* Default is off if the FF doesn't already exist
* Update src/ApiService/ApiService/Program.cs
Co-authored-by: George Pollard <porges@porg.es>
* force evaluate lock files
Co-authored-by: Teo Voinea <Teodor.Voinea@microsoft.com>
Co-authored-by: George Pollard <porges@porg.es>
This is a regression from Python to C# version: the C# code was not checking the result of the AddExtensions function, so would transition Repro VMs or Proxy VMs into Running state potentially before they are ready to be used.
This could cause test failures or confusing errors when running `create_and_connect`.
* pass the machine_identity from the agent to the task
* clippy fix
* removing default from MachineIdenitty
* fix tests
* more tests fixes
* format
* clippy fix
* another fix
* fix test
* Update src/agent/onefuzz-task/src/local/common.rs
1. When parsing a `ValidatedString` from JSON and it fails, include a message about the expected format of the string.
- Reworked the classes using C#11 features to reduce the amount of boilerplate needed to add a new validated string type.
2. Change to use [RFC7807](https://www.rfc-editor.org/rfc/rfc7807) format for HTTP error responses. At the moment we returned the `Error` type which was undocumented.
3. Update CLI to parse RFC7807 responses.
Old error looked like:
```console
$ onefuzz containers create AbCd
ERROR:cli:command failed: request did not succeed: HTTP 500 -
```
New error looks like:
```console
$ onefuzz containers create AbCd
ERROR:cli:command failed: request did not succeed (400: INVALID_REQUEST): Unable
to parse 'AbCd' as a Container: Container name must be 3-63 lowercase letters, numbers,
or non-consecutive hyphens (see: https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/resource-name-rules#microsoftstorage)
```
Closes#2661.
Enabling some native code features which are SDL requirements. (Specifically, the requirement "Executable binary files must be hardened to leverage available platform security mitigations".)
I attempted to use BinSkim to enforce the requirements but it has trouble with Rust binaries at present.
The minidump file being generated did not have enough information for SOS to correctly locate the exception object. Switch to “full” minidumps instead.
- Fix a small bug with coverage reporting task ID as job ID.
- I had thought we needed .NET 6 installed as well to run SharpFuzz, but now I'm not so sure. In any case, installing both versions will not hurt (and may help users).
Using [`cargo-deny`](https://embarkstudios.github.io/cargo-deny/) to ensure that disallowed dependencies removed in #2423 do not accidentally make their way back in.
`cargo-deny` subsumes the `cargo-audit` functionality, so switch to the `cargo-deny` version.
Setting this up required explicitly stating the license which was not in some of our `Cargo.toml` files.
* bug fixes related to the unmanaged nodes
- fix the token request in the client
- adding a is_unmnaged field to the agentConfig
- fix typo in the appId claim type
- fix typo in the UnmanagedNode claim value
- fix query PoolOperation.GetByClientId
* remove unused import
* build fix
* change unmanaged field to managed
* Apply suggestions from code review
Co-authored-by: Teo Voinea <58236992+tevoinea@users.noreply.github.com>
Co-authored-by: Teo Voinea <58236992+tevoinea@users.noreply.github.com>
* Make --container_type a required parameter (#2574)
* Fix targetUrl so it no longer contains full exe path
* Make --container_type a required parameter (#2574)
The `Response` object must have the JSON loaded via `json()` (`backend.request` was updated but this callsite was missed).
Also, import the `Onefuzz` type so that this is type-checked to avoid the same problem in future.
Update CLI to attempt broker or browser-based authentication first; if you `Ctrl-C` to cancel it, you can fall back to device code login.
Also updated the MSAL dependency to latest version and pass `allow_broker=True` which will allow the use of Web Account Manager (WAM), if it is available.
Using browser auth requires the `http://localhost` redirect URI, and using the broker requires a special custom URI including the app ID (see code).
* create the config_path folder if it does not exist
* Update the Authorization layer to allow unmanaged nodes
* check the role assignment
* fix merge
* build fix
* fix typo
* formatting
* formatting
