Skip to content
This repository has been archived by the owner on May 2, 2023. It is now read-only.

Fix HealthCheck auth endpoint for alternate Azure Clouds (Server 2022.1 stream) #40

Conversation

mjhilton
Copy link
Contributor

Background

We recently fixed a problem where the configured proxy was not respected when performing Azure App Service target health checks. This involved using a new version of the Azure SDK, because the previous version was causing the bug and Microsoft will not fix it.

In doing so, we introduced OctopusDeploy/Issues#7663, which causes health-checks on Azure Clouds other than Azure Public Cloud to fail. This is because the AuthorityHost for the login process had not been correctly plumbed through to the new SDK client, and it's very hard for people outside those Azure Cloud regions to get access to test against them.

Result

This PR ensures that the AuthorityHost is correctly plumbed through to the SDK Client for the login process, which when adopted into Octopus Server will remediate OctopusDeploy/Issues#7663

MJRichardson and others added 30 commits July 19, 2022 12:30
…imi.AzureAppService' project: VCS roots of 'Chain: Build and Test and Publish to Feedz.io' build configuration were updated
…imi.AzureAppService' project: VCS roots of 'Chain: Build and Test and Publish to Feedz.io' build configuration were updated
…imi.AzureAppService' project: build features of 'Chain: Build and Test and Publish to Feedz.io' build configuration were updated
…imi.AzureAppService' project: triggers of 'Chain: Build and Test and Publish to Feedz.io' build configuration were updated
…imi.AzureAppService' project: 'Chain: Build and Test and Publish to Feedz.io' build configuration settings were updated
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
…imi.AzureAppService' project: snapshot dependency was added in 'Chain: Build and Test and Publish to Feedz.io' build configuration
mjhilton and others added 27 commits July 19, 2022 12:30
…imi.AzureAppService' project: general settings of 'Chain: Build and Test and Publish to Feedz.io' build configuration were updated
…imi.AzureAppService' project: project 'Build: Test Images' was created
…shimiAzureAppService_BuildTestImages: project 'Build: Test Images' was removed
…tings (#35)

* Ensure HealthCheck respects configured proxy settings
* Extract integration test base class to its own file
* Pull common variable setup down to base class
* Add test to ensure Health Check respects proxy settings
* Ensure Proxy test works on both CI and locally
* Fixes another small difference in testing between CI and local
* More tweaks to test for cross-OS assertion
* Fix up refactor in AppServiceBehaviourFixture
* Simplify Proxy test code
@gitguardian
Copy link

gitguardian bot commented Jul 19, 2022

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request
GitGuardian id Secret Commit Filename
747366 Generic High Entropy Secret 3d4d008 source/Spike/Spike/Program.cs View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secret safely. Learn here the best practices.
  3. Revoke and rotate this secret.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider


🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

@mjhilton
Copy link
Contributor Author

Ew. What happened with this branch. Let's not.

@mjhilton mjhilton closed this Jul 19, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants