Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Switching to SNI based authentication for aad app #3137

Merged
merged 4 commits into from
Jun 10, 2024
Merged

Switching to SNI based authentication for aad app #3137

merged 4 commits into from
Jun 10, 2024

Conversation

nagworld9
Copy link
Contributor

Description

Fixing security alert - removing pinned certs and switching to subject name issuer-based authentication

Issue #

PR information

  • The title of the PR is clear and informative.
  • There are a small number of commits, each of which has an informative message. This means that previously merged commits do not appear in the history of the PR. For information on cleaning up the commits in your pull request, see this page.
  • If applicable, the PR references the bug/issue that it fixes in the description.
  • New Unit tests were added for the changes made

Quality of Code and Contribution Guidelines

nagworld9
nagworld9 commented Jun 6, 2024
View reviewed changes
tests_e2e/orchestrator/docker/Dockerfile
@@ -67,7 +67,7 @@ RUN \
cd $HOME && \
git clone https://github.com/microsoft/lisa.git && \
cd lisa && \
git checkout 2c16e32001fdefb9572dff61241451b648259dbf && \
git checkout 95c09ff7d5b6e71d1642a628607ac9bb441c69f5 && \
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pulling lisa latest changes since they updated azure-identity version which supports SNI based authentication

tests_e2e/tests/lib/network_security_rule.py
@@ -55,7 +55,7 @@ def add_security_rule(self, security_rule: Dict[str, Any]) -> None:
self._get_network_security_group()["properties"]["securityRules"].append(security_rule)

def _get_network_security_group(self) -> Dict[str, Any]:
resources: List[Dict[str, Any]] = self._template["resources"]
resources: Dict[str, Dict[str, Any]] = self._template["resources"]
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Schema updated in new lisa template; resources type changed to dict(dict) from list(dict)

@nagworld9 nagworld9 merged commit 81140ee into Azure:develop Jun 10, 2024
10 of 11 checks passed
@nagworld9 nagworld9 deleted the app-certs branch June 10, 2024 18:14
maddieford pushed a commit to maddieford/WALinuxAgent that referenced this pull request Aug 13, 2024
@nagworld9 @maddieford
Switching to SNI based authentication for aad app (Azure#3137)
d169f66 
* SNI auth

* new env var

* pylint

(cherry picked from commit 81140ee)
maddieford added a commit that referenced this pull request Aug 13, 2024
@maddieford @nagworld9
Switching to SNI based authentication for aad app (#3137) (#3174)
fb372d9 
* SNI auth

* new env var

* pylint

(cherry picked from commit 81140ee)

Co-authored-by: Nageswara Nandigam <84482346+nagworld9@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maddieford maddieford maddieford approved these changes

@narrieta narrieta Awaiting requested review from narrieta narrieta is a code owner

@ZhidongPeng ZhidongPeng Awaiting requested review from ZhidongPeng ZhidongPeng is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nagworld9 @maddieford