entitlements-azure merge requestshttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests2020-12-25T05:24:03Zhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/25Fix for enabling root level SP2020-12-25T05:24:03Zharshit aggarwalFix for enabling root level SP
This PR contains fix for enabling support for Root Level SP [ Note: This is only an interim solution ]
We are adding a check in getGroups method that if a call is made from a certain SP [aka Root SP] we will return all the groups in th...
This PR contains fix for enabling support for Root Level SP [ Note: This is only an interim solution ]
We are adding a check in getGroups method that if a call is made from a certain SP [aka Root SP] we will return all the groups in the tenant by querying TenantInfo collection
For the check we are comparing object ID's [OID] of the service principals. The OID of the Root SP will be read from the key vault.
Appropriate infra changes done through following Pull Requests [PR1 ](https://github.com/Azure/osdu-infrastructure/pull/182), [PR2](https://github.com/Azure/osdu-infrastructure/pull/183) and [PR3](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/merge_requests/8), though it might take some time for changes to get deployedhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/24Upgrading core-lib-azure version.2020-10-06T06:14:39ZAbhishek PatilUpgrading core-lib-azure version.## All Submissions:
-------------------------------------
* [NO] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have y...## All Submissions:
-------------------------------------
* [NO] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have you added an explanation of what your changes do and why you'd like us to include them?
* [NA] I have updated the documentation accordingly.
* [NA] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [NO] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Not using the latest version of dependency `core-lib-azure` (current version: 0.0.19)
(WorkItem : https://dev.azure.com/msazure/One/_workitems/edit/8305168)
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
- Using the latest version of `core-lib-azure` (0.0.28).
- AzureServicePrincipal class is now being used from core-lib-azure instead of local implementation(local implementation deleted).
## Does this introduce a breaking change?
-------------------------------------
- [NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->Abhishek PatilAbhishek Patilhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/23Support non aad token2020-09-19T16:19:09ZAlok JoshiSupport non aad tokenAdd support for non-AAD token. This is required to support multiple IDPs through Istio.Add support for non-AAD token. This is required to support multiple IDPs through Istio.ethiraj krishnamanaiduDania Kodeih (Microsoft)Neelesh ThakurDaniel SchollSherman Yangashley kelhamethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/22enable multi-partition support2020-10-07T16:08:25ZNeelesh Thakurenable multi-partition supporthttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/21Improve code coverage2020-09-22T12:02:41ZAalekh JainImprove code coverage## All Submissions:
* [NO] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have you added an explanation of what your ...## All Submissions:
* [NO] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have you added an explanation of what your changes do and why you'd like us to include them?
* [NA] I have updated the documentation accordingly.
* [YES] I have added tests to cover my changes.
* [NO] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [NO] I ran lint checks locally prior to submission.
## What is the current behavior?
Insufficient code coverage in entitlements service.
## What is the new behavior?
Added UTs for improving code coverage of entitlements service.
## Does this introduce a breaking change?
- [NO]
## Other information
Build for this MR fails because of the bug in validating email address (#2). This needs to be fixed.
cc: @kibattul @kiveerap @amavermahttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/20Updaing readme doc with Istio Auth filter2020-09-16T07:06:50ZKiran VeerapaneniUpdaing readme doc with Istio Auth filterhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/19Adding conditional check on the component2020-09-12T07:36:48ZKiran VeerapaneniAdding conditional check on the componentAdding condition to Inject Filter only Istio is enabledAdding condition to Inject Filter only Istio is enabledhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/18Draft: Resolve "Disabling AAD Authentication from R2 Services"2020-09-11T12:14:03ZKiran VeerapaneniDraft: Resolve "Disabling AAD Authentication from R2 Services"Closes #1Closes #1https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/17Disabling AAD authentication In Entitlement service2020-09-11T17:12:10ZKiran VeerapaneniDisabling AAD authentication In Entitlement serviceAs Istio AuthN got enabled in R2 services,Disabling AAD authentication using Istio auth property.
Added a new Filter to decode payload coming from Istio and set security context to authorize requests.
Added Istio auth Env variable and se...As Istio AuthN got enabled in R2 services,Disabling AAD authentication using Istio auth property.
Added a new Filter to decode payload coming from Istio and set security context to authorize requests.
Added Istio auth Env variable and seti to true in helm charts templatehttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/16Azure aks2020-08-31T15:05:01ZDaniel SchollAzure aksBug Fixing Azure AKS Pipeline supportBug Fixing Azure AKS Pipeline supportDaniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/15Azure aks2020-08-31T12:08:13ZDaniel SchollAzure aksDaniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/14Enabled slf4j MDC Context filter2020-08-18T16:31:52ZKishore BattulaEnabled slf4j MDC Context filterhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/13Enabled transaction logger and slf4jlogger2020-08-17T14:26:22ZKishore BattulaEnabled transaction logger and slf4jlogger## All Submissions:
-------------------------------------
* [YES] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have ...## All Submissions:
-------------------------------------
* [YES] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have you added an explanation of what your changes do and why you'd like us to include them?
* [YES] I have updated the documentation accordingly.
* [NA] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [YES] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Logs are not written to azure app insights.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
- Logs are written to azure app insights
- Added new logs to log start and end of web request
-
## Does this introduce a breaking change?
-------------------------------------
- [NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->
https://community.opengroup.org/osdu/platform/system/lib/cloud/azure/os-core-lib-azure/-/merge_requests/11Daniel SchollHema Vishnu Pola [Microsoft]Daniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/12making changes to use CosmosStore instead of CosmosFacade2020-07-29T13:11:43Zharshit aggarwalmaking changes to use CosmosStore instead of CosmosFacadeThis change will make Entitlement service to use CosmosStore class instead of CosmosFacade for
accessing cosmosDbThis change will make Entitlement service to use CosmosStore class instead of CosmosFacade for
accessing cosmosDbharshit aggarwalharshit aggarwalhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/9Eleckner/us/21812020-06-26T21:12:13ZChristian LecknerEleckner/us/2181## All Submissions:
-------------------------------------
* [YES] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have ...## All Submissions:
-------------------------------------
* [YES] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have you added an explanation of what your changes do and why you'd like us to include them?
* [YES] I have updated the documentation accordingly.
* [YES] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
2181 Use OID for HTTP POST /entitlements/v1/groups/{group_email}/members for USERS
2763 Entitlement service implementation
2626 Merge entitlement service changes to Gitlab
1678 Entitlement Service CRUD Operations- Delete User Profile Operation
1679 Entitlement Service CRUD Operations- Update User Profile Operation
2581 Unit and integration tests for entitlement service APIs
## What is the new behavior?
-------------------------------------
See above
## Does this introduce a breaking change?
-------------------------------------
No
## Any relevant logs, error output, etc?
-------------------------------------
N./A
## Other information
-------------------------------------Christian LecknerChristian Lecknerhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/8Fixed License Copyright Symbol2020-06-04T21:48:04ZDaniel SchollFixed License Copyright SymbolThis is a change of the copyright symbol in order to test a developer workflow.This is a change of the copyright symbol in order to test a developer workflow.Daniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/7Development Pipeline Updated2020-06-04T20:21:39ZDaniel SchollDevelopment Pipeline UpdatedDaniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/6Azure Development Pipelines added2020-06-04T16:28:42ZDaniel SchollAzure Development Pipelines addedThis pull request adds in a Pipeline to be used for Microsoft Azure Development Work.This pull request adds in a Pipeline to be used for Microsoft Azure Development Work.Daniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/5Fix notice2020-05-25T14:39:15ZDavid Diederichd.diederich@opengroup.orgFix noticeThis updates the NOTICE file that was failing from master.
The change to the "unknown" sections was likely due to some manual overrides I put in the FOSSA tool for Byte Buddy -- FOSSA was picking up some non-license files and interpreti...This updates the NOTICE file that was failing from master.
The change to the "unknown" sections was likely due to some manual overrides I put in the FOSSA tool for Byte Buddy -- FOSSA was picking up some non-license files and interpreting them incorrectly. The attribution is still present, so I believe this is fine, and now the tools will acknowledge it.
Also, I used this branch as a pilot test case for https://community.opengroup.org/osdu/platform/ci-cd-pipelines/-/merge_requests/10, which worked well.Daniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/4Trusted azure2020-05-22T22:28:50ZDaniel SchollTrusted azureRename azure-pipelines to azure-pipeline for consistency purposes.Rename azure-pipelines to azure-pipeline for consistency purposes.Daniel SchollDaniel Scholl