entitlements-azure merge requestshttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests2021-08-05T08:38:18Zhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/41Master2021-08-05T08:38:18ZDzmitry_Paulouski (slb)Masterhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/37make domain configurable2021-02-04T20:36:21ZMingyang Zhumake domain configurableWe'd like to make the domain configurable instead of hard-coded. Related issue: https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/6We'd like to make the domain configurable instead of hard-coded. Related issue: https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/6Mingyang ZhuMingyang Zhuhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/36correct the response code when given member not exist in the given group2021-01-20T02:17:36ZMingyang Zhucorrect the response code when given member not exist in the given groupRelated issue: https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/issues/6Related issue: https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/issues/6Mingyang ZhuMingyang Zhuhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/33Resolve package vulnerabilities2020-12-17T20:05:34ZMingyang ZhuResolve package vulnerabilitiesupgrade libraries to resolve high and critical package vulnerabilitiesupgrade libraries to resolve high and critical package vulnerabilitiesMingyang ZhuMingyang Zhuhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/30New api to list group on behalf of a given identity2020-12-07T04:11:14ZMingyang ZhuNew api to list group on behalf of a given identityImplement a new API allowing admin role to list groups of a given identityImplement a new API allowing admin role to list groups of a given identityMingyang ZhuMingyang Zhuhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/29Data Admin service account whitelist2020-11-16T21:08:43ZMingyang ZhuData Admin service account whitelist1. Implement data admin service account white list loading logic
2. For the tenant service principal and the whitelisted service account return all data groups when getting group1. Implement data admin service account white list loading logic
2. For the tenant service principal and the whitelisted service account return all data groups when getting groupethiraj krishnamanaiduMingyang Zhuethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/27Updated helm chart2020-11-09T22:25:33ZDaniel SchollUpdated helm chartChanging Default Sizing of Standard Azure Deployment. https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/42Changing Default Sizing of Standard Azure Deployment. https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/42Daniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/26Azure SDKs Upgrade and Dependency Management2020-11-17T09:28:21ZAbhishek PatilAzure SDKs Upgrade and Dependency Management## All Submissions:
-------------------------------------
* [YES] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have ...## All Submissions:
-------------------------------------
* [YES] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have you added an explanation of what your changes do and why you'd like us to include them?
* [YES] I have updated the documentation accordingly.
* [NA] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [NO] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
- Old version of Azure SDKs are used in service.
- Versions of dependencies which are common across all OSDU services are not consistent/same in all OSDU services.<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: https://dev.azure.com/msazure/One/_workitems/edit/8708950
## What is the new behavior?
-------------------------------------
- All Azure SDKs are upgraded to latest stable version.
- Common dependencies are inherited from core-lib-azure as managed dependencies. This will make sure that version info of those dependencies are inherited from core-lib-azure. All OSDU services using same version of core-lib-azure will automatically use same versions for all those dependencies.
- Changes to support new cosmos-store.<!-- Please describe the behavior or changes that are being added by this PR. -->
## Does this introduce a breaking change?
-------------------------------------
- [NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->Abhishek PatilAbhishek Patilhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/24Upgrading core-lib-azure version.2020-10-06T06:14:39ZAbhishek PatilUpgrading core-lib-azure version.## All Submissions:
-------------------------------------
* [NO] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have y...## All Submissions:
-------------------------------------
* [NO] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have you added an explanation of what your changes do and why you'd like us to include them?
* [NA] I have updated the documentation accordingly.
* [NA] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [NO] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Not using the latest version of dependency `core-lib-azure` (current version: 0.0.19)
(WorkItem : https://dev.azure.com/msazure/One/_workitems/edit/8305168)
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
- Using the latest version of `core-lib-azure` (0.0.28).
- AzureServicePrincipal class is now being used from core-lib-azure instead of local implementation(local implementation deleted).
## Does this introduce a breaking change?
-------------------------------------
- [NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->Abhishek PatilAbhishek Patilhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/23Support non aad token2020-09-19T16:19:09ZAlok JoshiSupport non aad tokenAdd support for non-AAD token. This is required to support multiple IDPs through Istio.Add support for non-AAD token. This is required to support multiple IDPs through Istio.ethiraj krishnamanaiduDania Kodeih (Microsoft)Neelesh ThakurDaniel SchollSherman Yangashley kelhamethiraj krishnamanaiduhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/22enable multi-partition support2020-10-07T16:08:25ZNeelesh Thakurenable multi-partition supporthttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/20Updaing readme doc with Istio Auth filter2020-09-16T07:06:50ZKiran VeerapaneniUpdaing readme doc with Istio Auth filterhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/19Adding conditional check on the component2020-09-12T07:36:48ZKiran VeerapaneniAdding conditional check on the componentAdding condition to Inject Filter only Istio is enabledAdding condition to Inject Filter only Istio is enabledhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/17Disabling AAD authentication In Entitlement service2020-09-11T17:12:10ZKiran VeerapaneniDisabling AAD authentication In Entitlement serviceAs Istio AuthN got enabled in R2 services,Disabling AAD authentication using Istio auth property.
Added a new Filter to decode payload coming from Istio and set security context to authorize requests.
Added Istio auth Env variable and se...As Istio AuthN got enabled in R2 services,Disabling AAD authentication using Istio auth property.
Added a new Filter to decode payload coming from Istio and set security context to authorize requests.
Added Istio auth Env variable and seti to true in helm charts templatehttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/16Azure aks2020-08-31T15:05:01ZDaniel SchollAzure aksBug Fixing Azure AKS Pipeline supportBug Fixing Azure AKS Pipeline supportDaniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/15Azure aks2020-08-31T12:08:13ZDaniel SchollAzure aksDaniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/14Enabled slf4j MDC Context filter2020-08-18T16:31:52ZKishore BattulaEnabled slf4j MDC Context filterhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/13Enabled transaction logger and slf4jlogger2020-08-17T14:26:22ZKishore BattulaEnabled transaction logger and slf4jlogger## All Submissions:
-------------------------------------
* [YES] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have ...## All Submissions:
-------------------------------------
* [YES] Have you followed our code review [guidelines](https://github.com/microsoft/code-with-engineering-playbook/blob/master/pull-requests/code-reviews/readme.md)?
* [YES] Have you added an explanation of what your changes do and why you'd like us to include them?
* [YES] I have updated the documentation accordingly.
* [NA] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [YES] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Logs are not written to azure app insights.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
- Logs are written to azure app insights
- Added new logs to log start and end of web request
-
## Does this introduce a breaking change?
-------------------------------------
- [NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->
https://community.opengroup.org/osdu/platform/system/lib/cloud/azure/os-core-lib-azure/-/merge_requests/11Daniel SchollHema Vishnu Pola [Microsoft]Daniel Schollhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/12making changes to use CosmosStore instead of CosmosFacade2020-07-29T13:11:43Zharshit aggarwalmaking changes to use CosmosStore instead of CosmosFacadeThis change will make Entitlement service to use CosmosStore class instead of CosmosFacade for
accessing cosmosDbThis change will make Entitlement service to use CosmosStore class instead of CosmosFacade for
accessing cosmosDbharshit aggarwalharshit aggarwalhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/11Azure - (1/4) - Adding missing context path for entitlements2020-07-16T02:33:10ZDuvelis CaraoAzure - (1/4) - Adding missing context path for entitlements**This impacts only Azure Implementation**
This MR is part of a group of MRs with dependencies between them
0. Update infrastructure (Azure / osdu-infrastructure) to have reference to the new URLs (https://github.com/Azure/osdu-inf...**This impacts only Azure Implementation**
This MR is part of a group of MRs with dependencies between them
0. Update infrastructure (Azure / osdu-infrastructure) to have reference to the new URLs (https://github.com/Azure/osdu-infrastructure/pull/23)
1. Adding missing context path for entitlements.
2. Adding missing context path for legal.
3. Adding missing context path for storage.
4. Adding missing context path for indexer
After merging this MR, the new Entitlement URL will be:
https://{host}**/entitlements/v1/**
Before merging this MR:
- Please make sure infrastructure is updated and executed in order to have the new URL for entitlement, otherwise, integration testing will fail.
- Update environment variable (AZURE - Common) with the new Entitlement URL:
ENTITLEMENT_URL: https://$(AZURE_ENTITLEMENTS_SERVICE_NAME).azurewebsites.net/entitlements/v1/
-------
This PR is related to 6 other requests for changing a URL structure and adding in context paths for services.
1. osdu-infrastructure 1/6 PR https://github.com/Azure/osdu-infrastructure/pull/23
1. CI-CD Pipelines 2/6 This PR
1. Entitlements Azure 3/6 https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure/-/merge_requests/11
1. Legal 4/6 https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/32
1. Storage 5/6 https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/33
1. Indexer 6/6 https://community.opengroup.org/osdu/platform/system/indexer-service
They are all required and any one but not the other will break builds and tests across the entire ecosystem for Azure.M1 - Release 0.1ethiraj krishnamanaiduDania Kodeih (Microsoft)Daniel Schollethiraj krishnamanaidu