diff --git a/src/ApiService/ApiService/OneFuzzTypes/Model.cs b/src/ApiService/ApiService/OneFuzzTypes/Model.cs index b29118e3c8..9445dfd5e6 100644 --- a/src/ApiService/ApiService/OneFuzzTypes/Model.cs +++ b/src/ApiService/ApiService/OneFuzzTypes/Model.cs @@ -2,9 +2,8 @@ using System; using System.Collections.Generic; using PoolName = System.String; -using Endpoint = System.String; -using GroupId = System.Guid; -using PrincipalId = System.Guid; +using Region = System.String; +using Container = System.String; namespace Microsoft.OneFuzz.Service; @@ -94,7 +93,7 @@ public enum NodeState public record ProxyHeartbeat ( - string Region, + Region Region, Guid ProxyId, List Forwards, DateTimeOffset TimeStamp @@ -118,7 +117,7 @@ bool DebugKeepNode public partial record ProxyForward ( - [PartitionKey] string Region, + [PartitionKey] Region Region, [RowKey] int DstPort, int SrcPort, string DstIp @@ -128,7 +127,7 @@ public partial record ProxyConfig ( Uri Url, string Notification, - string Region, + Region Region, Guid? ProxyId, List Forwards, string InstanceTelemetryKey, @@ -138,7 +137,7 @@ string MicrosoftTelemetryKey public partial record Proxy ( - [PartitionKey] string Region, + [PartitionKey] Region Region, [RowKey] Guid ProxyId, DateTimeOffset? CreatedTimestamp, VmState State, @@ -260,118 +259,5 @@ public record Task( { List Events { get; set; } = new List(); List Nodes { get; set; } = new List(); -} -public record AzureSecurityExtensionConfig(); -public record GenevaExtensionConfig(); - - -public record KeyvaultExtensionConfig( - string KeyVaultName, - string CertName, - string CertPath, - string ExtensionStore -); - -public record AzureMonitorExtensionConfig( - string ConfigVersion, - string Moniker, - string Namespace, - [property: JsonPropertyName("monitoringGSEnvironment")] string MonitoringGSEnvironment, - [property: JsonPropertyName("monitoringGCSAccount")] string MonitoringGCSAccount, - [property: JsonPropertyName("monitoringGCSAuthId")] string MonitoringGCSAuthId, - [property: JsonPropertyName("monitoringGCSAuthIdType")] string MonitoringGCSAuthIdType -); - -public record AzureVmExtensionConfig( - KeyvaultExtensionConfig? Keyvault, - AzureMonitorExtensionConfig AzureMonitor -); -public record NetworkConfig( - string AddressSpace, - string Subnet -) -{ - public NetworkConfig() : this("10.0.0.0/8", "10.0.0.0/16") { } -} - -public record NetworkSecurityGroupConfig( - string[] AllowedServiceTags, - string[] AllowedIps -) -{ - public NetworkSecurityGroupConfig() : this(Array.Empty(), Array.Empty()) { } -} - -public record ApiAccessRule( - string[] Methods, - Guid[] AllowedGroups -); - -public record InstanceConfig -( - [PartitionKey, RowKey] string InstanceName, - //# initial set of admins can only be set during deployment. - //# if admins are set, only admins can update instance configs. - Guid[]? Admins, - //# if set, only admins can manage pools or scalesets - bool AllowPoolManagement, - string[] AllowedAadTenants, - NetworkConfig NetworkConfig, - NetworkSecurityGroupConfig ProxyNsgConfig, - AzureVmExtensionConfig? Extensions, - string ProxyVmSku, - IDictionary? ApiAccessRules, - IDictionary? GroupMembership, - - IDictionary? VmTags, - IDictionary? VmssTags -) : EntityBase() -{ - public InstanceConfig(string instanceName) : this( - instanceName, - null, - true, - Array.Empty(), - new NetworkConfig(), - new NetworkSecurityGroupConfig(), - null, - "Standard_B2s", - null, - null, - null, - null) - { } - - public List? CheckAdmins(List? value) - { - if (value is not null && value.Count == 0) - { - throw new ArgumentException("admins must be null or contain at least one UUID"); - } - else - { - return value; - } - } - - - //# At the moment, this only checks allowed_aad_tenants, however adding - //# support for 3rd party JWT validation is anticipated in a future release. - public ResultOk> CheckInstanceConfig() - { - List errors = new(); - if (AllowedAadTenants.Length == 0) - { - errors.Add("allowed_aad_tenants must not be empty"); - } - if (errors.Count == 0) - { - return ResultOk>.Ok(); - } - else - { - return ResultOk>.Error(errors); - } - } } diff --git a/src/ApiService/ApiService/Program.cs b/src/ApiService/ApiService/Program.cs index cb4c509adf..2a5ffc7223 100644 --- a/src/ApiService/ApiService/Program.cs +++ b/src/ApiService/ApiService/Program.cs @@ -9,6 +9,8 @@ using Microsoft.Azure.Functions.Worker.Middleware; using Microsoft.Azure.Functions.Worker; + + namespace Microsoft.OneFuzz.Service; public class Program @@ -66,11 +68,11 @@ public static void Main() .ConfigureServices((context, services) => services .AddSingleton(_ => new LogTracerFactory(GetLoggers())) - .AddSingleton(_ => new StorageProvider(EnvironmentVariables.OneFuzz.FuncStorage ?? throw new InvalidOperationException("Missing account id"))) .AddSingleton() .AddSingleton() .AddSingleton() .AddSingleton() + .AddSingleton() .AddSingleton() .AddSingleton(_ => new Creds()) .AddSingleton() diff --git a/src/ApiService/ApiService/QueueFileChanges.cs b/src/ApiService/ApiService/QueueFileChanges.cs index 6ddd912295..c90b3b9779 100644 --- a/src/ApiService/ApiService/QueueFileChanges.cs +++ b/src/ApiService/ApiService/QueueFileChanges.cs @@ -14,14 +14,12 @@ public class QueueFileChanges const int MAX_DEQUEUE_COUNT = 5; private readonly ILogTracerFactory _loggerFactory; - private readonly IStorageProvider _storageProvider; private readonly IStorage _storage; - public QueueFileChanges(ILogTracerFactory loggerFactory, IStorageProvider storageProvider, IStorage storage) + public QueueFileChanges(ILogTracerFactory loggerFactory, IStorage storage) { _loggerFactory = loggerFactory; - _storageProvider = storageProvider; _storage = storage; } @@ -52,7 +50,7 @@ public Async.Task Run( } file_added(log, fileChangeEvent, lastTry); - return Task.CompletedTask; + return Async.Task.CompletedTask; } private void file_added(ILogTracer log, Dictionary fileChangeEvent, bool failTaskOnTransientError) diff --git a/src/ApiService/ApiService/QueueProxyHeartbeat.cs b/src/ApiService/ApiService/QueueProxyHeartbeat.cs index 7e25017fc4..9eb437d7b2 100644 --- a/src/ApiService/ApiService/QueueProxyHeartbeat.cs +++ b/src/ApiService/ApiService/QueueProxyHeartbeat.cs @@ -1,7 +1,6 @@ using System; using Microsoft.Azure.Functions.Worker; using System.Text.Json; -using System.Threading.Tasks; using Microsoft.OneFuzz.Service.OneFuzzLib.Orm; namespace Microsoft.OneFuzz.Service; @@ -19,7 +18,7 @@ public QueueProxyHearbeat(ILogTracerFactory loggerFactory, IProxyOperations prox } [Function("QueueProxyHearbeat")] - public async Task Run([QueueTrigger("myqueue-items", Connection = "AzureWebJobsStorage")] string msg) + public async Async.Task Run([QueueTrigger("myqueue-items", Connection = "AzureWebJobsStorage")] string msg) { var log = _loggerFactory.MakeLogTracer(Guid.NewGuid()); diff --git a/src/ApiService/ApiService/onefuzzlib/orm/StorageProvider.cs b/src/ApiService/ApiService/onefuzzlib/orm/StorageProvider.cs deleted file mode 100644 index 1d17ea18ce..0000000000 --- a/src/ApiService/ApiService/onefuzzlib/orm/StorageProvider.cs +++ /dev/null @@ -1,53 +0,0 @@ -using Azure.Data.Tables; -using System; -using System.Linq; -using System.Threading.Tasks; -using Azure.Core; -using Azure.ResourceManager.Storage; -using Azure.ResourceManager; -using Azure.Identity; - -namespace Microsoft.OneFuzz.Service.OneFuzzLib.Orm; - - -public interface IStorageProvider -{ - Task GetTableClient(string table); - //IAsyncEnumerable QueryAsync(string filter) where T : EntityBase; - //Task Replace(T entity) where T : EntityBase; - -} - -public class StorageProvider : IStorageProvider -{ - private readonly string _accountId; - private readonly EntityConverter _entityConverter; - private readonly ArmClient _armClient; - - public StorageProvider(string accountId) - { - _accountId = accountId; - _entityConverter = new EntityConverter(); - _armClient = new ArmClient(new DefaultAzureCredential()); - } - - public async Task GetTableClient(string table) - { - var (name, key) = GetStorageAccountNameAndKey(_accountId); - var identifier = new ResourceIdentifier(_accountId); - var tableClient = new TableServiceClient(new Uri($"https://{identifier.Name}.table.core.windows.net"), new TableSharedKeyCredential(name, key)); - await tableClient.CreateTableIfNotExistsAsync(table); - return tableClient.GetTableClient(table); - } - - - public (string?, string?) GetStorageAccountNameAndKey(string accountId) - { - var resourceId = new ResourceIdentifier(accountId); - var storageAccount = _armClient.GetStorageAccountResource(resourceId); - var key = storageAccount.GetKeys().Value.Keys.FirstOrDefault(); - return (resourceId.Name, key?.Value); - } - - -} \ No newline at end of file