* New serive connection object with cert is used
* new service connection with workload federated identity
* Azure Powershell version changed to 5
* Add support for ClientAssertion type
* Create all accounts as service principals.
* Handling empty collections of user accounts.
* Set up new app environment variables.
* Expand the use of service principals.
* First round of changes to convert script to microsoft graph
* Switched to just installing ms graph authentication instead of the whole sdk
* Switched to keyvault with Azure RBAC enabled and set currentObjectID to Key Vault Secrets Officer. Removing ms graph install since the AzurePowershell task installs Azure Az library.
* Added resource group to getAzkeyvault as I think it is timing out searching such a large subscription.
* Reverting changes made for ms graph
* Removing scope as it isn't needed and is incorrect anyway
* Added placeholder hsm for role creation.
* Creating Hsm and setting in role assignment
* Adding hsm module to installation at begining
* Removed hsm resource
* Updated scope in the new azroleassignment call.
* Updated provision deploy to use azure rbac
* Updated access policy to rbac role assignment
* Updated role definition
* Scope is invalid
* Bug where keyvault name is uppercase. Causes issues later.
* Says the InRemovedState is mandatory. Adding in.
* Added to lower on webapp name
* Adding logging to track down where we are not lowering the servername value.
* Added role assignment to initial deploy as it doesn't need to be assigned after.
* Found the locations to lower the serverName
* Had incorrect placement of to lower
* Fixed extra ) and changed back to webapp name parameter and just called to lower in the provision health check
* Updated roledefinitionid
* Removed scope
* Switching back to keyvault role assignment
* Adding import test to export pipeline
* Fixed typo in test name
* Made pipeline more generic. There is now a shared variables file that takes the name of the test area that it needs to return variables for. Still need to create the Import environment to test this out.
* Updated variables for ci and pr pipeline since the build variables yml is shared between all the pipelines.
* Split from testarea file because it won't let you use two templates files where one has a parameter to set the variables.
* Moved template to variables section of job
* Updated duplicate naming
* Missed updated on depends on
* Moved variables back to build-variables as the testArea template doesn't work as intended due to limitations.
* Missing -
* Added values.
* Updated environment name variable.
* Added in additional check for when used in Export pipeline
* Added in code from e2e-tests.yml to create the TestIntegrationStore and key that the import test fixutre needs.
* Added appname variable.
* Can't use variable moved to inline
* Forgot to change to = sign from :
* Added check to remove stu3 since current env doesn't add that version to end of app name.
* Removed unneeded code in integration test fixture.
* Removed using
* Change to user for auth
* Add import user and remove cosmos db test run
* Update tags
* Fix cleanup scripts
* Remove unused environments
* Add sql
* Added global importer user id
* Updated test urls as they should point to resoluteopensource and not the azurewebsites tenant.
* Test urls needed to be the tenant domain and not default to azurewebsites.net. This was causing the web apps to deploy under azurewebsites.net and not the resoluteopensource tenant.
* tenantDomain isn't used in all pipelines. Moving back to the resoluteopensource tenant name.
* Added logging to validate webapp name used
* Added explicit domain variables to reference. Log output is showing *** for audience meaning that this tenantDomain value isn't set.
* Updated TestApplicationResource to use the static value of tenantDomainSuffix
* Added logging for tracking.
* Removed temporary logging. Added filter to exclude Authorization tests since they will not work in this environment.
* Changed test app resource to oss tenant.
* Changes for testing.
* Back to azurewebsites value
* Added a new argument to allow overriding of the audience in a multi tenant situation.
* Changed audience to app override instead
* Missed couple locations to update.
* Believe this is the cause of the duplicate key issue.
* TestApplicationResource was incorrect
* Updated filter to only target the import tests in SQL tests and added in cosmosdb import tests.
* Added restart for import cosmos setup
* Removed unneeded changes
* PR comment fixes
* Updated Test application resource to resolute oss as PR builds are failing
* Added try catch for second auth environment setup.
* Undid domain change. Try catch should fix PR issue.
* Added override for pr pipeline to use proper resource url for tests.
* Moved resourceTenantDomainSuffix to each pipeline variables file since PRs appear to behave differently that the others.
* Adding in old build variable values to pr variables to separate from other envionrments.
---------
Co-authored-by: LTA-Thinking <rbrucej@gmail.com>
* Introduce FhirAnalyzer which currently hold only one rule.
It's checking calls to ILogger.Log* methods and make sure we don't pass variable string via string interpolation.
Also clean up code to conform to that rule.
* set the default container user to a non-root one
* updated docs and release docker-compose with changed default port
* updated changed port in docker README
* Work on AAD roles deployment scripts
* Moved Set-FhirServerApiApplicationRoles
* Moved Set-FhirServerClientAppRoleAssignments to FhirServer module
* Created Set-FhirServerUserAppRoleAssignments.ps1 for adding users to roles
* Adjusted calls in FhirServerRelease to use new functions in FhirServer and updated deployment documentation
* Fixed bug and added instructions for specifying roles
* Check for role assignment when New-AzureADServiceAppRoleAssignment throws
* Fixed multiple incompatibilities in Add-AadTestAuthEnvironment.ps1, fixed a few bugs
* Updated documentation based on PR feedback
* Additional PR feedback
* Commit for working auth e2e. Committed for save.
* Added unit tests.
* Added proper username/password for tests.
* Updated to set up users in identity server correctly.
Added ways for tests to run as an app as well as user.
* Fixes casing of file
* Added consent to native applications.
* Grant admin consent for client apps
* Improve robustness of admin consent
* Updated the resource env variable.
* Updated summary.
* Updated comments.
* Testing getting token using new httpclient.
* Fix issue with getting the correct environment variables while getting bearer token.
* Testing with existing HttpClient instead of a new one.
* Fixed null check on user.
v-ajajvanu
Fernando Henrique Inocêncio Borba Ferreira
rajithaalurims
Mikael Weaver
Paul Taladay
Robert Johnson
apurvabhaleMS
dependabot[bot]
namadabu
Ivan Matantsev
Marcus Robinson
Chris
John Stairs
Michael Hansen
brandonpollett
Brendan Kowitz
Michael Hansen
brandonpollett
garamamo