Don't NullRef during Get-AzureDeployment when the cloud service has extended configuration #4788
Conversation
…ice has extended configuration
|
Can one of the admins verify this patch? |
|
@azuresdkci add to whitelist |
| @@ -104,8 +105,18 @@ internal XElement Serialize() | |||
| { | |||
| XElement certificateElement = new XElement(this.ns + "Certificate"); | |||
| certificateElement.SetAttributeValue("name", certificate.Key); | |||
| certificateElement.SetAttributeValue("thumbprint", certificate.Value.Thumbprint); | |||
| certificateElement.SetAttributeValue("thumbprintAlgorithm", certificate.Value.ThumbprintAlgorithm); | |||
| if (certificate.Value.Thumbprint != null) | |||
There was a problem hiding this comment.
Could certificate.Value be null?
There was a problem hiding this comment.
No. It's a value driven by the foreach loop over existing elements.
There was a problem hiding this comment.
I meant this.Certificates is of type Dictionary<string, CertificateConfiguration>();. and the for loop make sure that variable "certificate" is not null... I wonder if "certificate.Value' can be null.
There was a problem hiding this comment.
Oh, I see what you're asking.
Certificates.value won't be null because in the deserializer where it's set up, an element to the Dictionary is only added after the CertificateConfiguration object is created using an Object Initializer (so it can't be null).
See lines 44-53.
| } | ||
| if (certificate.Value.ThumbprintAlgorithm != null) | ||
| { | ||
| certificateElement.SetAttributeValue("thumbprintAlgorithm", certificate.Value.ThumbprintAlgorithm); |
There was a problem hiding this comment.
Would it be better to define a constant string instead of using hard coded string literals?
There was a problem hiding this comment.
I was following the existing pattern of the file. There are no constants at all.
|
@spaoliello @vanbasten2323 The PR is failing for CredScan issues. Go to http://aka.ms/credscan for information on suppressing any false positives. The report is here: https://azuresdkci.westus2.cloudapp.azure.com/job/powershell/70/artifact/src/Package/credscan-matches.tsv |
|
Tests were added, and are passing. |
|
@hyonholee @vanbasten2323 would one of you be able to sign off on the changes made by Simon? |
| @@ -224,6 +224,13 @@ | |||
| <None Include="Resources\DiagnosticsExtension\Files\diagnostics.wadcfgx"> | |||
| <CopyToOutputDirectory>Always</CopyToOutputDirectory> | |||
| </None> | |||
| <None Include="Resources\ServiceManagement\Files\dSMSTest.cscfg"> | |||
| <SubType>Designer</SubType> | |||
There was a problem hiding this comment.
you don't need this line ..., do you?
There was a problem hiding this comment.
No, I think Visual Studio added it automatically.
I can remove it.
| </ConfigurationSettings> | ||
| <Certificates> | ||
| <Certificate name="ThumbprintCert" thumbprint="{{PLACEHOLDER}}" thumbprintAlgorithm="sha1" /> | ||
| <Certificate name="dSMSCert" sourceLocation="/genevacustomers/monitoring/prod/warmpath/test/auxweb/certificates/chained/portaldogfoodmdscert.pfx" /> |
There was a problem hiding this comment.
Is it the correct source location format? A sample source location would be like sourceLocation="https://uswest-dsms.dsms.core.windows.net/dsms/AzureTeam/ABC/certificates/chained/myPFXName.pfx" as shown here https://microsoft.sharepoint.com/teams/AzureSecurityCompliance/Security/_layouts/OneNote.aspx?id=%2Fteams%2FAzureSecurityCompliance%2FSecurity%2FSpecs%20and%20Design%20Docs%2FdSMS%2FOnboarding%2FdSMS%20Support&wd=target%28dSMS%20Onboarding%2FCertificates.one%7C4D38427D-2849-456A-8AED-B754A7AAF6A2%2FOK%20%5C%2F%20Express%20v2%7CB17594EC-657B-4B59-A4E3-F5E510E716C7%2F%29
onenote:https://microsoft.sharepoint.com/teams/AzureSecurityCompliance/Security/Specs%20and%20Design%20Docs/dSMS/Onboarding/dSMS%20Support/dSMS%20Onboarding/Certificates.one#OK%20/%20Express%20v2§ion-id={4D38427D-2849-456A-8AED-B754A7AAF6A2}&page-id={B17594EC-657B-4B59-A4E3-F5E510E716C7}&end
There was a problem hiding this comment.
The relative sourceLocation works if you are using RDFE to perform deployments. It will automatically use the closest dSMS server location.
I tested this deployment with that format and it does work.
| $result = New-AzureDeployment -ServiceName $svcName -Package $cspkg -Configuration $cscfgChanged -Label $svcName -Slot Staging; | ||
|
|
||
| # Get Deployment | ||
| $deploy = Get-AzureDeployment -ServiceName $svcName -Slot Staging; |
There was a problem hiding this comment.
So before the change, if the you have a line in cscfg like: , then you would get null ref error when you create a new deployment. Is my understanding correct?
There was a problem hiding this comment.
Yes. If you didn't supply a thumbprint attribute, it would NullRef when you perform Get-AzureDeployment
There was a problem hiding this comment.
Then shouldn't the NullRef exception be thrown when you do New-AzureDeployment? The PR topic says the exception happens when you do Get-AzureDeployment
There was a problem hiding this comment.
The NullRef was only thrown when I ran Get-AzureDeployment. The test goes through CRUD to ensure it's not occurring anywhere else. I'd rather have extra coverage :)
| $newConfig | Set-Content $cscfgChanged; | ||
|
|
||
| # Update configuration | ||
| $result = Set-AzureDeployment -Config -ServiceName $svcName -Configuration $cscfgChanged -Slot Staging; |
There was a problem hiding this comment.
Why do you need to get a new config and do a Set-AzureDeployment on the new config? I don't quite understand.
There was a problem hiding this comment.
It's to test round-trip. Deploy (tests New) Get (tests Get) Update (tests Set).
I wanted to make sure all parts could handle config without thumbprints.
|
Looks good to me. |
|
@vanbasten2323 Can you sign off based on the responses to your comments? |
|
@markcowl Approved. Sorry for the delay. It's my first time to approve the PR on GitHub. Was not familiar with the approve procedure before. |
|
@vanbasten2323 Thanks for the review. LGTM to me as well. On demand pr here: https://azuresdkci.westus2.cloudapp.azure.com/view/PowerShell/job/powershell-demand/114/ |
Description
This checklist is used to make sure that common guidelines for a pull request are followed. You can find a more complete discussion of PowerShell cmdlet best practices here.
General Guidelines
Testing Guidelines
Cmdlet Signature Guidelines
ShouldProcessand haveSupportShouldProcess=truespecified in the cmdlet attribute. You can find more information onShouldProcesshere.OutputTypeattribute if any output is produced - if the cmdlet produces no output, it should implement aPassThruparameter.Cmdlet Parameter Guidelines