Sync tools code from main branch to generation branch

.azure-pipelines/daily-build.yml

@@ -29,10 +29,10 @@ jobs:
         git clean -xdf
 
   - task: PowerShell@2
-    displayName: Prepare Powershell $(PSVersion) 
+    displayName: Prepare Powershell $(PSVersion)
     inputs:
       filePath: 'tools/Test/SmokeTest/PrepareRequiredPowershell.ps1'
-      arguments: '-RequiredPsVersion $(PSVersion)'      
+      arguments: '-RequiredPsVersion $(PSVersion)'
 
   - task: PowerShell@2
     displayName: 'Install platyPS'
@@ -49,7 +49,7 @@ jobs:
     inputs:
       command: custom
       custom: msbuild
-      arguments: 'build.proj /t:"Build" /p:"Configuration=Release"'
+      arguments: 'build.proj /t:"Build" /p:"Configuration=Release;TurnOnTestCoverage=true"'
 
   - task: PowerShell@2
     displayName: 'Bump Version'
@@ -60,7 +60,7 @@ jobs:
         Get-PSRepository `
         ./tools/RunVersionController.ps1 -Release 'Daily Build $(today)' `
         Exit"
-        dotnet tool run pwsh -c $command  
+        dotnet tool run pwsh -c $command
 
   - task: PowerShell@2
     displayName: 'Clean artifacts folder'
@@ -74,7 +74,7 @@ jobs:
     inputs:
       command: custom
       custom: msbuild
-      arguments: 'build.proj /t:Build /p:Configuration=Release'
+      arguments: 'build.proj /t:Build /p:Configuration=Release;TurnOnTestCoverage=true'
 
   - task: EsrpCodeSigning@1
     inputs:
@@ -133,7 +133,7 @@ jobs:
       SessionTimeout: '60'
       MaxConcurrency: '50'
       MaxRetryAttempts: '5'
-  
+
   - task: EsrpCodeSigning@1
     displayName: 'Sign 3rd Party [Strong Name]'
     inputs:

.azure-pipelines/live-test.yml

@@ -0,0 +1,128 @@
+parameters:
+- name: win_image
+  displayName: Windows Image Version
+  type: string
+  default: windows-2019
+- name: linux_image
+  displayName: Linux Image Version
+  type: string
+  default: ubuntu-20.04
+- name: macOS_image
+  displayName: MacOS Image Version
+  type: string
+  default: macOS-11
+- name: win_ps_5_1
+  displayName: Windows PowerShell 5.1 Version
+  type: string
+  default: 5.1
+- name: ps_7_0_x
+  displayName: PowerShell 7.0.x Version
+  type: string
+  default: 7.0.13
+- name: ps_7_1_x
+  displayName: PowerShell 7.1.x Version
+  type: string
+  default: 7.1.7
+- name: ps_7_2_x
+  displayName: PowerShell 7.2.x Version
+  type: string
+  default: 7.2.7
+- name: ps_latest
+  displayName: PowerShell Latest Version
+  type: string
+  default: latest
+- name: dotnet_sdk_6
+  displayName: .NET 6 SDK Version
+  type: string
+  default: 6.0.x
+- name: dotnet_sdk_7
+  displayName: .NET 7 SDK Version
+  type: string
+  default: 7.0.x
+
+variables:
+  LiveTestArtifactsName: LiveTestArtifacts
+  LiveTestDataLocation: $(Pipeline.Workspace)/$(LiveTestArtifactsName)
+  EnableTestCoverage: true
+  TestCoverageLocation: $(LiveTestDataLocation)
+
+pr: none
+trigger: none
+
+jobs:
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'win_ps_5_1'
+    vmImage: ${{ parameters.win_image }}
+    psVersion: ${{ parameters.win_ps_5_1 }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_6 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_7_0_x_win'
+    vmImage: ${{ parameters.win_image }}
+    psVersion: ${{ parameters.ps_7_0_x }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_6 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_7_1_x_win'
+    vmImage: ${{ parameters.win_image }}
+    psVersion: ${{ parameters.ps_7_1_x }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_6 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_7_2_x_win'
+    vmImage: ${{ parameters.win_image }}
+    psVersion: ${{ parameters.ps_7_2_x }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_6 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_latest_win'
+    vmImage: ${{ parameters.win_image }}
+    psVersion: ${{ parameters.ps_latest }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_7 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_7_0_x_linux'
+    vmImage: ${{ parameters.linux_image }}
+    psVersion: ${{ parameters.ps_7_0_x }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_6 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_7_1_x_linux'
+    vmImage: ${{ parameters.linux_image }}
+    psVersion: ${{ parameters.ps_7_1_x }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_6 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_7_2_x_linux'
+    vmImage: ${{ parameters.linux_image }}
+    psVersion: ${{ parameters.ps_7_2_x }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_6 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_latest_linux'
+    vmImage: ${{ parameters.linux_image }}
+    psVersion: ${{ parameters.ps_latest }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_7 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_7_2_x_macOS'
+    vmImage: ${{ parameters.macOS_image }}
+    psVersion: ${{ parameters.ps_7_2_x }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_6 }}
+
+- template: util/live-test-steps.yml
+  parameters:
+    name: 'ps_latest_macOS'
+    vmImage: ${{ parameters.macOS_image }}
+    psVersion: ${{ parameters.ps_latest }}
+    dotnetVersion: ${{ parameters.dotnet_sdk_7 }}

.azure-pipelines/security-tools.yml

@@ -31,7 +31,7 @@ jobs:
     condition: eq(variables.IsGenerateBased, true)
     inputs:
       versionSpec: 14.17.1
-  
+
   - task: PowerShell@2
     displayName: Install autorest
     condition: eq(variables.IsGenerateBased, true)
@@ -54,6 +54,13 @@ jobs:
       scanFolder: SecurityTmp
       suppressionsFile: tools/SecurityTools/CredScanSuppressions.json
 
+  - task: PowerShell@2
+    displayName: Copy PDB for BinSkim
+    inputs:
+      targetType: inline
+      script: ./src/lib/pdb/CopyPdbToArtifacts.ps1
+      pwsh: true
+
   - task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@3
     displayName: Run BinSkim
     inputs:

.azure-pipelines/util/live-test-steps.yml

@@ -0,0 +1,111 @@
+parameters:
+- name: name
+- name: vmImage
+- name: psVersion
+- name: dotnetVersion
+
+jobs:
+- job: ${{ parameters.name }}
+  timeoutInMinutes: 180
+  pool:
+    vmImage: ${{ parameters.vmImage }}
+
+  steps:
+  - task: UseDotNet@2
+    condition: ne('${{ parameters.dotnetVersion }}', '')
+    displayName: Install desired .NET version ${{ parameters.dotnetVersion }}
+    inputs:
+      packageType: sdk
+      version: ${{ parameters.dotnetVersion }}
+
+  - task: PowerShell@2
+    displayName: Install desired Powershell version ${{ parameters.psVersion }}
+    inputs:
+      pwsh: true
+      targetType: filePath
+      filePath: ./tools/TestFx/Live/InitializeLiveTestEnvironment.ps1
+      arguments: -DesiredVersion ${{ parameters.psVersion }}
+
+  - task: PowerShell@2
+    displayName: Create live test data location directory
+    inputs:
+      pwsh: true
+      targetType: inline
+      script:
+        New-Item -Name $(LiveTestArtifactsName) -Path $(Pipeline.Workspace) -ItemType Directory -Force
+
+  - task: DownloadPipelineArtifact@2
+    condition: and(succeeded(), eq(variables['GalleryName'], 'DailyBuild'), eq(variables['BuildPipelineBuildId'], ''))
+    displayName: Download latest artifacts from daily build pipeline main branch
+    inputs:
+      buildType: specific
+      project: $(ProjectToDownloadArtifacts)
+      definition: $(BuildPipelineDefinitionId)
+      buildVersionToDownload: latestFromBranch
+      branchName: refs/heads/master
+      artifactName: $(ArtifactName)
+      targetPath: $(Pipeline.Workspace)
+
+  - task: DownloadPipelineArtifact@2
+    condition: and(succeeded(), eq(variables['GalleryName'], 'DailyBuild'), ne(variables['BuildPipelineBuildId'], ''))
+    displayName: Download specific artifacts from daily build pipeline
+    inputs:
+      buildType: specific
+      project: $(ProjectToDownloadArtifacts)
+      definition: $(BuildPipelineDefinitionId)
+      buildVersionToDownload: specific
+      pipelineId: $(BuildPipelineBuildId)
+      artifactName: $(ArtifactName)
+      targetPath: $(Pipeline.Workspace)
+
+  - task: PowerShell@2
+    condition: and(succeeded(), eq(variables['GalleryName'], 'DailyBuild'))
+    displayName: Copy artifacts to local repository
+    inputs:
+      pwsh: true
+      targetType: inline
+      script: |
+        $azPackagesDir = New-Item -Name AzPackages -Path $(LiveTestDataLocation) -ItemType Directory -Force
+        $azPackagesFiles = Join-Path -Path $(Pipeline.Workspace) -ChildPath *.nupkg
+        Move-Item -Path $azPackagesFiles -Destination $azPackagesDir
+        Get-ChildItem -LiteralPath $azPackagesDir
+
+  - task: PowerShell@2
+    displayName: Install desired Az module from $(GalleryName)
+    inputs:
+      pwsh: true
+      targetType: filePath
+      filePath: ./tools/TestFx/Live/InvokeLiveTestCITask.ps1
+      arguments: -UseWindowsPowerShell ('${{ parameters.psVersion }}' -eq '5.1') -ScriptFile './tools/TestFx/Live/InstallLiveTestAzModules.ps1 -Source $(GalleryName) -AzPackagesLocation (Convert-Path -LiteralPath $(LiveTestDataLocation) | Join-Path -ChildPath AzPackages)'
+
+  - task: PowerShell@2
+    displayName: Connect Azure with live test service principal
+    inputs:
+      pwsh: true
+      targetType: filePath
+      filePath: ./tools/TestFx/Live/InvokeLiveTestCITask.ps1
+      arguments: -UseWindowsPowerShell ('${{ parameters.psVersion }}' -eq '5.1') -ScriptFile './tools/TestFx/Live/ConnectLiveTestServicePrincipal.ps1 $(LiveTestServicePrincipalSubscriptionId) $(LiveTestServicePrincipalTenantId) $(LiveTestServicePrincipalId) $(LiveTestServicePrincipalSecret)'
+
+  - task: PowerShell@2
+    displayName: Run top E2E live scenarios
+    inputs:
+      pwsh: true
+      targetType: filePath
+      filePath: ./tools/TestFx/Live/InvokeLiveTestCITask.ps1
+      arguments: -UseWindowsPowerShell ('${{ parameters.psVersion }}' -eq '5.1') -ScriptFile './tools/TestFx/Live/InvokeLiveTestScenarios.ps1 $(Build.BuildId) ${{ parameters.vmImage }} ${{ parameters.psVersion }} $(Build.SourcesDirectory) $(LiveTestDataLocation)'
+      failOnStderr: true
+
+  - task: PowerShell@2
+    displayName: Save live test results to Kusto
+    inputs:
+      pwsh: true
+      targetType: filePath
+      filePath: ./tools/TestFx/Live/SaveLiveTestResult.ps1
+      arguments: $(KustoServicePrincipalTenantId) $(KustoServicePrincipalId) $(KustoServicePrincipalSecret) $(KustoClusterName) $(KustoClusterRegion) $(LiveTestDatabaseName) $(LiveTestTableName) $(TestCoverageTableName) $(LiveTestDataLocation)
+
+  - task: PublishPipelineArtifact@1
+    displayName: Publish live test results to pipeline artifact
+    inputs:
+      artifact: livetest-os-${{ parameters.vmImage }}-powershell-${{ parameters.psVersion }}
+      targetPath: $(LiveTestDataLocation)
+    condition: always()

build.proj

@@ -74,9 +74,12 @@
     <DockerRoot>$(RepoRoot)docker</DockerRoot>
     <DockerTools>$(RepoTools)Docker</DockerTools>
     <DockerImageName Condition="'$(DockerImageName)' == ''">azure-powershell</DockerImageName>
- 
-    <!-- XML documentation related -->    
+
+    <!-- XML documentation related -->
     <GenerateDocumentationFile Condition="'$(GenerateDocumentationFile)' != 'false'">true</GenerateDocumentationFile>
+
+    <!-- Test coverage flag -->
+    <TurnOnTestCoverage Condition="'$(TurnOnTestCoverage)' != 'true'">false</TurnOnTestCoverage>
   </PropertyGroup>
 
   <!-- Tasks -->
@@ -194,9 +197,9 @@
       <BuildAction Condition="'$(Configuration)' != 'Release'">build</BuildAction>
       <BuildAction Condition="'$(Configuration)' == 'Release'">publish</BuildAction>
     </PropertyGroup>
-  
-    <Exec Command="$(PowerShellCoreCommandPrefix) &quot;.\tools\ExecuteCIStep.ps1 -Build -RepoArtifacts $(RepoArtifacts) -Configuration $(Configuration) -GenerateDocumentationFile $(GenerateDocumentationFile) -BuildAction $(BuildAction)&quot;" />
-  
+
+    <Exec Command="$(PowerShellCoreCommandPrefix) &quot;.\tools\ExecuteCIStep.ps1 -Build -RepoArtifacts $(RepoArtifacts) -Configuration $(Configuration) -GenerateDocumentationFile $(GenerateDocumentationFile) -EnableTestCoverage $(TurnOnTestCoverage) -BuildAction $(BuildAction)&quot;" />
+
     <!-- Build version controller -->
     <Exec Command="dotnet build $(RepoTools)VersionController/VersionController.Netcore.csproj -c $(Configuration)" />
 

src/lib/pdb/CopyPdbToArtifacts.ps1

@@ -0,0 +1,20 @@
+# BinSkim, one step in static analysis, requires PDB to analyze assemblies.
+# In most cases it can find them without extra configuration.
+# However for special cases, we need to copy the PDB to the same folder as the assemblies so that BinSkim can find them,,
+# and that is the purpose of this script.
+
+Param(
+    [string]$Configuration = "Debug"
+)
+
+$PathMappings = @{
+    'msalruntime.pdb' = 'Az.Accounts/lib/netstandard2.0'
+    'msalruntime_x86.pdb' = 'Az.Accounts/lib/netstandard2.0'
+}
+
+$ArtifactsPath = [System.IO.Path]::Combine($PSScriptRoot, "../../../artifacts", $Configuration)
+$PathMappings.Keys | ForEach-Object {
+    $Source = [System.IO.Path]::GetFullPath("$PSScriptRoot/$_")
+    $Destination = [System.IO.Path]::Combine($ArtifactsPath, $PathMappings[$_])
+    Copy-Item -Path $Source -Destination $Destination
+}

src/lib/pdb/README.md

@@ -0,0 +1,25 @@
+## What is this directory for
+
+In the [security tools pipeline](../../../.azure-pipelines/security-tools.yml), one step called BinSkim would scan all of the assemblies and executables in the artifacts. When scanning assemblies, it requires the corresponding Program Database (PDB) files. Most cases BinSkim is smart enough to find them, for example by downloading the symbol package from nuget.org. However if it fails to do so, you could get an [`E_PDB_NOT_FOUND`](https://github.com/microsoft/binskim/blob/7b64cf4ff69d2c6d8c4945be821d361b24e2169f/docs/RulesAndErrorsTroubleshootingGuide.md#resolving-e_pdb_not_found) error.
+
+The solution is to grab the PDB file elsewhere (maybe by asking the developers), and then put them next to the assemblies. But keep in mind that we don't want to ship them to the end user because they are useless at runtime and they are big.
+
+This directory serves as an E2E solution. You put the PDB files here, tell the script where their corresponding assemblies are, and the script will copy them to the right place before the BinSkim scan.
+
+## How to add a new PDB file
+
+1. Put the PDB file in `src/lib/pdb`.
+2. Update [`CopyPdbToArtifacts.ps1`](./CopyPdbToArtifacts.ps1), in the hashtable `$PathMappings`, add a new entry of the PDB's name and its destination, i.e. where the corresponding .dll file lies in artifacts.
+3. Check in and push your code. Note that PDB files are ignored by `.gitignore`. You need to explicitly add them by `git add -f path/to/*.pdb`.## What is lib/pdb for
+
+In the [security tools pipeline](../../../.azure-pipelines/security-tools.yml), one step called BinSkim would scan all of the assemblies and executables in the artifacts. When scanning assemblies, it requires the corresponding Program Database (PDB) files. Most cases BinSkim is smart enough to find them, for example by downloading the symbol package from nuget.org. However if it fails to do so, you could get an [`E_PDB_NOT_FOUND`](https://github.com/microsoft/binskim/blob/7b64cf4ff69d2c6d8c4945be821d361b24e2169f/docs/RulesAndErrorsTroubleshootingGuide.md#resolving-e_pdb_not_found) error.
+
+The solution is to grab the PDB file elsewhere (maybe by asking the developers), and then put them next to the assemblies. But keep in mind that we don't want to ship them to the end user because they are useless at runtime and they are big.
+
+This directory serves as an E2E solution. You put the PDB files here, tell the script where their corresponding assemblies are, and the script will copy them to the right place before the BinSkim scan.
+
+## How to add a new PDB file
+
+1. Put the PDB file in `src/lib/pdb`.
+2. Update [`CopyPdbToArtifacts.ps1`](./CopyPdbToArtifacts.ps1), in the hashtable `$PathMappings`, add a new entry of the PDB's name and its destination, i.e. where the corresponding .dll file lies in artifacts.
+3. Check in and push your code. Note that PDB files are ignored by `.gitignore`. You need to explicitly add them by `git add -f path/to/*.pdb`.

src/shared/ConfigKeys.cs

@@ -29,6 +29,7 @@ internal static class ConfigKeys
         public const string DefaultSubscriptionForLogin = "DefaultSubscriptionForLogin";
         public const string EnableDataCollection = "EnableDataCollection";
         public const string EnableTestCoverage = "EnableTestCoverage";
+        public const string EnableLoginByWam = "EnableLoginByWam";
         public const string TestCoverageLocation = "TestCoverageLocation";
     }
 }