AgentBaker icon indicating copy to clipboard operation
AgentBaker copied to clipboard
verified publisher icon Azure

feat: harden linux VHD builds with user-delegation SAS tokens

Open cameronmeissner opened this issue 1 year ago • 1 comments

What type of PR is this?

What this PR does / why we need it:

has linux VHD builds use user-delegation SAS tokens created via the agent pool's managed identity rather than generating SAS tokens using a hard-coded connection string - this will make builds more secure by preventing risk of exposing connection string secrets, as well as capping SAS token TTL to 7 days due to user delegation key TTL constraints

Which issue(s) this PR fixes:

Fixes #

Requirements:

Special notes for your reviewer:

Release note:

none

cameronmeissner avatar Apr 12 '24 18:04 cameronmeissner

Pull Request Test Coverage Report for Build 8668978062

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 79.146%
Totals Coverage Status
Change from base Build 8668863321: 0.0%
Covered Lines: 2372
Relevant Lines: 2997
💛 - Coveralls

coveralls avatar Apr 12 '24 18:04 coveralls

addressed in #4462

cameronmeissner avatar Jun 05 '24 19:06 cameronmeissner