From 70d7ee755b19130f4328dc87bae89c12d3314d6e Mon Sep 17 00:00:00 2001 From: bogercraig <124094535+bogercraig@users.noreply.github.com> Date: Tue, 24 Jun 2025 12:50:21 -0700 Subject: [PATCH] Add Additional Config from Config.json and Clean Up Unused Config (#2178) * Cleaning up unused config from portal backend migration. * Remove config used during backend migration. * Add backend endpoint override from config.json. * Add AAD and ARM endpoint overrides from config.json. * Add GRAPH_ENDPOINT override from config.json. * Remove unused catalog api version. * Remove isTerminalEnabled from config. Cannot find reference in DE, DE Release, or Frontend. * Fix mongo client unit tests. * Removing BackendApi from constants since no longer referenced in the codebase. * Talked with Tara and added the CATALOG_API_VERSION back to the config and substituted out the hard coded string it was intended to replace. * Include existing portal backend endpoints in default allow list. * Add localhost:1234 endpoint for Mongo unit tests. * Removing old backend local test endpoint from backend endpoint list. --- configs/mpac.json | 3 +- configs/prod.json | 7 ++-- src/Common/Constants.ts | 9 ------ src/Common/MongoProxyClient.test.ts | 10 ------ src/ConfigContext.ts | 50 +++++++++++++---------------- src/SelfServe/SqlX/SqlX.rp.ts | 2 +- src/Utils/EndpointUtils.ts | 36 ++++++--------------- 7 files changed, 37 insertions(+), 80 deletions(-) diff --git a/configs/mpac.json b/configs/mpac.json index 0a8e7eaba..ea8f902d8 100644 --- a/configs/mpac.json +++ b/configs/mpac.json @@ -1,5 +1,4 @@ { "JUNO_ENDPOINT": "https://tools.cosmos.azure.com", - "isTerminalEnabled": true, "isPhoenixEnabled": true -} +} \ No newline at end of file diff --git a/configs/prod.json b/configs/prod.json index 656d09561..12d7e289b 100644 --- a/configs/prod.json +++ b/configs/prod.json @@ -1,5 +1,4 @@ { - "JUNO_ENDPOINT": "https://tools.cosmos.azure.com", - "isTerminalEnabled" : false, - "isPhoenixEnabled" : false -} + "JUNO_ENDPOINT": "https://tools.cosmos.azure.com", + "isPhoenixEnabled": false +} \ No newline at end of file diff --git a/src/Common/Constants.ts b/src/Common/Constants.ts index 0b0028732..b5b50d8fd 100644 --- a/src/Common/Constants.ts +++ b/src/Common/Constants.ts @@ -138,15 +138,6 @@ export enum MongoBackendEndpointType { remote, } -export class BackendApi { - public static readonly GenerateToken: string = "GenerateToken"; - public static readonly PortalSettings: string = "PortalSettings"; - public static readonly AccountRestrictions: string = "AccountRestrictions"; - public static readonly RuntimeProxy: string = "RuntimeProxy"; - public static readonly DisallowedLocations: string = "DisallowedLocations"; - public static readonly SampleData: string = "SampleData"; -} - export class PortalBackendEndpoints { public static readonly Development: string = "https://localhost:7235"; public static readonly Mpac: string = "https://cdb-ms-mpac-pbe.cosmos.azure.com"; diff --git a/src/Common/MongoProxyClient.test.ts b/src/Common/MongoProxyClient.test.ts index 0e41a6d35..ddd13b1eb 100644 --- a/src/Common/MongoProxyClient.test.ts +++ b/src/Common/MongoProxyClient.test.ts @@ -65,7 +65,6 @@ describe("MongoProxyClient", () => { }); updateConfigContext({ MONGO_PROXY_ENDPOINT: MongoProxyEndpoints.Prod, - globallyEnabledMongoAPIs: [], }); window.fetch = jest.fn().mockImplementation(fetchMock); }); @@ -84,7 +83,6 @@ describe("MongoProxyClient", () => { it("builds the correct proxy URL in development", () => { updateConfigContext({ MONGO_PROXY_ENDPOINT: "https://localhost:1234", - globallyEnabledMongoAPIs: [], }); queryDocuments(databaseId, collection, true, "{}"); expect(window.fetch).toHaveBeenCalledWith( @@ -101,7 +99,6 @@ describe("MongoProxyClient", () => { }); updateConfigContext({ MONGO_PROXY_ENDPOINT: MongoProxyEndpoints.Prod, - globallyEnabledMongoAPIs: [], }); window.fetch = jest.fn().mockImplementation(fetchMock); }); @@ -120,7 +117,6 @@ describe("MongoProxyClient", () => { it("builds the correct proxy URL in development", () => { updateConfigContext({ MONGO_PROXY_ENDPOINT: "https://localhost:1234", - globallyEnabledMongoAPIs: [], }); readDocument(databaseId, collection, documentId); expect(window.fetch).toHaveBeenCalledWith( @@ -137,7 +133,6 @@ describe("MongoProxyClient", () => { }); updateConfigContext({ MONGO_PROXY_ENDPOINT: MongoProxyEndpoints.Prod, - globallyEnabledMongoAPIs: [], }); window.fetch = jest.fn().mockImplementation(fetchMock); }); @@ -156,7 +151,6 @@ describe("MongoProxyClient", () => { it("builds the correct proxy URL in development", () => { updateConfigContext({ MONGO_PROXY_ENDPOINT: "https://localhost:1234", - globallyEnabledMongoAPIs: [], }); readDocument(databaseId, collection, documentId); expect(window.fetch).toHaveBeenCalledWith( @@ -173,7 +167,6 @@ describe("MongoProxyClient", () => { }); updateConfigContext({ MONGO_PROXY_ENDPOINT: MongoProxyEndpoints.Prod, - globallyEnabledMongoAPIs: [], }); window.fetch = jest.fn().mockImplementation(fetchMock); }); @@ -197,7 +190,6 @@ describe("MongoProxyClient", () => { }); updateConfigContext({ MONGO_PROXY_ENDPOINT: MongoProxyEndpoints.Prod, - globallyEnabledMongoAPIs: [], }); window.fetch = jest.fn().mockImplementation(fetchMock); }); @@ -216,7 +208,6 @@ describe("MongoProxyClient", () => { it("builds the correct proxy URL in development", () => { updateConfigContext({ MONGO_PROXY_ENDPOINT: "https://localhost:1234", - globallyEnabledMongoAPIs: [], }); deleteDocuments(databaseId, collection, [documentId]); expect(window.fetch).toHaveBeenCalledWith( @@ -233,7 +224,6 @@ describe("MongoProxyClient", () => { }); updateConfigContext({ MONGO_PROXY_ENDPOINT: MongoProxyEndpoints.Prod, - globallyEnabledMongoAPIs: [], }); }); diff --git a/src/ConfigContext.ts b/src/ConfigContext.ts index f09e5feb6..a29f59619 100644 --- a/src/ConfigContext.ts +++ b/src/ConfigContext.ts @@ -1,21 +1,15 @@ +import { CassandraProxyEndpoints, JunoEndpoints, MongoProxyEndpoints, PortalBackendEndpoints } from "Common/Constants"; import { - BackendApi, - CassandraProxyEndpoints, - JunoEndpoints, - MongoProxyEndpoints, - PortalBackendEndpoints, -} from "Common/Constants"; -import { - allowedAadEndpoints, allowedArcadiaEndpoints, allowedEmulatorEndpoints, - allowedGraphEndpoints, allowedHostedExplorerEndpoints, allowedJunoOrigins, allowedMsalRedirectEndpoints, + defaultAllowedAadEndpoints, defaultAllowedArmEndpoints, defaultAllowedBackendEndpoints, defaultAllowedCassandraProxyEndpoints, + defaultAllowedGraphEndpoints, defaultAllowedMongoProxyEndpoints, validateEndpoint, } from "Utils/EndpointUtils"; @@ -29,6 +23,8 @@ export enum Platform { export interface ConfigContext { platform: Platform; + allowedAadEndpoints: ReadonlyArray; + allowedGraphEndpoints: ReadonlyArray; allowedArmEndpoints: ReadonlyArray; allowedBackendEndpoints: ReadonlyArray; allowedCassandraProxyEndpoints: ReadonlyArray; @@ -37,10 +33,8 @@ export interface ConfigContext { gitSha?: string; proxyPath?: string; AAD_ENDPOINT: string; - ARM_AUTH_AREA: string; ARM_ENDPOINT: string; EMULATOR_ENDPOINT?: string; - ARM_API_VERSION: string; GRAPH_ENDPOINT: string; GRAPH_API_VERSION: string; // This is the endpoint to get offering Ids to be used to fetch prices. Refer to this doc: https://learn.microsoft.com/en-us/rest/api/marketplacecatalog/dataplane/skus/list?view=rest-marketplacecatalog-dataplane-2023-05-01-preview&tabs=HTTP @@ -50,27 +44,24 @@ export interface ConfigContext { ARCADIA_ENDPOINT: string; ARCADIA_LIVY_ENDPOINT_DNS_ZONE: string; PORTAL_BACKEND_ENDPOINT: string; - NEW_BACKEND_APIS?: BackendApi[]; MONGO_PROXY_ENDPOINT: string; CASSANDRA_PROXY_ENDPOINT: string; - NEW_CASSANDRA_APIS?: string[]; PROXY_PATH?: string; JUNO_ENDPOINT: string; GITHUB_CLIENT_ID: string; GITHUB_TEST_ENV_CLIENT_ID: string; GITHUB_CLIENT_SECRET?: string; // No need to inject secret for prod. Juno already knows it. - isTerminalEnabled: boolean; isPhoenixEnabled: boolean; hostedExplorerURL: string; armAPIVersion?: string; msalRedirectURI?: string; - globallyEnabledCassandraAPIs?: string[]; - globallyEnabledMongoAPIs?: string[]; } // Default configuration let configContext: Readonly = { platform: Platform.Portal, + allowedAadEndpoints: defaultAllowedAadEndpoints, + allowedGraphEndpoints: defaultAllowedGraphEndpoints, allowedArmEndpoints: defaultAllowedArmEndpoints, allowedBackendEndpoints: defaultAllowedBackendEndpoints, allowedCassandraProxyEndpoints: defaultAllowedCassandraProxyEndpoints, @@ -93,9 +84,7 @@ let configContext: Readonly = { gitSha: process.env.GIT_SHA, hostedExplorerURL: "https://cosmos.azure.com/", AAD_ENDPOINT: "https://login.microsoftonline.com/", - ARM_AUTH_AREA: "https://management.azure.com/", ARM_ENDPOINT: "https://management.azure.com/", - ARM_API_VERSION: "2016-06-01", GRAPH_ENDPOINT: "https://graph.microsoft.com", GRAPH_API_VERSION: "1.6", CATALOG_ENDPOINT: "https://catalogapi.azure.com/", @@ -109,11 +98,7 @@ let configContext: Readonly = { PORTAL_BACKEND_ENDPOINT: PortalBackendEndpoints.Prod, MONGO_PROXY_ENDPOINT: MongoProxyEndpoints.Prod, CASSANDRA_PROXY_ENDPOINT: CassandraProxyEndpoints.Prod, - NEW_CASSANDRA_APIS: ["postQuery", "createOrDelete", "getKeys", "getSchema"], - isTerminalEnabled: false, isPhoenixEnabled: false, - globallyEnabledCassandraAPIs: [], - globallyEnabledMongoAPIs: [], }; export function resetConfigContext(): void { @@ -128,19 +113,21 @@ export function updateConfigContext(newContext: Partial): void { return; } - if (!validateEndpoint(newContext.ARM_ENDPOINT, configContext.allowedArmEndpoints || defaultAllowedArmEndpoints)) { - delete newContext.ARM_ENDPOINT; + if (!validateEndpoint(newContext.AAD_ENDPOINT, configContext.allowedAadEndpoints || defaultAllowedAadEndpoints)) { + delete newContext.AAD_ENDPOINT; } - if (!validateEndpoint(newContext.AAD_ENDPOINT, allowedAadEndpoints)) { - delete newContext.AAD_ENDPOINT; + if (!validateEndpoint(newContext.ARM_ENDPOINT, configContext.allowedArmEndpoints || defaultAllowedArmEndpoints)) { + delete newContext.ARM_ENDPOINT; } if (!validateEndpoint(newContext.EMULATOR_ENDPOINT, allowedEmulatorEndpoints)) { delete newContext.EMULATOR_ENDPOINT; } - if (!validateEndpoint(newContext.GRAPH_ENDPOINT, allowedGraphEndpoints)) { + if ( + !validateEndpoint(newContext.GRAPH_ENDPOINT, configContext.allowedGraphEndpoints || defaultAllowedGraphEndpoints) + ) { delete newContext.GRAPH_ENDPOINT; } @@ -148,6 +135,15 @@ export function updateConfigContext(newContext: Partial): void { delete newContext.ARCADIA_ENDPOINT; } + if ( + !validateEndpoint( + newContext.PORTAL_BACKEND_ENDPOINT, + configContext.allowedBackendEndpoints || defaultAllowedBackendEndpoints, + ) + ) { + delete newContext.PORTAL_BACKEND_ENDPOINT; + } + if ( !validateEndpoint( newContext.MONGO_PROXY_ENDPOINT, diff --git a/src/SelfServe/SqlX/SqlX.rp.ts b/src/SelfServe/SqlX/SqlX.rp.ts index 3c3d9731b..da8b2b56f 100644 --- a/src/SelfServe/SqlX/SqlX.rp.ts +++ b/src/SelfServe/SqlX/SqlX.rp.ts @@ -269,7 +269,7 @@ export const getOfferingIds = async (regions: Array): Promise = [ "https://management.chinacloudapi.cn", ]; -export const allowedAadEndpoints: ReadonlyArray = [ +export const defaultAllowedAadEndpoints: ReadonlyArray = [ "https://login.microsoftonline.com/", "https://login.microsoftonline.us/", "https://login.partner.microsoftonline.cn/", ]; +export const defaultAllowedGraphEndpoints: ReadonlyArray = ["https://graph.microsoft.com"]; + export const defaultAllowedBackendEndpoints: ReadonlyArray = [ - "https://localhost:12901", "https://localhost:1234", + PortalBackendEndpoints.Development, + PortalBackendEndpoints.Mpac, + PortalBackendEndpoints.Prod, + PortalBackendEndpoints.Fairfax, + PortalBackendEndpoints.Mooncake, ]; -export const PortalBackendOutboundIPs: { [key: string]: string[] } = { - [PortalBackendEndpoints.Mpac]: ["13.91.105.215", "4.210.172.107"], - [PortalBackendEndpoints.Prod]: ["13.88.56.148", "40.91.218.243"], - [PortalBackendEndpoints.Fairfax]: ["52.247.163.6", "52.244.134.181"], - [PortalBackendEndpoints.Mooncake]: ["163.228.137.6", "143.64.170.142"], -}; - -export const MongoProxyOutboundIPs: { [key: string]: string[] } = { - [MongoProxyEndpoints.Mpac]: ["20.245.81.54", "40.118.23.126"], - [MongoProxyEndpoints.Prod]: ["40.80.152.199", "13.95.130.121"], - [MongoProxyEndpoints.Fairfax]: ["52.244.176.112", "52.247.148.42"], - [MongoProxyEndpoints.Mooncake]: ["52.131.240.99", "143.64.61.130"], -}; - export const defaultAllowedMongoProxyEndpoints: ReadonlyArray = [ + "https://localhost:1234", MongoProxyEndpoints.Development, MongoProxyEndpoints.Mpac, MongoProxyEndpoints.Prod, @@ -86,19 +79,8 @@ export const defaultAllowedCassandraProxyEndpoints: ReadonlyArray = [ CassandraProxyEndpoints.Mooncake, ]; -export const CassandraProxyOutboundIPs: { [key: string]: string[] } = { - [CassandraProxyEndpoints.Mpac]: ["40.113.96.14", "104.42.11.145"], - [CassandraProxyEndpoints.Prod]: ["137.117.230.240", "168.61.72.237"], - [CassandraProxyEndpoints.Fairfax]: ["52.244.50.101", "52.227.165.24"], - [CassandraProxyEndpoints.Mooncake]: ["40.73.99.146", "143.64.62.47"], -}; - export const allowedEmulatorEndpoints: ReadonlyArray = ["https://localhost:8081"]; -export const allowedMongoBackendEndpoints: ReadonlyArray = ["https://localhost:1234"]; - -export const allowedGraphEndpoints: ReadonlyArray = ["https://graph.microsoft.com"]; - export const allowedArcadiaEndpoints: ReadonlyArray = ["https://workspaceartifacts.projectarcadia.net"]; export const allowedHostedExplorerEndpoints: ReadonlyArray = ["https://cosmos.azure.com/"];