Squashed all previous commits into one

.azure-pipelines/templates/azdev_setup.yml

@@ -17,6 +17,8 @@ steps:
       pip install azdev
       azdev --version
       azdev setup -c $CLI_REPO_PATH -r $CLI_EXT_REPO_PATH --debug
+      # Installing setuptools with a version higher than 70.0.0 will not generate metadata.json
+      pip install setuptools==70.0.0
       pip list -v
       az --version
     displayName: 'azdev setup'

.github/CODEOWNERS

@@ -294,7 +294,7 @@
 
 /src/alb/ @jaishals
 
-/src/aosm/ @sunnycarter
+/src/aosm/ @priyavj08
 
 /src/managedccfs/ @msftsettiy
 
@@ -320,7 +320,7 @@
 
 /src/azurelargeinstance/ @8Gitbrix
 
-/src/k8s-runtime/ @ddadaal @HE-Xinyu
+/src/k8s-runtime/ @ddadaal @HE-Xinyu @upxinxin
 
 /src/mdp/ @ajaykn
 

.github/policies/resourceManagement.yml

@@ -5114,6 +5114,8 @@ configuration:
           reviewer: jsntcy
       - requestReview:
           reviewer: bebound
+      - requestReview:
+          reviewer: Pan-Qi
       - assignTo:
           users:
           - wangzelin007
@@ -6365,5 +6367,27 @@ configuration:
           - kairu-ms
           - AllyW
       description: '[PowerBI] Auto assign labels and reviewers based on PR title/description.'
+    - if:
+      - payloadType: Pull_Request
+      - isAction:
+          action: Opened
+      - or:
+        - titleContains:
+            pattern: 'k8s-runtime'
+            isRegex: True
+        - bodyContains:
+            pattern: 'k8s-runtime'
+            isRegex: True
+      then:
+      - addLabel:
+          label: Auto-Assign
+      - requestReview:
+          reviewer: yonzhan
+      - requestReview:
+          reviewer: ReaNAiveD
+      - assignTo:
+          users:
+          - ReaNAiveD
+      description: '[k8s-runtime] Auto assign labels and reviewers based on PR title/description.'
 onFailure: 
 onSuccess: 

.github/workflows/ProcessCodeReview.yml

@@ -0,0 +1,115 @@
+name: Auto Review PR 
+
+on:
+  pull_request_target:
+      types: [opened, synchronize]
+      branches:
+        - main
+
+permissions: {}
+
+jobs:
+  pr-code-review:
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'skip-code-review') }}
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: read
+      contents: read
+    steps:
+      - name: Check Init Event
+        env:
+           action: ${{ toJSON(github.event.action) }}
+           label: ${{ toJSON(github.event.label) }}
+        run: |
+          echo start review module changed
+      - name: Set up Python 3.11
+        uses: actions/setup-python@v3
+        with:
+           python-version: "3.11"
+      - name: Checkout CLI extension repo
+        uses: actions/checkout@master
+        with:
+          fetch-depth: 0 # checkout all branches
+          ref: ${{ github.event.pull_request.head.ref }}
+          repository: ${{ github.event.pull_request.head.repo.full_name }}  # checkout pull request branch
+      - name: Show workdirectory after site cloned
+        run: |
+           pwd
+           ls
+      - name: Get Diff Modules
+        env:
+          bash_sha: ${{ github.event.pull_request.base.sha }}
+          base_branch: ${{ github.event.pull_request.base.ref }}
+          base_branch_pre: "upstream"
+          diff_sha: ${{ github.event.pull_request.head.sha }}
+          diff_branch: ${{ github.event.pull_request.head.ref }}
+          repo_full_name: ${{ github.event.pull_request.head.repo.full_name }}
+        run: |
+            set -x
+            git --version
+            git log --oneline | head -n 30
+            git branch -a
+            git fetch https://github.com/Azure/azure-cli-extensions.git "$base_branch":"$base_branch_pre"/"$base_branch"
+            git checkout "$base_branch_pre"/"$base_branch"
+            git log --oneline | head -n 30
+            git checkout "$diff_branch"
+            git log --oneline | head -n 30
+            git --no-pager diff --name-only --diff-filter=ACMRT "$base_branch_pre"/"$base_branch"..."$diff_branch" > changed_files
+            cat changed_files
+            echo "changed_module_list=$(cat changed_files | grep azext_ | awk -F"azext_" '{print $1}'| awk -F"/" '{print $2}' | sort | uniq | xargs)" >> $GITHUB_ENV
+      - name: Display Diff Modules
+        run: |
+            for mod in "$changed_module_list"
+            do
+              echo changed module: "${mod}"
+            done
+      - name: Check whether aaz-related Module
+        id: check_if_aaz_used
+        env:
+          pr_label_list: ${{ toJson(github.event.pull_request.labels.*.name) }}
+          result_path: "./review_result"
+          output_file: "is_aaz_check.txt"
+          survey_comment_file: "aaz_survey_comment.txt"
+          base_branch: ${{ github.event.pull_request.base.ref }}
+          base_branch_pre: "upstream"
+        run: |
+           set -ev
+           mkdir ${result_path}
+           git checkout "$base_branch_pre"/"$base_branch" -- scripts
+           python scripts/ci/codegen_cal.py --job check
+           ls ${result_path}
+      - name: Archive production artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: review-code-output
+          path: |
+            review_result
+          retention-days: 1
+  action-on-output:
+    needs: pr-code-review
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      contents: read
+    steps:
+      - name: Download code review result
+        uses: actions/download-artifact@v4
+        with:
+          name: review-code-output
+      - name: Show workdirectory after result downloaded
+        run: |
+           pwd
+           ls
+      - name: Check comment file existence
+        id: check_survey_comment_file
+        uses: andstor/file-existence-action@v3
+        with:
+          files: "./aaz_survey_comment.txt"
+      - name: Comment survey on the pull request
+        if: steps.check_survey_comment_file.outputs.files_exists == 'true'
+        uses: mshick/add-pr-comment@v2
+        with:
+           repo-token: ${{ secrets.GITHUB_TOKEN }}
+           message-id: aazSurveyCommentBot
+           message-path: |
+            aaz_survey_comment.txt  

CODE_OF_CONDUCT.md

@@ -0,0 +1,10 @@
+# Microsoft Open Source Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+
+Resources:
+
+- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+- Contact [[email protected]](mailto:[email protected]) with questions or concerns
+- Employees can reach out at [aka.ms/opensource/moderation-support](https://aka.ms/opensource/moderation-support)

azure-pipelines.yml

@@ -18,21 +18,18 @@ jobs:
   pool:
     name: 'pool-windows-2019'
   steps:
-#  - task: ms-codeanalysis.vss-microsoft-security-code-analysis-devops.build-task-credscan.CredScan@2
-#    displayName: 'Run Credential Scanner'
-#    inputs:
-#      toolMajorVersion: V2
-#      suppressionsFile: './scripts/ci/credscan/CredScanSuppressions.json'
-#      toolVersionV2: '2.1.17'
-  - task: ms-codeanalysis.vss-microsoft-security-code-analysis-devops.build-task-postanalysis.PostAnalysis@1
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3
+    displayName: 'Run Credential Scanner'
+    inputs:
+      toolVersion: latest
+      suppressionsFile: './scripts/ci/credscan/CredScanSuppressions.json'
+
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@2
     displayName: 'Post Analysis'
     inputs:
-      AllTools: false
-      BinSkim: false
-      CredScan: true
-      RoslynAnalyzers: false
-      TSLint: false
-      ToolLogsNotFoundAction: 'Standard'
+      GdnBreakAllTools: false
+      GdnBreakGdnToolCredScan: true
+      GdnBreakGdnToolCredScanSeverity: Error
 
 - job: PolicyCheck
   displayName: "Policy Check"