[LinuxConsumption]Changing TokenService MSI sidecar specialization API to 2022-01-01 (#9077)

Author: karshinlin

src/WebJobs.Script.WebHost/Models/MSIContext.cs

@@ -12,5 +12,11 @@ public class MSIContext
         public string MSISecret { get; set; }
 
         public IEnumerable<ManagedServiceIdentity> Identities { get; set; }
+
+        public ManagedServiceIdentity SystemAssignedIdentity { get; set; }
+
+        public IEnumerable<ManagedServiceIdentity> UserAssignedIdentities { get; set; }
+
+        public IEnumerable<ManagedServiceIdentity> DelegatedIdentities { get; set; }
     }
 }

src/WebJobs.Script/ScriptConstants.cs

@@ -165,7 +165,7 @@ public static class ScriptConstants
         public const string LinuxMetricEventStreamName = "MS_FUNCTION_METRICS";
         public const string LinuxFunctionDetailsEventStreamName = "MS_FUNCTION_DETAILS";
         public const string LinuxAzureMonitorEventStreamName = "MS_FUNCTION_AZURE_MONITOR_EVENT";
-        public const string LinuxMSISpecializationStem = "/api/specialize?api-version=2017-09-01";
+        public const string LinuxMSISpecializationStem = "/api/specialize?api-version=2022-01-01";
 
         public const string DurableTaskPropertyName = "durableTask";
         public const string DurableTaskHubName = "HubName";

test/WebJobs.Script.Tests.Integration/Management/InstanceManagerTests.cs

@@ -618,6 +618,56 @@ public async Task SpecializeMSISidecar_Succeeds()
                 p => Assert.StartsWith("Specialize MSI sidecar returned OK", p));
         }
 
+        [Fact]
+        public async Task SpecializeMsiSidecar_RequiredPropertiesInPayload()
+        {
+            var environment = new Dictionary<string, string>()
+            {
+                { EnvironmentSettingNames.MsiEndpoint, "http://localhost:8081" },
+                { EnvironmentSettingNames.MsiSecret, "secret" }
+            };
+            var assignmentContext = new HostAssignmentContext
+            {
+                SiteId = 1234,
+                SiteName = "TestSite",
+                Environment = environment,
+                IsWarmupRequest = false,
+                MSIContext = new MSIContext()
+                {
+                    SiteName = "TestSite",
+                    MSISecret = "TestSecret1234",
+                    Identities = new[] { new ManagedServiceIdentity() },
+                    SystemAssignedIdentity = new ManagedServiceIdentity(),
+                    DelegatedIdentities = new[] { new ManagedServiceIdentity() },
+                    UserAssignedIdentities = new[] { new ManagedServiceIdentity() },
+                }
+            };
+
+            static async void verifyProperties(HttpRequestMessage request, CancellationToken token)
+            {
+                var requestContent = await request.Content.ReadAsStringAsync(token);
+                var msiContext = JsonConvert.DeserializeObject<MSIContext>(requestContent);
+                Assert.NotNull(msiContext);
+                Assert.NotNull(msiContext.Identities);
+                Assert.NotNull(msiContext.SystemAssignedIdentity);
+                Assert.NotNull(msiContext.UserAssignedIdentities);
+                Assert.NotNull(msiContext.DelegatedIdentities);
+                Assert.True(!string.IsNullOrEmpty(msiContext.MSISecret));
+                Assert.True(!string.IsNullOrEmpty(msiContext.SiteName));
+            }
+
+            var instanceManager = GetInstanceManagerForMSISpecialization(assignmentContext, HttpStatusCode.OK, null, customAction: verifyProperties);
+
+            string error = await instanceManager.SpecializeMSISidecar(assignmentContext);
+            Assert.Null(error);
+
+            var logs = _loggerProvider.GetAllLogMessages().Select(p => p.FormattedMessage).ToArray();
+            Assert.Collection(logs,
+                p => Assert.StartsWith("MSI enabled status: True", p),
+                p => Assert.StartsWith("Specializing sidecar at http://localhost:8081", p),
+                p => Assert.StartsWith("Specialize MSI sidecar returned OK", p));
+        }
+
         [Fact]
         public async Task SpecializeMSISidecar_NoOp_ForWarmup_Request()
         {
@@ -1252,7 +1302,7 @@ private static bool MatchesRunFromPackageContext(RunFromPackageContext r, string
         }
 
         private AtlasInstanceManager GetInstanceManagerForMSISpecialization(HostAssignmentContext hostAssignmentContext,
-            HttpStatusCode httpStatusCode, IMeshServiceClient meshServiceClient)
+            HttpStatusCode httpStatusCode, IMeshServiceClient meshServiceClient, Action<HttpRequestMessage, CancellationToken> customAction = null)
         {
             var handlerMock = new Mock<HttpMessageHandler>(MockBehavior.Strict);
 
@@ -1262,7 +1312,9 @@ private AtlasInstanceManager GetInstanceManagerForMSISpecialization(HostAssignme
                 ItExpr.Is<HttpRequestMessage>(request => request.Method == HttpMethod.Post
                                                          && request.RequestUri.AbsoluteUri.Equals(msiEndpoint)
                                                          && request.Content != null),
-                ItExpr.IsAny<CancellationToken>()).ReturnsAsync(new HttpResponseMessage
+                ItExpr.IsAny<CancellationToken>())
+                .Callback<HttpRequestMessage, CancellationToken>((request, token) => customAction?.Invoke(request, token))
+                .ReturnsAsync(new HttpResponseMessage
                 {
                     StatusCode = httpStatusCode
                 });