diff --git a/src/Agent.Listener/Configuration/FeatureFlagProvider.cs b/src/Agent.Listener/Configuration/FeatureFlagProvider.cs index cdf9d6a8ed..8f6dfe2721 100644 --- a/src/Agent.Listener/Configuration/FeatureFlagProvider.cs +++ b/src/Agent.Listener/Configuration/FeatureFlagProvider.cs @@ -49,7 +49,7 @@ public async Task GetFeatureFlagAsync(IHostContext context, string var client = vssConnection.GetClient(); try { - return await client.GetFeatureFlagByNameAsync(featureFlagName); + return await client.GetFeatureFlagByNameAsync(featureFlagName, false); } catch(VssServiceException e) { Trace.Warning("Unable to retrive feature flag status: " + e.ToString()); diff --git a/src/Agent.Listener/JobDispatcher.cs b/src/Agent.Listener/JobDispatcher.cs index aa5834110b..2707da680c 100644 --- a/src/Agent.Listener/JobDispatcher.cs +++ b/src/Agent.Listener/JobDispatcher.cs @@ -17,7 +17,7 @@ using System.Linq; using Microsoft.VisualStudio.Services.Common; using System.Diagnostics; - +using Agent.Listener.Configuration; namespace Microsoft.VisualStudio.Services.Agent.Listener { @@ -88,6 +88,18 @@ public void Run(Pipelines.AgentJobRequestMessage jobRequestMessage, bool runOnce } } + var service = HostContext.GetService(); + string ffState; + try + { + ffState = service.GetFeatureFlagAsync(HostContext, "DistributedTask.Agent.EnableAdditionalMaskingRegexes", Trace)?.Result?.EffectiveState; + } + catch (Exception) + { + ffState = "On"; + } + jobRequestMessage.Variables[Constants.Variables.Features.EnableAdditionalMaskingRegexes] = ffState; + WorkerDispatcher newDispatch = new WorkerDispatcher(jobRequestMessage.JobId, jobRequestMessage.RequestId); if (runOnce) { diff --git a/src/Agent.Worker/Worker.cs b/src/Agent.Worker/Worker.cs index 9f7172709e..ee1783223b 100644 --- a/src/Agent.Worker/Worker.cs +++ b/src/Agent.Worker/Worker.cs @@ -10,6 +10,7 @@ using System.Threading.Tasks; using Microsoft.VisualStudio.Services.WebApi; using Agent.Sdk.Util; +using Agent.Sdk.Knob; namespace Microsoft.VisualStudio.Services.Agent.Worker { @@ -67,6 +68,23 @@ public async Task RunAsync(string pipeIn, string pipeOut) InitializeSecretMasker(jobMessage); SetCulture(jobMessage); + + System.Diagnostics.Debugger.Launch(); + var maskUsingCredScanRegexesState = "On"; + + if(jobMessage.Variables.TryGetValue(Constants.Variables.Agent.EnableAdditionalMaskingRegexes, out var enableAdditionalMaskingRegexes)) + { + maskUsingCredScanRegexesState = enableAdditionalMaskingRegexes.Value; + } + + if(maskUsingCredScanRegexesState == "On" && AgentKnobs.MaskUsingCredScanRegexes.GetValue(HostContext).AsBoolean() == true) + { + foreach (var pattern in AdditionalMaskingRegexes.CredScanPatterns) + { + HostContext.SecretMasker.AddRegex(pattern, $"HostContext_{WellKnownSecretAliases.CredScanPatterns}"); + } + } + // Start the job. Trace.Info($"Job message:{Environment.NewLine} {StringUtil.ConvertToJson(WorkerUtilities.ScrubPiiData(jobMessage))}"); Task jobRunnerTask = jobRunner.RunAsync(jobMessage, jobRequestCancellationToken.Token); diff --git a/src/Microsoft.VisualStudio.Services.Agent/Constants.cs b/src/Microsoft.VisualStudio.Services.Agent/Constants.cs index b817df299e..b4de4b7972 100644 --- a/src/Microsoft.VisualStudio.Services.Agent/Constants.cs +++ b/src/Microsoft.VisualStudio.Services.Agent/Constants.cs @@ -322,6 +322,7 @@ public static class Agent public static readonly string Version = "agent.version"; public static readonly string WorkFolder = "agent.workfolder"; public static readonly string WorkingDirectory = "agent.WorkingDirectory"; + public static readonly string EnableAdditionalMaskingRegexes = "agent.enableadditionalmaskingregexes"; } public static class Build @@ -371,6 +372,7 @@ public static class Features public static readonly string GitLfsSupport = "agent.source.git.lfs"; public static readonly string GitShallowDepth = "agent.source.git.shallowFetchDepth"; public static readonly string SkipSyncSource = "agent.source.skip"; + public static readonly string EnableAdditionalMaskingRegexes = "agent.enableadditionalmaskingregexes"; } public static class Maintenance diff --git a/src/Microsoft.VisualStudio.Services.Agent/HostContext.cs b/src/Microsoft.VisualStudio.Services.Agent/HostContext.cs index ce085db951..9ce85bb019 100644 --- a/src/Microsoft.VisualStudio.Services.Agent/HostContext.cs +++ b/src/Microsoft.VisualStudio.Services.Agent/HostContext.cs @@ -21,6 +21,7 @@ using System.Net.Http.Headers; using Pipelines = Microsoft.TeamFoundation.DistributedTask.Pipelines; using Agent.Sdk.Util; +using BuildXL.Cache.ContentStore.Interfaces.Tracing; namespace Microsoft.VisualStudio.Services.Agent { @@ -88,6 +89,7 @@ public class HostContext : EventListener, IObserver, IObserv public ShutdownReason AgentShutdownReason { get; private set; } public ILoggedSecretMasker SecretMasker => _secretMasker; public ProductInfoHeaderValue UserAgent => _userAgent; + public HostContext(HostType hostType, string logFile = null) { _secretMasker = new LoggedSecretMasker(_basicSecretMasker); @@ -106,13 +108,6 @@ public HostContext(HostType hostType, string logFile = null) this.SecretMasker.AddValueEncoder(ValueEncoders.UriDataEscape, $"HostContext_{WellKnownSecretAliases.UriDataEscape}"); this.SecretMasker.AddValueEncoder(ValueEncoders.BackslashEscape, $"HostContext_{WellKnownSecretAliases.UriDataEscape}"); this.SecretMasker.AddRegex(AdditionalMaskingRegexes.UrlSecretPattern, $"HostContext_{WellKnownSecretAliases.UrlSecretPattern}"); - if (AgentKnobs.MaskUsingCredScanRegexes.GetValue(this).AsBoolean()) - { - foreach (var pattern in AdditionalMaskingRegexes.CredScanPatterns) - { - this.SecretMasker.AddRegex(pattern, $"HostContext_{WellKnownSecretAliases.CredScanPatterns}"); - } - } // Create the trace manager. if (string.IsNullOrEmpty(logFile))