Feedback

Keep migration to new endpoint
2025-12-09 01:23:22 +00:00 · 2025-12-09 01:23:22 +00:00 · 2025-12-09 01:23:22 +00:00 · 2025-12-09 01:23:22 +00:00 · 2025-12-09 01:23:22 +00:00 · 2025-12-09 01:23:22 +00:00
2 changed files with 46 additions and 12 deletions
--- a/eng/common/pipelines/templates/steps/create-apireview.yml
+++ b/eng/common/pipelines/templates/steps/create-apireview.yml
@ -37,16 +37,18 @@ steps:
      parameters:
        WorkingDirectory: ${{ parameters.SourceRootPath }}

-    - task: Powershell@2
+    - task: AzureCLI@2
      inputs:
-        filePath: ${{ parameters.SourceRootPath }}/eng/common/scripts/Create-APIReview.ps1
+        azureSubscription: 'APIView prod deployment'
+        scriptType: pscore
+        scriptLocation: scriptPath
+        scriptPath: ${{ parameters.SourceRootPath }}/eng/common/scripts/Create-APIReview.ps1
        # PackageInfoFiles example: @('a/file1.json','a/file2.json')
        arguments: >
          -PackageInfoFiles @('${{ join(''',''', parameters.PackageInfoFiles) }}')
          -ArtifactList ('${{ convertToJson(parameters.Artifacts) }}' | ConvertFrom-Json | Select-Object Name)
          -ArtifactPath '${{parameters.ArtifactPath}}'
          -ArtifactName ${{ parameters.ArtifactName }}
-          -APIKey '$(azuresdk-apiview-apikey)'
          -PackageName '${{parameters.PackageName}}'
          -SourceBranch '$(Build.SourceBranchName)'
          -DefaultBranch '$(DefaultBranch)'
@ -54,7 +56,6 @@ steps:
          -BuildId '$(Build.BuildId)'
          -RepoName '$(Build.Repository.Name)'
          -MarkPackageAsShipped $${{parameters.MarkPackageAsShipped}}
-        pwsh: true
      displayName: Create API Review
      condition: >-
        and(
--- a/eng/common/scripts/Create-APIReview.ps1
+++ b/eng/common/scripts/Create-APIReview.ps1
@ -4,15 +4,13 @@ Param (
  [array] $ArtifactList,
  [Parameter(Mandatory=$True)]
  [string] $ArtifactPath,
-  [Parameter(Mandatory=$True)]
-  [string] $APIKey,
  [string] $SourceBranch,
  [string] $DefaultBranch,
  [string] $RepoName,
  [string] $BuildId,
  [string] $PackageName = "",
  [string] $ConfigFileDir = "",
-  [string] $APIViewUri = "https://apiview.dev/AutoReview",
+  [string] $APIViewUri = "https://apiview.dev/autoreview",
  [string] $ArtifactName = "packages",
  [bool] $MarkPackageAsShipped = $false,
  [Parameter(Mandatory=$False)]
@ -20,9 +18,28 @@ Param (
 )

 Set-StrictMode -Version 3
+
 . (Join-Path $PSScriptRoot common.ps1)
 . (Join-Path $PSScriptRoot Helpers ApiView-Helpers.ps1)

+# Get Bearer token for APIView authentication
+# In Azure DevOps, this uses the service connection's Managed Identity/Service Principal
+function Get-ApiViewBearerToken()
+{
+    try {
+        $tokenResponse = az account get-access-token --resource "api://apiview" --output json 2>&1
+        if ($LASTEXITCODE -ne 0) {
+            Write-Error "Failed to acquire access token: $tokenResponse"
+            return $null
+        }
+        return ($tokenResponse | ConvertFrom-Json).accessToken
+    }
+    catch {
+        Write-Error "Failed to acquire access token: $($_.Exception.Message)"
+        return $null
+    }
+}
+
 # Submit API review request and return status whether current revision is approved or pending or failed to create review
 function Upload-SourceArtifact($filePath, $apiLabel, $releaseStatus, $packageVersion, $packageType)
 {
@ -78,9 +95,17 @@ function Upload-SourceArtifact($filePath, $apiLabel, $releaseStatus, $packageVer
        Write-Host "Request param, compareAllRevisions: true"
    }

-    $uri = "${APIViewUri}/UploadAutoReview"
+    $uri = "${APIViewUri}/upload"
+    
+    # Get Bearer token for authentication
+    $bearerToken = Get-ApiViewBearerToken
+    if (-not $bearerToken) {
+        Write-Error "Failed to acquire Bearer token for APIView authentication."
+        return [System.Net.HttpStatusCode]::Unauthorized
+    }
+    
    $headers = @{
-        "ApiKey" = $apiKey;
+        "Authorization" = "Bearer $bearerToken";
        "content-type" = "multipart/form-data"
    }

@ -115,20 +140,28 @@ function Upload-ReviewTokenFile($packageName, $apiLabel, $releaseStatus, $review
    if($MarkPackageAsShipped) {
        $params += "&setReleaseTag=true"
    }
-    $uri = "${APIViewUri}/CreateApiReview?${params}"
+    $uri = "${APIViewUri}/create?${params}"
    if ($releaseStatus -and ($releaseStatus -ne "Unreleased"))
    {
        $uri += "&compareAllRevisions=true"
    }

    Write-Host "Request to APIView: $uri"
+    
+    # Get Bearer token for authentication
+    $bearerToken = Get-ApiViewBearerToken
+    if (-not $bearerToken) {
+        Write-Error "Failed to acquire Bearer token for APIView authentication."
+        return [System.Net.HttpStatusCode]::Unauthorized
+    }
+    
    $headers = @{
-        "ApiKey" = $APIKey;
+        "Authorization" = "Bearer $bearerToken"
    }

    try
    {
-        $Response = Invoke-WebRequest -Method 'GET' -Uri $uri -Headers $headers
+        $Response = Invoke-WebRequest -Method 'POST' -Uri $uri -Headers $headers
        Write-Host "API review: $($Response.Content)"
        $StatusCode = $Response.StatusCode
    }
Author	SHA1	Message	Date
Alitzel Mendez	e5a4c64c36	Feedback	2025-12-09 01:23:22 +00:00
Alitzel Mendez	1dc056f265	Keep migration to new endpoint	2025-12-09 01:23:22 +00:00
Alitzel Mendez	28ae0f9bba	Keep migration to new endpoint	2025-12-09 01:23:22 +00:00
Alitzel Mendez	ef74176810	Keep apikey fallback while migrating	2025-12-09 01:23:22 +00:00
Alitzel Mendez	b4ff6c4578	Additional clean up	2025-12-09 01:23:22 +00:00
Alitzel Mendez	cbff29908b	Remove testing logs	2025-12-09 01:23:22 +00:00
Alitzel Mendez	210faebfba	TEMP: Enable TestAuthOnly for pipeline testing	2025-12-09 01:23:22 +00:00
Alitzel Mendez	e528dc9c10	Add -TestAuth flag to verify Bearer token authentication	2025-12-09 01:23:22 +00:00
Alitzel Mendez	377d7094f5	Remove ApiKey usage	2025-12-09 01:23:22 +00:00