Enable E2E test coverage on internal Azure DevOps pipelines#3883
Merged
Conversation
Contributor
Author
iarekk
approved these changes
Jun 22, 2026
16d6aca to
c40391b
Compare
bgavrilMS
reviewed
Jun 22, 2026
4b53890 to
0a38932
Compare
iarekk
approved these changes
Jun 22, 2026
Tests should run on self-hosted agents (MSALMSIV2) that have the required certificates and KeyVault access. Tests with explicit Skip reasons are unaffected (they set Skip in the attribute usage, not the constructor). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The class did nothing after the auto-skip logic was removed. Replace all usages with [Fact] (keeping explicit Skip reasons intact) and inline the env-var check into OnlyOnAzureDevopsFactAttribute. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
0a38932 to
f1baa0b
Compare
bgavrilMS
approved these changes
Jun 23, 2026
This was referenced Jun 24, 2026
Merged
Closed
Closed
github-actions Bot
pushed a commit
to EelcoLos/nx-tinkering
that referenced
this pull request
Jun 30, 2026
Pinned [Microsoft.Identity.Web](https://github.com/AzureAD/microsoft-identity-web) at 4.11.0. <details> <summary>Release notes</summary> _Sourced from [Microsoft.Identity.Web's releases](https://github.com/AzureAD/microsoft-identity-web/releases)._ ## 4.11.0 ## What's Changed * Bump vitest from 3.2.4 to 4.1.0 in /tests/DevApps/SidecarAdapter/typescript by @dependabot[bot] in AzureAD/microsoft-identity-web#3836 * Bump MSAL.NET to 4.84.2 and align OWIN binding redirects by @gladjohn with @Copilot in AzureAD/microsoft-identity-web#3844 * docs(design): devex proposal for mTLS PoP on Managed Identity and FIC by @gladjohn in AzureAD/microsoft-identity-web#3832 * Prevent OpenIdConnectMiddlewareDiagnostics from logging sensitive values by @iarekk in AzureAD/microsoft-identity-web#3850 * Add MSI mTLS PoP support: pure MI + FIC-with-MI (impl for devex #3832) by @gladjohn in AzureAD/microsoft-identity-web#3839 * docs(design): devex proposal for Bearer tokens with bound credentials by @gladjohn in AzureAD/microsoft-identity-web#3833 * Add bound-credential support for Bearer tokens (cert + mTLS) by @gladjohn in AzureAD/microsoft-identity-web#3835 * Upgrade IdWeb Sidecar to .NET 10 (LTS) by @soodt in AzureAD/microsoft-identity-web#3841 * MTLS Without Tokens Support - MicrosoftIdentityMessageHandler Support by @tlupes in AzureAD/microsoft-identity-web#3815 * fix: include isTokenBinding in CCA cache key to prevent bearer/PoP collision by @gladjohn in AzureAD/microsoft-identity-web#3867 * Test + doc: x-ms-tokenboundauth header for AKV mTLS PoP via ExtraHeaderParameters by @gladjohn in AzureAD/microsoft-identity-web#3864 * Add mTLS PoP Copilot skill (certificate, MSI, FIC) by @gladjohn in AzureAD/microsoft-identity-web#3872 * Fix CVE-2026-48109: Pin MessagePack to patched version 2.5.301 by @soodt in AzureAD/microsoft-identity-web#3865 * Sidecar: gate agent identity parameters behind AllowOverrides by @iNinja in AzureAD/microsoft-identity-web#3871 * Bump System.Formats.Asn1 base version to 10.0.2 by @iarekk in AzureAD/microsoft-identity-web#3875 * Bump Microsoft.IdentityModel.* from 8.18.0 to 8.19.1 by @iarekk in AzureAD/microsoft-identity-web#3879 * Use IIdentityLogger for MSAL logging in TokenAcquisition and ManagedIdentityClientAssertion (#3820) by @neha-bhargava in AzureAD/microsoft-identity-web#3880 * Update Microsoft.Identity.Abstractions to 12.2.0 and MSAL to 4.85.0 by @neha-bhargava in AzureAD/microsoft-identity-web#3881 * Surface MSAL AuthenticationResultMetadata + exception details on AcquireTokenResult by @neha-bhargava in AzureAD/microsoft-identity-web#3856 * Flow outgoing request to header providers via AcquireTokenOptions by @neha-bhargava in AzureAD/microsoft-identity-web#3876 * Throw on Authority vs Instance/TenantId conflict (OIDC + MSAL parity) by @iarekk in AzureAD/microsoft-identity-web#3873 * Delete .github/workflows/evergreen.yml by @bgavrilMS in AzureAD/microsoft-identity-web#3803 * Add comprehensive authority configuration and precedence documentation by @jmprieur with @Copilot in AzureAD/microsoft-identity-web#3617 * Bump js-yaml from 4.1.1 to 4.2.0 in /tests/DevApps/SidecarAdapter/typescript by @dependabot[bot] in AzureAD/microsoft-identity-web#3862 * Move authority docs into docs/authority-configuration/ subfolder by @iarekk in AzureAD/microsoft-identity-web#3885 * Revert "Throw on Authority vs Instance/TenantId conflict (#3873)" by @iarekk in AzureAD/microsoft-identity-web#3888 * Update Microsoft.Identity.Client to 4.85.1 by @neha-bhargava in AzureAD/microsoft-identity-web#3889 * Enable E2E test coverage on internal Azure DevOps pipelines by @gladjohn in AzureAD/microsoft-identity-web#3883 * Bump esbuild and tsx in /tests/DevApps/SidecarAdapter/typescript by @dependabot[bot] in AzureAD/microsoft-identity-web#3859 * Skip AcquireTokenWithMtlsPop test: AAD westus3 test slice returns Bearer by @neha-bhargava in AzureAD/microsoft-identity-web#3892 ## New Contributors * @iarekk made their first contribution in AzureAD/microsoft-identity-web#3850 * @soodt made their first contribution in AzureAD/microsoft-identity-web#3841 **Full Changelog**: AzureAD/microsoft-identity-web@4.10.0...4.11.0 Commits viewable in [compare view](AzureAD/microsoft-identity-web@4.10.0...4.11.0). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Jun 30, 2026
Closed
Closed
Closed
Closed
Open
Open
Closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Removes the automatic skip behavior from
IgnoreOnAzureDevopsFactAttributeso that E2E tests run on self-hosted agents that have the required lab certificates and KeyVault access.Tests with explicit
Skipreasons (e.g., issue #2732, ephemeral tenant requirement) are unaffected — they setSkipat the usage site, not in the constructor.Motivation
These tests were being skipped on all Azure DevOps pipelines, but our self-hosted agents have the lab certificates (
CN=LabAuth.MSIDLab.com) and KeyVault access needed to run them successfully. This change enables full E2E test coverage in our internal pipelines.