You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
### 2026-06-02: Named Value Token Canonicalization — Broadened Scope
110
+
111
+
**Problem:** Initial fix only canonicalized `{{namedValue}}` tokens in Logger credentials. Backend credentials also contain these tokens and fail validation when override casing differs from artifact names.
3. Policies/PolicyFragments use `{{tokens}}` in XML, not JSON payloads (handled separately)
117
+
118
+
**Solution:** Generalized normalization to traverse entire JSON payload recursively, not just Logger credentials. Renamed function: `normalizeLoggerCredentialNamedValueReferences` → `normalizeNamedValueReferences`. Applied to all resource types before PUT.
119
+
120
+
**Rationale:**
121
+
- Backend credentials affected today, not hypothetical
122
+
- Future-proof — new resource types with token support work automatically
Copy file name to clipboardExpand all lines: .squad/agents/testengineer/history.md
+40Lines changed: 40 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -172,3 +172,43 @@ Gotchas for future PowerShell work:
172
172
-`$x = if ($cond) { [List[T]]::new() }` assigns `$null` — PowerShell enumerates the empty list. Use `$x = $null; if ($cond) { $x = ... }`.
173
173
-`ProcessStartInfo.StandardOutputEncoding/StandardErrorEncoding` default to OEM on Windows; force UTF-8 or `az --debug` output mangles.
174
174
175
+
### 2026-05-19: Named Value Token Normalization Coverage Audit
176
+
177
+
**Context:** User raised concern that Logger credential token normalization (commit 4cb0fa3) might not cover other resources that also use `{{namedValue}}` tokens.
178
+
179
+
**Audit findings:**
180
+
1.**Current implementation**: Only Logger resources have token normalization (lines 118-124 in resource-publisher.ts)
181
+
2.**Current test coverage**: One test for Logger credential normalization (line 174-223 in resource-publisher.test.ts)
182
+
3.**Gap identified**: Backend resources can also use `{{namedValue}}` tokens in `credentials.header` and `credentials.query` properties
183
+
184
+
**Backend credentials structure from APIM REST API:**
185
+
```json
186
+
{
187
+
"credentials": {
188
+
"header": {
189
+
"Authorization": ["{{bearer-token}}"],
190
+
"x-api-key": ["{{api-key-namedvalue}}"]
191
+
},
192
+
"query": { ... },
193
+
"certificate": [ ... ]
194
+
}
195
+
}
196
+
```
197
+
198
+
**Action taken:**
199
+
- Added skipped test `should canonicalize backend credential named value references from overrides` to document the gap
200
+
- Test currently fails: expects `{{Backend-Auth-Token}}` (canonical casing) but receives `{{backend-auth-token}}` (from override)
201
+
- Test will pass once implementation is extended to Backend resources
202
+
- Created decision inbox note at `.squad/decisions/inbox/testengineer-named-value-coverage.md` recommending P2 extension
203
+
204
+
**Recommendation:** Generalize `normalizeLoggerCredentialNamedValueReferences()` to `normalizeCredentialNamedValueReferences()` and apply to both Logger and Backend resource types. The existing recursive logic already handles nested objects/arrays, so minimal code change required.
205
+
206
+
**Other resource types reviewed:**
207
+
-**Diagnostic**: References loggers by ARM ID, not named value tokens
208
+
-**Policies (XML)**: Already handle `{{namedValue}}` tokens, but as opaque XML content, not JSON properties
209
+
-**ApiOperation, PolicyFragment**: May use named values in future, but not documented in current APIM REST API
210
+
211
+
**Pattern reinforced:** When implementing normalization/canonicalization logic, audit all resource types that share similar property patterns. Skipped tests document known gaps and serve as regression coverage when gaps are closed.
212
+
213
+
**Result:** 34 tests passing, 1 skipped test documenting Backend normalization gap. Decision note created for team review.
0 commit comments