Azure IPAM v4.0.0 Release #377
Open
DCMattyG wants to merge 184 commits into
Open
Conversation
…tion for Azure IPAM
…that were not being accounted for properly
…ue to improper handling of missing vNETs and vHUBs
…DataGrid component
…skipping explicit Service Principal removal.
Ran `npx @mui/codemod@latest deprecations/dialog-props src`. manageEndpoints.jsx is the only real migration; Table.jsx and newReservation.jsx are cosmetic recast reformatting.
…I v9)
Ran `npx @mui/codemod@latest deprecations/menu-props src` to convert
MenuListProps -> slotProps.list (generator.jsx, DataGrid.jsx).
The codemod doesn't handle Menu's PaperProps even though v9 removed it,
so migrated the 5 remaining sites manually to slotProps.paper:
- drawer.jsx (2x)
- manageEndpoints.jsx
- space.jsx
- block.jsx
Verified no PaperProps={ usages remain in src/ and no lint errors.
Ran `npx @mui/codemod@latest deprecations/tooltip-props src`. Touched InfoCellRenderer.jsx and admin.jsx — both purely mechanical PopperProps -> slotProps.popper conversions.
Ran `npx @mui/codemod@latest deprecations/autocomplete-props src`,
touching 11 files. Verified against the v9 Autocomplete API:
- componentsProps -> slotProps
- ListboxProps -> slotProps.listbox
- PopperComponent -> slots.popper
- renderInput's <TextField InputProps={...params.InputProps}>
-> <TextField slotProps={{...params.slotProps, input: {...}}}>
Ran `npx @mui/codemod@latest deprecations/text-field-props src`. Affected 10 files: - TextField inputProps -> slotProps.htmlInput - TextField InputProps -> slotProps.input The 2 remaining inputProps usages on OutlinedInput are intentionally left alone — OutlinedInput still accepts inputProps in v9.
settings.jsx imported `Unstable_Grid2 as Grid` from @mui/material,
which v9 removed (the new Grid IS the former Grid2). The v7.0.0/grid-props
codemod looks for named imports of `Grid`, not aliased `Unstable_Grid2`,
so this had to be done manually.
- Import: Unstable_Grid2 as Grid -> Grid
- <Grid xs={N}> -> <Grid size={{ xs: N }}>
Ran `npx @mui/codemod@latest v9.0.0/system-props src`, touching 23 files. For Box/Stack/Typography/Link/Grid/DialogContentText components, props like display, alignItems, justifyContent, position, top/left/right/bottom, mt/mb/ml/mr, etc. have been moved from component-level props into the sx prop. Typography palette tokens (e.g. color="textSecondary") were correctly preserved per the v9 API.
…I v9) The menu-props codemod doesn't recurse into Select's nested MenuProps, so this had to be done manually per the v9 migration guide.
- Consolidated `styled`, `createTheme`, `ThemeProvider` into one import from `@mui/material/styles` (replaces direct `@mui/system` dep). - Rewrote v4-era `overrides:` block as v9 `components.MuiCircularProgress.styleOverrides`, restoring the original rounded/thicker progress-circle styling that has been silently disabled since v5. - Dropped the dead `MuiLinearProgress` overrides — no `<LinearProgress>` is rendered inside this ThemeProvider's subtree.
v9 removed 23 legacy icon exports that ended with `Outline` (no 'd'). Renamed all in-use ones to their `Outlined` counterparts: - DeleteOutline -> DeleteOutlined (4 files) - ErrorOutline -> ErrorOutlined (reservations.jsx) - PieChartOutline -> PieChartOutlined (block.jsx) For aliased imports (e.g. `DeleteOutline as DeleteOutlineIcon`), only the imported name was changed; usage sites kept their local alias.
Upgrades all workflow actions to address the Node.js 20 deprecation warning and align with the latest available versions: - actions/checkout v4 -> v6 - actions/setup-node v4 -> v6 - actions/setup-python v5 -> v6 - actions/github-script v7 -> v9 - actions/create-github-app-token v2 -> v3 - azure/login v2 -> v3 - hadolint/hadolint-action v3.1.0 -> v3.3.0
…plugin-react-hooks@7 React Compiler 1.0 consolidated its lint rules into eslint-plugin-react-hooks@^7; the standalone eslint-plugin-react-compiler package is deprecated and pulled in the deprecated @babel/plugin-proposal-private-methods as a transitive dependency. * Swap eslint-plugin-react-compiler@19.1.0-rc.2 for eslint-plugin-react-hooks@7.1.x * Adopt reactHooks.configs.flat['recommended-latest'] preset * Disable react-hooks/set-state-in-effect (preserves prior incremental-cleanup stance) * Move ref-during-render assignments in refresh.jsx into useEffect (react-hooks/refs) * Suppress per-line known intentional patterns in DataGrid, manageEndpoints, peering
Hadolint v3.3.0 bundles a newer hadolint binary that newly enforces DL3041 (pin dnf install package versions). This mirrors the existing DL3008 suppression for apt — OS package version pinning makes base-image rebuilds brittle since distro repos don't retain old patch versions.
…ider Promotes the community xtratuscloud/azureipam provider from a footnote under IaC Examples to its own top-level section covering when to use it, provider configuration (with the recommended AZUREIPAM_TOKEN env-var pattern), a self-contained reservation + VNet snippet, and pointers to the Terraform Registry as the authoritative reference for the full resource and data source surface.
Switch the lodash dependency to lodash-es and update all named imports across 19 source files. The ES module build allows Vite/Rollup to tree-shake unused lodash methods, reducing the production bundle size. Also collapse two duplicate lodash-es imports in visualize.jsx into a single statement. No functional changes; import names and call sites are unchanged.
Moment.js is in maintenance mode and ships a large, non-tree-shakeable
bundle. Replace it with dayjs (a ~2KB drop-in) in reservations.jsx, the
only file using moment.
Add the localizedFormat plugin to preserve the 'lll' token used in the
reservation grid date columns. Output was verified identical to moment
for all call patterns (localized format, unix parsing, startOf('day')).
The browserslist field was inert: Vite uses esbuild/build.target for browser targeting and there is no autoprefixer, postcss-preset-env, or Babel config consuming it. Removing it eliminates misleading config with no functional effect.
Add an engines field to package.json mirroring the minimum versions already enforced in tools/build.ps1 (node >=22.12.0, npm >=10.9.2). This documents the toolchain contract in the standard location for Node-native tooling and contributors. Advisory only; not enforced at install time.
Add a "preview" script (vite preview) to smoke-test the production build locally, and a "lint:fix" script (eslint src/ --fix) for auto-fixable lint issues. Existing start, build, and lint scripts are unchanged.
Correct stale UBI8 container-image overrides in the deploy, update, and migrate scripts so private-registry RHEL builds use UBI9, matching the Dockerfile.rhel defaults. Raise the build-time Node.js floor to 22.22.0. - deploy/deploy.ps1: ubi8/nodejs-22 and ubi8/python-311 -> ubi9 equivalents - deploy/update.ps1: ubi8/nodejs-22 and ubi8/python-311 -> ubi9 equivalents - migrate/migrate.ps1: ubi8/nodejs-22 and ubi8/python-311 -> ubi9 equivalents - tools/build.ps1: bump MIN_NODE_VERSION 22.12.0 -> 22.22.0
Bump react-router 7.18.0 -> 8.0.1 (major). The UI uses declarative-mode routing (BrowserRouter / Routes / Route) with all imports already sourced from "react-router", so no application code changes were required. React Router v8 requires Node.js 22.22.0+, so the UI package "engines" floor is raised from 22.12.0 to 22.22.0 to match.
Migrate the publicly hosted Azure IPAM container registry from azureipam.azurecr.io to the new registry.azureipam.com FQDN across the deployment, migration, and update tooling. - deploy and migrate Bicep modules now default the public ACR URI to registry.azureipam.com (appService.bicep, functionApp.bicep) - update.ps1 now recognizes both the new and legacy public registries and auto-migrates existing App Service / Function deployments by rewriting the baked-in LinuxFxVersion to the new registry before restarting - testing workflow replace-string updated to match the new Bicep default - docs (update README) and the v4.0.0 release notes updated to reference both the new and legacy registries The legacy Docker Compose migration path (migrate.ps1) intentionally continues to reference azureipam.azurecr.io, since it only ever processes pre-existing legacy Docker Compose deployments. BREAKING CHANGE: public Azure IPAM images are now served from registry.azureipam.com instead of azureipam.azurecr.io. New and existing deployments continue to work (running update.ps1 auto-migrates existing ones), but any custom automation or pipelines that hardcoded azureipam.azurecr.io should be updated to registry.azureipam.com.
Replace the legacy AZURE_CREDENTIALS service-principal secret with workload identity federation (OIDC) in the Azure IPAM testing workflow, aligning it with the auth model already used by the build workflow. - Add top-level `permissions` block (id-token: write, contents: read) so GitHub can issue the OIDC token - Convert all three Azure Login steps (deploy, test, cleanup) to the client-id/tenant-id/subscription-id form using the new AZURE_TEST_CLIENT_ID, AZURE_TEST_TENANT_ID, and AZURE_TEST_SUBSCRIPTION_ID secrets - Preserve enable-AzPSSession so deploy.ps1's Get-AzContext / Get-AzAccessToken -> Connect-MgGraph chain continues to work Removes the last long-lived Azure credential secret from CI.
…delete The federated client assertion (GitHub OIDC token) is valid only a few minutes. The synchronous resource-group deletion could exceed that window, so the later Microsoft Graph (identity) and ACR data-plane (container) deletions failed with AADSTS700024 when acquiring tokens for their audiences. Run the identity and container cleanup first, while the assertion is still valid, and delete the resource group last (it reuses the ARM token cached at login). Mark all cleanup steps `if: always()` so resource, identity, and container teardown are best-effort and run independently of each other.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Azure IPAM v4.0.0
This is a major release that delivers significant framework upgrades, a data grid migration, authentication modernization, comprehensive documentation overhaul, revamped examples, and numerous bug fixes.
Major Framework & Dependency Upgrades
forwardRefwrappers (ref-as-prop), removal ofPropTypes, explicitnullforuseRef()calls, and migration ofLoadingButtontoButton@azure/msal-browser4.x → 5.x,@azure/msal-react3.x → 5.x): Removed obsolete config, consolidated event types, fixed silent token timeout recovery (timed_outerror code), and prevented iframe fallback timeout loopsag-grid-community/ag-grid-react36.x): Complete migration to AG Grid including centralizedDataGridcomponent, custom styling, column state persistence, unified data loading overlays, and custom cell renderers (drill-down, info, progress)vite7.x → 8.x,@vitejs/plugin-react5.x → 6.x): Migrated to Vite 8 which replaces Rollup with Rolldown and esbuild with Oxc for bundling, transforms, and minification. Removedvite-plugin-eslint2(redundant with editor-based linting and incompatible with Vite 8)@eslint-react/eslint-pluginv5,eslint-plugin-react-hooksv7 — which now consolidates the React Compiler lint rules per the React Compiler 1.0 release), replacingeslint-plugin-react. Addeddist/ignore, fixedno-useless-assignmentviolations, and removed unusedeslint-plugin-jest. Resolved all remaining lint warnings as part of the React 19 modernization —useContext→use,<Context.Provider>→<Context>, ref naming conventions, stable list keys, hoisted static styled components, migration ofSnackbarUtilsto notistack's standaloneenqueueSnackbar, and moved "ref assigned during render" patterns intouseEffect@mui/material7.3.x → 9.0.x,@mui/icons-material7.3.x → 9.0.x): Major two-version jump. Migrated deprecated component props to the unifiedslots/slotPropsAPI (largely via@mui/codemod), moved deprecated system props intosx, replaced the removedUnstable_Grid2with the new defaultGrid(usingsize={{ xs: N }}), renamed removedOutline(no "d") icon exports to theirOutlinedcounterparts, and removed@mui/lab(no longer needed —LoadingButton'sloadingprop is now native toButton)react-router7.x → 8.x): Major version upgrade. The UI uses declarative-mode routing (BrowserRouter/Routes/Route) with all imports already sourced fromreact-router, so no application code changes were required. v8 raises the minimum runtime to Node.js 22.22.0 (and React 19.2.7+)Engine & Backend
msal,azure-common,azure-keyvault-secrets, andsix; addedazure-mgmt-resource-subscriptionsto address Azure SDK module separationpyproject.tomlwith Ruff linter configuration (pycodestyle, pyflakes, isort). Resolved all lint violations across 18 engine files — bare except clauses, wildcard imports replaced with explicit names, unused imports/variables, invalid escape sequences, import sorting and groupingUI & UX Improvements
AuthHandlerfor MSAL error handling, centralized token acquisition viatokenServiceDraggablePapercomponent: Replacedreact-draggablepackage with a purpose-built componentDataGridandConfigureGridcomponents with shared filter utilities, consistent loading overlays, and AG Grid custom styling (brightnessfilter for row hover)Deployment, Build & Infrastructure
azureipam.azurecr.ioto the newregistry.azureipam.comendpoint. The deployment and migration Bicep templates now reference the new registry by default, while theupdatescript continues to recognize the legacyazureipam.azurecr.ioendpoint so existing deployments keep working. The Docker Compose migration tooling intentionally still targets the legacy endpoint, as it only ever processes pre-existing legacy deploymentsdeploy,update, andmigratePowerShell scriptsbuild.ps1version gate and the UIpackage.jsonenginesfieldADD→COPY, JSON notation forCMD/ENTRYPOINT,pipefailfor pipedRUNcommands). Added centralized.hadolint.yamlfor rule suppressionscheckout@v6,setup-node@v6,setup-python@v6,github-script@v9,create-github-app-token@v3,azure/login@v3,hadolint-action@v3.3.0) to address the Node.js 20 runner deprecationGet-AzAccessTokenbreaking changes (fixes Breaking changes to Get-AzAccessToken #343); updated deploy & migrate scriptsorg.opencontainers.image.version,.title,.source), stamped at build time via a newIPAM_VERSIONbuild arg. This lets you determine the exact version behind a floating tag likelatestby inspecting the registry — no pull or run required (e.g.docker buildx imagetools inspectoraz acr manifest show). Covers alldeb,rhel, andfuncvariants across the root, engine, ui, and lb images, with the build workflow passing--build-arg IPAM_VERSIONto everyaz acr build. Labels begin with the v4.0.0 release imagesv(^v) from the release tag, preserving suffixes such as-previewDocumentation Overhaul
.markdownlint.jsonconfigurationExamples
examples/scripts/folder with new helper scripts and READMETesting
Bug Fixes
Get-AzAccessTokenbreaking changes not accounted for[major]