Conversation
Closed
3 tasks
…government Agent-Logs-Url: https://github.com/Azure/azure-sdk-for-java/sessions/5f56cd61-af29-4585-a48b-d7bc109977a6 Co-authored-by: rujche <171773178+rujche@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Fix azure.scopes configuration for Azure China profile
Fix azure.scopes defaulting to Azure Global when cloud-type=azure_china/azure_us_government
Apr 3, 2026
rujche
reviewed
Apr 3, 2026
Agent-Logs-Url: https://github.com/Azure/azure-sdk-for-java/sessions/2f82f4f9-ea2e-46a7-a2fc-062b403c19bd Co-authored-by: rujche <171773178+rujche@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Fixes passwordless JDBC azure.scopes resolution so that when spring.cloud.azure.profile.cloud-type is set (e.g., azure_china / azure_us_government) and JDBC-specific scopes aren’t explicitly configured, the effective default scope is derived from the merged cloud type (instead of incorrectly defaulting to Azure Global).
Changes:
- Update JDBC passwordless properties so
getScopes()returns the raw (possibly null) configured value, and addgetEffectiveScopes()for cloud-aware defaults; ensure JDBC URL generation uses the effective scopes. - Adjust
copyAzureCommonPropertiesIgnoreNullto avoid overwriting target scopes when the source scopes are null. - Update/add tests for China/US Gov scope behavior and update changelogs.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| sdk/spring/spring-cloud-azure-core/src/main/java/com/azure/spring/cloud/core/implementation/util/AzurePasswordlessPropertiesUtils.java | Adds null-guard around copying scopes during passwordless property merge. |
| sdk/spring/spring-cloud-azure-core/CHANGELOG.md | Notes the change in scopes merge behavior. |
| sdk/spring/spring-cloud-azure-autoconfigure/src/main/java/com/azure/spring/cloud/autoconfigure/implementation/passwordless/properties/AzureJdbcPasswordlessProperties.java | Separates raw vs effective scopes and ensures toPasswordlessProperties() uses cloud-aware default scopes. |
| sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/passwordless/MergeAzureCommonPropertiesTest.java | Adds merge tests validating JDBC effective scopes behavior. |
| sdk/spring/spring-cloud-azure-autoconfigure/src/test/java/com/azure/spring/cloud/autoconfigure/implementation/jdbc/JdbcPropertiesBeanPostProcessorTest.java | Fixes US Gov expected scope and adds Azure China scenario coverage. |
| sdk/spring/spring-cloud-azure-autoconfigure/CHANGELOG.md | Adds a bug-fix entry for the cloud-type-specific default scopes behavior. |
rujche
reviewed
Apr 22, 2026
Member
|
@copilot apply changes based on the comments in this thread |
…nvention Agent-Logs-Url: https://github.com/Azure/azure-sdk-for-java/sessions/177be99d-3645-4a73-a56c-753ad743f82b Co-authored-by: rujche <171773178+rujche@users.noreply.github.com>
…tant, rename test method Agent-Logs-Url: https://github.com/Azure/azure-sdk-for-java/sessions/e12bfcb2-e753-484c-9f60-d4bd0aabc999 Co-authored-by: rujche <171773178+rujche@users.noreply.github.com>
Contributor
Author
Applied all changes from the review thread in cc3ef95:
|
Member
|
@copilot apply changes based on the comments in this thread |
… pattern; clarify CHANGELOG entry Agent-Logs-Url: https://github.com/Azure/azure-sdk-for-java/sessions/bdd4ce6e-14e3-4a50-92e0-608069e8c44c Co-authored-by: rujche <171773178+rujche@users.noreply.github.com>
Contributor
Author
Applied both changes in 2919235:
|
Copilot
AI
changed the title
Fix azure.scopes defaulting to Azure Global when cloud-type=azure_china/azure_us_government
Fix passwordless JDBC and Redis azure.scopes defaulting to Azure Global when cloud-type=azure_china/azure_us_government
Apr 23, 2026
Member
|
@copilot apply changes based on the comments in this thread |
Agent-Logs-Url: https://github.com/Azure/azure-sdk-for-java/sessions/40b2a63f-fac7-442b-a70a-f33b4e2a67a3 Co-authored-by: rujche <171773178+rujche@users.noreply.github.com>
Contributor
Author
Applied in 35a158a:
|
rujche
requested review from
a team,
Netyyyy,
moarychan and
saragluna
as code owners
rujche
approved these changes
Apr 24, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request fixes the defaulting logic for passwordless connection scopes in Azure JDBC and Redis for Spring Cloud Azure, ensuring the correct cloud-specific scopes are used when the cloud type is set to Azure China or Azure US Government. It introduces new methods for determining effective scopes, updates property conversion logic, and adds comprehensive tests to verify correct behavior. The changes also improve the merging of global and resource-specific properties to avoid overwriting explicit user configuration.
Bug Fixes and Scope Resolution Improvements
azure.scopesvalue is used for Azure China and Azure US Government clouds, based on the merged cloud type. Previously, the wrong scope could be used if the cloud type was set viaspring.cloud.azure.profile.cloud-type.getEffectiveScopes()methods to bothAzureJdbcPasswordlessPropertiesandAzureRedisPasswordlessProperties, which return the appropriate default scope for the merged cloud type when scopes are not explicitly set. [1] [2]Property Conversion and Merging
toPasswordlessProperties()method in both JDBC and Redis passwordless properties classes to use the effective, cloud-type-aware scopes instead of the raw value, ensuring correct values are propagated to downstream consumers. [1] [2]Testing Enhancements
These changes ensure passwordless authentication works reliably across different Azure environments and that user intent is preserved in configuration.