Critical: .NET install domains and URLs are changing #9671
Comments
|
Is there a risk that a malicious party later acquires azureedge.net and starts serving malware to systems that still use the old URLs? From WHOIS, it looks like azureedge.net is registered to Microsoft, not to Edgio. (Just wondering how urgent it is to update URLs in old version-control branches that are not actively developed but might get built some day.) Have there been any NuGet feeds in the domain? |
|
@KalleOlaviNiemitalo we took it over, so it won’t be taken away. |
so why not keep the current urls for like 1-2 more dont net versions so after .net 11 you have to use the new urls this would give people time to update their whitelists |
@KalleOlaviNiemitalo
|
Given this issue I'm wondering when Microsoft will provide their own domain registrar on Azure to prevent such issues in the future. Currently this is the only thing that is really missing on the Azure platform. I can host virtually anything on Azure but when it comes to domains I still need to resort to a third party. I can point all my nameservers to Azure, sure. But the domain itself needs to be hosted somewhere else. |
|
Does this affect the installers in the Azure Devops pipelines? We use a mix of classic and Yaml pipelines. |
Yes, it does.
|
Needed for .NET CDN change see dotnet/core#9671 and: AzureAD/microsoft-identity-web#3175 Signed-off-by: Keegan <[email protected]>
* Needed for .net cdn change see dotnet/core#9671 and: AzureAD/microsoft-identity-web#3175 * Update codeql action to setup .NET 9
Changing URLs because of CDN change referenced at dotnet/core#9671
Bump the update-dotnet-sdk action to v3.4.0 to pick up changes to react to dotnet/core#9671.
Bump the update-dotnet-sdk action to v3.4.0 to pick up changes to react to dotnet/core#9671.
Updates for: dotnet/core#9671
|
The command |
|
@Odraio I believe these urls were updated in microsoft/playwright#34061, perhaps if you ask on their repo they will have information about release cadences? |
|
@richlander For our Azure Functions, we currently use the URL functionscdn.azureedge.net to retrieve extension bundles. However, after reviewing the issue, I noticed that there is no specific mention of the subdomain functionscdn in the migration details. Could you please clarify if this subdomain will also be migrated and, if so, to which domain? For example, we are getting extension bundles from a url like: "https://functionscdn.azureedge.net/public/ExtensionBundles/Microsoft.Azure.Functions.ExtensionBundle.Preview/$EXTENSION_BUNDLE_VERSION" |
The azureedge.net domain might stop working as detailed in dotnet/core#9671 Changes in this PR: dotnet: update the logic to determine the latest version dotnet and oryx: copy latest dotnet-install script from https://github.com/dotnet/install-scripts/blob/main/src/dotnet-install.sh (Normally this happens automatically by a GitHub Action, but there is a sense of urgency here, so I did it manually) Additional context https://devblogs.microsoft.com/dotnet/critical-dotnet-install-links-are-changing/ https://build5nines.com/retirement-of-azureedge-net-dns-edg-io-business-closure-and-what-you-need-to-know/
|
We use the URL https://azcopyvnext.azureedge.net for downloading Azcopy, as it mentioned in all of MS's documentation as the location for downloading from. This stopped working yesterday and is not mentioned in your update. What is the new URL for this? |
|
@cetinbug: Maybe it's better to ask in one of these repos: @asatrur: Azure/azure-storage-azcopy#2903.
If using the |
Thanks, it would have been nice if they mentioned that somewhere before screwing us |
Please don't pull from any of the *.azureedge.net or *.azurefd.net for any service - you should be using the custom domains that front the CDN endpoints or the canonical aka.ms links. In the case of AzCopy, those links can always be found at https://aka.ms/downloadazcopy. Each platform we distribute for has its own aka.ms link that points to the most current release. |
…liInstallerUrl The scripts have been updated due to dotnet/core#9671, but according to https://github.com/dotnet/sdk/blob/main/scripts/obtain/dotnet-install-readme the source for the scripts was changed from https://github.com/dotnet/sdk to https://github.com/dotnet/install-scripts some years ago
.NET binaries and installers have moved to a new domain --
builds.dotnet.microsoft.com-- backed by a new Content Delivery Network (CDN). You may need to make changes to adjust.Tracking issue: #9674
Context
Some .NET binaries and installers have been hosted on Azure Content Delivery Network (CDN) domains that end in
.azureedge.net. These domains are hosted by edg.io, which will soon cease operations due to bankruptcy. We are required to migrate to a new CDN and will be using new domains going forward.We expect
azureedge.netdomains to cease to function around 3/31..NET Team Remediation
New domains were created:
builds.dotnet.microsoft.comfor signed official buildsci.dot.netfor signed buildsTest links for new CDN:
Test links for old CDN:
The following resources have been updated to use new domains.
releases-index.jsonOther changes are in progress.
User Remediation
Please make the following replacements:
dotnetcli.azureedge.net->builds.dotnet.microsoft.comdotnetcli.blob.core.windows.net->builds.dotnet.microsoft.comdotnetbuilds.azureedge.net->ci.dot.netdotnetbuilds.blob.core.windows.net->ci.dot.netAll the new domains are path-compatible with old domains, as they share the same origin.
Please also make the following changes:
Install script
The .NET install script is used to install .NET from our CDN. We are changing CDNs (documented in a following section), which requires us to change the install script to use the new CDN.
Updated scripts:
https://dot.net/v1/dotnet-install.shhttps://dot.net/v1/dotnet-install.ps1https://github.com/dotnet/install-scripts/tree/main/srcNotes:
Tracking PRs:
Official builds
Official builds and JSON files are hosted via a CDN, available for use by the install script and other installers.
Notes:
microsoft.comdomain was chosen to reflect that.You can change from old to new domains by changing the domain section of the URL. The other parts of the URL do not need to change.
Example URLs:
A set of short links are available for official builds.
Link pattern:
https://aka.ms/dotnet/[x.y]/[package].Example URLs:
These links produce
301HTTP results that forward to our CDN.We expect these links to be changed in mid January.
Tracking PR:
CI builds
Continuous integration (CI) builds are hosted via a CDN, available via the install script and GitHub README files.
Note: CI builds include a mix of tested and untested builds, signed and unsigned builds.
Example URLs:
A set of short links are available for CI builds.
Link pattern:
https://aka.ms/dotnet/[x.y]/daily/[package].Example URLs:
These links produce
301HTTP results that forward to our CDN.We expect these links to be changed in mid January.
Tracking PR:
CI build pages use the CI short links.
Example build pages:
Azure DevOps and GitHub Actions
UseDotnetTaskwill be updated in JanuaryOther changes
The following resources are also affected.
The text was updated successfully, but these errors were encountered: