update version to 2.159.1 (#133)

* update version to 2.159.1

* Update releaseNote.md

.github/workflows/build.yml

@@ -4,6 +4,7 @@ on:
   push:
     branches: 
     - master
+    - releases/*
   pull_request:
     branches: 
     - '*'

releaseNote.md

@@ -1,16 +1,13 @@
 ## Features
-  - Runner config auth via GitHub.com. (#107) (#117) 
-  - Adding wrapper action to support post job cleanup, adding checkout v1.1 (#91)
-  - Improving terminal experience (#110)
-  - Add runner support for cache action. (#120)
+  - Added support for OS and Architecture Labels for self hosted runners (#130)
 
 ## Bugs
-  - Set GITHUB_ACTIONS in containers. (#119)
-  - Fix issue data column/col mismatch. (#122)
+  - N/A
 
 ## Misc
-  - Use GitHub actions for CI/PR (#112) 
-  - Code Cleanup (#123) (#124) (#125)
+  - Updated Prompts for self-hosted runners (#126)
+  - Optimized Secret Masking of Base64 Encoded Secrets (#128)
+  - Added additional tests for secret masking (#129)
 
 ## Agent Downloads  
 

src/Runner.Common/Capabilities/CapabilitiesManager.cs

@@ -1,73 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading;
-using System.Threading.Tasks;
-using GitHub.Runner.Common.Util;
-using GitHub.Runner.Sdk;
-
-namespace GitHub.Runner.Common.Capabilities
-{
-    [ServiceLocator(Default = typeof(CapabilitiesManager))]
-    public interface ICapabilitiesManager : IRunnerService
-    {
-        Task<Dictionary<string, string>> GetCapabilitiesAsync(RunnerSettings settings, CancellationToken token);
-    }
-
-    public sealed class CapabilitiesManager : RunnerService, ICapabilitiesManager
-    {
-        public async Task<Dictionary<string, string>> GetCapabilitiesAsync(RunnerSettings settings, CancellationToken cancellationToken)
-        {
-            Trace.Entering();
-            ArgUtil.NotNull(settings, nameof(settings));
-
-            // Initialize a dictionary of capabilities.
-            var capabilities = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase);
-
-            if (settings.SkipCapabilitiesScan)
-            {
-                Trace.Info("Skip capabilities scan.");
-                return capabilities;
-            }
-
-            // Get the providers.
-            var extensionManager = HostContext.GetService<IExtensionManager>();
-            IEnumerable<ICapabilitiesProvider> providers =
-                extensionManager
-                .GetExtensions<ICapabilitiesProvider>()
-                ?.OrderBy(x => x.Order);
-
-            // Add each capability returned from each provider.
-            foreach (ICapabilitiesProvider provider in providers ?? new ICapabilitiesProvider[0])
-            {
-                foreach (Capability capability in await provider.GetCapabilitiesAsync(settings, cancellationToken) ?? new List<Capability>())
-                {
-                    // Make sure we mask secrets in capabilities values.
-                    capabilities[capability.Name] = HostContext.SecretMasker.MaskSecrets(capability.Value);
-                }
-            }
-
-            return capabilities;
-        }
-    }
-
-    public interface ICapabilitiesProvider : IExtension
-    {
-        int Order { get; }
-
-        Task<List<Capability>> GetCapabilitiesAsync(RunnerSettings settings, CancellationToken cancellationToken);
-    }
-
-    public sealed class Capability
-    {
-        public string Name { get; }
-        public string Value { get; }
-
-        public Capability(string name, string value)
-        {
-            ArgUtil.NotNullOrEmpty(name, nameof(name));
-            Name = name;
-            Value = value ?? string.Empty;
-        }
-    }
-}

src/Runner.Common/Capabilities/RunnerCapabilitiesProvider.cs

@@ -1,86 +0,0 @@
-using GitHub.Runner.Common.Util;
-using GitHub.Runner.Sdk;
-using Microsoft.Win32;
-using System;
-using System.Collections.Generic;
-using System.Threading;
-using System.Threading.Tasks;
-
-namespace GitHub.Runner.Common.Capabilities
-{
-    public sealed class RunnerCapabilitiesProvider : RunnerService, ICapabilitiesProvider
-    {
-        public Type ExtensionType => typeof(ICapabilitiesProvider);
-
-        public int Order => 99; // Process last to override prior.
-
-        public Task<List<Capability>> GetCapabilitiesAsync(RunnerSettings settings, CancellationToken cancellationToken)
-        {
-            ArgUtil.NotNull(settings, nameof(settings));
-            var capabilities = new List<Capability>();
-            Add(capabilities, "Runner.Name", settings.AgentName ?? string.Empty);
-            Add(capabilities, "Runner.OS", VarUtil.OS);
-            Add(capabilities, "Runner.OSArchitecture", VarUtil.OSArchitecture);
-#if OS_WINDOWS
-            Add(capabilities, "Runner.OSVersion", GetOSVersionString());
-#endif
-            Add(capabilities, "InteractiveSession", (HostContext.StartupType != StartupType.Service).ToString());
-            Add(capabilities, "Runner.Version", BuildConstants.RunnerPackage.Version);
-            Add(capabilities, "Runner.ComputerName", Environment.MachineName ?? string.Empty);
-            Add(capabilities, "Runner.HomeDirectory", HostContext.GetDirectory(WellKnownDirectory.Root));
-            return Task.FromResult(capabilities);
-        }
-
-        private void Add(List<Capability> capabilities, string name, string value)
-        {
-            Trace.Info($"Adding '{name}': '{value}'");
-            capabilities.Add(new Capability(name, value));
-        }
-
-        private object GetHklmValue(string keyName, string valueName)
-        {
-            keyName = $@"HKEY_LOCAL_MACHINE\{keyName}";
-            object value = Registry.GetValue(keyName, valueName, defaultValue: null);
-            if (object.ReferenceEquals(value, null))
-            {
-                Trace.Info($"Key name '{keyName}', value name '{valueName}' is null.");
-                return null;
-            }
-
-            Trace.Info($"Key name '{keyName}', value name '{valueName}': '{value}'");
-            return value;
-        }
-
-        private string GetOSVersionString()
-        {
-            // Do not use System.Environment.OSVersion.Version to resolve the OS version number.
-            // It leverages the GetVersionEx function which may report an incorrect version
-            // depending on the app's manifest. For details, see:
-            //     https://msdn.microsoft.com/library/windows/desktop/ms724451(v=vs.85).aspx
-
-            // Attempt to retrieve the major/minor version from the new registry values added in
-            // in Windows 10.
-            //
-            // The registry value "CurrentVersion" is unreliable in Windows 10. It contains the
-            // value "6.3" instead of "10.0".
-            object major = GetHklmValue(@"SOFTWARE\Microsoft\Windows NT\CurrentVersion", "CurrentMajorVersionNumber");
-            object minor = GetHklmValue(@"SOFTWARE\Microsoft\Windows NT\CurrentVersion", "CurrentMinorVersionNumber");
-            string majorMinorString;
-            if (major != null && minor != null)
-            {
-                majorMinorString = StringUtil.Format("{0}.{1}", major, minor);
-            }
-            else
-            {
-                // Fallback to the registry value "CurrentVersion".
-                majorMinorString = GetHklmValue(@"SOFTWARE\Microsoft\Windows NT\CurrentVersion", "CurrentVersion") as string;
-            }
-
-            // Opted to use the registry value "CurrentBuildNumber" over "CurrentBuild". Based on brief
-            // internet investigation, the only difference appears to be that on Windows XP "CurrentBuild"
-            // was unreliable and "CurrentBuildNumber" was the correct choice.
-            string build = GetHklmValue(@"SOFTWARE\Microsoft\Windows NT\CurrentVersion", "CurrentBuildNumber") as string;
-            return StringUtil.Format("{0}.{1}", majorMinorString, build);
-        }
-    }
-}

src/Runner.Common/ExtensionManager.cs

@@ -39,10 +39,6 @@ namespace GitHub.Runner.Common
             var extensions = new List<IExtension>();
             switch (typeof(T).FullName)
             {
-                // Listener capabilities providers.
-                case "GitHub.Runner.Common.Capabilities.ICapabilitiesProvider":
-                    Add<T>(extensions, "GitHub.Runner.Common.Capabilities.RunnerCapabilitiesProvider, Runner.Common");
-                    break;
                 // Action command extensions.
                 case "GitHub.Runner.Worker.IActionCommandExtension":
                     Add<T>(extensions, "GitHub.Runner.Worker.InternalPluginSetRepoPathCommandExtension, Runner.Worker");

src/Runner.Common/HostContext.cs

@@ -84,9 +84,6 @@ namespace GitHub.Runner.Common
             this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscape);
             this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeShift1);
             this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeShift2);
-            this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeShift3);
-            this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeShift4);
-            this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeShift5);
             this.SecretMasker.AddValueEncoder(ValueEncoders.ExpressionStringEscape);
             this.SecretMasker.AddValueEncoder(ValueEncoders.JsonStringEscape);
             this.SecretMasker.AddValueEncoder(ValueEncoders.UriDataEscape);

src/Runner.Common/RunnerServer.cs

@@ -31,7 +31,7 @@ namespace GitHub.Runner.Common
         Task DeleteAgentAsync(int agentPoolId, int agentId);
         Task<List<TaskAgentPool>> GetAgentPoolsAsync(string agentPoolName = null, TaskAgentPoolType poolType = TaskAgentPoolType.Automation);
         Task<List<TaskAgent>> GetAgentsAsync(int agentPoolId, string agentName = null);
-        Task<TaskAgent> UpdateAgentAsync(int agentPoolId, TaskAgent agent);
+        Task<TaskAgent> ReplaceAgentAsync(int agentPoolId, TaskAgent agent);
 
         // messagequeue
         Task<TaskAgentSession> CreateAgentSessionAsync(Int32 poolId, TaskAgentSession session, CancellationToken cancellationToken);
@@ -257,7 +257,7 @@ namespace GitHub.Runner.Common
             return _genericTaskAgentClient.GetAgentsAsync(agentPoolId, agentName, false);
         }
 
-        public Task<TaskAgent> UpdateAgentAsync(int agentPoolId, TaskAgent agent)
+        public Task<TaskAgent> ReplaceAgentAsync(int agentPoolId, TaskAgent agent)
         {
             CheckConnection(RunnerConnectionType.Generic);
             return _genericTaskAgentClient.ReplaceAgentAsync(agentPoolId, agent);

src/Runner.Listener/Configuration/ConfigurationManager.cs

@@ -1,24 +1,19 @@
 using GitHub.DistributedTask.WebApi;
-using GitHub.Runner.Common.Capabilities;
 using GitHub.Runner.Common.Util;
 using GitHub.Services.Common;
 using GitHub.Services.OAuth;
 using GitHub.Services.WebApi;
 using System;
 using System.Collections.Generic;
-using System.Diagnostics;
 using System.IO;
 using System.Linq;
 using System.Security.Cryptography;
-using System.Security.Principal;
-using System.Threading;
 using System.Threading.Tasks;
 using System.Runtime.InteropServices;
 using GitHub.Runner.Common;
 using GitHub.Runner.Sdk;
 using System.Net.Http;
 using System.Net.Http.Headers;
-using System.Text;
 
 namespace GitHub.Runner.Listener.Configuration
 {
@@ -168,7 +163,8 @@ namespace GitHub.Runner.Listener.Configuration
             {
                 // Get the URL
                 var inputUrl = command.GetUrl();
-                if (!inputUrl.Contains("github.com", StringComparison.OrdinalIgnoreCase))
+                if (!inputUrl.Contains("github.com", StringComparison.OrdinalIgnoreCase) &&
+                    !inputUrl.Contains("github.localhost", StringComparison.OrdinalIgnoreCase))
                 {
                     runnerSettings.ServerUrl = inputUrl;
                     // Get the credentials
@@ -238,11 +234,8 @@ namespace GitHub.Runner.Listener.Configuration
             {
                 runnerSettings.AgentName = command.GetAgentName();
 
-                // Get the system capabilities.
-                Dictionary<string, string> systemCapabilities = await HostContext.GetService<ICapabilitiesManager>().GetCapabilitiesAsync(runnerSettings, CancellationToken.None);
-
                 _term.WriteLine();
-                
+
                 var agents = await _runnerServer.GetAgentsAsync(runnerSettings.PoolId, runnerSettings.AgentName);
                 Trace.Verbose("Returns {0} agents", agents.Count);
                 agent = agents.FirstOrDefault();
@@ -251,12 +244,12 @@ namespace GitHub.Runner.Listener.Configuration
                     _term.WriteLine("A runner exists with the same name", ConsoleColor.Yellow);
                     if (command.GetReplace())
                     {
-                        // Update existing agent with new PublicKey, agent version and SystemCapabilities.
-                        agent = UpdateExistingAgent(agent, publicKey, systemCapabilities);
+                        // Update existing agent with new PublicKey, agent version.
+                        agent = UpdateExistingAgent(agent, publicKey);
 
                         try
                         {
-                            agent = await _runnerServer.UpdateAgentAsync(runnerSettings.PoolId, agent);
+                            agent = await _runnerServer.ReplaceAgentAsync(runnerSettings.PoolId, agent);
                             _term.WriteSuccessMessage("Successfully replaced the runner");
                             break;
                         }
@@ -275,7 +268,7 @@ namespace GitHub.Runner.Listener.Configuration
                 else
                 {
                     // Create a new agent. 
-                    agent = CreateNewAgent(runnerSettings.AgentName, publicKey, systemCapabilities);
+                    agent = CreateNewAgent(runnerSettings.AgentName, publicKey);
 
                     try
                     {
@@ -435,7 +428,7 @@ namespace GitHub.Runner.Listener.Configuration
         {
             ArgUtil.Equal(RunMode.Normal, HostContext.RunMode, nameof(HostContext.RunMode));
             string currentAction = string.Empty;
-            
+
             _term.WriteSection("Runner removal");
 
             try
@@ -499,7 +492,7 @@ namespace GitHub.Runner.Listener.Configuration
                     else
                     {
                         await _runnerServer.DeleteAgentAsync(settings.PoolId, settings.AgentId);
-                        
+
                         _term.WriteLine();
                         _term.WriteSuccessMessage("Runner removed successfully");
                     }
@@ -573,7 +566,7 @@ namespace GitHub.Runner.Listener.Configuration
         }
 
 
-        private TaskAgent UpdateExistingAgent(TaskAgent agent, RSAParameters publicKey, Dictionary<string, string> systemCapabilities)
+        private TaskAgent UpdateExistingAgent(TaskAgent agent, RSAParameters publicKey)
         {
             ArgUtil.NotNull(agent, nameof(agent));
             agent.Authorization = new TaskAgentAuthorization
@@ -585,15 +578,14 @@ namespace GitHub.Runner.Listener.Configuration
             agent.Version = BuildConstants.RunnerPackage.Version;
             agent.OSDescription = RuntimeInformation.OSDescription;
 
-            foreach (KeyValuePair<string, string> capability in systemCapabilities)
-            {
-                agent.SystemCapabilities[capability.Key] = capability.Value ?? string.Empty;
-            }
+            agent.Labels.Add("self-hosted");
+            agent.Labels.Add(VarUtil.OS);
+            agent.Labels.Add(VarUtil.OSArchitecture);
 
             return agent;
         }
 
-        private TaskAgent CreateNewAgent(string agentName, RSAParameters publicKey, Dictionary<string, string> systemCapabilities)
+        private TaskAgent CreateNewAgent(string agentName, RSAParameters publicKey)
         {
             TaskAgent agent = new TaskAgent(agentName)
             {
@@ -606,10 +598,9 @@ namespace GitHub.Runner.Listener.Configuration
                 OSDescription = RuntimeInformation.OSDescription,
             };
 
-            foreach (KeyValuePair<string, string> capability in systemCapabilities)
-            {
-                agent.SystemCapabilities[capability.Key] = capability.Value ?? string.Empty;
-            }
+            agent.Labels.Add("self-hosted");
+            agent.Labels.Add(VarUtil.OS);
+            agent.Labels.Add(VarUtil.OSArchitecture);
 
             return agent;
         }
@@ -638,7 +629,7 @@ namespace GitHub.Runner.Listener.Configuration
         private async Task<GitHubAuthResult> GetTenantCredential(string githubUrl, string githubToken)
         {
             var gitHubUrl = new UriBuilder(githubUrl);
-            var githubApiUrl = $"https://api.github.com/repos/{gitHubUrl.Path.Trim('/')}/actions-runners/registration";
+            var githubApiUrl = $"https://api.{gitHubUrl.Host}/repos/{gitHubUrl.Path.Trim('/')}/actions-runners/registration";
             using (var httpClientHandler = HostContext.CreateHttpClientHandler())
             using (var httpClient = new HttpClient(httpClientHandler))
             {

src/Runner.Listener/MessageListener.cs

@@ -1,7 +1,5 @@
 using GitHub.DistributedTask.WebApi;
-using GitHub.Runner.Common.Capabilities;
 using GitHub.Runner.Listener.Configuration;
-using GitHub.Runner.Common.Util;
 using GitHub.Services.Common;
 using System;
 using System.Collections.Generic;
@@ -10,7 +8,6 @@ using System.Threading.Tasks;
 using System.Security.Cryptography;
 using System.IO;
 using System.Text;
-using GitHub.Services.WebApi;
 using GitHub.Services.OAuth;
 using System.Diagnostics;
 using System.Runtime.InteropServices;
@@ -59,9 +56,6 @@ namespace GitHub.Runner.Listener
             var serverUrl = _settings.ServerUrl;
             Trace.Info(_settings);
 
-            // Capabilities.
-            Dictionary<string, string> systemCapabilities = await HostContext.GetService<ICapabilitiesManager>().GetCapabilitiesAsync(_settings, token);
-
             // Create connection.
             Trace.Info("Loading Credentials");
             var credMgr = HostContext.GetService<ICredentialManager>();
@@ -75,7 +69,7 @@ namespace GitHub.Runner.Listener
                 OSDescription = RuntimeInformation.OSDescription,
             };
             string sessionName = $"{Environment.MachineName ?? "RUNNER"}";
-            var taskAgentSession = new TaskAgentSession(sessionName, agent, systemCapabilities);
+            var taskAgentSession = new TaskAgentSession(sessionName, agent);
 
             string errorMessage = string.Empty;
             bool encounteringError = false;

src/Runner.Worker/DiagnosticLogManager.cs

@@ -2,19 +2,9 @@
 using System.Collections.Generic;
 using System.IO;
 using System.IO.Compression;
-using System.Text;
-using System.Runtime.InteropServices;
 using GitHub.DistributedTask.WebApi;
-using GitHub.Runner.Common.Util;
-using GitHub.Runner.Worker;
-using GitHub.Runner.Common.Capabilities;
-using GitHub.Services.WebApi;
-using Microsoft.Win32;
-using System.Diagnostics;
 using System.Linq;
-using System.Collections.ObjectModel;
 using System.Globalization;
-using System.Threading;
 using System.Threading.Tasks;
 using Pipelines = GitHub.DistributedTask.Pipelines;
 using GitHub.Runner.Common;

src/Sdk/DTLogging/Logging/ValueEncoders.cs

@@ -17,10 +17,16 @@ namespace GitHub.DistributedTask.Logging
             return Convert.ToBase64String(Encoding.UTF8.GetBytes(value));
         }
 
-        // Base64 is 6 bytes -> char
+        // Base64 is 6 bits -> char
+        // A byte is 8 bits
         // When end user doing somthing like base64(user:password)
         // The length of the leading content will cause different base64 encoding result on the password
-        // So we add base64(value - 1/2/3/4/5 bytes) as secret as well.
+        // So we add base64(value shifted 1 and two bytes) as secret as well. 
+        //    B1         B2      B3                    B4      B5     B6     B7
+        // 000000|00 0000|0000 00|000000|            000000|00 0000|0000 00|000000| 
+        //  Char1  Char2    Char3   Char4  
+        // See the above, the first byte has a character beginning at index 0, the second byte has a character beginning at index 4, the third byte has a character beginning at index 2 and then the pattern repeats
+        // We register byte offsets for all these possible values
         public static String Base64StringEscapeShift1(String value)
         {
             return Base64StringEscapeShift(value, 1);
@@ -31,21 +37,6 @@ namespace GitHub.DistributedTask.Logging
             return Base64StringEscapeShift(value, 2);
         }
 
-        public static String Base64StringEscapeShift3(String value)
-        {
-            return Base64StringEscapeShift(value, 3);
-        }
-
-        public static String Base64StringEscapeShift4(String value)
-        {
-            return Base64StringEscapeShift(value, 4);
-        }
-
-        public static String Base64StringEscapeShift5(String value)
-        {
-            return Base64StringEscapeShift(value, 5);
-        }
-
         public static String ExpressionStringEscape(String value)
         {
             return Expressions.ExpressionUtil.StringEscape(value);

src/Sdk/DTWebApi/WebApi/TaskAgent.cs

@@ -55,14 +55,9 @@ namespace GitHub.DistributedTask.WebApi
                 m_properties = new PropertiesCollection(agentToBeCloned.m_properties);
             }
 
-            if (agentToBeCloned.m_systemCapabilities != null && agentToBeCloned.m_systemCapabilities.Count > 0)
+            if (agentToBeCloned.m_labels != null && agentToBeCloned.m_labels.Count > 0)
             {
-                m_systemCapabilities = new Dictionary<String, String>(agentToBeCloned.m_systemCapabilities, StringComparer.OrdinalIgnoreCase);
-            }
-
-            if (agentToBeCloned.m_userCapabilities != null && agentToBeCloned.m_userCapabilities.Count > 0)
-            {
-                m_userCapabilities = new Dictionary<String, String>(agentToBeCloned.m_userCapabilities, StringComparer.OrdinalIgnoreCase);
+                m_labels = new HashSet<string>(agentToBeCloned.m_labels, StringComparer.OrdinalIgnoreCase);
             }
 
             if (agentToBeCloned.PendingUpdate != null)
@@ -152,32 +147,17 @@ namespace GitHub.DistributedTask.WebApi
         }
 
         /// <summary>
-        /// System-defined capabilities supported by this agent's host.
+        /// The labels of the runner
         /// </summary>
-        public IDictionary<String, String> SystemCapabilities
+        public ISet<string> Labels
         {
             get
             {
-                if (m_systemCapabilities == null)
+                if (m_labels == null)
                 {
-                    m_systemCapabilities = new Dictionary<String, String>(StringComparer.OrdinalIgnoreCase);
+                    m_labels = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
                 }
-                return m_systemCapabilities;
-            }
-        }
-
-        /// <summary>
-        /// User-defined capabilities supported by this agent's host.
-        /// </summary>
-        public IDictionary<String, String> UserCapabilities
-        {
-            get
-            {
-                if (m_userCapabilities == null)
-                {
-                    m_userCapabilities = new Dictionary<String, String>(StringComparer.OrdinalIgnoreCase);
-                }
-                return m_userCapabilities;
+                return m_labels;
             }
         }
 
@@ -214,10 +194,7 @@ namespace GitHub.DistributedTask.WebApi
         [DataMember(IsRequired = false, EmitDefaultValue = false, Name = "Properties")]
         private PropertiesCollection m_properties;
 
-        [DataMember(IsRequired = false, EmitDefaultValue = false, Name = "SystemCapabilities")]
-        private Dictionary<String, String> m_systemCapabilities;
-
-        [DataMember(IsRequired = false, EmitDefaultValue = false, Name = "UserCapabilities")]
-        private Dictionary<String, String> m_userCapabilities;
+        [DataMember(IsRequired = false, EmitDefaultValue = false, Name = "Labels")]
+        private HashSet<string> m_labels;
     }
 }

src/Sdk/DTWebApi/WebApi/TaskAgentHttpClient.cs

@@ -246,8 +246,7 @@ namespace GitHub.DistributedTask.WebApi
                 PlanType = hubName,
                 ScopeId = scopeIdentifier,
                 PlanId = planId,
-                JobId = jobId,
-                Demands = demands,
+                JobId = jobId
             };
 
             return QueueAgentRequestByPoolAsync(poolId, request, userState, cancellationToken);

src/Sdk/DTWebApi/WebApi/TaskAgentJobRequest.cs

@@ -35,7 +35,6 @@ namespace GitHub.DistributedTask.WebApi
             this.PoolId = requestToBeCloned.PoolId;
             this.JobId = requestToBeCloned.JobId;
             this.JobName = requestToBeCloned.JobName;
-            this.Demands = new List<Demand>(requestToBeCloned.Demands ?? new Demand[0]);
             this.LockToken = requestToBeCloned.LockToken;
             this.ExpectedDuration = requestToBeCloned.ExpectedDuration;
             this.OrchestrationId = requestToBeCloned.OrchestrationId;
@@ -68,6 +67,11 @@ namespace GitHub.DistributedTask.WebApi
             {
                 this.AgentSpecification = new JObject(requestToBeCloned.AgentSpecification);
             }
+
+            if (requestToBeCloned.Labels != null)
+            {
+                this.Labels = new HashSet<string>(requestToBeCloned.Labels, StringComparer.OrdinalIgnoreCase);
+            }
         }
 
         /// <summary>
@@ -229,6 +233,7 @@ namespace GitHub.DistributedTask.WebApi
         /// </summary>
         /// <value></value>
         [DataMember(Order = 16, EmitDefaultValue = false)]
+        [Obsolete("No more demands, use labels", true)]
         public IList<Demand> Demands
         {
             get;
@@ -386,6 +391,13 @@ namespace GitHub.DistributedTask.WebApi
             set;
         }
 
+        [DataMember(Order = 33, EmitDefaultValue = false)]
+        public ISet<string> Labels
+        {
+            get;
+            set;
+        }
+
         [IgnoreDataMember]
         internal Guid? LockToken
         {

src/Sdk/DTWebApi/WebApi/TaskAgentSession.cs

@@ -1,5 +1,4 @@
 using System;
-using System.Collections.Generic;
 using System.Runtime.Serialization;
 
 namespace GitHub.DistributedTask.WebApi
@@ -27,29 +26,6 @@ namespace GitHub.DistributedTask.WebApi
             this.OwnerName = ownerName;
         }
 
-        /// <summary>
-        /// Initializes a new <c>TaskAgentSession</c> isntance with the specified owner name, agent, and capabilities.
-        /// </summary>
-        /// <param name="ownerName">The name of the owner for this session. This should typically be the agent machine</param>
-        /// <param name="agent">The target agent for the session</param>
-        /// <param name="systemCapabilities">A collection of capabilities to publish on session creation</param>
-        public TaskAgentSession(
-            String ownerName,
-            TaskAgentReference agent,
-            IDictionary<String, String> systemCapabilities)
-        {
-            this.Agent = agent;
-            this.OwnerName = ownerName;
-
-            foreach (var capability in systemCapabilities)
-            {
-                if (capability.Value != null)
-                {
-                    this.SystemCapabilities.Add(capability.Key, capability.Value);
-                }
-            }
-        }
-
         /// <summary>
         /// Gets the unique identifier for this session.
         /// </summary>
@@ -89,33 +65,5 @@ namespace GitHub.DistributedTask.WebApi
             get;
             set;
         }
-
-        /// <summary>
-        /// Gets the collection of system capabilities used for this session.
-        /// </summary>
-        public IDictionary<String, String> SystemCapabilities
-        {
-            get
-            {
-                if (m_systemCapabilities == null)
-                {
-                    m_systemCapabilities = new Dictionary<String, String>(StringComparer.OrdinalIgnoreCase);
-                }
-                return m_systemCapabilities;
-            }
-        }
-
-        [OnSerializing]
-        private void OnSerializing(StreamingContext context)
-        {
-            if (m_systemCapabilities?.Count == 0)
-            {
-                m_systemCapabilities = null;
-            }
-        }
-
-
-        [DataMember(IsRequired = false, EmitDefaultValue = false, Name = "SystemCapabilities")]
-        private IDictionary<String, String> m_systemCapabilities;
     }
 }

src/Test/L0/ExtensionManagerL0.cs

@@ -1,5 +1,4 @@
-using GitHub.Runner.Common.Capabilities;
-using GitHub.Runner.Worker;
+using GitHub.Runner.Worker;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -21,12 +20,12 @@ namespace GitHub.Runner.Common.Tests
                 manager.Initialize(tc);
 
                 // Act.
-                List<ICapabilitiesProvider> extensions = manager.GetExtensions<ICapabilitiesProvider>();
+                List<IActionCommandExtension> extensions = manager.GetExtensions<IActionCommandExtension>();
 
                 // Assert.
                 Assert.True(
-                    extensions.Any(x => x is RunnerCapabilitiesProvider),
-                    $"Expected {nameof(RunnerCapabilitiesProvider)} extension to be returned as a job extension.");
+                    extensions.Any(x => x is SetEnvCommandExtension),
+                    $"Expected {nameof(SetEnvCommandExtension)} extension to be returned as a job extension.");
             }
         }
 
@@ -42,9 +41,9 @@ namespace GitHub.Runner.Common.Tests
                 manager.Initialize(tc);
 
                 // Act/Assert.
-                AssertContains<GitHub.Runner.Common.Capabilities.ICapabilitiesProvider>(
+                AssertContains<GitHub.Runner.Worker.IActionCommandExtension>(
                     manager,
-                    concreteType: typeof(GitHub.Runner.Common.Capabilities.RunnerCapabilitiesProvider));
+                    concreteType: typeof(GitHub.Runner.Worker.SetEnvCommandExtension));
             }
         }
 

src/Test/L0/HostContextL0.cs

@@ -1,7 +1,9 @@
 using GitHub.Runner.Common.Util;
+using System;
 using System.IO;
 using System.Reflection;
 using System.Runtime.CompilerServices;
+using System.Text;
 using System.Threading;
 using Xunit;
 
@@ -67,6 +69,44 @@ namespace GitHub.Runner.Common.Tests
             }
         }
 
+        [Fact]
+        [Trait("Level", "L0")]
+        [Trait("Category", "Common")]
+        public void DefaultSecretMaskers()
+        {
+            try
+            {
+                // Arrange.
+                Setup();
+
+                // Act.
+                _hc.SecretMasker.AddValue("Password123!");
+                _hc.SecretMasker.AddValue("Pass\"word\"123!");
+                _hc.SecretMasker.AddValue("Pass word 123!");
+                _hc.SecretMasker.AddValue("Pass<word>123!");
+                _hc.SecretMasker.AddValue("Pass'word'123!");
+
+                // Assert.
+                Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Password123!123"));
+                Assert.Equal("password123", _hc.SecretMasker.MaskSecrets("password123"));
+                Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Pass\\\"word\\\"123!123"));
+                Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Pass%20word%20123%21123"));
+                Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Pass&lt;word&gt;123!123"));
+                Assert.Equal("123***123", _hc.SecretMasker.MaskSecrets("123Pass''word''123!123"));
+                Assert.Equal("OlBh***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($":Password123!"))));
+                Assert.Equal("YTpQ***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"a:Password123!"))));
+                Assert.Equal("YWI6***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"ab:Password123!"))));
+                Assert.Equal("YWJjOlBh***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abc:Password123!"))));
+                Assert.Equal("YWJjZDpQ***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abcd:Password123!"))));
+                Assert.Equal("YWJjZGU6***", _hc.SecretMasker.MaskSecrets(Convert.ToBase64String(Encoding.UTF8.GetBytes($"abcde:Password123!"))));
+            }
+            finally
+            {
+                // Cleanup.
+                Teardown();
+            }
+        }
+
         public void Setup([CallerMemberName] string testName = "")
         {
             _tokenSource = new CancellationTokenSource();

src/Test/L0/Listener/Configuration/AgentCapabilitiesProviderTestL0.cs

@@ -1,79 +0,0 @@
-using GitHub.Runner.Common.Capabilities;
-using GitHub.Runner.Listener.Configuration;
-using Moq;
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading;
-using System.Threading.Tasks;
-using Xunit;
-
-namespace GitHub.Runner.Common.Tests.Listener
-{
-    public sealed class AgentCapabilitiesProviderTestL0
-    {
-        [Fact]
-        [Trait("Level", "L0")]
-        [Trait("Category", "Agent")]
-        public async void TestGetCapabilities()
-        {
-            using (var hc = new TestHostContext(this))
-            using (var tokenSource = new CancellationTokenSource())
-            {
-                Mock<IConfigurationManager> configurationManager = new Mock<IConfigurationManager>();
-                hc.SetSingleton<IConfigurationManager>(configurationManager.Object);
-                
-                // Arrange
-                var provider = new RunnerCapabilitiesProvider();
-                provider.Initialize(hc);
-                var settings = new RunnerSettings() { AgentName = "IAmAgent007" };
-
-                // Act
-                List<Capability> capabilities = await provider.GetCapabilitiesAsync(settings, tokenSource.Token);
-
-                // Assert
-                Assert.NotNull(capabilities);
-                Capability runnerNameCapability = capabilities.SingleOrDefault(x => string.Equals(x.Name, "Runner.Name", StringComparison.Ordinal));
-                Assert.NotNull(runnerNameCapability);
-                Assert.Equal("IAmAgent007", runnerNameCapability.Value);
-            }
-        }
-
-        [Fact]
-        [Trait("Level", "L0")]
-        [Trait("Category", "Agent")]
-        public async void TestInteractiveSessionCapability()
-        {
-            using (var hc = new TestHostContext(this))
-            using (var tokenSource = new CancellationTokenSource())
-            {
-                hc.StartupType = StartupType.AutoStartup;
-                await VerifyInteractiveSessionCapability(hc, tokenSource.Token, true);
-
-                hc.StartupType = StartupType.Service;
-                await VerifyInteractiveSessionCapability(hc, tokenSource.Token, false);
-
-                hc.StartupType = StartupType.Manual;
-                await VerifyInteractiveSessionCapability(hc, tokenSource.Token, true);
-            }
-        }
-
-        private async Task VerifyInteractiveSessionCapability(IHostContext hc, CancellationToken token, bool expectedValue)
-        {
-            // Arrange
-            var provider = new RunnerCapabilitiesProvider();
-            provider.Initialize(hc);
-            var settings = new RunnerSettings() { AgentName = "IAmAgent007" };
-
-            // Act
-            List<Capability> capabilities = await provider.GetCapabilitiesAsync(settings, token);
-
-            // Assert
-            Assert.NotNull(capabilities);
-            Capability iSessionCapability = capabilities.SingleOrDefault(x => string.Equals(x.Name, "InteractiveSession", StringComparison.Ordinal));
-            Assert.NotNull(iSessionCapability);
-            bool.TryParse(iSessionCapability.Value, out bool isInteractive);
-            Assert.Equal(expectedValue, isInteractive);
-        }
-    }
-}

src/Test/L0/Listener/Configuration/ConfigurationManagerL0.cs

@@ -1,6 +1,5 @@
 using GitHub.DistributedTask.WebApi;
 using GitHub.Runner.Listener;
-using GitHub.Runner.Common.Capabilities;
 using GitHub.Runner.Listener.Configuration;
 using GitHub.Runner.Common.Util;
 using GitHub.Services.WebApi;
@@ -40,8 +39,6 @@ namespace GitHub.Runner.Common.Tests.Listener.Configuration
 #endif
 
         private Mock<IRSAKeyManager> _rsaKeyManager;
-        private ICapabilitiesManager _capabilitiesManager;
-        // private DeploymentGroupAgentConfigProvider _deploymentGroupAgentConfigProvider;
         private string _expectedToken = "expectedToken";
         private string _expectedServerUrl = "https://localhost";
         private string _expectedAgentName = "expectedAgentName";
@@ -78,8 +75,6 @@ namespace GitHub.Runner.Common.Tests.Listener.Configuration
             _serviceControlManager = new Mock<ILinuxServiceControlManager>();
 #endif
 
-            _capabilitiesManager = new CapabilitiesManager();
-
             var expectedAgent = new TaskAgent(_expectedAgentName) { Id = 1 };
             var expectedDeploymentMachine = new DeploymentMachine() { Agent = expectedAgent, Id = _expectedDeploymentMachineId };
             expectedAgent.Authorization = new TaskAgentAuthorization
@@ -127,7 +122,7 @@ namespace GitHub.Runner.Common.Tests.Listener.Configuration
             _agentServer.Setup(x => x.GetAgentsAsync(It.IsAny<int>(), It.IsAny<string>())).Returns(Task.FromResult(expectedAgents));
 
             _agentServer.Setup(x => x.AddAgentAsync(It.IsAny<int>(), It.IsAny<TaskAgent>())).Returns(Task.FromResult(expectedAgent));
-            _agentServer.Setup(x => x.UpdateAgentAsync(It.IsAny<int>(), It.IsAny<TaskAgent>())).Returns(Task.FromResult(expectedAgent));
+            _agentServer.Setup(x => x.ReplaceAgentAsync(It.IsAny<int>(), It.IsAny<TaskAgent>())).Returns(Task.FromResult(expectedAgent));
 
             rsa = new RSACryptoServiceProvider(2048);
 
@@ -143,8 +138,6 @@ namespace GitHub.Runner.Common.Tests.Listener.Configuration
             tc.SetSingleton<IExtensionManager>(_extnMgr.Object);
             tc.SetSingleton<IRunnerServer>(_agentServer.Object);
             tc.SetSingleton<ILocationServer>(_locationServer.Object);
-            // tc.SetSingleton<IDeploymentGroupServer>(_machineGroupServer.Object);
-            tc.SetSingleton<ICapabilitiesManager>(_capabilitiesManager);
             tc.SetSingleton<IRunnerWebProxy>(_runnerWebProxy.Object);
             tc.SetSingleton<IRunnerCertificateManager>(_cert.Object);
 
@@ -208,12 +201,7 @@ namespace GitHub.Runner.Common.Tests.Listener.Configuration
                 // validate GetAgentPoolsAsync gets called once with automation pool type
                 _agentServer.Verify(x => x.GetAgentPoolsAsync(It.IsAny<string>(), It.Is<TaskAgentPoolType>(p => p == TaskAgentPoolType.Automation)), Times.Once);
 
-                // validate GetAgentPoolsAsync not called with deployment pool type
-                _agentServer.Verify(x => x.GetAgentPoolsAsync(It.IsAny<string>(), It.Is<TaskAgentPoolType>(p => p == TaskAgentPoolType.Deployment)), Times.Never);
-
-                // For build and release agent / deployment pool, tags logic should not get trigger;
-                // _machineGroupServer.Verify(x =>
-                //      x.UpdateDeploymentTargetsAsync(It.IsAny<Guid>(), It.IsAny<int>(), It.IsAny<List<DeploymentMachine>>()), Times.Never);
+                _agentServer.Verify(x => x.AddAgentAsync(It.IsAny<int>(), It.Is<TaskAgent>(a => a.Labels.Contains("self-hosted") && a.Labels.Contains(VarUtil.OS) && a.Labels.Contains(VarUtil.OSArchitecture))), Times.Once);
             }
         }
     }

src/Test/L0/Listener/MessageListenerL0.cs

@@ -2,7 +2,6 @@
 using GitHub.Services.Common;
 using GitHub.Services.WebApi;
 using GitHub.Runner.Listener;
-using GitHub.Runner.Common.Capabilities;
 using GitHub.Runner.Listener.Configuration;
 using Moq;
 using System;
@@ -21,7 +20,6 @@ namespace GitHub.Runner.Common.Tests.Listener
         private Mock<IConfigurationManager> _config;
         private Mock<IRunnerServer> _agentServer;
         private Mock<ICredentialManager> _credMgr;
-        private Mock<ICapabilitiesManager> _capabilitiesManager;
 
         public MessageListenerL0()
         {
@@ -30,7 +28,6 @@ namespace GitHub.Runner.Common.Tests.Listener
             _config.Setup(x => x.LoadSettings()).Returns(_settings);
             _agentServer = new Mock<IRunnerServer>();
             _credMgr = new Mock<ICredentialManager>();
-            _capabilitiesManager = new Mock<ICapabilitiesManager>();
         }
 
         private TestHostContext CreateTestContext([CallerMemberName] String testName = "")
@@ -39,7 +36,6 @@ namespace GitHub.Runner.Common.Tests.Listener
             tc.SetSingleton<IConfigurationManager>(_config.Object);
             tc.SetSingleton<IRunnerServer>(_agentServer.Object);
             tc.SetSingleton<ICredentialManager>(_credMgr.Object);
-            tc.SetSingleton<ICapabilitiesManager>(_capabilitiesManager.Object);
             return tc;
         }
 
@@ -62,8 +58,6 @@ namespace GitHub.Runner.Common.Tests.Listener
                         tokenSource.Token))
                     .Returns(Task.FromResult(expectedSession));
 
-                _capabilitiesManager.Setup(x => x.GetCapabilitiesAsync(_settings, It.IsAny<CancellationToken>())).Returns(Task.FromResult(new Dictionary<string, string>()));
-
                 _credMgr.Setup(x => x.LoadCredentials()).Returns(new VssCredentials());
 
                 // Act.
@@ -106,8 +100,6 @@ namespace GitHub.Runner.Common.Tests.Listener
                         tokenSource.Token))
                     .Returns(Task.FromResult(expectedSession));
 
-                _capabilitiesManager.Setup(x => x.GetCapabilitiesAsync(_settings, It.IsAny<CancellationToken>())).Returns(Task.FromResult(new Dictionary<string, string>()));
-
                 _credMgr.Setup(x => x.LoadCredentials()).Returns(new VssCredentials());
 
                 // Act.
@@ -153,8 +145,6 @@ namespace GitHub.Runner.Common.Tests.Listener
                         tokenSource.Token))
                     .Returns(Task.FromResult(expectedSession));
 
-                _capabilitiesManager.Setup(x => x.GetCapabilitiesAsync(_settings, It.IsAny<CancellationToken>())).Returns(Task.FromResult(new Dictionary<string, string>()));
-
                 _credMgr.Setup(x => x.LoadCredentials()).Returns(new VssCredentials());
 
                 // Act.

src/Test/L0/ServiceInterfacesL0.cs

@@ -1,5 +1,4 @@
 using GitHub.Runner.Listener;
-using GitHub.Runner.Common.Capabilities;
 using GitHub.Runner.Listener.Configuration;
 using GitHub.Runner.Worker;
 using GitHub.Runner.Worker.Handlers;
@@ -44,7 +43,6 @@ namespace GitHub.Runner.Common.Tests
                 typeof(IHostContext),
                 typeof(ITraceManager),
                 typeof(IThrottlingReporter),
-                typeof(ICapabilitiesProvider)
             };
             Validate(
                 assembly: typeof(IHostContext).GetTypeInfo().Assembly,

src/runnerversion

@@ -1 +1 @@
-2.159.0
+2.159.1