Skip to content

Azsql default disable pub network 2.x#2181

Merged
xiangyan99 merged 3 commits intorelease/azure/2.xfrom
azsql_default_disable_pub_network_2.x
Mar 24, 2026
Merged

Azsql default disable pub network 2.x#2181
xiangyan99 merged 3 commits intorelease/azure/2.xfrom
azsql_default_disable_pub_network_2.x

Conversation

@xiangyan99
Copy link
Copy Markdown
Member

@xiangyan99 xiangyan99 commented Mar 24, 2026

What does this PR do?

[Provide a clear, concise description of the changes]

[Add additional context, screenshots, or information that helps reviewers]

GitHub issue number?

[Link to the GitHub issue this PR addresses]

Pre-merge Checklist

  • Required for All PRs
    • Read contribution guidelines
    • PR title clearly describes the change
    • Commit history is clean with descriptive messages (cleanup guide)
    • Added comprehensive tests for new/modified functionality
    • Created a changelog entry if the change falls among the following: new feature, bug fix, UI/UX update, breaking change, or updated dependencies. Follow the changelog entry guide
  • For MCP tool changes:
    • One tool per PR: This PR adds or modifies only one MCP tool for faster review cycles
    • Updated servers/Azure.Mcp.Server/README.md and/or servers/Fabric.Mcp.Server/README.md documentation
    • Validate README.md changes running the script ./eng/scripts/Process-PackageReadMe.ps1. See Package README
    • For new or modified tool descriptions, ran ToolDescriptionEvaluator and obtained a score of 0.4 or more and a top 3 ranking for all related test prompts
    • For tools with new names, including new tools or renamed tools, update consolidated-tools.json
    • For renamed tools, follow the Tool Rename Checklist and tag the PR with the breaking-change label
    • For new tools associated with Azure services or publicly available tools/APIs/products, add URL to documentation in the PR description
  • Extra steps for Azure MCP Server tool changes:
    • Updated command list in servers/Azure.Mcp.Server/docs/azmcp-commands.md
    • Ran ./eng/scripts/Update-AzCommandsMetadata.ps1 to update tool metadata in azmcp-commands.md (required for CI)
    • Updated test prompts in servers/Azure.Mcp.Server/docs/e2eTestPrompts.md
    • 👉 For Community (non-Microsoft team member) PRs:
      • Security review: Reviewed code for security vulnerabilities, malicious code, or suspicious activities before running tests (crypto mining, spam, data exfiltration, etc.)
      • Manual tests run: added comment /azp run mcp - pullrequest - live to run Live Test Pipeline

@xiangyan99
disable publicNetworkAccess by defailt (#2170)
288eb92 
* disable publicNetworkAccess by defailt

* update
@xiangyan99
make public-network-access disabled by default (#2174)
7c82402 
* make `public-network-access` disabled by default

* updates
@xiangyan99
Merge branch 'release/azure/2.x' of https://github.com/Microsoft/mcp
4ae0dd2 
…into release/azure/2.x
@xiangyan99 xiangyan99 requested review from KarishmaGhiya, Copilot, g2vinay, hallipr, jongio, tmeschter and wbreza and removed request for a team March 24, 2026 16:48
@xiangyan99 xiangyan99 requested a review from jairmyree March 24, 2026 16:48
Copilot AI reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the Azure SQL tool’s server creation behavior to be secure-by-default by disabling public network access unless explicitly enabled, and refreshes related docs/tests/changelog.

Changes:

  • Default SQL server PublicNetworkAccess to Disabled in SqlService.CreateServerAsync when the flag is omitted.
  • Update SQL option help text and the generated azmcp command documentation to reflect the new default.
  • Add unit tests and a changelog entry covering the behavior change.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
tools/Azure.Mcp.Tools.Sql/tests/Azure.Mcp.Tools.Sql.UnitTests/Server/ServerCreateCommandTests.cs Adds tests around omitted/invalid --public-network-access behavior.
tools/Azure.Mcp.Tools.Sql/src/Services/SqlService.cs Changes server creation to always set PublicNetworkAccess, defaulting to Disabled.
tools/Azure.Mcp.Tools.Sql/src/Options/SqlOptionDefinitions.cs Updates CLI option description to state the new default.
servers/Azure.Mcp.Server/docs/azmcp-commands.md Updates SQL server create command docs to show correct parameter names and new default.
servers/Azure.Mcp.Server/changelog-entries/1774310506935.yaml Adds a changelog entry for the default change.

Comment thread servers/Azure.Mcp.Server/changelog-entries/1774310506935.yaml
Comment thread tools/Azure.Mcp.Tools.Sql/src/Services/SqlService.cs
Comment thread ...s/Azure.Mcp.Tools.Sql/tests/Azure.Mcp.Tools.Sql.UnitTests/Server/ServerCreateCommandTests.cs
@xiangyan99 xiangyan99 enabled auto-merge (squash) March 24, 2026 17:26
@github-project-automation github-project-automation Bot moved this from Untriaged to In Progress in Azure MCP Server Mar 24, 2026
@xiangyan99 xiangyan99 merged commit cedf821 into release/azure/2.x Mar 24, 2026
32 checks passed
@xiangyan99 xiangyan99 deleted the azsql_default_disable_pub_network_2.x branch March 24, 2026 18:04
@github-project-automation github-project-automation Bot moved this from In Progress to Done in Azure MCP Server Mar 24, 2026
anannya03 pushed a commit to anannya03/mcp that referenced this pull request Mar 24, 2026
@xiangyan99 @anannya03
Azsql default disable pub network 2.x (microsoft#2181)
830b0ae 
* disable publicNetworkAccess by defailt (microsoft#2170)

* disable publicNetworkAccess by defailt

* update

* make `public-network-access` disabled by default (microsoft#2174)

* make `public-network-access` disabled by default

* updates
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@alzimmermsft alzimmermsft alzimmermsft approved these changes

@achyuth-ms achyuth-ms Awaiting requested review from achyuth-ms achyuth-ms is a code owner

@ericshape ericshape Awaiting requested review from ericshape ericshape is a code owner

@jeremyfrosti jeremyfrosti Awaiting requested review from jeremyfrosti jeremyfrosti is a code owner

@hallipr hallipr Awaiting requested review from hallipr hallipr is a code owner automatically assigned from microsoft/azure-mcp

@jongio jongio Awaiting requested review from jongio jongio is a code owner automatically assigned from microsoft/azure-mcp

@g2vinay g2vinay Awaiting requested review from g2vinay g2vinay is a code owner automatically assigned from microsoft/azure-mcp

@wbreza wbreza Awaiting requested review from wbreza wbreza is a code owner automatically assigned from microsoft/azure-mcp

@KarishmaGhiya KarishmaGhiya Awaiting requested review from KarishmaGhiya KarishmaGhiya is a code owner automatically assigned from microsoft/azure-mcp

@tmeschter tmeschter Awaiting requested review from tmeschter tmeschter is a code owner automatically assigned from microsoft/azure-mcp

@jairmyree jairmyree Awaiting requested review from jairmyree jairmyree is a code owner automatically assigned from microsoft/azure-mcp

Assignees

No one assigned

Labels

tools-SQL

Projects

Azure MCP Server
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@xiangyan99 @alzimmermsft