dotnet
diff --git a/‎eng/assign-managed-identity-to-maestro-app.ps1‎
Lines changed: 42 additions & 0 deletions b/‎eng/assign-managed-identity-to-maestro-app.ps1‎
Lines changed: 42 additions & 0 deletions
diff --git a/‎src/Maestro/Maestro.MergePolicies/CodeFlowMergePolicy.cs‎
Lines changed: 1 addition & 1 deletion b/‎src/Maestro/Maestro.MergePolicies/CodeFlowMergePolicy.cs‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Microsoft.DotNet.Darc/Darc/Operations/VirtualMonoRepo/BackflowOperation.cs‎
Lines changed: 13 additions & 47 deletions b/‎src/Microsoft.DotNet.Darc/Darc/Operations/VirtualMonoRepo/BackflowOperation.cs‎
Lines changed: 13 additions & 47 deletions
@@ -0,0 +1,42 @@
+<#
+.SYNOPSIS
+    Assigns a given Managed Identity (MI) a role in the Maestro application.
+#>
+
+[CmdletBinding()]
+param(
+    [Parameter(Mandatory = $true)]
+    [string]$SubscriptionId,
+    
+    [Parameter(Mandatory = $true)]
+    [string]$ResourceGroupName,
+    
+    [Parameter(Mandatory = $true)]
+    [string]$ManagedIdentityName,
+    
+    [Parameter(Mandatory = $false)]
+    [string]$AppServicePrincipal = "caf36d9b-2940-4270-9a1d-c494eda6ea18", # PROD Maestro application object ID
+    
+    [Parameter(Mandatory = $false)]
+    [ValidateSet("user", "admin")]
+    [string]$Role = "user"
+)
+
+# Set app role ID based on role parameter (get it from the JSON manifest of the Maestro application in Azure AD)
+$appRoleId = switch ($Role) {
+    "user"  { "108187e7-df11-4592-b306-2a2a0b15d8f0" } # User role ID
+    "admin" { "8b5767ed-0675-4e95-9858-f9851b884345" } # Admin role ID
+}
+
+Write-Host "Using role: $Role (ID: $appRoleId)"
+
+az login
+
+$resourceIdWithManagedIdentity = "/subscriptions/$SubscriptionId/resourceGroups/$ResourceGroupName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/$ManagedIdentityName"
+$principalId = (az identity show --resource-group $ResourceGroupName --name $ManagedIdentityName --subscription $SubscriptionId --query 'principalId' -o tsv)
+Write-Host "Managed identity principal ID: $($principalId)"
+
+$body = "{'principalId': '$principalId', 'resourceId': '$($appServicePrincipal)', 'appRoleId': '$($appRoleId)'}"
+Write-Host "Body: $body"
+
+az rest -m POST -u https://graph.microsoft.com/v1.0/servicePrincipals/$principalId/appRoleAssignments -b $body
@@ -31,7 +31,7 @@ The following error(s) were encountered:
 
         The `{VmrInfo.DefaultRelativeSourceManifestPath}` and `{VersionFiles.VersionDetailsXml}` files are managed by Maestro/darc. Outside of exceptional circumstances, these files should not be modified manually.
         **Unless you are sure that you know what you are doing, we recommend reaching out for help**. You can receive assistance by:
-        - tagging the **@dotnet/product-construction** team in a PR comment
+        - tagging the **@dotnet/prodconsvcs** team in a PR comment
         - using the [First Responder channel](https://teams.microsoft.com/l/channel/19%3Aafba3d1545dd45d7b79f34c1821f6055%40thread.skype/First%20Responders?groupId=4d73664c-9f2f-450d-82a5-c2f02756606dhttps://teams.microsoft.com/l/channel/19%3Aafba3d1545dd45d7b79f34c1821f6055%40thread.skype/First%20Responders?groupId=4d73664c-9f2f-450d-82a5-c2f02756606d),
         - [opening an issue](https://github.com/dotnet/arcade-services/issues/new?template=BLANK_ISSUE) in the dotnet/arcade-services repo
         - contacting the [.NET Product Construction Services team via e-mail](mailto:[email protected]).
 
@@ -8,9 +8,7 @@
 using Microsoft.DotNet.Darc.Options.VirtualMonoRepo;
 using Microsoft.DotNet.DarcLib;
 using Microsoft.DotNet.DarcLib.Helpers;
-using Microsoft.DotNet.DarcLib.Models.VirtualMonoRepo;
 using Microsoft.DotNet.DarcLib.VirtualMonoRepo;
-using Microsoft.DotNet.ProductConstructionService.Client.Models;
 using Microsoft.Extensions.Logging;
 
 #nullable enable
@@ -19,6 +17,7 @@ namespace Microsoft.DotNet.Darc.Operations.VirtualMonoRepo;
 internal class BackflowOperation(
     BackflowCommandLineOptions options,
     IVmrInfo vmrInfo,
+    IVmrForwardFlower forwardFlower,
     IVmrBackFlower backFlower,
     IBackflowConflictResolver backflowConflictResolver,
     IVmrCloneManager vmrCloneManager,
@@ -29,73 +28,40 @@ internal class BackflowOperation(
     IProcessManager processManager,
     IFileSystem fileSystem,
     ILogger<BackflowOperation> logger)
-    : CodeFlowOperation(options, vmrInfo, vmrCloneManager, dependencyTracker, dependencyFileManager, localGitRepoFactory, barApiClient, fileSystem, logger)
+    : CodeFlowOperation(options, forwardFlower, backFlower, backflowConflictResolver,  vmrInfo, vmrCloneManager, dependencyTracker, dependencyFileManager, localGitRepoFactory, barApiClient, fileSystem, logger)
 {
     private readonly BackflowCommandLineOptions _options = options;
     private readonly IVmrInfo _vmrInfo = vmrInfo;
-    private readonly IVmrBackFlower _backFlower = backFlower;
-    private readonly IBackflowConflictResolver _backflowConflictResolver = backflowConflictResolver;
     private readonly IProcessManager _processManager = processManager;
+    private readonly ILocalGitRepoFactory _localGitRepoFactory = localGitRepoFactory;
 
     protected override async Task ExecuteInternalAsync(
         string repoName,
         string? targetDirectory,
         IReadOnlyCollection<AdditionalRemote> additionalRemotes,
         CancellationToken cancellationToken)
     {
+        
         if (string.IsNullOrEmpty(targetDirectory))
         {
             throw new DarcException("Please specify path to a local repository to flow to");
         }
 
-        _vmrInfo.VmrPath = new NativePath(_options.VmrPath ?? _processManager.FindGitRoot(Environment.CurrentDirectory));
+        var vmrPath = new NativePath(_options.VmrPath ?? _processManager.FindGitRoot(Environment.CurrentDirectory));
         var targetRepoPath = new NativePath(_processManager.FindGitRoot(targetDirectory));
 
+        _vmrInfo.VmrPath = vmrPath;
+
+        var vmr = _localGitRepoFactory.Create(vmrPath);
+
+        var build = await GetOrCreateBuildAsync(vmr, _options.Build);
+
         await FlowCodeLocallyAsync(
             targetRepoPath,
             isForwardFlow: false,
             additionalRemotes,
+            build,
+            subscription: null,
             cancellationToken);
     }
-
-    protected override async Task<bool> FlowCodeAsync(
-        ILocalGitRepo productRepo,
-        Build build,
-        Codeflow currentFlow,
-        SourceMapping mapping,
-        string headBranch,
-        IReadOnlyList<string> excludedAssets,
-        CancellationToken cancellationToken)
-    {
-        LastFlows lastFlows = await _backFlower.GetLastFlowsAsync(
-            mapping.Name,
-            productRepo,
-            currentIsBackflow: true);
-
-        try
-        {
-            var result = await _backFlower.FlowBackAsync(
-                mapping.Name,
-                productRepo.Path,
-                build,
-                excludedAssets: excludedAssets,
-                headBranch,
-                headBranch,
-                enableRebase: true,
-                forceUpdate: true,
-                cancellationToken);
-
-            return result.HadUpdates;
-        }
-        finally
-        {
-            await _backflowConflictResolver.TryMergingBranchAndUpdateDependencies(
-                new CodeflowOptions(mapping, currentFlow, headBranch, headBranch, build, excludedAssets, true, false),
-                lastFlows,
-                productRepo,
-                headBranch,
-                headBranchExisted: true,
-                cancellationToken);
-        }
-    }
 }