Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

{PolicyInsights} Update SDK package azure-mgmt-policyinsights to 1.1.0b2 #22043

Merged
merged 10 commits into from
May 13, 2022
Merged

{PolicyInsights} Update SDK package azure-mgmt-policyinsights to 1.1.0b2 #22043

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
cac09a2
Update policy insights version
Apr 13, 2022
ae72c2e
Rerun tests
Apr 26, 2022
c417498
Re ran tests
May 5, 2022
5b3b17d
ran pi test
May 5, 2022
0f8b7d9
Fix the version and rerun tests in local
May 10, 2022
52285d0
re run az policy insights test
May 10, 2022
fa0e37f
re run az policy insights test again
May 10, 2022
6218cf9
uncomment record only
May 10, 2022
ee33279
re record test
May 11, 2022
1f85ef4
fix the subscriptionId in test
May 12, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8,357 changes: 4,834 additions & 3,523 deletions ...zure/cli/command_modules/policyinsights/tests/latest/recordings/test_policy_insights.yaml
View file
Open in desktop

Large diffs are not rendered by default.

49,178 changes: 32,929 additions & 16,249 deletions ...command_modules/policyinsights/tests/latest/recordings/test_policy_insights_metadata.yaml
View file
Open in desktop

Large diffs are not rendered by default.

852 changes: 307 additions & 545 deletions ...mand_modules/policyinsights/tests/latest/recordings/test_policy_insights_remediation.yaml
View file
Open in desktop

Large diffs are not rendered by default.

290 changes: 90 additions & 200 deletions ...les/policyinsights/tests/latest/recordings/test_policy_insights_remediation_complete.yaml
View file
Open in desktop

Large diffs are not rendered by default.

251 changes: 152 additions & 99 deletions ...cyinsights/tests/latest/recordings/test_policy_insights_remediation_management_group.yaml
View file
Open in desktop

Large diffs are not rendered by default.

382 changes: 182 additions & 200 deletions ...s/policyinsights/tests/latest/recordings/test_policy_insights_remediation_policy_set.yaml
View file
Open in desktop

Large diffs are not rendered by default.

260 changes: 75 additions & 185 deletions ...s/policyinsights/tests/latest/recordings/test_policy_insights_remediation_reevaluate.yaml
View file
Open in desktop

Large diffs are not rendered by default.

212 changes: 128 additions & 84 deletions ...mand_modules/policyinsights/tests/latest/recordings/test_policy_insights_triggerscan.yaml
View file
Open in desktop

Large diffs are not rendered by default.

51 changes: 30 additions & 21 deletions ...cli/azure/cli/command_modules/policyinsights/tests/latest/test_policyinsights_scenario.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,28 +11,38 @@

class PolicyInsightsTests(ScenarioTest):

# Current recording was recorded against "Azure Governance Policy UX Test" (e78961ba-36fe-4739-9212-e3031b4c8db7)
# Current recording was recorded against "Azure Governance Perf 24" (3593b919-b078-4cc1-902f-201232a97ac0)
@record_only()
@AllowLargeResponse()
@AllowLargeResponse(8192)
def test_policy_insights(self):
self.kwargs.update({
'managementGroupId': 'azgovperftest',
'resourceGroup': 'PSTestRG1',
'subscriptionId': '3593b919-b078-4cc1-902f-201232a97ac0',
'keyVault': 'PSTestKV',
'subnet': 'PSTestVN',
'setDefinition': 'PSTestInitiative',
'definition': 'PSTestDINEDefinition',
'assignment': 'pstestdeployassignmentsub'
})
top_clause = '--top 2'
filter_clause = '--filter "isCompliant eq false"'
apply_clause = '--apply "groupby((policyAssignmentId, resourceId), aggregate($count as numRecords))"'
select_clause = '--select "policyAssignmentId, resourceId, numRecords"'
order_by_clause = '--order-by "numRecords desc"'
from_clause = '--from "2021-07-01T00:00:00Z"'
to_clause = '--to "2021-07-03T01:30:00Z"'
from_clause = '--from "2022-04-01T00:00:00Z"'
to_clause = '--to "2022-04-03T01:30:00Z"'
scopes = [
'-m "azgovtest5"',
'-m {managementGroupId}',
'',
'-g "defaultresourcegroup-eus"',
'--resource "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cheggpolicy/providers/microsoft.keyvault/vaults/cheggtmpkv"',
'--resource "cheggkv" --namespace "microsoft.keyvault" --resource-type "vaults" -g "cheggpolicy"',
'--resource "subnet2" --namespace "microsoft.network" --resource-type "subnets" --parent "virtualnetworks/cheggvnet" -g "cheggpolicy"',
'-s "1f3afdf9-d0c9-4c3d-847f-89da613e70a8"',
'-d "34c877ad-507e-4c82-993e-3452a6e0ad3c"',
'-a "4d31128e32d04a0098fd536e"',
'-a "f32eeddfc32345b585f9a70b" -g "cheggpolicy" '
'-g {resourceGroup}',
'--resource "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroup}/providers/microsoft.keyvault/vaults/{keyVault}"',
Copy link
Contributor

@zhoxing-ms zhoxing-ms May 12, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@najagasi Why do you want to replace the subscription id from 00000000-0000-0000-0000-000000000000 to 3593b919-b078-4cc1-902f-201232a97ac0? Please don't replace it and try again

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this fixed it, thank you!

'--resource "{keyVault}" --namespace "microsoft.keyvault" --resource-type "vaults" -g "{resourceGroup}"',
'--resource "default" --namespace "microsoft.network" --resource-type "subnets" --parent "virtualnetworks/{subnet}" -g "{resourceGroup}"',
'-s {setDefinition}',
'-d {definition}',
'-a {assignment}',
'-a {assignment} -g {resourceGroup}'
]

for scope in scopes:
Expand Down Expand Up @@ -359,17 +369,17 @@ def test_policy_insights_remediation_management_group(self):
# This record_only test executes a real remediation against a known non-compliant policy
# Test setup required for running the test live:
# 1. Create a resource group by name 'az-cli-policy-insights-test'
# 2. Create 2 Windows 10 Pro VMs in two different regions in above RG
# 3. At above RG scope, create a new policy assignment for built-in definition with name 'e0efc13a-122a-47c5-b817-2ccfe5d12615' and display name 'Deploy requirements to audit Windows VMs that do not have the specified Windows PowerShell execution policy'
# 2. Create 2 storage accounts in two different regions in above RG
# 3. At above RG scope, create a new policy assignment for built-in definition with name '361c2074-3595-4e5d-8cab-4f21dffc835c' and display name 'Deploy Advanced Threat Protection on storage accounts'
# 4. Update the 'pan' key value in test code below with the assignment name created above
# 5. Trigger an on-demand evaluation scan on above RG by calling triggerEvaluation API. Check https://docs.microsoft.com/en-us/azure/governance/policy/how-to/get-compliance-data#on-demand-evaluation-scan
# 6. After step 5 completes, you should see the two VMs listed as non-compliant resources for the above assignment
# 6. After step 5 completes, you should see the two storage accounts listed as non-compliant resources for the above assignment
# 7. Now run the testcase in live mode using command 'azdev test test_policy_insights_remediation_complete --live'
@record_only()
@AllowLargeResponse()
@AllowLargeResponse(8192)
def test_policy_insights_remediation_complete(self):
self.kwargs.update({
'pan': '98904c39668a4f70804aef09',
'pan': '4ecaf5f81bad4bfc86b132fb',
'rg': 'az-cli-policy-insights-test',
'rn': self.create_random_name('azurecli-test-remediation', 40)
})
Expand All @@ -380,7 +390,6 @@ def test_policy_insights_remediation_complete(self):
# create a remediation at resource group scope
self.cmd('policy remediation create -n {rn} -g {rg} -a {pan}', checks=[
self.check('name', '{rn}'),
self.check('provisioningState', 'Accepted'),
self.check('resourceGroup', '{rg}'),
self.check('policyAssignmentId', '{pid}'),
self.check('policyDefinitionReferenceId', None),
Expand Down Expand Up @@ -411,7 +420,7 @@ def test_policy_insights_remediation_complete(self):
self.exists('[0].lastUpdatedOn'),
self.exists('[0].resourceLocation'),
self.exists('[0].status'),
self.check("length([?contains(@.remediatedResourceId, '/resourcegroups/{rg}/providers/microsoft.compute/virtualmachines')])", 2)
self.check("length([?contains(@.remediatedResourceId, '/resourcegroups/{rg}/providers/microsoft.storage/storageaccounts')])", 2)
])

# cancel the remediation
Expand Down Expand Up @@ -471,7 +480,7 @@ def test_policy_insights_remediation_reevaluate(self, resource_group_location, s
self.check('provisioningState', 'Cancelling')
])

@AllowLargeResponse()
@AllowLargeResponse(8192)
def test_policy_insights_metadata(self):
# Get all metadata resources
all_metadata_resources = self.cmd('policy metadata list').get_output_in_json()
Expand Down
2 changes: 1 addition & 1 deletion src/azure-cli/requirements.py3.Darwin.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ azure-mgmt-monitor==3.0.0
azure-mgmt-msi==6.0.0
azure-mgmt-netapp==7.0.0
azure-mgmt-network==19.3.0
azure-mgmt-policyinsights==1.0.0
azure-mgmt-policyinsights==1.1.0b2
azure-mgmt-privatedns==1.0.0
azure-mgmt-rdbms==10.0.0
azure-mgmt-recoveryservices==2.0.0
Expand Down
2 changes: 1 addition & 1 deletion src/azure-cli/requirements.py3.Linux.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ azure-mgmt-monitor==3.0.0
azure-mgmt-msi==6.0.0
azure-mgmt-netapp==7.0.0
azure-mgmt-network==19.3.0
azure-mgmt-policyinsights==1.0.0
azure-mgmt-policyinsights==1.1.0b2
azure-mgmt-privatedns==1.0.0
azure-mgmt-rdbms==10.0.0
azure-mgmt-recoveryservices==2.0.0
Expand Down
2 changes: 1 addition & 1 deletion src/azure-cli/requirements.py3.windows.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ azure-mgmt-monitor==3.0.0
azure-mgmt-msi==6.0.0
azure-mgmt-netapp==7.0.0
azure-mgmt-network==19.3.0
azure-mgmt-policyinsights==1.0.0
azure-mgmt-policyinsights==1.1.0b2
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why the SDK package is a beta version?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is the latest python sdk version https://pypi.org/project/azure-mgmt-policyinsights/1.1.0b2/

Copy link
Contributor

@zhoxing-ms zhoxing-ms Apr 27, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@najagasi In fact, what I want to ask is why the latest SDK version is a beta version, is because it contains some unstable features or big changes?
If so, will it affect the existing commands?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this fixes an issue we had ran into wherein the python sdk was making GET calls for nextLink instead of POST calls. Fix was needed in Policy Insights swagger and
py sdk release

in this PR bumping it to 1.1.0b2 fixes the issue in cli

azure-mgmt-privatedns==1.0.0
azure-mgmt-rdbms==10.0.0
azure-mgmt-recoveryservices==2.0.0
Expand Down
2 changes: 1 addition & 1 deletion src/azure-cli/setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@
'azure-mgmt-msi~=6.0.0',
'azure-mgmt-netapp~=7.0.0',
'azure-mgmt-network~=19.3.0',
'azure-mgmt-policyinsights~=1.0.0',
'azure-mgmt-policyinsights~=1.1.0b2',
'azure-mgmt-privatedns~=1.0.0',
'azure-mgmt-rdbms~=10.0.0',
'azure-mgmt-recoveryservicesbackup~=4.1.1',
Expand Down