From f50cde4b9e9a41abf32cf1d74191b7dc47ec5d50 Mon Sep 17 00:00:00 2001 From: Ben Broderick Phillips Date: Thu, 7 Sep 2023 17:12:57 -0400 Subject: [PATCH 1/2] Move identity live test variables into subscription config --- sdk/identity/tests.yml | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/sdk/identity/tests.yml b/sdk/identity/tests.yml index cbb21492e337..90129018b47c 100644 --- a/sdk/identity/tests.yml +++ b/sdk/identity/tests.yml @@ -4,14 +4,17 @@ stages: - template: ../../eng/pipelines/templates/stages/archetype-sdk-tests.yml parameters: ServiceDirectory: identity + CloudConfig: + Public: + SubscriptionConfigurations: + - $(sub-config-azure-cloud-test-resources) + # Contains alternate tenant, AAD app and cert info for testing + - $(sub-config-identity-test-resources) + - $(sub-config-identity-test-resources-python) EnvVars: - AZURE_CLIENT_ID: $(python-identity-client-id) - AZURE_CLIENT_SECRET: $(python-identity-client-secret) - AZURE_TENANT_ID: $(aad-azure-sdk-test-tenant-id) - CERTIFICATE_PASSWORD: $(python-identity-certificate-password) - PEM_CONTENT: $(python-identity-certificate) - PEM_CONTENT_PASSWORD_PROTECTED: $(python-identity-certificate-with-password) - PFX_CONTENT: $(python-identity-certificate-pfx) - PFX_CONTENT_PASSWORD_PROTECTED: $(python-identity-certificate-with-password-pfx) + AZURE_CLIENT_ID: $(IDENTITY_CLIENT_ID) + AZURE_CLIENT_SECRET: $(IDENTITY_CLIENT_SECRET) + AZURE_TENANT_ID: $(IDENTITY_TENANT_ID) + AZURE_SUBSCRIPTION_ID: $(IDENTITY_SUBSCRIPTION_ID) AZURE_TEST_RUN_LIVE: true AZURE_SKIP_LIVE_RECORDING: 'True' From fee164a1c8c4a2bfe6677ecfa1eca2820d62900c Mon Sep 17 00:00:00 2001 From: Ben Broderick Phillips Date: Wed, 27 Sep 2023 16:02:27 -0400 Subject: [PATCH 2/2] Add test resources setup logic for identity live tests --- sdk/identity/test-resources-pre.ps1 | 41 +++++++++++++++++++++++++++++ sdk/identity/test-resources.bicep | 1 + 2 files changed, 42 insertions(+) create mode 100644 sdk/identity/test-resources-pre.ps1 create mode 100644 sdk/identity/test-resources.bicep diff --git a/sdk/identity/test-resources-pre.ps1 b/sdk/identity/test-resources-pre.ps1 new file mode 100644 index 000000000000..e2a107fcc34b --- /dev/null +++ b/sdk/identity/test-resources-pre.ps1 @@ -0,0 +1,41 @@ +[CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] +param ( + # Captures any arguments from eng/New-TestResources.ps1 not declared here (no parameter errors). + [Parameter(ValueFromRemainingArguments = $true)] + $RemainingArguments +) + +if (!$CI) { + # TODO: Remove this once auto-cloud config downloads are supported locally + Write-Host "Skipping cert setup in local testing mode" + return +} + +if ($EnvironmentVariables -eq $null -or $EnvironmentVariables.Count -eq 0) { + throw "EnvironmentVariables must be set in the calling script New-TestResources.ps1" +} + +$tmp = $env:TEMP ? $env:TEMP : [System.IO.Path]::GetTempPath() +$pemPath = Join-Path $tmp "test.pem" +$pemPasswordProtectedPath = Join-Path $tmp "testPasswordProtected.pem" + +Write-Host "Creating identity test files: $pemPath $pemPasswordProtectedPath" + +$pemContent = $EnvironmentVariables['PEM_CONTENT'] -replace "\n","`n" +$pemContentPasswordProtected = $EnvironmentVariables['PEM_CONTENT_PASSWORD_PROTECTED'] -replace "\n","`n" + +Set-Content -Path $pemPath -Value $pemContent +Set-Content -Path $pemPasswordProtectedPath -Value $pemContentPasswordProtected + +# Set for pipeline +Write-Host "##vso[task.setvariable variable=IDENTITY_CERT_PEM;]$pemPath" +Write-Host "##vso[task.setvariable variable=IDENTITY_CERT_PEM_PASSWORD_PROTECTED;]$pemPasswordProtectedPath" +Write-Host "##vso[task.setvariable variable=CERTIFICATE_PASSWORD;]$($EnvironmentVariables['CERTIFICATE_PASSWORD'])" +Write-Host "##vso[task.setvariable variable=PFX_CONTENT;]$($EnvironmentVariables['PFX_CONTENT'])" +Write-Host "##vso[task.setvariable variable=PFX_CONTENT_PASSWORD_PROTECTED;]$($EnvironmentVariables['PFX_CONTENT_PASSWORD_PROTECTED'])" +# Set for local +$env:IDENTITY_CERT_PEM = $pemPath +$env:IDENTITY_CERT_PEM_PASSWORD_PROTECTED = $pemPasswordProtectedPath +$env:CERTIFICATE_PASSWORD = $EnvironmentVariables['CERTIFICATE_PASSWORD'] +$env:PFX_CONTENT = $EnvironmentVariables['PFX_CONTENT'] +$env:PFX_CONTENT_PASSWORD_PROTECTED = $EnvironmentVariables['PFX_CONTENT_PASSWORD_PROTECTED'] diff --git a/sdk/identity/test-resources.bicep b/sdk/identity/test-resources.bicep new file mode 100644 index 000000000000..b3490d3b50af --- /dev/null +++ b/sdk/identity/test-resources.bicep @@ -0,0 +1 @@ +param baseName string