def test_group_deployment_thru_uri(self, resource_group):
self.resource_group = resource_group
curr_dir = os.path.dirname(os.path.realpath(__file__))
# same copy of the sample template file under current folder, but it is uri based now
template_uri = 'https://raw.githubusercontent.com/Azure/azure-cli/master/src/' \
'command_modules/azure-cli-resource/azure/cli/command_modules/resource/tests/simple_deploy.json'
parameters_file = os.path.join(
curr_dir, 'simple_deploy_parameters.json').replace('\\', '\\\\')
result = self.cmd(
'group deployment create -g {} --template-uri {} --parameters @{}'.
format(self.resource_group, template_uri, parameters_file),
checks=[
JCheck('properties.provisioningState', 'Succeeded'),
JCheck('resourceGroup', self.resource_group),
]).get_output_in_json()
deployment_name = result['name']
result = self.cmd('group deployment show -g {} -n {}'.format(
self.resource_group, deployment_name),
checks=JCheck('name', deployment_name))
self.cmd('group deployment delete -g {} -n {}'.format(
self.resource_group, deployment_name))
self.cmd('group deployment list -g {}'.format(self.resource_group),
checks=NoneCheck())
def test_group_deployment(self, resource_group):
curr_dir = os.path.dirname(os.path.realpath(__file__))
template_file = os.path.join(curr_dir, 'test-template.json').replace('\\', '\\\\')
parameters_file = os.path.join(curr_dir, 'test-params.json').replace('\\', '\\\\')
object_file = os.path.join(curr_dir, 'test-object.json').replace('\\', '\\\\')
deployment_name = 'azure-cli-deployment'
subnet_id = self.cmd('network vnet create -g {} -n vnet1 --subnet-name subnet1'.format(resource_group)).get_output_in_json()['newVNet']['subnets'][0]['id']
self.cmd('group deployment validate -g {} --template-file {} --parameters @"{}" --parameters subnetId="{}" --parameters backendAddressPools=@"{}"'.format(
resource_group, template_file, parameters_file, subnet_id, object_file), checks=[
JCheck('properties.provisioningState', 'Succeeded')
])
self.cmd('group deployment create -g {} -n {} --template-file {} --parameters @"{}" --parameters subnetId="{}" --parameters backendAddressPools=@"{}"'.format(
resource_group, deployment_name, template_file, parameters_file, subnet_id, object_file), checks=[
JCheck('properties.provisioningState', 'Succeeded'),
JCheck('resourceGroup', resource_group),
])
self.cmd('network lb show -g {} -n test-lb'.format(resource_group), checks=[
JCheck('tags', {'key': 'super=value'})
])
self.cmd('group deployment list -g {}'.format(resource_group), checks=[
JCheck('[0].name', deployment_name),
JCheck('[0].resourceGroup', resource_group)
])
self.cmd('group deployment show -g {} -n {}'.format(resource_group, deployment_name), checks=[
JCheck('name', deployment_name),
JCheck('resourceGroup', resource_group)
])
self.cmd('group deployment operation list -g {} -n {}'.format(resource_group, deployment_name), checks=[
JCheck('length([])', 2),
JCheck('[0].resourceGroup', resource_group)
])
def test_resource_create_and_show(self, resource_group, resource_group_location):
appservice_plan = 'cli_res_create_plan'
webapp = 'clirescreateweb'
self.cmd('resource create -g {} -n {} --resource-type Microsoft.web/serverFarms '
'--is-full-object --properties "{{\\"location\\":\\"{}\\",\\"sku\\":{{\\"name\\":'
'\\"B1\\",\\"tier\\":\\"BASIC\\"}}}}"'.format(resource_group,
appservice_plan,
resource_group_location),
checks=[JCheck('name', appservice_plan)])
result = self.cmd(
'resource create -g {} -n {} --resource-type Microsoft.web/sites --properties '
'"{{\\"serverFarmId\\":\\"{}\\"}}"'.format(resource_group,
webapp,
appservice_plan),
checks=[JCheck('name', webapp)]).get_output_in_json()
app_settings_id = result['id'] + '/config/appsettings'
self.cmd('resource create --id {} --properties "{{\\"key2\\":\\"value12\\"}}"'.format(
app_settings_id), checks=[JCheck('properties.key2', 'value12')])
self.cmd('resource show --id {}'.format(result['id'] + '/config/web'), checks=[
JCheck('properties.publishingUsername', '$' + webapp) # spot check
])
self.cmd('resource show --id {} --include-response-body'.format(result['id'] + '/config/web'), checks=[
JCheck('responseBody.properties.publishingUsername', '$' + webapp) # spot check
])
def test_group_deployment_crossrg(self, resource_group, resource_group_cross):
curr_dir = os.path.dirname(os.path.realpath(__file__))
template_file = os.path.join(curr_dir, 'crossrg_deploy.json').replace('\\', '\\\\')
deployment_name = self.create_random_name('azure-cli-crossrgdeployment', 40)
storage_account_1 = create_random_name(prefix='crossrg')
storage_account_2 = create_random_name(prefix='crossrg')
self.cmd(
'group deployment validate -g {} --template-file {} --parameters CrossRg={} StorageAccountName1={} StorageAccountName2={}'.format(
resource_group, template_file, resource_group_cross, storage_account_1, storage_account_2), checks=[
JCheck('properties.provisioningState', 'Succeeded')
])
self.cmd('group deployment create -g {} -n {} --template-file {} --parameters CrossRg={}'.format(
resource_group, deployment_name, template_file, resource_group_cross), checks=[
JCheck('properties.provisioningState', 'Succeeded'),
JCheck('resourceGroup', resource_group),
])
self.cmd('group deployment list -g {}'.format(resource_group), checks=[
JCheck('[0].name', deployment_name),
JCheck('[0].resourceGroup', resource_group)
])
self.cmd('group deployment show -g {} -n {}'.format(resource_group, deployment_name), checks=[
JCheck('name', deployment_name),
JCheck('resourceGroup', resource_group)
])
self.cmd('group deployment operation list -g {} -n {}'.format(resource_group, deployment_name), checks=[
JCheck('length([])', 3),
JCheck('[0].resourceGroup', resource_group)
])
def test_group_deployment_lite(self, resource_group):
# ensures that a template that is missing "parameters" or "resources" still deploys
curr_dir = os.path.dirname(os.path.realpath(__file__))
template_file = os.path.join(curr_dir, 'test-template-lite.json').replace('\\', '\\\\')
deployment_name = self.create_random_name('azure-cli-deployment', 30)
self.cmd('group deployment create -g {} -n {} --template-file {}'.format(
resource_group, deployment_name, template_file), checks=[
JCheck('properties.provisioningState', 'Succeeded'),
JCheck('resourceGroup', resource_group),
])
def test_managedapp(self, resource_group):
location = 'westcentralus'
appdef_name = 'testappdefname'
appdef_display_name = 'test_appdef_123'
appdef_description = 'test_appdef_123'
packageUri = 'https:\/\/wud.blob.core.windows.net\/appliance\/SingleStorageAccount.zip'
auth = '5e91139a-c94b-462e-a6ff-1ee95e8aac07:8e3af657-a8ff-443c-a75c-2fe8c4bcb635'
lock = 'None'
# create a managedapp definition
create_cmd = 'managedapp definition create -n {} --package-file-uri {} --display-name {} --description {} -l {} -a {} --lock-level {} -g {}'
managedappdef = self.cmd(
create_cmd.format(appdef_name, packageUri, appdef_display_name,
appdef_description, location, auth, lock,
resource_group)).get_output_in_json()
# create a managedapp
managedapp_name = 'mymanagedapp'
managedapp_loc = 'westcentralus'
managedapp_kind = 'servicecatalog'
newrg = self.create_random_name('climanagedapp', 25)
managedrg = '/subscriptions/{}/resourceGroups/{}'.format(
managedappdef['id'].split("/")[2], newrg)
create_cmd = 'managedapp create -n {} -g {} -l {} --kind {} -m {} -d {}'
app = self.cmd(create_cmd.format(managedapp_name, resource_group,
managedapp_loc, managedapp_kind,
managedrg, managedappdef['id']),
checks=[
JCheck('name', managedapp_name),
JCheck('type', 'Microsoft.Solutions/applications'),
JCheck('kind', 'servicecatalog'),
JCheck('managedResourceGroupId', managedrg)
]).get_output_in_json()
# list and show
list_byrg_cmd = 'managedapp list -g {}'
self.cmd(list_byrg_cmd.format(resource_group),
checks=[JCheck('[0].name', managedapp_name)])
show_cmd = 'managedapp show --ids {}'
self.cmd(show_cmd.format(app['id']),
checks=[
JCheck('name', managedapp_name),
JCheck('type', 'Microsoft.Solutions/applications'),
JCheck('kind', 'servicecatalog'),
JCheck('managedResourceGroupId', managedrg)
])
# delete
self.cmd('managedapp delete -g {} -n {}'.format(
resource_group, managedapp_name))
self.cmd('managedapp list -g {}'.format(resource_group),
checks=NoneCheck())
def test_resource_move(self, resource_group, resource_group_dest):
nsg1_name = self.create_random_name('nsg-move', 20)
nsg2_name = self.create_random_name('nsg-move', 20)
nsg1 = self.cmd('network nsg create -n {} -g {}'.format(nsg1_name, resource_group)).get_output_in_json()
nsg2 = self.cmd('network nsg create -n {} -g {}'.format(nsg2_name, resource_group)).get_output_in_json()
nsg1_id = nsg1['NewNSG']['id']
nsg2_id = nsg2['NewNSG']['id']
self.cmd('resource move --ids {} {} --destination-group {}'.format(nsg1_id, nsg2_id, resource_group_dest))
self.cmd('network nsg show -g {} -n {}'.format(resource_group_dest, nsg1_name), checks=[
JCheck('name', nsg1_name)])
self.cmd('network nsg show -g {} -n {}'.format(resource_group_dest, nsg2_name), checks=[
JCheck('name', nsg2_name)])
def test_show_built_in_policy(self):
result = self.cmd(
'policy definition list --query "[?policyType==\'BuiltIn\']|[0]"'
).get_output_in_json()
policy_name = result['name']
self.cmd('policy definition show -n ' + policy_name,
checks=[JCheck('name', policy_name)])
def test_resource_group(self, resource_group):
s = self
rg = resource_group
s.cmd('group delete -n {} --yes'.format(rg))
s.cmd('group exists -n {}'.format(rg), checks=NoneCheck())
s.cmd('group create -n {} -l westus --tag a=b c'.format(rg),
checks=[JCheck('name', rg),
JCheck('tags', {
'a': 'b',
'c': ''
})])
s.cmd('group exists -n {}'.format(rg), checks=BooleanCheck(True))
s.cmd('group show -n {}'.format(rg),
checks=[JCheck('name', rg),
JCheck('tags', {
'a': 'b',
'c': ''
})])
s.cmd('group list --tag a=b',
checks=[
JCheck('[0].name', rg),
JCheck('[0].tags', {
'a': 'b',
'c': ''
})
])
def test_crossrgdeployment(self, resource_group):
curr_dir = os.path.dirname(os.path.realpath(__file__))
template_file = os.path.join(curr_dir, 'crossrg_deploy.json').replace(
'\\', '\\\\')
parameters_file = os.path.join(
curr_dir, 'crossrg_deploy_parameters.json').replace('\\', '\\\\')
deployment_name = 'azure-cli-crossrgdeployment'
self.cmd(
'group deployment validate -g {} --template-file {} --parameters @{}'
.format(resource_group, template_file, parameters_file),
checks=[JCheck('properties.provisioningState', 'Succeeded')])
self.cmd(
'group deployment create -g {} -n {} --template-file {} --parameters @{}'
.format(resource_group, deployment_name, template_file,
parameters_file),
checks=[
JCheck('properties.provisioningState', 'Succeeded'),
JCheck('resourceGroup', resource_group),
])
self.cmd('group deployment list -g {}'.format(resource_group),
checks=[
JCheck('[0].name', deployment_name),
JCheck('[0].resourceGroup', resource_group)
])
self.cmd('group deployment show -g {} -n {}'.format(
resource_group, deployment_name),
checks=[
JCheck('name', deployment_name),
JCheck('resourceGroup', resource_group)
])
self.cmd('group deployment operation list -g {} -n {}'.format(
resource_group, deployment_name),
checks=[
JCheck('length([])', 3),
JCheck('[0].resourceGroup', resource_group)
])
def test_resource_scenario(self, resource_group):
from azure_devtools.scenario_tests import LargeResponseBodyProcessor
large_resp_body = next((r for r in self.recording_processors if isinstance(r, LargeResponseBodyProcessor)), None)
if large_resp_body:
large_resp_body._max_response_body = 4096
vnet_name = self.create_random_name('cli-test-vnet', 30)
subnet_name = self.create_random_name('cli-test-subnet', 30)
vnet_type = 'Microsoft.Network/virtualNetworks'
self.cmd('network vnet create -g {} -n {} --subnet-name {} --tags cli-test=test'.format(
resource_group, vnet_name, subnet_name))
self.cmd('resource list', checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
self.cmd('resource list -l southcentralus',
checks=JCheck("length([?location == 'southcentralus']) == length(@)", True))
self.cmd('resource list --resource-type {}'.format(vnet_type),
checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
self.cmd('resource list --name {}'.format(vnet_name),
checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
self.cmd('resource list --tag cli-test', checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
self.cmd('resource list --tag cli-test=test', checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
# check for simple resource with tag
self.cmd('resource show -n {} -g {} --resource-type {}'.format(vnet_name, resource_group, vnet_type), checks=[
JCheck('name', vnet_name),
JCheck('location', 'southcentralus'),
JCheck('resourceGroup', resource_group),
JCheck('tags', {'cli-test': 'test'})])
# check for child resource
self.cmd(
'resource show -n {} -g {} --namespace Microsoft.Network --parent virtualNetworks/{}'
' --resource-type subnets'.format(subnet_name, resource_group, vnet_name), checks=[
JCheck('name', subnet_name),
JCheck('resourceGroup', resource_group)])
# clear tag and verify
self.cmd('resource tag -n {} -g {} --resource-type {} --tags'.format(vnet_name, resource_group, vnet_type))
self.cmd('resource show -n {} -g {} --resource-type {}'
.format(vnet_name, resource_group, vnet_type), checks=JCheck('tags', {}))
# delete resource and verify
self.cmd('resource delete -n {} -g {} --resource-type {}'.format(vnet_name, resource_group, vnet_type))
time.sleep(10)
self.cmd('resource list', checks=JCheck("length([?name=='{}'])".format(vnet_name), 0))
def test_managedappdef_inline(self, resource_group):
location = 'eastus2euap'
appdef_name = self.create_random_name('testappdefname', 20)
appdef_display_name = self.create_random_name('test_appdef', 20)
appdef_description = 'test_appdef_123'
auth = '5e91139a-c94b-462e-a6ff-1ee95e8aac07:8e3af657-a8ff-443c-a75c-2fe8c4bcb635'
lock = 'None'
curr_dir = os.path.dirname(os.path.realpath(__file__))
createUiDef_file = os.path.join(curr_dir, 'sample_create_ui_definition.json').replace('\\', '\\\\')
mainTemplate_file = os.path.join(curr_dir, 'sample_main_template.json').replace('\\', '\\\\')
# create a managedapp definition with inline params for create-ui-definition and main-template
create_cmd = 'managedapp definition create -n {} --create-ui-definition @"{}" --main-template @"{}" --display-name {} --description {} -l {} -a {} --lock-level {} -g {}'
appdef = self.cmd(
create_cmd.format(appdef_name, createUiDef_file, mainTemplate_file, appdef_display_name, appdef_description,
location, auth, lock, resource_group), checks=[
JCheck('name', appdef_name),
JCheck('displayName', appdef_display_name),
JCheck('description', appdef_description),
JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'),
JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'),
JCheck('artifacts[0].name', 'ApplicationResourceTemplate'),
JCheck('artifacts[0].type', 'Template'),
JCheck('artifacts[1].name', 'CreateUiDefinition'),
JCheck('artifacts[1].type', 'Custom')
]).get_output_in_json()
# list and show it
list_cmd = 'managedapp definition list -g {}'
self.cmd(list_cmd.format(resource_group), checks=[
JCheck('[0].name', appdef_name)
])
show_cmd = 'managedapp definition show --ids {}'
self.cmd(show_cmd.format(appdef['id']), checks=[
JCheck('name', appdef_name),
JCheck('displayName', appdef_display_name),
JCheck('description', appdef_description),
JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'),
JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'),
JCheck('artifacts[0].name', 'ApplicationResourceTemplate'),
JCheck('artifacts[0].type', 'Template'),
JCheck('artifacts[1].name', 'CreateUiDefinition'),
JCheck('artifacts[1].type', 'Custom')
])
# delete
self.cmd('managedapp definition delete -g {} -n {}'.format(resource_group, appdef_name))
self.cmd('managedapp definition list -g {}'.format(resource_group), checks=NoneCheck())
def test_managedappdef(self, resource_group):
location = 'eastus2euap'
appdef_name = self.create_random_name('testappdefname', 20)
appdef_display_name = self.create_random_name('test_appdef', 20)
appdef_description = 'test_appdef_123'
packageUri = 'https:\/\/testclinew.blob.core.windows.net\/files\/vivekMAD.zip'
auth = '5e91139a-c94b-462e-a6ff-1ee95e8aac07:8e3af657-a8ff-443c-a75c-2fe8c4bcb635'
lock = 'None'
# create a managedapp definition
create_cmd = 'managedapp definition create -n {} --package-file-uri {} --display-name {} --description {} -l {} -a {} --lock-level {} -g {}'
appdef = self.cmd(
create_cmd.format(appdef_name, packageUri, appdef_display_name, appdef_description, location, auth, lock,
resource_group), checks=[
JCheck('name', appdef_name),
JCheck('displayName', appdef_display_name),
JCheck('description', appdef_description),
JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'),
JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'),
JCheck('artifacts[0].name', 'ApplicationResourceTemplate'),
JCheck('artifacts[0].type', 'Template'),
JCheck('artifacts[1].name', 'CreateUiDefinition'),
JCheck('artifacts[1].type', 'Custom')
]).get_output_in_json()
# list and show it
list_cmd = 'managedapp definition list -g {}'
self.cmd(list_cmd.format(resource_group), checks=[
JCheck('[0].name', appdef_name)
])
show_cmd = 'managedapp definition show --ids {}'
self.cmd(show_cmd.format(appdef['id']), checks=[
JCheck('name', appdef_name),
JCheck('displayName', appdef_display_name),
JCheck('description', appdef_description),
JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'),
JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'),
JCheck('artifacts[0].name', 'ApplicationResourceTemplate'),
JCheck('artifacts[0].type', 'Template'),
JCheck('artifacts[1].name', 'CreateUiDefinition'),
JCheck('artifacts[1].type', 'Custom')
])
# delete
self.cmd('managedapp definition delete -g {} -n {}'.format(resource_group, appdef_name))
self.cmd('managedapp definition list -g {}'.format(resource_group), checks=NoneCheck())
def test_resource_policyset(self, resource_group):
policy_name = self.create_random_name('azure-cli-test-policy', 30)
policy_display_name = self.create_random_name('test_policy', 20)
policy_description = 'desc_for_test_policy_123'
policyset_name = self.create_random_name('azure-cli-test-policyset', 30)
policyset_display_name = self.create_random_name('test_policyset', 20)
policyset_description = 'desc_for_test_policyset_123'
curr_dir = os.path.dirname(os.path.realpath(__file__))
rules_file = os.path.join(curr_dir, 'sample_policy_rule.json').replace('\\', '\\\\')
policyset_file = os.path.join(curr_dir, 'sample_policy_set.json').replace('\\', '\\\\')
params_def_file = os.path.join(curr_dir, 'sample_policy_param_def.json').replace('\\', '\\\\')
# create a policy
policycreatecmd = 'policy definition create -n {} --rules {} --params {} --display-name {} --description {}'
policy = self.cmd(policycreatecmd.format(policy_name, rules_file, params_def_file, policy_display_name,
policy_description)).get_output_in_json()
# create a policy set
policyset = get_file_json(policyset_file)
policyset[0]['policyDefinitionId'] = policy['id']
with open(os.path.join(curr_dir, 'sample_policy_set.json'), 'w') as outfile:
json.dump(policyset, outfile)
self.cmd('policy set-definition create -n {} --definitions @"{}" --display-name {} --description {}'.format(
policyset_name, policyset_file, policyset_display_name, policyset_description),
checks=[JCheck('name', policyset_name),
JCheck('displayName', policyset_display_name),
JCheck('description', policyset_description)])
# update it
new_policyset_description = policy_description + '_new'
self.cmd(
'policy set-definition update -n {} --description {}'.format(policyset_name, new_policyset_description),
checks=JCheck('description', new_policyset_description))
# list and show it
self.cmd('policy set-definition list', checks=JMESPathCheck("length([?name=='{}'])".format(policyset_name), 1))
self.cmd('policy set-definition show -n {}'.format(policyset_name),
checks=[JCheck('name', policyset_name),
JCheck('displayName', policyset_display_name)])
# create a policy assignment on a resource group
policy_assignment_name = self.create_random_name('azurecli-test-policy-assignment', 40)
policy_assignment_display_name = self.create_random_name('test_assignment', 20)
self.cmd('policy assignment create -d {} -n {} --display-name {} -g {}'.format(
policyset_name, policy_assignment_name, policy_assignment_display_name, resource_group),
checks=[JCheck('name', policy_assignment_name),
JCheck('displayName', policy_assignment_display_name),
JCheck('sku.name', 'A0'),
JCheck('sku.tier', 'Free')])
# delete the assignment
self.cmd('policy assignment delete -n {} -g {}'.format(policy_assignment_name, resource_group))
self.cmd('policy assignment list --disable-scope-strict-match')
# delete the policy set
self.cmd('policy set-definition delete -n {}'.format(policyset_name))
time.sleep(10) # ensure the policy is gone when run live.
self.cmd('policy set-definition list', checks=JCheck("length([?name=='{}'])".format(policyset_name), 0))
def test_resource_policy(self, resource_group):
policy_name = self.create_random_name('azure-cli-test-policy', 30)
policy_display_name = self.create_random_name('test_policy', 20)
policy_description = 'desc_for_test_policy_123'
curr_dir = os.path.dirname(os.path.realpath(__file__))
rules_file = os.path.join(curr_dir, 'sample_policy_rule.json').replace('\\', '\\\\')
params_def_file = os.path.join(curr_dir, 'sample_policy_param_def.json').replace('\\', '\\\\')
params_file = os.path.join(curr_dir, 'sample_policy_param.json').replace('\\', '\\\\')
mode = 'Indexed'
# create a policy
self.cmd(
'policy definition create -n {} --rules {} --params {} --display-name {} --description {} --mode {}'.format(
policy_name, rules_file, params_def_file, policy_display_name, policy_description, mode),
checks=[
JCheck('name', policy_name),
JCheck('displayName', policy_display_name),
JCheck('description', policy_description),
JCheck('mode', mode)
]
)
# update it
new_policy_description = policy_description + '_new'
self.cmd('policy definition update -n {} --description {}'.format(policy_name, new_policy_description),
checks=JCheck('description', new_policy_description))
# list and show it
self.cmd('policy definition list', checks=JMESPathCheck("length([?name=='{}'])".format(policy_name), 1))
self.cmd('policy definition show -n {}'.format(policy_name), checks=[
JCheck('name', policy_name),
JCheck('displayName', policy_display_name)
])
# create a policy assignment on a resource group
policy_assignment_name = self.create_random_name('azurecli-test-policy-assignment', 40)
policy_assignment_display_name = self.create_random_name('test_assignment', 20)
self.cmd('policy assignment create --policy {} -n {} --display-name {} -g {} --params {}'.format(
policy_name, policy_assignment_name, policy_assignment_display_name, resource_group, params_file),
checks=[JCheck('name', policy_assignment_name),
JCheck('displayName', policy_assignment_display_name),
JCheck('sku.name', 'A0'),
JCheck('sku.tier', 'Free')])
# create a policy assignment with not scopes and standard sku
get_cmd = 'group show -n {}'
rg = self.cmd(get_cmd.format(resource_group)).get_output_in_json()
vnet_name = self.create_random_name('azurecli-test-policy-vnet', 40)
subnet_name = self.create_random_name('azurecli-test-policy-subnet', 40)
vnetcreatecmd = 'network vnet create -g {} -n {} --subnet-name {}'
self.cmd(vnetcreatecmd.format(resource_group, vnet_name, subnet_name))
notscope = '/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/virtualNetworks'.format(
rg['id'].split("/")[2], resource_group)
self.cmd(
'policy assignment create --policy {} -n {} --display-name {} -g {} --not-scopes {} --params {} --sku {}'.format(
policy_name, policy_assignment_name, policy_assignment_display_name, resource_group, notscope,
params_file, 'standard'),
checks=[JCheck('name', policy_assignment_name),
JCheck('displayName', policy_assignment_display_name),
JCheck('sku.name', 'A1'),
JCheck('sku.tier', 'Standard'),
JCheck('notScopes[0]', notscope)])
# create a policy assignment using a built in policy definition name
policy_assignment_name2 = self.create_random_name('azurecli-test-policy-assignment2', 40)
built_in_policy = self.cmd(
'policy definition list --query "[?policyType==\'BuiltIn\']|[0]"').get_output_in_json()
self.cmd('policy assignment create --policy {} -n {} --display-name {} -g {}'.format(
built_in_policy['name'], policy_assignment_name2, policy_assignment_display_name, resource_group),
checks=[JCheck('name', policy_assignment_name2),
JCheck('displayName', policy_assignment_display_name)])
self.cmd('policy assignment delete -n {} -g {}'.format(policy_assignment_name2, resource_group))
# listing at subscription level won't find the assignment made at a resource group
import jmespath
try:
self.cmd('policy assignment list', checks=JCheck("length([?name=='{}'])".format(policy_assignment_name), 0))
except jmespath.exceptions.JMESPathTypeError: # ok if query fails on None result
pass
# but enable --show-all works
self.cmd('policy assignment list --disable-scope-strict-match',
checks=JCheck("length([?name=='{}'])".format(policy_assignment_name), 1))
# delete the assignment
self.cmd('policy assignment delete -n {} -g {}'.format(policy_assignment_name, resource_group))
self.cmd('policy assignment list --disable-scope-strict-match')
# delete the policy
self.cmd('policy definition delete -n {}'.format(policy_name))
time.sleep(10) # ensure the policy is gone when run live.
self.cmd('policy definition list', checks=JCheck("length([?name=='{}'])".format(policy_name), 0))
def test_resource_policy(self, resource_group):
policy_name = self.create_random_name('azure-cli-test-policy', 30)
policy_display_name = self.create_random_name('test_policy', 20)
policy_description = 'desc_for_test_policy_123'
curr_dir = os.path.dirname(os.path.realpath(__file__))
rules_file = os.path.join(curr_dir, 'sample_policy_rule.json').replace(
'\\', '\\\\')
params_def_file = os.path.join(curr_dir,
'sample_policy_param_def.json').replace(
'\\', '\\\\')
params_file = os.path.join(curr_dir,
'sample_policy_param.json').replace(
'\\', '\\\\')
# create a policy
self.cmd(
'policy definition create -n {} --rules {} --params {} --display-name {} --description {}'
.format(policy_name, rules_file, params_def_file,
policy_display_name, policy_description),
checks=[
JCheck('name', policy_name),
JCheck('displayName', policy_display_name),
JCheck('description', policy_description)
])
# update it
new_policy_description = policy_description + '_new'
self.cmd('policy definition update -n {} --description {}'.format(
policy_name, new_policy_description),
checks=JCheck('description', new_policy_description))
# list and show it
self.cmd('policy definition list',
checks=JMESPathCheck(
"length([?name=='{}'])".format(policy_name), 1))
self.cmd('policy definition show -n {}'.format(policy_name),
checks=[
JCheck('name', policy_name),
JCheck('displayName', policy_display_name)
])
# create a policy assignment on a resource group
policy_assignment_name = self.create_random_name(
'azurecli-test-policy-assignment', 40)
policy_assignment_display_name = self.create_random_name(
'test_assignment', 20)
self.cmd(
'policy assignment create --policy {} -n {} --display-name {} -g {} --params {}'
.format(policy_name, policy_assignment_name,
policy_assignment_display_name, resource_group,
params_file),
checks=[
JCheck('name', policy_assignment_name),
JCheck('displayName', policy_assignment_display_name)
])
# listing at subscription level won't find the assignment made at a resource group
import jmespath
try:
self.cmd(
'policy assignment list',
checks=JCheck(
"length([?name=='{}'])".format(policy_assignment_name), 0))
except jmespath.exceptions.JMESPathTypeError: # ok if query fails on None result
pass
# but enable --show-all works
self.cmd('policy assignment list --disable-scope-strict-match',
checks=JCheck(
"length([?name=='{}'])".format(policy_assignment_name),
1))
# delete the assignment
self.cmd('policy assignment delete -n {} -g {}'.format(
policy_assignment_name, resource_group))
self.cmd('policy assignment list --disable-scope-strict-match')
# delete the policy
self.cmd('policy definition delete -n {}'.format(policy_name))
time.sleep(10) # ensure the policy is gone when run live.
self.cmd('policy definition list',
checks=JCheck("length([?name=='{}'])".format(policy_name), 0))
def test_resource_scenario(self, resource_group):
vnet_name = self.create_random_name('cli-test-vnet', 30)
subnet_name = self.create_random_name('cli-test-subnet', 30)
vnet_type = 'Microsoft.Network/virtualNetworks'
self.cmd('network vnet create -g {} -n {} --subnet-name {} --tags cli-test=test'.format(
resource_group, vnet_name, subnet_name))
self.cmd('resource list', checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
self.cmd('resource list -l southcentralus',
checks=JCheck("length([?location == 'southcentralus']) == length(@)", True))
self.cmd('resource list --resource-type {}'.format(vnet_type),
checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
self.cmd('resource list --name {}'.format(vnet_name),
checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
self.cmd('resource list --tag cli-test', checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
self.cmd('resource list --tag cli-test=test', checks=JCheck("length([?name=='{}'])".format(vnet_name), 1))
# check for simple resource with tag
self.cmd('resource show -n {} -g {} --resource-type {}'.format(vnet_name, resource_group, vnet_type), checks=[
JCheck('name', vnet_name),
JCheck('location', 'southcentralus'),
JCheck('resourceGroup', resource_group),
JCheck('tags', {'cli-test': 'test'})])
# check for child resource
self.cmd(
'resource show -n {} -g {} --namespace Microsoft.Network --parent virtualNetworks/{}'
' --resource-type subnets'.format(subnet_name, resource_group, vnet_name), checks=[
JCheck('name', subnet_name),
JCheck('resourceGroup', resource_group)])
# clear tag and verify
self.cmd('resource tag -n {} -g {} --resource-type {} --tags'.format(vnet_name, resource_group, vnet_type))
self.cmd('resource show -n {} -g {} --resource-type {}'
.format(vnet_name, resource_group, vnet_type), checks=JCheck('tags', {}))
# delete resource and verify
self.cmd('resource delete -n {} -g {} --resource-type {}'.format(vnet_name, resource_group, vnet_type))
self.cmd('resource list', checks=JCheck("length([?name=='{}'])".format(vnet_name), 0))