def test_validate_msi_on_assign_identity_command(self, mock_resolve_role_id): # check throw on : az vm/vmss assign-identity --role reader --scope "" np_mock = mock.MagicMock() cmd = mock.MagicMock() cmd.cli_ctx = DummyCli() np_mock.identity_scope = '' np_mock.identity_role = 'reader' from azure.cli.core.azclierror import ArgumentUsageError with self.assertRaises(ArgumentUsageError) as err: _validate_vm_vmss_msi(cmd, np_mock, is_identity_assign=True) self.assertTrue( "usage error: please specify --scope when assigning a role to the managed identity" in str(err.exception)) # check we set right role id np_mock = mock.MagicMock() np_mock.identity_scope = 'foo-scope' np_mock.identity_role = 'reader' np_mock.assign_identity = [] mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(cmd, np_mock, is_identity_assign=True) self.assertEqual(np_mock.identity_role_id, 'foo-role-id') mock_resolve_role_id.assert_called_with(cmd.cli_ctx, 'reader', 'foo-scope')
def test_validate_msi_on_assign_identity_command(self, mock_resolve_role_id): # check throw on : az vm/vmss assign-identity --role reader --scope "" np_mock = mock.MagicMock() cmd = mock.MagicMock() cmd.cli_ctx = DummyCli() np_mock.identity_scope = '' np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(cmd, np_mock, from_set_command=True) self.assertTrue( "usage error: '--role reader' is not applicable as the '--scope' is set to None", str(err.exception)) # check we set right role id np_mock = mock.MagicMock() np_mock.identity_scope = 'foo-scope' np_mock.identity_role = 'reader' np_mock.assign_identity = [] mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(cmd, np_mock, from_set_command=True) self.assertEqual(np_mock.identity_role_id, 'foo-role-id') mock_resolve_role_id.assert_called_with(cmd.cli_ctx, 'reader', 'foo-scope')
def test_validate_msi_on_create(self, mock_get_subscription, mock_resolve_role_id): # check throw on : az vm/vmss create --assign-identity --role reader --scope "" from azure.cli.core.azclierror import ArgumentUsageError np_mock = mock.MagicMock() cmd = mock.MagicMock() cmd.cli_ctx = DummyCli() np_mock.assign_identity = [] np_mock.identity_scope = None np_mock.identity_role = 'reader' with self.assertRaises(ArgumentUsageError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue("usage error: please specify both --role and --scope " "when assigning a role to the managed identity" in str( err.exception)) np_mock = mock.MagicMock() np_mock.assign_identity = [] np_mock.identity_scope = 'foo-scope' np_mock.identity_role = None with self.assertRaises(ArgumentUsageError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue("usage error: please specify both --role and --scope " "when assigning a role to the managed identity" in str( err.exception)) # check throw on : az vm/vmss create --scope "some scope" np_mock = mock.MagicMock() np_mock.assign_identity = None np_mock.identity_scope = 'foo-scope' with self.assertRaises(ArgumentUsageError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue( 'usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check throw on : az vm/vmss create --role "reader" np_mock = mock.MagicMock() np_mock.assign_identity = None np_mock.identity_role = 'reader' with self.assertRaises(ArgumentUsageError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue( 'usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check we set right role id np_mock = mock.MagicMock() np_mock.assign_identity = [] np_mock.identity_scope = 'foo-scope' np_mock.identity_role = 'reader' mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(cmd, np_mock) self.assertEqual(np_mock.identity_role_id, 'foo-role-id') self.assertEqual(np_mock.identity_role, 'reader') mock_resolve_role_id.assert_called_with(cmd.cli_ctx, 'reader', 'foo-scope')
def test_validate_msi_on_create(self, mock_get_subscription, mock_resolve_role_id): # check throw on : az vm/vmss create --assign-identity --role reader --scope "" np_mock = mock.MagicMock() np_mock.assign_identity = True np_mock.identity_scope = '' np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(np_mock) self.assertTrue( "usage error: '--role reader' is not applicable as the '--scope' is set to None", str(err.exception)) # check throw on : az vm/vmss create --scope "some scope" np_mock = mock.MagicMock() np_mock.assign_identity = False np_mock.identity_scope = 'foo-scope' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(np_mock) self.assertTrue( 'usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check throw on : az vm/vmss create --role "reader" np_mock = mock.MagicMock() np_mock.assign_identity = False np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(np_mock) self.assertTrue( 'usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check we set right role id np_mock = mock.MagicMock() np_mock.assign_identity = True np_mock.identity_scope = 'foo-scope' np_mock.identity_role = 'reader' mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(np_mock) self.assertEqual(np_mock.identity_role_id, 'foo-role-id') self.assertEqual(np_mock.identity_role, 'reader') mock_resolve_role_id.assert_called_with('reader', 'foo-scope') # check we set right default scope np_mock = mock.MagicMock() np_mock.assign_identity = True np_mock.identity_scope = None np_mock.identity_role = 'Reader' np_mock.resource_group_name = 'foo-group' mock_get_subscription.return_value = 'foo-subscription-id' mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(np_mock) self.assertEqual( '/subscriptions/foo-subscription-id/resourceGroups/foo-group', np_mock.identity_scope)
def test_validate_msi_on_create(self, mock_get_subscription, mock_resolve_role_id): # check throw on : az vm/vmss create --assign-identity --role reader --scope "" np_mock = mock.MagicMock() np_mock.assign_identity = True np_mock.identity_scope = '' np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(np_mock) self.assertTrue("usage error: '--role reader' is not applicable as the '--scope' is set to None", str(err.exception)) # check throw on : az vm/vmss create --scope "some scope" np_mock = mock.MagicMock() np_mock.assign_identity = False np_mock.identity_scope = 'foo-scope' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(np_mock) self.assertTrue('usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check throw on : az vm/vmss create --role "reader" np_mock = mock.MagicMock() np_mock.assign_identity = False np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(np_mock) self.assertTrue('usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check we set right role id np_mock = mock.MagicMock() np_mock.assign_identity = True np_mock.identity_scope = 'foo-scope' np_mock.identity_role = 'reader' mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(np_mock) self.assertEqual(np_mock.identity_role_id, 'foo-role-id') self.assertEqual(np_mock.identity_role, 'reader') mock_resolve_role_id.assert_called_with('reader', 'foo-scope') # check we set right default scope np_mock = mock.MagicMock() np_mock.assign_identity = True np_mock.identity_scope = None np_mock.identity_role = 'Reader' np_mock.resource_group_name = 'foo-group' mock_get_subscription.return_value = 'foo-subscription-id' mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(np_mock) self.assertEqual('/subscriptions/foo-subscription-id/resourceGroups/foo-group', np_mock.identity_scope)
def test_validate_msi_on_assign_identity_command(self, mock_resolve_role_id): # check throw on : az vm/vmss assign-identity --role reader --scope "" np_mock = mock.MagicMock() np_mock.identity_scope = '' np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(np_mock, from_set_command=True) self.assertTrue("usage error: '--role reader' is not applicable as the '--scope' is set to None", str(err.exception)) # check we set right role id np_mock = mock.MagicMock() np_mock.identity_scope = 'foo-scope' np_mock.identity_role = 'reader' mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(np_mock, from_set_command=True) self.assertEqual(np_mock.identity_role_id, 'foo-role-id') mock_resolve_role_id.assert_called_with('reader', 'foo-scope')
def test_validate_msi_on_create(self, mock_get_subscription, mock_resolve_role_id): # check throw on : az vm/vmss create --assign-identity --role reader --scope "" np_mock = mock.MagicMock() cmd = mock.MagicMock() cmd.cli_ctx = DummyCli() np_mock.assign_identity = [] np_mock.identity_scope = None np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue( "usage error: '--role reader' is not applicable as the '--scope' is " "not provided" in str(err.exception)) # check throw on : az vm/vmss create --scope "some scope" np_mock = mock.MagicMock() np_mock.assign_identity = None np_mock.identity_scope = 'foo-scope' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue( 'usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check throw on : az vm/vmss create --role "reader" np_mock = mock.MagicMock() np_mock.assign_identity = None np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue( 'usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check we set right role id np_mock = mock.MagicMock() np_mock.assign_identity = [] np_mock.identity_scope = 'foo-scope' np_mock.identity_role = 'reader' mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(cmd, np_mock) self.assertEqual(np_mock.identity_role_id, 'foo-role-id') self.assertEqual(np_mock.identity_role, 'reader') mock_resolve_role_id.assert_called_with(cmd.cli_ctx, 'reader', 'foo-scope')
def test_validate_msi_on_create(self, mock_get_subscription, mock_resolve_role_id): # check throw on : az vm/vmss create --assign-identity --role reader --scope "" np_mock = mock.MagicMock() cmd = mock.MagicMock() cmd.cli_ctx = TestCli() np_mock.assign_identity = [] np_mock.identity_scope = None np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue("usage error: '--role reader' is not applicable as the '--scope' is " "not provided" in str(err.exception)) # check throw on : az vm/vmss create --scope "some scope" np_mock = mock.MagicMock() np_mock.assign_identity = None np_mock.identity_scope = 'foo-scope' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue('usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check throw on : az vm/vmss create --role "reader" np_mock = mock.MagicMock() np_mock.assign_identity = None np_mock.identity_role = 'reader' with self.assertRaises(CLIError) as err: _validate_vm_vmss_msi(cmd, np_mock) self.assertTrue('usage error: --assign-identity [--scope SCOPE] [--role ROLE]' in str(err.exception)) # check we set right role id np_mock = mock.MagicMock() np_mock.assign_identity = [] np_mock.identity_scope = 'foo-scope' np_mock.identity_role = 'reader' mock_resolve_role_id.return_value = 'foo-role-id' _validate_vm_vmss_msi(cmd, np_mock) self.assertEqual(np_mock.identity_role_id, 'foo-role-id') self.assertEqual(np_mock.identity_role, 'reader') mock_resolve_role_id.assert_called_with(cmd.cli_ctx, 'reader', 'foo-scope')