def test_enable_encryption_error_cases_handling(
self, mock_get_keyvault_key_url, mock_compute_client_factory):
faked_keyvault = '/subscriptions/01234567-1bf0-4dda-aec3-cb9272f09590/resourceGroups/rg1/providers/Microsoft.KeyVault/vaults/v1'
os_disk = OSDisk(None, OperatingSystemTypes.linux)
existing_disk = DataDisk(lun=1,
vhd='https://someuri',
name='d1',
create_option=DiskCreateOptionTypes.empty)
vm = FakedVM(None, [existing_disk], os_disk=os_disk)
compute_client_mock = mock.MagicMock()
compute_client_mock.virtual_machines.get.return_value = vm
mock_compute_client_factory.return_value = compute_client_mock
mock_get_keyvault_key_url.return_value = 'https://somevaults.vault.azure.net/'
# throw when VM has disks, but no --volume-type is specified
with self.assertRaises(CLIError) as context:
enable('rg1', 'vm1', 'client_id', faked_keyvault, 'client_secret')
self.assertTrue("supply --volume-type" in str(context.exception))
# throw when no AAD client secrets
with self.assertRaises(CLIError) as context:
enable('rg1', 'vm1', 'client_id', faked_keyvault)
self.assertTrue("--aad-client-id or --aad-client-cert-thumbprint" in
str(context.exception))
def test_enable_encryption_error_cases_handling(self, mock_get_keyvault_key_url, mock_compute_client_factory):
faked_keyvault = '/subscriptions/01234567-1bf0-4dda-aec3-cb9272f09590/resourceGroups/rg1/providers/Microsoft.KeyVault/vaults/v1'
os_disk = OSDisk(None, OperatingSystemTypes.linux)
existing_disk = DataDisk(lun=1, vhd='https://someuri', name='d1', create_option=DiskCreateOptionTypes.empty)
vm = FakedVM(None, [existing_disk], os_disk=os_disk)
compute_client_mock = mock.MagicMock()
compute_client_mock.virtual_machines.get.return_value = vm
mock_compute_client_factory.return_value = compute_client_mock
mock_get_keyvault_key_url.return_value = 'https://somevaults.vault.azure.net/'
# throw when VM has disks, but no --volume-type is specified
with self.assertRaises(CLIError) as context:
enable('rg1', 'vm1', 'client_id', faked_keyvault, 'client_secret')
self.assertTrue("supply --volume-type" in str(context.exception))
# throw when no AAD client secrets
with self.assertRaises(CLIError) as context:
enable('rg1', 'vm1', 'client_id', faked_keyvault)
self.assertTrue("--aad-client-id or --aad-client-cert-thumbprint" in str(context.exception))
# throw when the linux image does not support encryptions
vm.storage_profile.image_reference = ImageReference(publisher='OpenLogic', offer='centos', sku='7.1')
with self.assertRaises(CLIError) as context:
enable('rg1', 'vm1', 'client_id', faked_keyvault, 'client_secret', volume_type='DATA')
self.assertTrue("Encryption is not suppored for current VM. Supported are" in str(context.exception))