def test_crud_operations(self, vault_client, **kwargs): self.assertIsNotNone(vault_client) client = vault_client.certificates cert_name = self.get_resource_name("cert") lifetime_actions = [ LifetimeAction(trigger=Trigger(lifetime_percentage=80), action=Action(action_type=ActionType.auto_renew)) ] cert_policy = CertificatePolicyGenerated( key_properties=KeyProperties(exportable=True, key_type="RSA", key_size=2048, reuse_key=False), secret_properties=SecretProperties(content_type="application/x-pkcs12"), issuer_parameters=IssuerParameters(name="Self"), lifetime_actions=lifetime_actions, x509_certificate_properties=X509CertificateProperties( subject="CN=DefaultPolicy", validity_in_months=12, key_usage=["digitalSignature", "keyEncipherment"] ), ) polling_interval = 0 if self.is_playback() else None # create certificate certificate = client.begin_create_certificate( certificate_name=cert_name, policy=CertificatePolicy.get_default(), _polling_interval=polling_interval ).result() self._validate_certificate_bundle(cert=certificate, cert_name=cert_name, cert_policy=cert_policy) self.assertEqual(client.get_certificate_operation(certificate_name=cert_name).status.lower(), "completed") # get certificate cert = client.get_certificate(certificate_name=cert_name) self._validate_certificate_bundle(cert=cert, cert_name=cert_name, cert_policy=cert_policy) # update certificate tags = {"tag1": "updated_value1"} cert_bundle = client.update_certificate_properties( certificate_name=cert_name, tags=tags ) self._validate_certificate_bundle(cert=cert_bundle, cert_name=cert_name, cert_policy=cert_policy) self.assertEqual(tags, cert_bundle.properties.tags) self.assertEqual(cert.id, cert_bundle.id) self.assertNotEqual(cert.properties.updated_on, cert_bundle.properties.updated_on) # delete certificate delete_cert_poller = client.begin_delete_certificate( certificate_name=cert_name, _polling_interval=polling_interval ) deleted_cert_bundle = delete_cert_poller.result() self._validate_certificate_bundle(cert=deleted_cert_bundle, cert_name=cert_name, cert_policy=cert_policy) delete_cert_poller.wait() # get certificate returns not found try: client.get_certificate_version(certificate_name=cert_name, version=deleted_cert_bundle.properties.version) self.fail("Get should fail") except Exception as ex: if not hasattr(ex, "message") or "not found" not in ex.message.lower(): raise ex
async def test_backup_restore(self, vault_client, **kwargs): self.assertIsNotNone(vault_client) client = vault_client.certificates cert_name = self.get_resource_name("cert") lifetime_actions = [ LifetimeAction( trigger=Trigger(lifetime_percentage=2), action=Action(action_type=ActionType.email_contacts)) ] cert_policy = CertificatePolicyGenerated( key_properties=KeyProperties(exportable=True, key_type="RSA", key_size=2048, reuse_key=False), secret_properties=SecretProperties( content_type="application/x-pkcs12"), issuer_parameters=IssuerParameters(name="Self"), lifetime_actions=lifetime_actions, x509_certificate_properties=X509CertificateProperties( subject="CN=*.microsoft.com", # commented out for now because of server side bug not # restoring san dns names # subject_alternative_names=SubjectAlternativeNames( # dns_names=['sdk.azure-int.net'] # ), validity_in_months=24, ), ) polling_interval = 0 if self.is_playback() else None # create certificate await client.create_certificate( certificate_name=cert_name, policy=CertificatePolicy._from_certificate_policy_bundle( cert_policy), _polling_interval=polling_interval) # create a backup certificate_backup = await client.backup_certificate( certificate_name=cert_name) # delete the certificate await client.delete_certificate(certificate_name=cert_name, _polling_interval=polling_interval) # restore certificate restored_certificate = await client.restore_certificate_backup( backup=certificate_backup) self._validate_certificate_bundle(cert=restored_certificate, vault=client.vault_url, cert_name=cert_name, cert_policy=cert_policy)
async def test_crud_operations(self, vault_client, **kwargs): self.assertIsNotNone(vault_client) client = vault_client.certificates cert_name = self.get_resource_name("cert") lifetime_actions = [ LifetimeAction( trigger=Trigger(lifetime_percentage=2), action=Action(action_type=ActionType.email_contacts)) ] cert_policy = CertificatePolicyGenerated( key_properties=KeyProperties(exportable=True, key_type='RSA', key_size=2048, reuse_key=True), secret_properties=SecretProperties( content_type='application/x-pkcs12'), issuer_parameters=IssuerParameters(name='Self'), lifetime_actions=lifetime_actions, x509_certificate_properties=X509CertificateProperties( subject='CN=DefaultPolicy', validity_in_months=12, key_usage=[ "cRLSign", "dataEncipherment", "digitalSignature", "keyAgreement", "keyCertSign", "keyEncipherment" ])) # create certificate create_certificate_poller = await client.create_certificate( name=cert_name) cert = await create_certificate_poller self._validate_certificate_bundle(cert=cert, vault=client.vault_url, cert_name=cert_name, cert_policy=cert_policy) self.assertEqual( (await client.get_certificate_operation(name=cert_name)).status.lower(), 'completed') # get certificate cert = await client.get_certificate_with_policy(name=cert_name) self._validate_certificate_bundle(cert=cert, vault=client.vault_url, cert_name=cert_name, cert_policy=cert_policy) # update certificate tags = {'tag1': 'updated_value1'} cert_bundle = await client.update_certificate_properties( name=cert_name, tags=tags) self._validate_certificate_bundle(cert=cert_bundle, vault=client.vault_url, cert_name=cert_name, cert_policy=cert_policy) self.assertEqual(tags, cert_bundle.properties.tags) self.assertEqual(cert.id, cert_bundle.id) self.assertNotEqual(cert.properties.updated, cert_bundle.properties.updated) # delete certificate deleted_cert_bundle = await client.delete_certificate(name=cert_name) self._validate_certificate_bundle(cert=deleted_cert_bundle, vault=client.vault_url, cert_name=cert_name, cert_policy=cert_policy) # get certificate returns not found try: await client.get_certificate( name=cert_name, version=deleted_cert_bundle.properties.version) self.fail('Get should fail') except Exception as ex: if not hasattr(ex, 'message') or 'not found' not in ex.message.lower(): raise ex