def body(self): app_id_uri = 'http://azureclitest-graph' # create app through express option self.cmd('ad sp create-for-rbac -n {}'.format(app_id_uri), checks=[JMESPathCheck('name', app_id_uri)]) # show/list app self.cmd('ad app show --id {}'.format(app_id_uri), checks=[JMESPathCheck('identifierUris[0]', app_id_uri)]) self.cmd('ad app list --identifier-uri {}'.format(app_id_uri), checks=[ JMESPathCheck('[0].identifierUris[0]', app_id_uri), JMESPathCheck('length([*])', 1) ]) # show/list sp self.cmd( 'ad sp show --id {}'.format(app_id_uri), checks=[JMESPathCheck('servicePrincipalNames[0]', app_id_uri)]) self.cmd('ad sp list --spn {}'.format(app_id_uri), checks=[ JMESPathCheck('[0].servicePrincipalNames[0]', app_id_uri), JMESPathCheck('length([*])', 1), ]) self.cmd('ad sp reset-credentials -n {}'.format(app_id_uri), checks=[JMESPathCheck('name', app_id_uri)]) # cleanup self.cmd('ad sp delete --id {}'.format(app_id_uri), None) self.cmd('ad sp list --spn {}'.format(app_id_uri), checks=NoneCheck()) self.cmd('ad app delete --id {}'.format(app_id_uri), None) self.cmd('ad app list --identifier-uri {}'.format(app_id_uri), checks=NoneCheck())
def body(self): rg = self.resource_group linux_vm_name = 'ubuntuvm5367' linux_image = 'Ubuntu\ Server\ 16.04\ LTS' windows_vm_name = 'winvm5367' windows_image = 'Windows\ Server\ 2008\ R2\ SP1' image_type = 'gallery' size = 'Standard_DS1_v2' password = '******' self.cmd('group deployment create -g {} --template-file {}' .format(rg, TEMPLATE), checks=[JMESPathCheck('properties.provisioningState', 'Succeeded')]) # Create linux vm in the lab self.cmd('lab vm create -g {} --lab-name {} --name {} ' '--image {} --image-type {} --size {} --admin-password {}' .format(rg, LAB_NAME, linux_vm_name, linux_image, image_type, size, password), checks=[NoneCheck()]) self.cmd('lab vm show -g {} --lab-name {} --name {} ' .format(rg, LAB_NAME, linux_vm_name), checks=[ JMESPathCheck('name', linux_vm_name), JMESPathCheck('provisioningState', 'Succeeded'), JMESPathCheck('osType', 'Linux'), JMESPathCheck('virtualMachineCreationSource', 'FromGalleryImage'), JMESPathCheck('size', size), JMESPathCheck('disallowPublicIpAddress', True), JMESPathCheck('artifactDeploymentStatus.totalArtifacts', 0), JMESPathCheck('galleryImageReference.publisher', 'Canonical') ]) # Create windows vm in the lab self.cmd('lab vm create -g {} --lab-name {} --name {} ' '--image {} --image-type {} --size {} --admin-password {}' .format(rg, LAB_NAME, windows_vm_name, windows_image, image_type, size, password), checks=[NoneCheck()]) self.cmd('lab vm show -g {} --lab-name {} --name {} ' .format(rg, LAB_NAME, windows_vm_name), checks=[ JMESPathCheck('name', windows_vm_name), JMESPathCheck('provisioningState', 'Succeeded'), JMESPathCheck('osType', 'Windows'), JMESPathCheck('virtualMachineCreationSource', 'FromGalleryImage'), JMESPathCheck('size', size), JMESPathCheck('disallowPublicIpAddress', True), JMESPathCheck('artifactDeploymentStatus.totalArtifacts', 0), JMESPathCheck('galleryImageReference.publisher', 'MicrosoftWindowsServer') ]) # Delete all the vms self.cmd('lab vm delete -g {} --lab-name {} --name {}' .format(rg, LAB_NAME, linux_vm_name), checks=[NoneCheck()]) self.cmd('lab vm delete -g {} --lab-name {} --name {}' .format(rg, LAB_NAME, windows_vm_name), checks=[NoneCheck()]) # Delete the lab self.cmd('lab delete -g {} --name {}'.format(rg, LAB_NAME), checks=[NoneCheck()])
def body(self): s = self tn = s.tag_name s.cmd('tag list --query "[?tagName == \'{}\']"'.format(tn), checks=NoneCheck()) s.cmd('tag create -n {}'.format(tn), checks=[ JMESPathCheck('tagName', tn), JMESPathCheck('values', []), JMESPathCheck('count.value', 0) ]) s.cmd('tag add-value -n {} --value test'.format(tn)) s.cmd('tag add-value -n {} --value test2'.format(tn)) s.cmd('tag list --query "[?tagName == \'{}\']"'.format(tn), checks=[ JMESPathCheck('[].values[].tagValue', [u'test', u'test2']) ]) s.cmd('tag remove-value -n {} --value test'.format(tn)) s.cmd('tag list --query "[?tagName == \'{}\']"'.format(tn), checks=[JMESPathCheck('[].values[].tagValue', [u'test2'])]) s.cmd('tag remove-value -n {} --value test2'.format(tn)) s.cmd('tag list --query "[?tagName == \'{}\']"'.format(tn), checks=[JMESPathCheck('[].values[].tagValue', [])]) s.cmd('tag delete -n {}'.format(tn)) s.cmd('tag list --query "[?tagName == \'{}\']"'.format(self.tag_name), checks=NoneCheck())
def test_create_for_rbac_with_secret(self, resource_group): subscription_id = self.cmd( 'account list --query "[?isDefault].id"').get_output_in_json() scope = '/subscriptions/{}'.format(subscription_id[0]) sp_name = 'http://{}'.format(resource_group) try: self.cmd( 'ad sp create-for-rbac -n {0} --scopes {1} {1}/resourceGroups/{2}' .format(sp_name, scope, resource_group), checks=[JMESPathCheckV2('name', sp_name)]) self.cmd('role assignment list --assignee {} --scope {}'.format( sp_name, scope), checks=[JMESPathCheckV2("length([])", 1)]) self.cmd('role assignment list --assignee {} -g {}'.format( sp_name, resource_group), checks=[JMESPathCheckV2("length([])", 1)]) self.cmd('role assignment delete --assignee {} -g {}'.format( sp_name, resource_group), checks=NoneCheck()) self.cmd('role assignment delete --assignee {}'.format(sp_name), checks=NoneCheck()) finally: self.cmd('ad app delete --id {}'.format(sp_name))
def body(self): rg = self.resource_group env_name = 'docdbenv' arm_template = 'documentdb-webapp' self.cmd('group deployment create -g {} --template-file {}'.format( rg, TEMPLATE), checks=[ JMESPathCheck('properties.provisioningState', 'Succeeded') ]) artifact_sources = self.cmd( 'lab artifact-source list -g {} --lab-name {}'.format( rg, LAB_NAME)) # Create environment in the lab self.cmd('lab environment create -g {} --lab-name {} --name {} ' '--arm-template {} --artifact-source-name {} --parameters {}'. format(rg, LAB_NAME, env_name, arm_template, artifact_sources[0]['name'], ENV_PARAMTERS), checks=[ JMESPathCheck('provisioningState', 'Succeeded'), JMESPathCheck( 'type', 'Microsoft.DevTestLab/labs/users/environments') ]) # Delete environment from the lab self.cmd('lab environment delete -g {} --lab-name {} --name {}'.format( rg, LAB_NAME, env_name), checks=[NoneCheck()]) # Delete the lab self.cmd('lab delete -g {} --name {}'.format(rg, LAB_NAME), checks=[NoneCheck()])
def body(self): s = self rg = self.resource_group s.cmd('group create -n {} -l westus'.format(rg), checks=[ JMESPathCheck('name', rg), ]) s.cmd('group exists -n {}'.format(rg), checks=BooleanCheck(True)) s.cmd('group wait --exists -n {}'.format(rg), checks=NoneCheck()) s.cmd('group delete -n {} --no-wait --yes'.format(rg), checks=NoneCheck()) s.cmd('group wait --deleted -n {}'.format(rg), checks=NoneCheck()) s.cmd('group exists -n {}'.format(rg), checks=NoneCheck())
def body(self): nsg_name = 'nsg1' self.cmd('network nsg create -n {} -g {}'.format(nsg_name, self.resource_group), None) result = self.cmd('network nsg show -n {} -g {}'.format(nsg_name, self.resource_group), None) resource_id = result['id'] # test role assignments on a resource group self.cmd('role assignment create --assignee {} --role contributor -g {}'.format(self.user, self.resource_group), None) self.cmd('role assignment list -g {}'.format(self.resource_group), checks=[JMESPathCheck("length([])", 1)]) self.cmd('role assignment list --assignee {} --role contributor -g {}'.format(self.user, self.resource_group), checks=[JMESPathCheck("length([])", 1)]) # test couple of more general filters result = self.cmd( 'role assignment list -g {} --include-inherited'.format(self.resource_group), None) self.assertTrue(len(result) >= 1) result = self.cmd('role assignment list --all'.format(self.user, self.resource_group), None) self.assertTrue(len(result) >= 1) self.cmd('role assignment delete --assignee {} --role contributor -g {}'.format(self.user, self.resource_group), None) self.cmd('role assignment list -g {}'.format(self.resource_group), checks=NoneCheck()) # test role assignments on a resource self.cmd( 'role assignment create --assignee {} --role contributor --scope {}'.format(self.user, resource_id), None) self.cmd( 'role assignment list --assignee {} --role contributor --scope {}'.format(self.user, resource_id), checks=[JMESPathCheck("length([])", 1)]) self.cmd( 'role assignment delete --assignee {} --role contributor --scope {}'.format(self.user, resource_id), None) self.cmd('role assignment list --scope {}'.format(resource_id), checks=NoneCheck()) # test role assignment on subscription level self.cmd('role assignment create --assignee {} --role reader'.format(self.user), None) self.cmd('role assignment list --assignee {} --role reader'.format(self.user), checks=[JMESPathCheck("length([])", 1)]) self.cmd('role assignment list --assignee {}'.format(self.user), checks=[JMESPathCheck("length([])", 1)]) self.cmd('role assignment delete --assignee {} --role reader'.format(self.user), None)
def test_group_deployment_thru_uri(self, resource_group): self.resource_group = resource_group curr_dir = os.path.dirname(os.path.realpath(__file__)) # same copy of the sample template file under current folder, but it is uri based now template_uri = 'https://raw.githubusercontent.com/Azure/azure-cli/master/src/' \ 'command_modules/azure-cli-resource/azure/cli/command_modules/resource/tests/simple_deploy.json' parameters_file = os.path.join( curr_dir, 'simple_deploy_parameters.json').replace('\\', '\\\\') result = self.cmd( 'group deployment create -g {} --template-uri {} --parameters @{}'. format(self.resource_group, template_uri, parameters_file), checks=[ JCheck('properties.provisioningState', 'Succeeded'), JCheck('resourceGroup', self.resource_group), ]).get_output_in_json() deployment_name = result['name'] result = self.cmd('group deployment show -g {} -n {}'.format( self.resource_group, deployment_name), checks=JCheck('name', deployment_name)) self.cmd('group deployment delete -g {} -n {}'.format( self.resource_group, deployment_name)) self.cmd('group deployment list -g {}'.format(self.resource_group), checks=NoneCheck())
def body(self): if self.playback: subscription_id = MOCKED_SUBSCRIPTION_ID else: subscription_id = self.cmd('account list --query "[?isDefault].id" -o tsv') role_name = 'cli-test-role3' template = { "Name": role_name, "Description": "Can monitor compute, network and storage, and restart virtual machines", "Actions": ["Microsoft.Compute/*/read", "Microsoft.Compute/virtualMachines/start/action", "Microsoft.Compute/virtualMachines/restart/action", "Microsoft.Network/*/read", "Microsoft.Storage/*/read", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/resourceGroups/resources/read", "Microsoft.Insights/alertRules/*", "Microsoft.Support/*"], "AssignableScopes": ["/subscriptions/{}".format(subscription_id)] } _, temp_file = tempfile.mkstemp() with open(temp_file, 'w') as f: json.dump(template, f) self.cmd('role definition create --role-definition {}'.format(temp_file.replace('\\', '\\\\')), None) self.cmd('role definition list -n {}'.format(role_name), checks=[JMESPathCheck('[0].properties.roleName', role_name)]) self.cmd('role definition delete -n {}'.format(role_name), None) self.cmd('role definition list -n {}'.format(role_name), NoneCheck())
def test_resource_group(self, resource_group): s = self rg = resource_group s.cmd('group delete -n {} --yes'.format(rg)) s.cmd('group exists -n {}'.format(rg), checks=NoneCheck()) s.cmd('group create -n {} -l westus --tag a=b c'.format(rg), checks=[JCheck('name', rg), JCheck('tags', { 'a': 'b', 'c': '' })]) s.cmd('group exists -n {}'.format(rg), checks=BooleanCheck(True)) s.cmd('group show -n {}'.format(rg), checks=[JCheck('name', rg), JCheck('tags', { 'a': 'b', 'c': '' })]) s.cmd('group list --tag a=b', checks=[ JCheck('[0].name', rg), JCheck('[0].tags', { 'a': 'b', 'c': '' }) ])
def body(self): app_id_uri = 'http://azureclitest-graph' display_name = 'azureclitest' # crerate app through general option self.cmd( 'ad app create --display-name {} --homepage {} --identifier-uris {}' .format(display_name, app_id_uri, app_id_uri), checks=[JMESPathCheck('identifierUris[0]', app_id_uri)]) # show/list app self.cmd('ad app show --id {}'.format(app_id_uri), checks=[JMESPathCheck('identifierUris[0]', app_id_uri)]) self.cmd('ad app list --display-name {}'.format(display_name), checks=[ JMESPathCheck('[0].identifierUris[0]', app_id_uri), JMESPathCheck('length([*])', 1) ]) # update app reply_uri = "http://azureclitest-replyuri" self.cmd('ad app update --id {} --reply-urls {}'.format( app_id_uri, reply_uri)) self.cmd('ad app show --id {}'.format(app_id_uri), checks=[JMESPathCheck('replyUrls[0]', reply_uri)]) # delete app self.cmd('ad app delete --id {}'.format(app_id_uri)) self.cmd('ad app list --identifier-uri {}'.format(app_id_uri), checks=NoneCheck())
def test_create_for_rbac_with_cert(self, resource_group): subscription_id = self.cmd( 'account list --query "[?isDefault].id"').get_output_in_json() scope = '/subscriptions/{}'.format(subscription_id[0]) sp_name = 'http://' + resource_group try: result = self.cmd( 'ad sp create-for-rbac -n {0} --scopes {1} {1}/resourceGroups/{2} --create-cert' .format(sp_name, scope, resource_group)).get_output_in_json() self.assertEqual(sp_name, result['name']) self.assertTrue( result['fileWithCertAndPrivateKey'].endswith('.pem')) os.remove(result['fileWithCertAndPrivateKey']) result = self.cmd( 'ad sp reset-credentials -n {0} --create-cert'.format( sp_name)).get_output_in_json() self.assertEqual(sp_name, result['name']) self.assertTrue( result['fileWithCertAndPrivateKey'].endswith('.pem')) os.remove(result['fileWithCertAndPrivateKey']) finally: self.cmd('ad app delete --id {}'.format(sp_name), checks=NoneCheck())
def test_managedappdef(self, resource_group): location = 'westcentralus' appdef_name = self.create_random_name('testappdefname', 20) appdef_display_name = self.create_random_name('test_appdef', 20) appdef_description = 'test_appdef_123' packageUri = 'https:\/\/wud.blob.core.windows.net\/appliance\/SingleStorageAccount.zip' auth = '5e91139a-c94b-462e-a6ff-1ee95e8aac07:8e3af657-a8ff-443c-a75c-2fe8c4bcb635' lock = 'None' # create a managedapp definition create_cmd = 'managedapp definition create -n {} --package-file-uri {} --display-name {} --description {} -l {} -a {} --lock-level {} -g {}' appdef = self.cmd(create_cmd.format(appdef_name, packageUri, appdef_display_name, appdef_description, location, auth, lock, resource_group), checks=[ JCheck('name', appdef_name), JCheck('displayName', appdef_display_name), JCheck('description', appdef_description), JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'), JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'), JCheck('artifacts[0].name', 'ApplianceResourceTemplate'), JCheck('artifacts[0].type', 'Template'), JCheck('artifacts[1].name', 'CreateUiDefinition'), JCheck('artifacts[1].type', 'Custom') ]).get_output_in_json() # list and show it list_cmd = 'managedapp definition list -g {}' self.cmd(list_cmd.format(resource_group), checks=[JCheck('[0].name', appdef_name)]) show_cmd = 'managedapp definition show --ids {}' self.cmd(show_cmd.format(appdef['id']), checks=[ JCheck('name', appdef_name), JCheck('displayName', appdef_display_name), JCheck('description', appdef_description), JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'), JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'), JCheck('artifacts[0].name', 'ApplianceResourceTemplate'), JCheck('artifacts[0].type', 'Template'), JCheck('artifacts[1].name', 'CreateUiDefinition'), JCheck('artifacts[1].type', 'Custom') ]) # delete self.cmd('managedapp definition delete -g {} -n {}'.format( resource_group, appdef_name)) self.cmd('managedapp definition list -g {}'.format(resource_group), checks=NoneCheck())
def test_managedapp(self, resource_group): location = 'westcentralus' appdef_name = 'testappdefname' appdef_display_name = 'test_appdef_123' appdef_description = 'test_appdef_123' packageUri = 'https:\/\/wud.blob.core.windows.net\/appliance\/SingleStorageAccount.zip' auth = '5e91139a-c94b-462e-a6ff-1ee95e8aac07:8e3af657-a8ff-443c-a75c-2fe8c4bcb635' lock = 'None' # create a managedapp definition create_cmd = 'managedapp definition create -n {} --package-file-uri {} --display-name {} --description {} -l {} -a {} --lock-level {} -g {}' managedappdef = self.cmd( create_cmd.format(appdef_name, packageUri, appdef_display_name, appdef_description, location, auth, lock, resource_group)).get_output_in_json() # create a managedapp managedapp_name = 'mymanagedapp' managedapp_loc = 'westcentralus' managedapp_kind = 'servicecatalog' newrg = self.create_random_name('climanagedapp', 25) managedrg = '/subscriptions/{}/resourceGroups/{}'.format( managedappdef['id'].split("/")[2], newrg) create_cmd = 'managedapp create -n {} -g {} -l {} --kind {} -m {} -d {}' app = self.cmd(create_cmd.format(managedapp_name, resource_group, managedapp_loc, managedapp_kind, managedrg, managedappdef['id']), checks=[ JCheck('name', managedapp_name), JCheck('type', 'Microsoft.Solutions/appliances'), JCheck('kind', 'servicecatalog'), JCheck('managedResourceGroupId', managedrg), JCheck('applianceDefinitionId', managedappdef['id']) ]).get_output_in_json() # list and show list_byrg_cmd = 'managedapp list -g {}' self.cmd(list_byrg_cmd.format(resource_group), checks=[JCheck('[0].name', managedapp_name)]) show_cmd = 'managedapp show --ids {}' self.cmd(show_cmd.format(app['id']), checks=[ JCheck('name', managedapp_name), JCheck('type', 'Microsoft.Solutions/appliances'), JCheck('kind', 'servicecatalog'), JCheck('managedResourceGroupId', managedrg), JCheck('applianceDefinitionId', managedappdef['id']) ]) # delete self.cmd('managedapp delete -g {} -n {}'.format( resource_group, managedapp_name)) self.cmd('managedapp list -g {}'.format(resource_group), checks=NoneCheck())
def body(self): plan = 'webapp-linux-plan' webapp = 'webapp-linux1' self.cmd( 'appservice plan create -g {} -n {} --sku S1 --is-linux'.format( self.resource_group, plan), checks=[ JMESPathCheck('reserved', True), # this weird field means it is a linux JMESPathCheck('sku.name', 'S1'), ]) self.cmd('webapp create -g {} -n {} --plan {}'.format( self.resource_group, webapp, plan), checks=[ JMESPathCheck('name', webapp), ]) self.cmd('webapp config set -g {} -n {} --startup-file {}'.format( self.resource_group, webapp, 'process.json'), checks=[JMESPathCheck('appCommandLine', 'process.json')]) result = self.cmd( 'webapp config container set -g {} -n {} --docker-custom-image-name {} --docker-registry-server-password {} --docker-registry-server-user {} --docker-registry-server-url {}' .format(self.resource_group, webapp, 'foo-image', 'foo-password', 'foo-user', 'foo-url')) self.assertEqual( set(x['value'] for x in result if x['name'] == 'DOCKER_REGISTRY_SERVER_PASSWORD'), set([None])) # we mask the password result = self.cmd('webapp config container show -g {} -n {} '.format( self.resource_group, webapp)) self.assertEqual( set(x['name'] for x in result), set([ 'DOCKER_REGISTRY_SERVER_URL', 'DOCKER_REGISTRY_SERVER_USERNAME', 'DOCKER_CUSTOM_IMAGE_NAME', 'DOCKER_REGISTRY_SERVER_PASSWORD' ])) self.assertEqual( set(x['value'] for x in result if x['name'] == 'DOCKER_REGISTRY_SERVER_PASSWORD'), set([None])) # we mask the password sample = next( (x for x in result if x['name'] == 'DOCKER_REGISTRY_SERVER_URL')) self.assertEqual( sample, { 'name': 'DOCKER_REGISTRY_SERVER_URL', 'slotSetting': False, 'value': 'foo-url' }) self.cmd('webapp config container delete -g {} -n {}'.format( self.resource_group, webapp)) result2 = self.cmd('webapp config container show -g {} -n {} '.format( self.resource_group, webapp), checks=NoneCheck()) self.assertEqual(result2, [])
def body(self): if self.playback: subscription_id = MOCKED_SUBSCRIPTION_ID else: subscription_id = self.cmd( 'account list --query "[?isDefault].id" -o tsv') s = self vnet_resource_id = '/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/' \ 'virtualNetworks/{}'.format(subscription_id, self.resource_group, self.vnet_name) s.cmd('resource tag --id {} --tags {}'.format(vnet_resource_id, 'tag-vnet')) s.cmd('resource show --id {}'.format(vnet_resource_id), checks=[ JMESPathCheck('name', self.vnet_name), JMESPathCheck('resourceGroup', self.resource_group), JMESPathCheck('tags', {'tag-vnet': ''}) ]) subnet_resource_id = '/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/' \ 'virtualNetworks/{}/subnets/{}'.format(subscription_id, self.resource_group, self.vnet_name, self.subnet_name) s.cmd('resource show --id {}'.format(subnet_resource_id), checks=[ JMESPathCheck('name', self.subnet_name), JMESPathCheck('resourceGroup', self.resource_group), JMESPathCheck('properties.addressPrefix', '10.0.0.0/24') ]) s.cmd( 'resource update --id {} --set properties.addressPrefix=10.0.0.0/22' .format(subnet_resource_id), checks=[JMESPathCheck('properties.addressPrefix', '10.0.0.0/22')]) s.cmd('resource delete --id {}'.format(subnet_resource_id), checks=NoneCheck()) s.cmd('resource delete --id {}'.format(vnet_resource_id), checks=NoneCheck())
def body(self): curr_dir = os.path.dirname(os.path.realpath(__file__)) template_file = os.path.join(curr_dir, 'simple_deploy.json').replace('\\', '\\\\') parameters_file = os.path.join(curr_dir, 'simple_deploy_parameters.json').replace('\\', '\\\\') deployment_name = 'azure-cli-deployment' self.cmd('group deployment create -g {} -n {} --template-file {} --parameters @{} ' '--no-wait'.format(self.resource_group, deployment_name, template_file, parameters_file), checks=NoneCheck()) self.cmd('group deployment wait -g {} -n {} --created'.format(self.resource_group, deployment_name), checks=NoneCheck()) self.cmd('group deployment show -g {} -n {}'.format(self.resource_group, deployment_name), checks=[JMESPathCheck('properties.provisioningState', 'Succeeded')])
def body(self): subscription_id = self.cmd( 'account list --query "[?isDefault].id" -o tsv') scope = '/subscriptions/{}'.format(subscription_id) self.cmd( 'ad sp create-for-rbac -n {0} --scopes {1} {1}/resourceGroups/{2}'. format(self.sp_name, scope, self.resource_group), checks=[JMESPathCheck('name', self.sp_name)]) self.cmd('ad sp create-for-rbac -n {}'.format(self.sp_name), allowed_exceptions="'{}' already exists.".format( self.sp_name)) self.cmd('role assignment list --assignee {} --scope {}'.format( self.sp_name, scope), checks=[JMESPathCheck("length([])", 1)]) self.cmd('role assignment list --assignee {} -g {}'.format( self.sp_name, self.resource_group), checks=[JMESPathCheck("length([])", 1)]) self.cmd('role assignment delete --assignee {} -g {}'.format( self.sp_name, self.resource_group), checks=NoneCheck()) self.cmd('role assignment delete --assignee {}'.format(self.sp_name), checks=NoneCheck()) self.cmd('ad app delete --id {}'.format(self.sp_name))
def test_managedappdef_inline(self, resource_group): location = 'eastus2euap' appdef_name = self.create_random_name('testappdefname', 20) appdef_display_name = self.create_random_name('test_appdef', 20) appdef_description = 'test_appdef_123' auth = '5e91139a-c94b-462e-a6ff-1ee95e8aac07:8e3af657-a8ff-443c-a75c-2fe8c4bcb635' lock = 'None' curr_dir = os.path.dirname(os.path.realpath(__file__)) createUiDef_file = os.path.join(curr_dir, 'sample_create_ui_definition.json').replace('\\', '\\\\') mainTemplate_file = os.path.join(curr_dir, 'sample_main_template.json').replace('\\', '\\\\') # create a managedapp definition with inline params for create-ui-definition and main-template create_cmd = 'managedapp definition create -n {} --create-ui-definition @"{}" --main-template @"{}" --display-name {} --description {} -l {} -a {} --lock-level {} -g {}' appdef = self.cmd( create_cmd.format(appdef_name, createUiDef_file, mainTemplate_file, appdef_display_name, appdef_description, location, auth, lock, resource_group), checks=[ JCheck('name', appdef_name), JCheck('displayName', appdef_display_name), JCheck('description', appdef_description), JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'), JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'), JCheck('artifacts[0].name', 'ApplicationResourceTemplate'), JCheck('artifacts[0].type', 'Template'), JCheck('artifacts[1].name', 'CreateUiDefinition'), JCheck('artifacts[1].type', 'Custom') ]).get_output_in_json() # list and show it list_cmd = 'managedapp definition list -g {}' self.cmd(list_cmd.format(resource_group), checks=[ JCheck('[0].name', appdef_name) ]) show_cmd = 'managedapp definition show --ids {}' self.cmd(show_cmd.format(appdef['id']), checks=[ JCheck('name', appdef_name), JCheck('displayName', appdef_display_name), JCheck('description', appdef_description), JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'), JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'), JCheck('artifacts[0].name', 'ApplicationResourceTemplate'), JCheck('artifacts[0].type', 'Template'), JCheck('artifacts[1].name', 'CreateUiDefinition'), JCheck('artifacts[1].type', 'Custom') ]) # delete self.cmd('managedapp definition delete -g {} -n {}'.format(resource_group, appdef_name)) self.cmd('managedapp definition list -g {}'.format(resource_group), checks=NoneCheck())
def body(self): subscription_id = self.cmd( 'account list --query "[?isDefault].id" -o tsv') scope = '/subscriptions/{}'.format(subscription_id) result = self.cmd( 'ad sp create-for-rbac -n {0} --scopes {1} {1}/resourceGroups/{2} --create-cert' .format(self.sp_name, scope, self.resource_group)) self.assertEqual(self.sp_name, result['name']) self.assertTrue(result['fileWithCertAndPrivateKey'].endswith('.pem')) os.remove(result['fileWithCertAndPrivateKey']) result = self.cmd( 'ad sp reset-credentials -n {0} --create-cert'.format( self.sp_name)) self.assertEqual(self.sp_name, result['name']) self.assertTrue(result['fileWithCertAndPrivateKey'].endswith('.pem')) os.remove(result['fileWithCertAndPrivateKey']) self.cmd('ad app delete --id {}'.format(self.sp_name), checks=NoneCheck())
def _test_keyvault_certificate_issuers(self): kv = self.keyvault_name self.cmd( 'keyvault certificate issuer create --vault-name {} --issuer-name issuer1 --provider Test' .format(kv), checks=[ JMESPathCheck('provider', 'Test'), JMESPathCheck('attributes.enabled', True) ]) self.cmd( 'keyvault certificate issuer show --vault-name {} --issuer-name issuer1' .format(kv), checks=[ JMESPathCheck('provider', 'Test'), JMESPathCheck('attributes.enabled', True) ]) self.cmd( 'keyvault certificate issuer update --vault-name {} --issuer-name issuer1 --organization-id TestOrg --account-id test_account' .format(kv), checks=[ JMESPathCheck('provider', 'Test'), JMESPathCheck('attributes.enabled', True), JMESPathCheck('organizationDetails.id', 'TestOrg'), JMESPathCheck('credentials.accountId', 'test_account') ]) with self.assertRaises(CLIError): self.cmd( 'keyvault certificate issuer update --vault-name {} --issuer-name notexist --organization-id TestOrg --account-id test_account' .format(kv)) self.cmd( 'keyvault certificate issuer update --vault-name {} --issuer-name issuer1 --account-id ""' .format(kv), checks=[ JMESPathCheck('provider', 'Test'), JMESPathCheck('attributes.enabled', True), JMESPathCheck('organizationDetails.id', 'TestOrg'), JMESPathCheck('credentials.accountId', None) ]) self.cmd('keyvault certificate issuer list --vault-name {}'.format(kv), checks=JMESPathCheck('length(@)', 1)) # test admin commands self.cmd( 'keyvault certificate issuer admin add --vault-name {} --issuer-name issuer1 --email [email protected] --first-name Test --last-name Admin --phone 123-456-7890' .format(kv), checks=[ JMESPathCheck('emailAddress', '*****@*****.**'), JMESPathCheck('firstName', 'Test'), JMESPathCheck('lastName', 'Admin'), JMESPathCheck('phone', '123-456-7890'), ]) with self.assertRaises(CLIError): self.cmd( 'keyvault certificate issuer admin add --vault-name {} --issuer-name issuer1 --email [email protected]' .format(kv)) self.cmd( 'keyvault certificate issuer admin add --vault-name {} --issuer-name issuer1 --email [email protected]' .format(kv), checks=[ JMESPathCheck('emailAddress', '*****@*****.**'), JMESPathCheck('firstName', None), JMESPathCheck('lastName', None), JMESPathCheck('phone', None), ]) self.cmd( 'keyvault certificate issuer admin list --vault-name {} --issuer-name issuer1' .format(kv), checks=JMESPathCheck('length(@)', 2)) self.cmd( 'keyvault certificate issuer admin delete --vault-name {} --issuer-name issuer1 --email [email protected]' .format(kv)) self.cmd( 'keyvault certificate issuer admin list --vault-name {} --issuer-name issuer1' .format(kv), checks=JMESPathCheck('length(@)', 1)) self.cmd( 'keyvault certificate issuer delete --vault-name {} --issuer-name issuer1' .format(kv)) self.cmd('keyvault certificate issuer list --vault-name {}'.format(kv), checks=NoneCheck())
def body(self): with open(self.package_file_name, 'w') as f: f.write('storage blob test sample file') rg = self.resource_group name = self.account_name aname = self.application_name ver = self.application_package_name # test create application with default set self.cmd( 'batch application create -g {} -n {} --application-id {} --allow-updates' .format(rg, name, aname), checks=[ JMESPathCheck('id', aname), JMESPathCheck('allowUpdates', True) ]) self.cmd('batch application list -g {} -n {}'.format(rg, name), checks=[ JMESPathCheck('length(@)', 1), JMESPathCheck('[0].id', aname), ]) self.cmd( 'batch application package create -g {} -n {} --application-id {}' ' --version {} --package-file "{}"'.format(rg, name, aname, ver, self.package_file_name), checks=[ JMESPathCheck('id', aname), JMESPathCheck('storageUrl != null', True), JMESPathCheck('version', ver), JMESPathCheck('state', 'active') ]) self.cmd( 'batch application package activate -g {} -n {} --application-id {}' ' --version {} --format zip'.format(rg, name, aname, ver)) self.cmd( 'batch application package show -g {} -n {} --application-id {} --version {}' .format(rg, name, aname, ver), checks=[ JMESPathCheck('id', aname), JMESPathCheck('format', 'zip'), JMESPathCheck('version', ver), JMESPathCheck('state', 'active') ]) self.cmd('batch application set -g {} -n {} --application-id {} --default-version {}'.format(rg, name, aname, ver)) # pylint: disable=line-too-long self.cmd( 'batch application show -g {} -n {} --application-id {}'.format( rg, name, aname), checks=[ JMESPathCheck('id', aname), JMESPathCheck('defaultVersion', ver), JMESPathCheck('packages[0].format', 'zip'), JMESPathCheck('packages[0].state', 'active') ]) # test batch applcation delete self.cmd( 'batch application package delete -g {} -n {} --application-id {} --version {} --yes' . # pylint: disable=line-too-long format(rg, name, aname, ver)) self.cmd( 'batch application delete -g {} -n {} --application-id {} --yes'. format(rg, name, aname)) self.cmd('batch application list -g {} -n {}'.format(rg, name), checks=NoneCheck())
def body(self): rg = self.resource_group name = self.account_name loc = self.location # test create storage account with default set result = self.cmd( 'storage account create -g {} -n {} -l {} --sku Standard_LRS'. format(rg, self.storage_account_name, loc), checks=[ JMESPathCheck('name', self.storage_account_name), JMESPathCheck('location', loc), JMESPathCheck('resourceGroup', rg) ]) sid = result['id'] # test create keyvault for use with BYOS account self.cmd( 'keyvault create -g {} -n {} -l {} --enabled-for-deployment true ' '--enabled-for-disk-encryption true --enabled-for-template-deployment' ' true'.format(rg, self.keyvault_name, self.byos_location), checks=[ JMESPathCheck('name', self.keyvault_name), JMESPathCheck('location', self.byos_location), JMESPathCheck('resourceGroup', rg), JMESPathCheck('type(properties.accessPolicies)', 'array'), JMESPathCheck('length(properties.accessPolicies)', 1), JMESPathCheck('properties.sku.name', 'standard') ]) self.cmd( 'keyvault set-policy -g {} -n {} --object-id {} --key-permissions all ' '--secret-permissions all'.format(rg, self.keyvault_name, self.object_id)) # test create account with default set self.cmd('batch account create -g {} -n {} -l {}'.format( rg, name, loc), checks=[ JMESPathCheck('name', name), JMESPathCheck('location', loc), JMESPathCheck('resourceGroup', rg) ]) # test create account with BYOS self.cmd('batch account create -g {} -n {} -l {} --keyvault {}'.format( rg, self.byos_account_name, self.byos_location, self.keyvault_name), checks=[ JMESPathCheck('name', self.byos_account_name), JMESPathCheck('location', self.byos_location), JMESPathCheck('resourceGroup', rg) ]) self.cmd('batch account set -g {} -n {} --storage-account {}'.format( rg, name, self.storage_account_name), checks=[ JMESPathCheck('name', name), JMESPathCheck('location', loc), JMESPathCheck('resourceGroup', rg) ]) self.cmd('batch account show -g {} -n {}'.format(rg, name), checks=[ JMESPathCheck('name', name), JMESPathCheck('location', loc), JMESPathCheck('resourceGroup', rg), JMESPathCheck('autoStorage.storageAccountId', sid) ]) self.cmd('batch account autostorage-keys sync -g {} -n {}'.format( rg, name)) keys = self.cmd('batch account keys list -g {} -n {}'.format(rg, name), checks=[ JMESPathCheck('primary != null', True), JMESPathCheck('secondary != null', True) ]) keys2 = self.cmd( 'batch account keys renew -g {} -n {} --key-name primary'.format( rg, name), checks=[ JMESPathCheck('primary != null', True), JMESPathCheck('secondary', keys['secondary']) ]) self.assertTrue(keys['primary'] != keys2['primary']) with mock.patch('azure.cli.core._config.GLOBAL_CONFIG_DIR', self.config_dir), \ mock.patch('azure.cli.core._config.GLOBAL_CONFIG_PATH', self.config_path): # noqa: F122 self.cmd('batch account login -g {} -n {}'.format(rg, name), checks=NoneCheck()) self.assertEqual(az_config.config_parser.get('batch', 'auth_mode'), 'aad') self.assertEqual(az_config.config_parser.get('batch', 'account'), name) self.assertFalse( az_config.config_parser.has_option('batch', 'access_key')) self.cmd( 'batch account login -g {} -n {} --shared-key-auth'.format( rg, name), checks=NoneCheck()) self.assertEqual(az_config.config_parser.get('batch', 'auth_mode'), 'shared_key') self.assertEqual(az_config.config_parser.get('batch', 'account'), name) self.assertEqual( az_config.config_parser.get('batch', 'access_key'), keys2['primary']) # test batch account delete self.cmd('batch account delete -g {} -n {} --yes'.format(rg, name)) self.cmd('batch account delete -g {} -n {} --yes'.format( rg, self.byos_account_name)) self.cmd('batch account list -g {}'.format(rg), checks=NoneCheck()) self.cmd('batch location quotas show -l {}'.format(loc), checks=[JMESPathCheck('accountQuota', 1)])
def body(self): plan_result = self.cmd( 'appservice plan create -g {} -n {} --sku S1'.format( self.resource_group, self.plan)) self.cmd('webapp create -g {} -n {} --plan {}'.format( self.resource_group, self.webapp, plan_result['id'])) # You can create and use any repros with the 3 files under "./sample_web" and with a 'staging 'branch slot = 'staging' slot2 = 'dev' test_git_repo = 'https://github.com/yugangw-msft/azure-site-test' test_php_version = '5.6' # create a few app-settings to test they can be cloned self.cmd( 'webapp config appsettings set -g {} -n {} --settings s1=v1 --slot-settings s2=v2' .format(self.resource_group, self.webapp)) # create an empty slot self.cmd('webapp deployment slot create -g {} -n {} --slot {}'.format( self.resource_group, self.webapp, slot), checks=[JMESPathCheck('name', slot)]) self.cmd( 'webapp deployment source config -g {} -n {} --repo-url {} --branch {} -s {} --manual-integration' .format(self.resource_group, self.webapp, test_git_repo, slot, slot), checks=[ JMESPathCheck('repoUrl', test_git_repo), JMESPathCheck('branch', slot) ]) # swap with prod and verify the git branch also switched self.cmd('webapp deployment slot swap -g {} -n {} -s {}'.format( self.resource_group, self.webapp, slot)) result = self.cmd( 'webapp config appsettings list -g {} -n {} -s {}'.format( self.resource_group, self.webapp, slot)) self.assertEqual(set([x['name'] for x in result]), set(['s1'])) # create a new slot by cloning from prod slot self.cmd('webapp config set -g {} -n {} --php-version {}'.format( self.resource_group, self.webapp, test_php_version)) self.cmd( 'webapp deployment slot create -g {} -n {} --slot {} --configuration-source {}' .format(self.resource_group, self.webapp, slot2, self.webapp)) self.cmd('webapp config show -g {} -n {} --slot {}'.format( self.resource_group, self.webapp, slot2), checks=[ JMESPathCheck("phpVersion", test_php_version), ]) self.cmd( 'webapp config appsettings set -g {} -n {} --slot {} --settings s3=v3 --slot-settings s4=v4' .format(self.resource_group, self.webapp, slot2)) self.cmd( 'webapp config connection-string set -g {} -n {} -t mysql --slot {} --settings c1=connection1 --slot-settings c2=connection2' .format(self.resource_group, self.webapp, slot2)) # verify we can swap with non production slot self.cmd( 'webapp deployment slot swap -g {} -n {} --slot {} --target-slot {}' .format(self.resource_group, self.webapp, slot, slot2), checks=NoneCheck()) result = self.cmd( 'webapp config appsettings list -g {} -n {} --slot {}'.format( self.resource_group, self.webapp, slot2)) self.assertEqual(set([x['name'] for x in result]), set(['s1', 's4'])) result = self.cmd( 'webapp config connection-string list -g {} -n {} --slot {}'. format(self.resource_group, self.webapp, slot2)) self.assertEqual(set([x['name'] for x in result]), set(['c2'])) result = self.cmd( 'webapp config appsettings list -g {} -n {} --slot {}'.format( self.resource_group, self.webapp, slot)) self.assertTrue(set(['s3']).issubset(set([x['name'] for x in result]))) result = self.cmd( 'webapp config connection-string list -g {} -n {} --slot {}'. format(self.resource_group, self.webapp, slot)) self.assertEqual(set([x['name'] for x in result]), set(['c1'])) self.cmd('webapp deployment slot list -g {} -n {}'.format( self.resource_group, self.webapp), checks=[ JMESPathCheck("length([])", 2), JMESPathCheck("length([?name=='{}'])".format(slot2), 1), JMESPathCheck("length([?name=='{}'])".format(slot), 1), ]) self.cmd('webapp deployment slot delete -g {} -n {} --slot {}'.format( self.resource_group, self.webapp, slot), checks=NoneCheck())
def body(self): _create_keyvault(self, self.keyvault_name, self.resource_group, self.location) kv = self.keyvault_name # create a key key = self.cmd( 'keyvault key create --vault-name {} -n key1 -p software'.format( kv), checks=JMESPathCheck('attributes.enabled', True)) first_kid = key['key']['kid'] first_version = first_kid.rsplit('/', 1)[1] # list keys self.cmd('keyvault key list --vault-name {}'.format(kv), checks=JMESPathCheck('length(@)', 1)) # create a new key version key = self.cmd( 'keyvault key create --vault-name {} -n key1 -p software --disabled --ops encrypt decrypt --tags test=foo' .format(kv), checks=[ JMESPathCheck('attributes.enabled', False), JMESPathCheck('length(key.keyOps)', 2), JMESPathCheck('tags', {'test': 'foo'}) ]) second_kid = key['key']['kid'] # list key versions self.cmd( 'keyvault key list-versions --vault-name {} -n key1'.format(kv), checks=JMESPathCheck('length(@)', 2)) # show key (latest) self.cmd('keyvault key show --vault-name {} -n key1'.format(kv), checks=JMESPathCheck('key.kid', second_kid)) # show key (specific version) self.cmd('keyvault key show --vault-name {} -n key1 -v {}'.format( kv, first_version), checks=JMESPathCheck('key.kid', first_kid)) # set key attributes self.cmd( 'keyvault key set-attributes --vault-name {} -n key1 --enabled true' .format(kv), checks=[ JMESPathCheck('key.kid', second_kid), JMESPathCheck('attributes.enabled', True) ]) # backup and then delete key key_file = 'backup.key' self.cmd( 'keyvault key backup --vault-name {} -n key1 --file {}'.format( kv, key_file)) self.cmd('keyvault key delete --vault-name {} -n key1'.format(kv)) self.cmd('keyvault key list --vault-name {}'.format(kv), checks=NoneCheck()) # restore key from backup self.cmd('keyvault key restore --vault-name {} --file {}'.format( kv, key_file)) self.cmd( 'keyvault key list-versions --vault-name {} -n key1'.format(kv), checks=JMESPathCheck('length(@)', 2)) if os.path.isfile(key_file): os.remove(key_file) # import PEM and BYOK keys key_enc_file = os.path.join(TEST_DIR, 'mydomain.test.encrypted.pem') key_enc_password = '******' key_plain_file = os.path.join(TEST_DIR, 'mydomain.test.pem') self.cmd( 'keyvault key import --vault-name {} -n import-key-plain --pem-file "{}" -p software' .format(kv, key_plain_file)) self.cmd( 'keyvault key import --vault-name {} -n import-key-encrypted --pem-file "{}" --pem-password {} -p hsm' .format(kv, key_enc_file, key_enc_password)) byok_key_file = os.path.join(TEST_DIR, 'TestBYOK-NA.byok') self.cmd( 'keyvault key import --vault-name {} -n import-key-byok --byok-file "{}"' .format(kv, byok_key_file))
def body(self): _create_keyvault(self, self.keyvault_name, self.resource_group, self.location) kv = self.keyvault_name # create a secret secret = self.cmd( 'keyvault secret set --vault-name {} -n secret1 --value ABC123'. format(kv), checks=JMESPathCheck('value', 'ABC123')) first_kid = secret['id'] first_version = first_kid.rsplit('/', 1)[1] # list secrets self.cmd('keyvault secret list --vault-name {}'.format(kv), checks=JMESPathCheck('length(@)', 1)) # create a new secret version secret = self.cmd( 'keyvault secret set --vault-name {} -n secret1 --value DEF456 --tags test=foo --description "test type"' .format(kv), checks=[ JMESPathCheck('value', 'DEF456'), JMESPathCheck('tags', { 'file-encoding': 'utf-8', 'test': 'foo' }), JMESPathCheck('contentType', 'test type') ]) second_kid = secret['id'] # list secret versions self.cmd( 'keyvault secret list-versions --vault-name {} -n secret1'.format( kv), checks=JMESPathCheck('length(@)', 2)) # show secret (latest) self.cmd('keyvault secret show --vault-name {} -n secret1'.format(kv), checks=JMESPathCheck('id', second_kid)) # show secret (specific version) self.cmd( 'keyvault secret show --vault-name {} -n secret1 -v {}'.format( kv, first_version), checks=JMESPathCheck('id', first_kid)) # set secret attributes self.cmd( 'keyvault secret set-attributes --vault-name {} -n secret1 --enabled false' .format(kv), checks=[ JMESPathCheck('id', second_kid), JMESPathCheck('attributes.enabled', False) ]) # delete secret self.cmd( 'keyvault secret delete --vault-name {} -n secret1'.format(kv)) self.cmd('keyvault secret list --vault-name {}'.format(kv), checks=NoneCheck()) self._test_download_secret()
def body(self): plan_result = self.cmd('appservice plan create -g {} -n {} --sku S1'.format(self.resource_group, self.plan)) self.cmd('webapp create -g {} -n {} --plan {}'.format(self.resource_group, self.webapp, plan_result['id'])) # You can create and use any repros with the 3 files under "./sample_web" and with a 'staging 'branch slot = 'staging' slot2 = 'dev' test_git_repo = 'https://github.com/yugangw-msft/azure-site-test' test_node_version = '6.6.0' # create a few app-settings to test they can be cloned self.cmd('webapp config appsettings set -g {} -n {} --settings s1=v1 --slot-settings s2=v2'.format(self.resource_group, self.webapp)) # create an empty slot self.cmd('webapp deployment slot create -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot), checks=[ JMESPathCheck('name', slot) ]) self.cmd('webapp deployment source config -g {} -n {} --repo-url {} --branch {} -s {} --manual-integration'.format(self.resource_group, self.webapp, test_git_repo, slot, slot), checks=[ JMESPathCheck('repoUrl', test_git_repo), JMESPathCheck('branch', slot) ]) import time import requests # comment out the git sync testing as it requires to pre-load a git token # the rest test steps should be sufficient to verify the slot functionalities. # verify the slot wires up the git repo/branch # time.sleep(30) # 30 seconds should be enough for the deployment finished(Skipped under playback mode) # r = requests.get('http://{}-{}.azurewebsites.net'.format(self.webapp, slot)) # self.assertTrue('Staging' in str(r.content)) # swap with prod and verify the git branch also switched self.cmd('webapp deployment slot swap -g {} -n {} -s {}'.format(self.resource_group, self.webapp, slot)) # time.sleep(30) # 30 seconds should be enough for the slot swap finished(Skipped under playback mode) # r = requests.get('http://{}.azurewebsites.net'.format(self.webapp)) # self.assertTrue('Staging' in str(r.content)) result = self.cmd('webapp config appsettings list -g {} -n {} -s {}'.format(self.resource_group, self.webapp, slot)) self.assertEqual(set([x['name'] for x in result]), set(['WEBSITE_NODE_DEFAULT_VERSION', 's1'])) # create a new slot by cloning from prod slot self.cmd('webapp config set -g {} -n {} --node-version {}'.format(self.resource_group, self.webapp, test_node_version)) self.cmd('webapp deployment slot create -g {} -n {} --slot {} --configuration-source {}'.format(self.resource_group, self.webapp, slot2, self.webapp)) self.cmd('webapp config appsettings list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot2), checks=[ JMESPathCheck("length([])", 1), JMESPathCheck('[0].name', 'WEBSITE_NODE_DEFAULT_VERSION') ]) self.cmd('webapp config show -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot2), checks=[ JMESPathCheck("nodeVersion", test_node_version), ]) self.cmd('webapp config appsettings set -g {} -n {} --slot {} --settings s3=v3 --slot-settings s4=v4'.format(self.resource_group, self.webapp, slot2)) self.cmd('webapp config connection-string set -g {} -n {} -t mysql --slot {} --settings c1=connection1 --slot-settings c2=connection2'.format(self.resource_group, self.webapp, slot2)) # verify we can swap with non production slot self.cmd('webapp deployment slot swap -g {} -n {} --slot {} --target-slot {}'.format(self.resource_group, self.webapp, slot, slot2), checks=NoneCheck()) result = self.cmd('webapp config appsettings list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot2)) self.assertEqual(set([x['name'] for x in result]), set(['WEBSITE_NODE_DEFAULT_VERSION', 's1', 's4'])) result = self.cmd('webapp config connection-string list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot2)) self.assertEqual(set([x['name'] for x in result]), set(['c2'])) result = self.cmd('webapp config appsettings list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot)) self.assertEqual(set([x['name'] for x in result]), set(['WEBSITE_NODE_DEFAULT_VERSION', 's3'])) result = self.cmd('webapp config connection-string list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot)) self.assertEqual(set([x['name'] for x in result]), set(['c1'])) self.cmd('webapp deployment slot list -g {} -n {}'.format(self.resource_group, self.webapp), checks=[ JMESPathCheck("length([])", 2), JMESPathCheck("length([?name=='{}'])".format(slot2), 1), JMESPathCheck("length([?name=='{}'])".format(slot), 1), ]) self.cmd('webapp deployment slot delete -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot), checks=NoneCheck())
def body(self): rg = self.resource_group kv = self.keyvault_names[0] loc = self.location # test create keyvault with default access policy set keyvault = self.cmd( 'keyvault create -g {} -n {} -l {}'.format(rg, kv, loc), checks=[ JMESPathCheck('name', kv), JMESPathCheck('location', loc), JMESPathCheck('resourceGroup', rg), JMESPathCheck('type(properties.accessPolicies)', 'array'), JMESPathCheck('length(properties.accessPolicies)', 1), JMESPathCheck('properties.sku.name', 'standard') ]) policy_id = keyvault['properties']['accessPolicies'][0]['objectId'] self.cmd('keyvault show -n {}'.format(kv), checks=[ JMESPathCheck('name', kv), JMESPathCheck('location', loc), JMESPathCheck('resourceGroup', rg), JMESPathCheck('type(properties.accessPolicies)', 'array'), JMESPathCheck('length(properties.accessPolicies)', 1), ]) self.cmd('keyvault list -g {}'.format(rg), checks=[ JMESPathCheck('type(@)', 'array'), JMESPathCheck('length(@)', 1), JMESPathCheck('[0].name', kv), JMESPathCheck('[0].location', loc), JMESPathCheck('[0].resourceGroup', rg), ]) # test updating keyvault sku name self.cmd( 'keyvault update -g {} -n {} --set properties.sku.name=premium'. format(rg, kv), checks=[ JMESPathCheck('name', kv), JMESPathCheck('properties.sku.name', 'premium'), ]) # test policy set/delete self.cmd( 'keyvault set-policy -g {} -n {} --object-id {} --certificate-permissions get list' .format(rg, kv, policy_id), checks=JMESPathCheck( 'length(properties.accessPolicies[0].permissions.certificates)', 2)) self.cmd('keyvault delete-policy -g {} -n {} --object-id {}'.format( rg, kv, policy_id), checks=[ JMESPathCheck('type(properties.accessPolicies)', 'array'), JMESPathCheck('length(properties.accessPolicies)', 0) ]) # test keyvault delete self.cmd('keyvault delete -n {}'.format(kv)) self.cmd('keyvault list -g {}'.format(rg), checks=NoneCheck()) # test create keyvault further self.cmd('keyvault create -g {} -n {} -l {} --no-self-perms'.format( rg, self.keyvault_names[1], loc), checks=[ JMESPathCheck('type(properties.accessPolicies)', 'array'), JMESPathCheck('length(properties.accessPolicies)', 0) ]) self.cmd( 'keyvault create -g {} -n {} -l {} --enabled-for-deployment true ' '--enabled-for-disk-encryption true --enabled-for-template-deployment true' .format(rg, self.keyvault_names[2], loc), checks=[ JMESPathCheck('properties.enabledForDeployment', True), JMESPathCheck('properties.enabledForDiskEncryption', True), JMESPathCheck('properties.enabledForTemplateDeployment', True) ]) self.cmd('keyvault create -g {} -n {} -l {} --sku premium'.format( rg, self.keyvault_names[3], loc), checks=[JMESPathCheck('properties.sku.name', 'premium')])
def body(self): sas_url = 'https://azureclistore.blob.core.windows.net/sitebackups?sv=2015-04-05&sr=c&sig=%2FjH1lEtbm3uFqtMI%2BfFYwgrntOs1qhGnpGv9uRibJ7A%3D&se=2017-02-14T04%3A53%3A28Z&sp=rwdl' frequency = '1d' db_conn_str = 'Server=tcp:cli-backup.database.windows.net,1433;Initial Catalog=cli-db;Persist Security Info=False;User ID=cliuser;Password=cli!password1;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;' retention_period = 5 # set without databases self.cmd('webapp config backup update -g {} --webapp-name {} --frequency {} --container-url {} --retain-one true --retention {}' .format(self.resource_group, self.webapp_name, frequency, sas_url, retention_period), checks=NoneCheck()) checks = [ JMESPathCheck('backupSchedule.frequencyInterval', 1), JMESPathCheck('backupSchedule.frequencyUnit', 'Day'), JMESPathCheck('backupSchedule.keepAtLeastOneBackup', True), JMESPathCheck('backupSchedule.retentionPeriodInDays', retention_period) ] self.cmd('webapp config backup show -g {} --webapp-name {}'.format(self.resource_group, self.webapp_name), checks=checks) # update with databases database_name = 'cli-db' database_type = 'SqlAzure' self.cmd('webapp config backup update -g {} --webapp-name {} --db-connection-string "{}" --db-name {} --db-type {} --retain-one true' .format(self.resource_group, self.webapp_name, db_conn_str, database_name, database_type), checks=NoneCheck()) checks = [ JMESPathCheck('backupSchedule.frequencyInterval', 1), JMESPathCheck('backupSchedule.frequencyUnit', 'Day'), JMESPathCheck('backupSchedule.keepAtLeastOneBackup', True), JMESPathCheck('backupSchedule.retentionPeriodInDays', retention_period), JMESPathCheck('databases[0].connectionString', db_conn_str), JMESPathCheck('databases[0].databaseType', database_type), JMESPathCheck('databases[0].name', database_name) ] self.cmd('webapp config backup show -g {} --webapp-name {}'.format(self.resource_group, self.webapp_name), checks=checks) # update frequency and retention only frequency = '18h' retention_period = 7 self.cmd('webapp config backup update -g {} --webapp-name {} --frequency {} --retain-one false --retention {}' .format(self.resource_group, self.webapp_name, frequency, retention_period), checks=NoneCheck()) checks = [ JMESPathCheck('backupSchedule.frequencyInterval', 18), JMESPathCheck('backupSchedule.frequencyUnit', 'Hour'), JMESPathCheck('backupSchedule.keepAtLeastOneBackup', False), JMESPathCheck('backupSchedule.retentionPeriodInDays', retention_period), JMESPathCheck('databases[0].connectionString', db_conn_str), JMESPathCheck('databases[0].databaseType', database_type), JMESPathCheck('databases[0].name', database_name) ] self.cmd('webapp config backup show -g {} --webapp-name {}'.format(self.resource_group, self.webapp_name), checks=checks)
def body(self): _create_keyvault(self, self.keyvault_name, self.resource_group, self.location) kv = self.keyvault_name self._test_certificate_download() policy_path = os.path.join(TEST_DIR, 'policy.json') policy2_path = os.path.join(TEST_DIR, 'policy2.json') # create a certificate self.cmd( 'keyvault certificate create --vault-name {} -n cert1 -p @"{}"'. format(kv, policy_path), checks=JMESPathCheck('status', 'completed')) # list certificates self.cmd('keyvault certificate list --vault-name {}'.format(kv), checks=JMESPathCheck('length(@)', 1)) # create a new certificate version self.cmd( 'keyvault certificate create --vault-name {} -n cert1 -p @"{}"'. format(kv, policy2_path), checks=[ JMESPathCheck('status', 'completed'), ]) # list certificate versions ver_list = self.cmd( 'keyvault certificate list-versions --vault-name {} -n cert1'. format(kv), checks=JMESPathCheck('length(@)', 2)) ver_list = sorted(ver_list, key=lambda x: x['attributes']['created']) versions = [x['id'] for x in ver_list] # show certificate (latest) self.cmd( 'keyvault certificate show --vault-name {} -n cert1'.format(kv), checks=[ JMESPathCheck('id', versions[1]), JMESPathCheck( 'policy.x509CertificateProperties.validityInMonths', 50) ]) # show certificate (specific version) cert_version = versions[0].rsplit('/', 1)[1] self.cmd( 'keyvault certificate show --vault-name {} -n cert1 -v {}'.format( kv, cert_version), checks=JMESPathCheck('id', versions[0])) # update certificate attributes self.cmd( 'keyvault certificate set-attributes --vault-name {} -n cert1 --enabled false -p @"{}"' .format(kv, policy_path), checks=[ JMESPathCheck('id', versions[1]), JMESPathCheck('attributes.enabled', False), JMESPathCheck( 'policy.x509CertificateProperties.validityInMonths', 60) ]) self._test_keyvault_certificate_contacts() self._test_keyvault_certificate_issuers() self._test_keyvault_pending_certificate() # delete certificate self.cmd( 'keyvault certificate delete --vault-name {} -n cert1'.format(kv)) self.cmd('keyvault certificate list --vault-name {}'.format(kv), checks=NoneCheck()) # test certificate import pem_encrypted_file = os.path.join(TEST_DIR, 'import_pem_encrypted_pwd_1234.pem') pem_encrypted_password = '******' pem_plain_file = os.path.join(TEST_DIR, 'import_pem_plain.pem') pem_policy_path = os.path.join(TEST_DIR, 'policy_import_pem.json') self.cmd( 'keyvault certificate import --vault-name {} -n pem-cert1 --file "{}" -p @"{}"' .format(kv, pem_plain_file, pem_policy_path)) self.cmd( 'keyvault certificate import --vault-name {} -n pem-cert2 --file "{}" --password {} -p @"{}"' .format(kv, pem_encrypted_file, pem_encrypted_password, pem_policy_path)) pfx_plain_file = os.path.join(TEST_DIR, 'import_pfx.pfx') pfx_policy_path = os.path.join(TEST_DIR, 'policy_import_pfx.json') self.cmd( 'keyvault certificate import --vault-name {} -n pfx-cert --file "{}" -p @"{}"' .format(kv, pfx_plain_file, pfx_policy_path))