def body(self):
app_id_uri = 'http://azureclitest-graph'
# create app through express option
self.cmd('ad sp create-for-rbac -n {}'.format(app_id_uri),
checks=[JMESPathCheck('name', app_id_uri)])
# show/list app
self.cmd('ad app show --id {}'.format(app_id_uri),
checks=[JMESPathCheck('identifierUris[0]', app_id_uri)])
self.cmd('ad app list --identifier-uri {}'.format(app_id_uri),
checks=[
JMESPathCheck('[0].identifierUris[0]', app_id_uri),
JMESPathCheck('length([*])', 1)
])
# show/list sp
self.cmd(
'ad sp show --id {}'.format(app_id_uri),
checks=[JMESPathCheck('servicePrincipalNames[0]', app_id_uri)])
self.cmd('ad sp list --spn {}'.format(app_id_uri),
checks=[
JMESPathCheck('[0].servicePrincipalNames[0]', app_id_uri),
JMESPathCheck('length([*])', 1),
])
self.cmd('ad sp reset-credentials -n {}'.format(app_id_uri),
checks=[JMESPathCheck('name', app_id_uri)])
# cleanup
self.cmd('ad sp delete --id {}'.format(app_id_uri), None)
self.cmd('ad sp list --spn {}'.format(app_id_uri), checks=NoneCheck())
self.cmd('ad app delete --id {}'.format(app_id_uri), None)
self.cmd('ad app list --identifier-uri {}'.format(app_id_uri),
checks=NoneCheck())
def body(self):
rg = self.resource_group
linux_vm_name = 'ubuntuvm5367'
linux_image = 'Ubuntu\ Server\ 16.04\ LTS'
windows_vm_name = 'winvm5367'
windows_image = 'Windows\ Server\ 2008\ R2\ SP1'
image_type = 'gallery'
size = 'Standard_DS1_v2'
password = '******'
self.cmd('group deployment create -g {} --template-file {}'
.format(rg, TEMPLATE),
checks=[JMESPathCheck('properties.provisioningState', 'Succeeded')])
# Create linux vm in the lab
self.cmd('lab vm create -g {} --lab-name {} --name {} '
'--image {} --image-type {} --size {} --admin-password {}'
.format(rg, LAB_NAME, linux_vm_name, linux_image, image_type, size, password),
checks=[NoneCheck()])
self.cmd('lab vm show -g {} --lab-name {} --name {} '
.format(rg, LAB_NAME, linux_vm_name),
checks=[
JMESPathCheck('name', linux_vm_name),
JMESPathCheck('provisioningState', 'Succeeded'),
JMESPathCheck('osType', 'Linux'),
JMESPathCheck('virtualMachineCreationSource', 'FromGalleryImage'),
JMESPathCheck('size', size),
JMESPathCheck('disallowPublicIpAddress', True),
JMESPathCheck('artifactDeploymentStatus.totalArtifacts', 0),
JMESPathCheck('galleryImageReference.publisher', 'Canonical')
])
# Create windows vm in the lab
self.cmd('lab vm create -g {} --lab-name {} --name {} '
'--image {} --image-type {} --size {} --admin-password {}'
.format(rg, LAB_NAME, windows_vm_name, windows_image, image_type, size, password),
checks=[NoneCheck()])
self.cmd('lab vm show -g {} --lab-name {} --name {} '
.format(rg, LAB_NAME, windows_vm_name),
checks=[
JMESPathCheck('name', windows_vm_name),
JMESPathCheck('provisioningState', 'Succeeded'),
JMESPathCheck('osType', 'Windows'),
JMESPathCheck('virtualMachineCreationSource', 'FromGalleryImage'),
JMESPathCheck('size', size),
JMESPathCheck('disallowPublicIpAddress', True),
JMESPathCheck('artifactDeploymentStatus.totalArtifacts', 0),
JMESPathCheck('galleryImageReference.publisher', 'MicrosoftWindowsServer')
])
# Delete all the vms
self.cmd('lab vm delete -g {} --lab-name {} --name {}'
.format(rg, LAB_NAME, linux_vm_name), checks=[NoneCheck()])
self.cmd('lab vm delete -g {} --lab-name {} --name {}'
.format(rg, LAB_NAME, windows_vm_name), checks=[NoneCheck()])
# Delete the lab
self.cmd('lab delete -g {} --name {}'.format(rg, LAB_NAME), checks=[NoneCheck()])
def body(self):
s = self
tn = s.tag_name
s.cmd('tag list --query "[?tagName == \'{}\']"'.format(tn),
checks=NoneCheck())
s.cmd('tag create -n {}'.format(tn),
checks=[
JMESPathCheck('tagName', tn),
JMESPathCheck('values', []),
JMESPathCheck('count.value', 0)
])
s.cmd('tag add-value -n {} --value test'.format(tn))
s.cmd('tag add-value -n {} --value test2'.format(tn))
s.cmd('tag list --query "[?tagName == \'{}\']"'.format(tn),
checks=[
JMESPathCheck('[].values[].tagValue', [u'test', u'test2'])
])
s.cmd('tag remove-value -n {} --value test'.format(tn))
s.cmd('tag list --query "[?tagName == \'{}\']"'.format(tn),
checks=[JMESPathCheck('[].values[].tagValue', [u'test2'])])
s.cmd('tag remove-value -n {} --value test2'.format(tn))
s.cmd('tag list --query "[?tagName == \'{}\']"'.format(tn),
checks=[JMESPathCheck('[].values[].tagValue', [])])
s.cmd('tag delete -n {}'.format(tn))
s.cmd('tag list --query "[?tagName == \'{}\']"'.format(self.tag_name),
checks=NoneCheck())
def test_create_for_rbac_with_secret(self, resource_group):
subscription_id = self.cmd(
'account list --query "[?isDefault].id"').get_output_in_json()
scope = '/subscriptions/{}'.format(subscription_id[0])
sp_name = 'http://{}'.format(resource_group)
try:
self.cmd(
'ad sp create-for-rbac -n {0} --scopes {1} {1}/resourceGroups/{2}'
.format(sp_name, scope, resource_group),
checks=[JMESPathCheckV2('name', sp_name)])
self.cmd('role assignment list --assignee {} --scope {}'.format(
sp_name, scope),
checks=[JMESPathCheckV2("length([])", 1)])
self.cmd('role assignment list --assignee {} -g {}'.format(
sp_name, resource_group),
checks=[JMESPathCheckV2("length([])", 1)])
self.cmd('role assignment delete --assignee {} -g {}'.format(
sp_name, resource_group),
checks=NoneCheck())
self.cmd('role assignment delete --assignee {}'.format(sp_name),
checks=NoneCheck())
finally:
self.cmd('ad app delete --id {}'.format(sp_name))
def body(self):
rg = self.resource_group
env_name = 'docdbenv'
arm_template = 'documentdb-webapp'
self.cmd('group deployment create -g {} --template-file {}'.format(
rg, TEMPLATE),
checks=[
JMESPathCheck('properties.provisioningState', 'Succeeded')
])
artifact_sources = self.cmd(
'lab artifact-source list -g {} --lab-name {}'.format(
rg, LAB_NAME))
# Create environment in the lab
self.cmd('lab environment create -g {} --lab-name {} --name {} '
'--arm-template {} --artifact-source-name {} --parameters {}'.
format(rg, LAB_NAME, env_name, arm_template,
artifact_sources[0]['name'], ENV_PARAMTERS),
checks=[
JMESPathCheck('provisioningState', 'Succeeded'),
JMESPathCheck(
'type',
'Microsoft.DevTestLab/labs/users/environments')
])
# Delete environment from the lab
self.cmd('lab environment delete -g {} --lab-name {} --name {}'.format(
rg, LAB_NAME, env_name),
checks=[NoneCheck()])
# Delete the lab
self.cmd('lab delete -g {} --name {}'.format(rg, LAB_NAME),
checks=[NoneCheck()])
def body(self):
s = self
rg = self.resource_group
s.cmd('group create -n {} -l westus'.format(rg), checks=[
JMESPathCheck('name', rg),
])
s.cmd('group exists -n {}'.format(rg), checks=BooleanCheck(True))
s.cmd('group wait --exists -n {}'.format(rg), checks=NoneCheck())
s.cmd('group delete -n {} --no-wait --yes'.format(rg), checks=NoneCheck())
s.cmd('group wait --deleted -n {}'.format(rg), checks=NoneCheck())
s.cmd('group exists -n {}'.format(rg), checks=NoneCheck())
def body(self):
nsg_name = 'nsg1'
self.cmd('network nsg create -n {} -g {}'.format(nsg_name, self.resource_group), None)
result = self.cmd('network nsg show -n {} -g {}'.format(nsg_name, self.resource_group),
None)
resource_id = result['id']
# test role assignments on a resource group
self.cmd('role assignment create --assignee {} --role contributor -g {}'.format(self.user,
self.resource_group),
None)
self.cmd('role assignment list -g {}'.format(self.resource_group),
checks=[JMESPathCheck("length([])", 1)])
self.cmd('role assignment list --assignee {} --role contributor -g {}'.format(self.user,
self.resource_group),
checks=[JMESPathCheck("length([])", 1)])
# test couple of more general filters
result = self.cmd(
'role assignment list -g {} --include-inherited'.format(self.resource_group), None)
self.assertTrue(len(result) >= 1)
result = self.cmd('role assignment list --all'.format(self.user, self.resource_group), None)
self.assertTrue(len(result) >= 1)
self.cmd('role assignment delete --assignee {} --role contributor -g {}'.format(self.user,
self.resource_group),
None)
self.cmd('role assignment list -g {}'.format(self.resource_group), checks=NoneCheck())
# test role assignments on a resource
self.cmd(
'role assignment create --assignee {} --role contributor --scope {}'.format(self.user,
resource_id),
None)
self.cmd(
'role assignment list --assignee {} --role contributor --scope {}'.format(self.user,
resource_id),
checks=[JMESPathCheck("length([])", 1)])
self.cmd(
'role assignment delete --assignee {} --role contributor --scope {}'.format(self.user,
resource_id),
None)
self.cmd('role assignment list --scope {}'.format(resource_id), checks=NoneCheck())
# test role assignment on subscription level
self.cmd('role assignment create --assignee {} --role reader'.format(self.user), None)
self.cmd('role assignment list --assignee {} --role reader'.format(self.user),
checks=[JMESPathCheck("length([])", 1)])
self.cmd('role assignment list --assignee {}'.format(self.user),
checks=[JMESPathCheck("length([])", 1)])
self.cmd('role assignment delete --assignee {} --role reader'.format(self.user), None)
def test_group_deployment_thru_uri(self, resource_group):
self.resource_group = resource_group
curr_dir = os.path.dirname(os.path.realpath(__file__))
# same copy of the sample template file under current folder, but it is uri based now
template_uri = 'https://raw.githubusercontent.com/Azure/azure-cli/master/src/' \
'command_modules/azure-cli-resource/azure/cli/command_modules/resource/tests/simple_deploy.json'
parameters_file = os.path.join(
curr_dir, 'simple_deploy_parameters.json').replace('\\', '\\\\')
result = self.cmd(
'group deployment create -g {} --template-uri {} --parameters @{}'.
format(self.resource_group, template_uri, parameters_file),
checks=[
JCheck('properties.provisioningState', 'Succeeded'),
JCheck('resourceGroup', self.resource_group),
]).get_output_in_json()
deployment_name = result['name']
result = self.cmd('group deployment show -g {} -n {}'.format(
self.resource_group, deployment_name),
checks=JCheck('name', deployment_name))
self.cmd('group deployment delete -g {} -n {}'.format(
self.resource_group, deployment_name))
self.cmd('group deployment list -g {}'.format(self.resource_group),
checks=NoneCheck())
def body(self):
if self.playback:
subscription_id = MOCKED_SUBSCRIPTION_ID
else:
subscription_id = self.cmd('account list --query "[?isDefault].id" -o tsv')
role_name = 'cli-test-role3'
template = {
"Name": role_name,
"Description": "Can monitor compute, network and storage, and restart virtual machines",
"Actions": ["Microsoft.Compute/*/read",
"Microsoft.Compute/virtualMachines/start/action",
"Microsoft.Compute/virtualMachines/restart/action",
"Microsoft.Network/*/read",
"Microsoft.Storage/*/read",
"Microsoft.Authorization/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/resourceGroups/resources/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Support/*"],
"AssignableScopes": ["/subscriptions/{}".format(subscription_id)]
}
_, temp_file = tempfile.mkstemp()
with open(temp_file, 'w') as f:
json.dump(template, f)
self.cmd('role definition create --role-definition {}'.format(temp_file.replace('\\', '\\\\')), None)
self.cmd('role definition list -n {}'.format(role_name),
checks=[JMESPathCheck('[0].properties.roleName', role_name)])
self.cmd('role definition delete -n {}'.format(role_name), None)
self.cmd('role definition list -n {}'.format(role_name), NoneCheck())
def test_resource_group(self, resource_group):
s = self
rg = resource_group
s.cmd('group delete -n {} --yes'.format(rg))
s.cmd('group exists -n {}'.format(rg), checks=NoneCheck())
s.cmd('group create -n {} -l westus --tag a=b c'.format(rg),
checks=[JCheck('name', rg),
JCheck('tags', {
'a': 'b',
'c': ''
})])
s.cmd('group exists -n {}'.format(rg), checks=BooleanCheck(True))
s.cmd('group show -n {}'.format(rg),
checks=[JCheck('name', rg),
JCheck('tags', {
'a': 'b',
'c': ''
})])
s.cmd('group list --tag a=b',
checks=[
JCheck('[0].name', rg),
JCheck('[0].tags', {
'a': 'b',
'c': ''
})
])
def body(self):
app_id_uri = 'http://azureclitest-graph'
display_name = 'azureclitest'
# crerate app through general option
self.cmd(
'ad app create --display-name {} --homepage {} --identifier-uris {}'
.format(display_name, app_id_uri, app_id_uri),
checks=[JMESPathCheck('identifierUris[0]', app_id_uri)])
# show/list app
self.cmd('ad app show --id {}'.format(app_id_uri),
checks=[JMESPathCheck('identifierUris[0]', app_id_uri)])
self.cmd('ad app list --display-name {}'.format(display_name),
checks=[
JMESPathCheck('[0].identifierUris[0]', app_id_uri),
JMESPathCheck('length([*])', 1)
])
# update app
reply_uri = "http://azureclitest-replyuri"
self.cmd('ad app update --id {} --reply-urls {}'.format(
app_id_uri, reply_uri))
self.cmd('ad app show --id {}'.format(app_id_uri),
checks=[JMESPathCheck('replyUrls[0]', reply_uri)])
# delete app
self.cmd('ad app delete --id {}'.format(app_id_uri))
self.cmd('ad app list --identifier-uri {}'.format(app_id_uri),
checks=NoneCheck())
def test_create_for_rbac_with_cert(self, resource_group):
subscription_id = self.cmd(
'account list --query "[?isDefault].id"').get_output_in_json()
scope = '/subscriptions/{}'.format(subscription_id[0])
sp_name = 'http://' + resource_group
try:
result = self.cmd(
'ad sp create-for-rbac -n {0} --scopes {1} {1}/resourceGroups/{2} --create-cert'
.format(sp_name, scope, resource_group)).get_output_in_json()
self.assertEqual(sp_name, result['name'])
self.assertTrue(
result['fileWithCertAndPrivateKey'].endswith('.pem'))
os.remove(result['fileWithCertAndPrivateKey'])
result = self.cmd(
'ad sp reset-credentials -n {0} --create-cert'.format(
sp_name)).get_output_in_json()
self.assertEqual(sp_name, result['name'])
self.assertTrue(
result['fileWithCertAndPrivateKey'].endswith('.pem'))
os.remove(result['fileWithCertAndPrivateKey'])
finally:
self.cmd('ad app delete --id {}'.format(sp_name),
checks=NoneCheck())
def test_managedappdef(self, resource_group):
location = 'westcentralus'
appdef_name = self.create_random_name('testappdefname', 20)
appdef_display_name = self.create_random_name('test_appdef', 20)
appdef_description = 'test_appdef_123'
packageUri = 'https:\/\/wud.blob.core.windows.net\/appliance\/SingleStorageAccount.zip'
auth = '5e91139a-c94b-462e-a6ff-1ee95e8aac07:8e3af657-a8ff-443c-a75c-2fe8c4bcb635'
lock = 'None'
# create a managedapp definition
create_cmd = 'managedapp definition create -n {} --package-file-uri {} --display-name {} --description {} -l {} -a {} --lock-level {} -g {}'
appdef = self.cmd(create_cmd.format(appdef_name, packageUri,
appdef_display_name,
appdef_description, location, auth,
lock, resource_group),
checks=[
JCheck('name', appdef_name),
JCheck('displayName', appdef_display_name),
JCheck('description', appdef_description),
JCheck('authorizations[0].principalId',
'5e91139a-c94b-462e-a6ff-1ee95e8aac07'),
JCheck('authorizations[0].roleDefinitionId',
'8e3af657-a8ff-443c-a75c-2fe8c4bcb635'),
JCheck('artifacts[0].name',
'ApplianceResourceTemplate'),
JCheck('artifacts[0].type', 'Template'),
JCheck('artifacts[1].name',
'CreateUiDefinition'),
JCheck('artifacts[1].type', 'Custom')
]).get_output_in_json()
# list and show it
list_cmd = 'managedapp definition list -g {}'
self.cmd(list_cmd.format(resource_group),
checks=[JCheck('[0].name', appdef_name)])
show_cmd = 'managedapp definition show --ids {}'
self.cmd(show_cmd.format(appdef['id']),
checks=[
JCheck('name', appdef_name),
JCheck('displayName', appdef_display_name),
JCheck('description', appdef_description),
JCheck('authorizations[0].principalId',
'5e91139a-c94b-462e-a6ff-1ee95e8aac07'),
JCheck('authorizations[0].roleDefinitionId',
'8e3af657-a8ff-443c-a75c-2fe8c4bcb635'),
JCheck('artifacts[0].name', 'ApplianceResourceTemplate'),
JCheck('artifacts[0].type', 'Template'),
JCheck('artifacts[1].name', 'CreateUiDefinition'),
JCheck('artifacts[1].type', 'Custom')
])
# delete
self.cmd('managedapp definition delete -g {} -n {}'.format(
resource_group, appdef_name))
self.cmd('managedapp definition list -g {}'.format(resource_group),
checks=NoneCheck())
def test_managedapp(self, resource_group):
location = 'westcentralus'
appdef_name = 'testappdefname'
appdef_display_name = 'test_appdef_123'
appdef_description = 'test_appdef_123'
packageUri = 'https:\/\/wud.blob.core.windows.net\/appliance\/SingleStorageAccount.zip'
auth = '5e91139a-c94b-462e-a6ff-1ee95e8aac07:8e3af657-a8ff-443c-a75c-2fe8c4bcb635'
lock = 'None'
# create a managedapp definition
create_cmd = 'managedapp definition create -n {} --package-file-uri {} --display-name {} --description {} -l {} -a {} --lock-level {} -g {}'
managedappdef = self.cmd(
create_cmd.format(appdef_name, packageUri, appdef_display_name,
appdef_description, location, auth, lock,
resource_group)).get_output_in_json()
# create a managedapp
managedapp_name = 'mymanagedapp'
managedapp_loc = 'westcentralus'
managedapp_kind = 'servicecatalog'
newrg = self.create_random_name('climanagedapp', 25)
managedrg = '/subscriptions/{}/resourceGroups/{}'.format(
managedappdef['id'].split("/")[2], newrg)
create_cmd = 'managedapp create -n {} -g {} -l {} --kind {} -m {} -d {}'
app = self.cmd(create_cmd.format(managedapp_name, resource_group,
managedapp_loc, managedapp_kind,
managedrg, managedappdef['id']),
checks=[
JCheck('name', managedapp_name),
JCheck('type', 'Microsoft.Solutions/appliances'),
JCheck('kind', 'servicecatalog'),
JCheck('managedResourceGroupId', managedrg),
JCheck('applianceDefinitionId', managedappdef['id'])
]).get_output_in_json()
# list and show
list_byrg_cmd = 'managedapp list -g {}'
self.cmd(list_byrg_cmd.format(resource_group),
checks=[JCheck('[0].name', managedapp_name)])
show_cmd = 'managedapp show --ids {}'
self.cmd(show_cmd.format(app['id']),
checks=[
JCheck('name', managedapp_name),
JCheck('type', 'Microsoft.Solutions/appliances'),
JCheck('kind', 'servicecatalog'),
JCheck('managedResourceGroupId', managedrg),
JCheck('applianceDefinitionId', managedappdef['id'])
])
# delete
self.cmd('managedapp delete -g {} -n {}'.format(
resource_group, managedapp_name))
self.cmd('managedapp list -g {}'.format(resource_group),
checks=NoneCheck())
def body(self):
plan = 'webapp-linux-plan'
webapp = 'webapp-linux1'
self.cmd(
'appservice plan create -g {} -n {} --sku S1 --is-linux'.format(
self.resource_group, plan),
checks=[
JMESPathCheck('reserved',
True), # this weird field means it is a linux
JMESPathCheck('sku.name', 'S1'),
])
self.cmd('webapp create -g {} -n {} --plan {}'.format(
self.resource_group, webapp, plan),
checks=[
JMESPathCheck('name', webapp),
])
self.cmd('webapp config set -g {} -n {} --startup-file {}'.format(
self.resource_group, webapp, 'process.json'),
checks=[JMESPathCheck('appCommandLine', 'process.json')])
result = self.cmd(
'webapp config container set -g {} -n {} --docker-custom-image-name {} --docker-registry-server-password {} --docker-registry-server-user {} --docker-registry-server-url {}'
.format(self.resource_group, webapp, 'foo-image', 'foo-password',
'foo-user', 'foo-url'))
self.assertEqual(
set(x['value'] for x in result
if x['name'] == 'DOCKER_REGISTRY_SERVER_PASSWORD'),
set([None])) # we mask the password
result = self.cmd('webapp config container show -g {} -n {} '.format(
self.resource_group, webapp))
self.assertEqual(
set(x['name'] for x in result),
set([
'DOCKER_REGISTRY_SERVER_URL',
'DOCKER_REGISTRY_SERVER_USERNAME', 'DOCKER_CUSTOM_IMAGE_NAME',
'DOCKER_REGISTRY_SERVER_PASSWORD'
]))
self.assertEqual(
set(x['value'] for x in result
if x['name'] == 'DOCKER_REGISTRY_SERVER_PASSWORD'),
set([None])) # we mask the password
sample = next(
(x for x in result if x['name'] == 'DOCKER_REGISTRY_SERVER_URL'))
self.assertEqual(
sample, {
'name': 'DOCKER_REGISTRY_SERVER_URL',
'slotSetting': False,
'value': 'foo-url'
})
self.cmd('webapp config container delete -g {} -n {}'.format(
self.resource_group, webapp))
result2 = self.cmd('webapp config container show -g {} -n {} '.format(
self.resource_group, webapp),
checks=NoneCheck())
self.assertEqual(result2, [])
def body(self):
if self.playback:
subscription_id = MOCKED_SUBSCRIPTION_ID
else:
subscription_id = self.cmd(
'account list --query "[?isDefault].id" -o tsv')
s = self
vnet_resource_id = '/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/' \
'virtualNetworks/{}'.format(subscription_id,
self.resource_group,
self.vnet_name)
s.cmd('resource tag --id {} --tags {}'.format(vnet_resource_id,
'tag-vnet'))
s.cmd('resource show --id {}'.format(vnet_resource_id),
checks=[
JMESPathCheck('name', self.vnet_name),
JMESPathCheck('resourceGroup', self.resource_group),
JMESPathCheck('tags', {'tag-vnet': ''})
])
subnet_resource_id = '/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Network/' \
'virtualNetworks/{}/subnets/{}'.format(subscription_id,
self.resource_group,
self.vnet_name,
self.subnet_name)
s.cmd('resource show --id {}'.format(subnet_resource_id),
checks=[
JMESPathCheck('name', self.subnet_name),
JMESPathCheck('resourceGroup', self.resource_group),
JMESPathCheck('properties.addressPrefix', '10.0.0.0/24')
])
s.cmd(
'resource update --id {} --set properties.addressPrefix=10.0.0.0/22'
.format(subnet_resource_id),
checks=[JMESPathCheck('properties.addressPrefix', '10.0.0.0/22')])
s.cmd('resource delete --id {}'.format(subnet_resource_id),
checks=NoneCheck())
s.cmd('resource delete --id {}'.format(vnet_resource_id),
checks=NoneCheck())
def body(self):
curr_dir = os.path.dirname(os.path.realpath(__file__))
template_file = os.path.join(curr_dir, 'simple_deploy.json').replace('\\', '\\\\')
parameters_file = os.path.join(curr_dir, 'simple_deploy_parameters.json').replace('\\',
'\\\\')
deployment_name = 'azure-cli-deployment'
self.cmd('group deployment create -g {} -n {} --template-file {} --parameters @{} '
'--no-wait'.format(self.resource_group,
deployment_name,
template_file,
parameters_file),
checks=NoneCheck())
self.cmd('group deployment wait -g {} -n {} --created'.format(self.resource_group,
deployment_name),
checks=NoneCheck())
self.cmd('group deployment show -g {} -n {}'.format(self.resource_group, deployment_name),
checks=[JMESPathCheck('properties.provisioningState', 'Succeeded')])
def body(self):
subscription_id = self.cmd(
'account list --query "[?isDefault].id" -o tsv')
scope = '/subscriptions/{}'.format(subscription_id)
self.cmd(
'ad sp create-for-rbac -n {0} --scopes {1} {1}/resourceGroups/{2}'.
format(self.sp_name, scope, self.resource_group),
checks=[JMESPathCheck('name', self.sp_name)])
self.cmd('ad sp create-for-rbac -n {}'.format(self.sp_name),
allowed_exceptions="'{}' already exists.".format(
self.sp_name))
self.cmd('role assignment list --assignee {} --scope {}'.format(
self.sp_name, scope),
checks=[JMESPathCheck("length([])", 1)])
self.cmd('role assignment list --assignee {} -g {}'.format(
self.sp_name, self.resource_group),
checks=[JMESPathCheck("length([])", 1)])
self.cmd('role assignment delete --assignee {} -g {}'.format(
self.sp_name, self.resource_group),
checks=NoneCheck())
self.cmd('role assignment delete --assignee {}'.format(self.sp_name),
checks=NoneCheck())
self.cmd('ad app delete --id {}'.format(self.sp_name))
def test_managedappdef_inline(self, resource_group):
location = 'eastus2euap'
appdef_name = self.create_random_name('testappdefname', 20)
appdef_display_name = self.create_random_name('test_appdef', 20)
appdef_description = 'test_appdef_123'
auth = '5e91139a-c94b-462e-a6ff-1ee95e8aac07:8e3af657-a8ff-443c-a75c-2fe8c4bcb635'
lock = 'None'
curr_dir = os.path.dirname(os.path.realpath(__file__))
createUiDef_file = os.path.join(curr_dir, 'sample_create_ui_definition.json').replace('\\', '\\\\')
mainTemplate_file = os.path.join(curr_dir, 'sample_main_template.json').replace('\\', '\\\\')
# create a managedapp definition with inline params for create-ui-definition and main-template
create_cmd = 'managedapp definition create -n {} --create-ui-definition @"{}" --main-template @"{}" --display-name {} --description {} -l {} -a {} --lock-level {} -g {}'
appdef = self.cmd(
create_cmd.format(appdef_name, createUiDef_file, mainTemplate_file, appdef_display_name, appdef_description,
location, auth, lock, resource_group), checks=[
JCheck('name', appdef_name),
JCheck('displayName', appdef_display_name),
JCheck('description', appdef_description),
JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'),
JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'),
JCheck('artifacts[0].name', 'ApplicationResourceTemplate'),
JCheck('artifacts[0].type', 'Template'),
JCheck('artifacts[1].name', 'CreateUiDefinition'),
JCheck('artifacts[1].type', 'Custom')
]).get_output_in_json()
# list and show it
list_cmd = 'managedapp definition list -g {}'
self.cmd(list_cmd.format(resource_group), checks=[
JCheck('[0].name', appdef_name)
])
show_cmd = 'managedapp definition show --ids {}'
self.cmd(show_cmd.format(appdef['id']), checks=[
JCheck('name', appdef_name),
JCheck('displayName', appdef_display_name),
JCheck('description', appdef_description),
JCheck('authorizations[0].principalId', '5e91139a-c94b-462e-a6ff-1ee95e8aac07'),
JCheck('authorizations[0].roleDefinitionId', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'),
JCheck('artifacts[0].name', 'ApplicationResourceTemplate'),
JCheck('artifacts[0].type', 'Template'),
JCheck('artifacts[1].name', 'CreateUiDefinition'),
JCheck('artifacts[1].type', 'Custom')
])
# delete
self.cmd('managedapp definition delete -g {} -n {}'.format(resource_group, appdef_name))
self.cmd('managedapp definition list -g {}'.format(resource_group), checks=NoneCheck())
def body(self):
subscription_id = self.cmd(
'account list --query "[?isDefault].id" -o tsv')
scope = '/subscriptions/{}'.format(subscription_id)
result = self.cmd(
'ad sp create-for-rbac -n {0} --scopes {1} {1}/resourceGroups/{2} --create-cert'
.format(self.sp_name, scope, self.resource_group))
self.assertEqual(self.sp_name, result['name'])
self.assertTrue(result['fileWithCertAndPrivateKey'].endswith('.pem'))
os.remove(result['fileWithCertAndPrivateKey'])
result = self.cmd(
'ad sp reset-credentials -n {0} --create-cert'.format(
self.sp_name))
self.assertEqual(self.sp_name, result['name'])
self.assertTrue(result['fileWithCertAndPrivateKey'].endswith('.pem'))
os.remove(result['fileWithCertAndPrivateKey'])
self.cmd('ad app delete --id {}'.format(self.sp_name),
checks=NoneCheck())
def _test_keyvault_certificate_issuers(self):
kv = self.keyvault_name
self.cmd(
'keyvault certificate issuer create --vault-name {} --issuer-name issuer1 --provider Test'
.format(kv),
checks=[
JMESPathCheck('provider', 'Test'),
JMESPathCheck('attributes.enabled', True)
])
self.cmd(
'keyvault certificate issuer show --vault-name {} --issuer-name issuer1'
.format(kv),
checks=[
JMESPathCheck('provider', 'Test'),
JMESPathCheck('attributes.enabled', True)
])
self.cmd(
'keyvault certificate issuer update --vault-name {} --issuer-name issuer1 --organization-id TestOrg --account-id test_account'
.format(kv),
checks=[
JMESPathCheck('provider', 'Test'),
JMESPathCheck('attributes.enabled', True),
JMESPathCheck('organizationDetails.id', 'TestOrg'),
JMESPathCheck('credentials.accountId', 'test_account')
])
with self.assertRaises(CLIError):
self.cmd(
'keyvault certificate issuer update --vault-name {} --issuer-name notexist --organization-id TestOrg --account-id test_account'
.format(kv))
self.cmd(
'keyvault certificate issuer update --vault-name {} --issuer-name issuer1 --account-id ""'
.format(kv),
checks=[
JMESPathCheck('provider', 'Test'),
JMESPathCheck('attributes.enabled', True),
JMESPathCheck('organizationDetails.id', 'TestOrg'),
JMESPathCheck('credentials.accountId', None)
])
self.cmd('keyvault certificate issuer list --vault-name {}'.format(kv),
checks=JMESPathCheck('length(@)', 1))
# test admin commands
self.cmd(
'keyvault certificate issuer admin add --vault-name {} --issuer-name issuer1 --email [email protected] --first-name Test --last-name Admin --phone 123-456-7890'
.format(kv),
checks=[
JMESPathCheck('emailAddress', '*****@*****.**'),
JMESPathCheck('firstName', 'Test'),
JMESPathCheck('lastName', 'Admin'),
JMESPathCheck('phone', '123-456-7890'),
])
with self.assertRaises(CLIError):
self.cmd(
'keyvault certificate issuer admin add --vault-name {} --issuer-name issuer1 --email [email protected]'
.format(kv))
self.cmd(
'keyvault certificate issuer admin add --vault-name {} --issuer-name issuer1 --email [email protected]'
.format(kv),
checks=[
JMESPathCheck('emailAddress', '*****@*****.**'),
JMESPathCheck('firstName', None),
JMESPathCheck('lastName', None),
JMESPathCheck('phone', None),
])
self.cmd(
'keyvault certificate issuer admin list --vault-name {} --issuer-name issuer1'
.format(kv),
checks=JMESPathCheck('length(@)', 2))
self.cmd(
'keyvault certificate issuer admin delete --vault-name {} --issuer-name issuer1 --email [email protected]'
.format(kv))
self.cmd(
'keyvault certificate issuer admin list --vault-name {} --issuer-name issuer1'
.format(kv),
checks=JMESPathCheck('length(@)', 1))
self.cmd(
'keyvault certificate issuer delete --vault-name {} --issuer-name issuer1'
.format(kv))
self.cmd('keyvault certificate issuer list --vault-name {}'.format(kv),
checks=NoneCheck())
def body(self):
with open(self.package_file_name, 'w') as f:
f.write('storage blob test sample file')
rg = self.resource_group
name = self.account_name
aname = self.application_name
ver = self.application_package_name
# test create application with default set
self.cmd(
'batch application create -g {} -n {} --application-id {} --allow-updates'
.format(rg, name, aname),
checks=[
JMESPathCheck('id', aname),
JMESPathCheck('allowUpdates', True)
])
self.cmd('batch application list -g {} -n {}'.format(rg, name),
checks=[
JMESPathCheck('length(@)', 1),
JMESPathCheck('[0].id', aname),
])
self.cmd(
'batch application package create -g {} -n {} --application-id {}'
' --version {} --package-file "{}"'.format(rg, name, aname, ver,
self.package_file_name),
checks=[
JMESPathCheck('id', aname),
JMESPathCheck('storageUrl != null', True),
JMESPathCheck('version', ver),
JMESPathCheck('state', 'active')
])
self.cmd(
'batch application package activate -g {} -n {} --application-id {}'
' --version {} --format zip'.format(rg, name, aname, ver))
self.cmd(
'batch application package show -g {} -n {} --application-id {} --version {}'
.format(rg, name, aname, ver),
checks=[
JMESPathCheck('id', aname),
JMESPathCheck('format', 'zip'),
JMESPathCheck('version', ver),
JMESPathCheck('state', 'active')
])
self.cmd('batch application set -g {} -n {} --application-id {} --default-version {}'.format(rg, name, aname, ver)) # pylint: disable=line-too-long
self.cmd(
'batch application show -g {} -n {} --application-id {}'.format(
rg, name, aname),
checks=[
JMESPathCheck('id', aname),
JMESPathCheck('defaultVersion', ver),
JMESPathCheck('packages[0].format', 'zip'),
JMESPathCheck('packages[0].state', 'active')
])
# test batch applcation delete
self.cmd(
'batch application package delete -g {} -n {} --application-id {} --version {} --yes'
. # pylint: disable=line-too-long
format(rg, name, aname, ver))
self.cmd(
'batch application delete -g {} -n {} --application-id {} --yes'.
format(rg, name, aname))
self.cmd('batch application list -g {} -n {}'.format(rg, name),
checks=NoneCheck())
def body(self):
rg = self.resource_group
name = self.account_name
loc = self.location
# test create storage account with default set
result = self.cmd(
'storage account create -g {} -n {} -l {} --sku Standard_LRS'.
format(rg, self.storage_account_name, loc),
checks=[
JMESPathCheck('name', self.storage_account_name),
JMESPathCheck('location', loc),
JMESPathCheck('resourceGroup', rg)
])
sid = result['id']
# test create keyvault for use with BYOS account
self.cmd(
'keyvault create -g {} -n {} -l {} --enabled-for-deployment true '
'--enabled-for-disk-encryption true --enabled-for-template-deployment'
' true'.format(rg, self.keyvault_name, self.byos_location),
checks=[
JMESPathCheck('name', self.keyvault_name),
JMESPathCheck('location', self.byos_location),
JMESPathCheck('resourceGroup', rg),
JMESPathCheck('type(properties.accessPolicies)', 'array'),
JMESPathCheck('length(properties.accessPolicies)', 1),
JMESPathCheck('properties.sku.name', 'standard')
])
self.cmd(
'keyvault set-policy -g {} -n {} --object-id {} --key-permissions all '
'--secret-permissions all'.format(rg, self.keyvault_name,
self.object_id))
# test create account with default set
self.cmd('batch account create -g {} -n {} -l {}'.format(
rg, name, loc),
checks=[
JMESPathCheck('name', name),
JMESPathCheck('location', loc),
JMESPathCheck('resourceGroup', rg)
])
# test create account with BYOS
self.cmd('batch account create -g {} -n {} -l {} --keyvault {}'.format(
rg, self.byos_account_name, self.byos_location,
self.keyvault_name),
checks=[
JMESPathCheck('name', self.byos_account_name),
JMESPathCheck('location', self.byos_location),
JMESPathCheck('resourceGroup', rg)
])
self.cmd('batch account set -g {} -n {} --storage-account {}'.format(
rg, name, self.storage_account_name),
checks=[
JMESPathCheck('name', name),
JMESPathCheck('location', loc),
JMESPathCheck('resourceGroup', rg)
])
self.cmd('batch account show -g {} -n {}'.format(rg, name),
checks=[
JMESPathCheck('name', name),
JMESPathCheck('location', loc),
JMESPathCheck('resourceGroup', rg),
JMESPathCheck('autoStorage.storageAccountId', sid)
])
self.cmd('batch account autostorage-keys sync -g {} -n {}'.format(
rg, name))
keys = self.cmd('batch account keys list -g {} -n {}'.format(rg, name),
checks=[
JMESPathCheck('primary != null', True),
JMESPathCheck('secondary != null', True)
])
keys2 = self.cmd(
'batch account keys renew -g {} -n {} --key-name primary'.format(
rg, name),
checks=[
JMESPathCheck('primary != null', True),
JMESPathCheck('secondary', keys['secondary'])
])
self.assertTrue(keys['primary'] != keys2['primary'])
with mock.patch('azure.cli.core._config.GLOBAL_CONFIG_DIR', self.config_dir), \
mock.patch('azure.cli.core._config.GLOBAL_CONFIG_PATH', self.config_path): # noqa: F122
self.cmd('batch account login -g {} -n {}'.format(rg, name),
checks=NoneCheck())
self.assertEqual(az_config.config_parser.get('batch', 'auth_mode'),
'aad')
self.assertEqual(az_config.config_parser.get('batch', 'account'),
name)
self.assertFalse(
az_config.config_parser.has_option('batch', 'access_key'))
self.cmd(
'batch account login -g {} -n {} --shared-key-auth'.format(
rg, name),
checks=NoneCheck())
self.assertEqual(az_config.config_parser.get('batch', 'auth_mode'),
'shared_key')
self.assertEqual(az_config.config_parser.get('batch', 'account'),
name)
self.assertEqual(
az_config.config_parser.get('batch', 'access_key'),
keys2['primary'])
# test batch account delete
self.cmd('batch account delete -g {} -n {} --yes'.format(rg, name))
self.cmd('batch account delete -g {} -n {} --yes'.format(
rg, self.byos_account_name))
self.cmd('batch account list -g {}'.format(rg), checks=NoneCheck())
self.cmd('batch location quotas show -l {}'.format(loc),
checks=[JMESPathCheck('accountQuota', 1)])
def body(self):
plan_result = self.cmd(
'appservice plan create -g {} -n {} --sku S1'.format(
self.resource_group, self.plan))
self.cmd('webapp create -g {} -n {} --plan {}'.format(
self.resource_group, self.webapp, plan_result['id']))
# You can create and use any repros with the 3 files under "./sample_web" and with a 'staging 'branch
slot = 'staging'
slot2 = 'dev'
test_git_repo = 'https://github.com/yugangw-msft/azure-site-test'
test_php_version = '5.6'
# create a few app-settings to test they can be cloned
self.cmd(
'webapp config appsettings set -g {} -n {} --settings s1=v1 --slot-settings s2=v2'
.format(self.resource_group, self.webapp))
# create an empty slot
self.cmd('webapp deployment slot create -g {} -n {} --slot {}'.format(
self.resource_group, self.webapp, slot),
checks=[JMESPathCheck('name', slot)])
self.cmd(
'webapp deployment source config -g {} -n {} --repo-url {} --branch {} -s {} --manual-integration'
.format(self.resource_group, self.webapp, test_git_repo, slot,
slot),
checks=[
JMESPathCheck('repoUrl', test_git_repo),
JMESPathCheck('branch', slot)
])
# swap with prod and verify the git branch also switched
self.cmd('webapp deployment slot swap -g {} -n {} -s {}'.format(
self.resource_group, self.webapp, slot))
result = self.cmd(
'webapp config appsettings list -g {} -n {} -s {}'.format(
self.resource_group, self.webapp, slot))
self.assertEqual(set([x['name'] for x in result]), set(['s1']))
# create a new slot by cloning from prod slot
self.cmd('webapp config set -g {} -n {} --php-version {}'.format(
self.resource_group, self.webapp, test_php_version))
self.cmd(
'webapp deployment slot create -g {} -n {} --slot {} --configuration-source {}'
.format(self.resource_group, self.webapp, slot2, self.webapp))
self.cmd('webapp config show -g {} -n {} --slot {}'.format(
self.resource_group, self.webapp, slot2),
checks=[
JMESPathCheck("phpVersion", test_php_version),
])
self.cmd(
'webapp config appsettings set -g {} -n {} --slot {} --settings s3=v3 --slot-settings s4=v4'
.format(self.resource_group, self.webapp, slot2))
self.cmd(
'webapp config connection-string set -g {} -n {} -t mysql --slot {} --settings c1=connection1 --slot-settings c2=connection2'
.format(self.resource_group, self.webapp, slot2))
# verify we can swap with non production slot
self.cmd(
'webapp deployment slot swap -g {} -n {} --slot {} --target-slot {}'
.format(self.resource_group, self.webapp, slot, slot2),
checks=NoneCheck())
result = self.cmd(
'webapp config appsettings list -g {} -n {} --slot {}'.format(
self.resource_group, self.webapp, slot2))
self.assertEqual(set([x['name'] for x in result]), set(['s1', 's4']))
result = self.cmd(
'webapp config connection-string list -g {} -n {} --slot {}'.
format(self.resource_group, self.webapp, slot2))
self.assertEqual(set([x['name'] for x in result]), set(['c2']))
result = self.cmd(
'webapp config appsettings list -g {} -n {} --slot {}'.format(
self.resource_group, self.webapp, slot))
self.assertTrue(set(['s3']).issubset(set([x['name'] for x in result])))
result = self.cmd(
'webapp config connection-string list -g {} -n {} --slot {}'.
format(self.resource_group, self.webapp, slot))
self.assertEqual(set([x['name'] for x in result]), set(['c1']))
self.cmd('webapp deployment slot list -g {} -n {}'.format(
self.resource_group, self.webapp),
checks=[
JMESPathCheck("length([])", 2),
JMESPathCheck("length([?name=='{}'])".format(slot2), 1),
JMESPathCheck("length([?name=='{}'])".format(slot), 1),
])
self.cmd('webapp deployment slot delete -g {} -n {} --slot {}'.format(
self.resource_group, self.webapp, slot),
checks=NoneCheck())
def body(self):
_create_keyvault(self, self.keyvault_name, self.resource_group,
self.location)
kv = self.keyvault_name
# create a key
key = self.cmd(
'keyvault key create --vault-name {} -n key1 -p software'.format(
kv),
checks=JMESPathCheck('attributes.enabled', True))
first_kid = key['key']['kid']
first_version = first_kid.rsplit('/', 1)[1]
# list keys
self.cmd('keyvault key list --vault-name {}'.format(kv),
checks=JMESPathCheck('length(@)', 1))
# create a new key version
key = self.cmd(
'keyvault key create --vault-name {} -n key1 -p software --disabled --ops encrypt decrypt --tags test=foo'
.format(kv),
checks=[
JMESPathCheck('attributes.enabled', False),
JMESPathCheck('length(key.keyOps)', 2),
JMESPathCheck('tags', {'test': 'foo'})
])
second_kid = key['key']['kid']
# list key versions
self.cmd(
'keyvault key list-versions --vault-name {} -n key1'.format(kv),
checks=JMESPathCheck('length(@)', 2))
# show key (latest)
self.cmd('keyvault key show --vault-name {} -n key1'.format(kv),
checks=JMESPathCheck('key.kid', second_kid))
# show key (specific version)
self.cmd('keyvault key show --vault-name {} -n key1 -v {}'.format(
kv, first_version),
checks=JMESPathCheck('key.kid', first_kid))
# set key attributes
self.cmd(
'keyvault key set-attributes --vault-name {} -n key1 --enabled true'
.format(kv),
checks=[
JMESPathCheck('key.kid', second_kid),
JMESPathCheck('attributes.enabled', True)
])
# backup and then delete key
key_file = 'backup.key'
self.cmd(
'keyvault key backup --vault-name {} -n key1 --file {}'.format(
kv, key_file))
self.cmd('keyvault key delete --vault-name {} -n key1'.format(kv))
self.cmd('keyvault key list --vault-name {}'.format(kv),
checks=NoneCheck())
# restore key from backup
self.cmd('keyvault key restore --vault-name {} --file {}'.format(
kv, key_file))
self.cmd(
'keyvault key list-versions --vault-name {} -n key1'.format(kv),
checks=JMESPathCheck('length(@)', 2))
if os.path.isfile(key_file):
os.remove(key_file)
# import PEM and BYOK keys
key_enc_file = os.path.join(TEST_DIR, 'mydomain.test.encrypted.pem')
key_enc_password = '******'
key_plain_file = os.path.join(TEST_DIR, 'mydomain.test.pem')
self.cmd(
'keyvault key import --vault-name {} -n import-key-plain --pem-file "{}" -p software'
.format(kv, key_plain_file))
self.cmd(
'keyvault key import --vault-name {} -n import-key-encrypted --pem-file "{}" --pem-password {} -p hsm'
.format(kv, key_enc_file, key_enc_password))
byok_key_file = os.path.join(TEST_DIR, 'TestBYOK-NA.byok')
self.cmd(
'keyvault key import --vault-name {} -n import-key-byok --byok-file "{}"'
.format(kv, byok_key_file))
def body(self):
_create_keyvault(self, self.keyvault_name, self.resource_group,
self.location)
kv = self.keyvault_name
# create a secret
secret = self.cmd(
'keyvault secret set --vault-name {} -n secret1 --value ABC123'.
format(kv),
checks=JMESPathCheck('value', 'ABC123'))
first_kid = secret['id']
first_version = first_kid.rsplit('/', 1)[1]
# list secrets
self.cmd('keyvault secret list --vault-name {}'.format(kv),
checks=JMESPathCheck('length(@)', 1))
# create a new secret version
secret = self.cmd(
'keyvault secret set --vault-name {} -n secret1 --value DEF456 --tags test=foo --description "test type"'
.format(kv),
checks=[
JMESPathCheck('value', 'DEF456'),
JMESPathCheck('tags', {
'file-encoding': 'utf-8',
'test': 'foo'
}),
JMESPathCheck('contentType', 'test type')
])
second_kid = secret['id']
# list secret versions
self.cmd(
'keyvault secret list-versions --vault-name {} -n secret1'.format(
kv),
checks=JMESPathCheck('length(@)', 2))
# show secret (latest)
self.cmd('keyvault secret show --vault-name {} -n secret1'.format(kv),
checks=JMESPathCheck('id', second_kid))
# show secret (specific version)
self.cmd(
'keyvault secret show --vault-name {} -n secret1 -v {}'.format(
kv, first_version),
checks=JMESPathCheck('id', first_kid))
# set secret attributes
self.cmd(
'keyvault secret set-attributes --vault-name {} -n secret1 --enabled false'
.format(kv),
checks=[
JMESPathCheck('id', second_kid),
JMESPathCheck('attributes.enabled', False)
])
# delete secret
self.cmd(
'keyvault secret delete --vault-name {} -n secret1'.format(kv))
self.cmd('keyvault secret list --vault-name {}'.format(kv),
checks=NoneCheck())
self._test_download_secret()
def body(self):
plan_result = self.cmd('appservice plan create -g {} -n {} --sku S1'.format(self.resource_group, self.plan))
self.cmd('webapp create -g {} -n {} --plan {}'.format(self.resource_group, self.webapp, plan_result['id']))
# You can create and use any repros with the 3 files under "./sample_web" and with a 'staging 'branch
slot = 'staging'
slot2 = 'dev'
test_git_repo = 'https://github.com/yugangw-msft/azure-site-test'
test_node_version = '6.6.0'
# create a few app-settings to test they can be cloned
self.cmd('webapp config appsettings set -g {} -n {} --settings s1=v1 --slot-settings s2=v2'.format(self.resource_group, self.webapp))
# create an empty slot
self.cmd('webapp deployment slot create -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot), checks=[
JMESPathCheck('name', slot)
])
self.cmd('webapp deployment source config -g {} -n {} --repo-url {} --branch {} -s {} --manual-integration'.format(self.resource_group, self.webapp, test_git_repo, slot, slot), checks=[
JMESPathCheck('repoUrl', test_git_repo),
JMESPathCheck('branch', slot)
])
import time
import requests
# comment out the git sync testing as it requires to pre-load a git token
# the rest test steps should be sufficient to verify the slot functionalities.
# verify the slot wires up the git repo/branch
# time.sleep(30) # 30 seconds should be enough for the deployment finished(Skipped under playback mode)
# r = requests.get('http://{}-{}.azurewebsites.net'.format(self.webapp, slot))
# self.assertTrue('Staging' in str(r.content))
# swap with prod and verify the git branch also switched
self.cmd('webapp deployment slot swap -g {} -n {} -s {}'.format(self.resource_group, self.webapp, slot))
# time.sleep(30) # 30 seconds should be enough for the slot swap finished(Skipped under playback mode)
# r = requests.get('http://{}.azurewebsites.net'.format(self.webapp))
# self.assertTrue('Staging' in str(r.content))
result = self.cmd('webapp config appsettings list -g {} -n {} -s {}'.format(self.resource_group, self.webapp, slot))
self.assertEqual(set([x['name'] for x in result]), set(['WEBSITE_NODE_DEFAULT_VERSION', 's1']))
# create a new slot by cloning from prod slot
self.cmd('webapp config set -g {} -n {} --node-version {}'.format(self.resource_group, self.webapp, test_node_version))
self.cmd('webapp deployment slot create -g {} -n {} --slot {} --configuration-source {}'.format(self.resource_group, self.webapp, slot2, self.webapp))
self.cmd('webapp config appsettings list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot2), checks=[
JMESPathCheck("length([])", 1),
JMESPathCheck('[0].name', 'WEBSITE_NODE_DEFAULT_VERSION')
])
self.cmd('webapp config show -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot2), checks=[
JMESPathCheck("nodeVersion", test_node_version),
])
self.cmd('webapp config appsettings set -g {} -n {} --slot {} --settings s3=v3 --slot-settings s4=v4'.format(self.resource_group, self.webapp, slot2))
self.cmd('webapp config connection-string set -g {} -n {} -t mysql --slot {} --settings c1=connection1 --slot-settings c2=connection2'.format(self.resource_group, self.webapp, slot2))
# verify we can swap with non production slot
self.cmd('webapp deployment slot swap -g {} -n {} --slot {} --target-slot {}'.format(self.resource_group, self.webapp, slot, slot2), checks=NoneCheck())
result = self.cmd('webapp config appsettings list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot2))
self.assertEqual(set([x['name'] for x in result]), set(['WEBSITE_NODE_DEFAULT_VERSION', 's1', 's4']))
result = self.cmd('webapp config connection-string list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot2))
self.assertEqual(set([x['name'] for x in result]), set(['c2']))
result = self.cmd('webapp config appsettings list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot))
self.assertEqual(set([x['name'] for x in result]), set(['WEBSITE_NODE_DEFAULT_VERSION', 's3']))
result = self.cmd('webapp config connection-string list -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot))
self.assertEqual(set([x['name'] for x in result]), set(['c1']))
self.cmd('webapp deployment slot list -g {} -n {}'.format(self.resource_group, self.webapp), checks=[
JMESPathCheck("length([])", 2),
JMESPathCheck("length([?name=='{}'])".format(slot2), 1),
JMESPathCheck("length([?name=='{}'])".format(slot), 1),
])
self.cmd('webapp deployment slot delete -g {} -n {} --slot {}'.format(self.resource_group, self.webapp, slot), checks=NoneCheck())
def body(self):
rg = self.resource_group
kv = self.keyvault_names[0]
loc = self.location
# test create keyvault with default access policy set
keyvault = self.cmd(
'keyvault create -g {} -n {} -l {}'.format(rg, kv, loc),
checks=[
JMESPathCheck('name', kv),
JMESPathCheck('location', loc),
JMESPathCheck('resourceGroup', rg),
JMESPathCheck('type(properties.accessPolicies)', 'array'),
JMESPathCheck('length(properties.accessPolicies)', 1),
JMESPathCheck('properties.sku.name', 'standard')
])
policy_id = keyvault['properties']['accessPolicies'][0]['objectId']
self.cmd('keyvault show -n {}'.format(kv),
checks=[
JMESPathCheck('name', kv),
JMESPathCheck('location', loc),
JMESPathCheck('resourceGroup', rg),
JMESPathCheck('type(properties.accessPolicies)', 'array'),
JMESPathCheck('length(properties.accessPolicies)', 1),
])
self.cmd('keyvault list -g {}'.format(rg),
checks=[
JMESPathCheck('type(@)', 'array'),
JMESPathCheck('length(@)', 1),
JMESPathCheck('[0].name', kv),
JMESPathCheck('[0].location', loc),
JMESPathCheck('[0].resourceGroup', rg),
])
# test updating keyvault sku name
self.cmd(
'keyvault update -g {} -n {} --set properties.sku.name=premium'.
format(rg, kv),
checks=[
JMESPathCheck('name', kv),
JMESPathCheck('properties.sku.name', 'premium'),
])
# test policy set/delete
self.cmd(
'keyvault set-policy -g {} -n {} --object-id {} --certificate-permissions get list'
.format(rg, kv, policy_id),
checks=JMESPathCheck(
'length(properties.accessPolicies[0].permissions.certificates)',
2))
self.cmd('keyvault delete-policy -g {} -n {} --object-id {}'.format(
rg, kv, policy_id),
checks=[
JMESPathCheck('type(properties.accessPolicies)', 'array'),
JMESPathCheck('length(properties.accessPolicies)', 0)
])
# test keyvault delete
self.cmd('keyvault delete -n {}'.format(kv))
self.cmd('keyvault list -g {}'.format(rg), checks=NoneCheck())
# test create keyvault further
self.cmd('keyvault create -g {} -n {} -l {} --no-self-perms'.format(
rg, self.keyvault_names[1], loc),
checks=[
JMESPathCheck('type(properties.accessPolicies)', 'array'),
JMESPathCheck('length(properties.accessPolicies)', 0)
])
self.cmd(
'keyvault create -g {} -n {} -l {} --enabled-for-deployment true '
'--enabled-for-disk-encryption true --enabled-for-template-deployment true'
.format(rg, self.keyvault_names[2], loc),
checks=[
JMESPathCheck('properties.enabledForDeployment', True),
JMESPathCheck('properties.enabledForDiskEncryption', True),
JMESPathCheck('properties.enabledForTemplateDeployment', True)
])
self.cmd('keyvault create -g {} -n {} -l {} --sku premium'.format(
rg, self.keyvault_names[3], loc),
checks=[JMESPathCheck('properties.sku.name', 'premium')])
def body(self):
sas_url = 'https://azureclistore.blob.core.windows.net/sitebackups?sv=2015-04-05&sr=c&sig=%2FjH1lEtbm3uFqtMI%2BfFYwgrntOs1qhGnpGv9uRibJ7A%3D&se=2017-02-14T04%3A53%3A28Z&sp=rwdl'
frequency = '1d'
db_conn_str = 'Server=tcp:cli-backup.database.windows.net,1433;Initial Catalog=cli-db;Persist Security Info=False;User ID=cliuser;Password=cli!password1;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;'
retention_period = 5
# set without databases
self.cmd('webapp config backup update -g {} --webapp-name {} --frequency {} --container-url {} --retain-one true --retention {}'
.format(self.resource_group, self.webapp_name, frequency, sas_url, retention_period), checks=NoneCheck())
checks = [
JMESPathCheck('backupSchedule.frequencyInterval', 1),
JMESPathCheck('backupSchedule.frequencyUnit', 'Day'),
JMESPathCheck('backupSchedule.keepAtLeastOneBackup', True),
JMESPathCheck('backupSchedule.retentionPeriodInDays', retention_period)
]
self.cmd('webapp config backup show -g {} --webapp-name {}'.format(self.resource_group, self.webapp_name), checks=checks)
# update with databases
database_name = 'cli-db'
database_type = 'SqlAzure'
self.cmd('webapp config backup update -g {} --webapp-name {} --db-connection-string "{}" --db-name {} --db-type {} --retain-one true'
.format(self.resource_group, self.webapp_name, db_conn_str, database_name, database_type), checks=NoneCheck())
checks = [
JMESPathCheck('backupSchedule.frequencyInterval', 1),
JMESPathCheck('backupSchedule.frequencyUnit', 'Day'),
JMESPathCheck('backupSchedule.keepAtLeastOneBackup', True),
JMESPathCheck('backupSchedule.retentionPeriodInDays', retention_period),
JMESPathCheck('databases[0].connectionString', db_conn_str),
JMESPathCheck('databases[0].databaseType', database_type),
JMESPathCheck('databases[0].name', database_name)
]
self.cmd('webapp config backup show -g {} --webapp-name {}'.format(self.resource_group, self.webapp_name), checks=checks)
# update frequency and retention only
frequency = '18h'
retention_period = 7
self.cmd('webapp config backup update -g {} --webapp-name {} --frequency {} --retain-one false --retention {}'
.format(self.resource_group, self.webapp_name, frequency, retention_period), checks=NoneCheck())
checks = [
JMESPathCheck('backupSchedule.frequencyInterval', 18),
JMESPathCheck('backupSchedule.frequencyUnit', 'Hour'),
JMESPathCheck('backupSchedule.keepAtLeastOneBackup', False),
JMESPathCheck('backupSchedule.retentionPeriodInDays', retention_period),
JMESPathCheck('databases[0].connectionString', db_conn_str),
JMESPathCheck('databases[0].databaseType', database_type),
JMESPathCheck('databases[0].name', database_name)
]
self.cmd('webapp config backup show -g {} --webapp-name {}'.format(self.resource_group, self.webapp_name), checks=checks)
def body(self):
_create_keyvault(self, self.keyvault_name, self.resource_group,
self.location)
kv = self.keyvault_name
self._test_certificate_download()
policy_path = os.path.join(TEST_DIR, 'policy.json')
policy2_path = os.path.join(TEST_DIR, 'policy2.json')
# create a certificate
self.cmd(
'keyvault certificate create --vault-name {} -n cert1 -p @"{}"'.
format(kv, policy_path),
checks=JMESPathCheck('status', 'completed'))
# list certificates
self.cmd('keyvault certificate list --vault-name {}'.format(kv),
checks=JMESPathCheck('length(@)', 1))
# create a new certificate version
self.cmd(
'keyvault certificate create --vault-name {} -n cert1 -p @"{}"'.
format(kv, policy2_path),
checks=[
JMESPathCheck('status', 'completed'),
])
# list certificate versions
ver_list = self.cmd(
'keyvault certificate list-versions --vault-name {} -n cert1'.
format(kv),
checks=JMESPathCheck('length(@)', 2))
ver_list = sorted(ver_list, key=lambda x: x['attributes']['created'])
versions = [x['id'] for x in ver_list]
# show certificate (latest)
self.cmd(
'keyvault certificate show --vault-name {} -n cert1'.format(kv),
checks=[
JMESPathCheck('id', versions[1]),
JMESPathCheck(
'policy.x509CertificateProperties.validityInMonths', 50)
])
# show certificate (specific version)
cert_version = versions[0].rsplit('/', 1)[1]
self.cmd(
'keyvault certificate show --vault-name {} -n cert1 -v {}'.format(
kv, cert_version),
checks=JMESPathCheck('id', versions[0]))
# update certificate attributes
self.cmd(
'keyvault certificate set-attributes --vault-name {} -n cert1 --enabled false -p @"{}"'
.format(kv, policy_path),
checks=[
JMESPathCheck('id', versions[1]),
JMESPathCheck('attributes.enabled', False),
JMESPathCheck(
'policy.x509CertificateProperties.validityInMonths', 60)
])
self._test_keyvault_certificate_contacts()
self._test_keyvault_certificate_issuers()
self._test_keyvault_pending_certificate()
# delete certificate
self.cmd(
'keyvault certificate delete --vault-name {} -n cert1'.format(kv))
self.cmd('keyvault certificate list --vault-name {}'.format(kv),
checks=NoneCheck())
# test certificate import
pem_encrypted_file = os.path.join(TEST_DIR,
'import_pem_encrypted_pwd_1234.pem')
pem_encrypted_password = '******'
pem_plain_file = os.path.join(TEST_DIR, 'import_pem_plain.pem')
pem_policy_path = os.path.join(TEST_DIR, 'policy_import_pem.json')
self.cmd(
'keyvault certificate import --vault-name {} -n pem-cert1 --file "{}" -p @"{}"'
.format(kv, pem_plain_file, pem_policy_path))
self.cmd(
'keyvault certificate import --vault-name {} -n pem-cert2 --file "{}" --password {} -p @"{}"'
.format(kv, pem_encrypted_file, pem_encrypted_password,
pem_policy_path))
pfx_plain_file = os.path.join(TEST_DIR, 'import_pfx.pfx')
pfx_policy_path = os.path.join(TEST_DIR, 'policy_import_pfx.json')
self.cmd(
'keyvault certificate import --vault-name {} -n pfx-cert --file "{}" -p @"{}"'
.format(kv, pfx_plain_file, pfx_policy_path))
