Skip to content

Enable backup and restore operations for KeyVault secrets #3035

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
shahabhijeet merged 1 commit into from
Apr 6, 2017
Merged

Enable backup and restore operations for KeyVault secrets #3035

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions src/KeyVault/Microsoft.Azure.KeyVault.Extensions.Tests/Tests/KeyVaultKeyResolverTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,12 +53,19 @@ private KeyVaultClient GetKeyVaultClient()
HttpMockServer.Variables["VaultAddress"] = _vaultAddress;
HttpMockServer.Variables["KeyName"] = _keyName;
HttpMockServer.Variables["KeyVersion"] = _keyVersion;
HttpMockServer.Variables[ "SoftDeleteEnabled" ] = _softDeleteEnabled.ToString( );
}
else
{
_vaultAddress = HttpMockServer.Variables["VaultAddress"];
_keyName = HttpMockServer.Variables["KeyName"];
_keyVersion = HttpMockServer.Variables["KeyVersion"];

string softDeleteSetting = String.Empty;
if ( HttpMockServer.Variables.TryGetValue( "SoftDeleteEnabled", out softDeleteSetting ) )
{
Boolean.TryParse( softDeleteSetting, out _softDeleteEnabled );
}
}
_keyIdentifier = new KeyIdentifier(_vaultAddress, _keyName, _keyVersion);
return fixture.CreateKeyVaultClient();
Expand Down
2 changes: 1 addition & 1 deletion src/KeyVault/Microsoft.Azure.KeyVault.TestFramework/KeyVaultTestFixture.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ public KeyVaultTestFixture()
retryExecutor = new RetryPolicy<SoftDeleteErrorDetectionStrategy>(new ExponentialBackoffRetryStrategy(8, TimeSpan.FromSeconds(1), TimeSpan.FromSeconds(60), TimeSpan.FromSeconds(5)));
} else
{
retryExecutor = new RetryPolicy<SoftDeleteErrorDetectionStrategy>(new FixedIntervalRetryStrategy(0));
retryExecutor = new RetryPolicy<SoftDeleteErrorDetectionStrategy>( new FixedIntervalRetryStrategy( 5, TimeSpan.FromSeconds( 5.0 ) ) );
}
}

Expand Down
109 changes: 93 additions & 16 deletions src/KeyVault/Microsoft.Azure.KeyVault.Tests/KeyVaultOperationsTest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,12 +52,19 @@ private void Initialize()
HttpMockServer.Variables["VaultAddress"] = _vaultAddress;
HttpMockServer.Variables["KeyName"] = _keyName;
HttpMockServer.Variables["KeyVersion"] = _keyVersion;
HttpMockServer.Variables[ "SoftDeleteEnabled" ] = _softDeleteEnabled.ToString( );
}
else
{
_vaultAddress = HttpMockServer.Variables["VaultAddress"];
_keyName = HttpMockServer.Variables["KeyName"];
_keyVersion = HttpMockServer.Variables["KeyVersion"];

string softDeleteSetting = String.Empty;
if ( HttpMockServer.Variables.TryGetValue( "SoftDeleteEnabled", out softDeleteSetting ) )
{
Boolean.TryParse( softDeleteSetting, out _softDeleteEnabled );
}
}
}

Expand Down Expand Up @@ -474,14 +481,14 @@ public void KeyVaultUpdateKeyAttributesWithNoChangeTest()
}

[Fact]
public void KeyVaultBackupRestoreTest()
public void KeyVaultKeyBackupRestoreTest()
{
using (MockContext context = MockContext.Start(this.GetType().FullName))
{

var client = GetKeyVaultClient();

var keyName = "BackupRestoreTest";
var keyName = "KeyBackupRestoreTest";

var attribute = new KeyAttributes()
{
Expand Down Expand Up @@ -532,6 +539,64 @@ public void KeyVaultBackupRestoreTest()
}
}

[Fact]
public void KeyVaultSecretBackupRestoreTest( )
{
using ( MockContext context = MockContext.Start( this.GetType( ).FullName ) )
{

var client = GetKeyVaultClient();

var name = "SecretBackupRestoreTest";

var attributes = new SecretAttributes()
{
Enabled = true,
Expires = new DateTime(2030, 1, 1).ToUniversalTime(),
NotBefore = new DateTime(2010, 1, 1).ToUniversalTime()
};

var created = client.SetSecretAsync(_vaultAddress, name, "if found please return to secretbackuprestoretest", tags: null, contentType: "text", secretAttributes: attributes )
.GetAwaiter()
.GetResult();

try
{
// Backup the secret
var backupResponse = client.BackupSecretAsync(_vaultAddress, name).GetAwaiter().GetResult();

client.DeleteSecretAsync( _vaultAddress, name ).Wait( );

if ( _softDeleteEnabled )
{
this.fixture.WaitOnDeletedSecret( client, _vaultAddress, name );

client.PurgeDeletedSecretAsync( _vaultAddress, name ).Wait( );
}

// Restore the backedup secret
var restoredDeletedSecret =
this.fixture.retryExecutor.ExecuteAction(() => client.RestoreSecretAsync(_vaultAddress, backupResponse.Value).GetAwaiter().GetResult());

VerifySecretAttributesAreEqual( restoredDeletedSecret.Attributes, created.Attributes );
Assert.Equal( created.Id, restoredDeletedSecret.Id );
}
finally
{
this.fixture.WaitOnSecret( client, _vaultAddress, name );

client.DeleteSecretAsync( _vaultAddress, name ).Wait( );

if ( _softDeleteEnabled )
{
this.fixture.WaitOnDeletedSecret( client, _vaultAddress, name );

client.PurgeDeletedSecretAsync( _vaultAddress, name ).Wait( );
}
}
}
}

[Fact]
public void KeyVaultListKeysTest()
{
Expand Down Expand Up @@ -642,12 +707,13 @@ public void KeyVaultListKeyVersionsTest()
[Fact]
public void KeyVaultGetDeletedKeyTest()
{
if (!_softDeleteEnabled) return;

using (MockContext context = MockContext.Start(this.GetType().FullName))
{
var client = GetKeyVaultClient();

// settings may not be loaded until the client is fully initialized
if ( !_softDeleteEnabled ) return;

var keyName = "GetDeletedKeyTest";
var attributes = new KeyAttributes();
var tags = new Dictionary<string, string>() { { "purpose", "unit test" }, { "test name ", "GetDeletedKeyTest" } };
Expand Down Expand Up @@ -677,13 +743,13 @@ public void KeyVaultGetDeletedKeyTest()
[Fact]
public void KeyVaultKeyCreateDeleteRecoverPurgeTest()
{
if (!_softDeleteEnabled) return;

using (MockContext context = MockContext.Start(this.GetType().FullName))
{

var client = GetKeyVaultClient();

// settings may not be loaded until the client is fully initialized
if ( !_softDeleteEnabled ) return;

var keyName = "CreateDeleteRecoverPurgeTest";
var attributes = new KeyAttributes();
var tags = new Dictionary<string, string>() { { "purpose", "unit test" }, { "test name ", "CreateDeleteRecoverPurgeTest" } };
Expand Down Expand Up @@ -766,11 +832,13 @@ public void KeyVaultKeyCreateDeleteRecoverPurgeTest()
[Fact]
public void KeyVaultListDeletedKeysTest()
{
if (!_softDeleteEnabled) return;

using (MockContext context = MockContext.Start(this.GetType().FullName))
{
var client = GetKeyVaultClient();

// settings may not be loaded until the client is fully initialized
if ( !_softDeleteEnabled ) return;

string keyNamePrefix = "listdeletedkeytest";
int numKeys = 3;
int maxResults = 1;
Expand Down Expand Up @@ -1129,12 +1197,13 @@ public void KeyVaultTestSecretExtendedAttributes()
[Fact]
public void KeyVaultGetDeletedSecretTest()
{
if (!_softDeleteEnabled) return;

using (MockContext context = MockContext.Start(this.GetType().FullName))
{
var client = GetKeyVaultClient();

// settings may not be loaded until the client is fully initialized
if ( !_softDeleteEnabled ) return;

var secretName = "GetDeletedSecretTest";
var secretValue = "mysecretvalue";
var secretOlder = client.SetSecretAsync(_vaultAddress, secretName, secretValue).GetAwaiter().GetResult();
Expand Down Expand Up @@ -1162,13 +1231,13 @@ public void KeyVaultGetDeletedSecretTest()
[Fact]
public void KeyVaultSecretCreateDeleteRecoverPurgeTest()
{
if (!_softDeleteEnabled) return;

using (MockContext context = MockContext.Start(this.GetType().FullName))
{

var client = GetKeyVaultClient();

// settings may not be loaded until the client is fully initialized
if ( !_softDeleteEnabled ) return;

string secretName = "SecretCreateDeleteRecoverPurgeTest";
string originalSecretValue = "mysecretvalue";

Expand Down Expand Up @@ -1254,12 +1323,13 @@ public void KeyVaultSecretCreateDeleteRecoverPurgeTest()
[Fact]
public void KeyVaultListDeletedSecretsTest()
{
if (!_softDeleteEnabled) return;

using (MockContext context = MockContext.Start(this.GetType().FullName))
{
var client = GetKeyVaultClient();

// settings may not be loaded until the client is fully initialized
if ( !_softDeleteEnabled ) return;

int numSecrets = 3;
int maxResults = 1;

Expand Down Expand Up @@ -2840,6 +2910,13 @@ private void VerifyKeyAttributesAreEqual(KeyAttributes keyAttribute1, KeyAttribu
Assert.Equal<bool?>(keyAttribute1.Enabled ?? true, keyAttribute2.Enabled ?? true);
}

private void VerifySecretAttributesAreEqual( SecretAttributes leftAttributes, SecretAttributes rightAttributes )
{
Assert.Equal( leftAttributes.Expires, rightAttributes.Expires );
Assert.Equal( leftAttributes.NotBefore, rightAttributes.NotBefore );
Assert.Equal<bool?>( leftAttributes.Enabled ?? true, rightAttributes.Enabled ?? true );
}

private void VerifyKeyOperationsAreEqual(IList<string> firstOperations, IList<string> secondOperations)
{
Assert.False(firstOperations == null && secondOperations != null);
Expand Down
Loading