From a1daa8f59cd530af3f200dca3972db9b997e9e4e Mon Sep 17 00:00:00 2001 From: frankqianms <109947924+frankqianms@users.noreply.github.com> Date: Thu, 24 Oct 2024 08:16:55 +0800 Subject: [PATCH 1/4] test: update test case to setup live test pipeline (#75) * test: update test case * update * . * . * . * . * . * . * . * . * . * . * . * test: update test case --- .../tests/latest/constants.py | 6 ++++- .../tests/latest/test_service_commands.py | 26 +++++++++++-------- .../tests/latest/utils.py | 3 ++- 3 files changed, 22 insertions(+), 13 deletions(-) diff --git a/src/apic-extension/azext_apic_extension/tests/latest/constants.py b/src/apic-extension/azext_apic_extension/tests/latest/constants.py index 9d4fae7db35..f0dfd012c5a 100644 --- a/src/apic-extension/azext_apic_extension/tests/latest/constants.py +++ b/src/apic-extension/azext_apic_extension/tests/latest/constants.py @@ -3,4 +3,8 @@ # Licensed under the MIT License. See License.txt in the project root for license information. # -------------------------------------------------------------------------------------------- -TEST_REGION = "eastus" \ No newline at end of file +import os + +TEST_REGION = "eastus" +# to set USERASSIGNED_IDENTITY, refer to https://learn.microsoft.com/en-us/azure/api-center/import-api-management-apis?tabs=portal#option-2-import-apis-directly-from-your-api-management-instance +USERASSIGNED_IDENTITY = os.getenv('USERASSIGNED_IDENTITY') \ No newline at end of file diff --git a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py index c08ade82364..40208b1b29f 100644 --- a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py +++ b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py @@ -9,7 +9,7 @@ from azure.cli.testsdk import ScenarioTest, ResourceGroupPreparer from .utils import ApicServicePreparer -from .constants import TEST_REGION +from .constants import TEST_REGION, USERASSIGNED_IDENTITY class ServiceCommandsTests(ScenarioTest): @@ -111,7 +111,7 @@ def test_delete_service(self): self.cmd('az apic show -g {rg} -n {s}', expect_failure=True) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=True) + @ApicServicePreparer(enable_system_assigned_identity=False) def test_import_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -127,7 +127,7 @@ def test_import_from_apim(self): @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=True) + @ApicServicePreparer(enable_system_assigned_identity=False) def test_import_from_apim_for_one_api(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -146,7 +146,7 @@ def test_import_from_apim_for_one_api(self): ]) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=True) + @ApicServicePreparer(enable_system_assigned_identity=False) def test_import_from_apim_for_multiple_apis(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -195,7 +195,7 @@ def test_examples_delete_service(self): self.cmd('az apic show -g {rg} -n {s}', expect_failure=True) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=True) + @ApicServicePreparer(enable_system_assigned_identity=False) def test_examples_import_all_apis_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -204,7 +204,7 @@ def test_examples_import_all_apis_from_apim(self): self.cmd('az apic import-from-apim -g {rg} --service-name {s} --apim-name {apim_name} --apim-apis *') @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=True) + @ApicServicePreparer(enable_system_assigned_identity=False) def test_examples_import_selected_apis_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -238,9 +238,9 @@ def _prepare_apim(self): # Only setup APIM in live mode # Get system assigned identity id for API Center apic_service = self.cmd('az apic show -g {rg} -n {s}').get_output_in_json() - self.kwargs.update({ - 'identity_id': apic_service['identity']['principalId'] - }) + # self.kwargs.update({ + # 'identity_id': apic_service['identity']['principalId'] + # }) # Create APIM service apim_service = self.cmd('az apim create -g {rg} --name {apim_name} --publisher-name test --publisher-email test@example.com --sku-name Consumption').get_output_in_json() # Add echo api @@ -251,7 +251,11 @@ def _prepare_apim(self): self.cmd('az apim api operation create -g {rg} --service-name {apim_name} --api-id foo --url-template "/foo" --method "GET" --display-name "GetOperation"') apim_id = apim_service['id'] self.kwargs.update({ - 'apim_id': apim_id + 'apim_id': apim_id, + 'usi_id': USERASSIGNED_IDENTITY }) # Grant system assigned identity of API Center access to APIM - self.cmd('az role assignment create --role "API Management Service Reader Role" --assignee-object-id {identity_id} --assignee-principal-type ServicePrincipal --scope {apim_id}') + # self.cmd('az role assignment create --role "API Management Service Reader Role" --assignee-object-id {identity_id} --assignee-principal-type ServicePrincipal --scope {apim_id}') + + # add user-assigned identity to api center service: + self.cmd('az apic update --name {s} -g {rg} --identity {{type:UserAssigned,user-assigned-identities:{usi_id}}}') \ No newline at end of file diff --git a/src/apic-extension/azext_apic_extension/tests/latest/utils.py b/src/apic-extension/azext_apic_extension/tests/latest/utils.py index b1106da4a1f..5ae64415716 100644 --- a/src/apic-extension/azext_apic_extension/tests/latest/utils.py +++ b/src/apic-extension/azext_apic_extension/tests/latest/utils.py @@ -8,7 +8,8 @@ class ApicServicePreparer(NoTrafficRecordingPreparer, SingleValueReplacer): def __init__(self, name_prefix='clitest', length=24, parameter_name='service_name', resource_group_parameter_name='resource_group', key='s', - enable_system_assigned_identity=False): + enable_system_assigned_identity=False, + usi_id=None): super(ApicServicePreparer, self).__init__(name_prefix, length) self.cli_ctx = get_dummy_cli() self.resource_group_parameter_name = resource_group_parameter_name From 2d708fdf3bc5f71626b1af7621ae6fe54bfc896b Mon Sep 17 00:00:00 2001 From: frankqianms Date: Thu, 24 Oct 2024 08:21:39 +0800 Subject: [PATCH 2/4] refactor: enable both identity --- .../tests/latest/test_service_commands.py | 31 +++++++++++-------- .../tests/latest/utils.py | 3 +- 2 files changed, 19 insertions(+), 15 deletions(-) diff --git a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py index 40208b1b29f..ab1e5e136d3 100644 --- a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py +++ b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py @@ -11,6 +11,9 @@ from .utils import ApicServicePreparer from .constants import TEST_REGION, USERASSIGNED_IDENTITY +# if USERASSIGNED_IDENTITY is set, enable_system_assigned_identity is False, otherwise use system assigned identity +enable_system_assigned_identity = False if USERASSIGNED_IDENTITY else True + class ServiceCommandsTests(ScenarioTest): @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) @@ -111,7 +114,7 @@ def test_delete_service(self): self.cmd('az apic show -g {rg} -n {s}', expect_failure=True) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_import_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -127,7 +130,7 @@ def test_import_from_apim(self): @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_import_from_apim_for_one_api(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -146,7 +149,7 @@ def test_import_from_apim_for_one_api(self): ]) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_import_from_apim_for_multiple_apis(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -195,7 +198,7 @@ def test_examples_delete_service(self): self.cmd('az apic show -g {rg} -n {s}', expect_failure=True) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_examples_import_all_apis_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -204,7 +207,7 @@ def test_examples_import_all_apis_from_apim(self): self.cmd('az apic import-from-apim -g {rg} --service-name {s} --apim-name {apim_name} --apim-apis *') @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_examples_import_selected_apis_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -238,9 +241,9 @@ def _prepare_apim(self): # Only setup APIM in live mode # Get system assigned identity id for API Center apic_service = self.cmd('az apic show -g {rg} -n {s}').get_output_in_json() - # self.kwargs.update({ - # 'identity_id': apic_service['identity']['principalId'] - # }) + self.kwargs.update({ + 'identity_id': apic_service['identity']['principalId'] + }) if enable_system_assigned_identity # Create APIM service apim_service = self.cmd('az apim create -g {rg} --name {apim_name} --publisher-name test --publisher-email test@example.com --sku-name Consumption').get_output_in_json() # Add echo api @@ -254,8 +257,10 @@ def _prepare_apim(self): 'apim_id': apim_id, 'usi_id': USERASSIGNED_IDENTITY }) - # Grant system assigned identity of API Center access to APIM - # self.cmd('az role assignment create --role "API Management Service Reader Role" --assignee-object-id {identity_id} --assignee-principal-type ServicePrincipal --scope {apim_id}') - - # add user-assigned identity to api center service: - self.cmd('az apic update --name {s} -g {rg} --identity {{type:UserAssigned,user-assigned-identities:{usi_id}}}') \ No newline at end of file + + if enable_system_assigned_identity: + # Grant system assigned identity of API Center access to APIM + self.cmd('az role assignment create --role "API Management Service Reader Role" --assignee-object-id {identity_id} --assignee-principal-type ServicePrincipal --scope {apim_id}') + else: + # add user-assigned identity to api center service: + self.cmd('az apic update --name {s} -g {rg} --identity {{type:UserAssigned,user-assigned-identities:{usi_id}}}') \ No newline at end of file diff --git a/src/apic-extension/azext_apic_extension/tests/latest/utils.py b/src/apic-extension/azext_apic_extension/tests/latest/utils.py index 5ae64415716..b1106da4a1f 100644 --- a/src/apic-extension/azext_apic_extension/tests/latest/utils.py +++ b/src/apic-extension/azext_apic_extension/tests/latest/utils.py @@ -8,8 +8,7 @@ class ApicServicePreparer(NoTrafficRecordingPreparer, SingleValueReplacer): def __init__(self, name_prefix='clitest', length=24, parameter_name='service_name', resource_group_parameter_name='resource_group', key='s', - enable_system_assigned_identity=False, - usi_id=None): + enable_system_assigned_identity=False): super(ApicServicePreparer, self).__init__(name_prefix, length) self.cli_ctx = get_dummy_cli() self.resource_group_parameter_name = resource_group_parameter_name From 5a01dff3c82ba791f531ce66538268809e27c68d Mon Sep 17 00:00:00 2001 From: frankqianms Date: Thu, 24 Oct 2024 08:39:57 +0800 Subject: [PATCH 3/4] fix: bad if else --- .../azext_apic_extension/tests/latest/test_service_commands.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py index ab1e5e136d3..a63978d4096 100644 --- a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py +++ b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py @@ -243,7 +243,7 @@ def _prepare_apim(self): apic_service = self.cmd('az apic show -g {rg} -n {s}').get_output_in_json() self.kwargs.update({ 'identity_id': apic_service['identity']['principalId'] - }) if enable_system_assigned_identity + }) if enable_system_assigned_identity else None # Create APIM service apim_service = self.cmd('az apim create -g {rg} --name {apim_name} --publisher-name test --publisher-email test@example.com --sku-name Consumption').get_output_in_json() # Add echo api From 16618f3d209a4377ed75dd89d8911fd999e4fa1e Mon Sep 17 00:00:00 2001 From: frankqianms Date: Thu, 24 Oct 2024 10:23:11 +0800 Subject: [PATCH 4/4] fix: fix bad parameter --- .../tests/latest/test_service_commands.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py index a63978d4096..8ffcc8d1dfd 100644 --- a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py +++ b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py @@ -114,7 +114,7 @@ def test_delete_service(self): self.cmd('az apic show -g {rg} -n {s}', expect_failure=True) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity) + @ApicServicePreparer(enable_system_assigned_identity=enable_system_assigned_identity) def test_import_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -130,7 +130,7 @@ def test_import_from_apim(self): @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity) + @ApicServicePreparer(enable_system_assigned_identity=enable_system_assigned_identity) def test_import_from_apim_for_one_api(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -149,7 +149,7 @@ def test_import_from_apim_for_one_api(self): ]) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity) + @ApicServicePreparer(enable_system_assigned_identity=enable_system_assigned_identity) def test_import_from_apim_for_multiple_apis(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -198,7 +198,7 @@ def test_examples_delete_service(self): self.cmd('az apic show -g {rg} -n {s}', expect_failure=True) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity) + @ApicServicePreparer(enable_system_assigned_identity=enable_system_assigned_identity) def test_examples_import_all_apis_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -207,7 +207,7 @@ def test_examples_import_all_apis_from_apim(self): self.cmd('az apic import-from-apim -g {rg} --service-name {s} --apim-name {apim_name} --apim-apis *') @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity) + @ApicServicePreparer(enable_system_assigned_identity=enable_system_assigned_identity) def test_examples_import_selected_apis_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24)