feat: Add unit tests for Azure.KeyVault health check

Author: samtrion

Directory.Packages.props

@@ -30,7 +30,7 @@
     <PackageVersion Include="Azure.Security.KeyVault.Secrets" Version="4.8.0" />
     <PackageVersion Include="Azure.Storage.Blobs" Version="12.25.1" />
     <PackageVersion Include="Azure.Storage.Queues" Version="12.23.0" />
-    <PackageVersion Include="AzureKeyVaultEmulator.TestContainers" Version="0.6.0" />
+    <PackageVersion Include="AzureKeyVaultEmulator.TestContainers" Version="2.3.3" />
     <PackageVersion Include="ClickHouse.Client" Version="7.14.0" />
     <PackageVersion Include="CliWrap" Version="3.9.0" />
     <PackageVersion Include="Confluent.Kafka" Version="2.11.1" />

tests/NetEvolve.HealthChecks.Tests.Integration/Azure.KeyVault/AzureKeyVaultAccess.cs

@@ -0,0 +1,35 @@
+namespace NetEvolve.HealthChecks.Tests.Integration.Azure.KeyVault;
+
+using System;
+using System.Threading.Tasks;
+using AzureKeyVaultEmulator.TestContainers;
+using global::Azure.Identity;
+using global::Azure.Security.KeyVault.Secrets;
+
+public sealed class AzureKeyVaultAccess : IAsyncInitializer, IAsyncDisposable
+{
+    private readonly AzureKeyVaultEmulatorContainer _container = new AzureKeyVaultEmulatorContainerBuilder().Build();
+
+    public Uri VaultUri { get; private set; } = default!;
+
+    public string ConnectionString => VaultUri?.ToString() ?? string.Empty;
+
+    public async ValueTask DisposeAsync() => await _container.DisposeAsync().ConfigureAwait(false);
+
+    public async Task InitializeAsync()
+    {
+        await _container.StartAsync().ConfigureAwait(false);
+
+        VaultUri = new Uri(_container.GetVaultUri());
+
+        await PrepareKeyVaultRequirements().ConfigureAwait(false);
+    }
+
+    private async Task PrepareKeyVaultRequirements()
+    {
+        var secretClient = new SecretClient(VaultUri, new DefaultAzureCredential());
+
+        // Create a test secret
+        _ = await secretClient.SetSecretAsync("test-secret", "test-value").ConfigureAwait(false);
+    }
+}

tests/NetEvolve.HealthChecks.Tests.Integration/Azure.KeyVault/KeyVaultSecretAvailableHealthCheckTests.cs

@@ -0,0 +1,126 @@
+namespace NetEvolve.HealthChecks.Tests.Integration.Azure.KeyVault;
+
+using System.Threading.Tasks;
+using Microsoft.Extensions.Azure;
+using Microsoft.Extensions.Diagnostics.HealthChecks;
+using NetEvolve.Extensions.TUnit;
+using NetEvolve.HealthChecks.Azure.KeyVault;
+
+[TestGroup($"{nameof(Azure)}.{nameof(KeyVault)}")]
+[ClassDataSource<AzureKeyVaultAccess>(Shared = InstanceSharedType.Azure)]
+public class KeyVaultSecretAvailableHealthCheckTests : HealthCheckTestBase
+{
+    private readonly AzureKeyVaultAccess _container;
+
+    public KeyVaultSecretAvailableHealthCheckTests(AzureKeyVaultAccess container) => _container = container;
+
+    [Test]
+    public async Task AddKeyVaultSecretAvailability_UseOptions_ModeServiceProvider_Healthy() =>
+        await RunAndVerify(
+            healthChecks =>
+            {
+                _ = healthChecks.AddKeyVaultSecretAvailability(
+                    "ServiceProviderHealthy",
+                    options =>
+                    {
+                        options.Mode = KeyVaultClientCreationMode.ServiceProvider;
+                        options.Timeout = 10000; // Set a reasonable timeout
+                    }
+                );
+            },
+            HealthStatus.Healthy,
+            serviceBuilder: services =>
+                services.AddAzureClients(clients => _ = clients.AddSecretClient(_container.VaultUri))
+        );
+
+    [Test]
+    public async Task AddKeyVaultSecretAvailability_UseOptions_ModeServiceProvider_Degraded() =>
+        await RunAndVerify(
+            healthChecks =>
+            {
+                _ = healthChecks.AddKeyVaultSecretAvailability(
+                    "ServiceProviderDegraded",
+                    options =>
+                    {
+                        options.Mode = KeyVaultClientCreationMode.ServiceProvider;
+                        options.Timeout = 0;
+                    }
+                );
+            },
+            HealthStatus.Degraded,
+            serviceBuilder: services =>
+                services.AddAzureClients(clients => _ = clients.AddSecretClient(_container.VaultUri))
+        );
+
+    [Test]
+    public async Task AddKeyVaultSecretAvailability_UseOptions_ModeDefaultAzureCredentials_Healthy() =>
+        await RunAndVerify(
+            healthChecks =>
+            {
+                _ = healthChecks.AddKeyVaultSecretAvailability(
+                    "DefaultAzureCredentialsHealthy",
+                    options =>
+                    {
+                        options.Mode = KeyVaultClientCreationMode.DefaultAzureCredentials;
+                        options.VaultUri = _container.VaultUri;
+                        options.Timeout = 10000; // Set a reasonable timeout
+                    }
+                );
+            },
+            HealthStatus.Healthy
+        );
+
+    [Test]
+    public async Task AddKeyVaultSecretAvailability_UseOptions_ModeDefaultAzureCredentials_Degraded() =>
+        await RunAndVerify(
+            healthChecks =>
+            {
+                _ = healthChecks.AddKeyVaultSecretAvailability(
+                    "DefaultAzureCredentialsDegraded",
+                    options =>
+                    {
+                        options.Mode = KeyVaultClientCreationMode.DefaultAzureCredentials;
+                        options.VaultUri = _container.VaultUri;
+                        options.Timeout = 0;
+                    }
+                );
+            },
+            HealthStatus.Degraded
+        );
+
+    [Test]
+    public async Task AddKeyVaultSecretAvailability_UseOptions_ModeManagedIdentity_Healthy() =>
+        await RunAndVerify(
+            healthChecks =>
+            {
+                _ = healthChecks.AddKeyVaultSecretAvailability(
+                    "ManagedIdentityHealthy",
+                    options =>
+                    {
+                        options.Mode = KeyVaultClientCreationMode.ManagedIdentity;
+                        options.VaultUri = _container.VaultUri;
+                        options.Timeout = 10000; // Set a reasonable timeout
+                    }
+                );
+            },
+            HealthStatus.Healthy
+        );
+
+    [Test]
+    public async Task AddKeyVaultSecretAvailability_UseOptions_ModeManagedIdentity_Degraded() =>
+        await RunAndVerify(
+            healthChecks =>
+            {
+                _ = healthChecks.AddKeyVaultSecretAvailability(
+                    "ManagedIdentityDegraded",
+                    options =>
+                    {
+                        options.Mode = KeyVaultClientCreationMode.ManagedIdentity;
+                        options.VaultUri = _container.VaultUri;
+                        options.Timeout = 0;
+                    }
+                );
+            },
+            HealthStatus.Degraded
+        );
+}

tests/NetEvolve.HealthChecks.Tests.Integration/NetEvolve.HealthChecks.Tests.Integration.csproj

@@ -15,6 +15,7 @@
     <PackageReference Include="ArangoDBNetStandard" />
     <PackageReference Include="Azure.Data.Tables" />
     <PackageReference Include="Azure.Messaging.ServiceBus" />
+    <PackageReference Include="Azure.Security.KeyVault.Secrets" />
     <PackageReference Include="Azure.Storage.Blobs" />
     <PackageReference Include="Azure.Storage.Queues" />
     <PackageReference Include="ClickHouse.Client" />
@@ -63,6 +64,7 @@
     <PackageReference Include="Testcontainers.ActiveMq" />
     <PackageReference Include="Testcontainers.ArangoDb" />
     <PackageReference Include="Testcontainers.Azurite" />
+    <PackageReference Include="AzureKeyVaultEmulator.TestContainers" />
     <PackageReference Include="Testcontainers.ClickHouse" />
     <PackageReference Include="Testcontainers.Consul" />
     <PackageReference Include="Testcontainers.Db2" />
@@ -106,6 +108,7 @@
     <ProjectReference Include="..\..\src\NetEvolve.HealthChecks.AWS.SQS\NetEvolve.HealthChecks.AWS.SQS.csproj" />
     <ProjectReference Include="..\..\src\NetEvolve.HealthChecks.Azure.ApplicationInsights\NetEvolve.HealthChecks.Azure.ApplicationInsights.csproj" />
     <ProjectReference Include="..\..\src\NetEvolve.HealthChecks.Azure.Blobs\NetEvolve.HealthChecks.Azure.Blobs.csproj" />
+    <ProjectReference Include="..\..\src\NetEvolve.HealthChecks.Azure.KeyVault\NetEvolve.HealthChecks.Azure.KeyVault.csproj" />
     <ProjectReference Include="..\..\src\NetEvolve.HealthChecks.Azure.Queues\NetEvolve.HealthChecks.Azure.Queues.csproj" />
     <ProjectReference Include="..\..\src\NetEvolve.HealthChecks.Azure.ServiceBus\NetEvolve.HealthChecks.Azure.ServiceBus.csproj" />
     <ProjectReference Include="..\..\src\NetEvolve.HealthChecks.Azure.Tables\NetEvolve.HealthChecks.Azure.Tables.csproj" />

tests/NetEvolve.HealthChecks.Tests.Unit/Azure.KeyVault/DependencyInjectionExtensionsTests.cs

@@ -0,0 +1,88 @@
+namespace NetEvolve.HealthChecks.Tests.Unit.Azure.KeyVault;
+
+using System;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using NetEvolve.Extensions.TUnit;
+using NetEvolve.HealthChecks.Azure.KeyVault;
+
+[TestGroup($"{nameof(Azure)}.{nameof(KeyVault)}")]
+public class DependencyInjectionExtensionsTests
+{
+    [Test]
+    public void AddKeyVaultSecretAvailability_WhenArgumentBuilderNull_ThrowArgumentNullException()
+    {
+        // Arrange
+        var builder = default(IHealthChecksBuilder);
+
+        // Act
+        void Act() => builder.AddKeyVaultSecretAvailability("Test");
+
+        // Assert
+        _ = Assert.Throws<ArgumentNullException>("builder", Act);
+    }
+
+    [Test]
+    public void AddKeyVaultSecretAvailability_WhenArgumentNameNull_ThrowArgumentNullException()
+    {
+        // Arrange
+        var configuration = new ConfigurationBuilder().Build();
+        var services = new ServiceCollection();
+        var builder = services.AddSingleton<IConfiguration>(configuration).AddHealthChecks();
+        const string? name = default;
+
+        // Act
+        void Act() => builder.AddKeyVaultSecretAvailability(name!);
+
+        // Assert
+        _ = Assert.Throws<ArgumentNullException>("name", Act);
+    }
+
+    [Test]
+    public void AddKeyVaultSecretAvailability_WhenArgumentNameEmpty_ThrowArgumentException()
+    {
+        // Arrange
+        var configuration = new ConfigurationBuilder().Build();
+        var services = new ServiceCollection();
+        var builder = services.AddSingleton<IConfiguration>(configuration).AddHealthChecks();
+        var name = string.Empty;
+
+        // Act
+        void Act() => builder.AddKeyVaultSecretAvailability(name);
+
+        // Assert
+        _ = Assert.Throws<ArgumentException>("name", Act);
+    }
+
+    [Test]
+    public void AddKeyVaultSecretAvailability_WhenArgumentTagsNull_ThrowArgumentNullException()
+    {
+        // Arrange
+        var configuration = new ConfigurationBuilder().Build();
+        var services = new ServiceCollection();
+        var builder = services.AddSingleton<IConfiguration>(configuration).AddHealthChecks();
+        var tags = default(string[]);
+
+        // Act
+        void Act() => builder.AddKeyVaultSecretAvailability("Test", tags: tags);
+
+        // Assert
+        _ = Assert.Throws<ArgumentNullException>("tags", Act);
+    }
+
+    [Test]
+    public void AddKeyVaultSecretAvailability_WhenArgumentNameIsAlreadyUsed_ThrowArgumentException()
+    {
+        // Arrange
+        var configuration = new ConfigurationBuilder().Build();
+        var services = new ServiceCollection();
+        var builder = services.AddSingleton<IConfiguration>(configuration).AddHealthChecks();
+        const string? name = "Test";
+
+        // Act
+        void Act() => builder.AddKeyVaultSecretAvailability(name, __ => { }).AddKeyVaultSecretAvailability(name);
+
+        // Assert
+        _ = Assert.Throws<ArgumentException>(nameof(name), Act);
+    }
+}