Configured the build to run the integration tests against the DevTest lab created by the build

Author: NJLangley

.github/workflows/test_azure_devtest_labs_integration.yml

@@ -28,6 +28,7 @@ jobs:
       ARM_TEMPLATE_NAME: sqlcollaborative_AzureDataPipelineTools
       FUNCTIONS_PROJECT_NAME: DataPipelineTools.Functions
       BUILD_CONFIGURATION: Release
+      RUN_SETTINGS_FILENAME: ./integrationTest.runsettings
 
 
     # Steps represent a sequence of tasks that will be executed as part of the job
@@ -157,12 +158,12 @@ jobs:
           # echo "::set-output name=DEPLOYMENTOUTPUT::$DEPLOYMENTOUTPUT"
           
           echo "Deployment Outputs"
-          echo "::set-output name=STORAGE_ACCOUNTCONNECTION_STRING::$(echo $DEPLOYMENTOUTPUT | jq --raw-output '.storageAccountConnectionString.value')"
+          #echo "::set-output name=STORAGE_ACCOUNTCONNECTION_STRING::$(echo $DEPLOYMENTOUTPUT | jq --raw-output '.storageAccountConnectionString.value')"
           echo "::set-output name=STORAGE_ACCOUNT_NAME::$(echo $DEPLOYMENTOUTPUT | jq --raw-output '.storageAccountName.value')"
           echo "::set-output name=FUNCTIONS_APP_NAME::$(echo $DEPLOYMENTOUTPUT | jq --raw-output '.functionsAppName.value')"
           echo "::set-output name=FUNCTIONS_APP_URI::$(echo $DEPLOYMENTOUTPUT | jq --raw-output '.functionsAppUri.value')"
           echo "::set-output name=KEY_VAULT_NAME::$(echo $DEPLOYMENTOUTPUT | jq --raw-output '.keyVaultName.value')"
-          echo "::set-output name=FUNCTIONS_APP_KEY::$(echo $DEPLOYMENTOUTPUT | jq --raw-output '.functionsAppKey.value')"
+          #echo "::set-output name=FUNCTIONS_APP_KEY::$(echo $DEPLOYMENTOUTPUT | jq --raw-output '.functionsAppKey.value')"
           echo "::set-output name=RUN_SETTINGS::$(echo $DEPLOYMENTOUTPUT | jq --raw-output '.runSettings.value')"
 
           echo "========================================================================================================================================================================================================"
@@ -172,22 +173,21 @@ jobs:
     # Runs a set of commands using the runners shell
     - name: Show create environment outputs
       run: |
-        echo "ENVIRONMENT_INSTANCE_NAME:                ${{ steps.create-devtest-labs-environment.outputs.ENVIRONMENT_INSTANCE_NAME }}"
-        echo "ENVIRONMENT_INSTANCE_RESOURCE_GROUP_NAME: ${{ steps.create-devtest-labs-environment.outputs.ENVIRONMENT_INSTANCE_RESOURCE_GROUP_NAME }}"
+        #echo "ENVIRONMENT_INSTANCE_NAME:                ${{ steps.create-devtest-labs-environment.outputs.ENVIRONMENT_INSTANCE_NAME }}"
+        #echo "ENVIRONMENT_INSTANCE_RESOURCE_GROUP_NAME: ${{ steps.create-devtest-labs-environment.outputs.ENVIRONMENT_INSTANCE_RESOURCE_GROUP_NAME }}"
         echo "FUNCTIONS_APP_NAME:                       ${{ steps.create-devtest-labs-environment.outputs.FUNCTIONS_APP_NAME }}"
         echo "FUNCTIONS_APP_URI:                        ${{ steps.create-devtest-labs-environment.outputs.FUNCTIONS_APP_URI }}"
-        echo "FUNCTIONS_APP_KEY:                        ${{ steps.create-devtest-labs-environment.outputs.FUNCTIONS_APP_KEY }}"
-        echo "STORAGE_ACCOUNTCONNECTION_STRING:         ${{ steps.create-devtest-labs-environment.outputs.STORAGE_ACCOUNTCONNECTION_STRING }}"
+        #echo "FUNCTIONS_APP_KEY:                        ${{ steps.create-devtest-labs-environment.outputs.FUNCTIONS_APP_KEY }}"
+        #echo "STORAGE_ACCOUNTCONNECTION_STRING:         ${{ steps.create-devtest-labs-environment.outputs.STORAGE_ACCOUNTCONNECTION_STRING }}"
         echo "STORAGE_ACCOUNT_NAME:                     ${{ steps.create-devtest-labs-environment.outputs.STORAGE_ACCOUNT_NAME }}"
         echo "KEY_VAULT_NAME:                           ${{ steps.create-devtest-labs-environment.outputs.KEY_VAULT_NAME }}"
-        echo "RUN_SETTINGS:                           ${{ steps.create-devtest-labs-environment.outputs.RUN_SETTINGS }}"
+        echo 'RUN_SETTINGS:                             ${{ steps.create-devtest-labs-environment.outputs.RUN_SETTINGS }}'
     
 
     # Write the runsettings output from the ARM script into a file so that the integration tests can use it
-    - name: Show create environment outputs
+    - name: Write the DevTest Labs output runsettings to file
       run: |    
-        echo "${{ steps.create-devtest-labs-environment.outputs.RUN_SETTINGS }}" > ./integrationTest.runsettings
-
+        echo '${{ steps.create-devtest-labs-environment.outputs.RUN_SETTINGS }}' > ${{ env.RUN_SETTINGS_FILENAME }}
 # echo "ENVIRONMENT_INSTANCE_RESOURCES: ${{ steps.get-devtest-labs-environment-resources.outputs.ENVIRONMENT_INSTANCE_RESOURCES }}"
 # az lab arm-template show --resource-group $RESOURCE_GROUP
 
@@ -242,4 +242,9 @@ jobs:
         package: './${{ env.FUNCTIONS_PROJECT_NAME }}/bin/${{ env.BUILD_CONFIGURATION }}'
 
 
+    - name: Run Integration Tests
+      run: dotnet test --no-build --configuration ${{ env.BUILD_CONFIGURATION }} --filter TestCategory=IntegrationTest --output ./output --verbosity normal --settings ${{ env.RUN_SETTINGS_FILENAME }}
+
+
+
 

Azure-DevTestLab/Environments/sqlcollaborative_AzureDataPipelineTools/azuredeploy.json

@@ -51,10 +51,11 @@
 
         "keyVaultApiVersion": "2021-04-01-preview",
         "keyVaultName": "[concat('kv', substring(uniqueString(parameters('branch')), 0, 4), 'xxxx', substring(parameters('commit'), 0, min(length(parameters('commit')), 7)))]",
-        "keyVaultSecret_ServicePrincipalClientSecret": "devopsServicePrincipalClientSecret",
+        "keyVaultSecret_ServicePrincipalClientSecret": "DevopsServicePrincipalClientSecret",
         "keyVaultSecret_StorageSaSToken": "StorageSaSToken",
         "keyVaultSecret_StorageKey": "StorageKey",
-        "keyVaultSecret_functionsKey": "functionsKey",
+        "keyVaultSecret_functionsKey": "FunctionsKey",
+        "keyVaultSecret_applicationsInsightsKey": "ApplicationsInsightsKey",
 
         "applicationInsightsApiVersion": "2020-02-02-preview",
         "applicationInsightsName": "[concat('appinsights', substring(uniqueString(parameters('branch')), 0, 4), 'xxxx', substring(parameters('commit'), 0, min(length(parameters('commit')), 7)))]",
@@ -344,11 +345,19 @@
                     "properties": {
                         "value": "[listKeys(variables('adlsStorageAccountResourceId'), variables('storageAccountApiVersion')).keys[0].value]"
                     }
+                },
+                {
+                    "type": "secrets",
+                    "apiVersion": "[variables('keyVaultApiVersion')]",
+                    "name": "[variables('keyVaultSecret_applicationsInsightsKey')]",
+                    "dependsOn": [
+                        "[concat('Microsoft.KeyVault/vaults/', variables('keyVaultName'))]",
+                        "[resourceId('Microsoft.Web/sites', variables('functionsAppName'))]"
+                    ],
+                    "properties": {
+                        "value": "[reference(resourceId('microsoft.insights/components', variables('applicationInsightsName')), variables('applicationInsightsApiVersion'), 'full').properties.InstrumentationKey]"
+                    }
                 }
-                
-                
-                
-                
             ]
         },
 
@@ -584,22 +593,25 @@
                        '    <Parameter name=\"UseFunctionsEmulator\" value=\"true\" />',
                        '    <Parameter name=\"FunctionsAppName\" value=\"', variables('functionsAppName'), '\" />',
                        '    <Parameter name=\"FunctionsAppUrl\" value=\"', reference(resourceId('Microsoft.Web/sites', variables('functionsAppName')), variables('functionsAppApiVersion'), 'full').properties.hostNames[0], '\" />',
-                       '    <Parameter name=\"FunctionsAppKey\" value=\"', listKeys(concat(resourceId('Microsoft.Web/sites', variables('functionsAppName')), '/host/default/'), variables('functionsAppApiVersion')).functionKeys.default, '\" />',
-                       '    <Parameter name=\"FunctionsAppKeyName\" value=\"', variables('keyVaultSecret_functionsKey'), '\" />',
                        '    <Parameter name=\"StorageAccountName\" value=\"', variables('adlsStorageAccountName'), '\" />',
                        '    <Parameter name=\"StorageContainerName\" value=\"', parameters('adlsStorageAccountContainerName'), '\" />',
                        '    <Parameter name=\"KeyVaultName\" value=\"', variables('keyVaultName'), '\" />',
                        '    <Parameter name=\"ServicePrincipalName\" value=\"', parameters('devopsServicePrincipalCredentials').client_id, '\" />',
-                       '    <Parameter name=\"ServicePrincipalSecret\" value=\"', parameters('devopsServicePrincipalCredentials').client_secret, '\" />',
-                       '    <Parameter name=\"ServicePrincipalNameKeyName\" value=\"', variables('keyVaultSecret_ServicePrincipalClientSecret'), '\" />',
-                       '    <Parameter name=\"StorageContainerSasToken\" value=\"', replace(listAccountSas(variables('adlsStorageAccountName'), variables('storageAccountApiVersion'), parameters('adlsStorageAccountSasProperties')).accountSasToken, '&', '&amp;'), '\" />',
-                       '    <Parameter name=\"StorageContainerSasTokenKeyName\" value=\"', variables('keyVaultSecret_StorageSaSToken'), '\" />',
-                       '    <Parameter name=\"StorageAccountAccessKey\" value=\"', listKeys(variables('adlsStorageAccountResourceId'), variables('storageAccountApiVersion')).keys[0].value, '\" />',
-                       '    <Parameter name=\"StorageAccountAccessKeyKeyName\" value=\"', variables('keyVaultSecret_StorageKey'), '\" />',
+                       '    <Parameter name=\"ApplicationInsightsName\" value=\"', reference(resourceId('microsoft.insights/components', variables('applicationInsightsName')), variables('applicationInsightsApiVersion'), 'full').properties.Name, '\" />',
+                       
+                       '    <Parameter name=\"KeyVaultSecretFunctionsAppKey\" value=\"', variables('keyVaultSecret_functionsKey'), '\" />',
+                       '    <Parameter name=\"KeyVaultSecretServicePrincipalSecretKey\" value=\"', variables('keyVaultSecret_ServicePrincipalClientSecret'), '\" />',
+                       '    <Parameter name=\"KeyVaultSecretStorageContainerSasToken\" value=\"', variables('keyVaultSecret_StorageSaSToken'), '\" />',
+                       '    <Parameter name=\"KeyVaultSecretStorageAccountAccessKey\" value=\"', variables('keyVaultSecret_StorageKey'), '\" />',
+                       '    <Parameter name=\"KeyVaultSecretApplicationInsightsKey\" value=\"', variables('keyVaultSecret_applicationsInsightsKey'), '\" />',
                        '  </TestRunParameters>',
                        '</RunSettings>'
                       )
                 ]"
+                    //    '    <Parameter name=\"FunctionsAppKey\" value=\"', listKeys(concat(resourceId('Microsoft.Web/sites', variables('functionsAppName')), '/host/default/'), variables('functionsAppApiVersion')).functionKeys.default, '\" />',
+                    //    '    <Parameter name=\"ServicePrincipalSecret\" value=\"', parameters('devopsServicePrincipalCredentials').client_secret, '\" />',
+                    //    '    <Parameter name=\"StorageContainerSasToken\" value=\"', replace(listAccountSas(variables('adlsStorageAccountName'), variables('storageAccountApiVersion'), parameters('adlsStorageAccountSasProperties')).accountSasToken, '&', '&amp;'), '\" />',
+                    //    '    <Parameter name=\"StorageAccountAccessKey\" value=\"', listKeys(variables('adlsStorageAccountResourceId'), variables('storageAccountApiVersion')).keys[0].value, '\" />',
         }
     }
 }

DataPipelineTools.Functions.Tests/DataLake/DataLakeFunctions/Integration/DataLakeGetItemsIntegrationTests.cs

@@ -8,20 +8,21 @@ namespace DataPipelineTools.Functions.Tests.DataLake.DataLakeFunctions.Integrati
     [Category(nameof(TestType.IntegrationTest))]
     public class DataLakeGetItemsIntegrationTests: IntegrationTestBase
     {
+
+
         [SetUp]
         public void Setup()
         {
-            
+            Logger.LogInformation($"Running tests in { (IsRunningOnCIServer ? "CI" : "local") } environment");
+            Logger.LogInformation($"TestContext.Parameters.Count: { TestContext.Parameters.Count }");
         }
 
-        [Test]
-        public void Test1()
-        {
-            Logger.LogInformation($"Running tests in { (IsRunningOnCIServer ? "CI": "local") } environment");
+        //[Test]
+        //public void Test_RunSettingsLoadedOk()
+        //{
+        //    Assert.
 
-
-            Logger.LogError("Integration tests not implemented yet.");
-            Assert.Fail();
-        }
+        //    //Assert.Fail("Integration tests not implemented yet.");
+        //}
     }
 }

DataPipelineTools.Functions.Tests/DataLake/DataLakeFunctions/Unit/DataLakeGetItemsTests.cs

@@ -1,27 +1,27 @@
-using DataPipelineTools.Tests.Common;
-using Microsoft.Extensions.Logging;
-using NUnit.Framework;
+//using DataPipelineTools.Tests.Common;
+//using Microsoft.Extensions.Logging;
+//using NUnit.Framework;
 
-namespace DataPipelineTools.Functions.Tests.DataLake.DataLakeFunctions.Unit
-{
-    [TestFixture]
-    [Category(nameof(TestType.IntegrationTest))]
-    public class DataLakeGetItemsTests: IntegrationTestBase
-    {
-        [SetUp]
-        public void Setup()
-        {
-            
-        }
+//namespace DataPipelineTools.Functions.Tests.DataLake.DataLakeFunctions.Unit
+//{
+//    [TestFixture]
+//    [Category(nameof(TestType.IntegrationTest))]
+//    public class DataLakeGetItemsTests: IntegrationTestBase
+//    {
+//        [SetUp]
+//        public void Setup()
+//        {
+//            Logger.LogInformation($"Running tests in { (IsRunningOnCIServer ? "CI": "local") } environment");
+//        }
 
-        [Test]
-        public void Test1()
-        {
-            Logger.LogInformation($"Running tests in { (IsRunningOnCIServer ? "CI": "local") } environment");
+//        [Test]
+//        public void Test_KeyVaultSecretsAreCorrect()
+//        {   
+//            var servicePrincipalSecretPlainText = TestContext.Parameters["ServicePrincipalSecret"];
+//            var servicePrincipalSecretKeyVault = GetKeyVaultSecretValue(TestContext.Parameters["ServicePrincipalSecretKeyName"]);
 
-
-            Logger.LogError("Integration tests not implemented yet.");
-            Assert.Fail();
-        }
-    }
-}
+//            Assert.AreEqual(servicePrincipalSecretPlainText, servicePrincipalSecretKeyVault);
+//            //Assert.Fail("Integration tests not implemented yet.");
+//        }
+//    }
+//}

DataPipelineTools.Functions.Tests/DataPipelineTools.Functions.Tests.csproj

@@ -13,6 +13,7 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="Azure.Security.KeyVault.Secrets" Version="4.2.0" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.9.4" />
     <PackageReference Include="NUnit" Version="3.13.1" />
     <PackageReference Include="NUnit3TestAdapter" Version="3.17.0" />

DataPipelineTools.Functions.Tests/IntegrationTestBase.cs

@@ -1,7 +1,10 @@
 using System;
-using System.Collections.Generic;
-using System.Text;
+using System.Runtime.InteropServices.ComTypes;
+using Azure.Identity;
+using Azure.Security.KeyVault.Secrets;
 using DataPipelineTools.Tests.Common;
+using Microsoft.Extensions.Logging;
+using NUnit.Framework;
 
 namespace DataPipelineTools.Functions.Tests
 {
@@ -10,6 +13,62 @@ namespace DataPipelineTools.Functions.Tests
     /// </summary>
     public abstract class IntegrationTestBase : TestBase
     {
+        public IntegrationTestBase()
+        {
+            if (TestContext.Parameters.Count == 0)
+                throw new ArgumentException("No setting file is configured for the integration tests.");
+        }
+
+        protected bool UseFunctionsEmulator
+        {
+            get
+            {
+                var result = false;
+                bool.TryParse(TestContext.Parameters["UseFunctionsEmulator"], out result);
+                return result;
+            }
+        }
+
+        protected string FunctionsAppName => TestContext.Parameters["FunctionsAppName"];
+        protected string FunctionsAppUrl => TestContext.Parameters["FunctionsAppUrl"];
+        protected string StorageAccountName => TestContext.Parameters["StorageAccountName"];
+        protected string StorageContainerName => TestContext.Parameters["StorageContainerName"];
+        protected string KeyVaultName => TestContext.Parameters["KeyVaultName"];
+        protected string ServicePrincipalName => TestContext.Parameters["ServicePrincipalName"];
+        protected string ApplicationInsightsName => TestContext.Parameters["ApplicationInsightsName"];
+        
+        
+        
+        
+        protected string FunctionsAppKey => TestContext.Parameters["FunctionsAppKey"] ?? GetKeyVaultSecretValue(TestContext.Parameters["KeyVaultSecretFunctionsAppKey"]);
+        protected string ServicePrincipalSecretKey => TestContext.Parameters["ServicePrincipalSecretKey"] ?? GetKeyVaultSecretValue(TestContext.Parameters["KeyVaultSecretServicePrincipalSecretKey"]);
+        protected string StorageContainerSasToken => TestContext.Parameters["StorageContainerSasToken"] ?? GetKeyVaultSecretValue(TestContext.Parameters["KeyVaultSecretStorageContainerSasToken"]);
+        protected string StorageAccountAccessKey => TestContext.Parameters["StorageAccountAccessKey"] ?? GetKeyVaultSecretValue(TestContext.Parameters["KeyVaultSecretStorageAccountAccessKey"]);
+        protected string ApplicationInsightsKey => TestContext.Parameters["ApplicationInsightsKey"] ?? GetKeyVaultSecretValue(TestContext.Parameters["KeyVaultSecretApplicationInsightsKey"]);
+
+
+        [Test]
+        public void Test_RunSettingsLoadedOk()
+        {
+            Assert.IsNotNull(UseFunctionsEmulator);
+            Assert.IsNotNull(FunctionsAppName);
+            Assert.IsNotNull(FunctionsAppUrl);
+            Assert.IsNotNull(StorageAccountName);
+            Assert.IsNotNull(StorageContainerName);
+            Assert.IsNotNull(KeyVaultName);
+            Assert.IsNotNull(ServicePrincipalName);
+            Assert.IsNotNull(ApplicationInsightsName);
+            Assert.IsNotNull(FunctionsAppKey);
+            Assert.IsNotNull(ServicePrincipalSecretKey);
+            Assert.IsNotNull(StorageContainerSasToken);
+            Assert.IsNotNull(StorageAccountAccessKey);
+            Assert.IsNotNull(ApplicationInsightsKey);
+
+            // Check that the StorageContainerSasToken got unquoted correctly
+            Assert.IsFalse(StorageContainerSasToken.Contains("&amp;"));
+        }
+
+
         protected bool IsRunningOnCIServer
         {
             get
@@ -31,5 +90,28 @@ protected void StartLocalFunctionsInstance()
             throw new NotImplementedException();
         }
 
+        protected string GetKeyVaultSecretValue(string secretName)
+        {
+            /* For some reason the DefaultAzureCredential (SharedTokenCacheCredential / VisualStudioCredential) returns a 403 trying to access the key vault, even when access policies are configured correctly
+             * We either use one of the following to authenticate:
+             *  - var credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions{ ExcludeSharedTokenCacheCredential = true, ExcludeVisualStudioCredential = true});
+             *  - var credential = new ChainedTokenCredential(new ManagedIdentityCredential(), new AzureCliCredential());
+             *
+             * See here for more info: https://docs.microsoft.com/en-us/answers/questions/74848/access-denied-to-first-party-service.html
+             */
+            var credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions { ExcludeSharedTokenCacheCredential = true, ExcludeVisualStudioCredential = true });
+
+            if (string.IsNullOrWhiteSpace(KeyVaultName))
+                throw new ArgumentException("The run setting file does not have a value for 'KeyVaultName'");
+
+            var keyVaultUri = $"https://{KeyVaultName}.vault.azure.net";
+            var client = new SecretClient(new Uri(keyVaultUri), credential);
+            var result = client.GetSecretAsync(secretName).Result;
+
+            return result?.Value?.Value;
+        }
+
+        
+
     }
 }