Enable keyvault live tests (#1496)

Expecting to see the GetKey api passing on live test

sdk/keyvault/azure-security-keyvault-common/test/CMakeLists.txt

@@ -24,4 +24,4 @@ target_link_libraries(azure-security-keyvault-common-test PUBLIC azure-security-
 # gtest_add_tests will scan the test from azure-core-test and call add_test
 # for each test to ctest. This enables `ctest -r` to run specific tests directly.
 gtest_add_tests(TARGET azure-security-keyvault-common-test
-     TEST_PREFIX azure-security-keyvault-common-test.)
+     TEST_PREFIX azure-security-keyvault-common-unittest.)

sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/key_vault.hpp

@@ -4,4 +4,11 @@
 #pragma once
 
 #include "azure/keyvault/keys/dll_import_export.hpp"
+#include "azure/keyvault/keys/json_web_key.hpp"
 #include "azure/keyvault/keys/key_client.hpp"
+#include "azure/keyvault/keys/key_client_options.hpp"
+#include "azure/keyvault/keys/key_operation.hpp"
+#include "azure/keyvault/keys/key_properties.hpp"
+#include "azure/keyvault/keys/key_release_policy.hpp"
+#include "azure/keyvault/keys/key_type.hpp"
+#include "azure/keyvault/keys/key_vault_key.hpp"

sdk/keyvault/azure-security-keyvault-keys/test/CMakeLists.txt

@@ -9,6 +9,7 @@ set(CMAKE_CXX_STANDARD_REQUIRED True)
 
 include(GoogleTest)
 
+################## Unit Tests ##########################
 add_executable (
   azure-security-keyvault-keys-test
   key_client_test.cpp  
@@ -24,4 +25,23 @@ target_link_libraries(azure-security-keyvault-keys-test PRIVATE azure-security-k
 # gtest_add_tests will scan the test from azure-core-test and call add_test
 # for each test to ctest. This enables `ctest -r` to run specific tests directly.
 gtest_add_tests(TARGET azure-security-keyvault-keys-test
-     TEST_PREFIX azure-security-keyvault-keys-test.)
+     TEST_PREFIX azure-security-keyvault-keys-unittest.)
+
+
+################## Live Tests ##########################
+add_executable (
+  azure-security-keyvault-keys-test-live
+  key_client_test_live.cpp
+  main.cpp
+)
+
+if (MSVC)
+  target_compile_options(azure-security-keyvault-keys-test-live PUBLIC /wd6326 /wd26495 /wd26812)
+endif()
+
+target_link_libraries(azure-security-keyvault-keys-test-live PRIVATE azure-security-keyvault-keys azure-identity gtest gmock)
+
+# gtest_add_tests will scan the test from azure-core-test and call add_test
+# for each test to ctest. This enables `ctest -r` to run specific tests directly.
+gtest_add_tests(TARGET azure-security-keyvault-keys-test-live
+     TEST_PREFIX azure-security-keyvault-keys-livetest.)

sdk/keyvault/azure-security-keyvault-keys/test/key_client_base_test.hpp

@@ -0,0 +1,39 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+/**
+ * @file
+ * @brief The base class to construct and init a Key Vault client.
+ *
+ */
+
+#include <gtest/gtest.h>
+
+#include <azure/core/context.hpp>
+#include <azure/identity/client_secret_credential.hpp>
+#include <azure/keyvault/key_vault.hpp>
+
+#include <cstdio>
+
+namespace Azure { namespace Security { namespace KeyVault { namespace Keys { namespace Test {
+
+  class KeyVaultClientTest : public ::testing::Test {
+  protected:
+    std::shared_ptr<Azure::Identity::ClientSecretCredential> m_credential;
+    std::string m_keyVaultUrl;
+    std::unique_ptr<Azure::Security::KeyVault::Keys::KeyClient> m_client;
+
+    // Create
+    virtual void SetUp() override
+    {
+      std::string tenantId = std::getenv("AZURE_TENANT_ID");
+      std::string clientId = std::getenv("AZURE_CLIENT_ID");
+      std::string secretId = std::getenv("AZURE_CLIENT_SECRET");
+      m_credential
+          = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, secretId);
+
+      m_keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL");
+    }
+  };
+
+}}}}} // namespace Azure::Security::KeyVault::Keys::Test

sdk/keyvault/azure-security-keyvault-keys/test/key_client_test.cpp

@@ -15,17 +15,12 @@ TEST(KeyClient, initClient)
 {
   auto credential
       = std::make_shared<Azure::Identity::ClientSecretCredential>("tenantID", "AppId", "SecretId");
-  EXPECT_NO_THROW(KeyClient keyClient("vaultUrl", credential));
-}
-
-TEST(KeyClient, DISABLED_SendRequestDefault)
-{
-  auto credential
-      = std::make_shared<Azure::Identity::ClientSecretCredential>("tenantID", "AppId", "SecretId");
-  KeyClient keyClient("vaultUrl", credential);
-  auto r = keyClient.GetKey("KeyName");
-  auto t = r.ExtractValue();
-  auto rr = r.ExtractRawResponse();
-
-  EXPECT_EQ(t.Name(), "KeyName");
+  {
+    EXPECT_NO_THROW(KeyClient keyClient("vaultUrl", credential));
+  }
+  {
+    KeyClientOptions options;
+    options.RetryOptions.MaxRetries = 10;
+    EXPECT_NO_THROW(KeyClient keyClient("vaultUrl", credential));
+  }
 }

sdk/keyvault/azure-security-keyvault-keys/test/key_client_test_live.cpp

@@ -0,0 +1,29 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+#if defined(_MSC_VER)
+#define _CRT_SECURE_NO_WARNINGS
+#endif
+
+#include "gtest/gtest.h"
+
+#include "key_client_base_test.hpp"
+
+#include <azure/keyvault/key_vault.hpp>
+
+#include <string>
+
+using namespace Azure::Security::KeyVault::Keys::Test;
+
+TEST_F(KeyVaultClientTest, GetKey)
+{
+  Azure::Security::KeyVault::Keys::KeyClient keyClient(m_keyVaultUrl, m_credential);
+  // Assuming and RS Key exists in the KeyVault Account.
+  std::string keyName("testKey");
+
+  auto r = keyClient.GetKey(keyName);
+  auto key = r.ExtractValue();
+
+  EXPECT_EQ(key.Name(), keyName);
+  EXPECT_EQ(key.GetKeyType(), Azure::Security::KeyVault::Keys::KeyTypeEnum::Rsa);
+}

sdk/keyvault/azure-security-keyvault-keys/test/main.cpp

@@ -3,9 +3,22 @@
 
 #include "gtest/gtest.h"
 
+#if defined(BUILD_CURL_HTTP_TRANSPORT_ADAPTER)
+#include <curl/curl.h>
+#endif
+
 int main(int argc, char** argv)
 {
+#if defined(BUILD_CURL_HTTP_TRANSPORT_ADAPTER)
+  curl_global_init(CURL_GLOBAL_ALL);
+#endif
+
   testing::InitGoogleTest(&argc, argv);
   auto r = RUN_ALL_TESTS();
+
+#if defined(BUILD_CURL_HTTP_TRANSPORT_ADAPTER)
+  // Can't call global cleanup due to: https://github.com/Azure/azure-sdk-for-cpp/issues/1499
+  // curl_global_cleanup();
+#endif
   return r;
 }

sdk/keyvault/ci.yml

@@ -33,9 +33,9 @@ stages:
   - template: ../../eng/pipelines/templates/stages/archetype-sdk-client.yml
     parameters:
       ServiceDirectory: keyvault
-      CtestRegex: azure-security-keyvault
-      LiveTestCtestRegex: live-azure-security-keyvault
-      SubscriptionConfiguration: $(sub-config-azure-cloud-test-resources-preview)
+      CtestRegex: "azure-security-keyvault.*-unittest"
+      LiveTestCtestRegex: "azure-security-keyvault.*-livetest"
+      SubscriptionConfiguration: $(sub-config-azure-cloud-test-resources)
       Artifacts:
         - Name: azure-security-keyvault-common
           Path: azure-security-keyvault-common

sdk/keyvault/test-resources.json

@@ -9,6 +9,13 @@
                 "description": "The base resource name."
             }
         },
+        "keyName": {
+            "type": "string",
+            "defaultValue": "testKey",
+            "metadata": {
+                "description": "The initial key in the keys."
+            }
+        },
         "tenantId": {
             "type": "string",
             "defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47",
@@ -16,6 +23,18 @@
                 "description": "The tenant ID to which the application and resources belong."
             }
         },
+        "testApplicationId": {
+            "type": "string",
+            "metadata": {
+                "description": "The application client ID used to run tests."
+            }
+        },
+        "testApplicationSecret": {
+            "type": "string",
+            "metadata": {
+                "description": "The application client secret used to run tests."
+            }
+        },
         "testApplicationOid": {
             "type": "string",
             "defaultValue": "b3653439-8136-4cd5-aac3-2a9460871ca6",
@@ -30,26 +49,6 @@
                 "description": "The location of the resource. By default, this is the same as the resource group."
             }
         },
-        "hsmLocation": {
-            "type": "string",
-            "defaultValue": "southcentralus",
-            "allowedValues": [
-                "eastus2",
-                "southcentralus",
-                "northeurope",
-                "westeurope"
-            ],
-            "metadata": {
-                "description": "The location of the Managed HSM. By default, this is 'southcentralus'."
-            }
-        },
-        "enableHsm": {
-            "type": "bool",
-            "defaultValue": false,
-            "metadata": {
-                "description": "Whether to enable deployment of Managed HSM. The default is false."
-            }
-        },
         "enableSoftDelete": {
             "type": "bool",
             "defaultValue": true,
@@ -70,34 +69,43 @@
             "metadata": {
                 "description": "Key Vault SKU to deploy. The default is 'premium'"
             }
+        },
+        "keyType": {
+            "type": "string",
+            "defaultValue": "RSA",
+            "metadata": {
+                "description": "The JsonWebKeyType of the key to be created."
+            }
+        },
+        "keyOps": {
+            "type": "array",
+            "defaultValue": [],
+            "metadata": {
+                "description": "The permitted JSON web key operations of the key to be created."
+            }
+        },
+        "keySize": {
+            "type": "int",
+            "defaultValue": 2048,
+            "metadata": {
+                "description": "The size in bits of the key to be created."
+            }
+        },
+        "curveName": {
+            "type": "string",
+            "defaultValue": "",
+            "metadata": {
+                "description": "The JsonWebKeyCurveName of the key to be created."
+            }
         }
     },
     "variables": {
-        "azureKeyVaultUrl": "[format('https://{0}{1}', parameters('baseName'), parameters('keyVaultDomainSuffix'))]",
-        "hsmApiVersion": "2020-04-01-preview",
-        "hsmName": "[concat(parameters('baseName'), 'hsm')]",
-        "mgmtApiVersion": "2019-04-01",
-        "blobContainerName": "backup",
-        "primaryAccountName": "[concat(parameters('baseName'), 'prim')]",
-        "encryption": {
-            "services": {
-                "blob": {
-                    "enabled": true
-                }
-            },
-            "keySource": "Microsoft.Storage"
-        },
-        "networkAcls": {
-            "bypass": "AzureServices",
-            "virtualNetworkRules": [],
-            "ipRules": [],
-            "defaultAction": "Allow"
-        }
+        "azureKeyVaultUrl": "[format('https://{0}{1}', parameters('baseName'), parameters('keyVaultDomainSuffix'))]"
     },
     "resources": [
         {
             "type": "Microsoft.KeyVault/vaults",
-            "apiVersion": "2016-10-01",
+            "apiVersion": "2019-09-01",
             "name": "[parameters('baseName')]",
             "location": "[parameters('location')]",
             "properties": {
@@ -167,71 +175,18 @@
             }
         },
         {
-            "type": "Microsoft.KeyVault/managedHSMs",
-            "apiVersion": "[variables('hsmApiVersion')]",
-            "name": "[variables('hsmName')]",
-            "condition": "[parameters('enableHsm')]",
-            "location": "[parameters('hsmLocation')]",
-            "sku": {
-                "family": "B",
-                "name": "Standard_B1"
-            },
-            "properties": {
-                "tenantId": "[parameters('tenantId')]",
-                "initialAdminObjectIds": [
-                    "[parameters('testApplicationOid')]"
-                ],
-                "enablePurgeProtection": false,
-                "enableSoftDelete": "[parameters('enableSoftDelete')]"
-            }
-        },
-        {
-            "type": "Microsoft.Storage/storageAccounts",
-            "apiVersion": "[variables('mgmtApiVersion')]",
-            "name": "[variables('primaryAccountName')]",
+            "type": "Microsoft.KeyVault/vaults/keys",
+            "apiVersion": "2019-09-01",
+            "name": "[concat(parameters('baseName'), '/', parameters('keyName'))]",
             "location": "[parameters('location')]",
-            "sku": {
-                "name": "Standard_RAGRS",
-                "tier": "Standard"
-            },
-            "kind": "StorageV2",
-            "properties": {
-                "networkAcls": "[variables('networkAcls')]",
-                "supportsHttpsTrafficOnly": true,
-                "encryption": "[variables('encryption')]",
-                "accessTier": "Hot"
-            }
-        },
-        {
-            "type": "Microsoft.Storage/storageAccounts/blobServices",
-            "apiVersion": "2019-06-01",
-            "name": "[concat(variables('primaryAccountName'), '/default')]",
             "dependsOn": [
-                "[resourceId('Microsoft.Storage/storageAccounts', variables('primaryAccountName'))]"
-            ],
-            "sku": {
-                "name": "Standard_RAGRS",
-                "tier": "Standard"
-            },
-            "properties": {
-                "cors": {
-                    "corsRules": []
-                },
-                "deleteRetentionPolicy": {
-                    "enabled": false
-                }
-            }
-        },
-        {
-            "type": "Microsoft.Storage/storageAccounts/blobServices/containers",
-            "apiVersion": "2019-06-01",
-            "name": "[concat(variables('primaryAccountName'), '/default/', variables('blobContainerName'))]",
-            "dependsOn": [
-                "[resourceId('Microsoft.Storage/storageAccounts/blobServices', variables('primaryAccountName'), 'default')]",
-                "[resourceId('Microsoft.Storage/storageAccounts', variables('primaryAccountName'))]"
+                "[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]"
             ],
             "properties": {
-                "publicAccess": "None"
+                "kty": "[parameters('keyType')]",
+                "keyOps": "[parameters('keyOps')]",
+                "keySize": "[parameters('keySize')]",
+                "curveName": "[parameters('curveName')]"
             }
         }
     ],
@@ -240,10 +195,17 @@
             "type": "string",
             "value": "[variables('azureKeyVaultUrl')]"
         },
-        "AZURE_MANAGEDHSM_URL": {
+        "AZURE_TENANT_ID": {
             "type": "string",
-            "condition": "[parameters('enableHsm')]",
-            "value": "[reference(variables('hsmName')).hsmUri]"
+            "value": "[parameters('tenantId')]"
+        },
+        "AZURE_CLIENT_ID": {
+            "type": "string",
+            "value": "[parameters('testApplicationId')]"
+        },
+        "AZURE_CLIENT_SECRET": {
+            "type": "string",
+            "value": "[parameters('testApplicationSecret')]"
         },
         "KEYVAULT_SKU": {
             "type": "string",
@@ -252,18 +214,6 @@
         "CLIENT_OBJECTID": {
             "type": "string",
             "value": "[parameters('testApplicationOid')]"
-        },
-        "BLOB_STORAGE_ACCOUNT_NAME": {
-            "type": "string",
-            "value": "[variables('primaryAccountName')]"
-        },
-        "BLOB_PRIMARY_STORAGE_ACCOUNT_KEY": {
-            "type": "string",
-            "value": "[listKeys(variables('primaryAccountName'), variables('mgmtApiVersion')).keys[0].value]"
-        },
-        "BLOB_CONTAINER_NAME": {
-            "type": "string",
-            "value": "[variables('blobContainerName')]"
         }
     }
 }