github/azure-sdk-for-cpp
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Pipeline for keyvault secrets (#2654)

Browse Source 
* Progress stream reader

* format

* Update sdk/core/azure-core/src/io/body_stream.cpp

Co-authored-by: JinmingHu <jinmhu@microsoft.com>

* PR comments

* fix doc warnings

* remove

* one more comment

* replaced if null with azure_assert

* moved from pointer to reference

* first pass

* src builds

* new line

* huzaaaaa

* maybe

* add resource for tests

* readme

* formatting

* build break url

* put proper link

* darn link

* comments from PR

* update to use gtest_main

Co-authored-by: JinmingHu <jinmhu@microsoft.com>
This commit is contained in:
George Arama 2021-07-22 08:46:21 -07:00 committed by GitHub
parent 1839061e0d
commit e4d5e31371
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 241 additions and 218 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sdk/keyvault/ci.yml
View File

@ -41,3 +41,6 @@ stages:
- Name: azure-security-keyvault-keys
Path: azure-security-keyvault-keys
VcpkgPortName: azure-security-keyvault-keys-cpp
- Name: azure-security-keyvault-secrets
Path: azure-security-keyvault-secrets
VcpkgPortName: azure-security-keyvault-secrets-cpp

456
sdk/keyvault/test-resources.json
View File

@ -1,223 +1,243 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"baseName": {
"type": "string",
"defaultValue": "[resourceGroup().name]",
"metadata": {
"description": "The base resource name."
}
},
"keyName": {
"type": "string",
"defaultValue": "testKey",
"metadata": {
"description": "The initial key in the keys."
}
},
"tenantId": {
"type": "string",
"defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"metadata": {
"description": "The tenant ID to which the application and resources belong."
}
},
"testApplicationId": {
"type": "string",
"metadata": {
"description": "The application client ID used to run tests."
}
},
"testApplicationSecret": {
"type": "string",
"metadata": {
"description": "The application client secret used to run tests."
}
},
"testApplicationOid": {
"type": "string",
"defaultValue": "b3653439-8136-4cd5-aac3-2a9460871ca6",
"metadata": {
"description": "The client OID to grant access to test resources."
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "The location of the resource. By default, this is the same as the resource group."
}
},
"enableSoftDelete": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Whether to enable soft delete for the Key Vault. The default is true."
}
},
"keyVaultDomainSuffix": {
"type": "string",
"defaultValue": ".vault.azure.net",
"metadata": {
"description": "Domain suffix for sovereign clouds, requies the preceeding '.'. The default uses the public Azure Cloud (.vault.azure.net)"
}
},
"keyVaultSku": {
"type": "string",
"defaultValue": "premium",
"metadata": {
"description": "Key Vault SKU to deploy. The default is 'premium'"
}
},
"keyType": {
"type": "string",
"defaultValue": "RSA",
"metadata": {
"description": "The JsonWebKeyType of the key to be created."
}
},
"keyOps": {
"type": "array",
"defaultValue": [],
"metadata": {
"description": "The permitted JSON web key operations of the key to be created."
}
},
"keySize": {
"type": "int",
"defaultValue": 2048,
"metadata": {
"description": "The size in bits of the key to be created."
}
},
"curveName": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The JsonWebKeyCurveName of the key to be created."
}
}
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"baseName": {
"type": "string",
"defaultValue": "[resourceGroup().name]",
"metadata": {
"description": "The base resource name."
}
},
"variables": {
"azureKeyVaultUrl": "[format('https://{0}{1}/', parameters('baseName'), parameters('keyVaultDomainSuffix'))]"
"keyName": {
"type": "string",
"defaultValue": "testKey",
"metadata": {
"description": "The initial key in the keys."
}
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults",
"apiVersion": "2019-09-01",
"name": "[parameters('baseName')]",
"location": "[parameters('location')]",
"properties": {
"sku": {
"family": "A",
"name": "[parameters('keyVaultSku')]"
},
"tenantId": "[parameters('tenantId')]",
"accessPolicies": [
{
"tenantId": "[parameters('tenantId')]",
"objectId": "[parameters('testApplicationOid')]",
"permissions": {
"keys": [
"get",
"list",
"update",
"create",
"import",
"delete",
"recover",
"backup",
"restore",
"decrypt",
"encrypt",
"unwrapKey",
"wrapKey",
"verify",
"sign",
"purge"
],
"secrets": [
"get",
"list",
"set",
"delete",
"recover",
"backup",
"restore",
"purge"
],
"certificates": [
"get",
"list",
"update",
"create",
"import",
"delete",
"recover",
"backup",
"restore",
"managecontacts",
"manageissuers",
"getissuers",
"listissuers",
"setissuers",
"deleteissuers",
"purge"
]
}
}
],
"enabledForDeployment": false,
"enabledForDiskEncryption": false,
"enabledForTemplateDeployment": false,
"enableSoftDelete": "[parameters('enableSoftDelete')]"
}
},
{
"type": "Microsoft.KeyVault/vaults/keys",
"apiVersion": "2019-09-01",
"name": "[concat(parameters('baseName'), '/', parameters('keyName'))]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]"
],
"properties": {
"kty": "[parameters('keyType')]",
"keyOps": "[parameters('keyOps')]",
"keySize": "[parameters('keySize')]",
"curveName": "[parameters('curveName')]"
}
}
],
"outputs": {
"AZURE_KEYVAULT_URL": {
"type": "string",
"value": "[variables('azureKeyVaultUrl')]"
},
"AZURE_KEYVAULT_HSM_URL": {
"type": "string",
"value": "[variables('azureKeyVaultUrl')]"
},
"AZURE_TENANT_ID": {
"type": "string",
"value": "[parameters('tenantId')]"
},
"AZURE_CLIENT_ID": {
"type": "string",
"value": "[parameters('testApplicationId')]"
},
"AZURE_CLIENT_SECRET": {
"type": "string",
"value": "[parameters('testApplicationSecret')]"
},
"KEYVAULT_SKU": {
"type": "string",
"value": "[reference(parameters('baseName')).sku.name]"
},
"CLIENT_OBJECTID": {
"type": "string",
"value": "[parameters('testApplicationOid')]"
}
"secretName": {
"type": "string",
"defaultValue": "testSecret",
"metadata": {
"description": "The initial secret in the secrets."
}
},
"tenantId": {
"type": "string",
"defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"metadata": {
"description": "The tenant ID to which the application and resources belong."
}
},
"testApplicationId": {
"type": "string",
"metadata": {
"description": "The application client ID used to run tests."
}
},
"testApplicationSecret": {
"type": "string",
"metadata": {
"description": "The application client secret used to run tests."
}
},
"testApplicationOid": {
"type": "string",
"defaultValue": "b3653439-8136-4cd5-aac3-2a9460871ca6",
"metadata": {
"description": "The client OID to grant access to test resources."
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "The location of the resource. By default, this is the same as the resource group."
}
},
"enableSoftDelete": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Whether to enable soft delete for the Key Vault. The default is true."
}
},
"keyVaultDomainSuffix": {
"type": "string",
"defaultValue": ".vault.azure.net",
"metadata": {
"description": "Domain suffix for sovereign clouds, requies the preceeding '.'. The default uses the public Azure Cloud (.vault.azure.net)"
}
},
"keyVaultSku": {
"type": "string",
"defaultValue": "premium",
"metadata": {
"description": "Key Vault SKU to deploy. The default is 'premium'"
}
},
"keyType": {
"type": "string",
"defaultValue": "RSA",
"metadata": {
"description": "The JsonWebKeyType of the key to be created."
}
},
"keyOps": {
"type": "array",
"defaultValue": [],
"metadata": {
"description": "The permitted JSON web key operations of the key to be created."
}
},
"keySize": {
"type": "int",
"defaultValue": 2048,
"metadata": {
"description": "The size in bits of the key to be created."
}
},
"curveName": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The JsonWebKeyCurveName of the key to be created."
}
}
},
"variables": {
"azureKeyVaultUrl": "[format('https://{0}{1}/', parameters('baseName'), parameters('keyVaultDomainSuffix'))]"
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults",
"apiVersion": "2019-09-01",
"name": "[parameters('baseName')]",
"location": "[parameters('location')]",
"properties": {
"sku": {
"family": "A",
"name": "[parameters('keyVaultSku')]"
},
"tenantId": "[parameters('tenantId')]",
"accessPolicies": [
{
"tenantId": "[parameters('tenantId')]",
"objectId": "[parameters('testApplicationOid')]",
"permissions": {
"keys": [
"get",
"list",
"update",
"create",
"import",
"delete",
"recover",
"backup",
"restore",
"decrypt",
"encrypt",
"unwrapKey",
"wrapKey",
"verify",
"sign",
"purge"
],
"secrets": [
"get",
"list",
"set",
"delete",
"recover",
"backup",
"restore",
"purge"
],
"certificates": [
"get",
"list",
"update",
"create",
"import",
"delete",
"recover",
"backup",
"restore",
"managecontacts",
"manageissuers",
"getissuers",
"listissuers",
"setissuers",
"deleteissuers",
"purge"
]
}
}
],
"enabledForDeployment": false,
"enabledForDiskEncryption": false,
"enabledForTemplateDeployment": false,
"enableSoftDelete": "[parameters('enableSoftDelete')]"
}
},
{
"type": "Microsoft.KeyVault/vaults/keys",
"apiVersion": "2019-09-01",
"name": "[concat(parameters('baseName'), '/', parameters('keyName'))]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]"
],
"properties": {
"kty": "[parameters('keyType')]",
"keyOps": "[parameters('keyOps')]",
"keySize": "[parameters('keySize')]",
"curveName": "[parameters('curveName')]"
}
},
{
"type": "Microsoft.KeyVault/vaults/secrets",
"apiVersion": "2019-09-01",
"name": "[concat(parameters('baseName'), '/', parameters('secretName'))]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]"
],
"properties": {
"value": "azbxyzabcxyz"
}
}
],
"outputs": {
"AZURE_KEYVAULT_URL": {
"type": "string",
"value": "[variables('azureKeyVaultUrl')]"
},
"AZURE_KEYVAULT_HSM_URL": {
"type": "string",
"value": "[variables('azureKeyVaultUrl')]"
},
"AZURE_TENANT_ID": {
"type": "string",
"value": "[parameters('tenantId')]"
},
"AZURE_CLIENT_ID": {
"type": "string",
"value": "[parameters('testApplicationId')]"
},
"AZURE_CLIENT_SECRET": {
"type": "string",
"value": "[parameters('testApplicationSecret')]"
},
"KEYVAULT_SKU": {
"type": "string",
"value": "[reference(parameters('baseName')).sku.name]"
},
"CLIENT_OBJECTID": {
"type": "string",
"value": "[parameters('testApplicationOid')]"
}
}
}