From e4d5e31371ce8e47a9c5d60c02e240dc00575f31 Mon Sep 17 00:00:00 2001 From: George Arama <50641385+gearama@users.noreply.github.com> Date: Thu, 22 Jul 2021 08:46:21 -0700 Subject: [PATCH] Pipeline for keyvault secrets (#2654) * Progress stream reader * format * Update sdk/core/azure-core/src/io/body_stream.cpp Co-authored-by: JinmingHu * PR comments * fix doc warnings * remove * one more comment * replaced if null with azure_assert * moved from pointer to reference * first pass * src builds * new line * huzaaaaa * maybe * add resource for tests * readme * formatting * build break url * put proper link * darn link * comments from PR * update to use gtest_main Co-authored-by: JinmingHu --- sdk/keyvault/ci.yml | 3 + sdk/keyvault/test-resources.json | 456 ++++++++++++++++--------------- 2 files changed, 241 insertions(+), 218 deletions(-) diff --git a/sdk/keyvault/ci.yml b/sdk/keyvault/ci.yml index 74e405345..d72724310 100644 --- a/sdk/keyvault/ci.yml +++ b/sdk/keyvault/ci.yml @@ -41,3 +41,6 @@ stages: - Name: azure-security-keyvault-keys Path: azure-security-keyvault-keys VcpkgPortName: azure-security-keyvault-keys-cpp + - Name: azure-security-keyvault-secrets + Path: azure-security-keyvault-secrets + VcpkgPortName: azure-security-keyvault-secrets-cpp diff --git a/sdk/keyvault/test-resources.json b/sdk/keyvault/test-resources.json index 4d98cd08e..71c8cf4c1 100644 --- a/sdk/keyvault/test-resources.json +++ b/sdk/keyvault/test-resources.json @@ -1,223 +1,243 @@ { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "baseName": { - "type": "string", - "defaultValue": "[resourceGroup().name]", - "metadata": { - "description": "The base resource name." - } - }, - "keyName": { - "type": "string", - "defaultValue": "testKey", - "metadata": { - "description": "The initial key in the keys." - } - }, - "tenantId": { - "type": "string", - "defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47", - "metadata": { - "description": "The tenant ID to which the application and resources belong." - } - }, - "testApplicationId": { - "type": "string", - "metadata": { - "description": "The application client ID used to run tests." - } - }, - "testApplicationSecret": { - "type": "string", - "metadata": { - "description": "The application client secret used to run tests." - } - }, - "testApplicationOid": { - "type": "string", - "defaultValue": "b3653439-8136-4cd5-aac3-2a9460871ca6", - "metadata": { - "description": "The client OID to grant access to test resources." - } - }, - "location": { - "type": "string", - "defaultValue": "[resourceGroup().location]", - "metadata": { - "description": "The location of the resource. By default, this is the same as the resource group." - } - }, - "enableSoftDelete": { - "type": "bool", - "defaultValue": true, - "metadata": { - "description": "Whether to enable soft delete for the Key Vault. The default is true." - } - }, - "keyVaultDomainSuffix": { - "type": "string", - "defaultValue": ".vault.azure.net", - "metadata": { - "description": "Domain suffix for sovereign clouds, requies the preceeding '.'. The default uses the public Azure Cloud (.vault.azure.net)" - } - }, - "keyVaultSku": { - "type": "string", - "defaultValue": "premium", - "metadata": { - "description": "Key Vault SKU to deploy. The default is 'premium'" - } - }, - "keyType": { - "type": "string", - "defaultValue": "RSA", - "metadata": { - "description": "The JsonWebKeyType of the key to be created." - } - }, - "keyOps": { - "type": "array", - "defaultValue": [], - "metadata": { - "description": "The permitted JSON web key operations of the key to be created." - } - }, - "keySize": { - "type": "int", - "defaultValue": 2048, - "metadata": { - "description": "The size in bits of the key to be created." - } - }, - "curveName": { - "type": "string", - "defaultValue": "", - "metadata": { - "description": "The JsonWebKeyCurveName of the key to be created." - } - } + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "baseName": { + "type": "string", + "defaultValue": "[resourceGroup().name]", + "metadata": { + "description": "The base resource name." + } }, - "variables": { - "azureKeyVaultUrl": "[format('https://{0}{1}/', parameters('baseName'), parameters('keyVaultDomainSuffix'))]" + "keyName": { + "type": "string", + "defaultValue": "testKey", + "metadata": { + "description": "The initial key in the keys." + } }, - "resources": [ - { - "type": "Microsoft.KeyVault/vaults", - "apiVersion": "2019-09-01", - "name": "[parameters('baseName')]", - "location": "[parameters('location')]", - "properties": { - "sku": { - "family": "A", - "name": "[parameters('keyVaultSku')]" - }, - "tenantId": "[parameters('tenantId')]", - "accessPolicies": [ - { - "tenantId": "[parameters('tenantId')]", - "objectId": "[parameters('testApplicationOid')]", - "permissions": { - "keys": [ - "get", - "list", - "update", - "create", - "import", - "delete", - "recover", - "backup", - "restore", - "decrypt", - "encrypt", - "unwrapKey", - "wrapKey", - "verify", - "sign", - "purge" - ], - "secrets": [ - "get", - "list", - "set", - "delete", - "recover", - "backup", - "restore", - "purge" - ], - "certificates": [ - "get", - "list", - "update", - "create", - "import", - "delete", - "recover", - "backup", - "restore", - "managecontacts", - "manageissuers", - "getissuers", - "listissuers", - "setissuers", - "deleteissuers", - "purge" - ] - } - } - ], - "enabledForDeployment": false, - "enabledForDiskEncryption": false, - "enabledForTemplateDeployment": false, - "enableSoftDelete": "[parameters('enableSoftDelete')]" - } - }, - { - "type": "Microsoft.KeyVault/vaults/keys", - "apiVersion": "2019-09-01", - "name": "[concat(parameters('baseName'), '/', parameters('keyName'))]", - "location": "[parameters('location')]", - "dependsOn": [ - "[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]" - ], - "properties": { - "kty": "[parameters('keyType')]", - "keyOps": "[parameters('keyOps')]", - "keySize": "[parameters('keySize')]", - "curveName": "[parameters('curveName')]" - } - } - ], - "outputs": { - "AZURE_KEYVAULT_URL": { - "type": "string", - "value": "[variables('azureKeyVaultUrl')]" - }, - "AZURE_KEYVAULT_HSM_URL": { - "type": "string", - "value": "[variables('azureKeyVaultUrl')]" - }, - "AZURE_TENANT_ID": { - "type": "string", - "value": "[parameters('tenantId')]" - }, - "AZURE_CLIENT_ID": { - "type": "string", - "value": "[parameters('testApplicationId')]" - }, - "AZURE_CLIENT_SECRET": { - "type": "string", - "value": "[parameters('testApplicationSecret')]" - }, - "KEYVAULT_SKU": { - "type": "string", - "value": "[reference(parameters('baseName')).sku.name]" - }, - "CLIENT_OBJECTID": { - "type": "string", - "value": "[parameters('testApplicationOid')]" - } + "secretName": { + "type": "string", + "defaultValue": "testSecret", + "metadata": { + "description": "The initial secret in the secrets." + } + }, + "tenantId": { + "type": "string", + "defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "metadata": { + "description": "The tenant ID to which the application and resources belong." + } + }, + "testApplicationId": { + "type": "string", + "metadata": { + "description": "The application client ID used to run tests." + } + }, + "testApplicationSecret": { + "type": "string", + "metadata": { + "description": "The application client secret used to run tests." + } + }, + "testApplicationOid": { + "type": "string", + "defaultValue": "b3653439-8136-4cd5-aac3-2a9460871ca6", + "metadata": { + "description": "The client OID to grant access to test resources." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the resource. By default, this is the same as the resource group." + } + }, + "enableSoftDelete": { + "type": "bool", + "defaultValue": true, + "metadata": { + "description": "Whether to enable soft delete for the Key Vault. The default is true." + } + }, + "keyVaultDomainSuffix": { + "type": "string", + "defaultValue": ".vault.azure.net", + "metadata": { + "description": "Domain suffix for sovereign clouds, requies the preceeding '.'. The default uses the public Azure Cloud (.vault.azure.net)" + } + }, + "keyVaultSku": { + "type": "string", + "defaultValue": "premium", + "metadata": { + "description": "Key Vault SKU to deploy. The default is 'premium'" + } + }, + "keyType": { + "type": "string", + "defaultValue": "RSA", + "metadata": { + "description": "The JsonWebKeyType of the key to be created." + } + }, + "keyOps": { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "The permitted JSON web key operations of the key to be created." + } + }, + "keySize": { + "type": "int", + "defaultValue": 2048, + "metadata": { + "description": "The size in bits of the key to be created." + } + }, + "curveName": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The JsonWebKeyCurveName of the key to be created." + } } + }, + "variables": { + "azureKeyVaultUrl": "[format('https://{0}{1}/', parameters('baseName'), parameters('keyVaultDomainSuffix'))]" + }, + "resources": [ + { + "type": "Microsoft.KeyVault/vaults", + "apiVersion": "2019-09-01", + "name": "[parameters('baseName')]", + "location": "[parameters('location')]", + "properties": { + "sku": { + "family": "A", + "name": "[parameters('keyVaultSku')]" + }, + "tenantId": "[parameters('tenantId')]", + "accessPolicies": [ + { + "tenantId": "[parameters('tenantId')]", + "objectId": "[parameters('testApplicationOid')]", + "permissions": { + "keys": [ + "get", + "list", + "update", + "create", + "import", + "delete", + "recover", + "backup", + "restore", + "decrypt", + "encrypt", + "unwrapKey", + "wrapKey", + "verify", + "sign", + "purge" + ], + "secrets": [ + "get", + "list", + "set", + "delete", + "recover", + "backup", + "restore", + "purge" + ], + "certificates": [ + "get", + "list", + "update", + "create", + "import", + "delete", + "recover", + "backup", + "restore", + "managecontacts", + "manageissuers", + "getissuers", + "listissuers", + "setissuers", + "deleteissuers", + "purge" + ] + } + } + ], + "enabledForDeployment": false, + "enabledForDiskEncryption": false, + "enabledForTemplateDeployment": false, + "enableSoftDelete": "[parameters('enableSoftDelete')]" + } + }, + { + "type": "Microsoft.KeyVault/vaults/keys", + "apiVersion": "2019-09-01", + "name": "[concat(parameters('baseName'), '/', parameters('keyName'))]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]" + ], + "properties": { + "kty": "[parameters('keyType')]", + "keyOps": "[parameters('keyOps')]", + "keySize": "[parameters('keySize')]", + "curveName": "[parameters('curveName')]" + } + }, + { + "type": "Microsoft.KeyVault/vaults/secrets", + "apiVersion": "2019-09-01", + "name": "[concat(parameters('baseName'), '/', parameters('secretName'))]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('baseName'))]" + ], + "properties": { + "value": "azbxyzabcxyz" + } + } + + ], + "outputs": { + "AZURE_KEYVAULT_URL": { + "type": "string", + "value": "[variables('azureKeyVaultUrl')]" + }, + "AZURE_KEYVAULT_HSM_URL": { + "type": "string", + "value": "[variables('azureKeyVaultUrl')]" + }, + "AZURE_TENANT_ID": { + "type": "string", + "value": "[parameters('tenantId')]" + }, + "AZURE_CLIENT_ID": { + "type": "string", + "value": "[parameters('testApplicationId')]" + }, + "AZURE_CLIENT_SECRET": { + "type": "string", + "value": "[parameters('testApplicationSecret')]" + }, + "KEYVAULT_SKU": { + "type": "string", + "value": "[reference(parameters('baseName')).sku.name]" + }, + "CLIENT_OBJECTID": { + "type": "string", + "value": "[parameters('testApplicationOid')]" + } + } }