From 4bba28a7f2ac4f78fe9d7208ccca1d0c98c0c546 Mon Sep 17 00:00:00 2001 From: Yan Xu Date: Tue, 6 Jun 2023 10:22:14 +0800 Subject: [PATCH] [Test] Add Positive and Negative Scenario Tests (#332) * [Test] Add test cases for PR checks * update checkout version * use another env * print token for check * update env back to Automation test --- .github/workflows/azure-login-negative.yml | 359 +++++++++++++++++++++ .github/workflows/azure-login-positive.yml | 187 +++++++++++ 2 files changed, 546 insertions(+) create mode 100644 .github/workflows/azure-login-negative.yml create mode 100644 .github/workflows/azure-login-positive.yml diff --git a/.github/workflows/azure-login-negative.yml b/.github/workflows/azure-login-negative.yml new file mode 100644 index 000000000..42e2e3bc4 --- /dev/null +++ b/.github/workflows/azure-login-negative.yml @@ -0,0 +1,359 @@ +name: Azure Login Action Negative Test +on: + workflow_dispatch: + push: + +permissions: + id-token: write + contents: read + +jobs: + + OSTest: + runs-on: macos-latest + environment: Automation test + + steps: + - name: 'Checking out repo code' + uses: actions/checkout@v3.5.2 + + - name: Set Node.js 16.x for GitHub Action + uses: actions/setup-node@v1 + with: + node-version: 16.x + + - name: 'Validate build' + run: | + npm install + npm run build + + - name: 'Run L0 tests' + id: run_test + continue-on-error: true + run: | + npm run test + + - name: Check Last step failed + if: steps.run_test.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Login with creds + id: login_1 + continue-on-error: true + uses: ./ + with: + creds: ${{secrets.SP1}} + enable-AzPSSession: true + + - name: Check Last step failed + if: steps.login_1.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Run Azure Cli + run: | + az account show + az group show --name GitHubActionGroup + az vm list + + - name: Run Azure PowerShell + id: ps_1 + continue-on-error: true + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List + Get-AzResourceGroup -Name GitHubActionGroup + Get-AzVM + + - name: Check Last step failed + if: steps.ps_1.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Login with individual parameters + id: login_2 + continue-on-error: true + uses: ./ + with: + client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }} + tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }} + subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }} + allow-no-subscriptions: true + enable-AzPSSession: true + + - name: Check Last step failed + if: steps.login_2.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Run Azure Cli again + run: | + az account show + + - name: Run Azure PowerShell again + id: ps_2 + continue-on-error: true + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List + + - name: Check Last step failed + if: steps.ps_2.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + PermissionTest: + strategy: + matrix: + os: [ubuntu-latest, windows-latest] + runs-on: ${{ matrix.os }} + environment: Automation test + + steps: + + - name: 'Checking out repo code' + uses: actions/checkout@v3.5.2 + + - name: Set Node.js 16.x for GitHub Action + uses: actions/setup-node@v1 + with: + node-version: 16.x + + - name: 'Validate build' + run: | + npm install + npm run build + + - name: Login with individual parameters + uses: ./ + with: + client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }} + tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }} + subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }} + allow-no-subscriptions: true + enable-AzPSSession: true + + - name: Run Azure Cli + id: cli_3 + continue-on-error: true + run: | + az account show + az group show --name GitHubActionGroup + az vm list + + - name: Check Last step failed + if: steps.cli_3.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Run Azure PowerShell + id: ps_3 + continue-on-error: true + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List + Get-AzResourceGroup -Name GitHubActionGroup + Get-AzVM + + - name: Check Last step failed + if: steps.ps_3.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + ParameterTest: + strategy: + matrix: + os: [ubuntu-latest, windows-latest] + runs-on: ${{ matrix.os }} + environment: Automation test + + steps: + - name: 'Checking out repo code' + uses: actions/checkout@v3.5.2 + + - name: Set Node.js 16.x for GitHub Action + uses: actions/setup-node@v1 + with: + node-version: 16.x + + - name: 'Validate build' + run: | + npm install + npm run build + + - name: Login with creds, missing parameters in creds + id: login_4 + continue-on-error: true + uses: ./ + with: + creds: ${{secrets.SP3_NO_Secret}} + enable-AzPSSession: true + + - name: Check Last step failed + if: steps.login_4.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Login with creds, wrong keys + id: login_5 + continue-on-error: true + uses: ./ + with: + creds: ${{secrets.SP4_Wrong_Key}} + enable-AzPSSession: true + + - name: Check Last step failed + if: steps.login_5.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Login with creds, no creds or individual parameters + id: login_6 + continue-on-error: true + uses: ./ + with: + enable-AzPSSession: true + + - name: Check Last step failed + if: steps.login_6.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Login with individual parameters, only client-id, no tenant-id, subscription-id + id: login_7 + continue-on-error: true + uses: ./ + with: + client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }} + allow-no-subscriptions: true + enable-AzPSSession: true + + - name: Check Last step failed + if: steps.login_7.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Login with individual parameters, only tenant-id, subscription-id, no client-id + id: login_8 + continue-on-error: true + uses: ./ + with: + tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }} + subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }} + allow-no-subscriptions: true + enable-AzPSSession: true + + - name: Check Last step failed + if: steps.login_8.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Login with creds, disable ps session + uses: ./ + with: + creds: ${{secrets.SP1}} + enable-AzPSSession: false + + - name: Run Azure Cli + run: | + az account show + az group show --name GitHubActionGroup + az vm list + + - name: Run Azure PowerShell + id: ps_8 + continue-on-error: true + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List + Get-AzResourceGroup -Name GitHubActionGroup + Get-AzVM + + - name: Check Last step failed + if: steps.ps_8.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Login with creds, wrong boolean value + uses: ./ + with: + creds: ${{secrets.SP1}} + enable-AzPSSession: notboolean + + - name: Run Azure Cli + run: | + az account show + az group show --name GitHubActionGroup + az vm list + + - name: Run Azure PowerShell + id: ps_9 + continue-on-error: true + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List + Get-AzResourceGroup -Name GitHubActionGroup + Get-AzVM + + - name: Check Last step failed + if: steps.ps_9.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') + + - name: Login with individual parameters, with a wrong audience + id: login_10 + continue-on-error: true + uses: ./ + with: + client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }} + tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }} + subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }} + audience: "https://github.com/actions" + allow-no-subscriptions: true + enable-AzPSSession: true + + - name: Check Last step failed + if: steps.login_10.outcome == 'success' + uses: actions/github-script@v3 + with: + script: | + core.setFailed('Last action should fail but not. Please check it.') \ No newline at end of file diff --git a/.github/workflows/azure-login-positive.yml b/.github/workflows/azure-login-positive.yml new file mode 100644 index 000000000..a2a1b04dd --- /dev/null +++ b/.github/workflows/azure-login-positive.yml @@ -0,0 +1,187 @@ +name: Azure Login Action Positive Test +on: + workflow_dispatch: + push: + +permissions: + id-token: write + contents: read + +jobs: + + BasicTest: + strategy: + matrix: + os: [ubuntu-latest, windows-latest, self_linux, self_windows] + runs-on: ${{ matrix.os }} + environment: Automation test + + steps: + - name: 'Checking out repo code' + uses: actions/checkout@v3.5.2 + + - name: Set Node.js 16.x for GitHub Action + uses: actions/setup-node@v1 + with: + node-version: 16.x + + - name: 'Validate build' + run: | + npm install + npm run build + + - name: 'Run L0 tests' + run: | + npm run test + + - name: Login with creds + uses: ./ + with: + creds: ${{secrets.SP1}} + enable-AzPSSession: true + + - name: Run Azure Cli + run: | + az account show + az group show --name GitHubActionGroup + az vm list + + - name: Run Azure PowerShell + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List + Get-AzResourceGroup -Name GitHubActionGroup + Get-AzVM + + - name: Login with individual parameters + uses: ./ + with: + client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }} + tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }} + subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }} + allow-no-subscriptions: true + enable-AzPSSession: true + + - name: Run Azure Cli again + run: | + az account show + + - name: Run Azure PowerShell again + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List + + ParameterTest: + strategy: + matrix: + os: [ubuntu-latest, windows-latest] + runs-on: ${{ matrix.os }} + environment: Automation test + + steps: + - name: 'Checking out repo code' + uses: actions/checkout@v3.5.2 + + - name: Set Node.js 16.x for GitHub Action + uses: actions/setup-node@v1 + with: + node-version: 16.x + + - name: 'Validate build' + run: | + npm install + npm run build + + - name: Login with both creds and individual parameters + uses: ./ + with: + creds: ${{secrets.SP1}} + client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }} + tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }} + subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }} + enable-AzPSSession: true + + - name: Run Azure Cli + run: | + az account show + az group show --name GitHubActionGroup + az vm list + + - name: Run Azure PowerShell + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List + Get-AzResourceGroup -Name GitHubActionGroup + Get-AzVM + + - name: Login with creds, disable ps session + uses: ./ + with: + creds: ${{secrets.SP1}} + enable-AzPSSession: false + + - name: Run Azure Cli + run: | + az account show + az group show --name GitHubActionGroup + az vm list + + - name: Login with creds, wrong boolean value + uses: ./ + with: + creds: ${{secrets.SP1}} + enable-AzPSSession: notboolean + + - name: Run Azure Cli + run: | + az account show + az group show --name GitHubActionGroup + az vm list + + - name: Login with creds, allow no subscription + uses: ./ + with: + creds: ${{secrets.SP1}} + allow-no-subscriptions: true + enable-AzPSSession: true + + - name: Run Azure Cli + run: | + az account show + az group show --name GitHubActionGroup + az vm list + + - name: Run Azure PowerShell + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List + Get-AzResourceGroup -Name GitHubActionGroup + Get-AzVM + + - name: Login with individual parameters, no subscription, allow no subscription + uses: ./ + with: + client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }} + tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }} + allow-no-subscriptions: true + enable-AzPSSession: true + + - name: Run Azure Cli + run: | + az account show + + - name: Run Azure PowerShell + uses: azure/powershell@v1.2.0 + with: + azPSVersion: "latest" + inlineScript: | + Get-AzContext | Format-List +