Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automate Azure Container Instances testing #925

Closed
chlowell opened this issue Jan 9, 2020 · 8 comments
Closed

Automate Azure Container Instances testing #925

chlowell opened this issue Jan 9, 2020 · 8 comments
Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. EngSys This issue is impacting the engineering system. test-manual-pass

Comments

@chlowell
Copy link
Member

chlowell commented Jan 9, 2020

Tracking issue for step-by-step instructions for how to manually run e2e tests for Azure Container Instances for each of the azure-sdk-for-* languages. This issue will be used by our Vendor team for manually running tests in this scenario, and will be tracked on the EngSys backlog for eventual automation.
@chlowell chlowell added EngSys This issue is impacting the engineering system. Azure.Identity labels Jan 9, 2020
@chlowell
Copy link
Member Author

chlowell commented Jan 9, 2020
edited
Loading

Python (wait for Azure/azure-sdk-for-python#9146 to merge):

prerequisite tools

Azure resources

This test requires instances of these Azure resources:

  • Azure Key Vault
  • Azure Managed Identity
    • with secrets/set and secrets/delete permission for the Key Vault
  • Azure Container Registry

The rest of this section is a walkthrough of deploying these resources.

set environment variables to simplify copy-pasting

  • RESOURCE_GROUP
    • name of an Azure resource group
    • must be unique in the Azure subscription
    • e.g. 'pod-identity-test'
  • ACR_NAME
    • name of an Azure Container Registry
    • 5-50 alphanumeric characters
    • must be globally unique
  • MANAGED_IDENTITY_NAME
    • 3-128 alphanumeric characters
    • must be unique in the resource group
  • KEY_VAULT_NAME
    • 3-24 alphanumeric characters
    • must begin with a letter
    • must be globally unique

resource group

az group create -n $RESOURCE_GROUP --location westus2

managed identity

Create the managed identity

az identity create -g $RESOURCE_GROUP -n $MANAGED_IDENTITY_NAME

Save its ARM URI for later

export MANAGED_IDENTITY_ID=$(az identity show -g $RESOURCE_GROUP -n $MANAGED_IDENTITY_NAME --query id -o tsv)

Key Vault

Create the Vault

az keyvault create -g $RESOURCE_GROUP -n $KEY_VAULT_NAME --sku standard

Add an access policy for the managed identity

az keyvault set-policy -n $KEY_VAULT_NAME \
  --object-id $(az identity show -g $RESOURCE_GROUP -n $MANAGED_IDENTITY_NAME --query principalId -o tsv) \
  --secret-permissions set delete

container registry

az acr create -g $RESOURCE_GROUP -n $ACR_NAME --admin-enabled --sku basic

build images

The test application must be packaged as a Docker image. Two images are needed
because the test must run on Python 2 and 3.

authenticate to ACR

az acr login -n $ACR_NAME

acquire the test code

git clone https://github.com/Azure/azure-sdk-for-python/ --branch master --single-branch --depth 1

The rest of this section assumes this working directory:

cd azure-sdk-for-python/sdk/identity/azure-identity/tests

build images and push them to the container registry

set environment variables

export REPOSITORY=$(az acr show -g $RESOURCE_GROUP -n $ACR_NAME --query loginServer -o tsv) \
  IMAGE_NAME=test-pod-identity \
  PYTHON_VERSION=2.7

build an image

docker build --no-cache --build-arg PYTHON_VERSION=$PYTHON_VERSION -t $REPOSITORY/$IMAGE_NAME:$PYTHON_VERSION ./managed-identity-live

push it to the registry

docker push $REPOSITORY/$IMAGE_NAME:$PYTHON_VERSION

Then set PYTHON_VERSION to the latest 3.x and run the above docker build
and docker push commands again. (It's safe--and faster--to omit
--no-cache from docker build the second time.)

run tests

Run these commands twice, once with PYTHON_VERSION=2.7 and again with the
latest 3.x.

set a name for the container group

export CONTAINER_NAME=managed-id-test-python${PYTHON_VERSION::1}

run the test

az container create -g $RESOURCE_GROUP -n $CONTAINER_NAME \
 --assign-identity $MANAGED_IDENTITY_ID \
 --restart-policy OnFailure \
 --registry-username $(az acr credential show -n $ACR_NAME --query username -o tsv) \
 --registry-password $(az acr credential show -n $ACR_NAME --query passwords[0].value -o tsv) \
 --image $REPOSITORY/$IMAGE_NAME:$PYTHON_VERSION \
 -e AZURE_IDENTITY_TEST_VAULT_URL=$(az keyvault show -g $RESOURCE_GROUP -n $KEY_VAULT_NAME --query properties.vaultUri -o tsv)

inspect output

az container logs -g $RESOURCE_GROUP -n $CONTAINER_NAME

Success looks like this:

============================= test session starts ==============================
platform linux -- Python 3.8.1, pytest-5.3.2, py-1.8.1, pluggy-0.13.1 -- /usr/local/bin/python
cachedir: .pytest_cache
rootdir: /azure-sdk-for-python, inifile: setup.cfg
plugins: asyncio-0.10.0
collecting ... collected 2 items

test_managed_identity_live.py::test_managed_identity_live PASSED
test_managed_identity_live_async.py::test_managed_identity_live PASSED

============================= 2 passed in 0.43s ================================

test_managed_identity_live must pass. Other test cases may be skipped. No test case may fail.

delete Azure resources

Finally, delete the resources created above:

az group delete -n $RESOURCE_GROUP -y --no-wait

@kurtzeborn kurtzeborn added Client This issue points to a problem in the data-plane of the library. and removed EngSys This issue is impacting the engineering system. labels Jan 22, 2020
@kurtzeborn kurtzeborn added EngSys This issue is impacting the engineering system. and removed EngSys This issue is impacting the engineering system. Client This issue points to a problem in the data-plane of the library. labels Jan 22, 2020
@chlowell chlowell mentioned this issue Feb 26, 2020
Closed
@XuGuang-Yao
Copy link

Hi @chlowell ,

I am following above steps to do python E2E test. My suggestion as below. Please correct me if I miss anything.

1.We need add {} when combine two or more variables,or error will occur.

docker build --no-cache --build-arg PYTHON_VERSION=$PYTHON_VERSION -t $REPOSITORY/${IMAGE_NAME}:${PYTHON_VERSION} ./managed-identity-live
docker push $REPOSITORY/${IMAGE_NAME}:${PYTHON_VERSION}

2.CONTAINER_NAME=managed-id-test-python${PYTHON_VERSION::1}.
This command attempts to create container names for different python versions. But it doesn't work because ${PYTHON_VERSION::1} won't be appended. Result as follow:
image

Also, It is not allowed to use ":" in container name.
image

We can use hard code 27 or 38 as Python version to avoid this error.

CONTAINER_NAME="managed-id-test-python-27"
CONTAINER_NAME="managed-id-test-python-38"

@chlowell
Copy link
Member Author

The command lines don't work directly in PowerShell because I wrote them for bash or a compatible shell. They should work as expected in a Linux environment like WSL.

@XuGuang-Yao
Copy link

@chlowell . Thanks for your clarification. So I need do this test against Linux? Or just format the command and run in windows like I used to?

@chlowell
Copy link
Member Author

Your OS isn't relevant to the test. You can run bash, PowerShell, and the required tools on Windows or Linux. You need bash or a compatible shell only if you want to copy/paste all the command lines from the document. If you want to use a different shell, reformat the command lines as necessary.

@kurtzeborn kurtzeborn added the Client This issue points to a problem in the data-plane of the library. label Feb 8, 2021
@v-jiaodi v-jiaodi mentioned this issue Oct 28, 2022
Closed
@pvaneck pvaneck mentioned this issue Oct 29, 2022
Merged
@github-actions GitHub Actions
Copy link

Hi @chlowell, we deeply appreciate your input into this project. Regrettably, this issue has remained inactive for over 2 years, leading us to the decision to close it. We've implemented this policy to maintain the relevance of our issue queue and facilitate easier navigation for new contributors. If you still believe this topic requires attention, please feel free to create a new issue, referencing this one. Thank you for your understanding and ongoing support.

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Mar 20, 2024
@github-actions github-actions bot locked and limited conversation to collaborators Mar 20, 2024
@v-xuto
Copy link
Member

v-xuto commented Mar 26, 2024

@joshfree This issue has been closed. Do we need to continue testing this Automate Azure Container Instances testing?

@v-xuto
Copy link
Member

v-xuto commented Mar 26, 2024

Hi @chlowell , Following above steps, encountered some issues after executing the following command:
az container logs -g $RESOURCE_GROUP -n $CONTAINER_NAME

After ten tests, got the result of ' None' eight times as follows :
image

And got the error logs twice as follows:
image

Could you help to check and resolve the error?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. EngSys This issue is impacting the engineering system. test-manual-pass
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@joshfree @chlowell @kurtzeborn @XuGuang-Yao @v-xuto