-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- added Verify Group feature to AzDevOpsVerifyAadGroups_v1.cs plugin
- added tests for AzDevOpsVerifyAadGroups_v1.cs - fix an issue in AzDevopsAddProjectAadGroup_v1.cs
- Loading branch information
1 parent
3afe14e
commit 25f2858
Showing
12 changed files
with
258 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| using Nox.Secrets.Abstractions; | ||
| namespace Nox.Cli.Abstractions.Secrets; | ||
| public interface IPersistedSecretStoreEx: IPersistedSecretStore | ||
| { | ||
| #if NET8_0 | ||
| Task SaveAsync(string key, string secret); | ||
| Task<string?> LoadAsync(string key, TimeSpan? validFor = null); | ||
| #endif | ||
| } |
113 changes: 113 additions & 0 deletions
113
src/Nox.Cli.Plugins/Nox.Cli.Plugin.AzDevOps/AzDevOpsVerifyAadGroups_v1.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,113 @@ | ||
| using Nox.Cli.Abstractions; | ||
| using Nox.Cli.Abstractions.Extensions; | ||
| using Nox.Cli.Plugin.AzDevOps.Clients; | ||
| using Nox.Cli.Plugin.AzDevOps.Enums; | ||
| namespace Nox.Cli.Plugin.AzDevOps; | ||
|
|
||
| public class AzDevOpsVerifyAadGroup_v1 : INoxCliAddin | ||
| { | ||
| public NoxActionMetaData Discover() | ||
| { | ||
| return new NoxActionMetaData | ||
| { | ||
| Name = "azdevops/verify-aad-group@v1", | ||
| Author = "Jan Schutte", | ||
| Description = "Verify that an AAD group ia available to a DevOps project group", | ||
| Inputs = | ||
| { | ||
| ["server"] = new NoxActionInput { | ||
| Id = "server", | ||
| Description = "The DevOps server hostname or IP", | ||
| Default = "localhost", | ||
| IsRequired = true | ||
| }, | ||
|
|
||
| ["personal-access-token"] = new NoxActionInput { | ||
| Id = "personal-access-token", | ||
| Description = "The personal access token to connect to DevOps with", | ||
| Default = string.Empty, | ||
| IsRequired = true | ||
| }, | ||
| ["project-id"] = new NoxActionInput | ||
| { | ||
| Id = "project-id", | ||
| Description = "The DevOps project Id", | ||
| Default = Guid.Empty, | ||
| IsRequired = true | ||
| }, | ||
| ["aad-group-name"] = new NoxActionInput | ||
| { | ||
| Id = "aad-group-name", | ||
| Description = "The AAD group to verify", | ||
| Default = Guid.Empty, | ||
| IsRequired = true | ||
| } | ||
| }, | ||
| Outputs = | ||
| { | ||
| ["is-found"] = new NoxActionOutput { | ||
| Id = "is-found", | ||
| Description = "A boolean indicating if the AAD group was found.", | ||
| } | ||
| } | ||
| }; | ||
| } | ||
| private string? _server; | ||
| private string? _pat; | ||
| private Guid? _projectId; | ||
| private string? _aadGroupName; | ||
| private bool _isServerContext = false; | ||
|
|
||
| public Task BeginAsync(IDictionary<string, object> inputs) | ||
| { | ||
| _server = inputs.Value<string>("server"); | ||
| _pat = inputs.Value<string>("personal-access-token"); | ||
| _projectId = inputs.Value<Guid>("project-id"); | ||
| _aadGroupName = inputs.Value<string>("aad-group-name"); | ||
| return Task.CompletedTask; | ||
| } | ||
| public async Task<IDictionary<string, object>> ProcessAsync(INoxWorkflowContext ctx) | ||
| { | ||
| _isServerContext = ctx.IsServer; | ||
| var outputs = new Dictionary<string, object>(); | ||
| ctx.SetState(ActionState.Error); | ||
|
|
||
| if (string.IsNullOrWhiteSpace(_server) || | ||
| string.IsNullOrWhiteSpace(_pat) || | ||
| _projectId == null || | ||
| _projectId == Guid.Empty || | ||
| string.IsNullOrEmpty(_aadGroupName)) | ||
| { | ||
| ctx.SetErrorMessage("The devops verify-aad-group action was not initialized"); | ||
| } | ||
| else | ||
| { | ||
| try | ||
| { | ||
| var result = await FindGroup(ctx); | ||
| outputs["is-found"] = result; | ||
| ctx.SetState(ActionState.Success); | ||
| } | ||
| catch (Exception ex) | ||
| { | ||
| ctx.SetErrorMessage(ex.Message); | ||
| } | ||
| } | ||
| return outputs; | ||
| } | ||
| public Task EndAsync() | ||
| { | ||
| return Task.CompletedTask; | ||
| } | ||
| private async Task<bool> FindGroup(INoxWorkflowContext ctx) | ||
| { | ||
| var identityPickerClient = new IdentityPickerClient(_server!, _pat!); | ||
| var aadGroups = await identityPickerClient.FindIdentity(_aadGroupName!, IdentityType.Group); | ||
| if (aadGroups == null || aadGroups.Count == 0) | ||
| { | ||
| return false; | ||
| } | ||
| return true; | ||
| } | ||
|
|
||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| using Microsoft.Extensions.DependencyInjection; | ||
| using Moq; | ||
| using Nox; | ||
| using Nox.Cli.Abstractions.Caching; | ||
| using Nox.Cli.Caching; | ||
| using Nox.Cli.Configuration; | ||
| using Nox.Cli.PersonalAccessToken; | ||
| using Nox.Cli.Variables.Secrets; | ||
| using Nox.Secrets.Abstractions; | ||
| using Nox.Solution; | ||
| namespace Plugin.AzDevOps.Tests; | ||
|
|
||
| public class DevOpsIntegrationFixture | ||
| { | ||
| public IServiceProvider ServiceProvider { get; private set; } | ||
| public IServiceCollection? Services { get; private set; } | ||
| public DevOpsIntegrationFixture() | ||
| { | ||
| Services = new ServiceCollection(); | ||
| Services.AddSingleton(Mock.Of<NoxSolution>()); | ||
| Services.AddOrgSecretResolver(); | ||
| Services.AddSingleton(Mock.Of<LocalTaskExecutorConfiguration>()); | ||
| Services.AddPersistedSecretStore(); | ||
| Services.AddSingleton<INoxSecretsResolver, NoxSecretsResolver>(); | ||
| Services.AddSingleton<AzDevOpsPatProvider>(); | ||
| Services.AddNoxTokenCache(); | ||
| var onlineCacheUrl = "https://noxorg.dev"; | ||
| var persistedTokenCache = Services.BuildServiceProvider().GetRequiredService<IPersistedTokenCache>(); | ||
| var cacheBuilder = new NoxCliCacheBuilder(onlineCacheUrl, false, persistedTokenCache); | ||
| var cacheManager = cacheBuilder.Build(); | ||
| Services.AddNoxCliCacheManager(cacheManager); | ||
| ServiceProvider = Services.BuildServiceProvider(); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| using Microsoft.Extensions.DependencyInjection; | ||
| using Moq; | ||
| using Nox.Cli.Abstractions.Caching; | ||
| using Nox.Cli.Actions; | ||
| using Nox.Cli.Caching; | ||
| using Nox.Cli.Configuration; | ||
| using Nox.Cli.PersonalAccessToken; | ||
| using Nox.Cli.Plugin.AzDevOps; | ||
| using Nox.Cli.Variables.Secrets; | ||
| using Nox.Secrets.Abstractions; | ||
| using Nox.Solution; | ||
| namespace Plugin.AzDevOps.Tests; | ||
| public class GroupTests: IClassFixture<DevOpsIntegrationFixture> | ||
| { | ||
| private readonly DevOpsIntegrationFixture _fixture; | ||
| public GroupTests(DevOpsIntegrationFixture fixture) | ||
| { | ||
| _fixture = fixture; | ||
| } | ||
|
|
||
| [Theory] | ||
| [InlineData("NOX_PROJECTS_ALL", true)] | ||
| [InlineData("NOX_PROJECT_DOESNOTEXIST", false)] | ||
| public async Task Can_verify_whether_an_aad_group_exists_or_not(string groupName, bool result) | ||
| { | ||
| var wfConfig = new WorkflowConfiguration(); | ||
| var sln = _fixture.ServiceProvider.GetRequiredService<NoxSolution>(); | ||
| var orgResolver = _fixture.ServiceProvider.GetRequiredService<IOrgSecretResolver>(); | ||
| var cacheManager = _fixture.ServiceProvider.GetRequiredService<INoxCliCacheManager>(); | ||
| var lteConfig = _fixture.ServiceProvider.GetRequiredService<LocalTaskExecutorConfiguration>(); | ||
| var secretsResolver = _fixture.ServiceProvider.GetRequiredService<INoxSecretsResolver>(); | ||
| var tokenCache = _fixture.ServiceProvider.GetRequiredService<IPersistedTokenCache>(); | ||
| var accessToken = await CredentialHelper.GetAzureDevOpsAccessToken(); | ||
| var patProvider = new AzDevOpsPatProvider(tokenCache, "iwgplc"); | ||
| var pat = await patProvider.GetPat(accessToken!); | ||
|
|
||
| var plugin = new AzDevOpsVerifyAadGroup_v1(); | ||
| var inputs = new Dictionary<string, object> | ||
| { | ||
| {"server", "https://dev.azure.com/iwgplc"}, | ||
| {"personal-access-token", pat}, | ||
| {"project-id", "d6aee400-9659-4dec-a309-673518d4cc30"}, | ||
| {"aad-group-name", groupName} | ||
| }; | ||
| await plugin.BeginAsync(inputs); | ||
| var ctx = new NoxWorkflowContext(wfConfig, sln, orgResolver, cacheManager, lteConfig, secretsResolver, null!); | ||
| var pluginOutput = await plugin.ProcessAsync(ctx); | ||
| Assert.Equal(result, pluginOutput["is-found"]); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| <Project Sdk="Microsoft.NET.Sdk"> | ||
|
|
||
| <PropertyGroup> | ||
| <TargetFramework>net8.0</TargetFramework> | ||
| <ImplicitUsings>enable</ImplicitUsings> | ||
| <Nullable>enable</Nullable> | ||
|
|
||
| <IsPackable>false</IsPackable> | ||
| <IsTestProject>true</IsTestProject> | ||
| </PropertyGroup> | ||
|
|
||
| <ItemGroup> | ||
| <PackageReference Include="coverlet.collector" Version="6.0.0"/> | ||
| <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0"/> | ||
| <PackageReference Include="xunit" Version="2.5.3"/> | ||
| <PackageReference Include="xunit.runner.visualstudio" Version="2.5.3"/> | ||
| <PackageReference Include="Moq" Version="4.20.70" /> | ||
| </ItemGroup> | ||
|
|
||
| <ItemGroup> | ||
| <Using Include="Xunit"/> | ||
| </ItemGroup> | ||
|
|
||
| <ItemGroup> | ||
| <ProjectReference Include="..\..\src\Nox.Cli.Plugins\Nox.Cli.Plugin.AzDevOps\Nox.Cli.Plugin.AzDevOps.csproj" /> | ||
| <ProjectReference Include="..\..\src\Nox.Cli.Variables\Nox.Cli.Variables.csproj" /> | ||
| <ProjectReference Include="..\..\src\Nox.Cli\Nox.Cli.csproj" /> | ||
| </ItemGroup> | ||
|
|
||
| </Project> |