TestCases/ContinuousAssurance/ContinuousAssurance.ps1
|
Set-StrictMode -Version Latest class ContinuousAssurance:AzSKTestBase { [string] $AutomationAccountName [string] $AutomationAccountRG [string] $AppResourceGroupName [string] $ConnectionName [string] $StorgeContainerName ContinuousAssurance([TestCase] $testcase, [TestSettings] $testsettings):Base($testcase, $testsettings) { $this.AutomationAccountName = $testsettings.CAAutomationAccountName $this.AutomationAccountRG = $testsettings.AzSKResourceGroupName $this.AppResourceGroupName = "AzSKTestRG" #This is the standard name used for testing resource in subscription. $this.ConnectionName = $testsettings.CAConnectionName $this.StorgeContainerName= "azskexecutionlogs" } [void] Execute() { switch ($this.testcase.TestMethod.Trim()) { "TestCAFullFlowDefaultParams" { $this.TestCAFullFlowDefaultParams() break } "TestCAFullFlowAllParams" { $this.TestCAFullFlowAllParams() break } "TestRemoveCADefaultParams" { $this.TestRemoveCADefaultParams() break } "TestRemoveCAWithLogs" { $this.TestRemoveCAWithLogs() break } Default { } } } [PSObject] GetExistingCA() { $CAAccount = Get-AzureRmAutomationAccount -Name $this.AutomationAccountName -ResourceGroupName $this.AutomationAccountRG return $CAAccount } [TestCaseResult] TestCAFullFlowDefaultParams() { if($null -ne $this.GetExistingCA()) { $this.Cleanup() Start-Sleep -Seconds 10 } try { $failMsg = "" $isInstallationSuccessful = $false try { Install-AzSKContinuousAssurance -SubscriptionId $this.settings.SubscriptionId ` -ResourceGroupNames $this.AppResourceGroupName ` -OMSWorkspaceId $this.settings.OMSWorkspaceId ` -OMSSharedKey $this.settings.OMSSharedKey $isInstallationSuccessful = $true } catch { $failMsg+="Something went wrong while installing CA components. $($_.Exception)" } if($isInstallationSuccessful) { $isUpdateSuccessful = $false $existingaccount = $this.GetExistingCA() $existingStorage = Find-AzureRmResource -ResourceGroupNameEquals $this.AutomationAccountRG -ResourceNameContains "azsk" -ResourceType "Microsoft.Storage/storageAccounts" if($existingaccount -and $existingStorage) { try { #Update CA Update-AzSKContinuousAssurance -SubscriptionId $this.settings.SubscriptionId $isUpdateSuccessful = $true } catch { $failMsg+="Something went wrong while updating CA components. $($_.Exception)" } if($isUpdateSuccessful) { #check if account is recently updated $account = $this.GetExistingCA() if(($(get-date).ToUniversalTime() - $account.LastModifiedTime.ToUniversalTime().DateTime).TotalSeconds -gt 50) { $failMsg+="Something went wrong while updating CA components." } else { #Remove CA try { $this.Cleanup() if($null -ne $this.GetExistingCA()) { $failMsg+="Something went wrong while removing CA components." } else { $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Passed,"Successfully tested CA flow with default params.") return $this.testcaseResult } } catch { $failMsg+="Something went wrong while removing CA components. $($_.Exception)" } } } } else { $failMsg += "Something went wrong while installing CA components. Automation account or Storage account not created." } } $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Failed,$failMsg) } catch { $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Failed,"Error occurred. $($_.Exception)") } return $this.testcaseResult } [TestCaseResult] TestCAFullFlowAllParams() { if($null -ne $this.GetExistingCA()) { $this.Cleanup() Start-Sleep -Seconds 10 } try { $failMsg = "" $isInstallationSuccessful = $false try { Install-AzSKContinuousAssurance -SubscriptionId $this.settings.SubscriptionId ` -ResourceGroupNames $this.AppResourceGroupName ` -OMSWorkspaceId $this.settings.OMSWorkspaceId ` -OMSSharedKey $this.settings.OMSSharedKey $isInstallationSuccessful = $true } catch { $failMsg+="Something went wrong while installing CA components. $($_.Exception)" } if($isInstallationSuccessful) { $isUpdateSuccessful = $false $existingaccount = $this.GetExistingCA() $existingStorage = Find-AzureRmResource -ResourceGroupNameEquals $this.AutomationAccountRG -ResourceNameContains "azsk" -ResourceType "Microsoft.Storage/storageAccounts" if($existingaccount -and $existingStorage) { try { #remove automation module Remove-AzureRmAutomationModule -Name "AzureRm.Automation" -ResourceGroupName $this.AutomationAccountRG -AutomationAccountName $this.AutomationAccountName -Force #remove SPN permission $connection = Get-AzureRmAutomationConnection -Name $this.ConnectionName -ResourceGroupName $this.AutomationAccountRG -AutomationAccountName $this.AutomationAccountName $servicePrincipal = Get-AzureRmADServicePrincipal -ServicePrincipalName $connection.FieldDefinitionValues.ApplicationId Remove-AzureRmRoleAssignment -serviceprincipalname $servicePrincipal.ServicePrincipalNames[0] -Scope "/subscriptions/$($this.settings.SubscriptionId)" -RoleDefinitionName reader #Update CA to fix issues Update-AzSKContinuousAssurance -SubscriptionId $this.settings.SubscriptionId ` -ResourceGroupNames "*" -FixRuntimeAccount -FixModules #check if update is successful $module = Get-AzureRmAutomationModule -Name "AzureRm.Automation" -ResourceGroupName $this.AutomationAccountRG -AutomationAccountName $this.AutomationAccountName $variable = Get-AzureRmAutomationVariable -Name "AppResourcegroupNames" -ResourceGroupName $this.AutomationAccountRG -AutomationAccountName $this.AutomationAccountName $spnPermission = Get-AzureRmRoleAssignment -ServicePrincipalName $servicePrincipal.ServicePrincipalNames[0] -Scope "/subscriptions/$($this.settings.SubscriptionId)" if($module -and ($module.ProvisioningState -eq "Succeeded") -and $variable -and ($variable.Value -eq "*") -and $spnPermission -and $spnPermission.RoleDefinitionName -eq "Reader") { $isUpdateSuccessful = $true } } catch { $failMsg+="Something went wrong while updating CA components. $($_.Exception)" } #Remove CA try { $this.Cleanup() if($null-ne $this.GetExistingCA()) { $failMsg+="Something went wrong while removing CA components." } else { $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Passed,"Successfully tested CA flow with multiple params.") return $this.testcaseResult } } catch { $failMsg+="Something went wrong while removing CA components. $($_.Exception)" } } else { $failMsg += "Something went wrong while installing CA components. Automation account or Storage account not created." } } $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Failed,$failMsg) } catch { $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Failed,"Error occurred. $($_.Exception)") } return $this.testcaseResult } [TestCaseResult] TestRemoveCADefaultParams() { if($null -eq $this.GetExistingCA()) { Install-AzSKContinuousAssurance -SubscriptionId $this.settings.SubscriptionId ` -ResourceGroupNames $this.AppResourceGroupName ` -OMSWorkspaceId $this.settings.OMSWorkspaceId ` -OMSSharedKey $this.settings.OMSSharedKey } if($this.GetExistingCA()) { $this.Cleanup() if($this.GetExistingCA()) { $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Failed,"Error while removing AzSK Continuous Assurance.") } else { $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Passed,"Successfully removed AzSK Continuous Assurance.") } } else { $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Error,"Error occurred while installing CA.") } return $this.testcaseResult } [TestCaseResult] TestRemoveCAWithLogs() { if($null -eq $this.GetExistingCA()) { Install-AzSKContinuousAssurance -SubscriptionId $this.settings.SubscriptionId ` -ResourceGroupNames $this.AppResourceGroupName ` -OMSWorkspaceId $this.settings.OMSWorkspaceId ` -OMSSharedKey $this.settings.OMSSharedKey } if($null -eq $this.GetAzSKStorageContainer()) { #create container New-AzureStorageContainer -Name $this.StorgeContainerName -Context $this.GetAzSKStorageContext() } Remove-AzSKContinuousAssurance -SubscriptionId $this.settings.SubscriptionId -DeleteStorageReports -Force if($null -eq $this.GetAzSKStorageContainer()) { $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Passed,"Successfully removed AzSK Continuous Assurance with storage logs.") } else { $this.testcaseResult = [TestCaseResult]::new($this.testCase,[TestStatus]::Failed,"Error while removing AzSK Continuous Assurance with storage logs.") } return $this.testcaseResult } [void] Cleanup() { Remove-AzSKContinuousAssurance -SubscriptionId $this.settings.SubscriptionId -Force } [PSObject] GetAzSKStorageContainer() { $storageContext = $this.GetAzSKStorageContext() $existingContainer = Get-AzureStorageContainer -Name $this.StorgeContainerName -Context $storageContext -ErrorAction SilentlyContinue return $existingContainer } [PSObject] GetAzSKStorageContext() { $existingStorage = Find-AzureRmResource -ResourceGroupNameEquals $this.AutomationAccountRG -ResourceNameContains "azsk" -ResourceType "Microsoft.Storage/storageAccounts" $keys = Get-AzureRmStorageAccountKey -ResourceGroupName $this.AutomationAccountRG -Name $existingStorage.Name $storageContext = New-AzureStorageContext -StorageAccountName $existingStorage.Name -StorageAccountKey $keys[0].Value -Protocol Https return $storageContext } } |