Skip to content

Latest commit

 

History

History
71 lines (46 loc) · 3.11 KB

TESTING_AGAINST_AZURE.md

File metadata and controls

71 lines (46 loc) · 3.11 KB

Testing Against Azure - Integration Testing

Problem Statement

We want to test Azure-related InSpec resource against Azure itself. This requires a test fixture in Azure to examine using InSpec.

General Approach

We have a Terraform plan to set up and destroy test fixtures in Azure. When the environment is running we have a set of integration tests that may run against it.

Credentials are handled via a ~/.azure/credentials file. Create a directory in your home directory called .azure. Then create a file called credentials. An example file is below:

[subscription_id]
client_id=
client_secret=
tenant_id=

Substitute subscription_id for your Azure subscription ID. Client ID and client secret can be obtained when you create your application account (instructions below).

Tenant ID can be obtained by logging into the Azure portal. Browse to the Azure Active Directory and click on properties. The Directory ID is your Tenant ID.

Installing Terraform

Download Terraform. We require at least v0.10. To install and choose from multiple Terraform versions, consider using tfenv.

Current Solution

We have registered an application to use for authentication. We use Terraform to create the needed resources that we run our tests against.

Creating the Application account

  1. Login to the Azure portal.
  2. Click on Azure Active Directory.
  3. Click on APP registrations.
  4. Click on New application registration.
  5. Fill in a name and a Sign-on URL. Select Web app / API from the Application Type drop down. Save your application.
  6. Note your Application ID. This is your client_id above.
  7. Click on Settings
  8. Click on Keys
  9. Create a new password. This value is your client_secret above.
  10. Go to your subscription (click on All Services then subscriptions). Choose your subscription from that list.
  11. Note your Subscription ID can be found here.
  12. Click Access Control (IAM)
  13. Click Add
  14. Select the contributor role.
  15. Select the application you just created and save.

Running the integration tests

INSPEC_TERRAFORM_ENVIRONMENT should be set to a unique value for you to work against. See Terraform Workspaces

AZURE_LOCATION may be set to the region you'd prefer to test in. The default setting is "West Europe".

To run all Azure integration tests, run:

INSPEC_TERRAFORM_ENVIRONMENT=$YOUR_WORKSPACE bundle exec rake test:azure

If you are doing something which requires changing the Azure environment, e.g. developing a new Azure module you may want to have your environment running while you make changes.

INSPEC_TERRAFORM_ENVIRONMENT=$YOUR_WORKSPACE bundle exec rake test:azure:setup

After making any changes to Terraform. Apply your changes.

INSPEC_TERRAFORM_ENVIRONMENT=$YOUR_WORKSPACE bundle exec rake test:azure:apply

This will automatically regenerate your plan file and apply the changes.

When you are done, and wish to destroy your environment:

INSPEC_TERRAFORM_ENVIRONMENT=$YOUR_WORKSPACE bundle exec rake test:azure:cleanup