public async Task Assignment_Succeeds_With_Encryption_Key() { var environment = new TestEnvironment(); environment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsitePlaceholderMode, "1"); var scriptWebEnvironment = new ScriptWebHostEnvironment(environment); var loggerFactory = new LoggerFactory(); var loggerProvider = new TestLoggerProvider(); loggerFactory.AddProvider(loggerProvider); var handlerMock = new Mock <HttpMessageHandler>(MockBehavior.Strict); handlerMock.Protected().Setup <Task <HttpResponseMessage> >("SendAsync", ItExpr.IsAny <HttpRequestMessage>(), ItExpr.IsAny <CancellationToken>()).ReturnsAsync(new HttpResponseMessage { StatusCode = HttpStatusCode.OK }); var instanceManager = new InstanceManager(_optionsFactory, TestHelpers.CreateHttpClientFactory(handlerMock.Object), scriptWebEnvironment, environment, loggerFactory.CreateLogger <InstanceManager>(), new TestMetricsLogger(), null, new Mock <IRunFromPackageHandler>().Object, new Mock <IPackageDownloadHandler>(MockBehavior.Strict).Object); var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>()); InstanceManager.Reset(); var podController = new KubernetesPodController(environment, instanceManager, loggerFactory, startupContextProvider); const string podEncryptionKey = "/a/vXvWJ3Hzgx4PFxlDUJJhQm5QVyGiu0NNLFm/ZMMg="; var hostAssignmentContext = new HostAssignmentContext { Environment = new Dictionary <string, string>() { [EnvironmentSettingNames.AzureWebsiteRunFromPackage] = "http://localhost:1234" } }; hostAssignmentContext.Secrets = new FunctionAppSecrets(); hostAssignmentContext.IsWarmupRequest = false; var encryptedHostAssignmentValue = SimpleWebTokenHelper.Encrypt(JsonConvert.SerializeObject(hostAssignmentContext), podEncryptionKey.ToKeyBytes()); var encryptedHostAssignmentContext = new EncryptedHostAssignmentContext() { EncryptedContext = encryptedHostAssignmentValue }; environment.SetEnvironmentVariable(EnvironmentSettingNames.PodEncryptionKey, podEncryptionKey); environment.SetEnvironmentVariable(EnvironmentSettingNames.KubernetesServiceHost, "http://localhost:80"); environment.SetEnvironmentVariable(EnvironmentSettingNames.PodNamespace, "k8se-apps"); var result = await podController.Assign(encryptedHostAssignmentContext); Assert.NotNull(startupContextProvider.Context); Assert.IsType <AcceptedResult>(result); }
public LinuxContainerInitializationHostService(IEnvironment environment, IInstanceManager instanceManager, ILogger <LinuxContainerInitializationHostService> logger, StartupContextProvider startupContextProvider) { _environment = environment; _instanceManager = instanceManager; _logger = logger; _startupContextProvider = startupContextProvider; }
public KubernetesPodController(IEnvironment environment, IInstanceManager instanceManager, ILoggerFactory loggerFactory, StartupContextProvider startupContextProvider) { _environment = environment; _instanceManager = instanceManager; _logger = loggerFactory.CreateLogger <KubernetesPodController>(); _startupContextProvider = startupContextProvider; }
public async Task Assign_MSISpecializationFailure_ReturnsError() { var environment = new TestEnvironment(); environment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsitePlaceholderMode, "1"); var scriptWebEnvironment = new ScriptWebHostEnvironment(environment); var loggerFactory = new LoggerFactory(); var loggerProvider = new TestLoggerProvider(); loggerFactory.AddProvider(loggerProvider); var handlerMock = new Mock <HttpMessageHandler>(MockBehavior.Strict); handlerMock.Protected().Setup <Task <HttpResponseMessage> >("SendAsync", ItExpr.IsAny <HttpRequestMessage>(), ItExpr.IsAny <CancellationToken>()).ReturnsAsync(new HttpResponseMessage { StatusCode = HttpStatusCode.BadRequest }); var instanceManager = new InstanceManager(_optionsFactory, new HttpClient(handlerMock.Object), scriptWebEnvironment, environment, loggerFactory.CreateLogger <InstanceManager>(), new TestMetricsLogger(), null, _runFromPackageHandler.Object); var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>()); InstanceManager.Reset(); var instanceController = new InstanceController(environment, instanceManager, loggerFactory, startupContextProvider); const string containerEncryptionKey = "/a/vXvWJ3Hzgx4PFxlDUJJhQm5QVyGiu0NNLFm/ZMMg="; var hostAssignmentContext = new HostAssignmentContext { Environment = new Dictionary <string, string>(), MSIContext = new MSIContext() }; hostAssignmentContext.Environment[EnvironmentSettingNames.MsiEndpoint] = "http://localhost:8081"; hostAssignmentContext.Environment[EnvironmentSettingNames.MsiSecret] = "secret"; var encryptedHostAssignmentValue = SimpleWebTokenHelper.Encrypt(JsonConvert.SerializeObject(hostAssignmentContext), containerEncryptionKey.ToKeyBytes()); var encryptedHostAssignmentContext = new EncryptedHostAssignmentContext() { EncryptedContext = encryptedHostAssignmentValue }; environment.SetEnvironmentVariable(EnvironmentSettingNames.ContainerEncryptionKey, containerEncryptionKey); IActionResult result = await instanceController.Assign(encryptedHostAssignmentContext); var objectResult = result as ObjectResult; Assert.Equal(objectResult.StatusCode, 500); Assert.Equal(objectResult.Value, "Specialize MSI sidecar call failed. StatusCode=BadRequest"); }
public async Task Assignment_Does_Not_Set_Secrets_Context_For_Warmup_Request() { var environment = new TestEnvironment(); environment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsitePlaceholderMode, "1"); var scriptWebEnvironment = new ScriptWebHostEnvironment(environment); var loggerFactory = new LoggerFactory(); var loggerProvider = new TestLoggerProvider(); loggerFactory.AddProvider(loggerProvider); var handlerMock = new Mock <HttpMessageHandler>(MockBehavior.Strict); handlerMock.Protected().Setup <Task <HttpResponseMessage> >("SendAsync", ItExpr.IsAny <HttpRequestMessage>(), ItExpr.IsAny <CancellationToken>()).ReturnsAsync(new HttpResponseMessage { StatusCode = HttpStatusCode.OK }); var instanceManager = new InstanceManager(_optionsFactory, new HttpClient(handlerMock.Object), scriptWebEnvironment, environment, loggerFactory.CreateLogger <InstanceManager>(), new TestMetricsLogger(), null, _runFromPackageHandler.Object); var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>()); InstanceManager.Reset(); var instanceController = new InstanceController(environment, instanceManager, loggerFactory, startupContextProvider); const string containerEncryptionKey = "/a/vXvWJ3Hzgx4PFxlDUJJhQm5QVyGiu0NNLFm/ZMMg="; var hostAssignmentContext = new HostAssignmentContext { Environment = new Dictionary <string, string>() { [EnvironmentSettingNames.AzureWebsiteRunFromPackage] = "http://localhost:1234" } }; hostAssignmentContext.Secrets = new FunctionAppSecrets(); hostAssignmentContext.IsWarmupRequest = true; // Warmup Request var encryptedHostAssignmentValue = SimpleWebTokenHelper.Encrypt(JsonConvert.SerializeObject(hostAssignmentContext), containerEncryptionKey.ToKeyBytes()); var encryptedHostAssignmentContext = new EncryptedHostAssignmentContext() { EncryptedContext = encryptedHostAssignmentValue }; environment.SetEnvironmentVariable(EnvironmentSettingNames.ContainerEncryptionKey, containerEncryptionKey); await instanceController.Assign(encryptedHostAssignmentContext); Assert.Null(startupContextProvider.Context); }
public LinuxContainerInitializationHostServiceTests() { _instanceManagerMock = new Mock <IInstanceManager>(MockBehavior.Strict); _environment = new TestEnvironment(); var loggerFactory = new LoggerFactory(); var loggerProvider = new TestLoggerProvider(); loggerFactory.AddProvider(loggerProvider); _startupContextProvider = new StartupContextProvider(_environment, loggerFactory.CreateLogger <StartupContextProvider>()); }
public SecretManagerTests() { _testEnvironment = new TestEnvironment(); _testEnvironment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsiteHostName, "test.azurewebsites.net"); _loggerProvider = new TestLoggerProvider(); var loggerFactory = new LoggerFactory(); loggerFactory.AddProvider(_loggerProvider); _logger = _loggerProvider.CreateLogger(LogCategories.CreateFunctionCategory("test")); _hostNameProvider = new HostNameProvider(_testEnvironment); _startupContextProvider = new StartupContextProvider(_testEnvironment, loggerFactory.CreateLogger <StartupContextProvider>()); }
public StartupContextProviderTests() { _secrets = new FunctionAppSecrets(); _secrets.Host = new FunctionAppSecrets.HostSecrets { Master = "test-master-key" }; _secrets.Host.Function = new Dictionary <string, string> { { "test-host-function-1", "hostfunction1value" }, { "test-host-function-2", "hostfunction2value" } }; _secrets.Host.System = new Dictionary <string, string> { { "test-system-1", "system1value" }, { "test-system-2", "system2value" } }; _secrets.Function = new FunctionAppSecrets.FunctionSecrets[] { new FunctionAppSecrets.FunctionSecrets { Name = "function1", Secrets = new Dictionary <string, string> { { "test-function-1", "function1value" }, { "test-function-2", "function2value" } } }, new FunctionAppSecrets.FunctionSecrets { Name = "function2", Secrets = new Dictionary <string, string> { { "test-function-1", "function1value" }, { "test-function-2", "function2value" } } } }; _environment = new TestEnvironment(); var loggerFactory = new LoggerFactory(); _loggerProvider = new TestLoggerProvider(); loggerFactory.AddProvider(_loggerProvider); _environment.SetEnvironmentVariable(EnvironmentSettingNames.WebSiteAuthEncryptionKey, TestEncryptionKey); _startupContextProvider = new StartupContextProvider(_environment, loggerFactory.CreateLogger <StartupContextProvider>()); }
public async Task Assignment_Invokes_InstanceManager_Methods_For_Warmup_Requests_Also(bool isWarmupRequest, bool shouldInvokeMethod) { var environment = new TestEnvironment(); environment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsitePlaceholderMode, "1"); var loggerFactory = new LoggerFactory(); var loggerProvider = new TestLoggerProvider(); loggerFactory.AddProvider(loggerProvider); var instanceManager = new Mock <IInstanceManager>(); var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>()); InstanceManager.Reset(); var instanceController = new InstanceController(environment, instanceManager.Object, loggerFactory, startupContextProvider); const string containerEncryptionKey = "/a/vXvWJ3Hzgx4PFxlDUJJhQm5QVyGiu0NNLFm/ZMMg="; var hostAssignmentContext = new HostAssignmentContext { Environment = new Dictionary <string, string>() }; hostAssignmentContext.IsWarmupRequest = isWarmupRequest; var encryptedHostAssignmentValue = SimpleWebTokenHelper.Encrypt(JsonConvert.SerializeObject(hostAssignmentContext), containerEncryptionKey.ToKeyBytes()); var encryptedHostAssignmentContext = new EncryptedHostAssignmentContext() { EncryptedContext = encryptedHostAssignmentValue }; environment.SetEnvironmentVariable(EnvironmentSettingNames.ContainerEncryptionKey, containerEncryptionKey); await instanceController.Assign(encryptedHostAssignmentContext); instanceManager.Verify(i => i.ValidateContext(It.IsAny <HostAssignmentContext>()), shouldInvokeMethod ? Times.Once() : Times.Never()); instanceManager.Verify(i => i.SpecializeMSISidecar(It.IsAny <HostAssignmentContext>()), shouldInvokeMethod ? Times.Once() : Times.Never()); instanceManager.Verify(i => i.StartAssignment(It.IsAny <HostAssignmentContext>()), shouldInvokeMethod ? Times.Once() : Times.Never()); }
public async Task Disable_Writes_To_DisableContainerFile_Restarts_ScriptHost() { var environment = new TestEnvironment(); var loggerFactory = new LoggerFactory(); var loggerProvider = new TestLoggerProvider(); loggerFactory.AddProvider(loggerProvider); var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>()); var instanceController = new InstanceController(environment, null, loggerFactory, startupContextProvider); var scriptHostManager = new Mock <IScriptHostManager>(); var fileSystem = new Mock <IFileSystem>(); var fileBase = new Mock <FileBase>(); fileBase.Setup( f => f.Exists(It.Is <string>(path => path.EndsWith(ScriptConstants.DisableContainerFileName)))) .Returns(false); fileSystem.SetupGet(fs => fs.File).Returns(fileBase.Object); var memoryStream = new MemoryStream(); fileSystem.Setup(s => s.File.Open(It.Is <string>(path => path.EndsWith(ScriptConstants.DisableContainerFileName)), FileMode.Create, FileAccess.Write, FileShare.Read)) .Returns(memoryStream); FileUtility.Instance = fileSystem.Object; scriptHostManager.Setup(s => s.RestartHostAsync(It.IsAny <CancellationToken>())); var actionResult = await instanceController.Disable(scriptHostManager.Object); FileUtility.Instance = null; scriptHostManager.Verify(s => s.RestartHostAsync(It.IsAny <CancellationToken>()), Times.Once); // Remove BOM var memoryStreamContents = Encoding.UTF8.GetString(memoryStream.ToArray()).Trim(new char[] { '\uFEFF' }); Assert.Equal("This container instance is offline", memoryStreamContents); var okResult = actionResult as OkResult; Assert.NotNull(okResult); Assert.Equal(200, okResult.StatusCode); }