public async Task Assignment_Succeeds_With_Encryption_Key()
{
var environment = new TestEnvironment();
environment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsitePlaceholderMode, "1");
var scriptWebEnvironment = new ScriptWebHostEnvironment(environment);
var loggerFactory = new LoggerFactory();
var loggerProvider = new TestLoggerProvider();
loggerFactory.AddProvider(loggerProvider);
var handlerMock = new Mock <HttpMessageHandler>(MockBehavior.Strict);
handlerMock.Protected().Setup <Task <HttpResponseMessage> >("SendAsync",
ItExpr.IsAny <HttpRequestMessage>(),
ItExpr.IsAny <CancellationToken>()).ReturnsAsync(new HttpResponseMessage
{
StatusCode = HttpStatusCode.OK
});
var instanceManager = new InstanceManager(_optionsFactory, TestHelpers.CreateHttpClientFactory(handlerMock.Object),
scriptWebEnvironment, environment, loggerFactory.CreateLogger <InstanceManager>(),
new TestMetricsLogger(), null, new Mock <IRunFromPackageHandler>().Object,
new Mock <IPackageDownloadHandler>(MockBehavior.Strict).Object);
var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>());
InstanceManager.Reset();
var podController = new KubernetesPodController(environment, instanceManager, loggerFactory, startupContextProvider);
const string podEncryptionKey = "/a/vXvWJ3Hzgx4PFxlDUJJhQm5QVyGiu0NNLFm/ZMMg=";
var hostAssignmentContext = new HostAssignmentContext
{
Environment = new Dictionary <string, string>()
{
[EnvironmentSettingNames.AzureWebsiteRunFromPackage] = "http://localhost:1234"
}
};
hostAssignmentContext.Secrets = new FunctionAppSecrets();
hostAssignmentContext.IsWarmupRequest = false;
var encryptedHostAssignmentValue = SimpleWebTokenHelper.Encrypt(JsonConvert.SerializeObject(hostAssignmentContext), podEncryptionKey.ToKeyBytes());
var encryptedHostAssignmentContext = new EncryptedHostAssignmentContext()
{
EncryptedContext = encryptedHostAssignmentValue
};
environment.SetEnvironmentVariable(EnvironmentSettingNames.PodEncryptionKey, podEncryptionKey);
environment.SetEnvironmentVariable(EnvironmentSettingNames.KubernetesServiceHost, "http://localhost:80");
environment.SetEnvironmentVariable(EnvironmentSettingNames.PodNamespace, "k8se-apps");
var result = await podController.Assign(encryptedHostAssignmentContext);
Assert.NotNull(startupContextProvider.Context);
Assert.IsType <AcceptedResult>(result);
}
public LinuxContainerInitializationHostService(IEnvironment environment, IInstanceManager instanceManager, ILogger <LinuxContainerInitializationHostService> logger, StartupContextProvider startupContextProvider)
{
_environment = environment;
_instanceManager = instanceManager;
_logger = logger;
_startupContextProvider = startupContextProvider;
}
public KubernetesPodController(IEnvironment environment, IInstanceManager instanceManager, ILoggerFactory loggerFactory, StartupContextProvider startupContextProvider)
{
_environment = environment;
_instanceManager = instanceManager;
_logger = loggerFactory.CreateLogger <KubernetesPodController>();
_startupContextProvider = startupContextProvider;
}
public async Task Assign_MSISpecializationFailure_ReturnsError()
{
var environment = new TestEnvironment();
environment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsitePlaceholderMode, "1");
var scriptWebEnvironment = new ScriptWebHostEnvironment(environment);
var loggerFactory = new LoggerFactory();
var loggerProvider = new TestLoggerProvider();
loggerFactory.AddProvider(loggerProvider);
var handlerMock = new Mock <HttpMessageHandler>(MockBehavior.Strict);
handlerMock.Protected().Setup <Task <HttpResponseMessage> >("SendAsync",
ItExpr.IsAny <HttpRequestMessage>(),
ItExpr.IsAny <CancellationToken>()).ReturnsAsync(new HttpResponseMessage
{
StatusCode = HttpStatusCode.BadRequest
});
var instanceManager = new InstanceManager(_optionsFactory, new HttpClient(handlerMock.Object),
scriptWebEnvironment, environment, loggerFactory.CreateLogger <InstanceManager>(),
new TestMetricsLogger(), null, _runFromPackageHandler.Object);
var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>());
InstanceManager.Reset();
var instanceController = new InstanceController(environment, instanceManager, loggerFactory, startupContextProvider);
const string containerEncryptionKey = "/a/vXvWJ3Hzgx4PFxlDUJJhQm5QVyGiu0NNLFm/ZMMg=";
var hostAssignmentContext = new HostAssignmentContext
{
Environment = new Dictionary <string, string>(),
MSIContext = new MSIContext()
};
hostAssignmentContext.Environment[EnvironmentSettingNames.MsiEndpoint] = "http://localhost:8081";
hostAssignmentContext.Environment[EnvironmentSettingNames.MsiSecret] = "secret";
var encryptedHostAssignmentValue = SimpleWebTokenHelper.Encrypt(JsonConvert.SerializeObject(hostAssignmentContext), containerEncryptionKey.ToKeyBytes());
var encryptedHostAssignmentContext = new EncryptedHostAssignmentContext()
{
EncryptedContext = encryptedHostAssignmentValue
};
environment.SetEnvironmentVariable(EnvironmentSettingNames.ContainerEncryptionKey, containerEncryptionKey);
IActionResult result = await instanceController.Assign(encryptedHostAssignmentContext);
var objectResult = result as ObjectResult;
Assert.Equal(objectResult.StatusCode, 500);
Assert.Equal(objectResult.Value, "Specialize MSI sidecar call failed. StatusCode=BadRequest");
}
public async Task Assignment_Does_Not_Set_Secrets_Context_For_Warmup_Request()
{
var environment = new TestEnvironment();
environment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsitePlaceholderMode, "1");
var scriptWebEnvironment = new ScriptWebHostEnvironment(environment);
var loggerFactory = new LoggerFactory();
var loggerProvider = new TestLoggerProvider();
loggerFactory.AddProvider(loggerProvider);
var handlerMock = new Mock <HttpMessageHandler>(MockBehavior.Strict);
handlerMock.Protected().Setup <Task <HttpResponseMessage> >("SendAsync",
ItExpr.IsAny <HttpRequestMessage>(),
ItExpr.IsAny <CancellationToken>()).ReturnsAsync(new HttpResponseMessage
{
StatusCode = HttpStatusCode.OK
});
var instanceManager = new InstanceManager(_optionsFactory, new HttpClient(handlerMock.Object),
scriptWebEnvironment, environment, loggerFactory.CreateLogger <InstanceManager>(),
new TestMetricsLogger(), null, _runFromPackageHandler.Object);
var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>());
InstanceManager.Reset();
var instanceController = new InstanceController(environment, instanceManager, loggerFactory, startupContextProvider);
const string containerEncryptionKey = "/a/vXvWJ3Hzgx4PFxlDUJJhQm5QVyGiu0NNLFm/ZMMg=";
var hostAssignmentContext = new HostAssignmentContext
{
Environment = new Dictionary <string, string>()
{
[EnvironmentSettingNames.AzureWebsiteRunFromPackage] = "http://localhost:1234"
}
};
hostAssignmentContext.Secrets = new FunctionAppSecrets();
hostAssignmentContext.IsWarmupRequest = true; // Warmup Request
var encryptedHostAssignmentValue = SimpleWebTokenHelper.Encrypt(JsonConvert.SerializeObject(hostAssignmentContext), containerEncryptionKey.ToKeyBytes());
var encryptedHostAssignmentContext = new EncryptedHostAssignmentContext()
{
EncryptedContext = encryptedHostAssignmentValue
};
environment.SetEnvironmentVariable(EnvironmentSettingNames.ContainerEncryptionKey, containerEncryptionKey);
await instanceController.Assign(encryptedHostAssignmentContext);
Assert.Null(startupContextProvider.Context);
}
public LinuxContainerInitializationHostServiceTests()
{
_instanceManagerMock = new Mock <IInstanceManager>(MockBehavior.Strict);
_environment = new TestEnvironment();
var loggerFactory = new LoggerFactory();
var loggerProvider = new TestLoggerProvider();
loggerFactory.AddProvider(loggerProvider);
_startupContextProvider = new StartupContextProvider(_environment, loggerFactory.CreateLogger <StartupContextProvider>());
}
public SecretManagerTests()
{
_testEnvironment = new TestEnvironment();
_testEnvironment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsiteHostName, "test.azurewebsites.net");
_loggerProvider = new TestLoggerProvider();
var loggerFactory = new LoggerFactory();
loggerFactory.AddProvider(_loggerProvider);
_logger = _loggerProvider.CreateLogger(LogCategories.CreateFunctionCategory("test"));
_hostNameProvider = new HostNameProvider(_testEnvironment);
_startupContextProvider = new StartupContextProvider(_testEnvironment, loggerFactory.CreateLogger <StartupContextProvider>());
}
public StartupContextProviderTests()
{
_secrets = new FunctionAppSecrets();
_secrets.Host = new FunctionAppSecrets.HostSecrets
{
Master = "test-master-key"
};
_secrets.Host.Function = new Dictionary <string, string>
{
{ "test-host-function-1", "hostfunction1value" },
{ "test-host-function-2", "hostfunction2value" }
};
_secrets.Host.System = new Dictionary <string, string>
{
{ "test-system-1", "system1value" },
{ "test-system-2", "system2value" }
};
_secrets.Function = new FunctionAppSecrets.FunctionSecrets[]
{
new FunctionAppSecrets.FunctionSecrets
{
Name = "function1",
Secrets = new Dictionary <string, string>
{
{ "test-function-1", "function1value" },
{ "test-function-2", "function2value" }
}
},
new FunctionAppSecrets.FunctionSecrets
{
Name = "function2",
Secrets = new Dictionary <string, string>
{
{ "test-function-1", "function1value" },
{ "test-function-2", "function2value" }
}
}
};
_environment = new TestEnvironment();
var loggerFactory = new LoggerFactory();
_loggerProvider = new TestLoggerProvider();
loggerFactory.AddProvider(_loggerProvider);
_environment.SetEnvironmentVariable(EnvironmentSettingNames.WebSiteAuthEncryptionKey, TestEncryptionKey);
_startupContextProvider = new StartupContextProvider(_environment, loggerFactory.CreateLogger <StartupContextProvider>());
}
public async Task Assignment_Invokes_InstanceManager_Methods_For_Warmup_Requests_Also(bool isWarmupRequest, bool shouldInvokeMethod)
{
var environment = new TestEnvironment();
environment.SetEnvironmentVariable(EnvironmentSettingNames.AzureWebsitePlaceholderMode, "1");
var loggerFactory = new LoggerFactory();
var loggerProvider = new TestLoggerProvider();
loggerFactory.AddProvider(loggerProvider);
var instanceManager = new Mock <IInstanceManager>();
var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>());
InstanceManager.Reset();
var instanceController = new InstanceController(environment, instanceManager.Object, loggerFactory,
startupContextProvider);
const string containerEncryptionKey = "/a/vXvWJ3Hzgx4PFxlDUJJhQm5QVyGiu0NNLFm/ZMMg=";
var hostAssignmentContext = new HostAssignmentContext
{
Environment = new Dictionary <string, string>()
};
hostAssignmentContext.IsWarmupRequest = isWarmupRequest;
var encryptedHostAssignmentValue =
SimpleWebTokenHelper.Encrypt(JsonConvert.SerializeObject(hostAssignmentContext),
containerEncryptionKey.ToKeyBytes());
var encryptedHostAssignmentContext = new EncryptedHostAssignmentContext()
{
EncryptedContext = encryptedHostAssignmentValue
};
environment.SetEnvironmentVariable(EnvironmentSettingNames.ContainerEncryptionKey, containerEncryptionKey);
await instanceController.Assign(encryptedHostAssignmentContext);
instanceManager.Verify(i => i.ValidateContext(It.IsAny <HostAssignmentContext>()),
shouldInvokeMethod ? Times.Once() : Times.Never());
instanceManager.Verify(i => i.SpecializeMSISidecar(It.IsAny <HostAssignmentContext>()),
shouldInvokeMethod ? Times.Once() : Times.Never());
instanceManager.Verify(i => i.StartAssignment(It.IsAny <HostAssignmentContext>()),
shouldInvokeMethod ? Times.Once() : Times.Never());
}
public async Task Disable_Writes_To_DisableContainerFile_Restarts_ScriptHost()
{
var environment = new TestEnvironment();
var loggerFactory = new LoggerFactory();
var loggerProvider = new TestLoggerProvider();
loggerFactory.AddProvider(loggerProvider);
var startupContextProvider = new StartupContextProvider(environment, loggerFactory.CreateLogger <StartupContextProvider>());
var instanceController = new InstanceController(environment, null, loggerFactory, startupContextProvider);
var scriptHostManager = new Mock <IScriptHostManager>();
var fileSystem = new Mock <IFileSystem>();
var fileBase = new Mock <FileBase>();
fileBase.Setup(
f => f.Exists(It.Is <string>(path => path.EndsWith(ScriptConstants.DisableContainerFileName))))
.Returns(false);
fileSystem.SetupGet(fs => fs.File).Returns(fileBase.Object);
var memoryStream = new MemoryStream();
fileSystem.Setup(s =>
s.File.Open(It.Is <string>(path => path.EndsWith(ScriptConstants.DisableContainerFileName)), FileMode.Create, FileAccess.Write, FileShare.Read))
.Returns(memoryStream);
FileUtility.Instance = fileSystem.Object;
scriptHostManager.Setup(s => s.RestartHostAsync(It.IsAny <CancellationToken>()));
var actionResult = await instanceController.Disable(scriptHostManager.Object);
FileUtility.Instance = null;
scriptHostManager.Verify(s => s.RestartHostAsync(It.IsAny <CancellationToken>()), Times.Once);
// Remove BOM
var memoryStreamContents = Encoding.UTF8.GetString(memoryStream.ToArray()).Trim(new char[] { '\uFEFF' });
Assert.Equal("This container instance is offline", memoryStreamContents);
var okResult = actionResult as OkResult;
Assert.NotNull(okResult);
Assert.Equal(200, okResult.StatusCode);
}
