Write unit tests for build and sign release #1521
Conversation
james-garriss
added
enhancement
| # Note: This is NOT the ACTUAL release version for ScubaGear. | ||
| # That value is found in ScubaGear.psd1. | ||
| # This is only used for things like the release file name. | ||
| # Yes, this is a disconnect that violates DRY. | ||
| version: | ||
| description: "Release Version (e.g., 1.2.4)" | ||
| required: true |
There was a problem hiding this comment.
I think the workflows are now in a position where we could refactor out having to using a slimmer version of this function to pull out the version number from the manifest. Future enhancement of course.
There was a problem hiding this comment.
I like the concept, and I'm willing to use it, but I don't like the implementation. If pulling values from a "config file" requires a regex, we're doing it wrong. Surely there's a smarter way!? Or a different type of "config file" could be used for such values?
Well, whatever the implementation, I recommend creating an issue to do this work in the future.
There was a problem hiding this comment.
I added a note to my code stating that this might be coming.
| BeforeDiscovery { | ||
| $ScriptPath = Join-Path -Path $PSScriptRoot -ChildPath '../../utils/workflow/Install-AzureSignTool.ps1' -Resolve | ||
| # Source the function | ||
| . $ScriptPath | ||
| Install-AzureSignTool | ||
| } |
There was a problem hiding this comment.
A question.
Is this unit test ever meant to be run locally?
If yes, then would it beneficial to check if the AzureSignInTool is already installed before attempting to do another installation?
If no, disregard question.
There was a problem hiding this comment.
Functions that are in /utils are intended to be used and reused by any code. Functions that are in /utils/workflow, however, are only intended to be used by workflows. As we would not expect AST to already be installed on the runner, there doesn't seem to be a need to add a Pester test for that. If we moved this function up into /utils, then I think your idea would be smart.
Can you think of any other (non-workflow) code that would want to use the Install-AzureSignTool function?
| @@ -60,13 +61,13 @@ jobs: | |||
| echo "KeyVaultCertificateName=$($KeyVaultInfo.KeyVault.CertificateName)" >> $env:GITHUB_OUTPUT | |||
| - name: Create Private Gallery | |||
| run: | | |||
| # Source the deploy utilities so the functions in it can be called. | |||
| # Source the function. | |||
There was a problem hiding this comment.
This comment is unnecessary as it just restates in plain english what the next line does using standard PowerShell syntax.
| . repo/utils/workflow/Publish-ScubaGear.ps1 | ||
| cd repo | ||
| New-PrivateGallery -GalleryName $env:GalleryName -Trusted | ||
| - name: Sign and Publish Module | ||
| run: | | ||
| # Source the deploy utilities so the functions in it can be called. | ||
| # Source the function. |
There was a problem hiding this comment.
This comment is unnecessary as it just restates in plain english what the next line does using standard PowerShell syntax.
| dotnet --version | ||
| dotnet tool install --global AzureSignTool --version 5.0.0 | ||
| # OIDC Login to Azure Public Cloud with AzPowershell (enableAzPSSession true) | ||
| # Source the function |
There was a problem hiding this comment.
This comment is unnecessary as it just restates in plain english what the next line does using standard PowerShell syntax.
| @@ -66,7 +67,7 @@ jobs: | |||
| echo "KeyVaultCertificateName=$($KeyVaultInfo.KeyVault.CertificateName)" >> $env:GITHUB_OUTPUT | |||
| - name: Sign and Publish Module | |||
| run: | | |||
| # Source the deploy utilities so the functions in it can be called. | |||
| # Source the function. | |||
There was a problem hiding this comment.
This comment is unnecessary as it just restates in plain english what the next line does using standard PowerShell syntax.
| Describe "Bad Inputs Check" { | ||
| It "The root folder name should exist" { | ||
| $ScriptPath = Join-Path -Path $PSScriptRoot -ChildPath '../../utils/workflow/Build-SignRelease.ps1' -Resolve | ||
| # Source the function |
There was a problem hiding this comment.
This comment is unnecessary as it just restates in plain english what the next line does using standard PowerShell syntax.
|
|
||
| BeforeDiscovery { | ||
| $ScriptPath = Join-Path -Path $PSScriptRoot -ChildPath '../../utils/workflow/Install-AzureSignTool.ps1' -Resolve | ||
| # Source the function |
There was a problem hiding this comment.
This comment is unnecessary as it just restates in plain english what the next line does using standard PowerShell syntax.
| . $ScriptPath | ||
| # The function should throw an exception if the root folder name does not exist. | ||
| { New-ModuleSignature ` | ||
| -AzureKeyVaultUrl "https://www.cisa.gov" ` |
There was a problem hiding this comment.
For the test, recommend you use a Vault URL using standard www.example.com when the actual URL does not matter.
| dotnet --version | ||
| dotnet tool install --global AzureSignTool --version 5.0.0 | ||
| # OIDC Login to Azure Public Cloud with AzPowershell (enableAzPSSession true) | ||
| # Source the function |
There was a problem hiding this comment.
This comment is unnecessary as it just restates in plain english what the next line does using standard PowerShell syntax.
| -FileList $FileListFileName | ||
| Move-Item -Path repo -Destination "ScubaGear-${env:RELEASE_VERSION}" -Force | ||
| Compress-Archive -Path "ScubaGear-${env:RELEASE_VERSION}" -DestinationPath "ScubaGear-${env:RELEASE_VERSION}.zip" | ||
| # Source the function. |
There was a problem hiding this comment.
This comment is unnecessary as it just restates in plain english what the next line does using standard PowerShell syntax.
| param( | ||
| [Parameter(Mandatory = $true)] | ||
| [string] | ||
| $AzureKeyVaultUrl, | ||
| [Parameter(Mandatory = $true)] | ||
| [string] | ||
| $CertificateName, | ||
| [Parameter(Mandatory = $true)] | ||
| [string] | ||
| $ReleaseVersion, | ||
| [Parameter(Mandatory = $true)] | ||
| [string] | ||
| $RootFolderName | ||
| ) |
There was a problem hiding this comment.
Recommend aligning parameters at same indent level for style consistency.
| param( | |
| [Parameter(Mandatory = $true)] | |
| [string] | |
| $AzureKeyVaultUrl, | |
| [Parameter(Mandatory = $true)] | |
| [string] | |
| $CertificateName, | |
| [Parameter(Mandatory = $true)] | |
| [string] | |
| $ReleaseVersion, | |
| [Parameter(Mandatory = $true)] | |
| [string] | |
| $RootFolderName | |
| ) | |
| param( | |
| [Parameter(Mandatory = $true)] | |
| [string] | |
| $AzureKeyVaultUrl, | |
| [Parameter(Mandatory = $true)] | |
| [string] | |
| $CertificateName, | |
| [Parameter(Mandatory = $true)] | |
| [string] | |
| $ReleaseVersion, | |
| [Parameter(Mandatory = $true)] | |
| [string] | |
| $RootFolderName | |
| ) |
🗣 Description
Moved some of the build and sign release into a function. Reused existing unit tests and wrote a new one.
Note: Testing Azure Sign Tool itself should be a functional test that is added to nightly tests. A new issue was created for this (#1520).
💭 Motivation and context
Closes: #1453
🧪 Testing
Ran workflow pipeline, checked the results.
✅ Pre-approval checklist
✅ Pre-merge checklist
PR passed smoke test check.
Feature branch has been rebased against changes from parent branch, as needed
Use
Rebase branchbutton below or use this reference to rebase from the command line.Resolved all merge conflicts on branch
Notified merge coordinator that PR is ready for merge via comment mention
Demonstrate changes to the team for questions and comments.
(Note: Only required for issues of size
Mediumor larger)✅ Post-merge checklist