[Az.RecoveryServices.Backup] Customer Managed Key Encryption for recovery services vault #13593
Conversation
hiaga
force-pushed
the
hiaga/CMK
branch
5 times, most recently
from
1f3b2d8 to
60b4dbd
Compare
hiaga
changed the title
hiaga
force-pushed
the
hiaga/CMK
branch
3 times, most recently
from
8efd182 to
deaca5d
Compare
|
@isra-fel : can you pls merge the cmdlet review PR - https://github.com/Azure/azure-powershell-cmdlet-review-pr/issues/793 |
hiaga
force-pushed
the
hiaga/CMK
branch
2 times, most recently
from
046e7bc to
d6f0cb9
Compare
src/RecoveryServices/RecoveryServices/help/Get-AzRecoveryServicesVaultProperty.md
Outdated
Show resolved
Hide resolved
src/RecoveryServices/RecoveryServices/help/Set-AzRecoveryServicesVaultProperty.md
Outdated
Show resolved
Hide resolved
hiaga
force-pushed
the
hiaga/CMK
branch
3 times, most recently
from
8c7fe5d to
8833168
Compare
| @@ -139,7 +140,7 @@ public override void ExecuteCmdlet() | |||
| } | |||
|
|
|||
| // sleep for 30 seconds before checking again | |||
| TestMockSupport.Delay(30 * 1000); | |||
| Thread.Sleep(30000); | |||
There was a problem hiding this comment.
For such long sleep, we suggest check if it's in a playback test and skip sleep if so. This could save you some time when playback tests.
| @@ -51,10 +51,11 @@ Get the list of vault in resource group in selected subscription. | |||
| ### Example 3 | |||
|
|
|||
| ```powershell | |||
| PS C:\> Get-AzRecoveryServicesVault -ResourceGroupName "resourceGroup" -Name "vaultName" | |||
| PS C:\> $vault = Get-AzRecoveryServicesVault -ResourceGroupName "resourceGroup" -Name "vaultName" | |||
| PS C:\> $vault.Identity | |||
There was a problem hiding this comment.
Could use a sample output here, for example
| PS C:\> $vault.Identity | |
| PS C:\> $vault.Identity | |
| IdentityType: SystemAssigned | |
| ObjectId: xxx |
| ``` | ||
| Set-AzRecoveryServicesVaultProperty -SoftDeleteFeatureState <String> [-VaultId <String>] | ||
| [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>] | ||
| ``` | ||
|
|
||
| ### AzureRSVaultCMKParameterSet | ||
| ``` | ||
| Set-AzRecoveryServicesVaultProperty -EncryptionKeyID <string> -KeyVaultSubscriptionId <string> [-InfrastructureEncryption] [-VaultId <String>] |
There was a problem hiding this comment.
We talked about specifying the key by vault name + key name + (optional) key version, which should be a third parameter set. But it's OK if you choose to add that in the next sprint
There was a problem hiding this comment.
We are interested in first trying it this way, we can add it next CMK update. Also we aren't sure of hardcoding the Key url because it might use different format in service. is there a way we can construct the exact key.Id with these three values?
There was a problem hiding this comment.
It's basically $"https://{KeyVaultName}.{KeyVaultDnsSuffix}/keys/{key-name}" with optional "/{key-version}" at the end.
You can get {KeyVaultDnsSuffix} by DefaultContext.Environment.GetEndpoint(AzureEnvironment.Endpoint.AzureKeyVaultDnsSuffix)
There was a problem hiding this comment.
Great we would want to add this parameter set later.
src/RecoveryServices/RecoveryServices.Test/RecoveryServices.Test.csproj
Outdated
Show resolved
Hide resolved
fixing static analysis fixing casing skipping tests for upcoming release resolving review comments
|
@isra-fel: added the changes. pls review. |
| @@ -139,7 +140,12 @@ public override void ExecuteCmdlet() | |||
| } | |||
|
|
|||
| // sleep for 30 seconds before checking again | |||
| TestMockSupport.Delay(30 * 1000); | |||
| string testMode = Environment.GetEnvironmentVariable("AZURE_TEST_MODE"); | |||
There was a problem hiding this comment.
@isra-fel added this check to skip waiting in case Playback mode. seems like tests are still stuck. can you pls let me know the environment variable for /azp and the value it takes.
There was a problem hiding this comment.
Sorry I was wrong. We didn't set a envrionment when running tests. However there's a static field TestMockSupport.RunningMocked you can check.
In fact, I don't know why you change all the TestMockSupport.Delay() , that should work perfectly fine here
There was a problem hiding this comment.
Besides, not only here, but all the "System.Threading.Sleep()should be wrapped in anIf` clause, otherwise the tests will still time out
There was a problem hiding this comment.
@isra-fel : included "TestMockSupport.RunningMocked" and skipped two failed tests for now. I changed TestMockSupport.Delay() to Thread.Sleep() because while running the tests in record mode this was not putting a delay and was flooding our service with many calls. However it was working fine while running the cmdlets.
|
Also, I tried to run the tests locally, there seem to be 2 cases still failling, needing to be recorded. TestAzureVMSetVaultProperty in RecoveryServices.Backup.Test/ScenarioTests/IaasVm/ItemTests.cs Please either record them or skip. |
|
/azp run azure-powershell - powershell-core |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
CI stuck at generation test on MacOS. Last run was sucessful. It's OK to force merge. |
Description
CMK for V1 vaults
Checklist
CONTRIBUTING.mdChangeLog.mdfile(s) has been updated:ChangeLog.mdfile can be found atsrc/{{SERVICE}}/{{SERVICE}}/ChangeLog.md## Upcoming Releaseheader -- no new version header should be added