Set the extension default Name, add tests

Sudhakara Reddy Evuri · Sudhakara Reddy Evuri · commit a4c06f92d73e · 2015-11-02T11:59:36.000-08:00
diff --git a/src/ResourceManager/Compute/Commands.Compute.Test/ScenarioTests/VirtualMachineExtensionTests.cs b/src/ResourceManager/Compute/Commands.Compute.Test/ScenarioTests/VirtualMachineExtensionTests.cs
@@ -54,8 +54,8 @@ public void TestVirtualMachineAccessExtension()
             ComputeTestController.NewInstance.RunPsTest("Test-VirtualMachineAccessExtension");
         }
 
-        [Fact]
-        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        [Fact(Skip = "TODO: only works for live mode")]
+        [Trait(Category.RunType, Category.LiveOnly)]
         public void TestAzureDiskEncryptionExtension()
         {
             ComputeTestController.NewInstance.RunPsTest("Test-AzureDiskEncryptionExtension");
diff --git a/src/ResourceManager/Compute/Commands.Compute.Test/ScenarioTests/VirtualMachineExtensionTests.ps1 b/src/ResourceManager/Compute/Commands.Compute.Test/ScenarioTests/VirtualMachineExtensionTests.ps1
@@ -797,139 +797,120 @@ Test AzureDiskEncryption extension
 #>
 function Test-AzureDiskEncryptionExtension
 {
-    # Setup
-    $rgname = Get-ComputeTestResourceName
+    # This test should be run in Live mode only not in Playback mode
+	#Pre-requisites to be filled in before running this test. The AAD app should belong to the directory as the user running the test.
+    $aadClientID = "";
+	$aadClientSecret = "";
+	#Fill in VM admin user and password
+	$adminUser = "";
+	$adminPassword = "";
+
+	#Resource group variables
+	$rgName = "detestrg";
+	$loc = "South Central US";
+
+	#KeyVault config variables
+	$vaultName = "detestvault";
+	$kekName = "dstestkek";
+
+	#VM config variables
+	$vmName = "detestvm";
+	$vmsize = 'Standard_D2';
+	$imagePublisher = "MicrosoftWindowsServer";
+	$imageOffer = "WindowsServer";
+	$imageSku ="2012-R2-Datacenter";
+
+	#Storage config variables
+	$storageAccountName = "deteststore";
+	$stotype = 'Standard_LRS';
+	$vhdContainerName = "vhds";
+    $osDiskName = 'osdisk' + $vmName;
+	$dataDiskName = 'datadisk' + $vmName;
+    $osDiskCaching = 'ReadWrite';
+	
+	#Network config variables
+	$vnetName = "detestvnet";
+	$subnetName = "detestsubnet";
+	$publicIpName = 'pubip' + $vmName;
+	$nicName = 'nic' + $vmName;
+
+
+	#Disk encryption variables
+	$keyEncryptionAlgorithm = "RSA-OAEP";
+	$volumeType = "All";
 
     try
     {
-        # Common
-        $loc = "South Central US";
+        Login-AzureRmAccount;
+        # Create new resource group      
         New-AzureRmResourceGroup -Name $rgname -Location $loc -Force;
 
-        # VM Profile & Hardware
-        $vmsize = 'Standard_D2';
-        $vmname = 'vm' + $rgname;
+		# Create new KeyVault
+		$keyVault = New-AzureRmKeyVault -VaultName $vaultName -ResourceGroupName $rgname -Location $loc -Sku standard;
+		$keyVault = Get-AzureRmKeyVault -VaultName $vaultName -ResourceGroupName $rgname
+		#set enabledForDiskEncryption
+        Write-Host 'Press go to https://resources.azure.com and set enabledForDiskEncryption flag on KeyVault. [ENTER] to continue or [CTRL-C] to abort...'
+        Read-Host
+		#set permissions to AAD app to write secrets and keys
+		Set-AzureRmKeyVaultAccessPolicy -VaultName $vaultName -ServicePrincipalName $aadClientID -PermissionsToKeys all -PermissionsToSecrets all 
+		#create a key in KeyVault to use as Kek
+		$kek = Add-AzureKeyVaultKey -VaultName $vaultName -Name $kekName -Destination "Software"
+
+		$diskEncryptionKeyVaultUrl = $keyVault.VaultUri;
+		$keyVaultResourceId = $keyVault.ResourceId;
+		$keyEncryptionKeyUrl = $kek.Key.kid;
+
+        # VM Profile & Hardware   
         $p = New-AzureRmVMConfig -VMName $vmname -VMSize $vmsize;
-        Assert-AreEqual $p.HardwareProfile.VirtualMachineSize $vmsize;
 
         # NRP
-        $subnet = New-AzureRmVirtualNetworkSubnetConfig -Name ('subnet' + $rgname) -AddressPrefix "10.0.0.0/24";
-        $vnet = New-AzureRmVirtualNetwork -Force -Name ('vnet' + $rgname) -ResourceGroupName $rgname -Location $loc -AddressPrefix "10.0.0.0/16" -DnsServer "10.1.1.1" -Subnet $subnet;
-        $vnet = Get-AzureRmVirtualNetwork -Name ('vnet' + $rgname) -ResourceGroupName $rgname;
+        $subnet = New-AzureRmVirtualNetworkSubnetConfig -Name ($subnetName) -AddressPrefix "10.0.0.0/24";
+        $vnet = New-AzureRmVirtualNetwork -Force -Name ($vnetName) -ResourceGroupName $rgname -Location $loc -AddressPrefix "10.0.0.0/16" -Subnet $subnet;
+        $vnet = Get-AzureRmVirtualNetwork -Name ($vnetName) -ResourceGroupName $rgname;
         $subnetId = $vnet.Subnets[0].Id;
-        $pubip = New-AzureRmPublicIpAddress -Force -Name ('pubip' + $rgname) -ResourceGroupName $rgname -Location $loc -AllocationMethod Dynamic -DomainNameLabel ('pubip' + $rgname);
-        $pubip = Get-AzureRmPublicIpAddress -Name ('pubip' + $rgname) -ResourceGroupName $rgname;
+        $pubip = New-AzureRmPublicIpAddress -Force -Name ($publicIpName) -ResourceGroupName $rgname -Location $loc -AllocationMethod Dynamic -DomainNameLabel ($publicIpName);
+        $pubip = Get-AzureRmPublicIpAddress -Name ($publicIpName) -ResourceGroupName $rgname;
         $pubipId = $pubip.Id;
-        $nic = New-AzureRmNetworkInterface -Force -Name ('nic' + $rgname) -ResourceGroupName $rgname -Location $loc -SubnetId $subnetId -PublicIpAddressId $pubip.Id;
-        $nic = Get-AzureRmNetworkInterface -Name ('nic' + $rgname) -ResourceGroupName $rgname;
+        $nic = New-AzureRmNetworkInterface -Force -Name ($nicName) -ResourceGroupName $rgname -Location $loc -SubnetId $subnetId -PublicIpAddressId $pubip.Id;
+        $nic = Get-AzureRmNetworkInterface -Name ($nicName) -ResourceGroupName $rgname;
         $nicId = $nic.Id;
 
         $p = Add-AzureRmVMNetworkInterface -VM $p -Id $nicId;
-        Assert-AreEqual $p.NetworkProfile.NetworkInterfaces.Count 1;
-        Assert-AreEqual $p.NetworkProfile.NetworkInterfaces[0].ReferenceUri $nicId;
 
         # Storage Account (SA)
-        $stoname = 'sto' + $rgname;
-        $stotype = 'Standard_LRS';
-        New-AzureRmStorageAccount -ResourceGroupName $rgname -Name $stoname -Location $loc -Type $stotype;
-        Retry-IfException { $global:stoaccount = Get-AzureRmStorageAccount -ResourceGroupName $rgname -Name $stoname; }
-        $stokey = (Get-AzureRmStorageAccountKey -ResourceGroupName $rgname -Name $stoname).Key1;
+        New-AzureRmStorageAccount -ResourceGroupName $rgname -Name $storageAccountName -Location $loc -Type $stotype;
+        $stokey = (Get-AzureRmStorageAccountKey -ResourceGroupName $rgname -Name $storageAccountName).Key1;
 
-        $osDiskName = 'osDisk';
-        $osDiskCaching = 'ReadWrite';
-        $osDiskVhdUri = "https://$stoname.blob.core.windows.net/test/os.vhd";
-        $dataDiskVhdUri1 = "https://$stoname.blob.core.windows.net/test/data1.vhd";
-        $dataDiskVhdUri2 = "https://$stoname.blob.core.windows.net/test/data2.vhd";
+        $osDiskVhdUri = "https://$storageAccountName.blob.core.windows.net/$vhdContainerName/$osDiskName.vhd";
+        $dataDiskVhdUri = "https://$storageAccountName.blob.core.windows.net/$vhdContainerName/$dataDiskName.vhd";
 
         $p = Set-AzureRmVMOSDisk -VM $p -Name $osDiskName -VhdUri $osDiskVhdUri -Caching $osDiskCaching -CreateOption FromImage;
-
-        $p = Add-AzureRmVMDataDisk -VM $p -Name 'testDataDisk1' -Caching 'ReadOnly' -DiskSizeInGB 10 -Lun 1 -VhdUri $dataDiskVhdUri1 -CreateOption Empty;
-        $p = Add-AzureRmVMDataDisk -VM $p -Name 'testDataDisk2' -Caching 'ReadOnly' -DiskSizeInGB 11 -Lun 2 -VhdUri $dataDiskVhdUri2 -CreateOption Empty;
+        $p = Add-AzureRmVMDataDisk -VM $p -Name $dataDiskName -Caching 'ReadOnly' -DiskSizeInGB 2 -Lun 1 -VhdUri $dataDiskVhdUri -CreateOption Empty;
 
         # OS & Image
-        $user = "rdtest";
-        $password = 'rdPa$$w0rd';
-        $securePassword = ConvertTo-SecureString $password -AsPlainText -Force;
-        $cred = New-Object System.Management.Automation.PSCredential ($user, $securePassword);
-        $computerName = $vmname;
-        $vhdContainer = "https://$stoname.blob.core.windows.net/test";
+        $securePassword = ConvertTo-SecureString $adminPassword -AsPlainText -Force;
+        $cred = New-Object System.Management.Automation.PSCredential ($adminUser, $securePassword);
+        $computerName = $vmName;
+        $vhdContainer = "https://$storageAccountName.blob.core.windows.net/$vhdContainerName";
 
         $p = Set-AzureRmVMOperatingSystem -VM $p -Windows -ComputerName $computerName -Credential $cred -ProvisionVMAgent;
+        $p = Set-AzureRmVMSourceImage -VM $p -PublisherName $imagePublisher -Offer $imageOffer -Skus $imageSku -Version "latest";
 
-        $imgRef = Get-DefaultCRPWindowsImageOffline;
-        $p = ($imgRef | Set-AzureRmVMSourceImage -VM $p);
-
-        Assert-AreEqual $p.OSProfile.AdminUsername $user;
-        Assert-AreEqual $p.OSProfile.ComputerName $computerName;
-        Assert-AreEqual $p.OSProfile.AdminPassword $password;
-        Assert-AreEqual $p.OSProfile.WindowsConfiguration.ProvisionVMAgent $true;
 
         # Virtual Machine
-        # TODO: Still need to do retry for New-AzureRmVM for SA, even it's returned in Get-.
         New-AzureRmVM -ResourceGroupName $rgname -Location $loc -VM $p;
 
-        # Virtual Machine Extension
-        $extname = 'ADETestExtension';
-        $extver = '1.2';
-        $user2 = "Bar12";
-        $password2 = 'FoO@123' + $rgname;
-		$aadClientID = '97f847ef-9e1e-4c7c-9ae7-1c0f7c78f761';
-		$aadClientSecret = '';
-		$diskEncryptionKeyVaultUrl  = 'https://sureddvaultsc2.vault.azure.net'
-		$diskEncryptionKeyVaultId = '/subscriptions/0ee9d577-9bc4-4a32-a4e8-c29981025378/resourceGroups/sureddrgsc2/providers/Microsoft.KeyVault/vaults/sureddvaultsc2';
-		$volumeType = 'All';
-
-        # Set custom script extension
-        Set-AzureRmVMDiskEncryptionExtension -ResourceGroupName $rgname -Location $loc -VMName $vmname -Name $extname -TypeHandlerVersion $extver -AadClientID $aadClientID -AadClientSecret $aadClientSecret -DiskEncryptionKeyVaultUrl $diskEncryptionKeyVaultUrl -DiskEncryptionKeyVaultId $diskEncryptionKeyVaultId -VolumeType $volumeType;
-
-        $publisher = 'Microsoft.Azure.Security';
-        $exttype = 'ADETest';
-
-        # Get VM Extension
-        $ext = Get-AzureRmVMAccessExtension -ResourceGroupName $rgname -VMName $vmname -Name $extname;
-        Assert-AreEqual $ext.ResourceGroupName $rgname;
-        Assert-AreEqual $ext.Name $extname;
-        Assert-AreEqual $ext.Publisher $publisher;
-        Assert-AreEqual $ext.ExtensionType $exttype;
-        Assert-AreEqual $ext.TypeHandlerVersion $extver;
-        #Assert-AreEqual $ext.UserName $user2;
-        Assert-NotNull $ext.ProvisioningState;
-        #Assert-True {$ext.PublicSettings.Contains("UserName")};
-
-        $ext = Get-AzureRmVMAccessExtension -ResourceGroupName $rgname -VMName $vmname -Name $extname -Status;
-        Assert-AreEqual $ext.ResourceGroupName $rgname;
-        Assert-AreEqual $ext.Name $extname;
-        Assert-AreEqual $ext.Publisher $publisher;
-        Assert-AreEqual $ext.ExtensionType $exttype;
-        Assert-AreEqual $ext.TypeHandlerVersion $extver;
-        Assert-NotNull $ext.ProvisioningState;
-        Assert-NotNull $ext.Statuses;
-        #Assert-True {$ext.PublicSettings.Contains("UserName")};
-		Assert-NotNull $ext.Statuses[0].Message;
-
-        # Get VM
-        $vm1 = Get-AzureRmVM -Name $vmname -ResourceGroupName $rgname;
-        Assert-AreEqual $vm1.Name $vmname;
-        Assert-AreEqual $vm1.NetworkProfile.NetworkInterfaces.Count 1;
-        Assert-AreEqual $vm1.NetworkProfile.NetworkInterfaces[0].ReferenceUri $nicId;
-
-        Assert-AreEqual $vm1.OSProfile.AdminUsername $user;
-        Assert-AreEqual $vm1.OSProfile.ComputerName $computerName;
-        Assert-AreEqual $vm1.HardwareProfile.VirtualMachineSize $vmsize;
-
-        # Check Extensions in VM
-        Assert-AreEqual $vm1.Extensions.Count 1;
-        Assert-AreEqual $vm1.Extensions[0].Name $extname;
-        Assert-AreEqual $vm1.Extensions[0].Type 'Microsoft.Compute/virtualMachines/extensions';
-        Assert-AreEqual $vm1.Extensions[0].Publisher $publisher;
-        Assert-AreEqual $vm1.Extensions[0].ExtensionType $exttype;
-        Assert-AreEqual $vm1.Extensions[0].TypeHandlerVersion $extver;
-        Assert-NotNull $vm1.Extensions[0].Settings;
+		#Enable encryption on the VM
+        Set-AzureRmVMDiskEncryptionExtension -ResourceGroupName $rgname -VMName $vmName -AadClientID $aadClientID -AadClientSecret $aadClientSecret -DiskEncryptionKeyVaultUrl $diskEncryptionKeyVaultUrl -DiskEncryptionKeyVaultId $keyVaultResourceId -KeyEncryptionKeyUrl $keyEncryptionKeyUrl -KeyEncryptionKeyVaultId $keyVaultResourceId -Force;
+        #Get encryption status
+        $encryptionStatus = Get-AzureRmVmDiskEncryptionStatus -ResourceGroupName $rgname -VMName $vmName;
+        #Remove AzureDiskEncryption extension
+        Remove-AzureRmVMDiskEncryptionExtension -ResourceGroupName $rgname -VMName $vmName;
 
     }
     finally
     {
         # Cleanup
-        Clean-ResourceGroup $rgname
+        Remove-AzureRmResourceGroup -Name $rgname -Force;
     }
 }
diff --git a/src/ResourceManager/Compute/Commands.Compute/Extension/AzureDiskEncryption/RemoveAzureDiskEncryptionExtension.cs b/src/ResourceManager/Compute/Commands.Compute/Extension/AzureDiskEncryption/RemoveAzureDiskEncryptionExtension.cs
@@ -14,7 +14,9 @@
 
 using Microsoft.Azure.Commands.Compute.Common;
 using Microsoft.Azure.Management.Compute;
+using Microsoft.Azure.Management.Compute.Models;
 using System.Management.Automation;
+using System;
 
 namespace Microsoft.Azure.Commands.Compute.Extension.AzureDiskEncryption
 {
@@ -42,10 +44,10 @@ public class RemoveAzureDiskEncryptionExtensionCommand : VirtualMachineExtension
 
         [Alias("ExtensionName")]
         [Parameter(
-            Mandatory = true,
+            Mandatory = false,
             Position = 2,
             ValueFromPipelineByPropertyName = true,
-            HelpMessage = "The extension name.")]
+            HelpMessage = "The extension name. If this parameter is not specified, default values used are AzureDiskEncryption for windows VMs and AzureDiskEncryptionForLinux for Linux VMs")]
         [ValidateNotNullOrEmpty]
         public string Name { get; set; }
 
@@ -59,6 +61,18 @@ protected override void ProcessRecord()
 
             ExecuteClientAction(() =>
             {
+                VirtualMachine virtualMachineResponse = (this.ComputeClient.ComputeManagementClient.VirtualMachines.Get(this.ResourceGroupName, this.VMName)).VirtualMachine;
+
+                string currentOSType = virtualMachineResponse.StorageProfile.OSDisk.OperatingSystemType;
+                if (string.Equals(currentOSType, "Windows", StringComparison.InvariantCultureIgnoreCase))
+                {
+                    this.Name = this.Name ?? AzureDiskEncryptionExtensionContext.ExtensionDefaultName;
+                }
+                else if (string.Equals(currentOSType, "Linux", StringComparison.InvariantCultureIgnoreCase))
+                {
+                    this.Name = this.Name ?? AzureDiskEncryptionExtensionContext.LinuxExtensionDefaultName;
+                }
+
                 if (this.Force.IsPresent
              || this.ShouldContinue(Properties.Resources.VirtualMachineExtensionRemovalConfirmation, Properties.Resources.VirtualMachineExtensionRemovalCaption))
                 {
diff --git a/src/ResourceManager/Compute/Commands.Compute/Extension/AzureDiskEncryption/SetAzureDiskEncryptionExtension.cs b/src/ResourceManager/Compute/Commands.Compute/Extension/AzureDiskEncryption/SetAzureDiskEncryptionExtension.cs

Original file line number	Diff line number	Diff line change
`@@ -54,8 +54,8 @@ public void TestVirtualMachineAccessExtension()`
`54`	`54`	`ComputeTestController.NewInstance.RunPsTest("Test-VirtualMachineAccessExtension");`
`55`	`55`	`}`
`56`	`56`
`57`		`- [Fact]`
`58`		`- [Trait(Category.AcceptanceType, Category.CheckIn)]`
	`57`	`+ [Fact(Skip = "TODO: only works for live mode")]`
	`58`	`+ [Trait(Category.RunType, Category.LiveOnly)]`
`59`	`59`	`public void TestAzureDiskEncryptionExtension()`
`60`	`60`	`{`
`61`	`61`	`ComputeTestController.NewInstance.RunPsTest("Test-AzureDiskEncryptionExtension");`