Remove KeyVault cmdlets dependencies

Author: linweigao

src/ResourceManager/Resources/Commands.Resources.Test/Commands.Resources.Test.csproj

@@ -70,10 +70,6 @@
     <Reference Include="Microsoft.Azure.KeyVault.Core">
       <HintPath>..\..\..\packages\Microsoft.Azure.KeyVault.Core.1.0.0\lib\net40\Microsoft.Azure.KeyVault.Core.dll</HintPath>
     </Reference>
-    <Reference Include="Microsoft.Azure.Management.KeyVault, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\..\..\packages\Microsoft.Azure.Management.KeyVault.1.0.1\lib\net40\Microsoft.Azure.Management.KeyVault.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
     <Reference Include="Microsoft.Azure.Management.Authorization">
       <HintPath>..\..\..\packages\Microsoft.Azure.Management.Authorization.1.1.0\lib\net40\Microsoft.Azure.Management.Authorization.dll</HintPath>
     </Reference>

src/ResourceManager/Resources/Commands.Resources.Test/KeyVaultSetupTemplate.json

@@ -8,6 +8,64 @@
                 "description": "Name of the Vault"
             }
         },
+        "tenantId": {
+            "type": "string",
+            "metadata": {
+                "description": "Tenant Id for the subscription. Available from Get-AzureRMSubscription PowerShell cmdlet"
+            }
+        },
+        "objectId": {
+            "type": "string",
+            "metadata": {
+                "description": "Object Id of the AD user. Available from Get-AzureRMADUser or Get-AzureRMADServicePrincipal cmdlets"
+            }
+        },
+        "keysPermissions": {
+            "type": "array",
+            "defaultValue": [ "all" ],
+            "metadata": {
+                "description": "Permissions to grant user to keys in the vault. Valid values are: all, create, import, update, get, list, delete, backup, restore, encrypt, decrypt, wrapkey, unwrapkey, sign, and verify."
+            }
+        },
+        "secretsPermissions": {
+            "type": "array",
+            "defaultValue": [ "all" ],
+            "metadata": {
+                "description": "Permissions to grant user to secrets in the vault. Valid values are: all, get, set, list, and delete."
+            }
+        },
+        "skuName": {
+            "type": "string",
+            "defaultValue": "Standard",
+            "allowedValues": [
+                "Standard",
+                "Premium"
+            ],
+            "metadata": {
+                "description": "SKU for the vault"
+            }
+        },
+        "enabledForDeployment": {
+            "type": "bool",
+            "defaultValue": true,
+            "metadata": {
+                "description": "Specifies if the vault is enabled for a VM deployment"
+            }
+        },
+        "enabledForTemplateDeployment": {
+            "type": "bool",
+            "defaultValue": true,
+            "metadata": {
+                "description": "Specifies if the vault is enabled for a ARM template deployment"
+            }
+        },
+        "enableVaultForVolumeEncryption": {
+            "type": "bool",
+            "defaultValue": false,
+            "metadata": {
+                "description": "Specifies if the vault is enabled for volume encryption"
+            }
+        },
         "secretName": {
             "type": "string",
             "metadata": {
@@ -23,13 +81,45 @@
     },
     "resources": [
         {
-            "type": "Microsoft.KeyVault/vaults/secrets",
-            "name": "[concat(parameters('keyVaultName'), '/', parameters('secretName'))]",
+            "type": "Microsoft.KeyVault/vaults",
+            "name": "[parameters('keyVaultName')]",
             "apiVersion": "2015-06-01",
-            "tags": { "displayName": "secret" },
+            "location": "[resourceGroup().location]",
+            "tags": { "displayName": "Vault" },
             "properties": {
-                "value": "[parameters('secretValue')]"
-            }
+                "enabledForDeployment": "[parameters('enabledForDeployment')]",
+                "enabledForTemplateDeployment": "[parameters('enabledForTemplateDeployment')]",
+                "enabledForVolumeEncryption": "[parameters('enableVaultForVolumeEncryption')]",
+                "tenantId": "[parameters('tenantId')]",
+                "accessPolicies": [
+                    {
+                        "tenantId": "[parameters('tenantId')]",
+                        "objectId": "[parameters('objectId')]",
+                        "permissions": {
+                            "keys": "[parameters('keysPermissions')]",
+                            "secrets": "[parameters('secretsPermissions')]"
+                        }
+                    }
+                ],
+                "sku": {
+                    "name": "[parameters('skuName')]",
+                    "family": "A"
+                }
+            },
+            "resources": [
+                {
+                    "type": "secrets",
+                    "name": "[parameters('secretName')]",
+                    "apiVersion": "2015-06-01",
+                    "tags": { "displayName": "secret" },
+                    "properties": {
+                        "value": "[parameters('secretValue')]"
+                    },
+                    "dependsOn": [
+                        "[concat('Microsoft.KeyVault/vaults/', parameters('keyVaultName'))]"
+                    ]
+                }
+            ]
         }
     ]
 }

src/ResourceManager/Resources/Commands.Resources.Test/ScenarioTests/DeploymentTests.ps1

@@ -88,12 +88,22 @@ function Test-NewDeploymentWithKeyVaultReference
 		# Test
 		New-AzureRmResourceGroup -Name $rgname -Location $rglocation
 
-		$keyVault = New-AzureRmKeyVault -VaultName $keyVaultname -ResourceGroupName $rgname -Location $location -EnabledForTemplateDeployment
-		$parameters = @{ "keyVaultName" = $keyVaultname; "secretName" = $secretName; "secretValue" = $hostplanName }
-		New-AzureRmResourceGroupDeployment -Name $rname -ResourceGroupName $rgname -TemplateFile keyVaultSetupTemplate.json -TemplateParameterObject $parameters
+		$context = Get-AzureRmContext
+		$subscriptionId = $context.Subscription.SubscriptionId
+		$account = Get-AzureAccount -Name $context.Account.Id
+		$tenantId = $account.Tenants
+		$adUser = Get-AzureRmADUser -UserPrincipalName $context.Account.Id
+		$objectId = $adUser.Id
+		$KeyVaultResourceId = "/subscriptions/" + $subscriptionId + "/resourcegroups/" + $rgname + "/providers/Microsoft.KeyVault/vaults/" + $keyVaultname
+		
+		$parameters = @{ "keyVaultName" = $keyVaultname; "secretName" = $secretName; "secretValue" = $hostplanName; "tenantId" = $tenantId; "objectId" = $objectId }
+		$deployment = New-AzureRmResourceGroupDeployment -Name $rname -ResourceGroupName $rgname -TemplateFile keyVaultSetupTemplate.json -TemplateParameterObject $parameters
+
+		# Assert
+		Assert-AreEqual Succeeded $deployment.ProvisioningState
 
 		$content = (Get-Content keyVaultTemplateParams.json) -join '' | ConvertFrom-Json
-		$content.hostingPlanName.reference.KeyVault.id = $keyVault.resourceid
+		$content.hostingPlanName.reference.KeyVault.id = $KeyVaultResourceId
 		$content.hostingPlanName.reference.SecretName = $secretName
 		$content | ConvertTo-Json -depth 999 | Out-File keyVaultTemplateParams.json
 

src/ResourceManager/Resources/Commands.Resources.Test/ScenarioTests/ResourcesController.cs

@@ -24,14 +24,13 @@
 using Microsoft.Azure.Graph.RBAC;
 using Microsoft.Azure.Insights;
 using Microsoft.Azure.Management.Authorization;
-using Microsoft.Azure.Management.KeyVault;
 using Microsoft.Azure.Management.Resources;
 using Microsoft.Azure.Subscriptions;
 using Microsoft.Azure.Test;
 using Microsoft.Azure.Test.HttpRecorder;
 using Microsoft.WindowsAzure.Commands.Common;
 using Microsoft.WindowsAzure.Commands.ScenarioTest;
-using Microsoft.Azure.Common.Authentication.Models;
+
 
 namespace Microsoft.Azure.Commands.Resources.Test.ScenarioTests
 {
@@ -52,17 +51,15 @@ public sealed class ResourcesController
         public SubscriptionClient SubscriptionClient { get; private set; }
 
         public GalleryClient GalleryClient { get; private set; }
-        
+
         public InsightsClient InsightsClient { get; private set; }
 
         public AuthorizationManagementClient AuthorizationManagementClient { get; private set; }
 
-        public KeyVaultManagementClient KeyVaultManagementClient { get; private set; }
-
         public string UserDomain { get; private set; }
 
-        public static ResourcesController NewInstance 
-        { 
+        public static ResourcesController NewInstance
+        {
             get
             {
                 return new ResourcesController();
@@ -80,18 +77,18 @@ public void RunPsTest(params string[] scripts)
             var mockName = TestUtilities.GetCurrentMethodName(2);
 
             RunPsTestWorkflow(
-                () => scripts, 
+                () => scripts,
                 // no custom initializer
-                null, 
+                null,
                 // no custom cleanup 
                 null,
                 callingClassType,
                 mockName);
         }
 
         public void RunPsTestWorkflow(
-            Func<string[]> scriptBuilder, 
-            Action<CSMTestEnvironmentFactory> initialize, 
+            Func<string[]> scriptBuilder,
+            Action<CSMTestEnvironmentFactory> initialize,
             Action cleanup,
             string callingClassType,
             string mockName)
@@ -102,24 +99,23 @@ public void RunPsTestWorkflow(
 
                 this.csmTestFactory = new CSMTestEnvironmentFactory();
 
-                if(initialize != null)
+                if (initialize != null)
                 {
                     initialize(this.csmTestFactory);
                 }
 
                 helper.SetupEnvironment(AzureModule.AzureResourceManager);
-                SetupAzureContext();
+
                 SetupManagementClients();
-             
+
                 var callingClassName = callingClassType
                                         .Split(new[] { "." }, StringSplitOptions.RemoveEmptyEntries)
                                         .Last();
-                helper.SetupModules(AzureModule.AzureResourceManager, 
-                    "ScenarioTests\\Common.ps1", 
-                    "ScenarioTests\\" + callingClassName + ".ps1", 
-                    helper.RMProfileModule, 
-                    helper.RMResourceModule,
-                    helper.GetRMModulePath("AzureRM.KeyVault.psd1"));
+                helper.SetupModules(AzureModule.AzureResourceManager,
+                    "ScenarioTests\\Common.ps1",
+                    "ScenarioTests\\" + callingClassName + ".ps1",
+                    helper.RMProfileModule,
+                    helper.RMResourceModule);
 
                 try
                 {
@@ -135,7 +131,7 @@ public void RunPsTestWorkflow(
                 }
                 finally
                 {
-                    if(cleanup !=null)
+                    if (cleanup != null)
                     {
                         cleanup();
                     }
@@ -152,7 +148,6 @@ private void SetupManagementClients()
             GraphClient = GetGraphClient();
             InsightsClient = GetInsightsClient();
             this.FeatureClient = this.GetFeatureClient();
-            KeyVaultManagementClient = GetKeyVaultManagementClient();
             HttpClientHelperFactory.Instance = new TestHttpClientHelperFactory(this.csmTestFactory.GetTestEnvironment().Credentials as SubscriptionCloudCredentials);
 
             helper.SetupManagementClients(ResourceManagementClient,
@@ -161,8 +156,7 @@ private void SetupManagementClients()
                 AuthorizationManagementClient,
                 GraphClient,
                 InsightsClient,
-                this.FeatureClient,
-                KeyVaultManagementClient);
+                this.FeatureClient);
         }
 
         private GraphRbacManagementClient GetGraphClient()
@@ -227,81 +221,6 @@ private InsightsClient GetInsightsClient()
             return TestBase.GetServiceClient<InsightsClient>(this.csmTestFactory);
         }
 
-        private KeyVaultManagementClient GetKeyVaultManagementClient()
-        {
-            return TestBase.GetServiceClient<KeyVaultManagementClient>(this.csmTestFactory);
-        }
-
-        private void SetupAzureContext()
-        {
-            TestEnvironment csmEnvironment = new CSMTestEnvironmentFactory().GetTestEnvironment();
-
-            if (csmEnvironment.SubscriptionId != null)
-            {
-                //Overwrite the default subscription and default account
-                //with ones using user ID and tenant ID from auth context
-                var user = GetUser(csmEnvironment);
-                var tenantId = GetTenantId(csmEnvironment);
-
-                var testSubscription = new AzureSubscription()
-                {
-                    Id = new Guid(csmEnvironment.SubscriptionId),
-                    Name = AzureRmProfileProvider.Instance.Profile.Context.Subscription.Name,
-                    Environment = AzureRmProfileProvider.Instance.Profile.Context.Environment.Name,
-                    Account = user,
-                    Properties = new Dictionary<AzureSubscription.Property, string>
-                    {
-                        {AzureSubscription.Property.Default, "True"},
-                        {
-                            AzureSubscription.Property.StorageAccount,
-                            Environment.GetEnvironmentVariable("AZURE_STORAGE_ACCOUNT")
-                        },
-                        {AzureSubscription.Property.Tenants, tenantId},
-                    }
-                };
-
-                var testAccount = new AzureAccount()
-                {
-                    Id = user,
-                    Type = AzureAccount.AccountType.User,
-                    Properties = new Dictionary<AzureAccount.Property, string>
-                    {
-                        {AzureAccount.Property.Subscriptions, csmEnvironment.SubscriptionId},
-                        {AzureAccount.Property.Tenants, tenantId},
-                    }
-                };
-
-                AzureRmProfileProvider.Instance.Profile.Context = new AzureContext(testSubscription, testAccount, AzureRmProfileProvider.Instance.Profile.Context.Environment, new AzureTenant { Id = new Guid(tenantId) });
-            }
-
-        }
-
-        private string GetTenantId(TestEnvironment environment)
-        {
-            if (HttpMockServer.Mode == HttpRecorderMode.Record)
-            {
-                HttpMockServer.Variables["TenantId"] = environment.AuthorizationContext.TenantId;
-                return environment.AuthorizationContext.TenantId;
-            }
-            else
-            {
-                return HttpMockServer.Variables["TenantId"];
-            }
-        }
-
-        private string GetUser(TestEnvironment environment)
-        {
-            if (HttpMockServer.Mode == HttpRecorderMode.Record)
-            {
-                HttpMockServer.Variables["User"] = environment.AuthorizationContext.UserId;
-                return environment.AuthorizationContext.UserId;
-            }
-            else
-            {
-                return HttpMockServer.Variables["User"];
-            }
-        }
-
         /// <summary>
         /// The test http client helper factory.
         /// </summary>