-
Notifications
You must be signed in to change notification settings - Fork 3.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[KeyVault] Handle Nullable Parameters for Certificate Auto-Renewal in…
… Set-AzKeyVaultCertificatePolicy (#25844) * Added manual validation for piped attributes * Updated ChangeLog * Validate using a helper function * Added back ValueFromPipeline Testing * Removed ValueFromPipelineProperty * Added Suggested Changes * Dummy Commit * Added Pester Testing * Added CI error suppression * Updated Help Docs for cmdlet --------- Co-authored-by: Yash Patil <[email protected]>
- Loading branch information
1 parent
7fe801e
commit 1219f92
Showing
7 changed files
with
130 additions
and
9 deletions.
There are no files selected for viewing
58 changes: 58 additions & 0 deletions
58
src/KeyVault/KeyVault.Test/PesterTests/CertificatePolicy.Tests.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
# CertificatePolicy.Tests.ps1 | ||
|
||
BeforeAll { | ||
$vaultName = 'yash-kv' | ||
. "$PSScriptRoot\..\Scripts\Common.ps1" # Common setup script | ||
|
||
$psd1Path = Join-Path $PSScriptRoot "../../../../artifacts/Debug/" -Resolve | ||
$keyVaultPsd1 = Join-Path $psd1Path "./Az.KeyVault/Az.KeyVault.psd1" -Resolve | ||
Import-Module $keyVaultPsd1 -Force | ||
} | ||
|
||
Describe "Set-AzKeyVaultCertificatePolicy Null Handling" { | ||
Context "When setting null for RenewAtNumberOfDaysBeforeExpiry and RenewAtPercentageLifetime" { | ||
|
||
It "Should not throw an error when setting null values" { | ||
|
||
# Arrange: Generate a random certificate name | ||
$certName = Get-CertificateName -suffix (Get-Random) | ||
|
||
# Retrieve Key Vault & Certificate | ||
$KV = Get-AzKeyVault -VaultName $vaultName | ||
$cert = $KV | Get-AzKeyVaultCertificate -Name $certName | ||
|
||
if ($cert -eq $null) { | ||
# Create a certificate if it doesn't exist | ||
$policy = New-AzKeyVaultCertificatePolicy ` | ||
-SubjectName "CN=$certName" ` | ||
-IssuerName "Self" ` | ||
-ValidityInMonths 12 | ||
|
||
$cert = Add-AzKeyVaultCertificate -VaultName $vaultName -Name $certName -CertificatePolicy $policy | ||
} | ||
|
||
# Retrieve Cert & Certificate Policy | ||
$cert = $KV | Get-AzKeyVaultCertificate -Name $certName | ||
$policy = $cert | Get-AzKeyVaultCertificatePolicy | ||
|
||
# Act: Set null for RenewAtPercentageLifetime and some value for RenewAtNumberOfDaysBeforeExpiry | ||
$policy.RenewAtNumberOfDaysBeforeExpiry = 25 | ||
$policy.RenewAtPercentageLifetime = $null | ||
|
||
# Apply policy and verify no errors | ||
$policy | Set-AzKeyVaultCertificatePolicy -VaultName $vaultName -Name $certName | ||
|
||
# Retrieve updated policy | ||
$updatedCert = $KV | Get-AzKeyVaultCertificate -Name $certName | ||
$updatedPolicy = $updatedCert | Get-AzKeyVaultCertificatePolicy | ||
|
||
# Clean up the created resources | ||
Remove-AzKeyVaultCertificate -VaultName $vaultName -Name $certName -Force | ||
|
||
# Assert: Check if the properties have been set to null | ||
$updatedPolicy.RenewAtNumberOfDaysBeforeExpiry | Should -Be 25 | ||
$updatedPolicy.RenewAtPercentageLifetime | Should -Be $null | ||
} | ||
} | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5 changes: 5 additions & 0 deletions
5
tools/StaticAnalysis/Exceptions/Az.KeyVault/BreakingChangeIssues.csv
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
"Module","ClassName","Target","Severity","ProblemId","Description","Remediation" | ||
"Az.KeyVault","Microsoft.Azure.Commands.KeyVault.SetAzureKeyVaultCertificatePolicy","Set-AzKeyVaultCertificatePolicy","0","1050","The parameter set '__AllParameterSets' for cmdlet 'Set-AzKeyVaultCertificatePolicy' has been removed.","Add parameter set '__AllParameterSets' back to cmdlet 'Set-AzKeyVaultCertificatePolicy'." | ||
"Az.KeyVault","Microsoft.Azure.Commands.KeyVault.SetAzureKeyVaultCertificatePolicy","Set-AzKeyVaultCertificatePolicy","0","1050","The parameter set 'ByValue' for cmdlet 'Set-AzKeyVaultCertificatePolicy' has been removed.","Add parameter set 'ByValue' back to cmdlet 'Set-AzKeyVaultCertificatePolicy'." | ||
"Az.KeyVault","Microsoft.Azure.Commands.KeyVault.SetAzureKeyVaultCertificatePolicy","Set-AzKeyVaultCertificatePolicy","0","1050","The parameter set 'ExpandedRenewNumber' for cmdlet 'Set-AzKeyVaultCertificatePolicy' has been removed.","Add parameter set 'ExpandedRenewNumber' back to cmdlet 'Set-AzKeyVaultCertificatePolicy'." | ||
"Az.KeyVault","Microsoft.Azure.Commands.KeyVault.SetAzureKeyVaultCertificatePolicy","Set-AzKeyVaultCertificatePolicy","0","1050","The parameter set 'ExpandedRenewPercentage' for cmdlet 'Set-AzKeyVaultCertificatePolicy' has been removed.","Add parameter set 'ExpandedRenewPercentage' back to cmdlet 'Set-AzKeyVaultCertificatePolicy'." |