[DRAFT] Move ActiveDirectoryAuthenticationProvider Tests #3717
Conversation
- Removed addition of PDBs from <AllowedOutputExtensionsInPackageBuildOutputFolder>. - Removed MDS package ref dependency on Abstractions until pipelines are ready. - Renamed AbstractionsPackage to Abstractions in targets. - Updated BUILDGUIDE based on project ref behaviour. - Added feature branches to CI pipeline triggers. - Added missing/incomplete paths to the trigger. - Added dev/* branches to the CI triggers so PRs that target other dev/ branches can run CI. - Added missing MdsPackageVersion property to signed build pipeline job. - Commented-out failing NuGet tool installer task. - Re-ordered Guardian analysis step _before_ build step to avoid clobbering versioned DLLs. - Added MDS package version to AKV build/package steps. - Restored AKV nuspec ReferenceType property for AKV Official builds. - Explicitly building tooling before analysis. - Fixing validation steps to match XML props files. - Added PR automation triggers, and documented other pipeline sections. - Added ReferenceType throughout the MDS/AKV CI build steps. - Added NuGet.config update to main CI build step for Package reference mode. - Swapped Abstractions download and NuGet.config update to ensure packages/ exists before attempting to re-configure NuGet. - Clean target no longer removes packages/ - Uncommented package refs to Abstractions. - Added separate MDS and AKV project builds to support Package mode. - Added $ReferenceType$ property to MDS .nuspec like it is for AKV. - Removed obsolete version variables from merge conflict. - Adding $ReferenceType$ back to AKV nuspec. - Moved SqlAuthenticationProvider and friends into Abstractions. - Moved ActiveDirectoryAuthenticationProvider into a new Azure package. - Moved a bunch of docs into Abstractions and Azure projects. - Updated Abstractions classes to be abstract with minimal implementation. - Added back the implementations to MDS. - Re-worked some of the docs. - SqlAuthentication* classes separated out into Base classes in Abstractions. - Updated docs accordingly. - MDS compiles. - Some Azure package code moved, but not compiling. - Added an exception class for authentication errors. - Enabled XML doc compilation and validation. - Updated MDS to handle SqlAuthenticationProviderException instead of MSAL exceptions. - Removed Azure.Identity from MDS. - Got existing tests compiling using the new Azure package. - Added Azure package build targets. - Updated docs related to ReferenceType - Got all projects properly adhering to Package reference type. - Removed TestMicrosoftDataSqlClientVersion in favour of MdsPackageVersion. - Fixed tools restore from build.proj. - Fixed missing using for dummy auth provider. - Fixed obsolete warnings for password auth. - Moved SqlAuthenticationParameters entirely into Abstractions, avoiding an empty base class. - Moved SqlAuthenticationToken entirely into Abstractions. - Moved SqlAuthenticationProvider entirely into Abstractions. - Removed SqlAuthenticationProviderBase. - Exposed SqlAuthenticationProviderManager as a public API in MDS. - Moved SetProvider() and GetProvider() to the Manager where they should have been all along (Breaking Change). - Added catch-all exception handlers in prep for proper analysis and specific exception handling. - Some improvements to avoid meaningless nulls. - Added PR/CI pipeline support for the Azure package. - Fixed Abstractions download path. - Updated SqlAuthenticationProviderException to use Method instead of Action. - Fixed NRE in SqlException. - Fixed SqlAuthenticationProviderException use in MDS. - Added chaining Add() to SqlErrorCollection. - Added a useful message when _fedAuthToken is null after attempting to acquire a token. - Fixed auth provider error handling to mimic the old code. - Removing unnecessary database checks that are hanging forever. - Fixed timestamp truncation from long to uint causing cached tokens to be erroneously expired.
…r to maintain API for now. - Addressed review comments.
- Added some config improvements to xUnit runners.
…qlClient-Package runs.
…g interleaved output." This reverts commit 807bfa7.
…ith CI-SqlClient-Package runs." This reverts commit d4c681a.
- Reverted SqlAuthenticationParameters authenticationTimeout constructor argument to its original name connectionTimeout and added docs explaining why.
paulmedynski
left a comment
paulmedynski
left a comment
There was a problem hiding this comment.
Commentary for reviewers.
| #pragma warning disable 0618 // Type or member is obsolete | ||
| [InlineData(SqlAuthenticationMethod.ActiveDirectoryPassword)] | ||
| #pragma warning restore 0618 // Type or member is obsolete | ||
| [InlineData(SqlAuthenticationMethod.ActiveDirectoryInteractive)] |
There was a problem hiding this comment.
Interactive was missing from the original test, so I added it here.
| namespace Microsoft.Data.SqlClient.ManualTesting.Tests | ||
| { | ||
| public class AADConnectionsTest | ||
| public class AADConnectionTest |
There was a problem hiding this comment.
The test class name didn't match the filename.
| // Clear token cache for code coverage. | ||
| ActiveDirectoryAuthenticationProvider.ClearUserTokenCache(); | ||
| using (SqlConnection connection = new SqlConnection(DataTestUtility.AADPasswordConnectionString)) | ||
| #pragma warning disable 0618 // Type or member is obsolete |
There was a problem hiding this comment.
These tests were unnecessarily using our auth provider, so I updated them to use the test provider defined above, which fetches real tokens via MSAL itself.
- Moved some tests around to get access to internals and to compile everywhere.
paulmedynski
force-pushed
the
dev/paul/azure-split/move-tests
branch
from
1903ecc to
b17155b
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## dev/paul/azure-split/authentication #3717 +/- ##
=======================================================================
- Coverage 76.78% 76.63% -0.16%
=======================================================================
Files 269 263 -6
Lines 45029 44713 -316
=======================================================================
- Hits 34574 34264 -310
+ Misses 10455 10449 -6
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
paulmedynski
left a comment
paulmedynski
left a comment
There was a problem hiding this comment.
Commentary for reviewers.
| public class AADConnectionsTest | ||
| public class AADConnectionTest | ||
| { | ||
| class CustomSqlAuthenticationProvider : SqlAuthenticationProvider |
There was a problem hiding this comment.
Moved this to UsernamePasswordProvider.cs so it could be shared.
| --verbosity ${{ parameters.verbosity }} | ||
| --verbosity ${{ parameters.dotnetVerbosity }} | ||
| -p:ReferenceType=${{ parameters.referenceType }} | ||
| -p:ForceMdsAssemblyNameSuffix=true |
There was a problem hiding this comment.
This is explained in my comments on Directory.Build.props.
| # to stress test. | ||
| - name: pipelineArtifactName | ||
| displayName: Pipeline Artifact Name | ||
| # The verbosity level for the dotnet CLI commands. |
There was a problem hiding this comment.
Sorted parameters alphabetically and added some debug/verbosity.
| Apply an MDS assembly name suffix, if necessary. See the top-level | ||
| Directory.Build.props for more information. | ||
| --> | ||
| <DefineConstants Condition="'$(ApplyMdsAssemblyNameSuffix)' == 'true'">$(DefineConstants);APPLY_MDS_ASSEMBLY_NAME_SUFFIX</DefineConstants> |
There was a problem hiding this comment.
Abstractions performs reflection against the MDS assembly, so it needs to know how to form the assembly name. Explained in Directory.Build.props.
| Append an assembly name suffix, if necessary. See the top-level | ||
| Directory.Build.props for more information. | ||
| --> | ||
| <AssemblyName>Microsoft.Data.SqlClient</AssemblyName> |
There was a problem hiding this comment.
The 2 ref projects didn't previously specify <AssemblyName>. Not sure why, or if this new addition will cause problems. Thoughts?
| <ProjectReference | ||
| Condition="'$(TargetGroup)'=='netfx'" | ||
| Include="$(NetFxSource)src\Microsoft.Data.SqlClient.csproj" /> | ||
| <ProjectReference Include="../../../Microsoft.Data.SqlClient.Extensions/Azure/src/Azure.csproj" /> |
There was a problem hiding this comment.
This ensures that none of the Functional (or Manual) tests are depending on our auth provider by accident.
| // | ||
| // TODO: Figure out which ones and install on-demand rather than | ||
| // globally. | ||
| SqlAuthenticationProvider.SetProvider( |
There was a problem hiding this comment.
This entire test suite is now serviced either by this provider, or by the UsernamePasswordProvider on-demand.
No other auth methods have a provider installed.
| } | ||
| finally | ||
| { | ||
| if (original is not null) |
There was a problem hiding this comment.
For some reason there is no unset-provider mechanism, so we're polluting the global scope in the event that no provider was registered before this test.
You will see this pattern elsewhere as well. SetProvider() throws an NRE if you pass null.
| <group targetFramework="net462"> | ||
| <reference file="Microsoft.Data.SqlClient.dll" /> | ||
| <reference file="Microsoft.Data.SqlClient.xml" /> | ||
| <reference file="Microsoft.Data.SqlClient$AssemblyNameSuffixNetFx$.dll" /> |
There was a problem hiding this comment.
Our project-reference based builds probably shouldn't be attempting to generate NuGet packages, but since they do, I made it work. The generated packages aren't used for anything (see CI-SqlClient pipeline), so there is no harm here.
As mentioned in the Directory.Build.props commentary, this is all temporary code anyway and should disappear before 7.0.0 GA.
| project to determine whether or not to apply the MDS assembly name suffix. | ||
| --> | ||
| <ApplyMdsAssemblyNameSuffix>false</ApplyMdsAssemblyNameSuffix> | ||
| <ApplyMdsAssemblyNameSuffix |
There was a problem hiding this comment.
This is a temporary measure to get the Abstractions and Azure projects (and their tests) to build without having to employ the confusing tricks found in the FunctionalTests, ManualTests, and AKV projects, where we only support building for one type of framework at a time (ick!). This will all disappear when we finally complete the .NET and .NET Framework codebase merge, and we have a single MDS project.
There was a problem hiding this comment.
Removed that part since it was confusing. We will produce the same number of MDS assembly files (DLLs), but will no longer be prevented from building them all at once via project references due to multiple projects specifying the same assembly name.
- Added XML docs throughout. - Improved unit test names. - Removed <RootNamespace> from project files. - Removed unnecessary sample files from the Abstractions project.
- Moved existing tests that use ActiveDirectoryAuthenticationProvider into Azure tests. - Updated some MDS tests that unnecessarily used ActiveDirectoryAuthenticationProvider. - Fixed project-based builds so we can restore MDS netcore and netfx projects at the same time. - Added a Managed Identity provider that is installed by default for the Manual Tests suite. - Moved some tests from ManualTests to Azure that require the provider. - Avoiding calling SetProvider with a null value, since it isn't possible to unset a provider once set. - Added caching to the managed identity provider for the ManualTest project. - Added environment variable debug logging to Abstractions and Azure pipeline jobs. - Moved username/password Entra auth provider into its own file for sharing across tests. - Added ADO service connection for test tasks that require access to Azure resources. - Added workload identity federation tests. - Disabling xUnit shadow copy to prevent strong name varification failures. - Modified tests moved from ManualTests to compile using the new Config helper. - Injecting config into pipeline runs via the config.json approach. - Simplified TestUtilities project. - Added ADO CI pool condition to some tests that require it. - Updated xunit.runner.json config to indicate which options are only available in xUnit v3+. - Fixed exception message check to account for OS differences. - Solved the mystery of SNI DLLs missing for .NET Framework project-reference-based builds. - Added ADO-CI-1ES pool jobs to test the Azure package on Linux and Windows. - Fixed Azure package pipelines to support pools in the ADO.Net and Public projects. - Added some new pipeline variables to handle the Workload Identity Federation test.
paulmedynski
force-pushed
the
dev/paul/azure-split/move-tests
branch
from
5d4f942 to
1e27ff4
Compare
paulmedynski
changed the title
Description
This PR moves all existing MDS tests that use the ActiveDirectoryAuthenticationProvider (ADAP) into the Azure project. The tests are moved as-is with non-functional changes to get them to build/run.
A few MDS tests were unnecessarily using ADAP when they should have been using a test provider, so I updated them to do so.
A full suite of tests for the Azure package will be created in future PRs.
Testing
Existing CI for the Azure and MDS packages should confirm everything.