random-mirrors/cosmos-explorer
1
0
Fork 0
mirror of https://github.com/Azure/cosmos-explorer.git synced 2026-01-07 11:36:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support data plane RBAC for E2E tests. (#2176)

Browse Source 
* Acquire token for NoSQL account prior to running tests.

* Change client id to user assigned managed identity.

* Change to use managed identity. Add token variables for gremlin and
tables.

* Add RBAC details to test README.

* Add token for SQL readonly database. Skip resource token tests when RBAC
enabled.

* Use hardcoded account name for sql readonly.

* Use specific tag for sql readonly.

* Remove comment.
This commit is contained in:
jawelton74
2025-08-05 10:59:57 -07:00
committed by GitHub
parent 870863a723
commit 0ef4399ba4
9 changed files with 166 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
test/testExplorer/TestExplorer.ts
View File

@@ -10,17 +10,45 @@ const subscriptionId = urlSearchParams.get("subscriptionId") || process.env.SUBS
const accountName = urlSearchParams.get("accountName") || "portal-sql-runner-west-us";
const selfServeType = urlSearchParams.get("selfServeType") || "example";
const iframeSrc = urlSearchParams.get("iframeSrc") || "explorer.html?platform=Portal&disablePortalInitCache";
const token = urlSearchParams.get("token");
const authToken = urlSearchParams.get("token");
console.log("Resource Group:", resourceGroup);
console.log("Subcription: ", subscriptionId);
console.log("Account Name: ", accountName);
const nosqlRbacToken = urlSearchParams.get("nosqlRbacToken") || process.env.NOSQL_TESTACCOUNT_TOKEN || "";
const nosqlReadOnlyRbacToken =
urlSearchParams.get("nosqlReadOnlyRbacToken") || process.env.NOSQL_READONLY_TESTACCOUNT_TOKEN || "";
const tableRbacToken = urlSearchParams.get("tableRbacToken") || process.env.TABLE_TESTACCOUNT_TOKEN || "";
const gremlinRbacToken = urlSearchParams.get("gremlinRbacToken") || process.env.GREMLIN_TESTACCOUNT_TOKEN || "";
const initTestExplorer = async (): Promise<void> => {
updateUserContext({
authorizationToken: `bearer ${token}`,
authorizationToken: `bearer ${authToken}`,
});
const databaseAccount = await get(subscriptionId, resourceGroup, accountName);
const tags = databaseAccount?.tags;
const testAccountType = tags && tags["DataExplorer:TestAccountType"];
let rbacToken = "";
switch (testAccountType) {
case "sql":
rbacToken = nosqlRbacToken;
break;
case "sql-readonly":
rbacToken = nosqlReadOnlyRbacToken;
break;
case "gremlin":
rbacToken = gremlinRbacToken;
break;
case "tables":
rbacToken = tableRbacToken;
break;
}
if (rbacToken.length > 0) {
updateUserContext({
dataPlaneRbacEnabled: true,
});
}
const keys = await listKeys(subscriptionId, resourceGroup, accountName);
// Disable the quickstart carousel.
@@ -33,7 +61,8 @@ const initTestExplorer = async (): Promise<void> => {
databaseAccount: databaseAccount,
subscriptionId,
resourceGroup,
authorizationToken: `Bearer ${token}`,
authorizationToken: `Bearer ${authToken}`,
aadToken: rbacToken,
features: {},
hasWriteAccess: true,
csmEndpoint: "https://management.azure.com",