Update the KeyVault for Test pipelines (#4900) #4934
Conversation
1. Reinstitute LongHaul IotHub for both SingleNode & NestedEdge for testing 2. Consolidate KeyVault variables so the same type of tests are sharing the same IoTHub. Remark: With the keyVault variable consolidation (2), a developer can now inject his own keyVault into the pipeline to have any of the test pipeline connect upstream to his/her own IoTHub. The two required "secrets" in the developer's keyVaults are `IotHub-ConnStr` (IoTHub Connection String) and `IotHub-EventHubConnStr` (IoTHub's built-in EventHub Endpoint Connection String)
| displayName: 'Azure Key Vault: EdgeBuildkv' | ||
| inputs: | ||
| azureSubscription: $(azure.subscription) | ||
| KeyVaultName: 'edgebuildkv' |
There was a problem hiding this comment.
By hard-coding this key vault name, we're preventing people outside the product team from running end-to-end tests. So if we're going to support one key vault for IoT Hub secrets and another key vault for everything else, then the "everything else" key vault name needs to have a variable too.
There was a problem hiding this comment.
My understanding was that the purpose of this PR is to"
- Allow someone on the product team to "bring your own hub resource to the table".
- Shard the credentials of test resources into labeled keyvaults for more understandable secret-groupings
I never thought people outside of the product team would run our end to end tests, but it is something that makes sense. More work is probably required in other places too to get this to work.
There was a problem hiding this comment.
This was a goal in the beginning, but it wouldn't surprise me if, as the project grew and things happened fast, it fell between the cracks. This is a public project so there really shouldn't be anything here that isn't relevant to the public.
1. Reinstitute LongHaul IotHub for both SingleNode & NestedEdge for testing 2. Consolidate KeyVault variables so the same type of tests are sharing the same IoTHub. Remark: With the keyVault variable consolidation (2), a developer can now inject his own keyVault into the pipeline to have any of the test pipeline connect upstream to his/her own IoTHub. The two required "secrets" in the developer's keyVaults are `IotHub-ConnStr` (IoTHub Connection String) and `IotHub-EventHubConnStr` (IoTHub's built-in EventHub Endpoint Connection String)
1. Reinstitute LongHaul IotHub for both SingleNode & NestedEdge for testing 2. Consolidate KeyVault variables so the same type of tests are sharing the same IoTHub. Remark: With the keyVault variable consolidation (2), a developer can now inject his own keyVault into the pipeline to have any of the test pipeline connect upstream to his/her own IoTHub. The two required "secrets" in the developer's keyVaults are `IotHub-ConnStr` (IoTHub Connection String) and `IotHub-EventHubConnStr` (IoTHub's built-in EventHub Endpoint Connection String)
Remark: With the keyVault variable consolidation (2), a developer can now inject his own keyVault into the pipeline to have any of the test pipeline connect upstream to his/her own IoTHub. The two required "secrets" in the developer's keyVaults are
IotHub-ConnStr(IoTHub Connection String) andIotHub-EventHubConnStr(IoTHub's built-in EventHub Endpoint Connection String)