-
Notifications
You must be signed in to change notification settings - Fork 459
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update the KeyVault for Test pipelines (#4900) #4934
Update the KeyVault for Test pipelines (#4900) #4934
Conversation
1. Reinstitute LongHaul IotHub for both SingleNode & NestedEdge for testing 2. Consolidate KeyVault variables so the same type of tests are sharing the same IoTHub. Remark: With the keyVault variable consolidation (2), a developer can now inject his own keyVault into the pipeline to have any of the test pipeline connect upstream to his/her own IoTHub. The two required "secrets" in the developer's keyVaults are `IotHub-ConnStr` (IoTHub Connection String) and `IotHub-EventHubConnStr` (IoTHub's built-in EventHub Endpoint Connection String)
displayName: 'Azure Key Vault: EdgeBuildkv' | ||
inputs: | ||
azureSubscription: $(azure.subscription) | ||
KeyVaultName: 'edgebuildkv' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
By hard-coding this key vault name, we're preventing people outside the product team from running end-to-end tests. So if we're going to support one key vault for IoT Hub secrets and another key vault for everything else, then the "everything else" key vault name needs to have a variable too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My understanding was that the purpose of this PR is to"
- Allow someone on the product team to "bring your own hub resource to the table".
- Shard the credentials of test resources into labeled keyvaults for more understandable secret-groupings
I never thought people outside of the product team would run our end to end tests, but it is something that makes sense. More work is probably required in other places too to get this to work.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was a goal in the beginning, but it wouldn't surprise me if, as the project grew and things happened fast, it fell between the cracks. This is a public project so there really shouldn't be anything here that isn't relevant to the public.
1. Reinstitute LongHaul IotHub for both SingleNode & NestedEdge for testing 2. Consolidate KeyVault variables so the same type of tests are sharing the same IoTHub. Remark: With the keyVault variable consolidation (2), a developer can now inject his own keyVault into the pipeline to have any of the test pipeline connect upstream to his/her own IoTHub. The two required "secrets" in the developer's keyVaults are `IotHub-ConnStr` (IoTHub Connection String) and `IotHub-EventHubConnStr` (IoTHub's built-in EventHub Endpoint Connection String)
1. Reinstitute LongHaul IotHub for both SingleNode & NestedEdge for testing 2. Consolidate KeyVault variables so the same type of tests are sharing the same IoTHub. Remark: With the keyVault variable consolidation (2), a developer can now inject his own keyVault into the pipeline to have any of the test pipeline connect upstream to his/her own IoTHub. The two required "secrets" in the developer's keyVaults are `IotHub-ConnStr` (IoTHub Connection String) and `IotHub-EventHubConnStr` (IoTHub's built-in EventHub Endpoint Connection String)
Remark: With the keyVault variable consolidation (2), a developer can now inject his own keyVault into the pipeline to have any of the test pipeline connect upstream to his/her own IoTHub. The two required "secrets" in the developer's keyVaults are
IotHub-ConnStr
(IoTHub Connection String) andIotHub-EventHubConnStr
(IoTHub's built-in EventHub Endpoint Connection String)