diff --git a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py index 40208b1b29..ab1e5e136d 100644 --- a/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py +++ b/src/apic-extension/azext_apic_extension/tests/latest/test_service_commands.py @@ -11,6 +11,9 @@ from .utils import ApicServicePreparer from .constants import TEST_REGION, USERASSIGNED_IDENTITY +# if USERASSIGNED_IDENTITY is set, enable_system_assigned_identity is False, otherwise use system assigned identity +enable_system_assigned_identity = False if USERASSIGNED_IDENTITY else True + class ServiceCommandsTests(ScenarioTest): @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) @@ -111,7 +114,7 @@ def test_delete_service(self): self.cmd('az apic show -g {rg} -n {s}', expect_failure=True) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_import_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -127,7 +130,7 @@ def test_import_from_apim(self): @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_import_from_apim_for_one_api(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -146,7 +149,7 @@ def test_import_from_apim_for_one_api(self): ]) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_import_from_apim_for_multiple_apis(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -195,7 +198,7 @@ def test_examples_delete_service(self): self.cmd('az apic show -g {rg} -n {s}', expect_failure=True) @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_examples_import_all_apis_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -204,7 +207,7 @@ def test_examples_import_all_apis_from_apim(self): self.cmd('az apic import-from-apim -g {rg} --service-name {s} --apim-name {apim_name} --apim-apis *') @ResourceGroupPreparer(name_prefix="clirg", location=TEST_REGION, random_name_length=32) - @ApicServicePreparer(enable_system_assigned_identity=False) + @ApicServicePreparer(enable_system_assigned_identity) def test_examples_import_selected_apis_from_apim(self): self.kwargs.update({ 'apim_name': self.create_random_name(prefix='cli', length=24) @@ -238,9 +241,9 @@ def _prepare_apim(self): # Only setup APIM in live mode # Get system assigned identity id for API Center apic_service = self.cmd('az apic show -g {rg} -n {s}').get_output_in_json() - # self.kwargs.update({ - # 'identity_id': apic_service['identity']['principalId'] - # }) + self.kwargs.update({ + 'identity_id': apic_service['identity']['principalId'] + }) if enable_system_assigned_identity # Create APIM service apim_service = self.cmd('az apim create -g {rg} --name {apim_name} --publisher-name test --publisher-email test@example.com --sku-name Consumption').get_output_in_json() # Add echo api @@ -254,8 +257,10 @@ def _prepare_apim(self): 'apim_id': apim_id, 'usi_id': USERASSIGNED_IDENTITY }) - # Grant system assigned identity of API Center access to APIM - # self.cmd('az role assignment create --role "API Management Service Reader Role" --assignee-object-id {identity_id} --assignee-principal-type ServicePrincipal --scope {apim_id}') - - # add user-assigned identity to api center service: - self.cmd('az apic update --name {s} -g {rg} --identity {{type:UserAssigned,user-assigned-identities:{usi_id}}}') \ No newline at end of file + + if enable_system_assigned_identity: + # Grant system assigned identity of API Center access to APIM + self.cmd('az role assignment create --role "API Management Service Reader Role" --assignee-object-id {identity_id} --assignee-principal-type ServicePrincipal --scope {apim_id}') + else: + # add user-assigned identity to api center service: + self.cmd('az apic update --name {s} -g {rg} --identity {{type:UserAssigned,user-assigned-identities:{usi_id}}}') \ No newline at end of file diff --git a/src/apic-extension/azext_apic_extension/tests/latest/utils.py b/src/apic-extension/azext_apic_extension/tests/latest/utils.py index 5ae6441571..b1106da4a1 100644 --- a/src/apic-extension/azext_apic_extension/tests/latest/utils.py +++ b/src/apic-extension/azext_apic_extension/tests/latest/utils.py @@ -8,8 +8,7 @@ class ApicServicePreparer(NoTrafficRecordingPreparer, SingleValueReplacer): def __init__(self, name_prefix='clitest', length=24, parameter_name='service_name', resource_group_parameter_name='resource_group', key='s', - enable_system_assigned_identity=False, - usi_id=None): + enable_system_assigned_identity=False): super(ApicServicePreparer, self).__init__(name_prefix, length) self.cli_ctx = get_dummy_cli() self.resource_group_parameter_name = resource_group_parameter_name