Skip to content

Commit 2330272

Browse files
ansembansemb
committed
add tests
1 parent 6d1fb8f commit 2330272

2 files changed

Lines changed: 90 additions & 0 deletions

File tree

test/artifacts-helper/scenarios.json

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,5 +70,14 @@
7070
"nugetAlias": true
7171
}
7272
}
73+
},
74+
"test_az_shim": {
75+
"image": "mcr.microsoft.com/devcontainers/base:debian",
76+
"features": {
77+
"ghcr.io/devcontainers/features/azure-cli:1": {},
78+
"artifacts-helper": {
79+
"azAlias": true
80+
}
81+
}
7382
}
7483
}

test/artifacts-helper/test_az_shim.sh

Lines changed: 81 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,81 @@
1+
#!/usr/bin/env bash
2+
3+
# Import test library bundled with the devcontainer CLI
4+
source dev-container-features-test-lib || exit 1
5+
6+
# Test that az shim is installed
7+
check "az shim exists" test -f /usr/local/share/codespace-shims/az
8+
check "az shim is executable" test -x /usr/local/share/codespace-shims/az
9+
10+
# Test that az shim sources resolve-shim.sh
11+
check "az shim sources resolve-shim.sh" grep -q 'source.*resolve-shim.sh' /usr/local/share/codespace-shims/az
12+
13+
# Test GitHub Actions environment detection
14+
check "az shim has GitHub Actions detection" grep -q 'ACTIONS_ID_TOKEN_REQUEST_URL' /usr/local/share/codespace-shims/az
15+
16+
# Test that az shim intercepts get-access-token command
17+
check "az shim intercepts get-access-token" grep -q 'get-access-token' /usr/local/share/codespace-shims/az
18+
19+
# Test argument parsing handles both formats (--resource value and --resource=value)
20+
check "az shim handles equals format args" grep -q '\-\-resource=\*' /usr/local/share/codespace-shims/az
21+
check "az shim handles space-separated args" grep -q '\-\-resource)' /usr/local/share/codespace-shims/az
22+
23+
# Test that az shim falls back to real az CLI for other commands
24+
TEST_HOME=$(mktemp -d)
25+
check "az shim falls back for non-token commands" bash -c '
26+
export HOME='"$TEST_HOME"'
27+
# az --version should pass through to real az CLI (if installed)
28+
# or fail gracefully if az is not installed
29+
output=$(/usr/local/share/codespace-shims/az --version 2>&1) || true
30+
# Check that it either shows az version or "not found" error - both are valid
31+
echo "$output" | grep -qE "(azure-cli|Azure CLI|not found)" && echo "SUCCESS" || echo "FAILED"
32+
' | grep -q "SUCCESS"
33+
34+
# Test that az shim handles missing azure-auth-helper gracefully
35+
check "az shim handles missing azure-auth-helper" bash -c '
36+
export HOME='"$TEST_HOME"'
37+
# Remove azure-auth-helper if it exists
38+
rm -f "${HOME}/azure-auth-helper"
39+
# Call az account get-access-token - should fall through to real az
40+
# (which will fail, but shim should not crash)
41+
/usr/local/share/codespace-shims/az account get-access-token --resource https://management.azure.com 2>&1 || true
42+
# If we get here, the shim handled it gracefully
43+
echo "completed"
44+
' | grep -q "completed"
45+
46+
# Test that az shim returns proper JSON format when azure-auth-helper exists
47+
check "az shim returns valid JSON format" bash -c '
48+
export HOME='"$TEST_HOME"'
49+
# Create a mock azure-auth-helper that returns a test token
50+
cat > "${HOME}/azure-auth-helper" << '\''HELPER'\''
51+
#!/bin/bash
52+
echo "test-token-12345"
53+
HELPER
54+
chmod +x "${HOME}/azure-auth-helper"
55+
56+
# Call the shim and verify JSON output
57+
output=$(/usr/local/share/codespace-shims/az account get-access-token --resource https://management.azure.com 2>&1)
58+
59+
# Check that output contains expected JSON fields
60+
echo "$output" | grep -q "accessToken" && \
61+
echo "$output" | grep -q "tokenType" && \
62+
echo "$output" | grep -q "Bearer" && \
63+
echo "SUCCESS" || echo "FAILED"
64+
' | grep -q "SUCCESS"
65+
66+
# Test GitHub Actions bypass (simulate by setting the env var)
67+
check "az shim bypasses interception in GitHub Actions" bash -c '
68+
export HOME='"$TEST_HOME"'
69+
export ACTIONS_ID_TOKEN_REQUEST_URL="https://example.com/token"
70+
# In Actions mode, shim should skip interception and call real az directly
71+
# (will fail if az not installed, but should not attempt token interception)
72+
output=$(/usr/local/share/codespace-shims/az account get-access-token --resource https://management.azure.com 2>&1) || true
73+
# Should NOT contain our mock token (which means bypass worked)
74+
echo "$output" | grep -qv "test-token-12345" && echo "SUCCESS" || echo "FAILED"
75+
' | grep -q "SUCCESS"
76+
77+
# Cleanup
78+
rm -rf "$TEST_HOME"
79+
80+
# Report results
81+
reportResults

0 commit comments

Comments
 (0)