Test in Lab #200
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test in Lab | |
| # Controls when the action will run. Workflow runs for production and beta version pushes | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - production | |
| - beta | |
| # - main | |
| schedule: | |
| - cron: '10 1 * * 0' | |
| # The Test requires an AAD App Registration whose Service Principal has permissions to create apps and assign role assignments as well as read and write the SCEPman Azure resources under test. Specifically: | |
| # - Contributor permissions on the SCEPman resource group | |
| # - Application Administrator role in AAD to create and delete app registrations | |
| # - Privileged Role Administrator to assign Role Assignments to the newly created app registrations | |
| jobs: | |
| test-run: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [windows-latest, ubuntu-latest] | |
| psver: [latest, preview, windows] | |
| azver: [latest, edge] | |
| exclude: | |
| # This does not work yet, as Windows does not support containers. | |
| - os: windows-latest | |
| psver: preview | |
| # Obviously, Windows PowerShell is not available on Linux | |
| - os: ubuntu-latest | |
| psver: windows | |
| environment: AzureLab | |
| runs-on: ${{ matrix.os }} | |
| # containers only run on Linux, this weird syntax seems to do it | |
| container: ${{ matrix.os == 'ubuntu-latest' && format('mcr.microsoft.com/powershell:{0}', matrix.psver) || null }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # This step is always skipped, as winget is not available on the Window Server like windows-latest and therefore we cannot use this method to install PowerShell | |
| - name: Install PowerShell Preview for Windows | |
| if: startsWith(matrix.os, 'windows') && matrix.psver == 'preview' | |
| shell: powershell | |
| run: | | |
| Write-Output "Installing winget as preparation for the PowerShell installation" | |
| $ProgressPreference = 'SilentlyContinue' | |
| Invoke-WebRequest -Uri https://github.com/microsoft/winget-cli/releases/download/v1.4.10173/Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle -OutFile .\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle | |
| Invoke-WebRequest -Uri https://aka.ms/Microsoft.VCLibs.x64.14.00.Desktop.appx -OutFile Microsoft.VCLibs.x64.14.00.Desktop.appx | |
| Add-AppxPackage Microsoft.VCLibs.x64.14.00.Desktop.appx | |
| Add-AppxPackage Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle | |
| Write-Output "Installing PowerShell Preview" | |
| winget install --id Microsoft.Powershell.Preview --source winget --disable-interactivity | |
| [Environment]::SetEnvironmentVariable("Path","$env:ProgramFiles\PowerShell\7-preview;" + [Environment]::GetEnvironmentVariable("Path", [EnvironmentVariableTarget]::Machine),[EnvironmentVariableTarget]::Machine) | |
| - name: Install az for Windows | |
| if: startsWith(matrix.os, 'windows') | |
| shell: powershell | |
| run: | | |
| # Uninstall any previous version of az | |
| $azPackage = Get-Package -Name "*Azure CLI" -ErrorAction SilentlyContinue | |
| if ($null -ne $azPackage) { $azPackage | Uninstall-Package } | |
| else { Write-Output "No previous version of az found" } | |
| # Find download URL of target az installer | |
| if ('edge' -eq '${{ matrix.azver }}') { $installUrl = 'https://aka.ms/InstallAzureCliWindowsEdge' } | |
| else { $installUrl = 'https://aka.ms/installazurecliwindows' } | |
| Write-Output "Installing az from URL $installUrl" | |
| # Install az | |
| $ProgressPreference = 'Continue' | |
| Invoke-WebRequest -Uri $installUrl -OutFile .\AzureCLI.msi | |
| Start-Process msiexec.exe -Wait -ArgumentList '/I AzureCLI.msi /quiet' | |
| rm .\AzureCLI.msi | |
| - name: Install az for Ubuntu | |
| if: startsWith(matrix.os, 'ubuntu') | |
| shell: bash | |
| run: | | |
| apt-get update | |
| apt-get -y install curl | |
| if [ 'edge' == '${{ matrix.azver }}' ]; | |
| then | |
| curl -Ls -o azure-cli_jammy_all.deb https://aka.ms/InstallAzureCliJammyEdge | |
| dpkg -i azure-cli_jammy_all.deb | |
| else | |
| curl -sL https://aka.ms/InstallAzureCLIDeb | bash | |
| fi | |
| # https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=apt | |
| - name: Log in with Azure | |
| if: ${{ !env.ACT }} | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| allow-no-subscriptions: true | |
| enable-AzPSSession: false | |
| - name: Complete SCEPman installation in PowerShell 7 | |
| if: matrix.psver != 'windows' | |
| shell: pwsh | |
| run: | | |
| $PSVersionTable.PSVersion | |
| cd SCEPman | |
| Import-Module ./SCEPman.psd1 | |
| $RandomAppRegNumber = Get-Random | |
| Complete-SCEPmanInstallation -SCEPmanAppServiceName ${{ vars.APP_SERVICE_NAME }} -AzureADAppNameForSCEPman "scepman-api-ghtest-$RandomAppRegNumber" -AzureADAppNameForCertMaster "scepman-certmaster-ghtest-$RandomAppRegNumber" -SearchAllSubscriptions -Verbose 6>&1 | |
| $scepmanappid = az ad app list --display-name "scepman-api-ghtest-$RandomAppRegNumber" -o tsv --query "[].id" | |
| az ad app delete --id $scepmanappid | |
| $certmasterappid = az ad app list --display-name "scepman-certmaster-ghtest-$RandomAppRegNumber" -o tsv --query "[].id" | |
| az ad app delete --id $certmasterappid | |
| - name: Complete SCEPman installation in PowerShell 5 | |
| if: matrix.psver == 'windows' | |
| shell: powershell | |
| run: | | |
| $PSVersionTable.PSVersion | |
| "DebugPreference: $DebugPreference" | |
| "WarningPreference: $WarningPreference" | |
| "VerbosePreference: $VerbosePreference" | |
| "ErrorActionPreference: $ErrorActionPreference" | |
| "ProgressPreference: $ProgressPreference" | |
| cd SCEPman | |
| Import-Module ./SCEPman.psd1 | |
| $RandomAppRegNumber = Get-Random | |
| Complete-SCEPmanInstallation -SCEPmanAppServiceName ${{ vars.APP_SERVICE_NAME }} -AzureADAppNameForSCEPman "scepman-api-ghtest-$RandomAppRegNumber" -AzureADAppNameForCertMaster "scepman-certmaster-ghtest-$RandomAppRegNumber" -SearchAllSubscriptions -Verbose 6>&1 | |
| $scepmanappid = az ad app list --display-name "scepman-api-ghtest-$RandomAppRegNumber" -o tsv --query "[].id" | |
| az ad app delete --id $scepmanappid | |
| $certmasterappid = az ad app list --display-name "scepman-certmaster-ghtest-$RandomAppRegNumber" -o tsv --query "[].id" | |
| az ad app delete --id $certmasterappid |