test: restructure and rename integration configuration tokens (#110)

* test: restructure and rename integration configuration tokens

* pr-fix: use the correct topic connection string for invalidating az key vault secrets

* pr-fix: use correct topic connection string

* pr-fix: az key vault restructure appsettings

* pr-fix: az key vault restructure appsettings

* pr-fix: moved to az keyvault connection string

* pr-fix: increase timeout bc it would otherwise succeed

Author: stijnmoreels

src/Arcus.BackgroundJobs.Tests.Integration/AzureActiveDirectory/ClientSecretExpirationJobTests.cs

@@ -8,8 +8,6 @@
 using Arcus.BackgroundJobs.Tests.Integration.Hosting;
 using Arcus.EventGrid;
 using Arcus.EventGrid.Contracts;
-using Arcus.EventGrid.Publishing;
-using Arcus.EventGrid.Publishing.Interfaces;
 using Arcus.Testing.Logging;
 using CloudNative.CloudEvents;
 using Microsoft.Extensions.DependencyInjection;
@@ -39,15 +37,17 @@ public async Task CheckExpiredOrAboutToExpireClientSecretsInAzureActiveDirectory
         {
             // Arrange
             int expirationThreshold = 14;
-            IEventGridPublisher eventGridPublisher = CreateEventGridPublisher();
             var options = new WorkerOptions();
             options.ConfigureLogging(_logger)
-                   .AddSingleton<IEventGridPublisher>(eventGridPublisher)
-                   .AddClientSecretExpirationJob(opt => 
+                   .ConfigureServices(services =>
                    {
-                       opt.RunImmediately = true;
-                       opt.ExpirationThreshold = expirationThreshold;
-                       opt.EventUri = new Uri("https://github.com/arcus-azure/arcus.backgroundjobs");
+                       services.AddEventGridPublisher(_config);
+                       services.AddClientSecretExpirationJob(opt =>
+                       {
+                           opt.RunImmediately = true;
+                           opt.ExpirationThreshold = expirationThreshold;
+                           opt.EventUri = new Uri("https://github.com/arcus-azure/arcus.backgroundjobs");
+                       });
                    });
 
             AzureActiveDirectoryConfig activeDirectoryConfig = _config.GetActiveDirectoryConfig();
@@ -82,19 +82,5 @@ public async Task CheckExpiredOrAboutToExpireClientSecretsInAzureActiveDirectory
                 }
             }
         }
-
-        private IEventGridPublisher CreateEventGridPublisher()
-        {
-            string topicEndpoint = _config.GetTestInfraEventGridTopicUri();
-            string topicEndpointSecret = _config.GetTestInfraEventGridAuthKey();
-
-            IEventGridPublisher eventGridPublisher = 
-                EventGridPublisherBuilder
-                    .ForTopic(topicEndpoint)
-                    .UsingAuthenticationKey(topicEndpointSecret)
-                    .Build();
-
-            return eventGridPublisher;
-        }
     }
 }

src/Arcus.BackgroundJobs.Tests.Integration/CloudEvents/CloudEventBackgroundJobTests.cs

@@ -23,7 +23,7 @@ private TestServiceBusEventProducer(string connectionString)
         /// <summary>
         /// Creates an <see cref="TestServiceBusEventProducer"/> instance which sends events to an Azure Service Bus.
         /// </summary>
-        /// <param name="configurationKey">The Azure Service Bus entity-scoped connection string.</param>
+        /// <param name="configurationKey">The configuration key towards the Azure Service Bus entity-scoped connection string.</param>
         /// <param name="configuration">The test configuration used in this test suite.</param>
         /// <exception cref="ArgumentException">Thrown when the <paramref name="configurationKey" /> is blank.</exception>
         /// <exception cref="ArgumentNullException">Thrown when the <paramref name="configuration"/> is <c>null</c>.</exception>
@@ -33,7 +33,20 @@ public static TestServiceBusEventProducer Create(string configurationKey, TestCo
             Guard.NotNull(configuration, nameof(configuration), "Requires a test configuration to retrieve the Azure Service Bus entity-scoped connection string");
 
             var connectionString = configuration.GetValue<string>(configurationKey);
-            return new TestServiceBusEventProducer(connectionString);
+            TestServiceBusEventProducer producer = Create(connectionString);
+
+            return producer;
+        }
+
+        /// <summary>
+        /// Creates an <see cref="TestServiceBusEventProducer"/> instance which sends events to an Azure Service Bus.
+        /// </summary>
+        /// <param name="entityScopedConnectionString">The Azure Service Bus entity-scoped connection string.</param>
+        /// <exception cref="ArgumentException">Thrown when the <paramref name="entityScopedConnectionString" /> is blank.</exception>
+        public static TestServiceBusEventProducer Create(string entityScopedConnectionString)
+        {
+            Guard.NotNullOrWhitespace(entityScopedConnectionString, nameof(entityScopedConnectionString), "Requires a non-blank Azure Service Bus entity-scoped connection string");
+            return new TestServiceBusEventProducer(entityScopedConnectionString);
         }
 
         /// <summary>

src/Arcus.BackgroundJobs.Tests.Integration/CloudEvents/Fixture/TestServiceBusEventProducer.cs

@@ -3,15 +3,12 @@
 using System.Linq;
 using System.Threading.Tasks;
 using Arcus.BackgroundJobs.Tests.Integration.Hosting;
-using Arcus.Security.Core;
 using Arcus.Testing.Logging;
 using Microsoft.Azure.Databricks.Client;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Logging;
-using Microsoft.Graph;
-using Moq;
 using Polly;
 using Xunit;
 using Xunit.Abstractions;
@@ -45,9 +42,12 @@ public async Task FinishedDatabricksJobRun_GetsNoticedByRepeatedlyDatabricksJob_
             var options = new WorkerOptions();
             options.ConfigureLogging(spyLogger);
             options.ConfigureLogging(_logger);
-            options.AddSecretStore(stores => stores.AddInMemory(tokenSecretKey, token));
-            options.AddDatabricksJobMetricsJob(baseUrl, tokenSecretKey, opt => opt.IntervalInMinutes = 1);
-            
+            options.ConfigureServices(services =>
+            {
+                services.AddSecretStore(stores => stores.AddInMemory(tokenSecretKey, token));
+                services.AddDatabricksJobMetricsJob(baseUrl, tokenSecretKey, opt => opt.IntervalInMinutes = 1);
+            });
+
             using (var client = DatabricksClient.CreateClient(baseUrl, token))
             {
                 JobSettings settings = CreateEmptyJobSettings();

src/Arcus.BackgroundJobs.Tests.Integration/Databricks/DatabricksJobMetricsJobTests.cs

@@ -0,0 +1,46 @@
+using System;
+using GuardNet;
+
+namespace Arcus.BackgroundJobs.Tests.Integration.Fixture
+{
+    /// <summary>
+    /// Represents a location in Azure where the test resources are located.
+    /// </summary>
+    public class AzureEnvironment
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="AzureEnvironment"/> class.
+        /// </summary>
+        /// <param name="subscriptionId">The unique identifier for the global subscription that is linked to the test Azure resources.</param>
+        /// <param name="tenantId">The tenant identifier within the Azure subscription where the test Azure resources are located.</param>
+        /// <param name="resourceGroupName">The name of the Azure resource group inside the Azure tenant where the test Azure resources are located.</param>
+        /// <exception cref="ArgumentException">
+        ///     Thrown when the <paramref name="subscriptionId"/>, <paramref name="tenantId"/>, or the <paramref name="resourceGroupName"/> is blank.
+        /// </exception>
+        public AzureEnvironment(string subscriptionId, string tenantId, string resourceGroupName)
+        {
+            Guard.NotNullOrWhitespace(subscriptionId, nameof(subscriptionId), "Requires an Azure subscription ID to create an Azure environment instance");
+            Guard.NotNullOrWhitespace(tenantId, nameof(tenantId), "Requires an Azure tenant ID to create an Azure environment instance");
+            Guard.NotNullOrWhitespace(resourceGroupName, nameof(resourceGroupName), "Requires an Azure resource group name to create an Azure environment instance");
+
+            SubscriptionId = subscriptionId;
+            TenantId = tenantId;
+            ResourceGroupName = resourceGroupName;
+        }
+
+        /// <summary>
+        /// Gets the unique identifier for the global subscription that is linked to the test Azure resources.
+        /// </summary>
+        public string SubscriptionId { get; }
+
+        /// <summary>
+        /// Gets the tenant identifier within the Azure subscription where the test Azure resources are located.
+        /// </summary>
+        public string TenantId { get; }
+
+        /// <summary>
+        /// Gets the name of the Azure resource group inside the Azure tenant where the test Azure resources are located.
+        /// </summary>
+        public string ResourceGroupName { get; }
+    }
+}

src/Arcus.BackgroundJobs.Tests.Integration/Fixture/AzureEnvironment.cs

@@ -1,10 +1,13 @@
 using System;
+using System.Collections.Generic;
 using System.Threading.Tasks;
+using Arcus.BackgroundJobs.Tests.Integration.Hosting;
 using Arcus.BackgroundJobs.Tests.Integration.KeyVault.Fixture;
 using GuardNet;
 using Microsoft.Azure.Management.ServiceBus;
 using Microsoft.Azure.Management.ServiceBus.Models;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Logging.Abstractions;
 using Microsoft.IdentityModel.Clients.ActiveDirectory;
 using Microsoft.Rest;
 
@@ -15,38 +18,41 @@ namespace Arcus.BackgroundJobs.Tests.Integration.Fixture.ServiceBus
     /// </summary>
     public class ServiceBusConfiguration
     {
-        private readonly KeyRotationConfig _configuration;
+        private readonly AzureEnvironment _environment;
+        private readonly ServicePrincipal _servicePrincipal;
+        private readonly KeyRotationConfig _rotationConfig;
         private readonly ILogger _logger;
 
-        /// <summary>
-        /// Initializes a new instance of the <see cref="ServiceBusConfiguration"/> class.
-        /// </summary>
-        /// <param name="configuration">The configuration instance to provide the necessary information during authentication with the correct Azure Service Bus instance.</param>
-        /// <param name="logger">The instance to log diagnostic messages during the interaction with the Azure Service Bus instance.</param>
-        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="configuration"/> or the <paramref name="logger"/> is <c>null</c>.</exception>
-        public ServiceBusConfiguration(KeyRotationConfig configuration, ILogger logger)
+        private ServiceBusConfiguration(
+            AzureEnvironment environment,
+            ServicePrincipal servicePrincipal,
+            KeyRotationConfig rotationConfig, 
+            ILogger logger)
         {
-            Guard.NotNull(configuration, nameof(configuration));
-            Guard.NotNull(logger, nameof(logger));
+            Guard.NotNull(rotationConfig, nameof(rotationConfig));
 
-            _configuration = configuration;
-            _logger = logger;
+            _environment = environment;
+            _servicePrincipal = servicePrincipal;
+            _rotationConfig = rotationConfig;
+            _logger = logger ?? NullLogger.Instance;
         }
 
         /// <summary>
-        /// Gets the connection string keys for the Azure Service Bus Topic tested in the integration test suite.
+        /// Creates an <see cref="ServiceBusConfiguration"/> instance based on the test configuration values of the current test run.
         /// </summary>
-        public async Task<AccessKeys> GetConnectionStringKeysForTopicAsync()
+        /// <param name="config">The current integration test configuration.</param>
+        /// <param name="logger">The logger instance to write diagnostic trace messages during the interaction with Azure Service Bus.</param>
+        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="config"/> is <c>null</c>.</exception>
+        /// <exception cref="KeyNotFoundException">Thrown when one or more configuration values cannot be found in the given test <paramref name="config"/> instance.</exception>
+        public static ServiceBusConfiguration CreateFrom(TestConfig config, ILogger logger)
         {
-            using IServiceBusManagementClient client = await CreateServiceManagementClientAsync();
+            Guard.NotNull(config, nameof(config), "Requires a test configuration instance to retrieve the details to interact with Azure Service Bus");
 
-            AccessKeys accessKeys = await client.Topics.ListKeysAsync(
-                _configuration.ServiceBusNamespace.ResourceGroup,
-                _configuration.ServiceBusNamespace.Namespace,
-                _configuration.ServiceBusNamespace.TopicName,
-                _configuration.ServiceBusNamespace.AuthorizationRuleName);
+            AzureEnvironment environment = config.GetAzureEnvironment();
+            ServicePrincipal servicePrincipal = config.GetServicePrincipal();
+            KeyRotationConfig rotationConfig = config.GetKeyRotationConfig();
 
-            return accessKeys;
+            return new ServiceBusConfiguration(environment, servicePrincipal, rotationConfig, logger);
         }
 
         /// <summary>
@@ -56,66 +62,62 @@ public async Task<AccessKeys> GetConnectionStringKeysForTopicAsync()
         /// <returns>
         ///     The new connection string according to the <paramref name="keyType"/>.
         /// </returns>
-        /// <exception cref="ArgumentOutOfRangeException">Thrown when the <paramref name="keyType"/> is not within the bounds of the enumration.</exception>
+        /// <exception cref="ArgumentOutOfRangeException">Thrown when the <paramref name="keyType"/> is not within the bounds of the enumeration.</exception>
         public async Task<string> RotateConnectionStringKeysForQueueAsync(KeyType keyType)
         {
             Guard.For<ArgumentOutOfRangeException>(
                 () => !Enum.IsDefined(typeof(KeyType), keyType),
                 $"Requires a KeyType that is either '{nameof(KeyType.PrimaryKey)}' or '{nameof(KeyType.SecondaryKey)}'");
 
             var parameters = new RegenerateAccessKeyParameters(keyType);
-            string queueName = _configuration.ServiceBusNamespace.QueueName;
+            string queueName = _rotationConfig.ServiceBusNamespace.QueueName;
             const ServiceBusEntityType entity = ServiceBusEntityType.Queue;
 
             try
             {
-                using IServiceBusManagementClient client = await CreateServiceManagementClientAsync();
-                
-                _logger.LogTrace(
-                    "Start rotating {KeyType} connection string of Azure Service Bus {EntityType} '{EntityName}'...",
-                    keyType, entity, queueName);
-
-                AccessKeys accessKeys = await client.Queues.RegenerateKeysAsync(
-                    _configuration.ServiceBusNamespace.ResourceGroup,
-                    _configuration.ServiceBusNamespace.Namespace,
-                    queueName,
-                    _configuration.ServiceBusNamespace.AuthorizationRuleName,
-                    parameters);
-
-                _logger.LogInformation(
-                        "Rotated {KeyType} connection string of Azure Service Bus {EntityType} '{EntityName}'",
-                        keyType, entity, queueName);
-
-                switch (keyType)
+                using (IServiceBusManagementClient client = await CreateServiceManagementClientAsync())
                 {
-                    case KeyType.PrimaryKey:   return accessKeys.PrimaryConnectionString;
-                    case KeyType.SecondaryKey: return accessKeys.SecondaryConnectionString;
-                    default:
-                        throw new ArgumentOutOfRangeException(nameof(keyType), keyType, "Unknown key type");
+                    _logger.LogTrace("Start rotating {KeyType} connection string of Azure Service Bus {EntityType} '{EntityName}'...", keyType, entity, queueName);
+
+                    AccessKeys accessKeys = await client.Queues.RegenerateKeysAsync(
+                        _environment.ResourceGroupName,
+                        _rotationConfig.ServiceBusNamespace.NamespaceName,
+                        queueName,
+                        _rotationConfig.ServiceBusNamespace.AuthorizationRuleName,
+                        parameters);
+
+                    _logger.LogInformation("Rotated {KeyType} connection string of Azure Service Bus {EntityType} '{EntityName}'", keyType, entity, queueName);
+
+                    switch (keyType)
+                    {
+                        case KeyType.PrimaryKey: return accessKeys.PrimaryConnectionString;
+                        case KeyType.SecondaryKey: return accessKeys.SecondaryConnectionString;
+                        default:
+                            throw new ArgumentOutOfRangeException(nameof(keyType), keyType, "Unknown key type");
+                    }
                 }
             }
             catch (Exception exception)
             {
-                _logger.LogError(
-                    exception, "Failed to rotate the {KeyType} connection string of the Azure Service Bus {EntityType} '{EntityName}'", keyType, entity, queueName);
+                _logger.LogError(exception, "Failed to rotate the {KeyType} connection string of the Azure Service Bus {EntityType} '{EntityName}'", keyType, entity, queueName);
 
                 throw;
             }
         }
 
         private async Task<IServiceBusManagementClient> CreateServiceManagementClientAsync()
         {
-            string tenantId = _configuration.ServiceBusNamespace.TenantId;
+            string tenantId = _environment.TenantId;
             var context = new AuthenticationContext($"https://login.microsoftonline.com/{tenantId}");
 
-            ClientCredential clientCredentials = _configuration.ServicePrincipal.CreateCredentials();
+            ClientCredential clientCredentials = _servicePrincipal.CreateCredentials();
             AuthenticationResult result =
                 await context.AcquireTokenAsync(
                     "https://management.azure.com/",
                     clientCredentials);
 
             var tokenCredentials = new TokenCredentials(result.AccessToken);
-            string subscriptionId = _configuration.ServiceBusNamespace.SubscriptionId;
+            string subscriptionId = _environment.SubscriptionId;
 
             var client = new ServiceBusManagementClient(tokenCredentials) { SubscriptionId = subscriptionId };
             return client;