Sync eng/common directory with azure-sdk-tools for PR 1909 (Azure#20298)

* add test-proxy invocations to eng/common folder

Co-authored-by: scbedd <[email protected]>

Author: azure-sdk

eng/common/scripts/common.ps1

@@ -44,3 +44,4 @@ $GetDocsMsMetadataForPackageFn = "Get-${Language}-DocsMsMetadataForPackage"
 $GetDocsMsDevLanguageSpecificPackageInfoFn = "Get-${Language}-DocsMsDevLanguageSpecificPackageInfo"
 $GetGithubIoDocIndexFn = "Get-${Language}-GithubIoDocIndex"
 $FindArtifactForApiReviewFn = "Find-${Language}-Artifacts-For-Apireview"
+$TestProxyTrustCertFn = "Import-Dev-Cert-${Language}"

eng/common/scripts/trust-proxy-certificate.ps1

@@ -0,0 +1,6 @@
+. $PSScriptRoot/common.ps1
+
+if ($TestProxyTrustCertFn -and (Test-Path "Function:$TestProxyTrustCertFn"))
+{
+    &$TestProxyTrustCertFn
+}

eng/common/testproxy/apply-dev-cert.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+TMP_PATH=$CERT_FOLDER
+PFXFILE=$CERT_FOLDER/dotnet-devcert.pfx
+CRTFILE=$CERT_FOLDER/dotnet-devcert.crt
+
+NSSDB_PATHS=(
+    "$HOME/.pki/nssdb"
+    "$HOME/snap/chromium/current/.pki/nssdb"
+    "$HOME/snap/postman/current/.pki/nssdb"
+)
+
+function configure_nssdb() {
+    echo "Configuring nssdb for $1"
+    certutil -d sql:$1 -D -n dotnet-devcert
+    certutil -d sql:$1 -A -t "CP,," -n dotnet-devcert -i $CRTFILE
+}
+
+for NSSDB in ${NSSDB_PATHS[@]}; do
+    if [ -d "$NSSDB" ]; then
+        configure_nssdb $NSSDB
+    fi
+done
+
+if [ $(id -u) -ne 0 ]; then
+    SUDO='sudo'
+fi
+
+$SUDO cp $CRTFILE "/usr/local/share/ca-certificates"
+$SUDO update-ca-certificates
+
+dotnet dev-certs https --clean --import $PFXFILE -p "password"

eng/common/testproxy/docker-start-proxy.ps1

@@ -0,0 +1,83 @@
+ #!/usr/bin/env pwsh -c
+
+<#
+.DESCRIPTION
+Start the docker proxy container. If it is already running, quietly exit. Any other error should fail.
+.PARAMETER Mode
+"start" or "stop" to start up or stop the test-proxy instance.
+.PARAMETER TargetFolder
+The folder in which context the test proxy will be started. Defaults to current working directory.
+#>
+[CmdletBinding(SupportsShouldProcess = $true)]
+param(
+    [ValidateSet("start", "stop")]
+    [String]
+    $Mode,
+    [String]
+    $TargetFolder = "."
+)
+
+try {
+    docker --version | Out-Null
+}
+catch {
+    Write-Error "A invocation of docker --version failed. This indicates that docker is not properly installed or running."
+    Write-Error "Please check your docker invocation and try running the script again."
+}
+
+$SELECTED_IMAGE_TAG = "1037115"
+$CONTAINER_NAME = "ambitious_azsdk_test_proxy"
+$LINUX_IMAGE_SOURCE = "azsdkengsys.azurecr.io/engsys/testproxy-lin:${SELECTED_IMAGE_TAG}"
+$WINDOWS_IMAGE_SOURCE = "azsdkengsys.azurecr.io/engsys/testproxy-win:${SELECTED_IMAGE_TAG}"
+$root = (Resolve-Path $TargetFolder).Path.Replace("`\", "/")
+
+function Get-Proxy-Container(){
+    return (docker container ls -a --format "{{ json . }}" --filter "name=$CONTAINER_NAME" `
+                | ConvertFrom-Json `
+                | Select-Object -First 1)
+}
+
+
+$SelectedImage = $LINUX_IMAGE_SOURCE
+$Initial = ""
+
+# most of the time, running this script on a windows machine will work just fine, as docker defaults to linux containers
+# however, in CI, windows images default to _windows_ containers. We cannot swap them. We can tell if we're in a CI build by 
+# checking for the environment variable TF_BUILD.
+if ($IsWindows -and $env:TF_BUILD){
+    $SelectedImage = $WINDOWS_IMAGE_SOURCE
+    $Initial = "C:"
+}
+
+if ($Mode -eq "start"){
+    $proxyContainer = Get-Proxy-Container
+
+    # if we already have one, we just need to check the state
+    if($proxyContainer){
+        if ($proxyContainer.State -eq "running")
+        {
+            Write-Host "Discovered an already running instance of the test-proxy!. Exiting"
+            exit(0)
+        }
+    }
+    # else we need to create it
+    else {
+        Write-Host "Attempting creation of Docker host $CONTAINER_NAME"
+        Write-Host "docker container create -v `"${root}:${Initial}/etc/testproxy`" -p 5001:5001 -p 5000:5000 --name $CONTAINER_NAME $SelectedImage"
+        docker container create -v "${root}:${Initial}/etc/testproxy" -p 5001:5001 -p 5000:5000 --name $CONTAINER_NAME $SelectedImage
+    }
+
+    Write-Host "Attempting start of Docker host $CONTAINER_NAME"
+    docker container start $CONTAINER_NAME
+}
+
+if ($Mode -eq "stop"){
+    $proxyContainer = Get-Proxy-Container
+
+    if($proxyContainer){
+        if($proxyContainer.State -eq "running"){
+            Write-Host "Found a running instance of $CONTAINER_NAME, shutting it down."
+            docker container stop $CONTAINER_NAME
+        }
+    }
+}

eng/common/testproxy/dotnet-devcert.crt

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDSDCCAjCgAwIBAgIUPMKpJ/j10eQrcQBNnkImIaOYHakwDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIxMDgwNTAwMzU1NloXDTIyMDgw
+NTAwMzU1NlowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAxe/ZseXgOTVoF7uTjX5Leknk95jIoyGc+VlxA8BhzGOr
+r4u6VNQZRCMq+svHY36tW4+u/xHNe2kvbwy2mnS8cFFLfst+94qBZVJDBxSGZ9I/
+wekErNsjFsik4UrMvcC+ZlGPh7hb3f7tSx29tn1DIkAUXVnbZ6TT5s+mYRQpZ6fW
+6kR3RNfc0A1IUM7Zs9yfNEr0O2H41P2HcLKoOPtvd7GvTQm9Ofh3srKvII+sZn/J
+WH7r76oRQMX904mOMdryQwZLObsqX4dXIEbafKVSecB3PBVIhv8gVtJhcZbQP1pI
+mMiWd6PHv46ZhGf7+cKnYUSa8Ia2t/wetK1wd00dFwIDAQABo4GRMIGOMA8GA1Ud
+EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGmMBYGA1UdJQEB/wQMMAoGCCsGAQUF
+BwMBMBcGA1UdEQEB/wQNMAuCCWxvY2FsaG9zdDA6BgorBgEEAYI3VAEBBCwMKkFT
+UC5ORVQgQ29yZSBIVFRQUyBkZXZlbG9wbWVudCBjZXJ0aWZpY2F0ZTANBgkqhkiG
+9w0BAQsFAAOCAQEAIj2VlBVcXGSly6KCBg6lgwFi+henWfSox77iuGAaAxDjN3jd
+9lZahW4MPNLHKSrPRb4YNSLZ2jh7zdcttQrqd4qH65o1q56q5JrCmli99iIzY9Y8
+RdYyxK4Zzr31wjpsyFiWQfqJTuSFUUg9uDDj0negwEZLIGlt7nr12wflt2+QOJtD
+byMeSZLbB5dPzn341DK0qfJEJMMgL0XsPEVZ3TQ6Alc9zq5wI608C/mXnz3xJE05
+UTYD8pRJJ/DyG0empvOVE8Sg93msHPquAbgqO9aqCpykgg/a8CFvI4wRdfvGEFlv
+8XJKL8Y/PFsmFeO3axq3zUYKFVdc9Un4dFIaag==
+-----END CERTIFICATE-----

eng/common/testproxy/dotnet-devcert.pfx

@@ -0,0 +1,23 @@
+[req]
+prompt                  = no
+default_bits            = 2048
+distinguished_name      = subject
+req_extensions          = req_ext
+x509_extensions         = x509_ext
+
+[ subject ]
+commonName              = localhost
+
+[req_ext]
+basicConstraints        = critical, CA:true
+subjectAltName          = @alt_names
+
+[x509_ext]
+basicConstraints        = critical, CA:true
+keyUsage                = critical, keyCertSign, cRLSign, digitalSignature,keyEncipherment
+extendedKeyUsage        = critical, serverAuth
+subjectAltName          = critical, @alt_names
+1.3.6.1.4.1.311.84.1.1  = ASN1:UTF8String:ASP.NET Core HTTPS development certificate # Needed to get it imported by dotnet dev-certs
+
+[alt_names]
+DNS.1                   = localhost

eng/common/testproxy/localhost.conf

@@ -0,0 +1,15 @@
+parameters:
+    rootFolder: '$(Build.SourcesDirectory)'
+
+steps:
+  - pwsh: |
+        $(Build.SourcesDirectory)/eng/common/scripts/trust-proxy-certificate.ps1
+    displayName: 'Language Specific Certificate Trust'
+
+  - pwsh: |
+      $(Build.SourcesDirectory)/eng/common/testproxy/docker-start-proxy.ps1 -Mode start -TargetFolder "${{ parameters.rootFolder }}"
+    displayName: 'Run the docker container'
+
+  - pwsh: |
+      docker container ls -a
+    displayName: Check running container

eng/common/testproxy/test-proxy-docker.yml

@@ -0,0 +1,47 @@
+parameters:
+  rootFolder: '$(Build.SourcesDirectory)'
+
+steps:
+  - pwsh: |
+        $(Build.SourcesDirectory)/eng/common/scripts/trust-proxy-certificate.ps1
+    displayName: 'Language Specific Certificate Trust'
+
+  - pwsh: |
+      Write-Host "##vso[task.setvariable variable=OriginalPath]$env:PATH"
+    displayName: 'Store Path Value'
+
+  - pwsh: |
+      Write-Host "##vso[task.setvariable variable=ASPNETCORE_Kestrel__Certificates__Default__Path]$(Build.SourcesDirectory)/eng/common/testproxy/dotnet-devcert.pfx"
+      Write-Host "##vso[task.setvariable variable=ASPNETCORE_Kestrel__Certificates__Default__Password]password"
+    displayName: 'Configure Kestrel Environment Variables'
+
+  - task: UseDotNet@2
+    displayName: "Use .NET Core SDK"
+    inputs:
+      packageType: sdk
+      version: 5.0.205
+
+  - pwsh: |
+      dotnet tool install azure.sdk.tools.testproxy `
+        --tool-path $(Build.BinariesDirectory)/test-proxy `
+        --add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json `
+        --version 1.0.0-dev.20210811.2
+    displayName: "Install test-proxy"
+
+  - pwsh: |
+      Start-Process $(Build.BinariesDirectory)/test-proxy/test-proxy.exe `
+        -ArgumentList "--storage-location '${{ parameters.rootFolder }}'" `
+        -NoNewWindow -PassThru
+    displayName: 'Run the testproxy - windows'
+    condition: and(succeeded(), eq(variables['Agent.OS'],'Windows_NT'))
+
+  # nohup does NOT continue beyond the current session if you use it within powershell
+  - bash: |
+      sudo nohup $(Build.BinariesDirectory)/test-proxy/test-proxy &
+    displayName: "Run the testproxy - linux/mac"
+    condition: and(succeeded(), ne(variables['Agent.OS'],'Windows_NT'))
+    workingDirectory: "${{ parameters.rootFolder }}"
+
+  - pwsh: |
+      Write-Host "##vso[task.setvariable variable=PATH]$(OriginalPath)"
+    displayName: 'Restore .NET version by resetting path'