[CredScan] Remove general string suppressions (Azure#28151)

Author: mccoyp

.vscode/cspell.json

@@ -92,6 +92,7 @@
     "eng/common/docgeneration/Generate-DocIndex.ps1",
     "eng/**/*.py",
     ".gitignore",
+    "tools/azure-sdk-tools/devtools_testutils/fake_credentials.py",
     "tools/azure-sdk-tools/packaging_tools/**",
     "tools/azure-sdk-tools/setup.py"
   ],

doc/dev/mgmt/generating-integration-test.md

@@ -95,35 +95,12 @@ You can rearrange sequence or disable particular tests.
 
 ## Running Test
 
-First of all set the variable, to enable live tests:
-
-    export AZURE_TEST_RUN_LIVE=true
-
-Live test requires credentials, in order to do that create **mgmt_settings_real.py** file:
-
-    cd /_/azure-sdk-for-python
-    cp tools/azure-sdk-tools/devtools_testutils/mgmt_settings_fake.py tools/azure-sdk-tools/devtools_testutils/mgmt_settings_real.py
-    vi tools/azure-sdk-tools/devtools_testutils/mgmt_settings_real.py
-
-and make sure your subscription ID is correct:
-
-    SUBSCRIPTION_ID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
-
-and **get_credentials** looks as follows:
-
-    def get_credentials(**kwargs):
-        from azure.common.credentials import ServicePrincipalCredentials
-        return ServicePrincipalCredentials(
-            client_id =  'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx',
-            secret = 'XxxxXxxxXXXxxxXXXXxxxxXXxxxXxxx',
-            tenant = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx'
-        )
-
-now you can run live integration test:
-
-    pytest -s sdk/attestation/azure-mgmt-attestation
-
->NOTE: To create service principal, follow instructions here: https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
+To run tests, refer to the documentation at
+[/doc/dev/mgmt/tests.md](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/dev/mgmt/tests.md). Most test
+suites in the Azure SDK have been migrated to use the Azure SDK test proxy, but some libraries that have inactive tests
+may still be using an older, deprecated system. The
+[test proxy migration guide](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/dev/test_proxy_migration_guide.md)
+describes the differences between the systems and their requirements.
 
 ## Fixing Test
 

eng/CredScanSuppression.json

@@ -3,12 +3,6 @@
     "suppressions": [
         {
             "placeholder": [
-                "XxxxXxxxXXXxxxXXXXxxxxXXxxxXxxx",
-                "HusH_Sec4et",
-                "myPassw0rd",
-                "myPassw0rd3",
-                "SWsSsd__233$Sdsds#%Sd!",
-                "kt#_gahr!@aGERDXA",
                 "Aa1!zyx_",
                 "Aa!1()-xyz",
                 ":code:`<pfx-file-password>`",

sdk/appservice/azure-mgmt-web/tests/disable_test_cli_mgmt_certificate.py

@@ -14,6 +14,7 @@
 
 import azure.mgmt.web
 from devtools_testutils import AzureMgmtTestCase, RandomNameResourceGroupPreparer
+from devtools_testutils.fake_credentials import FAKE_LOGIN_PASSWORD
 
 AZURE_LOCATION = 'eastus'
 
@@ -40,7 +41,7 @@ def test_certificate(self, resource_group):
           "host_names": [
             "ServerCert"
           ],
-          "password": "SWsSsd__233$Sdsds#%Sd!"
+          "password": FAKE_LOGIN_PASSWORD  # this may not work -- check when tests are active
         }
         result = self.mgmt_client.certificates.create_or_update(resource_group_name=RESOURCE_GROUP, name=NAME, certificate_envelope=BODY)
 
@@ -68,7 +69,7 @@ def test_certificate(self, resource_group):
         # /Certificates/patch/Patch Certificate[patch]
 #--------------------------------------------------------------------------
         BODY = {
-          "password": "SWsSsd__233$Sdsds#%Sd!"
+          "password": FAKE_LOGIN_PASSWORD  # this may not work -- check when tests are active
         }
         result = self.mgmt_client.certificates.update(resource_group_name=RESOURCE_GROUP, name=NAME, certificate_envelope=BODY)
 

sdk/appservice/azure-mgmt-web/tests/disable_test_cli_mgmt_web.py

@@ -38,6 +38,7 @@
 
 import azure.mgmt.web
 from devtools_testutils import AzureMgmtTestCase, RandomNameResourceGroupPreparer
+from devtools_testutils.fake_credentials import FAKE_LOGIN_PASSWORD
 
 AZURE_LOCATION = 'eastus'
 
@@ -120,7 +121,7 @@ def test_web(self, resource_group):
           "host_names": [
             "ServerCert"
           ],
-          "password": "SWsSsd__233$Sdsds#%Sd!"
+          "password": FAKE_LOGIN_PASSWORD  # this may not work -- check when tests are active
         }
         result = self.mgmt_client.certificates.create_or_update(resource_group_name=RESOURCE_GROUP, name=NAME, certificate_envelope=BODY)
 
@@ -764,7 +765,7 @@ def test_web(self, resource_group):
         # /Certificates/patch/Patch Certificate[patch]
 #--------------------------------------------------------------------------
         BODY = {
-          "password": "SWsSsd__233$Sdsds#%Sd!"
+          "password": FAKE_LOGIN_PASSWORD  # this may not work -- check when tests are active
         }
         result = self.mgmt_client.certificates.update(resource_group_name=RESOURCE_GROUP, name=NAME, certificate_envelope=BODY)
 

sdk/batch/azure-batch/tests/batch_preparers.py

@@ -16,6 +16,7 @@
 from azure_devtools.scenario_tests.exceptions import AzureTestError
 
 from devtools_testutils import AzureMgmtPreparer, ResourceGroupPreparer, FakeResource
+from devtools_testutils.fake_credentials import BATCH_TEST_PASSWORD
 from devtools_testutils.resource_testcase import RESOURCE_GROUP_PARAM
 
 AZURE_ARM_ENDPOINT = 'https://management.azure.com'
@@ -182,7 +183,7 @@ def create_resource(self, name, **kwargs):
                 base_url=AZURE_ARM_ENDPOINT)
             group = self._get_resource_group(**kwargs)
             batch_account = self._get_batch_account(**kwargs)
-            user = models.UserAccount(name='task-user', password='kt#_gahr!@aGERDXA', elevation_level=models.ElevationLevel.admin)
+            user = models.UserAccount(name='task-user', password=BATCH_TEST_PASSWORD, elevation_level=models.ElevationLevel.admin)
             vm_size = 'standard_d2_v2'
 
             if self.config == 'paas':

sdk/batch/azure-batch/tests/test_batch.py

@@ -28,6 +28,7 @@
     CachedResourceGroupPreparer,
     CachedStorageAccountPreparer
 )
+from devtools_testutils.fake_credentials import BATCH_TEST_PASSWORD
 
 
 AZURE_LOCATION = 'eastus'
@@ -165,8 +166,8 @@ def test_batch_create_pools(self, **kwargs):
 
         # Test Create Iaas Pool
         users = [
-            models.UserAccount(name='test-user-1', password='kt#_gahr!@aGERDXA'),
-            models.UserAccount(name='test-user-2', password='kt#_gahr!@aGERDXA', elevation_level=models.ElevationLevel.admin)
+            models.UserAccount(name='test-user-1', password=BATCH_TEST_PASSWORD),
+            models.UserAccount(name='test-user-2', password=BATCH_TEST_PASSWORD, elevation_level=models.ElevationLevel.admin)
         ]
         test_iaas_pool = models.PoolAddParameter(
             id=self.get_resource_name('batch_iaas_'),
@@ -670,7 +671,7 @@ def test_batch_compute_node_user(self, batch_pool, **kwargs):
         # Test Add User
         user_name = 'BatchPythonSDKUser'
         nodes = list(client.compute_node.list(batch_pool.name))
-        user = models.ComputeNodeUser(name=user_name, password='kt#_gahr!@aGERDXA', is_admin=False)
+        user = models.ComputeNodeUser(name=user_name, password=BATCH_TEST_PASSWORD, is_admin=False)
         response = client.compute_node.add_user(batch_pool.name, nodes[0].id, user)
         self.assertIsNone(response)
 

sdk/sql/azure-mgmt-sql/tests/disable_test_mgmt_sql.py

@@ -13,14 +13,15 @@
     AzureMgmtTestCase, ResourceGroupPreparer,
     AzureMgmtPreparer, FakeResource
 )
+from devtools_testutils.fake_credentials import FAKE_LOGIN_PASSWORD
 
 
 def get_server_params(location):
     return {
         'location': 'westus2', #location, # "self.region" is 'west-us' by default
         'version': '12.0',
         'administrator_login': 'mysecretname',
-        'administrator_login_password': 'HusH_Sec4et'
+        'administrator_login_password': FAKE_LOGIN_PASSWORD  # this password may not work -- check when tests are active
     }
 
 

tools/azure-sdk-tools/devtools_testutils/fake_credentials.py

@@ -1,11 +1,18 @@
 from azure.core.credentials import AccessToken
 
-STORAGE_ACCOUNT_FAKE_KEY = "NzhL3hKZbJBuJ2484dPTR+xF30kYaWSSCbs2BzLgVVI1woqeST/1IgqaLm6QAOTxtGvxctSNbIR/1hW8yH+bJg=="
+
+# General-use fake credentials
+FAKE_LOGIN_PASSWORD = "F4ke_L0gin_P4ss"
+
+# Service-specific fake credentials
+BATCH_TEST_PASSWORD = "kt#_gahr!@aGERDXA"
 MGMT_HDINSIGHT_FAKE_KEY = "qFmud5LfxcCxWUvWcGMhKDp0v0KuBRLsO/AIddX734W7lzdInsVMsB5ILVoOrF+0fCfk/IYYy5SJ9Q+2v4aihQ=="
+STORAGE_ACCOUNT_FAKE_KEY = "NzhL3hKZbJBuJ2484dPTR+xF30kYaWSSCbs2BzLgVVI1woqeST/1IgqaLm6QAOTxtGvxctSNbIR/1hW8yH+bJg=="
 
 
 class FakeTokenCredential(object):
     """Protocol for classes able to provide OAuth tokens.
+
     :param str scopes: Lets you specify the type of access needed.
     """