Skip to content

Do not review yet #917

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
4gust wants to merge 8 commits into
base: dev
Choose a base branch
from
Open

Do not review yet #917

Changes from 5 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
a668a00
Create pipeline-unit-tests.yml
4gust May 12, 2026
3939c9c
Update pipeline-unit-tests.yml
4gust May 12, 2026
c002532
Update pipeline-unit-tests.yml
4gust May 12, 2026
0bc2958
Update pipeline-unit-tests.yml
4gust May 12, 2026
2049020
Update pipeline-unit-tests.yml
4gust May 12, 2026
43e6b73
Update pipeline-unit-tests.yml
4gust May 14, 2026
97e7bfb
Update pipeline-unit-tests.yml
4gust May 14, 2026
ca15513
python version parallel tests
4gust May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
154 changes: 154 additions & 0 deletions .Pipelines/pipeline-unit-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,154 @@
# ADO pipeline that runs the msal Python test suite.
# Unit tests run first (no secrets); E2E tests run after, with the MSID Lab
# certificate fetched from Key Vault. Triggered on every push to the
# working branch.

trigger:
branches:
include:
- 4gust/ado-pipeline
pr: none

stages:

# ─────────────────────────────────────────────────────────────────────────────
# Stage 1 · Unit tests — no Key Vault, no service connection.
# ─────────────────────────────────────────────────────────────────────────────
- stage: UnitTests
displayName: 'Unit tests'
jobs:
- job: Pytest
displayName: 'pytest (unit)'
pool:
vmImage: ubuntu-22.04
strategy:
matrix:
Python39:
python.version: '3.9'
Python310:
python.version: '3.10'
Python311:
python.version: '3.11'
Python312:
python.version: '3.12'
Python313:
python.version: '3.13'
Python314:
python.version: '3.14'
steps:
- task: UsePythonVersion@0
displayName: 'Use Python $(python.version)'
inputs:
versionSpec: '$(python.version)'

- script: |
python -m pip install --upgrade pip
pip install -r requirements.txt
pip install pytest pytest-azurepipelines
displayName: 'Install Python dependencies'

- bash: |
mkdir -p test-results
set -o pipefail
pytest -vv \
--junitxml=test-results/junit.xml \
--ignore=tests/test_e2e.py \
--ignore=tests/test_e2e_manual.py \
--ignore=tests/test_fmi_e2e.py \
2>&1 | tee test-results/pytest.log
displayName: 'Run pytest (unit only)'

- task: PublishTestResults@2
displayName: 'Publish JUnit test results'
condition: succeededOrFailed()
inputs:
testResultsFormat: 'JUnit'
testResultsFiles: 'test-results/junit.xml'
failTaskOnFailedTests: true
testRunTitle: 'Unit tests · Python $(python.version)'

# ─────────────────────────────────────────────────────────────────────────────
# Stage 2 · E2E tests — runs only if unit tests pass. Fetches the MSID Lab
# certificate from Key Vault (mirrors MSAL.NET's
# build/template-install-keyvault-secrets.yaml).
# ─────────────────────────────────────────────────────────────────────────────
- stage: E2ETests
displayName: 'E2E tests'
dependsOn: UnitTests
condition: succeeded()
jobs:
- job: Pytest
displayName: 'pytest (E2E)'
pool:
vmImage: ubuntu-22.04
strategy:
matrix:
Python39:
python.version: '3.9'
Python310:
python.version: '3.10'
Python311:
python.version: '3.11'
Python312:
python.version: '3.12'
Python313:
python.version: '3.13'
Python314:
python.version: '3.14'
steps:
- task: UsePythonVersion@0
displayName: 'Use Python $(python.version)'
inputs:
versionSpec: '$(python.version)'

- script: |
python -m pip install --upgrade pip
pip install -r requirements.txt
pip install pytest pytest-azurepipelines
displayName: 'Install Python dependencies'

- task: AzureKeyVault@2
displayName: 'Fetch MSID Lab certificate from Key Vault'
inputs:
azureSubscription: 'AuthSdkResourceManager'
KeyVaultName: 'msidlabs'
SecretsFilter: 'LabAuth'
RunAsPreJob: false
Comment on lines +106 to +113

- bash: |
set -euo pipefail
if [ -z "${LAB_AUTH_B64:-}" ]; then
echo "##vso[task.logissue type=error]LabAuth secret is empty — Key Vault retrieval failed."
exit 1
fi
CERT_PATH="$(Agent.TempDirectory)/lab-auth.pfx"
printf '%s' "$LAB_AUTH_B64" | base64 -d > "$CERT_PATH"
echo "##vso[task.setvariable variable=LAB_APP_CLIENT_CERT_PFX_PATH]$CERT_PATH"
echo "Lab cert written to: $CERT_PATH ($(wc -c < "$CERT_PATH") bytes)"
displayName: 'Decode lab certificate to PFX'
env:
LAB_AUTH_B64: $(LabAuth)

- bash: |
mkdir -p test-results
set -o pipefail
pytest -vv \
--junitxml=test-results/junit.xml \
tests/test_e2e.py tests/test_fmi_e2e.py \
2>&1 | tee test-results/pytest.log
displayName: 'Run pytest (E2E only)'
env:
LAB_APP_CLIENT_CERT_PFX_PATH: $(LAB_APP_CLIENT_CERT_PFX_PATH)

- task: PublishTestResults@2
displayName: 'Publish JUnit test results'
condition: succeededOrFailed()
inputs:
testResultsFormat: 'JUnit'
testResultsFiles: 'test-results/junit.xml'
failTaskOnFailedTests: true
testRunTitle: 'E2E tests · Python $(python.version)'

- bash: rm -f "$(Agent.TempDirectory)/lab-auth.pfx"
displayName: 'Remove lab certificate from agent'
condition: always()
Loading