PyRIT/integration-tests.yml at main · diamond8658/PyRIT · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122

# Builds the pyrit environment and runs integration tests

trigger:
  branches:
    include:
      - main

# There are additional PR triggers for this that are configurable in ADO.

jobs:
- job: IntegrationTests
  displayName: "Builds the pyrit environment and runs integration tests"
  timeoutInMinutes: 360   # Allows the job to run up to 6 hours
  pool:
    vmImage: ubuntu-latest
  steps:
  - checkout: self
    fetchDepth: 1
  - task: UsePythonVersion@0
    inputs:
      versionSpec: '3.12'
      addToPath: true
  - bash: |
      mkdir -p ~/.pyrit
    displayName: "Create PyRIT configuration directory"
    name: create_pyrit_dir
  - task: AzureKeyVault@2
    displayName: Azure Key Vault - retrieve .env file secret
    inputs:
      azureSubscription: 'integration-test-service-connection'
      KeyVaultName: 'pyrit-environment'
      SecretsFilter: 'env-global'
      RunAsPreJob: false
  - bash: |
      python -c "
      import os;
      secret = os.environ.get('PYRIT_TEST_SECRET');
      if not secret:
        raise ValueError('PYRIT_TEST_SECRET is not set');
      with open(os.path.expanduser('~/.pyrit/.env'), 'w') as file:
        file.write(secret)"
    env:
      PYRIT_TEST_SECRET: $(env-global)
    name: create_env_file
  - bash: |
      cp build_scripts/env_local_integration_test ~/.pyrit/.env.local
    displayName: "Create .env.local from example"
  - script:
      wget -qO- https://astral.sh/uv/install.sh | sh
    name: install_uv
  - bash: sudo apt-get install python3-tk
    name: install_tkinter
  - bash: |
      set -e
      # Detect Ubuntu version
      UBUNTU_VERSION=$(grep VERSION_ID /etc/os-release | cut -d '"' -f 2)
      SUPPORTED_VERSIONS="18.04 20.04 22.04 24.04 24.10"

      if ! [[ "$SUPPORTED_VERSIONS" == *"$UBUNTU_VERSION"* ]]; then
        echo "Ubuntu $UBUNTU_VERSION is not currently supported."
        exit 1
      fi

      # Download the package to configure the Microsoft repo
      curl -sSL -O https://packages.microsoft.com/config/ubuntu/$(grep VERSION_ID /etc/os-release | cut -d '"' -f 2)/packages-microsoft-prod.deb
      # Install the package
      sudo dpkg -i packages-microsoft-prod.deb
      # Delete the file
      rm packages-microsoft-prod.deb

      # Install the driver
      sudo apt-get update
      sudo ACCEPT_EULA=Y apt-get install -y msodbcsql18

      echo "Microsoft ODBC Driver 18 installed successfully."
    displayName: 'Install ODBC Driver 18 for SQL Server'
  - bash: uv sync --extra dev --extra all
    name: install_PyRIT
  - bash: df -all -h
    name: disk_space_check
# This step ensures that integration tests are run outside of the PyRIT repository to test that .env files are accessed correctly.
  - bash: |
      PyRIT_DIR=$(pwd)
      NEW_DIR="integration_test_directory"
      cd ..
      mkdir -p $NEW_DIR/tests
      cp -r $PyRIT_DIR/doc $NEW_DIR
      cp -r $PyRIT_DIR/assets $NEW_DIR
      cp -r $PyRIT_DIR/tests/integration $NEW_DIR/tests
      cd $NEW_DIR
    displayName: "Create and switch to new integration test directory"
  - task: AzureCLI@2
    displayName: "Authenticate with service principal, cache Cognitive Services access token, and run tests"
    inputs:
      azureSubscription: 'integration-test-service-connection'
      scriptType: 'bash'
      scriptLocation: 'inlineScript'
      inlineScript: |
        # Prefetch token for Cognitive Services before ID token expires (60-90 minute validity)
        az account get-access-token --scope https://cognitiveservices.azure.com/.default --output none
        echo "Cognitive Services access token cached successfully."

        # Prefetch token for Azure ML / Foundry model endpoints
        az account get-access-token --scope https://ml.azure.com/.default --output none
        echo "Azure ML/Foundry access token cached successfully."

        # Prefetch token for Azure SQL Database
        az account get-access-token --scope https://database.windows.net/.default --output none
        echo "Azure SQL Database access token cached successfully."

        # Run integration tests
        make integration-test
  - bash: |
      rm -f ~/.pyrit/.env ~/.pyrit/.env.local
    name: clean_up_env_files
    condition: always()
  - task: PublishTestResults@2
    condition: always()
    inputs:
      testResultsFormat: 'JUnit'
      testResultsFiles: 'junit/test-results.xml'