Merge e2e test fixes into PyPI-ADO-PackagePublish#893
Merged
RyAuld merged 7 commits intoRyAuld/PyPI-ADO-PackagePublishfrom Mar 30, 2026
Merged
Merge e2e test fixes into PyPI-ADO-PackagePublish#893RyAuld merged 7 commits intoRyAuld/PyPI-ADO-PackagePublishfrom
RyAuld merged 7 commits intoRyAuld/PyPI-ADO-PackagePublishfrom
Conversation
… ADO
- tests/test_e2e.py:
- Add TF_BUILD to _SKIP_UNATTENDED_E2E_TESTS so acquire_token_interactive()
and acquire_token_by_device_flow() tests skip on ADO (no browser/display),
preventing hangs on headless agents.
- Remove the class-level @unittest.skipIf(TF_BUILD) from PublicCloudScenariosTestCase;
the class now uses lab config so can run on ADO when LAB_APP_CLIENT_ID is set.
- Add a LAB_APP_CLIENT_ID guard in PublicCloudScenariosTestCase.setUpClass()
so the class raises unittest.SkipTest (not EnvironmentError) when the env var
is absent, giving the same clean-skip behaviour as LabBasedTestCase.
- .Pipelines/template-pipeline-stages.yml:
- Uncomment LAB_APP_CLIENT_ID env var in the Run tests step so integration
tests run when the pipeline variable is configured.
When a pipeline variable referenced in a step env: block is not defined, ADO injects the literal string '' into the process environment instead of an empty value. That literal is truthy, so plain os.getenv() guards fail to skip and tests error trying to open '' as a path. Fix: add _clean_env() helper in both lab_config.py and test_e2e.py that returns None for unset values AND for ADO-literal '' strings. - lab_config.py: _get_credential() and get_client_certificate() use _clean_env() - test_e2e.py: get_lab_app() uses _clean_env(); PublicCloudScenariosTestCase setUpClass() guard uses _clean_env() This makes all LabBasedTestCase and PublicCloudScenariosTestCase tests skip cleanly (rather than error) when LAB_APP_CLIENT_ID is not configured as a pipeline variable.
- lab_config.py: _get_credential() now reads LAB_APP_TENANT_ID env var (with fallback to Microsoft tenant 72f988bf-...) so ADO builds can override the tenant if needed. GH builds are unaffected since they don't set LAB_APP_TENANT_ID. - template-pipeline-stages.yml: pass LAB_APP_TENANT_ID to the test step alongside LAB_APP_CLIENT_ID and LAB_APP_CLIENT_CERT_PFX_PATH. LAB_APP_CLIENT_ID for ADO = f62c5ae3-bf3a-4af5-afa8-a68b800396e9 (RequestMSIDLAB) Verified locally: both msidlabs and id4skeyvault accessible with this ID + LabAuth cert.
- Hardcode LAB_APP_CLIENT_ID = f62c5ae3-bf3a-4af5-afa8-a68b800396e9 (RequestMSIDLAB) directly in the CI stage variables block, matching the pattern used by MSAL.js (AZURE_CLIENT_ID in the pipeline YAML) and avoiding the need for a UI-configured pipeline variable. - Remove conditions gating AzureKeyVault@2 and cert-write steps — they now always run (matching MSAL.js install-keyvault-secrets.yml). - Clean up lab certificate unconditionally on always(). - Revert LAB_APP_TENANT_ID from lab_config.py — not needed since RequestMSIDLAB is registered in the Microsoft tenant (the default).
Client ID for RequestMSIDLAB app is not a secret — hardcode it directly in tests/lab_config.py as LAB_APP_CLIENT_ID, matching MSAL.NET's approach (see build/template-install-keyvault-secrets.yaml in that repo). - lab_config.py: add LAB_APP_CLIENT_ID constant, export it, use it in _get_credential() instead of reading from env var - test_e2e.py: import LAB_APP_CLIENT_ID from lab_config, replace all os.getenv/clean_env calls, guard on cert path only - template-pipeline-stages.yml: remove variables block and env entry for LAB_APP_CLIENT_ID — only cert path comes from pipeline
ADFS labs were marked as temporarily down since July 2025. KV data for User-Federated-Config matches the expected lab user: - upn: fIDLAB@ID4SLAB1.COM - tenant: 10c419d4-4a50-45b2-aa4e-919fb84df24f - provider: ADFSv2022 / ID4SLab1
RyAuld
merged commit 60d4080
into
RyAuld/PyPI-ADO-PackagePublish
11 of 13 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Merges the e2e test fix commits from
RyAuld/fix-e2e-testsinto the pipeline branch.Key changes: