[KeyVault] - Add multi-version tests for KeyVault Keys (Azure#14587)

## What

- Adds support for live testing multiple service versions
- Adds the matrix config and plumbing to pass service version as an environment variable
- Adds a helper method to support skipping tests when the service version isn't supported

## Why

KeyVault currently supports three service versions: 7.0, 7.1, and 7.2. Being able to ensure our
live tests run against previous service versions is a way to future proof ourselves and allow us
to ensure continued support.

After a bit of discussion we agreed that it would be worthwhile to add the indirection of passing
the service version as an environment variable and avoid having to run all service versions tests
in sequence.

Author: maorleger

eng/pipelines/templates/jobs/archetype-sdk-integration.yml

@@ -132,6 +132,7 @@ jobs:
         condition: and(succeededOrFailed(),ne(variables['TestType'],'sample'),eq(variables['DependencyVersion'],''))
         env:
           TEST_MODE: "live"
+          SERVICE_VERSION: $(ServiceVersion)
           ${{ insert }}: ${{ parameters.EnvVars }}
 
       - script: |
@@ -141,6 +142,7 @@ jobs:
         condition: and(succeeded(),ne(variables['TestType'],'sample'),ne(variables['DependencyVersion'],''))
         env:
           TEST_MODE: "live"
+          SERVICE_VERSION: $(ServiceVersion)
           ${{ insert }}: ${{ parameters.EnvVars }}
 
       - ${{ parameters.PostSteps }}

eng/pipelines/templates/variables/globals.yml

@@ -4,3 +4,4 @@ variables:
   OSVmImage: "ubuntu-18.04"
   skipComponentGovernanceDetection: true
   coalesceResultFilter: $[ coalesce(variables['packageGlobFilter'], '**') ]
+  ServiceVersion: ""

sdk/keyvault/keyvault-keys/platform-matrix.json

@@ -10,6 +10,21 @@
       },
       "TestType": "node",
       "NodeTestVersion": "10.x"
+    },
+    {
+      "Agent": {
+        "ubuntu-18.04": {
+          "OSVmImage": "MMSUbuntu18.04",
+          "Pool": "azsdk-pool-mms-ubuntu-1804-general"
+        }
+      },
+      "TestType": "node",
+      "NodeTestVersion": "10.x",
+      "ServiceVersion": ["7.0", "7.1"]
     }
-  ]
+  ],
+  "displayNames": {
+    "7.0": "service_version_7_0",
+    "7.1": "service_version_7_1"
+  }
 }

sdk/keyvault/keyvault-keys/review/keyvault-keys.api.md

@@ -232,7 +232,7 @@ export class KeyClient {
 
 // @public
 export interface KeyClientOptions extends coreHttp.PipelineOptions {
-    serviceVersion?: "7.0" | "7.1" | "7.2";
+    serviceVersion?: string;
 }
 
 // @public

sdk/keyvault/keyvault-keys/src/keysModels.ts

@@ -23,9 +23,9 @@ export const LATEST_API_VERSION = "7.2";
  */
 export interface KeyClientOptions extends coreHttp.PipelineOptions {
   /**
-   * The accepted versions of the KeyVault's service API.
+   * The version of the KeyVault's service API to make calls against.
    */
-  serviceVersion?: "7.0" | "7.1" | "7.2";
+  serviceVersion?: string;
 }
 
 /**

sdk/keyvault/keyvault-keys/test/internal/aesCryptography.spec.ts

@@ -18,6 +18,7 @@ import { authenticate } from "../utils/testAuthentication";
 import { env, Recorder } from "@azure/test-utils-recorder";
 import { RemoteCryptographyProvider } from "../../src/cryptography/remoteCryptographyProvider";
 import { ClientSecretCredential } from "@azure/identity";
+import { getServiceVersion } from "../utils/utils.common";
 
 describe("AesCryptographyProvider browser tests", function() {
   it("uses the browser replacement when running in the browser", async function(this: Context) {
@@ -134,7 +135,7 @@ describe("AesCryptographyProvider internal tests", function() {
         let remoteProvider: RemoteCryptographyProvider;
 
         beforeEach(async function(this: Context) {
-          const authentication = await authenticate(this);
+          const authentication = await authenticate(this, getServiceVersion());
           recorder = authentication.recorder;
 
           if (!authentication.hsmClient) {

sdk/keyvault/keyvault-keys/test/internal/challengeBasedAuthenticationPolicy.spec.ts

@@ -14,6 +14,7 @@ import {
 import { KeyClient } from "../../src";
 import { authenticate } from "../utils/testAuthentication";
 import TestClient from "../utils/testClient";
+import { getServiceVersion } from "../utils/utils.common";
 
 // Following the philosophy of not testing the insides if we can test the outsides...
 // I present you with this "Get Out of Jail Free" card (in reference to Monopoly).
@@ -28,7 +29,7 @@ describe("Challenge based authentication tests", () => {
   let recorder: Recorder;
 
   beforeEach(async function(this: Context) {
-    const authentication = await authenticate(this);
+    const authentication = await authenticate(this, getServiceVersion());
     keySuffix = authentication.keySuffix;
     client = authentication.client;
     testClient = authentication.testClient;

sdk/keyvault/keyvault-keys/test/internal/serviceVersionParameter.spec.ts

@@ -8,6 +8,8 @@ import { LATEST_API_VERSION } from "../../src/keysModels";
 import { HttpClient, HttpOperationResponse, WebResourceLike, HttpHeaders } from "@azure/core-http";
 import { ClientSecretCredential } from "@azure/identity";
 import { env } from "@azure/test-utils-recorder";
+import { versionsToTest } from "@azure/test-utils-multi-version";
+import { serviceVersions } from "../utils/utils.common";
 
 describe("The Keys client should set the serviceVersion", () => {
   const keyVaultUrl = `https://keyVaultName.vault.azure.net`;
@@ -58,14 +60,10 @@ describe("The Keys client should set the serviceVersion", () => {
     );
   });
 
-  // Adding this to the source would change the public API.
-  type ApIVersions = "7.0" | "7.1" | "7.2";
-
-  it("it should allow us to specify an API version from a specific set of versions", async function() {
-    const versions: ApIVersions[] = ["7.0", "7.1", "7.2"];
-    for (const serviceVersion in versions) {
+  versionsToTest(serviceVersions, {}, (serviceVersion) => {
+    it("it should allow us to specify an API version from a specific set of versions", async function() {
       const client = new KeyClient(keyVaultUrl, credential, {
-        serviceVersion: serviceVersion as ApIVersions,
+        serviceVersion: serviceVersion,
         httpClient: mockHttpClient
       });
       await client.createKey("keyName", "RSA");
@@ -76,6 +74,6 @@ describe("The Keys client should set the serviceVersion", () => {
         lastCall.args[0].url,
         `https://keyVaultName.vault.azure.net/keys/keyName/create?api-version=${serviceVersion}`
       );
-    }
+    });
   });
 });

sdk/keyvault/keyvault-keys/test/public/CRUD.hsm.spec.ts

@@ -9,41 +9,45 @@ import { KeyClient } from "../../src";
 import { authenticate } from "../utils/testAuthentication";
 import TestClient from "../utils/testClient";
 import { CreateOctKeyOptions } from "../../src/keysModels";
-
-describe("Keys client - create, read, update and delete operations for managed HSM", () => {
-  const keyPrefix = `CRUD${env.KEY_NAME || "KeyName"}`;
-  let keySuffix: string;
-  let hsmClient: KeyClient;
-  let testClient: TestClient;
-  let recorder: Recorder;
-
-  beforeEach(async function(this: Context) {
-    const authentication = await authenticate(this);
-    recorder = authentication.recorder;
-
-    if (!authentication.hsmClient) {
-      // Managed HSM is not deployed for this run due to service resource restrictions so we skip these tests.
-      // This is only necessary while Managed HSM is in preview.
-      this.skip();
-    }
-
-    hsmClient = authentication.hsmClient;
-    keySuffix = authentication.keySuffix;
-    testClient = new TestClient(authentication.hsmClient);
-  });
-
-  afterEach(async function() {
-    await recorder.stop();
-  });
-
-  it("can create an OCT key with options", async function(this: Context) {
-    const keyName = testClient.formatName(`${keyPrefix}-${this!.test!.title}-${keySuffix}`);
-    const options: CreateOctKeyOptions = {
-      hsm: true
-    };
-    const result = await hsmClient.createOctKey(keyName, options);
-    assert.equal(result.name, keyName, "Unexpected key name in result from createKey().");
-    assert.equal(result.keyType, "oct-HSM");
-    await testClient.flushKey(keyName);
-  });
-});
+import { getServiceVersion, onVersions } from "../utils/utils.common";
+
+onVersions({ minVer: "7.2" }).describe(
+  "Keys client - create, read, update and delete operations for managed HSM",
+  () => {
+    const keyPrefix = `CRUD${env.KEY_NAME || "KeyName"}`;
+    let keySuffix: string;
+    let hsmClient: KeyClient;
+    let testClient: TestClient;
+    let recorder: Recorder;
+
+    beforeEach(async function(this: Context) {
+      const authentication = await authenticate(this, getServiceVersion());
+      recorder = authentication.recorder;
+
+      if (!authentication.hsmClient) {
+        // Managed HSM is not deployed for this run due to service resource restrictions so we skip these tests.
+        // This is only necessary while Managed HSM is in preview.
+        this.skip();
+      }
+
+      hsmClient = authentication.hsmClient;
+      keySuffix = authentication.keySuffix;
+      testClient = new TestClient(authentication.hsmClient);
+    });
+
+    afterEach(async function() {
+      await recorder.stop();
+    });
+
+    it("can create an OCT key with options", async function(this: Context) {
+      const keyName = testClient.formatName(`${keyPrefix}-${this!.test!.title}-${keySuffix}`);
+      const options: CreateOctKeyOptions = {
+        hsm: true
+      };
+      const result = await hsmClient.createOctKey(keyName, options);
+      assert.equal(result.name, keyName, "Unexpected key name in result from createKey().");
+      assert.equal(result.keyType, "oct-HSM");
+      await testClient.flushKey(keyName);
+    });
+  }
+);

sdk/keyvault/keyvault-keys/test/public/CRUD.spec.ts

@@ -13,7 +13,7 @@ import {
   UpdateKeyPropertiesOptions,
   GetKeyOptions
 } from "../../src";
-import { assertThrowsAbortError } from "../utils/utils.common";
+import { assertThrowsAbortError, getServiceVersion } from "../utils/utils.common";
 import { testPollerProperties } from "../utils/recorderUtils";
 import { authenticate } from "../utils/testAuthentication";
 import TestClient from "../utils/testClient";
@@ -26,7 +26,7 @@ describe("Keys client - create, read, update and delete operations", () => {
   let recorder: Recorder;
 
   beforeEach(async function(this: Context) {
-    const authentication = await authenticate(this);
+    const authentication = await authenticate(this, getServiceVersion());
     keySuffix = authentication.keySuffix;
     client = authentication.client;
     testClient = authentication.testClient;