Add test cases for AzureCLI tasks (#21761)

* Add comprehensive test cases for AzureCLIV1

- Bump version in task.json and task.loc.json to 1.269.0
- Introduce new test cases for various scenarios including:
  - Account set failure
  - Adding Service Principal to environment with Service Principal authentication
  - Adding Service Principal to environment with Workload Identity Federation
  - Handling Azure CLI version failure
  - Failing on standard error output
  - Inline script execution with temporary file
  - Login and logout failures
  - Managed Service Identity authentication
  - Service Principal authentication using certificate and key
  - Windows script path handling
  - Workload Identity Federation authentication

* Add unit tests for Azure CLI task

- Implemented tests for handling standard error output in FailOnStandardError_StderrPresent.ts.
- Added KeepAzSessionActive_WIF.ts to test session refresh functionality with Workload Identity Federation.
- Created ManagedServiceIdentity_Login.ts to validate Managed Service Identity authentication.
- Developed ServicePrincipalCertificate_Login.ts for testing service principal key-based authentication.
- Updated L0.ts to include new test cases for service principal authentication, managed identity, SPN environment variables, error handling, and session management.
- Updated package-lock.json to reflect dependency updates and ensure compatibility.

Author: ivanduplenskikh

Tasks/AzureCLIV1/Tests/L0.ts

@@ -1,16 +1,188 @@
-import fs = require('fs');
 import assert = require('assert');
 import path = require('path');
+import os = require('os');
+
+import * as ttm from 'azure-pipelines-task-lib/mock-test';
 
 describe('AzureCLIV1 Suite', function () {
-    before(() => {
+    this.timeout(20000);
+
+    // Use cross-platform temp directory for assertions
+    const tempDir = require('os').tmpdir();
+
+    it('Service principal login runs script', async () => {
+        const tp = path.join(__dirname, 'L0ServicePrincipalKey.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        if (!tr.succeeded) {
+            console.log('STDOUT:', tr.stdout);
+            console.log('STDERR:', tr.stderr);
+        }
+
+        assert(tr.succeeded, 'task should have succeeded');
+        assert(tr.ran('/bin/bash /tmp/test.sh arg1 arg2'), 'should run script with args');
+        assert(tr.ran('az login --service-principal -u "spId" --password="spKey" --tenant "tenantId"'), 'should login using service principal key');
+        assert(tr.ran('az account set --subscription "subId"'), 'should set subscription');
     });
 
-    after(() => {
+    it('Service principal certificate login runs script', async () => {
+        const tp = path.join(__dirname, 'L0ServicePrincipalCertificate.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        if (!tr.succeeded) {
+            console.log('STDOUT:', tr.stdout);
+            console.log('STDERR:', tr.stderr);
+        }
+
+        assert(tr.succeeded, 'task should have succeeded');
+        const certPath = path.join(tempDir, 'spnCert.pem');
+        assert(tr.ran(`az login --service-principal -u "spId" --password="${certPath}" --tenant "tenantId"`), 'should login using service principal certificate');
+    });
+
+    it('Inline script uses temp file and sets config dir', async () => {
+        const tp = path.join(__dirname, 'L0InlineScriptTempFile.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        if (!tr.succeeded) {
+            console.log('STDOUT:', tr.stdout);
+            console.log('STDERR:', tr.stderr);
+        }
+
+        assert(tr.succeeded, 'task should have succeeded');
+        const configDir = path.join(tempDir, '.azclitask');
+        assert(tr.stdout.indexOf(`AZURE_CONFIG_DIR=${configDir}`) >= 0, 'should set AZURE_CONFIG_DIR');
+    });
+
+    it('Managed identity login runs script', async () => {
+        const tp = path.join(__dirname, 'L0ManagedServiceIdentity.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        if (!tr.succeeded) {
+            console.log('STDOUT:', tr.stdout);
+            console.log('STDERR:', tr.stderr);
+        }
+
+        assert(tr.succeeded, 'task should have succeeded');
+        assert(tr.ran('az login --identity'), 'should login using managed identity');
+        assert(tr.ran('/bin/bash /tmp/test.sh'), 'should run script');
+    });
+
+    it('Workload identity federation login runs script', async () => {
+        const tp = path.join(__dirname, 'L0WorkloadIdentityFederation.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        if (!tr.succeeded) {
+            console.log('STDOUT:', tr.stdout);
+            console.log('STDERR:', tr.stderr);
+        }
+
+        assert(tr.succeeded, 'task should have succeeded');
+        assert(tr.ran('az login --service-principal -u "spId" --tenant "tenantId" --allow-no-subscriptions --federated-token "federatedToken"'), 'should login using federated token');
+    });
+
+    it('Add SPN to environment (service principal) runs script', async () => {
+        const tp = path.join(__dirname, 'L0AddSpnToEnvironment_ServicePrincipal.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        if (!tr.succeeded) {
+            console.log('STDOUT:', tr.stdout);
+            console.log('STDERR:', tr.stderr);
+        }
+
+        assert(tr.succeeded, 'task should have succeeded');
+        assert(tr.ran('/bin/bash /tmp/test.sh'), 'should run script');
     });
 
-    it('Does a basic hello world test', function(done: MochaDone) {
-        // TODO - add real tests
-        done();
+    it('Add SPN to environment (workload identity) runs script', async () => {
+        const tp = path.join(__dirname, 'L0AddSpnToEnvironment_WorkloadIdentity.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        if (!tr.succeeded) {
+            console.log('STDOUT:', tr.stdout);
+            console.log('STDERR:', tr.stderr);
+        }
+
+        assert(tr.succeeded, 'task should have succeeded');
+        assert(tr.ran('/bin/bash /tmp/test.sh'), 'should run script');
+    });
+
+    if (os.platform() === 'win32') {
+        it('Windows scriptPath uses script tool', async () => {
+            const tp = path.join(__dirname, 'L0WindowsScriptPath.js');
+            const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+            await tr.runAsync();
+
+            if (!tr.succeeded) {
+                console.log('STDOUT:', tr.stdout);
+                console.log('STDERR:', tr.stderr);
+            }
+
+            assert(tr.succeeded, 'task should have succeeded');
+        });
+    }
+
+    it('Fails when az login returns error', async () => {
+        const tp = path.join(__dirname, 'L0LoginFailure.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        assert(tr.failed, 'task should have failed');
+    });
+
+    it('Fails when az --version returns error', async () => {
+        const tp = path.join(__dirname, 'L0AzVersionFailure.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        assert(tr.failed, 'task should have failed');
+    });
+
+    it('Fails when account set returns error', async () => {
+        const tp = path.join(__dirname, 'L0AccountSetFailure.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        assert(tr.failed, 'task should have failed');
+    });
+
+    it('Fails on stderr when failOnStandardError is true', async () => {
+        const tp = path.join(__dirname, 'L0FailOnStdErr.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        assert(tr.failed, 'task should have failed');
+    });
+
+    it('Logout failure does not fail task', async () => {
+        const tp = path.join(__dirname, 'L0LogoutFailure.js');
+        const tr: ttm.MockTestRunner = new ttm.MockTestRunner(tp);
+
+        await tr.runAsync();
+
+        if (!tr.succeeded) {
+            console.log('STDOUT:', tr.stdout);
+            console.log('STDERR:', tr.stderr);
+        }
+
+        assert(tr.succeeded, 'task should have succeeded');
     });
 });

Tasks/AzureCLIV1/Tests/L0AccountSetFailure.ts

@@ -0,0 +1,67 @@
+import ma = require('azure-pipelines-task-lib/mock-answer');
+import tmrm = require('azure-pipelines-task-lib/mock-run');
+import path = require('path');
+import os = require('os');
+
+const taskPath = path.join(__dirname, '..', 'azureclitask.js');
+const tmr: tmrm.TaskMockRunner = new tmrm.TaskMockRunner(taskPath);
+
+// Use cross-platform temp directory
+const tempDir = os.tmpdir();
+process.env['AGENT_TEMPDIRECTORY'] = tempDir;
+
+// Inputs
+tmr.setInput('connectedServiceNameARM', 'AzureRM');
+tmr.setInput('scriptLocation', 'scriptPath');
+tmr.setInput('scriptPath', '/tmp/test.sh');
+tmr.setInput('cwd', '/tmp');
+tmr.setInput('args', '');
+tmr.setInput('useGlobalConfig', 'true');
+
+// Mock Endpoint
+process.env['ENDPOINT_AUTH_SCHEME_AzureRM'] = 'ServicePrincipal';
+process.env['ENDPOINT_AUTH_PARAMETER_AzureRM_AUTHENTICATIONTYPE'] = 'spnKey';
+process.env['ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALID'] = 'spId';
+process.env['ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY'] = 'spKey';
+process.env['ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID'] = 'tenantId';
+process.env['ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID'] = 'subId';
+process.env['ENDPOINT_DATA_AzureRM_ENVIRONMENT'] = 'AzureCloud';
+
+const a: ma.TaskLibAnswers = <ma.TaskLibAnswers>{
+    which: {
+        az: 'az',
+        bash: '/bin/bash'
+    },
+    checkPath: {
+        '/tmp': true,
+        '/tmp/test.sh': true,
+        '/bin/bash': true,
+        'az': true
+    },
+    exec: {
+        'az --version': {
+            code: 0,
+            stdout: 'azure-cli 2.0.0'
+        },
+        'az cloud set -n AzureCloud': {
+            code: 0,
+            stdout: 'cloud set'
+        },
+        'az login --service-principal -u "spId" --password="spKey" --tenant "tenantId"': {
+            code: 0,
+            stdout: 'login ok'
+        },
+        'az account set --subscription "subId"': {
+            code: 1,
+            stderr: 'account set failed'
+        }
+    }
+};
+
+tmr.setAnswers(a);
+
+os.type = () => 'Linux';
+tmr.registerMock('os', os);
+tmr.registerMock('azure-pipelines-task-lib/toolrunner', require('azure-pipelines-task-lib/mock-toolrunner'));
+
+tmr.run();

Tasks/AzureCLIV1/Tests/L0AddSpnToEnvironment_ServicePrincipal.ts

@@ -0,0 +1,76 @@
+import ma = require('azure-pipelines-task-lib/mock-answer');
+import tmrm = require('azure-pipelines-task-lib/mock-run');
+import path = require('path');
+import os = require('os');
+
+const taskPath = path.join(__dirname, '..', 'azureclitask.js');
+const tmr: tmrm.TaskMockRunner = new tmrm.TaskMockRunner(taskPath);
+
+// Use cross-platform temp directory
+const tempDir = os.tmpdir();
+process.env['AGENT_TEMPDIRECTORY'] = tempDir;
+
+// Inputs
+tmr.setInput('connectedServiceNameARM', 'AzureRM');
+tmr.setInput('scriptLocation', 'scriptPath');
+tmr.setInput('scriptPath', '/tmp/test.sh');
+tmr.setInput('cwd', '/tmp');
+tmr.setInput('args', '');
+tmr.setInput('useGlobalConfig', 'true');
+tmr.setInput('addSpnToEnvironment', 'true');
+
+// Mock Endpoint
+process.env['ENDPOINT_AUTH_SCHEME_AzureRM'] = 'ServicePrincipal';
+process.env['ENDPOINT_AUTH_PARAMETER_AzureRM_AUTHENTICATIONTYPE'] = 'spnKey';
+process.env['ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALID'] = 'spId';
+process.env['ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY'] = 'spKey';
+process.env['ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID'] = 'tenantId';
+process.env['ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID'] = 'subId';
+process.env['ENDPOINT_DATA_AzureRM_ENVIRONMENT'] = 'AzureCloud';
+
+const a: ma.TaskLibAnswers = <ma.TaskLibAnswers>{
+    which: {
+        az: 'az',
+        bash: '/bin/bash'
+    },
+    checkPath: {
+        '/tmp': true,
+        '/tmp/test.sh': true,
+        '/bin/bash': true,
+        'az': true
+    },
+    exec: {
+        'az --version': {
+            code: 0,
+            stdout: 'azure-cli 2.0.0'
+        },
+        'az cloud set -n AzureCloud': {
+            code: 0,
+            stdout: 'cloud set'
+        },
+        'az login --service-principal -u "spId" --password="spKey" --tenant "tenantId"': {
+            code: 0,
+            stdout: 'login ok'
+        },
+        'az account set --subscription "subId"': {
+            code: 0,
+            stdout: 'subscription set'
+        },
+        'az  account clear': {
+            code: 0,
+            stdout: 'account cleared'
+        },
+        '/bin/bash /tmp/test.sh': {
+            code: 0,
+            stdout: 'script ok'
+        }
+    }
+};
+
+tmr.setAnswers(a);
+
+os.type = () => 'Linux';
+tmr.registerMock('os', os);
+tmr.registerMock('azure-pipelines-task-lib/toolrunner', require('azure-pipelines-task-lib/mock-toolrunner'));
+
+tmr.run();