Example code and end to end test cases for confidential ACI.
All examples utilise the c_aci_testing package to manage images and deployment which can be found at:
microsoft/confidential-aci-testing.
If you're looking for a simple tests running in multiple regions, as well as uptime and performance testing, see:
microsoft/confidential-aci-dashboard.
If you're looking for examples of how to use confidential sidecar container images, see the tests/ directory at:
microsoft/confidential-sidecar-containers
Basic flask based server running in a confidential container.
Deploys two containers in the same container group and demostrates communication between the two.
Deploys several container groups using popular docker images
Fetches and validates an SNP Attestation report.
There are three main ways to run examples:
Every example has a corresponding github action.
See all workflows here.
The simplest way to run the tests locally is to use Github Codespaces.
This will set up a full development environment with everything needed to run examples.
CREDENTIALS: In order to deploy Azure resources, you will need to run
az loginwith an account with Contributor permissions on the resource group specified incacitesting.env
MANUAL SETUP: To checkout and setup manually, please refer to the Dev Container to follow the setup process.
Then you can open VS Code's testing view, where examples can be run with or without a debugger.
If a particular step of an example needs debugging, they can be run manually through VS Codes Run and Debug View. Most examples follow these steps:
- Build Images
- Push Images
- Pull Images (If already pushed)
- Generate a security policy
- Deploy ACIs
- Monitor running ACIs
- Remove ACIs
Once the deployment is complete, you can run the corresponding test against it without doing a full deployment again.
Note: For now, use the branch
vm_backendto do this
You can currently run the following examples against Container Platform.
- Simple Server
- Remote Image
To do so, log into Azure with an account which has access to both the Azure DevOps repository for ContainerPlatform, and the Atlas Image on which it runs. To do this, either set the environment variable BACKEND=VM, or when running each step manually, use the following steps:
- Build and Push Images
- Generate VM ARM Template
- Deploy Container Platform
- Run Container Platform
Either use the target_create Run & Debug option, or run in terminal:
c-aci-testing target create examples/my_example --name my_example
This creates a template for the new target, containing a bicep file and a docker compose file where you can specify the images to build and deploy.
Either use the vscode_testing Run & Debug option, or run in terminal:
c-aci-testing target add_test examples/my_example
This adds a placeholder python unittest based test which will deploy the target and give you a context in which to do your testing.
Either use the github_workflow_create Run & Debug option, or run in terminal:
c-aci-testing github workflow examples/my_example
This creates a placeholder github actions workflow.
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.