@@ -44,6 +44,10 @@ Get test key name
4444#>
4545function Get-KeyName ([string ]$suffix )
4646{
47+ if ($suffix -ne ' *'
48+ $suffix += Get-Random
49+ }
50+
4751 return ' pshtk-' + $global :testns + ' -' + $suffix
4852}
4953
@@ -53,6 +57,10 @@ Get test secret name
5357#>
5458function Get-SecretName ([string ]$suffix )
5559{
60+ if ($suffix -ne ' *'
61+ $suffix += Get-Random
62+ }
63+
5664 return ' pshts-' + $global :testns + ' -' + $suffix
5765}
5866
@@ -185,8 +193,17 @@ function Cleanup-OldKeys
185193 $keyVault = Get-KeyVault
186194 $keyPattern = Get-KeyName ' *'
187195 Get-AzureKeyVaultKey $keyVault |
188- Where-Object {$_.KeyName -like $keyPattern } |
189- Remove-AzureKeyVaultKey - Force - Confirm:$false
196+ Where-Object {$_.Name -like $keyPattern } |
197+ Cleanup- Key $_.Name
198+
199+ if ($global :softDeleteEnabled -eq $true )
200+ {
201+ Get-AzureKeyVaultKey $keyVault - InRemovedState |
202+ Where-Object {$_.Name -like $keyPattern } | % {
203+ Remove-AzureKeyVaultKey - Name $_.Name - VaultName $_.VaultName - InRemovedState - Force - Confirm:$false
204+ Wait-Seconds 5 ;
205+ }
206+ }
190207}
191208
192209<#
@@ -200,8 +217,17 @@ function Cleanup-OldSecrets
200217 $keyVault = Get-KeyVault
201218 $secretPattern = Get-SecretName ' *'
202219 Get-AzureKeyVaultSecret $keyVault |
203- Where-Object {$_.SecretName -like $secretPattern } |
204- Remove-AzureKeyVaultSecret - Force - Confirm:$false
220+ Where-Object {$_.Name -like $secretPattern } |
221+ Cleanup- Secret $_.Name
222+
223+ if ($global :softDeleteEnabled -eq $true )
224+ {
225+ Get-AzureKeyVaultSecret $keyVault - InRemovedState |
226+ Where-Object {$_.Name -like $secretPattern } | % {
227+ Remove-AzureKeyVaultSecret - Name $_.Name - VaultName $_.VaultName - Force - Confirm:$false - InRemovedState
228+ Wait-Seconds 5
229+ }
230+ }
205231}
206232
207233
@@ -225,21 +251,61 @@ function Cleanup-SingleKeyTest
225251 $global :createdKeys | % {
226252 if ($_ -ne $null )
227253 {
228- try
229- {
230- $keyVault = Get-KeyVault
231- Write-Debug " Removing key with name $_ in vault $keyVault "
232- $catch = Remove-AzureKeyVaultKey $keyVault $_ - Force - Confirm:$false
233- }
234- catch
235- {
236- }
254+ Cleanup- Key $_
237255 }
238256 }
239257
240258 $global :createdKeys.Clear ()
241259}
242260
261+ function Cleanup-Key ([string ]$keyName )
262+ {
263+ $oldPref = $ErrorActionPreference
264+ $ErrorActionPreference = " Stop"
265+ try
266+ {
267+ $keyVault = Get-KeyVault
268+ Write-Debug " Removing key with name $_ in vault $keyVault "
269+ $catch = Remove-AzureKeyVaultKey $keyVault $keyName - Force - Confirm:$false
270+ if ($global :softDeleteEnabled -eq $true )
271+ {
272+ Wait-ForDeletedKey $keyVault $keyName
273+ Remove-AzureKeyVaultKey $keyVault $keyName - Force - Confirm:$false - InRemovedState
274+ }
275+ }
276+ catch {
277+
278+ }
279+ finally
280+ {
281+ $ErrorActionPreference = $oldPref
282+ }
283+ }
284+
285+ function Cleanup-Secret ([string ]$secretName )
286+ {
287+ $oldPref = $ErrorActionPreference
288+ $ErrorActionPreference = " Stop"
289+ try
290+ {
291+ $keyVault = Get-KeyVault
292+ Write-Debug " Removing secret with name $_ in vault $keyVault "
293+ $catch = Remove-AzureKeyVaultSecret $keyVault $secretName - Force - Confirm:$false
294+ if ($global :softDeleteEnabled -eq $true )
295+ {
296+ Wait-ForDeletedSecret $keyVault $secretName
297+ Remove-AzureKeyVaultSecret $keyVault $secretName - Force - Confirm:$false - InRemovedState
298+ }
299+ }
300+ catch {
301+
302+ }
303+ finally
304+ {
305+ $ErrorActionPreference = $oldPref
306+ }
307+ }
308+
243309<#
244310. SYNOPSIS
245311Removes all created secrets.
@@ -249,15 +315,7 @@ function Cleanup-SingleSecretTest
249315 $global :createdSecrets | % {
250316 if ($_ -ne $null )
251317 {
252- try
253- {
254- $keyVault = Get-KeyVault
255- Write-Debug " Removing secret with name $_ in vault $keyVault "
256- $catch = Remove-AzureKeyVaultSecret $keyVault $_ - Force - Confirm:$false
257- }
258- catch
259- {
260- }
318+ Cleanup- Secret $_
261319 }
262320 }
263321
@@ -288,6 +346,59 @@ function Cleanup-SingleCertificateTest
288346 $global :createdCertificates.Clear ()
289347}
290348
349+ <#
350+ . SYNOPSIS
351+ Waits for a deleted key to show up.
352+ #>
353+ function Wait-ForDeletedKey ([string ] $vault , [string ] $keyName )
354+ {
355+ $key = $null
356+ do {
357+ $oldPref = $ErrorActionPreference
358+ $ErrorActionPreference = " Stop"
359+ try
360+ {
361+ $key = Get-AzureKeyVaultKey - VaultName $vault - Name $keyName - InRemovedState
362+ }
363+ catch
364+ {
365+ # Key is not found.
366+ $key = $null
367+ Write-Host " Sleeping for 5 seconds to wait for deleted key $keyName "
368+ Wait-Seconds 5
369+ }
370+ finally {
371+ $ErrorActionPreference = $oldPref
372+ }
373+ } while ($key -eq $null )
374+
375+ return $key
376+ }
377+
378+ <#
379+ . SYNOPSIS
380+ Waits for a deleted secret to show up.
381+ #>
382+ function Wait-ForDeletedSecret ([string ] $vault , [string ] $secretName )
383+ {
384+ $secret = $null
385+ do {
386+ try
387+ {
388+ $secret = Get-AzureKeyVaultSecret - VaultName $vault - Name $secretName - InRemovedState
389+ }
390+ catch
391+ {
392+ # Secret is not found.
393+ $secret = $null
394+ Write-Host " Sleeping for 5 seconds to wait for deleted key $secretName "
395+ Wait-Seconds 5
396+ }
397+ } while ($secret -ne $null )
398+
399+ return $secret
400+ }
401+
291402<#
292403. SYNOPSIS
293404Run a key test, with cleanup.
0 commit comments