TEST: skip Azure key-auth-disabled integration tests#2229
Open
romanlutz wants to merge 1 commit into
Open
Conversation
Key-based (local) auth is administratively disabled in our Azure tenant (Entra/AAD only), so a batch of integration target tests fail with HTTP 403 AuthenticationTypeDisabled. These endpoints already have passing Entra-auth coverage (test_entra_auth_targets.py), so the key-auth variants are redundant functional coverage. Apply a static @pytest.mark.skip with a shared per-file reason constant to the 35 confirmed AuthenticationTypeDisabled nodes across four files, plus two adjacent score tests that fail on the same missing-key root cause: test_targets_and_secrets.py (21), test_openai_responses_gpt5.py (5, module pytestmark), test_target_filters.py (4), test_notebooks_targets.py (5), score/test_azure_content_filter_integration.py (2). Out-of-scope failures (missing env, quota, realtime wss, AML, DeepSeek, Phi4, non-Azure providers) are left untouched. Test-only change; no production code. Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com> Copilot-Session: 127c6e28-016f-4a16-99aa-43780f8a3c22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
In our CI Azure tenant, API-key (local) authentication is administratively disabled (Entra/AAD auth only). As a result, a batch of key/secret-auth integration tests fail with HTTP 403
AuthenticationTypeDisabled("Key based authentication is disabled for this resource"). This is an environmental/policy condition, not a code regression, and it pollutes the integration signal on every fullRUN_ALL_TESTS=truerun.This PR makes those tests skip cleanly by applying a plain static
@pytest.mark.skipwith a shared per-file reason constant:Key points on scope and safety:
403 AuthenticationTypeDisabledin the last full run are gated (35 nodes across 4 files), plus 2 adjacent score tests that fail on a missing-key self-assert for the same root cause.test_entra_auth_targets.pyandtest_entra_auth_converters.py, so little to no functional coverage is lost.The 5 notebook cases are gated via the test's skip-list; the proper long-term fix is to switch those notebooks to Entra auth, which is out of scope here.
Tests and Documentation
Test-only change; no production code is touched.
Validation (uv only):
--collect-onlyacross the 5 files: 70 collected, 0 errors, out-of-scope IDs still collected.RUN_ALL_TESTS=truescoped runs: all gated nodes report SKIPPED with the reason, 0 failures, no network traffic.ruff check,ruff format --check, andpre-commit run --files <changed>all green.JupyText: N/A (no documentation or notebook code samples changed; the notebook test change only adds 5 notebooks to a skip-list).