Add integration testing for `Azure.Sdk.BuildTools.SecretRotation`

[scbedd]

I just had a good discussion with Patrick about what we can do to ensure that we aren't accidentally breaking any major functionalities in our secret rotation project. Just getting this jotted down for further breakdown or discussion.

I'm seeing the following individual items:

• [ ] Create Azure.Sdk.BuildTools.SecretRotation.IntegrationTestServer project
  • This project should implement the class in tools/pipeline-witness/Azure.Sdk.Tools.PipelineWitness/Configuration/PostConfigureKeyVaultSettings.cs
  • Should provide an API Controller that will return an appconfiguration value -> /Test/GetAppConfigurationValue
  • This will return a SHA256 of the appconfiguration value.
• [ ] Add tests.yml to solution root
  • Create new ARM template with the following:
  • Keyvault
    • Add one secret to keyvault
  • Create new website based on the afore-mentioned IntegrationTestServer project
  • We should re-use New-TestResources.ps1 to stand up the above ARM resources
  • [ ] Additional test steps
  • Hit /Test/GetAppConfigurationValue. Store value away.
  • Use the SecretRotation tool to rotate the secret we retrieved the value for
  • Hit /Test/GetAppConfigurationValue, compare the SHAs and ensure they are different.

[benbp]

Let's use bicep over ARM. I have some working examples for spinning up a keyvault and adding secrets to it.