Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Public preview wif changes #7785

Merged
merged 26 commits into from
Jul 23, 2024
Merged

Public preview wif changes #7785

Show file tree
Hide file tree
Changes from 18 commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
eebb983
Copied folder from swagger spec PR check
9lash Jun 25, 2024
261fde2
Merge branch 'Azure:main' into abiyer/add-arcgateway
9lash Jun 25, 2024
28de5a4
consume the connection-type variable and set the 07-24 client factory
9lash Jun 27, 2024
4a397ad
Merge branch 'Azure:main' into abiyer/add-arcgateway
9lash Jun 27, 2024
33c889f
Updates for new RP and DP structure
9lash Jun 29, 2024
cd21daf
Merge remote-tracking branch '9lash/abiyer/add-arcgateway' into Publi…
deeksha345 Jul 2, 2024
e3a1921
initial changes for adding oidc and workload identity params
deeksha345 Jul 2, 2024
ed24eeb
creating/ updating cc request payload with workload identity properti…
deeksha345 Jul 3, 2024
47106b2
adding wait for agent state, fixing errors
deeksha345 Jul 9, 2024
2934547
updating utils
deeksha345 Jul 9, 2024
cbf4512
updating cli version
deeksha345 Jul 10, 2024
009f7ce
fixing error
deeksha345 Jul 10, 2024
71e3968
adding wait for agent state only if workload identity is enabled
deeksha345 Jul 10, 2024
2819dd7
updates based on comments
deeksha345 Jul 11, 2024
54d5c25
updates based on comments
deeksha345 Jul 12, 2024
d8f942a
using same api version client for all preview feat
deeksha345 Jul 12, 2024
669c4a7
Merge remote-tracking branch 'upstream/main' into PublicPreviewWifCha…
deeksha345 Jul 15, 2024
33b652c
updating the api version used for show and list call so that it shows…
deeksha345 Jul 15, 2024
27753fe
refactoring generate request payload code
deeksha345 Jul 16, 2024
ddeec89
adding test scenarios for workload identity update and connect
deeksha345 Jul 16, 2024
318fbef
fixing linter issue
deeksha345 Jul 19, 2024
a22c428
fixing linter issue
deeksha345 Jul 19, 2024
cfc7a88
updating params
deeksha345 Jul 19, 2024
038dea8
updating params
deeksha345 Jul 19, 2024
e011545
adding flag for disable workload identity
deeksha345 Jul 22, 2024
39221f9
adding functionality for the disable flag
deeksha345 Jul 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions src/connectedk8s/HISTORY.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,12 @@
Release History
===============

1.8.0
++++++
* New api version 2024-07-1-preview added
* Adding functionality for workload identity feature.
* Cluster create and update waits for agent state

1.7.3
deeksha345 marked this conversation as resolved.
Show resolved Hide resolved
++++++
* Skip helm archive download if helm is already installed.
Expand Down
13 changes: 13 additions & 0 deletions src/connectedk8s/azext_connectedk8s/_client_factory.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,19 @@ def cf_connectedk8s_prev_2023_11_01(cli_ctx, *_):
def cf_connected_cluster_prev_2023_11_01(cli_ctx, _):
return cf_connectedk8s_prev_2023_11_01(cli_ctx).connected_cluster

def cf_connectedk8s_prev_2024_07_01(cli_ctx, *_):
from azext_connectedk8s.vendored_sdks.preview_2024_07_01 import ConnectedKubernetesClient
if os.getenv(consts.Azure_Access_Token_Variable):
validate_custom_token()
credential = AccessTokenCredential(access_token=os.getenv(consts.Azure_Access_Token_Variable))
return get_mgmt_service_client(cli_ctx, ConnectedKubernetesClient,
subscription_id=os.getenv('AZURE_SUBSCRIPTION_ID'),
credential=credential)
return get_mgmt_service_client(cli_ctx, ConnectedKubernetesClient)


def cf_connected_cluster_prev_2024_07_01(cli_ctx, _):
return cf_connectedk8s_prev_2024_07_01(cli_ctx).connected_cluster

def cf_connectedmachine(cli_ctx, subscription_id):
from azure.mgmt.hybridcompute import HybridComputeManagementClient
Expand Down
8 changes: 8 additions & 0 deletions src/connectedk8s/azext_connectedk8s/_help.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,10 @@
text: az connectedk8s connect -g resourceGroupName -n connectedClusterName --enable-private-link true --private-link-scope-resource-id pls/resource/arm/id
- name: Onboard a connected kubernetes cluster with custom onboarding timeout.
text: az connectedk8s connect -g resourceGroupName -n connectedClusterName --onboarding-timeout 600
- name: Onboard a connected kubernetes cluster with oidc issuer and the workload identity webhook enabled.
text: az connectedk8s connect -g resourceGroupName -n connectedClusterName --enable-oidc-issuer --enable-workload-identity
- name: Onboard a connected kubernetes cluster with oidc issuer enabled using a self hosted issuer url for public cloud cluster.
text: az connectedk8s connect -g resourceGroupName -n connectedClusterName --enable-oidc-issuer --self-hosted-issuer aksissuerurl

"""

Expand All @@ -43,6 +47,10 @@
text: az connectedk8s update -g resourceGroupName -n connectedClusterName --disable-proxy
- name: Disable auto-upgrade of agents
text: az connectedk8s update -g resourceGroupName -n connectedClusterName --auto-upgrade false
- name: Update a connected kubernetes cluster with oidc issuer and the workload identity webhook enabled.
text: az connectedk8s connect -g resourceGroupName -n connectedClusterName --enable-oidc-issuer --enable-workload-identity
- name: Update a connected kubernetes cluster with oidc issuer enabled using a self hosted issuer url for public cloud cluster.
text: az connectedk8s connect -g resourceGroupName -n connectedClusterName --enable-oidc-issuer --self-hosted-issuer aksissuerurl
"""

helps['connectedk8s upgrade'] = """
Expand Down
6 changes: 6 additions & 0 deletions src/connectedk8s/azext_connectedk8s/_params.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,9 @@ def load_arguments(self, _):
c.argument('container_log_path', help='Override the default container log path to enable fluent-bit logging')
c.argument('skip_ssl_verification', action='store_true', help='Skip SSL verification for any cluster connection.')
c.argument('yes', options_list=['--yes', '-y'], help='Do not prompt for confirmation.', action='store_true')
c.argument('enable_oidc_issuer', arg_type=get_three_state_flag(), help="Enable creation of OIDC issuer url used for workload identity", is_preview=True)
c.argument('self_hosted_issuer', options_list=['--self-hosted-issuer'], help="Self hosted issuer url for public cloud clusters - AKS, GKE, EKS", is_preview=True)
c.argument('enable_workload_identity', arg_type=get_three_state_flag(), help="Enable workload identity webhook", is_preview=True)

with self.argument_context('connectedk8s update') as c:
c.argument('tags', tags_type)
Expand All @@ -69,6 +72,9 @@ def load_arguments(self, _):
c.argument('container_log_path', help='Override the default container log path to enable fluent-bit logging')
c.argument('skip_ssl_verification', action='store_true', help='Skip SSL verification for any cluster connection.')
c.argument('yes', options_list=['--yes', '-y'], help='Do not prompt for confirmation.', action='store_true')
c.argument('enable_oidc_issuer', arg_type=get_three_state_flag(), help="Enable creation of OIDC issuer url used for workload identity", is_preview=True)
c.argument('self_hosted_issuer', options_list=['--self-hosted-issuer'], help="Self hosted issuer url for public cloud clusters - AKS, GKE, EKS", is_preview=True)
c.argument('enable_workload_identity', arg_type=get_three_state_flag(), help="Enable workload identity webhook", is_preview=True)

with self.argument_context('connectedk8s upgrade') as c:
c.argument('cluster_name', options_list=['--name', '-n'], id_part='name', help='The name of the connected cluster.')
Expand Down
2 changes: 0 additions & 2 deletions src/connectedk8s/azext_connectedk8s/_utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -375,7 +375,6 @@ def add_helm_repo(kube_config, kube_context, helm_client_location):
summary='Failed to add helm repository')
raise CLIInternalError("Unable to add repository {} to helm: ".format(repo_url) + error_helm_repo.decode("ascii"))


def get_helm_registry(cmd, config_dp_endpoint, release_train_custom=None):
# Setting uri
api_version = "2019-11-01-preview"
Expand Down Expand Up @@ -655,7 +654,6 @@ def helm_install_release(resource_manager, chart_path, subscription_id, kubernet
logger.warning("Please check if the azure-arc namespace was deployed and run 'kubectl get pods -n azure-arc' to check if all the pods are in running state. A possible cause for pods stuck in pending state could be insufficient resources on the kubernetes cluster to onboard to arc.")
raise CLIInternalError("Unable to install helm release: " + error_helm_install.decode("ascii"))


def get_release_namespace(kube_config, kube_context, helm_client_location, release_name='azure-arc'):
cmd_helm_release = [helm_client_location, "list", "-a", "--all-namespaces", "--output", "json"]
if kube_config:
Expand Down
Loading
Loading