Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AKS] az aks create az aks nodepool add/update: Add Trusted Launch options --enable-vtpm and --enable-secure-boot #29272

Merged
merged 14 commits into from
Oct 17, 2024
Merged

[AKS] az aks create az aks nodepool add/update: Add Trusted Launch options --enable-vtpm and --enable-secure-boot #29272

merged 14 commits into from
Oct 17, 2024

Conversation

lilypan26
Copy link
Contributor

@lilypan26 lilypan26 commented Jun 27, 2024
edited by yanzhudd
Loading

Related command

  • az aks create
  • az aks nodepool add
  • az aks nodepool update

Description

Add trusted launch options --enable-vtpm, --disable-vtpm, --enable-secure-boot, --disable-secure-boot to support enabling disabling vTPM and secure boot on AKS nodepools.

Testing Guide

History Notes

[AKS] az aks create: Add Trusted Launch options --enable-vtpm and --enable-secure-boot
[AKS] az aks nodepool add/update: Add Trusted Launch options --enable-vtpm and --enable-secure-boot

This checklist is used to make sure that common guidelines for a pull request are followed.

@azure-client-tools-bot-prd azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Jun 27, 2024
edited
Loading

️✔️AzureCLI-FullTest
️✔️acr
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️acs
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️advisor
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️ams
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️apim
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️appconfig
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️appservice
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️aro
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️backup
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️batch
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️batchai
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️billing
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️botservice
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️cdn
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️cloud
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️cognitiveservices
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️compute_recommender
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️config
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️configure
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️consumption
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️container
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️containerapp
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️core
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️cosmosdb
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️databoxedge
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️dla
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️dls
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️dms
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️eventgrid
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️eventhubs
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️feedback
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️find
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️hdinsight
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️identity
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️iot
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️keyvault
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️kusto
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️lab
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️managedservices
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️maps
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️marketplaceordering
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️monitor
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️mysql
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️netappfiles
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️network
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️policyinsights
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️privatedns
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️profile
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️rdbms
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️redis
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️relay
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️resource
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️role
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️search
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️security
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️servicebus
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️serviceconnector
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️servicefabric
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️signalr
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️sql
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️sqlvm
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️storage
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️synapse
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️telemetry
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️util
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9
️✔️vm
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.12
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.12
️✔️3.9

@azure-client-tools-bot-prd azure-client-tools-bot-prd
Copy link

Hi @lilypan26,
Since the current milestone time is less than 7 days, this pr will be reviewed in the next milestone.

@azure-client-tools-bot-prd azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Jun 27, 2024
edited
Loading

❌AzureCLI-BreakingChangeTest
❌acs
rule cmd_name rule_message suggest_message
1010 - ParaPropUpdate aks nodepool add cmd aks nodepool add update parameter spot_max_price: updated property default from nan to nan please change property default from nan to nan for parameter spot_max_price of cmd aks nodepool add
⚠️ 1006 - ParaAdd aks create cmd aks create added parameter enable_secure_boot
⚠️ 1006 - ParaAdd aks create cmd aks create added parameter enable_vtpm
⚠️ 1006 - ParaAdd aks nodepool add cmd aks nodepool add added parameter enable_secure_boot
⚠️ 1006 - ParaAdd aks nodepool add cmd aks nodepool add added parameter enable_vtpm
⚠️ 1006 - ParaAdd aks nodepool update cmd aks nodepool update added parameter disable_secure_boot
⚠️ 1006 - ParaAdd aks nodepool update cmd aks nodepool update added parameter disable_vtpm
⚠️ 1006 - ParaAdd aks nodepool update cmd aks nodepool update added parameter enable_secure_boot
⚠️ 1006 - ParaAdd aks nodepool update cmd aks nodepool update added parameter enable_vtpm

@yonzhan
Copy link
Collaborator

yonzhan commented Jun 27, 2024

AKS

@microsoft-github-policy-service microsoft-github-policy-service bot added Auto-Assign Auto assign by bot AKS az aks/acs/openshift labels Jun 27, 2024
FumingZhang
FumingZhang reviewed Jun 28, 2024
View reviewed changes
Copy link
Member

@FumingZhang FumingZhang left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, GA previous change in aks-preview #7243, please fix failed CI checks

Queued live test to validate the change

  • test_aks_create_update_secure_boot_flow
  • test_aks_create_update_vtpm_flow

@FumingZhang
Copy link
Member

/azp run

@azure-pipelines Azure Pipelines
Copy link

Commenter does not have sufficient privileges for PR 29272 in repo Azure/azure-cli

@FumingZhang
Copy link
Member

lgtm, GA previous change in aks-preview #7243, please fix failed CI checks

Queued live test to validate the change

  • test_aks_create_update_secure_boot_flow
  • test_aks_create_update_vtpm_flow

Requeued live test

@zhoxing-ms
Copy link
Contributor

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 3 pipeline(s).

zhoxing-ms
zhoxing-ms previously approved these changes Jul 29, 2024
View reviewed changes
@zhoxing-ms zhoxing-ms self-requested a review July 29, 2024 07:52
@FumingZhang
Copy link
Member

Requeued live test

@FumingZhang
Copy link
Member

feature not ready, expected to be postponed to September

@zhoxing-ms
Copy link
Contributor

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 3 pipeline(s).

@zhoxing-ms
Copy link
Contributor

@lilypan26 Could you resolve these CI issues and conflicts?

@zhoxing-ms
Copy link
Contributor

Please note that we are launching the release for this sprint this week. Please resolve all comments by tomorrow, otherwise the release of this PR will have to be postponed to the next sprint (on 10-08)

@FumingZhang
Copy link
Member

Live test failed with the following error

E                   azure.cli.core.azclierror.BadRequestError: (UnmarshalError) Invalid request body. Converting request body to a managed cluster encountered error: json: unknown field "securityProfile" Check that the field is in the right location, is spelled correctly, and is supported in the API version. Visit aka.ms/aks/apiversions for more API version information..
E                   Code: UnmarshalError
E                   Message: Invalid request body. Converting request body to a managed cluster encountered error: json: unknown field "securityProfile" Check that the field is in the right location, is spelled correctly, and is supported in the API version. Visit aka.ms/aks/apiversions for more API version information..

@zhoxing-ms
Copy link
Contributor

@lilypan26 Could you please address these CI issues and comments? Please note that we are launching the release for this sprint this week. Please resolve all comments and CI issues by tomorrow, otherwise the release of this PR will have to be postponed to the next sprint (on 11-05)

@lilypan26
Copy link
Contributor Author

/azp run

@azure-pipelines Azure Pipelines
Copy link

Commenter does not have sufficient privileges for PR 29272 in repo Azure/azure-cli

@lilypan26
Copy link
Contributor Author

successful live test run: https://dev.azure.com/msazure/CloudNativeCompute/_build/results?buildId=105831660&view=results

@yonzhan
Copy link
Collaborator

yonzhan commented Oct 15, 2024

Please fix CI issues

FumingZhang
FumingZhang approved these changes Oct 17, 2024
View reviewed changes
Copy link
Member

@FumingZhang FumingZhang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

live test passed!

  • test_aks_create_update_secure_boot_flow
  • test_aks_create_update_vtpm_flow

@yanzhudd
Copy link
Contributor

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 3 pipeline(s).

@yanzhudd yanzhudd merged commit cba3e91 into Azure:dev Oct 17, 2024
61 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FumingZhang FumingZhang FumingZhang approved these changes

@yanzhudd yanzhudd yanzhudd approved these changes

@andyliuliming andyliuliming Awaiting requested review from andyliuliming

@jsntcy jsntcy Awaiting requested review from jsntcy jsntcy is a code owner

@yonzhan yonzhan Awaiting requested review from yonzhan

@zhoxing-ms zhoxing-ms Awaiting requested review from zhoxing-ms zhoxing-ms is a code owner

Assignees

@zhoxing-ms zhoxing-ms

@yanzhudd yanzhudd

Labels
AKS az aks/acs/openshift Auto-Assign Auto assign by bot
Projects
None yet
Milestone
October 2024 (2024-11-11)
Development

Successfully merging this pull request may close these issues.
5 participants
@lilypan26 @yonzhan @FumingZhang @zhoxing-ms @yanzhudd