-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[AKS] az aks nodepool update
: Add --enable/disable-fips-image
flags for GA mutable fips
#29695
[AKS] az aks nodepool update
: Add --enable/disable-fips-image
flags for GA mutable fips
#29695
Conversation
️✔️AzureCLI-FullTest
|
|
rule | cmd_name | rule_message | suggest_message |
---|---|---|---|
aks nodepool update | cmd aks nodepool update added parameter disable_fips_image |
||
aks nodepool update | cmd aks nodepool update added parameter enable_fips_image |
AKS |
--enable/disable--fips-image flags
(nodepool update) for GA mutable fips
--enable/disable--fips-image flags
(nodepool update) for GA mutable fips--enable/disable-fips-image flags
(nodepool update) for GA mutable fips
--enable/disable-fips-image flags
(nodepool update) for GA mutable fips--enable/disable-fips-image
flags` (nodepool update) for GA mutable fips
--enable/disable-fips-image
flags` (nodepool update) for GA mutable fips--enable/disable-fips-image
flags for GA mutable fips
--enable/disable-fips-image
flags for GA mutable fipsaz aks nodepool update
: Add --enable/disable-fips-image
flags for GA mutable fips
@FumingZhang to help review |
@@ -1070,25 +1070,38 @@ def get_enable_ultra_ssd(self) -> bool: | |||
# this parameter does not need validation | |||
return enable_ultra_ssd | |||
|
|||
# Mutable Fips now allows changes after create | |||
def get_enable_fips_image(self) -> bool: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks like worth adding some ut
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
tests have been added under "test_agentpool_decorator.py" and "test_aks_commands.py"
if self.decorator_mode == DecoratorMode.CREATE: | ||
if ( | ||
self.agentpool and | ||
hasattr(self.agentpool, "enable_fips") and # backward compatibility |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
make "enable_fips" a const?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This code section isn't changed, and the string is not reused won't fix
): | ||
enable_fips_image = self.agentpool.enable_fips | ||
# In create mode, try and read the property value corresponding to the parameter from the `agentpool` object | ||
if self.decorator_mode == DecoratorMode.CREATE: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what if it's UPDATE?
I think the mutually exclude check should also run?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If update the flag is read directly (ie if --enable-fips-image exists the fips-mode will be set to true)
This existing code only applies to when DecoratorMode.Create to check if it has been set elsewhere ie MC create which isn't allowed for update
This code is already in preview and has been tested by many parties with no issue
Related command
az aks nodepool update --enable-fips-image --disable-fips-image
Description
This PR allows the CLI functionality for the GA AKS feature allowing fips mode to be enabled/disabled after nodepool creation using the cli "az aks nodepool update" with associated flags above.
Testing Guide
#! Make sure to use region where AKS RP functionality has been released
az aks nodepool add -g chrislopezrg --cluster-name chrislopezaks -n fipstest2
az aks nodepool update -g chrislopezrg --cluster-name chrislopezaks -n fipstest --enable-fips-image
az aks nodepool show -g chrislopezrg --cluster-name chrislopezaks -n fipstest
az aks nodepool add -g chrislopezrg --cluster-name chrislopezaks -n fipstest3 --enable-fips-image
az aks nodepool add -g chrislopezrg --cluster-name chrislopezaks -n fipstest3 --disable-fips-image
az aks nodepool show -g chrislopezrg --cluster-name chrislopezaks -n fipstest3
History Notes
[Component Name 1] BREAKING CHANGE:
az command a
: Make some customer-facing breaking change[Component Name 2]
az command b
: Add some customer-facing featureThis checklist is used to make sure that common guidelines for a pull request are followed.
The PR title and description has followed the guideline in Submitting Pull Requests.
I adhere to the Command Guidelines.
I adhere to the Error Handling Guidelines.