From d332aad3acfe1a4eb96f551218b9b28cb9cd43a1 Mon Sep 17 00:00:00 2001 From: Yishi Wang Date: Tue, 21 Jan 2025 16:09:35 +0800 Subject: [PATCH] az cloud register/update: Use ARM new API version 2022-09-01 for endpoint discovery --- .../azure/cli/command_modules/cloud/custom.py | 31 +++++++------------ .../recordings/test_cloud_scenario.yaml | 16 +++++----- .../cloud/tests/latest/test_cloud.py | 4 +-- 3 files changed, 23 insertions(+), 28 deletions(-) diff --git a/src/azure-cli/azure/cli/command_modules/cloud/custom.py b/src/azure-cli/azure/cli/command_modules/cloud/custom.py index 7c338c137e3..fbb01a73137 100644 --- a/src/azure-cli/azure/cli/command_modules/cloud/custom.py +++ b/src/azure-cli/azure/cli/command_modules/cloud/custom.py @@ -34,13 +34,14 @@ def show_cloud(cmd, cloud_name=None): raise CLIError(e) -def _populate_from_metadata_endpoint(cloud, arm_endpoint, session=None): +def _populate_from_metadata_endpoint(arm_endpoint, session=None): endpoints_in_metadata = ['active_directory_graph_resource_id', 'active_directory_resource_id', 'active_directory'] - METADATA_ENDPOINT_SUFFIX = '/metadata/endpoints?api-version=2015-01-01' - if not arm_endpoint or all([cloud.endpoints.has_endpoint_set(n) for n in endpoints_in_metadata]): # pylint: disable=use-a-generator - return + METADATA_ENDPOINT_SUFFIX = '/metadata/endpoints?api-version=2022-09-01' + if not arm_endpoint: # pylint: disable=use-a-generator + return Cloud('') import requests + from azure.cli.core.cloud import _arm_to_cli_mapper error_msg_fmt = "Unable to get endpoints from the cloud.\n{}" try: session = requests.Session() if session is None else session @@ -48,14 +49,7 @@ def _populate_from_metadata_endpoint(cloud, arm_endpoint, session=None): response = session.get(metadata_endpoint) if response.status_code == 200: metadata = response.json() - if not cloud.endpoints.has_endpoint_set('gallery'): - setattr(cloud.endpoints, 'gallery', metadata.get('galleryEndpoint')) - if not cloud.endpoints.has_endpoint_set('active_directory_graph_resource_id'): - setattr(cloud.endpoints, 'active_directory_graph_resource_id', metadata.get('graphEndpoint')) - if not cloud.endpoints.has_endpoint_set('active_directory'): - setattr(cloud.endpoints, 'active_directory', metadata['authentication'].get('loginEndpoint')) - if not cloud.endpoints.has_endpoint_set('active_directory_resource_id'): - setattr(cloud.endpoints, 'active_directory_resource_id', metadata['authentication']['audiences'][0]) + return _arm_to_cli_mapper(metadata) else: msg = 'Server returned status code {} for {}'.format(response.status_code, metadata_endpoint) raise CLIError(error_msg_fmt.format(msg)) @@ -72,7 +66,12 @@ def _build_cloud(cli_ctx, cloud_name, cloud_config=None, cloud_args=None): if cloud_config: # Using JSON format so convert the keys to snake case cloud_args = {to_snake_case(k): v for k, v in cloud_config.items()} - c = Cloud(cloud_name) + if 'endpoints' in cloud_args: + arm_endpoint = cloud_args['endpoints'].get('resource_manager', None) or cloud_args['endpoints'].get('resourceManager', None) + if 'endpoint_resource_manager' in cloud_args: + arm_endpoint = cloud_args['endpoint_resource_manager'] + c = _populate_from_metadata_endpoint(arm_endpoint) + c.name = cloud_name c.profile = cloud_args.get('profile', None) try: endpoints = cloud_args['endpoints'] @@ -93,12 +92,6 @@ def _build_cloud(cli_ctx, cloud_name, cloud_config=None, cloud_args=None): elif arg.startswith('suffix_') and cloud_args[arg] is not None: setattr(c.suffixes, arg.replace('suffix_', ''), cloud_args[arg]) - try: - arm_endpoint = c.endpoints.resource_manager - except CloudEndpointNotSetException: - arm_endpoint = None - - _populate_from_metadata_endpoint(c, arm_endpoint) required_endpoints = {'resource_manager': '--endpoint-resource-manager', 'active_directory': '--endpoint-active-directory', 'active_directory_resource_id': '--endpoint-active-directory-resource-id', diff --git a/src/azure-cli/azure/cli/command_modules/cloud/tests/latest/recordings/test_cloud_scenario.yaml b/src/azure-cli/azure/cli/command_modules/cloud/tests/latest/recordings/test_cloud_scenario.yaml index 1b282599b5d..e3592d909dd 100644 --- a/src/azure-cli/azure/cli/command_modules/cloud/tests/latest/recordings/test_cloud_scenario.yaml +++ b/src/azure-cli/azure/cli/command_modules/cloud/tests/latest/recordings/test_cloud_scenario.yaml @@ -9,31 +9,33 @@ interactions: Connection: - keep-alive User-Agent: - - python-requests/2.31.0 + - python-requests/2.32.3 method: GET - uri: https://management.azure.com/metadata/endpoints?api-version=2015-01-01 + uri: https://management.azure.com/metadata/endpoints?api-version=2022-09-01 response: body: - string: '{"galleryEndpoint":"https://gallery.azure.com/","graphEndpoint":"https://graph.windows.net/","portalEndpoint":"https://portal.azure.com/","authentication":{"loginEndpoint":"https://login.microsoftonline.com/","audiences":["https://management.core.windows.net/","https://management.azure.com/"]}}' + string: '{"portal":"https://portal.azure.com","authentication":{"loginEndpoint":"https://login.microsoftonline.com","audiences":["https://management.core.windows.net/","https://management.azure.com/"],"tenant":"common","identityProvider":"AAD"},"media":"https://rest.media.azure.net","graphAudience":"https://graph.windows.net/","graph":"https://graph.windows.net/","name":"AzureCloud","suffixes":{"azureDataLakeStoreFileSystem":"azuredatalakestore.net","acrLoginServer":"azurecr.io","sqlServerHostname":"database.windows.net","azureDataLakeAnalyticsCatalogAndJob":"azuredatalakeanalytics.net","keyVaultDns":"vault.azure.net","storage":"core.windows.net","azureFrontDoorEndpointSuffix":"azurefd.net","storageSyncEndpointSuffix":"afs.azure.net","mhsmDns":"managedhsm.azure.net","mysqlServerEndpoint":"mysql.database.azure.com","postgresqlServerEndpoint":"postgres.database.azure.com","mariadbServerEndpoint":"mariadb.database.azure.com","synapseAnalytics":"dev.azuresynapse.net","attestationEndpoint":"attest.azure.net"},"batch":"https://batch.core.windows.net/","resourceManager":"https://management.azure.com/","vmImageAliasDoc":"https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/arm-compute/quickstart-templates/aliases.json","activeDirectoryDataLake":"https://datalake.azure.net/","sqlManagement":"https://management.core.windows.net:8443/","microsoftGraphResourceId":"https://graph.microsoft.com/","appInsightsResourceId":"https://api.applicationinsights.io","appInsightsTelemetryChannelResourceId":"https://dc.applicationinsights.azure.com/v2/track","attestationResourceId":"https://attest.azure.net","synapseAnalyticsResourceId":"https://dev.azuresynapse.net","logAnalyticsResourceId":"https://api.loganalytics.io","ossrDbmsResourceId":"https://ossrdbms-aad.database.windows.net"}' headers: cache-control: - no-cache content-length: - - '295' + - '1795' content-type: - application/json; charset=utf-8 date: - - Thu, 18 Jan 2024 22:31:56 GMT + - Tue, 21 Jan 2025 08:07:35 GMT expires: - '-1' pragma: - no-cache strict-transport-security: - max-age=31536000; includeSubDomains - vary: - - Accept-Encoding + x-cache: + - CONFIG_NOCACHE x-content-type-options: - nosniff + x-msedge-ref: + - 'Ref A: 5387697D2F324B3FBDA4C6117642AC14 Ref B: MAA201060516019 Ref C: 2025-01-21T08:07:36Z' status: code: 200 message: OK diff --git a/src/azure-cli/azure/cli/command_modules/cloud/tests/latest/test_cloud.py b/src/azure-cli/azure/cli/command_modules/cloud/tests/latest/test_cloud.py index b920a8f5a19..8c5b1b16cb1 100644 --- a/src/azure-cli/azure/cli/command_modules/cloud/tests/latest/test_cloud.py +++ b/src/azure-cli/azure/cli/command_modules/cloud/tests/latest/test_cloud.py @@ -96,8 +96,8 @@ def test_cloud_scenario(self): self.cmd('cloud register --name {name} --endpoint-resource-manager https://management.azure.com/') result = self.cmd('az cloud show --name {name}').get_output_in_json() assert result['name'] == 'mycloud' - assert result['endpoints']['activeDirectory'] == 'https://login.microsoftonline.com/' - assert result['endpoints']['management'] == 'https://management.azure.com/' + assert result['endpoints']['activeDirectory'] == 'https://login.microsoftonline.com' + assert result['endpoints']['management'] == 'https://management.core.windows.net/' # Update the cloud self.cmd('cloud update --name {name} --endpoint-active-directory https://login.myendpoint.com/ '