K8s extension/release 1.3.8

src/k8s-extension/HISTORY.rst

@@ -3,6 +3,13 @@
 Release History
 ===============
 
+1.3.8
+++++++++++++++++++
+* Fixes to address the bug with msi auth mode for azuremonitor-containers extension version >= 3.0.0
+* microsoft.dapr: disable apply-CRDs hook if auto-upgrade is disabled
+* microsoft.azuremonitor.containers: ContainerInsights Extension add dataCollectionSettings to configuration settings
+* k8s-extension Adding GA api version 2022-11-01 exposing isSystemExtension and support
+
 1.3.7
 ++++++++++++++++++
 * microsoft.dapr: prompt user for existing dapr installation during extension create

src/k8s-extension/README.rst

@@ -31,6 +31,10 @@ az k8s-extension create \
     --version versionNumber \
     --auto-upgrade-minor-version autoUpgrade \
     --configuration-settings exampleSetting=exampleValue \
+    --plan-name examplePlanName \
+    --plan-publisher examplePublisher \
+    --plan-product exampleOfferId \
+
 ```
 
 ##### Get a KubernetesExtension

src/k8s-extension/azext_k8s_extension/_format.py

@@ -15,12 +15,21 @@ def k8s_extension_show_table_format(result):
 
 
 def __get_table_row(result):
+    plan_name, plan_publisher, plan_product = '', '', ''
+    if result['plan']:
+        plan_name = result['plan']['name']
+        plan_publisher = result['plan']['publisher']
+        plan_product = result['plan']['product']
     return OrderedDict([
         ('name', result['name']),
         ('extensionType', result.get('extensionType', '')),
         ('version', result.get('version', '')),
         ('provisioningState', result.get('provisioningState', '')),
         ('lastModifiedAt', result.get('systemData', {}).get('lastModifiedAt', '')),
+        ('plan_name', plan_name),
+        {'plan_publisher', plan_publisher},
+        ('plan_product', plan_product),
+        ('isSystemExtension', result.get('isSystemExtension', '')),
     ])
 
 

src/k8s-extension/azext_k8s_extension/_help.py

@@ -15,13 +15,19 @@
 
 helps[f'{consts.EXTENSION_NAME} create'] = f"""
     type: command
-    short-summary: Create a Kubernetes Extension.
+    short-summary: Create a Kubernetes Cluster Extension, including purchasing an extension Offer from Azure Marketplace (AKS only). Please refer to the example at the end to see how to create an extension or purchase an extension offer.
     examples:
       - name: Create a Kubernetes Extension
         text: |-
           az {consts.EXTENSION_NAME} create --resource-group my-resource-group \
 --cluster-name mycluster --cluster-type connectedClusters --name myextension \
 --extension-type microsoft.openservicemesh --scope cluster --release-train stable
+      - name: Create a Kubernetes Marketplace Extension
+        text: |-
+          az {consts.EXTENSION_NAME} create --resource-group my-resource-group \
+--cluster-name mycluster --cluster-type managedClusters --name myextension \
+--extension-type Contoso.AzureVoteKubernetesAppTest --scope cluster --release-train stable \
+--plan-name testplan --plan-product kubernetest_apps_demo_offer --plan-publisher test_test_mix3pptest0011614206850774
 """
 
 helps[f'{consts.EXTENSION_NAME} list'] = f"""
@@ -67,9 +73,9 @@
 --cluster-name mycluster --cluster-type connectedClusters \
 --name myextension --auto-upgrade true/false --version extension-version \
 --release-train stable --configuration-settings settings-key=settings-value \
---configuration-protected-settings protected-settings-key=protected-value \
---configuration-settings-file=config-settings-file \
---configuration-protected-settings-file=protected-settings-file
+--config-protected-settings protected-settings-key=protected-value \
+--config-settings-file=config-settings-file \
+--config-protected-file=protected-settings-file
 """
 
 helps[f'{consts.EXTENSION_NAME} extension-types'] = """

src/k8s-extension/azext_k8s_extension/_params.py

@@ -12,7 +12,7 @@
 
 from .action import (
     AddConfigurationSettings,
-    AddConfigurationProtectedSettings
+    AddConfigurationProtectedSettings,
 )
 
 
@@ -52,30 +52,41 @@ def load_arguments(self, _):
                    help='Specify the release train for the extension type.')
         c.argument('configuration_settings',
                    arg_group="Configuration",
-                   options_list=['--configuration-settings', '--config-settings', '--config'],
+                   options_list=['--configuration-settings', '--config'],
                    action=AddConfigurationSettings,
                    nargs='+',
                    help='Configuration Settings as key=value pair.  Repeat parameter for each setting')
         c.argument('configuration_protected_settings',
                    arg_group="Configuration",
-                   options_list=['--configuration-protected-settings', '--config-protected-settings', '--config-protected'],
+                   options_list=['--config-protected-settings', '--config-protected'],
                    action=AddConfigurationProtectedSettings,
                    nargs='+',
                    help='Configuration Protected Settings as key=value pair.  Repeat parameter for each setting')
         c.argument('configuration_settings_file',
                    arg_group="Configuration",
-                   options_list=['--configuration-settings-file', '--config-settings-file', '--config-file'],
+                   options_list=['--config-settings-file', '--config-file'],
                    help='JSON file path for configuration-settings')
         c.argument('configuration_protected_settings_file',
                    arg_group="Configuration",
-                   options_list=['--configuration-protected-settings-file', '--config-protected-settings-file', '--config-protected-file'],
+                   options_list=['--config-protected-file', '--protected-settings-file'],
                    help='JSON file path for configuration-protected-settings')
         c.argument('release_namespace',
                    help='Specify the namespace to install the extension release.')
         c.argument('target_namespace',
                    help='Specify the target namespace to install to for the extension instance. This'
                    ' parameter is required if extension scope is set to \'namespace\'')
-
+        c.argument('plan_name',
+                   arg_group="Marketplace",
+                   options_list=['--plan-name'],
+                   help='The plan name is referring to the Plan ID of the extension that is being taken from Marketplace portal under Usage Information + Support')
+        c.argument('plan_product',
+                   arg_group="Marketplace",
+                   options_list=['--plan-product'],
+                   help='The plan product is referring to the Product ID of the extension that is being taken from Marketplace portal under Usage Information + Support. An example of this is the name of the ISV offering used.')
+        c.argument('plan_publisher',
+                   arg_group="Marketplace",
+                   options_list=['--plan-publisher'],
+                   help='The plan publisher is referring to the Publisher ID of the extension that is being taken from Marketplace portal under Usage Information + Support')
     with self.argument_context(f"{consts.EXTENSION_NAME} update") as c:
         c.argument('yes',
                    options_list=['--yes', '-y'],

src/k8s-extension/azext_k8s_extension/consts.py

@@ -21,7 +21,7 @@
 PROVISIONED_CLUSTER_TYPE = "provisionedclusters"
 
 CONNECTED_CLUSTER_API_VERSION = "2021-10-01"
-MANAGED_CLUSTER_API_VERSION = "2021-10-01"
+MANAGED_CLUSTER_API_VERSION = "2022-11-01"
 APPLIANCE_API_VERSION = "2021-10-31-preview"
 HYBRIDCONTAINERSERVICE_API_VERSION = "2022-05-01-preview"
 

src/k8s-extension/azext_k8s_extension/custom.py

@@ -109,6 +109,9 @@ def create_k8s_extension(
     configuration_settings_file=None,
     configuration_protected_settings_file=None,
     no_wait=False,
+    plan_name=None,
+    plan_publisher=None,
+    plan_product=None
 ):
     """Create a new Extension Instance."""
 
@@ -182,6 +185,9 @@ def create_k8s_extension(
         config_protected_settings,
         configuration_settings_file,
         configuration_protected_settings_file,
+        plan_name,
+        plan_publisher,
+        plan_product
     )
 
     # Common validations

src/k8s-extension/azext_k8s_extension/partner_extensions/AzureDefender.py

@@ -21,7 +21,8 @@ class AzureDefender(DefaultExtension):
     def Create(self, cmd, client, resource_group_name, cluster_name, name, cluster_type, cluster_rp,
                extension_type, scope, auto_upgrade_minor_version, release_train, version, target_namespace,
                release_namespace, configuration_settings, configuration_protected_settings,
-               configuration_settings_file, configuration_protected_settings_file):
+               configuration_settings_file, configuration_protected_settings_file, plan_name,
+               plan_publisher, plan_product):
 
         """ExtensionType 'microsoft.azuredefender.kubernetes' specific validations & defaults for Create
            Must create and return a valid 'Extension' object.

src/k8s-extension/azext_k8s_extension/partner_extensions/AzureMLKubernetes.py

@@ -114,7 +114,8 @@ def __init__(self):
     def Create(self, cmd, client, resource_group_name, cluster_name, name, cluster_type, cluster_rp,
                extension_type, scope, auto_upgrade_minor_version, release_train, version, target_namespace,
                release_namespace, configuration_settings, configuration_protected_settings,
-               configuration_settings_file, configuration_protected_settings_file):
+               configuration_settings_file, configuration_protected_settings_file, plan_name,
+               plan_publisher, plan_product):
 
         logger.warning("Troubleshooting: {}".format(self.TSG_LINK))
 

src/k8s-extension/azext_k8s_extension/partner_extensions/ContainerInsights.py

@@ -7,6 +7,7 @@
 
 import datetime
 import json
+import re
 
 from ..utils import get_cluster_rp_api_version
 from .. import consts
@@ -36,7 +37,8 @@ class ContainerInsights(DefaultExtension):
     def Create(self, cmd, client, resource_group_name, cluster_name, name, cluster_type, cluster_rp,
                extension_type, scope, auto_upgrade_minor_version, release_train, version, target_namespace,
                release_namespace, configuration_settings, configuration_protected_settings,
-               configuration_settings_file, configuration_protected_settings_file):
+               configuration_settings_file, configuration_protected_settings_file,
+               plan_name, plan_publisher, plan_product):
         """ExtensionType 'microsoft.azuremonitor.containers' specific validations & defaults for Create
            Must create and return a valid 'Extension' object.
 
@@ -453,6 +455,7 @@ def _get_container_insights_settings(cmd, cluster_resource_group_name, cluster_r
     subscription_id = get_subscription_id(cmd.cli_ctx)
     workspace_resource_id = ''
     useAADAuth = False
+    extensionSettings = {}
 
     if configuration_settings is not None:
         if 'loganalyticsworkspaceresourceid' in configuration_settings:
@@ -473,6 +476,26 @@ def _get_container_insights_settings(cmd, cluster_resource_group_name, cluster_r
             logger.info("provided useAADAuth flag is : %s", useAADAuthSetting)
             if (isinstance(useAADAuthSetting, str) and str(useAADAuthSetting).lower() == "true") or (isinstance(useAADAuthSetting, bool) and useAADAuthSetting):
                 useAADAuth = True
+        if useAADAuth and ('dataCollectionSettings' in configuration_settings):
+            dataCollectionSettingsString = configuration_settings["dataCollectionSettings"]
+            logger.info("provided dataCollectionSettings  is : %s", dataCollectionSettingsString)
+            dataCollectionSettings = json.loads(dataCollectionSettingsString)
+            if 'interval' in dataCollectionSettings.keys():
+                intervalValue = dataCollectionSettings["interval"]
+                if (bool(re.match(r'^[0-9]+[m]$', intervalValue))) is False:
+                    raise InvalidArgumentValueError('interval format must be in <number>m')
+                intervalValue = int(intervalValue.rstrip("m"))
+                if intervalValue <= 0 or intervalValue > 30:
+                    raise InvalidArgumentValueError('interval value MUST be in the range from 1m to 30m')
+            if 'namespaceFilteringMode' in dataCollectionSettings.keys():
+                namespaceFilteringModeValue = dataCollectionSettings["namespaceFilteringMode"].lower()
+                if namespaceFilteringModeValue not in ["off", "exclude", "include"]:
+                    raise InvalidArgumentValueError('namespaceFilteringMode value MUST be either Off or Exclude or Include')
+            if 'namespaces' in dataCollectionSettings.keys():
+                namspaces = dataCollectionSettings["namespaces"]
+                if isinstance(namspaces, list) is False:
+                    raise InvalidArgumentValueError('namespaces must be an array type')
+            extensionSettings["dataCollectionSettings"] = dataCollectionSettings
 
     workspace_resource_id = workspace_resource_id.strip()
 
@@ -502,7 +525,7 @@ def _get_container_insights_settings(cmd, cluster_resource_group_name, cluster_r
     if is_ci_extension_type:
         if useAADAuth:
             logger.info("creating data collection rule and association")
-            _ensure_container_insights_dcr_for_monitoring(cmd, subscription_id, cluster_resource_group_name, cluster_rp, cluster_type, cluster_name, workspace_resource_id)
+            _ensure_container_insights_dcr_for_monitoring(cmd, subscription_id, cluster_resource_group_name, cluster_rp, cluster_type, cluster_name, workspace_resource_id, extensionSettings)
         elif not _is_container_insights_solution_exists(cmd, workspace_resource_id):
             logger.info("Creating ContainerInsights solution resource, since it doesn't exist and it is using legacy authentication")
             _ensure_container_insights_for_monitoring(cmd, workspace_resource_id).result()
@@ -520,6 +543,7 @@ def _get_container_insights_settings(cmd, cluster_resource_group_name, cluster_r
 
     # workspace key not used in case of AAD MSI auth
     configuration_protected_settings['omsagent.secret.key'] = "<not_used>"
+    configuration_protected_settings['amalogs.secret.key'] = "<not_used>"
     if not useAADAuth:
         shared_keys = log_analytics_client.shared_keys.get_shared_keys(
             workspace_rg_name, workspace_name)
@@ -570,7 +594,7 @@ def get_existing_container_insights_extension_dcr_tags(cmd, dcr_url):
     return tags
 
 
-def _ensure_container_insights_dcr_for_monitoring(cmd, subscription_id, cluster_resource_group_name, cluster_rp, cluster_type, cluster_name, workspace_resource_id):
+def _ensure_container_insights_dcr_for_monitoring(cmd, subscription_id, cluster_resource_group_name, cluster_rp, cluster_type, cluster_name, workspace_resource_id, extensionSettings):
     from azure.core.exceptions import HttpResponseError
 
     cluster_region = ''
@@ -665,6 +689,7 @@ def _ensure_container_insights_dcr_for_monitoring(cmd, subscription_id, cluster_
                                 "Microsoft-ContainerInsights-Group-Default"
                             ],
                             "extensionName": "ContainerInsights",
+                            "extensionSettings": extensionSettings
                         }
                     ]
                 },