Skip to content

NetworkACl update #447

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
tiffanyachen wants to merge 18 commits into from
Closed

NetworkACl update #447

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
8b01f9b
Added enableSoftDelete, DeletedVault, and Purge to method group
tiffanyachen Apr 25, 2018
840bc67
re-recorded tests
tiffanyachen Apr 25, 2018
6b777b9
Updates from code review
tiffanyachen Apr 26, 2018
e3cedf9
Updated access policy to include storage
tiffanyachen May 1, 2018
ffb3d8c
Moved converter for DeletedVaultInner
tiffanyachen May 1, 2018
8ee4d5b
Added async methods
tiffanyachen May 7, 2018
665b61d
Removed unecessary async methods and SupportsListing<Vault> from Vaul…
tiffanyachen May 9, 2018
5f55bb3
Simplified async access and elevated properties for Vault and Deleted…
tiffanyachen May 10, 2018
531c670
Updated checkstyle
tiffanyachen May 10, 2018
a4dca55
Elevated access policies
tiffanyachen May 11, 2018
929fb8b
Moved recovery of softDeletedVault to independent method
tiffanyachen May 11, 2018
dcd32d0
Merge remote-tracking branch 'upstream/kv2018' into kv2018
tiffanyachen May 11, 2018
b4cdc48
Changed purgeDeletedAsync to return Completable
tiffanyachen May 11, 2018
bec4326
Removed unused interfaces and added beta annotations
tiffanyachen May 11, 2018
e547233
Unused imports in vaultImpl
tiffanyachen May 11, 2018
b739852
Updated javadocs for accessPolicy
tiffanyachen May 11, 2018
05b1f15
Merge remote-tracking branch 'upstream/kv2018' into kv2018
tiffanyachen May 14, 2018
91fd957
Added networkAcl access create/update
tiffanyachen May 14, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 38 additions & 0 deletions azure-mgmt-keyvault/src/main/java/com/microsoft/azure/management/keyvault/Vault.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,14 @@ public interface Vault extends
*/
@Beta(SinceVersion.V1_11_0)
CreateMode createMode();

/**
* Get the networkAcls value.
*
* @return the networkAcls value
*/
@Beta(SinceVersion.V1_11_0)
NetworkRuleSet networkAcls();
Copy link
Contributor

@milismsft milismsft May 15, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tiffanyachen In Fluent we try to avoid using acronyms especially when these are not needed. In this the method can be replaced with "networkRuleSet()". It's also consistent with a similar class found in Storage management library.


/**************************************************************
* Fluent interfaces to provision a Vault
Expand Down Expand Up @@ -179,6 +187,20 @@ interface WithAccessPolicy {
@Method
AccessPolicy.DefinitionStages.Blank<WithCreate> defineAccessPolicy();
}

/**
* A key vault definition allowing the networkAcl to be set.
*/
interface WithNetworkAcls {

/**
* Set the networkAcls value.
*
* @param networkAcls the networkAcls value to set
* @return the next stage of key vault definition
*/
WithCreate withNetworkAcls(NetworkRuleSet networkAcls);
Copy link
Contributor

@milismsft milismsft May 15, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tiffanyachen Please rename this to "withNetworkRuleSet()". Also in Java we try to avoid passing a whole complex object that needs to be built aside and instead we "decompose" them in place into a sequence of "with...()" methods corresponding to each member of the class that can be set. Think of it similar to setting the AccessPolicy.

Copy link
Member

@anuchandy anuchandy May 15, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems the key vault NetworkRuleSet is EXACTLY same as storage account network rule set. Customer will have consistent experience If we can ensure key vault nw ruleset experience is same as that storage provide.

Storage:

azure-libraries-for-java/azure-mgmt-keyvault/src/main/java/com/microsoft/azure/management/keyvault/NetworkRuleSet.java

Line 17 in 6f62630

public class NetworkRuleSet {

KeyVault:

azure-libraries-for-java/azure-mgmt-storage/src/main/java/com/microsoft/azure/management/storage/NetworkRuleSet.java

Line 17 in 6f62630

public class NetworkRuleSet {

Take a look at this “stage” in storage account definition

azure-libraries-for-java/azure-mgmt-storage/src/main/java/com/microsoft/azure/management/storage/StorageAccount.java

Line 446 in 6f62630

interface WithNetworkAccess {
and this “stage” in storage account update

azure-libraries-for-java/azure-mgmt-storage/src/main/java/com/microsoft/azure/management/storage/StorageAccount.java

Line 752 in 6f62630

interface WithNetworkAccess {

Also this helper https://github.com/Azure/azure-libraries-for-java/blob/kv2018/azure-mgmt-storage/src/main/java/com/microsoft/azure/management/storage/implementation/StorageNetworkRulesHelper.java

It seems you can copy over the helper, stages and implementations from storage. But double check the logic work for key vault as well.

}

/**
* A key vault definition allowing various configurations to be set.
Expand Down Expand Up @@ -252,6 +274,7 @@ interface WithCreate extends
Creatable<Vault>,
GroupableResource.DefinitionWithTags<WithCreate>,
DefinitionStages.WithSku,
DefinitionStages.WithNetworkAcls,
DefinitionStages.WithConfigurations,
DefinitionStages.WithAccessPolicy {
}
Expand Down Expand Up @@ -298,6 +321,20 @@ interface WithAccessPolicy {
AccessPolicy.Update updateAccessPolicy(String objectId);
}

/**
* A key vault update allowing the networkAcl to be set.
*/
interface WithNetworkAcls {

/**
* Set the networkAcls value.
*
* @param networkAcls the networkAcls value to set
* @return the next stage of key vault definition
*/
Update withNetworkAcls(NetworkRuleSet networkAcls);
Copy link
Contributor

@milismsft milismsft May 15, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same feedback as above.

}

/**
* A key vault update allowing various configurations to be set.
*/
Expand Down Expand Up @@ -369,6 +406,7 @@ interface Update extends
GroupableResource.UpdateWithTags<Update>,
Appliable<Vault>,
UpdateStages.WithAccessPolicy,
UpdateStages.WithNetworkAcls,
UpdateStages.WithConfigurations {
}
}
Expand Down
15 changes: 15 additions & 0 deletions ...vault/src/main/java/com/microsoft/azure/management/keyvault/implementation/VaultImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import com.microsoft.azure.management.keyvault.AccessPolicyEntry;
import com.microsoft.azure.management.keyvault.CreateMode;
import com.microsoft.azure.management.keyvault.Keys;
import com.microsoft.azure.management.keyvault.NetworkRuleSet;
import com.microsoft.azure.management.keyvault.Secrets;
import com.microsoft.azure.management.keyvault.Sku;
import com.microsoft.azure.management.keyvault.SkuName;
Expand Down Expand Up @@ -331,4 +332,18 @@ public CreateMode createMode() {
return inner().properties().createMode();
}

@Override
public VaultImpl withNetworkAcls(NetworkRuleSet networkAcls) {
if (inner().properties() == null) {
inner().withProperties(new VaultProperties());
}
inner().properties().withNetworkAcls(networkAcls);
return this;
}

@Override
public NetworkRuleSet networkAcls() {
return inner().properties().networkAcls();
}

}