Add http proxy command to az aks create (Azure#3682)

* add http proxy for create scenario to extensions

* change conversion issue

* fix test

* exclude test

* add tag live only

* correct live only

* remove from exclusions

* add recording

* record again

* check for httpProxy

* add correct recording

* add correct recording

* chnage file extension to from yml to yaml

* raise CLI error if file does not exist

* check for file existence instead of a dict

Co-authored-by: Adil Adilli <[email protected]>

Author: adilliadil

src/aks-preview/HISTORY.md

@@ -3,6 +3,10 @@
 Release History
 ===============
 
+0.5.25
++++++
+* Add support for http proxy
+
 0.5.24
 +++++
 * * Add "--aks-custom-headers" for "az aks nodepool upgrade"

src/aks-preview/azext_aks_preview/_help.py

@@ -317,6 +317,9 @@
         - name: --linux-os-config
           type: string
           short-summary: OS configurations for Linux agent nodes.
+        - name: --http-proxy-config
+          type: string
+          short-summary: Http Proxy configuration for this cluster.
         - name: --enable-pod-identity
           type: bool
           short-summary: (PREVIEW) Enable pod identity addon.

src/aks-preview/azext_aks_preview/_params.py

@@ -121,6 +121,7 @@ def load_arguments(self, _):
         c.argument('auto_upgrade_channel', arg_type=get_enum_type([CONST_RAPID_UPGRADE_CHANNEL, CONST_STABLE_UPGRADE_CHANNEL, CONST_PATCH_UPGRADE_CHANNEL, CONST_NODE_IMAGE_UPGRADE_CHANNEL, CONST_NONE_UPGRADE_CHANNEL]))
         c.argument('kubelet_config', type=str)
         c.argument('linux_os_config', type=str)
+        c.argument('http_proxy_config', options_list=['--http-proxy-config'], type=str)
         c.argument('enable_pod_identity', action='store_true')
         c.argument('appgw_name', options_list=['--appgw-name'], arg_group='Application Gateway')
         c.argument('appgw_subnet_prefix', options_list=['--appgw-subnet-prefix'], arg_group='Application Gateway', deprecate_info=c.deprecate(redirect='--appgw-subnet-cidr', hide=True))

src/aks-preview/azext_aks_preview/custom.py

@@ -77,6 +77,7 @@
                                                                       ManagedClusterAutoUpgradeProfile,
                                                                       KubeletConfig,
                                                                       LinuxOSConfig,
+                                                                      ManagedClusterHTTPProxyConfig,
                                                                       SysctlConfig,
                                                                       ManagedClusterPodIdentityProfile,
                                                                       ManagedClusterPodIdentity,
@@ -1028,6 +1029,7 @@ def aks_create(cmd,     # pylint: disable=too-many-locals,too-many-statements,to
                enable_sgxquotehelper=False,
                kubelet_config=None,
                linux_os_config=None,
+               http_proxy_config=None,
                assign_identity=None,
                auto_upgrade_channel=None,
                enable_pod_identity=False,
@@ -1440,6 +1442,9 @@ def aks_create(cmd,     # pylint: disable=too-many-locals,too-many-statements,to
                 "--fqdn-subdomain should only be used for private cluster with custom private dns zone")
         mc.fqdn_subdomain = fqdn_subdomain
 
+    if http_proxy_config:
+        mc.http_proxy_config = _get_http_proxy_config(http_proxy_config)
+
     if uptime_sla:
         mc.sku = ManagedClusterSKU(
             name="Basic",
@@ -4072,6 +4077,8 @@ def _is_msi_cluster(managed_cluster):
 
 
 def _get_kubelet_config(file_path):
+    if not os.path.isfile(file_path):
+        raise CLIError("{} is not valid file, or not accessable.".format(file_path))
     kubelet_config = get_file_json(file_path)
     if not isinstance(kubelet_config, dict):
         raise CLIError(
@@ -4100,6 +4107,8 @@ def _get_kubelet_config(file_path):
 
 
 def _get_linux_os_config(file_path):
+    if not os.path.isfile(file_path):
+        raise CLIError("{} is not valid file, or not accessable.".format(file_path))
     os_config = get_file_json(file_path)
     if not isinstance(os_config, dict):
         raise CLIError(
@@ -4171,6 +4180,22 @@ def _get_linux_os_config(file_path):
     return config_object
 
 
+def _get_http_proxy_config(file_path):
+    if not os.path.isfile(file_path):
+        raise CLIError("{} is not valid file, or not accessable.".format(file_path))
+    hp_config = get_file_json(file_path)
+    if not isinstance(hp_config, dict):
+        raise CLIError(
+            "Error reading Http Proxy Config at {}. Please see https://aka.ms/HttpProxyConfig for correct format.".format(file_path))
+    config_object = ManagedClusterHTTPProxyConfig()
+    config_object.http_proxy = hp_config.get("httpProxy", None)
+    config_object.https_proxy = hp_config.get("httpsProxy", None)
+    config_object.no_proxy = hp_config.get("noProxy", None)
+    config_object.trusted_ca = hp_config.get("trustedCa", None)
+
+    return config_object
+
+
 def _is_pod_identity_addon_enabled(instance):
     if not instance:
         return False

src/aks-preview/azext_aks_preview/tests/latest/data/httpproxyconfig.json

@@ -0,0 +1,9 @@
+{ 
+    "httpProxy": "http://myproxy.server.com:8080/", 
+    "httpsProxy": "https://myproxy.server.com:8080/", 
+    "noProxy": [
+        "localhost",
+        "127.0.0.1"
+    ],
+    "trustedCa": "G9yR2xrQ29NRjNURHg4cm1wOURCaUIvCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0="
+}