change helm package download path to mcr (Azure#32)

bavneetsingh16 · web-flow · commit 41d6f64c3e2b · 2025-02-13T14:38:48.000-08:00
diff --git a/src/connectedk8s/azext_connectedk8s/_constants.py b/src/connectedk8s/azext_connectedk8s/_constants.py
@@ -482,7 +482,7 @@
 
 # URL constants
 CLIENT_PROXY_MCR_TARGET = "mcr.microsoft.com/azureconnectivity/proxy"
-HELM_STORAGE_URL = "https://k8connecthelm.azureedge.net"
+HELM_MCR_URL = "mcr.microsoft.com/azurearck8s/helm"
 HELM_VERSION = "v3.12.2"
 Download_And_Install_Kubectl_Fault_Type = "Failed to download and install kubectl"
 Azure_Access_Token_Variable = "AZURE_ACCESS_TOKEN"
diff --git a/src/connectedk8s/azext_connectedk8s/custom.py b/src/connectedk8s/azext_connectedk8s/custom.py
@@ -16,12 +16,12 @@
 import stat
 import tempfile
 import time
-import urllib.request
 from base64 import b64decode, b64encode
 from concurrent.futures import ThreadPoolExecutor
 from subprocess import DEVNULL, PIPE, Popen
 from typing import TYPE_CHECKING, Any, Iterable
 
+import oras.client  # type: ignore[import-untyped]
 import yaml
 from azure.cli.command_modules.role import graph_client_factory
 from azure.cli.core import get_default_cli, telemetry
@@ -1170,20 +1170,23 @@ def install_helm_client() -> str:
     telemetry.add_extension_event(
         "connectedk8s", {"Context.Default.AzureCLI.MachineType": machine_type}
     )
-
     # Set helm binary download & install locations
     if operating_system == "windows":
-        download_location_string = f".azure\\helm\\{consts.HELM_VERSION}\\helm-{consts.HELM_VERSION}-{operating_system}-amd64.zip"
+        download_location_string = f".azure\\helm\\{consts.HELM_VERSION}"
+        download_file_name = f"helm-{consts.HELM_VERSION}-{operating_system}-amd64.zip"
         install_location_string = (
             f".azure\\helm\\{consts.HELM_VERSION}\\{operating_system}-amd64\\helm.exe"
         )
-        requestUri = f"{consts.HELM_STORAGE_URL}/helmsigned/helm-{consts.HELM_VERSION}-{operating_system}-amd64.zip"
+        artifactTag = f"helm-{consts.HELM_VERSION}-{operating_system}-amd64"
     elif operating_system == "linux" or operating_system == "darwin":
-        download_location_string = f".azure/helm/{consts.HELM_VERSION}/helm-{consts.HELM_VERSION}-{operating_system}-amd64.tar.gz"
+        download_location_string = f".azure/helm/{consts.HELM_VERSION}"
+        download_file_name = (
+            f"helm-{consts.HELM_VERSION}-{operating_system}-amd64.tar.gz"
+        )
         install_location_string = (
             f".azure/helm/{consts.HELM_VERSION}/{operating_system}-amd64/helm"
         )
-        requestUri = f"{consts.HELM_STORAGE_URL}/helm/helm-{consts.HELM_VERSION}-{operating_system}-amd64.tar.gz"
+        artifactTag = f"helm-{consts.HELM_VERSION}-{operating_system}-amd64"
     else:
         telemetry.set_exception(
             exception="Unsupported OS for installing helm client",
@@ -1216,11 +1219,15 @@ def install_helm_client() -> str:
         logger.warning(
             "Downloading helm client for first time. This can take few minutes..."
         )
+        client = oras.client.OrasClient()
         retry_count = 3
         retry_delay = 5
         for i in range(retry_count):
             try:
-                response = urllib.request.urlopen(requestUri)
+                client.pull(
+                    target=f"{consts.HELM_MCR_URL}:{artifactTag}",
+                    outdir=download_location,
+                )
                 break
             except Exception as e:
                 if i == retry_count - 1:
@@ -1237,34 +1244,21 @@ def install_helm_client() -> str:
                     )
                 time.sleep(retry_delay)
 
-        responseContent = response.read()
-        response.close()
-
-        # Creating the compressed helm binaries
-        try:
-            with open(download_location, "wb") as f:
-                f.write(responseContent)
-        except Exception as e:
-            telemetry.set_exception(
-                exception=e,
-                fault_type=consts.Create_HelmExe_Fault_Type,
-                summary="Unable to create helm executable",
-            )
-            reco_str = f"Please ensure that you delete the directory '{download_dir}' before trying again."
-            raise ClientRequestError(
-                "Failed to create helm executable." + str(e), recommendation=reco_str
-            )
         # Extract the archive.
         try:
-            shutil.unpack_archive(download_location, download_dir)
+            extract_dir = download_location
+            download_location = os.path.expanduser(
+                os.path.join(download_location, download_file_name)
+            )
+            shutil.unpack_archive(download_location, extract_dir)
             os.chmod(install_location, os.stat(install_location).st_mode | stat.S_IXUSR)
         except Exception as e:
             telemetry.set_exception(
                 exception=e,
                 fault_type=consts.Extract_HelmExe_Fault_Type,
                 summary="Unable to extract helm executable",
             )
-            reco_str = f"Please ensure that you delete the directory '{download_dir}' before trying again."
+            reco_str = f"Please ensure that you delete the directory '{extract_dir}' before trying again."
             raise ClientRequestError(
                 "Failed to extract helm executable." + str(e), recommendation=reco_str
             )
diff --git a/src/connectedk8s/azext_connectedk8s/tests/latest/test_connectedk8s_scenario.py b/src/connectedk8s/azext_connectedk8s/tests/latest/test_connectedk8s_scenario.py
@@ -12,9 +12,9 @@
 import stat
 import subprocess
 import time
-import urllib.request
 from subprocess import PIPE
 
+import oras.client  # type: ignore[import-untyped]
 import psutil
 import requests
 from azure.cli.core import get_default_cli
@@ -71,23 +71,21 @@ def install_helm_client():
 
     # Set helm binary download & install locations
     if operating_system == "windows":
-        download_location_string = (
-            f".azure\\helm\\{consts.HELM_VERSION}\\helm-{consts.HELM_VERSION}-\
-            {operating_system}-amd64.zip"
-        )
+        download_location_string = f".azure\\helm\\{consts.HELM_VERSION}"
+        download_file_name = f"helm-{consts.HELM_VERSION}-{operating_system}-amd64.zip"
         install_location_string = (
             f".azure\\helm\\{consts.HELM_VERSION}\\{operating_system}-amd64\\helm.exe"
         )
-        requestUri = f"{consts.HELM_STORAGE_URL}/helm/helm-{consts.HELM_VERSION}-{operating_system}-amd64.zip"
+        artifactTag = f"helm-{consts.HELM_VERSION}-{operating_system}-amd64"
     elif operating_system == "linux" or operating_system == "darwin":
-        download_location_string = (
-            f".azure/helm/{consts.HELM_VERSION}/helm-{consts.HELM_VERSION}-\
-            {operating_system}-amd64.tar.gz"
+        download_location_string = f".azure/helm/{consts.HELM_VERSION}"
+        download_file_name = (
+            f"helm-{consts.HELM_VERSION}-{operating_system}-amd64.tar.gz"
         )
         install_location_string = (
             f".azure/helm/{consts.HELM_VERSION}/{operating_system}-amd64/helm"
         )
-        requestUri = f"{consts.HELM_STORAGE_URL}/helm/helm-{consts.HELM_VERSION}-{operating_system}-amd64.tar.gz"
+        artifactTag = f"helm-{consts.HELM_VERSION}-{operating_system}-amd64"
     else:
         logger.warning(
             f"The {operating_system} platform is not currently supported for installing helm client."
@@ -98,8 +96,8 @@ def install_helm_client():
     download_dir = os.path.dirname(download_location)
     install_location = os.path.expanduser(os.path.join("~", install_location_string))
 
-    # Download compressed helm binary if not already present
-    if not os.path.isfile(download_location):
+    # Download compressed Helm binary if not already present
+    if not os.path.isfile(install_location):
         # Creating the helm folder if it doesnt exist
         if not os.path.exists(download_dir):
             try:
@@ -109,27 +107,25 @@ def install_helm_client():
                 return
 
         # Downloading compressed helm client executable
+        logger.warning(
+            "Downloading helm client for first time. This can take few minutes..."
+        )
+        client = oras.client.OrasClient()
         try:
-            response = urllib.request.urlopen(requestUri)
+            client.pull(
+                target=f"{consts.HELM_MCR_URL}:{artifactTag}", outdir=download_location
+            )
         except Exception as e:
             logger.warning("Failed to download helm client." + str(e))
             return
 
-        responseContent = response.read()
-        response.close()
-
-        # Creating the compressed helm binaries
+        # Extract the archive.
         try:
-            with open(download_location, "wb") as f:
-                f.write(responseContent)
-        except Exception as e:
-            logger.warning("Failed to extract helm executable" + str(e))
-            return
-
-    # Extract compressed helm binary
-    if not os.path.isfile(install_location):
-        try:
-            shutil.unpack_archive(download_location, download_dir)
+            extract_dir = download_location
+            download_location = os.path.expanduser(
+                os.path.join(download_location, download_file_name)
+            )
+            shutil.unpack_archive(download_location, extract_dir)
             os.chmod(install_location, os.stat(install_location).st_mode | stat.S_IXUSR)
         except Exception as e:
             logger.warning("Failed to extract helm executable" + str(e))
@@ -220,52 +216,6 @@ def test_connect(self, resource_group):
         # delete the kube config
         os.remove(_get_test_data_file(managed_cluster_name + "-config.yaml"))
 
-    @live_only()
-    @ResourceGroupPreparer(
-        name_prefix="conk8stest", location=CONFIG["location"], random_name_length=16
-    )
-    def test_connect_withoidcandworkloadidentity(self, resource_group):
-        managed_cluster_name = self.create_random_name(prefix="test-connect", length=24)
-        kubeconfig = _get_test_data_file(managed_cluster_name + "-config.yaml")
-        self.kwargs.update(
-            {
-                "rg": resource_group,
-                "name": self.create_random_name(prefix="cc-", length=12),
-                "kubeconfig": kubeconfig,
-                "managed_cluster_name": managed_cluster_name,
-                "location": CONFIG["location"],
-            }
-        )
-
-        # scenario - oidc issuer and workload identity enabled
-        self.cmd("aks create -g {rg} -n {managed_cluster_name} --generate-ssh-keys")
-        self.cmd(
-            "aks get-credentials -g {rg} -n {managed_cluster_name} -f {kubeconfig} --admin"
-        )
-        self.cmd(
-            "connectedk8s connect -n {name} -g {rg} -l {location} --tags foo=doo --enable-oidc-issuer \
-            --enable-workload-identity --kube-config {kubeconfig} --kube-context {managed_cluster_name}-admin"
-        )
-        self.cmd(
-            "connectedk8s show -g {rg} -n {name}",
-            checks=[
-                self.check("tags.foo", "doo"),
-                self.check("name", "{name}"),
-                self.check("resourceGroup", "{rg}"),
-                self.check("oidcIssuerProfile.enabled", True),
-                self.check("securityProfile.workloadIndentity.enabled", True),
-            ],
-        )
-
-        self.cmd(
-            "connectedk8s delete -g {rg} -n {name} --kube-config {kubeconfig} --kube-context \
-            {managed_cluster_name}-admin -y"
-        )
-        self.cmd("aks delete -g {rg} -n {managed_cluster_name} -y")
-
-        # delete the kube config
-        os.remove(_get_test_data_file(managed_cluster_name + "-config.yaml"))
-
     @live_only()
     @ResourceGroupPreparer(
         name_prefix="conk8stest", location=CONFIG["location"], random_name_length=16
@@ -470,7 +420,7 @@ def test_enable_disable_features(self, resource_group):
         with self.assertRaisesRegex(
             CLIError,
             "Disabling 'cluster-connect' feature is not allowed when \
-'custom-locations' feature is enabled.",
+'custom-locations' feature is enabled",
         ):
             self.cmd(
                 "connectedk8s disable-features -n {name} -g {rg} --features cluster-connect --kube-config \
@@ -847,22 +797,6 @@ def test_update(self, resource_group):
             ],
         )
 
-        # scenario - oidc issuer and workload identity enabled
-        self.cmd(
-            "connectedk8s update -n {name} -g {rg} --enable-oidc-issuer \
-            --enable-workload-identity --kube-config {kubeconfig} \
-            --kube-context {managed_cluster_name}-admin"
-        )
-        self.cmd(
-            "connectedk8s show -g {rg} -n {name}",
-            checks=[
-                self.check("name", "{name}"),
-                self.check("resourceGroup", "{rg}"),
-                self.check("oidcIssuerProfile.enabled", True),
-                self.check("securityProfile.workloadIndentity.enabled", True),
-            ],
-        )
-
         # scenario - oidc issuer enabled and self hosted issuer url set
         self.cmd(
             'connectedk8s update -n {name} -g {rg} --enable-oidc-issuer \
