Add OIDC and WIF flags to ConnectedCluster Cmdlet (#25786)

* Re-generate 2024-07-01-preview SDK * Implement wait and update test * Run test recording * Add skipping tests back * Use Write-Error for errors
Azure · Aug 13, 2024 · 25183b3 · 25183b3
1 parent e8fe24d
commit 25183b3
Show file tree

Hide file tree

Showing 15 changed files with 726 additions and 373 deletions.
diff --git a/src/ConnectedKubernetes/ConnectedKubernetes.Autorest/README.md b/src/ConnectedKubernetes/ConnectedKubernetes.Autorest/README.md
@@ -3,9 +3,6 @@
 This directory contains the PowerShell module for the ConnectedKubernetes service.
 
 ---
-## Status
-[![Az.ConnectedKubernetes](https://img.shields.io/powershellgallery/v/Az.ConnectedKubernetes.svg?style=flat-square&label=Az.ConnectedKubernetes "Az.ConnectedKubernetes")](https://www.powershellgallery.com/packages/Az.ConnectedKubernetes/)
-
 ## Info
 - Modifiable: yes
 - Generated: all
@@ -47,11 +44,11 @@ In this directory, run AutoRest:
 > see https://aka.ms/autorest
 
 ``` yaml
-commit: ac6324d13863e8157f4b392ef0ceef1e86eea935
+commit: 0ce2859b2f018adcea3d14346951ff4270dcff3d
 require:
   - $(this-folder)/../../readme.azure.noprofile.md
 input-file:
-  - $(repo)/specification/hybridkubernetes/resource-manager/Microsoft.Kubernetes/preview/2022-10-01-preview/connectedClusters.json
+  - $(repo)/specification/hybridkubernetes/resource-manager/Microsoft.Kubernetes/preview/2024-07-01-preview/connectedClusters.json
 
 title: ConnectedKubernetes
 module-version: 0.1.0

diff --git a/...tedKubernetes/ConnectedKubernetes.Autorest/UX/Microsoft.Kubernetes/connectedClusters.json b/...tedKubernetes/ConnectedKubernetes.Autorest/UX/Microsoft.Kubernetes/connectedClusters.json
@@ -1,6 +1,6 @@
 {
   "resourceType": "connectedClusters",
-  "apiVersion": "2022-10-01-preview",
+  "apiVersion": "2024-07-01-preview",
   "learnMore": {
     "url": "https://learn.microsoft.com/powershell/module/az.connectedkubernetes"
   },

diff --git a/src/ConnectedKubernetes/ConnectedKubernetes.Autorest/custom/New-AzConnectedKubernetes.ps1 b/src/ConnectedKubernetes/ConnectedKubernetes.Autorest/custom/New-AzConnectedKubernetes.ps1
@@ -25,12 +25,12 @@ New-AzConnectedKubernetes -ClusterName azps_test_cluster -ResourceGroupName azps
 New-AzConnectedKubernetes -ClusterName azps_test_cluster1 -ResourceGroupName azps_test_group -Location eastus -KubeConfig $HOME\.kube\config -KubeContext azps_aks_t01
 
 .Outputs
-Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IConnectedCluster
+Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IConnectedCluster
 .Link
 https://learn.microsoft.com/powershell/module/az.connectedkubernetes/new-azconnectedkubernetes
 #>
 function New-AzConnectedKubernetes {
-    [OutputType([Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IConnectedCluster])]
+    [OutputType([Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IConnectedCluster])]
     [CmdletBinding(DefaultParameterSetName='CreateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')]
     param(
         [Parameter(Mandatory)]
@@ -173,6 +173,24 @@ function New-AzConnectedKubernetes {
         # OID of 'custom-locations' app.
         ${CustomLocationsOid},
 
+        [Parameter()]
+        [Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Category('Body')]
+        [System.Management.Automation.SwitchParameter]
+        # Whether to enable oidc issuer for workload identity integration.
+        ${OidcIssuerProfileEnabled},
+
+        [Parameter()]
+        [Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Category('Body')]
+        [System.String]
+        # The issuer url for public cloud clusters - AKS, EKS, GKE - used for the workload identity feature.
+        ${OidcIssuerProfileSelfHostedIssuerUrl},
+
+        [Parameter()]
+        [Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Category('Body')]
+        [System.Management.Automation.SwitchParameter]
+        # Whether to enable or disable the workload identity Webhook
+        ${WorkloadIdentityEnabled},
+
         [Parameter()]
         [System.Management.Automation.SwitchParameter]
         # Accept EULA of ConnectedKubernetes, legal term will pop up without this parameter provided
@@ -526,6 +544,26 @@ function New-AzConnectedKubernetes {
         } catch {
             throw "Unable to install helm chart at $ChartPath"
         }
+
+        if ($PSBoundParameters.ContainsKey('OidcIssuerProfileEnabled') -or $PSBoundParameters.ContainsKey('WorkloadIdentityEnabled') ) {
+            $ExistConnectedKubernetes = Get-AzConnectedKubernetes -ResourceGroupName $ResourceGroupName -ClusterName $ClusterName @CommonPSBoundParameters
+
+            Write-Host "Cluster configuration is in progress..."
+            $timeout = [datetime]::Now.AddMinutes(60)
+
+            while (($ExistConnectedKubernetes.ArcAgentProfileAgentState -ne "Succeeded") -and ($ExistConnectedKubernetes.ArcAgentProfileAgentState -ne "Failed") -and ([datetime]::Now -lt $timeout)) {
+                Start-Sleep -Seconds 30
+                $ExistConnectedKubernetes = Get-AzConnectedKubernetes -ResourceGroupName $ResourceGroupName -ClusterName $ClusterName @CommonPSBoundParameters
+            }
+
+            if ($ExistConnectedKubernetes.ArcAgentProfileAgentState -eq "Succeeded") {
+                Write-Host "Cluster configuration succeeded."
+            } elseif ($ExistConnectedKubernetes.ArcAgentProfileAgentState -eq "Failed") {
+                Write-Error "Cluster configuration failed."
+            } else {
+                Write-Error "Cluster configuration timed out after 60 minutes."
+            }      
+        }
         Return $Response
     }
 }
diff --git a/src/ConnectedKubernetes/ConnectedKubernetes.Autorest/custom/Update-AzConnectedKubernetes.ps1 b/src/ConnectedKubernetes/ConnectedKubernetes.Autorest/custom/Update-AzConnectedKubernetes.ps1
@@ -27,7 +27,7 @@ Get-AzConnectedKubernetes -ClusterName azps_test_cluster -ResourceGroupName azps
 .Inputs
 Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.IConnectedKubernetesIdentity
 .Outputs
-Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IConnectedCluster
+Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IConnectedCluster
 .Notes
 COMPLEX PARAMETER PROPERTIES
 
@@ -42,7 +42,7 @@ INPUTOBJECT <IConnectedKubernetesIdentity>: Identity Parameter
 https://learn.microsoft.com/powershell/module/az.connectedkubernetes/update-azconnectedkubernetes
 #>
 function Update-AzConnectedKubernetes {
-[OutputType([Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IConnectedCluster])]
+[OutputType([Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IConnectedCluster])]
 [CmdletBinding(DefaultParameterSetName='UpdateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')]
 param(
     [Parameter(ParameterSetName='UpdateExpanded', Mandatory)]
@@ -99,7 +99,7 @@ param(
 
     [Parameter()]
     [Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Category('Body')]
-    [Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Runtime.Info(PossibleTypes=([Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IConnectedClusterPatchTags]))]
+    [Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Runtime.Info(PossibleTypes=([Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IConnectedClusterPatchTags]))]
     [System.Collections.Hashtable]
     # Resource tags.
     ${Tag},

diff --git a/...nectedKubernetes/ConnectedKubernetes.Autorest/docs/Get-AzConnectedKubernetes.md b/...nectedKubernetes/ConnectedKubernetes.Autorest/docs/Get-AzConnectedKubernetes.md
@@ -184,22 +184,9 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
 
 ## OUTPUTS
 
-### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IConnectedCluster
+### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IConnectedCluster
 
 ## NOTES
 
-ALIASES
-
-COMPLEX PARAMETER PROPERTIES
-
-To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
-
-
-`INPUTOBJECT <IConnectedKubernetesIdentity>`: Identity Parameter
-  - `[ClusterName <String>]`: The name of the Kubernetes cluster on which get is called.
-  - `[Id <String>]`: Resource identity path
-  - `[ResourceGroupName <String>]`: The name of the resource group. The name is case insensitive.
-  - `[SubscriptionId <String>]`: The ID of the target subscription.
-
 ## RELATED LINKS
 
diff --git a/...es/ConnectedKubernetes.Autorest/docs/Get-AzConnectedKubernetesUserCredential.md b/...es/ConnectedKubernetes.Autorest/docs/Get-AzConnectedKubernetesUserCredential.md
@@ -135,7 +135,7 @@ Accept wildcard characters: False
 To construct, see NOTES section for PROPERTY properties and create a hash table.
 
 ```yaml
-Type: Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IListClusterUserCredentialProperties
+Type: Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IListClusterUserCredentialProperties
 Parameter Sets: List
 Aliases:
 
@@ -213,24 +213,13 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
 
 ## INPUTS
 
-### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IListClusterUserCredentialProperties
+### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IListClusterUserCredentialProperties
 
 ## OUTPUTS
 
-### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.ICredentialResults
+### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.ICredentialResults
 
 ## NOTES
 
-ALIASES
-
-COMPLEX PARAMETER PROPERTIES
-
-To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
-
-
-`PROPERTY <IListClusterUserCredentialProperties>`: .
-  - `AuthenticationMethod <AuthenticationMethod>`: The mode of client authentication.
-  - `ClientProxy <Boolean>`: Boolean value to indicate whether the request is for client side proxy or not
-
 ## RELATED LINKS
 
diff --git a/...nectedKubernetes/ConnectedKubernetes.Autorest/docs/New-AzConnectedKubernetes.md b/...nectedKubernetes/ConnectedKubernetes.Autorest/docs/New-AzConnectedKubernetes.md
@@ -18,9 +18,10 @@ New-AzConnectedKubernetes -ClusterName <String> -ResourceGroupName <String> -Loc
  [-OnboardingTimeout <Int32>] [-ProxyCert <String>] [-SubscriptionId <String>] [-AcceptEULA]
  [-AzureHybridBenefit <AzureHybridBenefit>] [-CustomLocationsOid <String>] [-Distribution <String>]
  [-DistributionVersion <String>] [-Infrastructure <String>] [-KubeConfig <String>] [-KubeContext <String>]
+ [-OidcIssuerProfileEnabled] [-OidcIssuerProfileSelfHostedIssuerUrl <String>]
  [-PrivateLinkScopeResourceId <String>] [-PrivateLinkState <PrivateLinkState>]
- [-ProvisioningState <ProvisioningState>] [-Tag <Hashtable>] [-DefaultProfile <PSObject>] [-AsJob] [-NoWait]
- [-Confirm] [-WhatIf] [<CommonParameters>]
+ [-ProvisioningState <ProvisioningState>] [-Tag <Hashtable>] [-WorkloadIdentityEnabled]
+ [-DefaultProfile <PSObject>] [-AsJob] [-NoWait] [-Confirm] [-WhatIf] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -409,6 +410,36 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -OidcIssuerProfileEnabled
+Whether to enable oidc issuer for workload identity integration.
+
+```yaml
+Type: System.Management.Automation.SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -OidcIssuerProfileSelfHostedIssuerUrl
+The issuer url for public cloud clusters - AKS, EKS, GKE - used for the workload identity feature.
+
+```yaml
+Type: System.String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -OnboardingTimeout
 The time required (in seconds) for the arc-agent pods to be installed on the kubernetes cluster.
 
@@ -530,6 +561,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -WorkloadIdentityEnabled
+Whether to enable or disable the workload identity Webhook
+
+```yaml
+Type: System.Management.Automation.SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Confirm
 Prompts you for confirmation before running the cmdlet.
 
@@ -568,11 +614,9 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
 
 ## OUTPUTS
 
-### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IConnectedCluster
+### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IConnectedCluster
 
 ## NOTES
 
-ALIASES
-
 ## RELATED LINKS
 
diff --git a/...tedKubernetes/ConnectedKubernetes.Autorest/docs/Remove-AzConnectedKubernetes.md b/...tedKubernetes/ConnectedKubernetes.Autorest/docs/Remove-AzConnectedKubernetes.md
@@ -243,18 +243,5 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
 
 ## NOTES
 
-ALIASES
-
-COMPLEX PARAMETER PROPERTIES
-
-To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
-
-
-`INPUTOBJECT <IConnectedKubernetesIdentity>`: Identity Parameter
-  - `[ClusterName <String>]`: The name of the Kubernetes cluster on which get is called.
-  - `[Id <String>]`: Resource identity path
-  - `[ResourceGroupName <String>]`: The name of the resource group. The name is case insensitive.
-  - `[SubscriptionId <String>]`: The ID of the target subscription.
-
 ## RELATED LINKS
 
diff --git a/...tedKubernetes/ConnectedKubernetes.Autorest/docs/Update-AzConnectedKubernetes.md b/...tedKubernetes/ConnectedKubernetes.Autorest/docs/Update-AzConnectedKubernetes.md
@@ -281,22 +281,9 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
 
 ## OUTPUTS
 
-### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20221001Preview.IConnectedCluster
+### Microsoft.Azure.PowerShell.Cmdlets.ConnectedKubernetes.Models.Api20240701Preview.IConnectedCluster
 
 ## NOTES
 
-ALIASES
-
-COMPLEX PARAMETER PROPERTIES
-
-To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
-
-
-`INPUTOBJECT <IConnectedKubernetesIdentity>`: Identity Parameter
-  - `[ClusterName <String>]`: The name of the Kubernetes cluster on which get is called.
-  - `[Id <String>]`: Resource identity path
-  - `[ResourceGroupName <String>]`: The name of the resource group. The name is case insensitive.
-  - `[SubscriptionId <String>]`: The ID of the target subscription.
-
 ## RELATED LINKS