Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Network] Add support for setting identity in Application-Gateway #10119

Merged
merged 17 commits into from
Sep 4, 2019
Merged

[Network] Add support for setting identity in Application-Gateway #10119

merged 17 commits into from
Sep 4, 2019

Conversation

mmyyrroonn
Copy link
Contributor

@mmyyrroonn mmyyrroonn commented Aug 1, 2019
edited by haroldrandom
Loading

This checklist is used to make sure that common guidelines for a pull request are followed.

  • The PR has modified HISTORY.rst describing any customer-facing, functional changes. Note that this does not include changes only to help content. (see Modifying change log).

  • I adhere to the Command Guidelines.

@mmyyrroonn mmyyrroonn requested a review from tjprescott August 1, 2019 09:12
@mmyyrroonn
Copy link
Contributor Author

ManagedIdentity cannot be created by CLI so I don't add test code. I manually tested the command. Meanwhile, due to the service limitation, I don't expose the add and remove command to the user.

@mmyyrroonn mmyyrroonn force-pushed the fix-10073-application-gateway-update branch 2 times, most recently from 3a5f6ef to 83f987b Compare August 6, 2019 06:13
@mmyyrroonn mmyyrroonn force-pushed the fix-10073-application-gateway-update branch from 5a3d4be to 9326987 Compare August 12, 2019 05:56
Juliehzl
Juliehzl reviewed Aug 14, 2019
View reviewed changes
src/azure-cli/azure/cli/command_modules/network/_help.py Outdated
@@ -328,6 +328,26 @@
-n MyHttpSettings --probe MyNewProbe
"""

helps['network application-gateway identity'] = """
type: group
short-summary: Manage the identity information
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you need a long summary like vm identity ‘This is required to authenticate and interact with other Azure services using bearer tokens.'?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I need confirm with service team. For know, the identity is used to access the key vault.

@mmyyrroonn mmyyrroonn added this to the Sprint 69 milestone Aug 26, 2019
@mmyyrroonn mmyyrroonn force-pushed the fix-10073-application-gateway-update branch from 9326987 to cd2ea30 Compare August 28, 2019 02:40
@mmyyrroonn mmyyrroonn requested a review from Juliehzl August 28, 2019 02:56
@Juliehzl
Copy link
Contributor

Juliehzl commented Sep 2, 2019

Can you try to resolve conflicts first?

Juliehzl
Juliehzl reviewed Sep 2, 2019
View reviewed changes
@mmyyrroonn mmyyrroonn force-pushed the fix-10073-application-gateway-update branch from 7837275 to 0041ada Compare September 2, 2019 08:18
Juliehzl
Juliehzl reviewed Sep 2, 2019
View reviewed changes
src/azure-cli/azure/cli/command_modules/network/_params.py
@@ -138,6 +143,7 @@ def load_arguments(self, _):
c.argument('cert_password', help='The certificate password')
c.argument('http_settings_port', help='The HTTP settings port.')
c.argument('servers', ag_servers_type)
c.argument('key_vault_secret_id', help="Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in Azure KeyVault. You need enable soft delete for keyvault to use this feature.", is_preview=True)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What kind of message does server return when no identity assigned or no access policy set?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

identity should be set. The server will check the existence of the identity

@mmyyrroonn mmyyrroonn force-pushed the fix-10073-application-gateway-update branch from adb12db to 928c668 Compare September 3, 2019 07:13
Juliehzl
Juliehzl reviewed Sep 3, 2019
View reviewed changes
src/azure-cli/azure/cli/command_modules/network/commands.py
@@ -428,6 +428,11 @@ def _make_singular(value):
g.custom_command('set', 'set_ag_waf_config_2016_09_01', max_api='2016-09-01', supports_no_wait=True)
g.custom_show_command('show', 'show_ag_waf_config')
g.custom_command('list-rule-sets', 'list_ag_waf_rule_sets', min_api='2017-03-01', client_factory=cf_application_gateways, table_transformer=transform_waf_rule_sets_table_output)

with self.command_group('network application-gateway identity', command_type=network_ag_sdk, min_api='2018-12-01') as g:
g.custom_command('assign', 'assign_ag_identity', supports_no_wait=True)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do you want to make it support --no-wait? It is a long-running operation?

@mmyyrroonn mmyyrroonn merged commit cc1a6f4 into Azure:dev Sep 4, 2019
@mmyyrroonn mmyyrroonn deleted the fix-10073-application-gateway-update branch September 4, 2019 03:17
@nexxai nexxai mentioned this pull request Sep 4, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yugangw-msft yugangw-msft yugangw-msft left review comments

@Juliehzl Juliehzl Juliehzl approved these changes

Assignees

@mmyyrroonn mmyyrroonn

Labels
None yet
Projects
None yet
Milestone
Sprint 73
3 participants
@mmyyrroonn @Juliehzl @yugangw-msft