From 1a630180aecafbdafcaf74a1c6dd89354ab07c7b Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Thu, 24 Nov 2022 15:38:37 +0800 Subject: [PATCH 1/3] add transformer for custom ca --- src/aks-preview/azext_aks_preview/commands.py | 42 ++++++++++++++++++- 1 file changed, 41 insertions(+), 1 deletion(-) diff --git a/src/aks-preview/azext_aks_preview/commands.py b/src/aks-preview/azext_aks_preview/commands.py index 399cece2c6b..738d0fbce20 100644 --- a/src/aks-preview/azext_aks_preview/commands.py +++ b/src/aks-preview/azext_aks_preview/commands.py @@ -29,6 +29,45 @@ aks_show_table_format, aks_upgrades_table_format, ) +from knack.log import get_logger + +logger = get_logger(__name__) + +def transform_mc_objects_with_custom_cas(result): + # convert custom_ca_trust_certificates in bytearray format encoded in utf-8 to string + if not result: + return result + from msrest.paging import Paged + + def _patch_custom_cas_in_security_profile(security_profile): + # modify custom_ca_trust_certificates in-place + # security_profile shouldn't be None + custom_cas = getattr(security_profile, 'custom_ca_trust_certificates', None) + if custom_cas: + decoded_custom_cas = [] + for custom_ca in custom_cas: + try: + decoded_custom_ca = custom_ca.decode("utf-8") + except Exception: # pylint: disable=broad-except + logger.warning("failed to decode customCaTrustCertificates") + decoded_custom_ca = None + decoded_custom_cas.append(decoded_custom_ca) + security_profile.custom_ca_trust_certificates = decoded_custom_cas + + singular = False + if isinstance(result, Paged): + result = list(result) + + if not isinstance(result, list): + singular = True + result = [result] + + for r in result: + if getattr(r, 'security_profile', None): + # security_profile shouldn't be None + _patch_custom_cas_in_security_profile(r.security_profile) + + return result[0] if singular else result def load_command_table(self, _): @@ -77,7 +116,8 @@ def load_command_table(self, _): ) # AKS managed cluster commands - with self.command_group('aks', managed_clusters_sdk, client_factory=cf_managed_clusters) as g: + with self.command_group('aks', managed_clusters_sdk, client_factory=cf_managed_clusters, + transform=transform_mc_objects_with_custom_cas) as g: g.custom_command('kollect', 'aks_kollect') g.custom_command('kanalyze', 'aks_kanalyze') g.custom_command('browse', 'aks_browse') From 82612ef4dbb44e477aa799547d25b91817dae5ad Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Thu, 24 Nov 2022 15:42:41 +0800 Subject: [PATCH 2/3] update history --- src/aks-preview/HISTORY.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/aks-preview/HISTORY.rst b/src/aks-preview/HISTORY.rst index 44c9dd732dc..95afc7103a4 100644 --- a/src/aks-preview/HISTORY.rst +++ b/src/aks-preview/HISTORY.rst @@ -12,6 +12,8 @@ To release a new version, please select a new version number (usually plus 1 to Pending +++++++ +* Add custom transform for custom CA + 0.5.116 +++++++ From 3a7d626793d91bd20f4659e9875d18f2290b7f53 Mon Sep 17 00:00:00 2001 From: Fuming Zhang Date: Thu, 24 Nov 2022 16:00:09 +0800 Subject: [PATCH 3/3] fix lint --- src/aks-preview/azext_aks_preview/commands.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/aks-preview/azext_aks_preview/commands.py b/src/aks-preview/azext_aks_preview/commands.py index 738d0fbce20..66726f102cf 100644 --- a/src/aks-preview/azext_aks_preview/commands.py +++ b/src/aks-preview/azext_aks_preview/commands.py @@ -33,6 +33,7 @@ logger = get_logger(__name__) + def transform_mc_objects_with_custom_cas(result): # convert custom_ca_trust_certificates in bytearray format encoded in utf-8 to string if not result: