Fix akv secrete provider update operation fail#9573
Fix akv secrete provider update operation fail#9573charleswool wants to merge 5 commits intoAzure:mainfrom
Conversation
️✔️Azure CLI Extensions Breaking Change Test
|
|
Hi @charleswool, |
|
Thank you for your contribution! We will review the pull request and get back to you soon. |
|
The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR. Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions). pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>
|
microsoft-github-policy-service
bot
requested review from
yanzhudd,
yonzhan and
zhoxing-ms
CodeGen Tools Feedback CollectionThank you for using our CodeGen tool. We value your feedback, and we would like to know how we can improve our product. Please take a few minutes to fill our codegen survey |
|
Hi @charleswool Release SuggestionsModule: aks-preview
Notes
|
There was a problem hiding this comment.
Pull request overview
This pull request fixes a bug in the AKS preview extension where Azure Keyvault Secrets Provider addon profile update flags were being silently ignored during az aks update operations.
Changes:
- Added a call to
super().update_addon_profiles(mc)in theAKSPreviewManagedClusterUpdateDecorator.update_addon_profiles()method to ensure parent class logic is executed - This fix ensures that the
--enable-secret-rotation,--disable-secret-rotation, and--rotation-poll-intervalflags are properly handled during cluster updates
|
/azp run |
|
Azure Pipelines successfully started running 2 pipeline(s). |
FumingZhang
left a comment
FumingZhang
left a comment
There was a problem hiding this comment.
Queued live test to validate the change
- test_aks_enable_addon_with_azurekeyvaultsecretsprovider
|
/azp run |
|
Commenter does not have sufficient privileges for PR 9573 in repo Azure/azure-cli-extensions |
|
/azp run |
|
Azure Pipelines will not run the associated pipelines, because the pull request was updated after the run command was issued. Review the pull request again and issue a new run command. |
|
/azp run |
|
Azure Pipelines successfully started running 2 pipeline(s). |
|
@FumingZhang Kindly help revisit, thank u! |
|
/azp run |
|
Commenter does not have sufficient privileges for PR 9573 in repo Azure/azure-cli-extensions |
|
/azp run |
|
Azure Pipelines successfully started running 2 pipeline(s). |
|
Re-queued live test https://dev.azure.com/msazure/CloudNativeCompute/_build/results?buildId=152888202&view=results, test passed! |
|
/azp run |
|
Azure Pipelines successfully started running 2 pipeline(s). |
…vider flags The AKSPreviewManagedClusterUpdateDecorator.update_addon_profiles() method was overriding the parent class method without calling super(), which caused the following flags to be silently ignored during 'az aks update': - --enable-secret-rotation - --disable-secret-rotation - --rotation-poll-interval This fix adds a call to super().update_addon_profiles(mc) to ensure the parent class logic for Azure Keyvault Secrets Provider addon profile updates is preserved.
aks enable-addons and aks disable-addons were returning the LRO poller from sdk_no_wait without explicitly waiting for completion. When the server-side operation takes longer, the initial response returns provisioningState 'Updating' instead of 'Succeeded'. Fix by using LongRunningOperation to explicitly wait when no_wait is not set, matching the pattern used in put_mc and the need_post_creation_role_assignment path.
Revert changes to aks_enable_addons, aks_disable_addons and put_mc that added explicit LongRunningOperation calls. The stable CLI uses sdk_no_wait pattern consistently and the CLI framework handles LRO poller resolution automatically for supports_no_wait commands.
charleswool
force-pushed
the
yuewu2/fix-secret-provider-cli
branch
from
f96a17e to
1fa3e19
Compare
|
/azp run |
|
Commenter does not have sufficient privileges for PR 9573 in repo Azure/azure-cli-extensions |
|
/azp run |
|
Azure Pipelines successfully started running 2 pipeline(s). |
|
https://dev.azure.com/msazure/CloudNativeCompute/_build/results?buildId=153511814&view=results Live test passed, @FumingZhang @yonzhan Kindly help review, thanks |
FumingZhang
left a comment
FumingZhang
left a comment
There was a problem hiding this comment.
LGTM, could you please leave a history note?
|
Sure, just added into the history note file, kindly check |
5 participants
…vider flags
The AKSPreviewManagedClusterUpdateDecorator.update_addon_profiles() method was overriding the parent class method without calling super(), which caused the following flags to be silently ignored during 'az aks update':
This fix adds a call to super().update_addon_profiles(mc) to ensure the parent class logic for Azure Keyvault Secrets Provider addon profile updates is preserved.
This checklist is used to make sure that common guidelines for a pull request are followed.
Related command
General Guidelines
azdev style <YOUR_EXT>locally? (pip install azdevrequired)python scripts/ci/test_index.py -qlocally? (pip install wheel==0.30.0required)For new extensions:
About Extension Publish
There is a pipeline to automatically build, upload and publish extension wheels.
Once your pull request is merged into main branch, a new pull request will be created to update
src/index.jsonautomatically.You only need to update the version information in file setup.py and historical information in file HISTORY.rst in your PR but do not modify
src/index.json.