Incorporate CI and ARM feedback from azure-rest-api-specs to v2024-08-12-preview API (#3727)

* api changes

fix tag package-2023-11
this was wrong in the readme

remove UserAssignedIdentities
top level fields must not have additionalproperties

update the default tag to latest

define a new IdentityType with x-ms-enum

modelAsString on identityType x-ms-enum should be false

rename IdentityType to ResourceIdentityType to match v3/types.json

make client

add descriptions to all new API fields

make client

fix unit test that was failing as a result of removing the UserAssignedIdentity type from the API

Adjust a doc comment according to feedback

make client

* add platformworkloadidentityroleset to API definition and examples

Update client generation to account for swagger subfolder

make client

fix pwip and validatestatic unit tests

fix relative path to common-types

migrate from common-types/v3 to common-types/v6
it was requested that we use the latest version of
common types. This involves some changes to our examples
to match the UUID expected.

move from Identity to ManagedServiceIdentity type
defined in common-types/v6

use modelerfour.lenient-model-deduplication=true
avoids python client generation issues

convert PlatformWorkloadIdentity to map

ARO-4382 fix unit test cases

make generate swagger

fix unit tests

revert naming openShiftCluster.ManagedServiceIdentity to Identity

fix prod code and unit tests post-rebase, reference common-types
directly for the identity property

* more swagger CI fixes
* fix examples to contain identity and type
* remove PlatformWorkloadIdentityRoleSetUpdate

oct 16th changes

oct 17th changes

fix issues post-rebase

* update readme to contain suppression for avoidAdditionalProperties

* fix ModelValidation error by converting example IDs to resourceIDs

* Update python/go clients

* Update az aro extension to enumerate platform_workload_identities as a dict instead of a list

* Fix python linter issues

* configure suppression for PatchBodyParametersSchema

appease the linter, fix subscriptionID type in util/azureclient

appease the linter again

correct log statement, use better naming

* regenerate examples
* changes operatorName and roleDefinitionName in PWIRS_List.json

---------

Co-authored-by: Tanmay Satam <tsatam@redhat.com>
This commit is contained in:
Caden Marchese 2024-10-29 17:08:36 -04:00 коммит произвёл GitHub
Родитель d373eff991
Коммит faf377c984
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: B5690EEEBB952194
337 изменённых файлов: 4720 добавлений и 4189 удалений

Просмотреть файл

@ -1,9 +1,9 @@
6182ae0b21f71602ac4deb2f04ca4446182795982d160cee9643ab5f3d68db12 swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2020-04-30/redhatopenshift.json
8d07850b3e105c16a397c459261dd78feb7bc20f45f26d9cec5137edaf16fa8d swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/preview/2021-09-01-preview/redhatopenshift.json
e4e80ae293dce1a6acfde17fcbd1399487a2fa3587babe6bc69c4ebbdabaa570 swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2022-04-01/redhatopenshift.json
b1f1de0fe40d05de90742b17928968923b936adc294000f58974f50a297581dd swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2022-09-04/redhatopenshift.json
01ba9562a8dac2824998ff0ad0d2465f79e6a66597bdb321e9409b9f2d12d222 swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2023-04-01/redhatopenshift.json
c023515341196746454c0ae7af077d40d3ec13f6b88b33cb558f0a7ab17a5a24 swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/preview/2023-07-01-preview/redhatopenshift.json
440748951dd1c3b34b5ccbdcb7cd966e3b89490887a1f1d64429561fad789515 swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2023-09-04/redhatopenshift.json
74a46fdde6ceb0121fe1515c7e11e902dd921b54cffe693307fb02b3dc88f26e swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2023-11-22/redhatopenshift.json
5849bcb518f6c7a6942a7eafb1d2edd107a18ad489c823e0262aad4bc509da9f swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/preview/2024-08-12-preview/redhatopenshift.json
b9e1c53e7b02da3eefc7ce684206aaf26bcdea5c57c185abad9c7c6922ba347a swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2020-04-30/redhatopenshift.json
16028ea68957d5444a0ac4799498f167e4fdf75bbbdafff1fb36d0bc826ce34f swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/preview/2021-09-01-preview/redhatopenshift.json
a92373b9b2f50ea02b8c21ca930d6809b9c25f90fb8b203c0f5e222e0031a80d swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2022-04-01/redhatopenshift.json
c392d570595aef3f96b1a0510c5fbf99760a3728e0a7826670cb84746d59a507 swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2022-09-04/redhatopenshift.json
695273c782d580c2c0d549c16ad5694cdffc0829c95fe587212afcb79a1e3566 swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2023-04-01/redhatopenshift.json
e9b88ecfecd9c3486341993612ade38fa6a4678f1ae06faa69513655682d39fb swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/preview/2023-07-01-preview/redhatopenshift.json
22761c2f004997e339355a93953538ccb8b9954c931cf5296c5108946556ff10 swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2023-09-04/redhatopenshift.json
a04c231ccd66c1a092e3d8e3aad02c2a0880be7643b5c11b42069d39749b8999 swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/stable/2023-11-22/redhatopenshift.json
56b12adca2f9fe98053716433a3d6383adeed7dea8f477a58f9f9fbd7178fd3d swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/preview/2024-08-12-preview/redhatopenshift.json

Просмотреть файл

@ -15,7 +15,7 @@ function checksum() {
local API_VERSION=$1
local FOLDER=$2
sha256sum swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/"$FOLDER"/"$API_VERSION"/redhatopenshift.json >>.sha256sum
sha256sum swagger/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/openshiftclusters/"$FOLDER"/"$API_VERSION"/redhatopenshift.json >>.sha256sum
}
function generate_golang() {
@ -68,6 +68,7 @@ function generate_python() {
"${AUTOREST_IMAGE}" \
--use=@autorest/python@~5.12.0 \
--use=@autorest/modelerfour@~4.20.0 \
--modelerfour.lenient-model-deduplication=true \
--version=~3.6.2 \
--python \
--azure-arm \

Просмотреть файл

@ -24,7 +24,7 @@ type OpenShiftCluster struct {
Location string `json:"location,omitempty"`
Tags map[string]string `json:"tags,omitempty"`
Properties OpenShiftClusterProperties `json:"properties,omitempty"`
Identity *Identity `json:"identity,omitempty"`
Identity *ManagedServiceIdentity `json:"managedServiceIdentity,omitempty"`
OperatorFlagsMergeStrategy string `json:"operatorFlagsMergeStrategy,omitempty" mutable:"true"`
}
@ -428,7 +428,7 @@ type IngressProfile struct {
// PlatformWorkloadIdentityProfile encapsulates all information that is specific to workload identity clusters.
type PlatformWorkloadIdentityProfile struct {
UpgradeableTo *UpgradeableTo `json:"upgradeableTo,omitempty"`
PlatformWorkloadIdentities []PlatformWorkloadIdentity `json:"platformWorkloadIdentities,omitempty"`
PlatformWorkloadIdentities map[string]PlatformWorkloadIdentity `json:"platformWorkloadIdentities,omitempty"`
}
// UpgradeableTo stores a single OpenShift version a workload identity cluster can be upgraded to
@ -436,25 +436,49 @@ type UpgradeableTo string
// PlatformWorkloadIdentity stores information representing a single workload identity.
type PlatformWorkloadIdentity struct {
OperatorName string `json:"operatorName,omitempty"`
// The resource ID of the PlatformWorkloadIdentity resource
ResourceID string `json:"resourceId,omitempty"`
// The ClientID of the PlatformWorkloadIdentity resource
ClientID string `json:"clientId,omitempty" swagger:"readOnly"`
// The ObjectID of the PlatformWorkloadIdentity resource
ObjectID string `json:"objectId,omitempty" swagger:"readOnly"`
}
// ClusterUserAssignedIdentity stores information about a user-assigned managed identity in a predefined format required by Microsoft's Managed Identity team.
type ClusterUserAssignedIdentity struct {
// UserAssignedIdentity stores information about a user-assigned managed identity in a predefined format required by Microsoft's Managed Identity team.
type UserAssignedIdentity struct {
// The ClientID of the ClusterUserAssignedIdentity resource
ClientID string `json:"clientId,omitempty"`
// The PrincipalID of the ClusterUserAssignedIdentity resource
PrincipalID string `json:"principalId,omitempty"`
}
// UserAssignedIdentities stores a mapping from resource IDs of managed identities to their client/principal IDs.
type UserAssignedIdentities map[string]ClusterUserAssignedIdentity
// The ManagedServiceIdentity type.
type ManagedServiceIdentityType string
// Identity stores information about the cluster MSI(s) in a workload identity cluster.
type Identity struct {
Type string `json:"type,omitempty"`
UserAssignedIdentities UserAssignedIdentities `json:"userAssignedIdentities,omitempty"`
// ManagedServiceIdentityType constants
const (
ManagedServiceIdentityNone ManagedServiceIdentityType = "None"
ManagedServiceIdentitySystemAssigned ManagedServiceIdentityType = "SystemAssigned"
ManagedServiceIdentityUserAssigned ManagedServiceIdentityType = "UserAssigned"
ManagedServiceIdentitySystemAssignedUserAssigned ManagedServiceIdentityType = "SystemAssigned,UserAssigned"
)
// ManagedServiceIdentity stores information about the cluster MSI(s) in a workload identity cluster.
type ManagedServiceIdentity struct {
// The type of the ManagedServiceIdentity resource.
Type ManagedServiceIdentityType `json:"type,omitempty"`
// The PrincipalID of the Identity resource.
PrincipalID string `json:"principalId,omitempty" swagger:"readOnly"`
// The TenantID provided by the MSI RP
TenantID string `json:"tenantId,omitempty" swagger:"readOnly"`
// A map of user assigned identities attached to the cluster, specified in a type required by Microsoft's Managed Identity team.
UserAssignedIdentities map[string]UserAssignedIdentity `json:"userAssignedIdentities,omitempty"`
}
// Install represents an install process.

Просмотреть файл

@ -178,10 +178,10 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
}
if oc.Identity != nil {
out.Identity.Type = oc.Identity.Type
out.Identity.UserAssignedIdentities = make(map[string]ClusterUserAssignedIdentity, len(oc.Identity.UserAssignedIdentities))
out.Identity.Type = ManagedServiceIdentityType(oc.Identity.Type)
out.Identity.UserAssignedIdentities = make(map[string]UserAssignedIdentity, len(oc.Identity.UserAssignedIdentities))
for k := range oc.Identity.UserAssignedIdentities {
var temp ClusterUserAssignedIdentity
var temp UserAssignedIdentity
temp.ClientID = oc.Identity.UserAssignedIdentities[k].ClientID
temp.PrincipalID = oc.Identity.UserAssignedIdentities[k].PrincipalID
out.Identity.UserAssignedIdentities[k] = temp
@ -190,13 +190,16 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
if oc.Properties.PlatformWorkloadIdentityProfile != nil && oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities != nil {
out.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{}
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make([]PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make(map[string]PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
for i := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].OperatorName = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].OperatorName
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ResourceID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ResourceID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ClientID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ClientID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ObjectID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ObjectID
for k := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
if entry, ok := out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k]; ok {
entry.ClientID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ClientID
entry.ObjectID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ObjectID
entry.ResourceID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ResourceID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k] = entry
}
}
}
@ -254,10 +257,10 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
}
}
if oc.Identity != nil {
out.Identity.Type = oc.Identity.Type
out.Identity.UserAssignedIdentities = make(map[string]api.ClusterUserAssignedIdentity, len(oc.Identity.UserAssignedIdentities))
out.Identity.Type = api.ManagedServiceIdentityType(oc.Identity.Type)
out.Identity.UserAssignedIdentities = make(map[string]api.UserAssignedIdentity, len(oc.Identity.UserAssignedIdentities))
for k := range oc.Identity.UserAssignedIdentities {
var temp api.ClusterUserAssignedIdentity
var temp api.UserAssignedIdentity
temp.ClientID = oc.Identity.UserAssignedIdentities[k].ClientID
temp.PrincipalID = oc.Identity.UserAssignedIdentities[k].PrincipalID
out.Identity.UserAssignedIdentities[k] = temp
@ -292,13 +295,16 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
}
if oc.Properties.PlatformWorkloadIdentityProfile != nil && oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities != nil {
out.Properties.PlatformWorkloadIdentityProfile = &api.PlatformWorkloadIdentityProfile{}
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make([]api.PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make(map[string]api.PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
for i := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].OperatorName = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].OperatorName
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ResourceID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ResourceID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ClientID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ClientID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ObjectID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ObjectID
for k := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
if entry, ok := out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k]; ok {
entry.ClientID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ClientID
entry.ObjectID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ObjectID
entry.ResourceID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ResourceID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k] = entry
}
}
}
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
@ -418,4 +424,22 @@ func (c openShiftClusterConverter) ExternalNoReadOnly(_oc interface{}) {
if oc.Properties.NetworkProfile.LoadBalancerProfile != nil {
oc.Properties.NetworkProfile.LoadBalancerProfile.EffectiveOutboundIPs = nil
}
if oc.Properties.PlatformWorkloadIdentityProfile != nil {
for i := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
if entry, ok := oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i]; ok {
entry.ClientID = ""
entry.ObjectID = ""
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i] = entry
}
}
}
if oc.Identity != nil {
for i := range oc.Identity.UserAssignedIdentities {
if entry, ok := oc.Identity.UserAssignedIdentities[i]; ok {
entry.ClientID = ""
entry.PrincipalID = ""
oc.Identity.UserAssignedIdentities[i] = entry
}
}
}
}

Просмотреть файл

@ -24,7 +24,7 @@ type OpenShiftCluster struct {
SystemData SystemData `json:"systemData,omitempty"`
Tags map[string]string `json:"tags,omitempty"`
Properties OpenShiftClusterProperties `json:"properties,omitempty"`
Identity *Identity `json:"identity,omitempty"`
Identity *ManagedServiceIdentity `json:"managedServiceIdentity,omitempty"`
//this property is used in the enrichers. Should not be marshalled
Lock sync.Mutex `json:"-"`
@ -833,7 +833,7 @@ type PlatformWorkloadIdentityProfile struct {
MissingFields
UpgradeableTo *UpgradeableTo `json:"upgradeableTo,omitempty"`
PlatformWorkloadIdentities []PlatformWorkloadIdentity `json:"platformWorkloadIdentities,omitempty"`
PlatformWorkloadIdentities map[string]PlatformWorkloadIdentity `json:"platformWorkloadIdentities,omitempty"`
}
// UpgradeableTo stores a single OpenShift version a workload identity cluster can be upgraded to
@ -843,29 +843,54 @@ type UpgradeableTo string
type PlatformWorkloadIdentity struct {
MissingFields
OperatorName string `json:"operatorName,omitempty"`
// The resource ID of the PlatformWorkloadIdentity resource
ResourceID string `json:"resourceId,omitempty"`
// The ClientID of the PlatformWorkloadIdentity resource
ClientID string `json:"clientId,omitempty" swagger:"readOnly"`
// The ObjectID of the PlatformWorkloadIdentity resource
ObjectID string `json:"objectId,omitempty" swagger:"readOnly"`
}
// ClusterUserAssignedIdentity stores information about a user-assigned managed identity in a predefined format required by Microsoft's Managed Identity team.
type ClusterUserAssignedIdentity struct {
// UserAssignedIdentity stores information about a user-assigned managed identity in a predefined format required by Microsoft's Managed Identity team.
type UserAssignedIdentity struct {
MissingFields
ClientID string `json:"clientId,omitempty"`
PrincipalID string `json:"principalId,omitempty"`
// The ClientID of the UserAssignedIdentity resource
ClientID string `json:"clientId,omitempty" swagger:"readOnly"`
// The PrincipalID of the UserAssignedIdentity resource
PrincipalID string `json:"principalId,omitempty" swagger:"readOnly"`
}
// UserAssignedIdentities stores a mapping from resource IDs of managed identities to their client/principal IDs.
type UserAssignedIdentities map[string]ClusterUserAssignedIdentity
// The ManagedServiceIdentity type.
type ManagedServiceIdentityType string
// Identity stores information about the cluster MSI(s) in a workload identity cluster.
type Identity struct {
// ManagedServiceIdentityType constants
const (
ManagedServiceIdentityNone ManagedServiceIdentityType = "None"
ManagedServiceIdentitySystemAssigned ManagedServiceIdentityType = "SystemAssigned"
ManagedServiceIdentityUserAssigned ManagedServiceIdentityType = "UserAssigned"
ManagedServiceIdentitySystemAssignedUserAssigned ManagedServiceIdentityType = "SystemAssigned,UserAssigned"
)
// ManagedServiceIdentity stores information about the cluster MSI(s) in a workload identity cluster.
type ManagedServiceIdentity struct {
MissingFields
Type string `json:"type,omitempty"`
UserAssignedIdentities UserAssignedIdentities `json:"userAssignedIdentities,omitempty"`
// The type of the ManagedServiceIdentity resource.
Type ManagedServiceIdentityType `json:"type,omitempty"`
// The PrincipalID of the Identity resource.
PrincipalID string `json:"principalId,omitempty" swagger:"readOnly"`
// A map of user assigned identities attached to the cluster, specified in a type required by Microsoft's Managed Identity team.
UserAssignedIdentities map[string]UserAssignedIdentity `json:"userAssignedIdentities,omitempty"`
// The IdentityURL provided by the MSI RP
IdentityURL string `json:"identityURL,omitempty" mutable:"true"`
TenantID string `json:"tenantId,omitempty" mutable:"true"`
// The TenantID provided by the MSI RP
TenantID string `json:"tenantId,omitempty" swagger:"readOnly"`
}

Просмотреть файл

@ -127,22 +127,22 @@ func TestClusterMsiResourceId(t *testing.T) {
wantErr string
}{
{
name: "error - cluster doc has nil Identity",
name: "error - cluster doc has nil ManagedServiceIdentity",
oc: &OpenShiftCluster{},
wantErr: "could not find cluster MSI in cluster doc",
},
{
name: "error - cluster doc has non-nil Identity but nil Identity.UserAssignedIdentities",
name: "error - cluster doc has non-nil ManagedServiceIdentity but nil ManagedServiceIdentity.UserAssignedIdentities",
oc: &OpenShiftCluster{
Identity: &Identity{},
Identity: &ManagedServiceIdentity{},
},
wantErr: "could not find cluster MSI in cluster doc",
},
{
name: "error - cluster doc has non-nil Identity but empty Identity.UserAssignedIdentities",
name: "error - cluster doc has non-nil ManagedServiceIdentity but empty ManagedServiceIdentity.UserAssignedIdentities",
oc: &OpenShiftCluster{
Identity: &Identity{
UserAssignedIdentities: UserAssignedIdentities{},
Identity: &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{},
},
},
wantErr: "could not find cluster MSI in cluster doc",
@ -150,32 +150,30 @@ func TestClusterMsiResourceId(t *testing.T) {
{
name: "error - cluster doc has non-nil Identity but two MSIs in Identity.UserAssignedIdentities",
oc: &OpenShiftCluster{
Identity: &Identity{
UserAssignedIdentities: UserAssignedIdentities{
miResourceId: ClusterUserAssignedIdentity{},
"secondEntry": ClusterUserAssignedIdentity{},
Identity: &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
miResourceId: {
ClientID: "",
PrincipalID: "",
},
"secondEntry": {
ClientID: "",
PrincipalID: "",
},
},
},
},
wantErr: "unexpectedly found more than one cluster MSI in cluster doc",
},
{
name: "error - invalid resource ID (theoretically not possible, but still)",
oc: &OpenShiftCluster{
Identity: &Identity{
UserAssignedIdentities: UserAssignedIdentities{
"Hi hello I'm not a valid resource ID": ClusterUserAssignedIdentity{},
},
},
},
wantErr: "invalid resource ID: resource id 'Hi hello I'm not a valid resource ID' must start with '/'",
},
{
name: "success",
oc: &OpenShiftCluster{
Identity: &Identity{
UserAssignedIdentities: UserAssignedIdentities{
miResourceId: ClusterUserAssignedIdentity{},
Identity: &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
miResourceId: {
ClientID: "",
PrincipalID: "",
},
},
},
},
@ -212,15 +210,15 @@ func TestHasUserAssignedIdentities(t *testing.T) {
{
name: "false - cluster doc has non-nil Identity but nil Identity.UserAssignedIdentities",
oc: &OpenShiftCluster{
Identity: &Identity{},
Identity: &ManagedServiceIdentity{},
},
wantResult: false,
},
{
name: "false - cluster doc has non-nil Identity but empty Identity.UserAssignedIdentities",
oc: &OpenShiftCluster{
Identity: &Identity{
UserAssignedIdentities: UserAssignedIdentities{},
Identity: &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{},
},
},
wantResult: false,
@ -228,9 +226,9 @@ func TestHasUserAssignedIdentities(t *testing.T) {
{
name: "true",
oc: &OpenShiftCluster{
Identity: &Identity{
UserAssignedIdentities: UserAssignedIdentities{
miResourceId: ClusterUserAssignedIdentity{},
Identity: &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
miResourceId: {},
},
},
},

Просмотреть файл

@ -14,12 +14,12 @@ func ExampleOpenShiftClusterDocument() *OpenShiftClusterDocument {
return &OpenShiftClusterDocument{
ID: "00000000-0000-0000-0000-000000000000",
Key: "/subscriptions/subscriptionid/resourcegroups/resourcegroup/providers/microsoft.redhatopenshift/openshiftclusters/resourcename",
Key: "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/resourcegroup/providers/microsoft.redhatopenshift/openshiftclusters/resourcename",
Bucket: 42,
ClusterResourceGroupIDKey: "/subscriptions/subscriptionid/resourcegroups/clusterresourcegroup",
ClusterResourceGroupIDKey: "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/clusterresourcegroup",
ClientIDKey: "11111111-1111-1111-1111-111111111111",
OpenShiftCluster: &OpenShiftCluster{
ID: "/subscriptions/subscriptionId/resourceGroups/resourceGroup/providers/Microsoft.RedHatOpenShift/OpenShiftClusters/resourceName",
ID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.RedHatOpenShift/OpenShiftClusters/resourceName",
Name: "resourceName",
Type: "Microsoft.RedHatOpenShift/OpenShiftClusters",
Location: "location",
@ -34,13 +34,19 @@ func ExampleOpenShiftClusterDocument() *OpenShiftClusterDocument {
Tags: map[string]string{
"key": "value",
},
Identity: &ManagedServiceIdentity{
Type: ManagedServiceIdentityUserAssigned,
UserAssignedIdentities: map[string]UserAssignedIdentity{
"": {},
},
},
Properties: OpenShiftClusterProperties{
ProvisioningState: ProvisioningStateSucceeded,
ClusterProfile: ClusterProfile{
PullSecret: `{"auths":{"registry.connect.redhat.com":{"auth":""},"registry.redhat.io":{"auth":""}}}`,
Domain: "cluster.location.aroapp.io",
Version: "4.11.0",
ResourceGroupID: "/subscriptions/subscriptionId/resourceGroups/clusterResourceGroup",
ResourceGroupID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clusterResourceGroup",
},
ConsoleProfile: ConsoleProfile{
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
@ -56,14 +62,14 @@ func ExampleOpenShiftClusterDocument() *OpenShiftClusterDocument {
},
MasterProfile: MasterProfile{
VMSize: VMSizeStandardD8sV3,
SubnetID: "/subscriptions/subscriptionId/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/master",
SubnetID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/master",
},
WorkerProfiles: []WorkerProfile{
{
Name: "worker",
VMSize: VMSizeStandardD2sV3,
DiskSizeGB: 128,
SubnetID: "/subscriptions/subscriptionId/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/worker",
SubnetID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/worker",
Count: 3,
},
},
@ -72,21 +78,21 @@ func ExampleOpenShiftClusterDocument() *OpenShiftClusterDocument {
Name: "worker1",
VMSize: VMSizeStandardD2sV3,
DiskSizeGB: 128,
SubnetID: "/subscriptions/subscriptionId/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/worker",
SubnetID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/worker",
Count: 1,
},
{
Name: "worker2",
VMSize: VMSizeStandardD2sV3,
DiskSizeGB: 128,
SubnetID: "/subscriptions/subscriptionId/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/worker",
SubnetID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/worker",
Count: 1,
},
{
Name: "worker3",
VMSize: VMSizeStandardD2sV3,
DiskSizeGB: 128,
SubnetID: "/subscriptions/subscriptionId/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/worker",
SubnetID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/vnetResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet/subnets/worker",
Count: 1,
},
},

Просмотреть файл

@ -8,7 +8,7 @@ func ExampleOpenShiftVersionDocument() *OpenShiftVersionDocument {
MissingFields: MissingFields{},
ID: "00000000-0000-0000-0000-000000000000",
OpenShiftVersion: &OpenShiftVersion{
ID: "00000000-0000-0000-0000-000000000000",
ID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroupName/providers/resourceProviderNamespace/resourceType/resourceName",
Name: "default",
Type: "Microsoft.RedHatOpenShift/OpenShiftVersion",
Properties: OpenShiftVersionProperties{

Просмотреть файл

@ -8,7 +8,7 @@ func ExamplePlatformWorkloadIdentityRoleSetDocument() *PlatformWorkloadIdentityR
MissingFields: MissingFields{},
ID: "00000000-0000-0000-0000-000000000000",
PlatformWorkloadIdentityRoleSet: &PlatformWorkloadIdentityRoleSet{
ID: "00000000-0000-0000-0000-000000000000",
ID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroupName/providers/resourceProviderNamespace/resourceType/resourceName",
Name: "4.14",
Type: "Microsoft.RedHatOpenShift/PlatformWorkloadIdentityRoleSet",
Properties: PlatformWorkloadIdentityRoleSetProperties{

Просмотреть файл

@ -38,7 +38,7 @@ type OpenShiftCluster struct {
Properties OpenShiftClusterProperties `json:"properties,omitempty"`
// Identity stores information about the cluster MSI(s) in a workload identity cluster.
Identity *Identity `json:"identity,omitempty"`
Identity *ManagedServiceIdentity `json:"identity,omitempty"`
}
// UsesWorkloadIdentity checks whether a cluster is a Workload Identity cluster or a Service Principal cluster
@ -296,7 +296,7 @@ type IngressProfile struct {
// PlatformWorkloadIdentityProfile encapsulates all information that is specific to workload identity clusters.
type PlatformWorkloadIdentityProfile struct {
UpgradeableTo *UpgradeableTo `json:"upgradeableTo,omitempty" mutable:"true"`
PlatformWorkloadIdentities []PlatformWorkloadIdentity `json:"platformWorkloadIdentities,omitempty" mutable:"true"`
PlatformWorkloadIdentities map[string]PlatformWorkloadIdentity `json:"platformWorkloadIdentities,omitempty" mutable:"true"`
}
// UpgradeableTo stores a single OpenShift version a workload identity cluster can be upgraded to
@ -304,25 +304,49 @@ type UpgradeableTo string
// PlatformWorkloadIdentity stores information representing a single workload identity.
type PlatformWorkloadIdentity struct {
OperatorName string `json:"operatorName,omitempty" mutable:"true"`
// The resource ID of the PlatformWorkloadIdentity resource
ResourceID string `json:"resourceId,omitempty" mutable:"true"`
// The ClientID of the PlatformWorkloadIdentity resource
ClientID string `json:"clientId,omitempty" swagger:"readOnly" mutable:"true"`
// The ObjectID of the PlatformWorkloadIdentity resource
ObjectID string `json:"objectId,omitempty" swagger:"readOnly" mutable:"true"`
}
// ClusterUserAssignedIdentity stores information about a user-assigned managed identity in a predefined format required by Microsoft's Managed Identity team.
type ClusterUserAssignedIdentity struct {
ClientID string `json:"clientId,omitempty"`
PrincipalID string `json:"principalId,omitempty"`
// UserAssignedIdentity stores information about a user-assigned managed identity in a predefined format required by Microsoft's Managed Identity team.
type UserAssignedIdentity struct {
// The ClientID of the UserAssignedIdentity resource
ClientID string `json:"clientId,omitempty" swagger:"readOnly"`
// The PrincipalID of the UserAssignedIdentity resource
PrincipalID string `json:"principalId,omitempty" swagger:"readOnly"`
}
// UserAssignedIdentities stores a mapping from resource IDs of managed identities to their client/principal IDs.
type UserAssignedIdentities map[string]ClusterUserAssignedIdentity
// The ManagedServiceIdentity type.
type ManagedServiceIdentityType string
// Identity stores information about the cluster MSI(s) in a workload identity cluster.
type Identity struct {
Type string `json:"type,omitempty"`
UserAssignedIdentities UserAssignedIdentities `json:"userAssignedIdentities,omitempty"`
// ManagedServiceIdentityType constants
const (
ManagedServiceIdentityNone ManagedServiceIdentityType = "None"
ManagedServiceIdentitySystemAssigned ManagedServiceIdentityType = "SystemAssigned"
ManagedServiceIdentityUserAssigned ManagedServiceIdentityType = "UserAssigned"
ManagedServiceIdentitySystemAssignedUserAssigned ManagedServiceIdentityType = "SystemAssigned,UserAssigned"
)
// ManagedServiceIdentity stores information about the cluster MSI(s) in a workload identity cluster.
type ManagedServiceIdentity struct {
// The type of the ManagedServiceIdentity resource.
Type ManagedServiceIdentityType `json:"type,omitempty"`
// The PrincipalID of the Identity resource.
PrincipalID string `json:"principalId,omitempty" swagger:"readOnly"`
// The TenantID provided by the MSI RP
TenantID string `json:"tenantId,omitempty" swagger:"readOnly"`
// A map of user assigned identities attached to the cluster, specified in a type required by Microsoft's Managed Identity team.
UserAssignedIdentities map[string]UserAssignedIdentity `json:"userAssignedIdentities,omitempty"`
}
// CreatedByType by defines user type, which executed the request

Просмотреть файл

@ -129,11 +129,11 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
}
if oc.Identity != nil {
out.Identity = &Identity{}
out.Identity.Type = oc.Identity.Type
out.Identity.UserAssignedIdentities = make(map[string]ClusterUserAssignedIdentity, len(oc.Identity.UserAssignedIdentities))
out.Identity = &ManagedServiceIdentity{}
out.Identity.Type = ManagedServiceIdentityType(oc.Identity.Type)
out.Identity.UserAssignedIdentities = make(map[string]UserAssignedIdentity, len(oc.Identity.UserAssignedIdentities))
for k := range oc.Identity.UserAssignedIdentities {
var temp ClusterUserAssignedIdentity
var temp UserAssignedIdentity
temp.ClientID = oc.Identity.UserAssignedIdentities[k].ClientID
temp.PrincipalID = oc.Identity.UserAssignedIdentities[k].PrincipalID
out.Identity.UserAssignedIdentities[k] = temp
@ -148,13 +148,16 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
out.Properties.PlatformWorkloadIdentityProfile.UpgradeableTo = &temp
}
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make([]PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make(map[string]PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
for i := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].OperatorName = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].OperatorName
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ResourceID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ResourceID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ClientID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ClientID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ObjectID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ObjectID
for k := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
pwi := PlatformWorkloadIdentity{
ClientID: oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ClientID,
ObjectID: oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ObjectID,
ResourceID: oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ResourceID,
}
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k] = pwi
}
}
@ -209,11 +212,11 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
}
if oc.Identity != nil {
out.Identity = &api.Identity{}
out.Identity.Type = oc.Identity.Type
out.Identity.UserAssignedIdentities = make(map[string]api.ClusterUserAssignedIdentity, len(oc.Identity.UserAssignedIdentities))
out.Identity = &api.ManagedServiceIdentity{}
out.Identity.Type = api.ManagedServiceIdentityType(oc.Identity.Type)
out.Identity.UserAssignedIdentities = make(map[string]api.UserAssignedIdentity, len(oc.Identity.UserAssignedIdentities))
for k := range oc.Identity.UserAssignedIdentities {
var temp api.ClusterUserAssignedIdentity
var temp api.UserAssignedIdentity
temp.ClientID = oc.Identity.UserAssignedIdentities[k].ClientID
temp.PrincipalID = oc.Identity.UserAssignedIdentities[k].PrincipalID
out.Identity.UserAssignedIdentities[k] = temp
@ -243,13 +246,16 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
out.Properties.PlatformWorkloadIdentityProfile.UpgradeableTo = &temp
}
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make([]api.PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make(map[string]api.PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
for i := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].OperatorName = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].OperatorName
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ResourceID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ResourceID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ClientID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ClientID
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ObjectID = oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ObjectID
for k := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
pwi := api.PlatformWorkloadIdentity{
ClientID: oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ClientID,
ObjectID: oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ObjectID,
ResourceID: oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k].ResourceID,
}
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[k] = pwi
}
}
@ -360,8 +366,20 @@ func (c openShiftClusterConverter) ExternalNoReadOnly(_oc interface{}) {
}
if oc.Properties.PlatformWorkloadIdentityProfile != nil {
for i := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ClientID = ""
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i].ObjectID = ""
if entry, ok := oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i]; ok {
entry.ClientID = ""
entry.ObjectID = ""
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[i] = entry
}
}
}
if oc.Identity != nil {
for i := range oc.Identity.UserAssignedIdentities {
if entry, ok := oc.Identity.UserAssignedIdentities[i]; ok {
entry.ClientID = ""
entry.PrincipalID = ""
oc.Identity.UserAssignedIdentities[i] = entry
}
}
}
}

Просмотреть файл

@ -19,10 +19,15 @@ func ExampleOpenShiftClusterPatchParameter() interface{} {
oc.Location = ""
oc.SystemData = nil
oc.Properties.WorkerProfilesStatus = nil
oc.Identity = &ManagedServiceIdentity{
Type: ManagedServiceIdentityUserAssigned,
UserAssignedIdentities: map[string]UserAssignedIdentity{
"": {},
},
}
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
{
OperatorName: "",
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"": {
ResourceID: "",
ClientID: "",
ObjectID: "",
@ -40,9 +45,11 @@ func ExampleOpenShiftClusterPutParameter() interface{} {
oc.ID = ""
oc.Name = ""
oc.Type = ""
oc.Identity = &Identity{
Type: "",
UserAssignedIdentities: map[string]ClusterUserAssignedIdentity{},
oc.Identity = &ManagedServiceIdentity{
Type: ManagedServiceIdentityUserAssigned,
UserAssignedIdentities: map[string]UserAssignedIdentity{
"": {},
},
}
oc.Properties.ProvisioningState = ""
oc.Properties.ClusterProfile.Version = ""
@ -59,9 +66,8 @@ func ExampleOpenShiftClusterPutParameter() interface{} {
},
}
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
{
OperatorName: "",
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"": {
ResourceID: "",
ClientID: "",
ObjectID: "",
@ -83,7 +89,7 @@ func ExampleOpenShiftClusterGetResponse() interface{} {
oc.Properties.NetworkProfile.LoadBalancerProfile = &LoadBalancerProfile{
EffectiveOutboundIPs: []EffectiveOutboundIP{
{
ID: "/subscriptions/subscriptionId/resourceGroups/clusterResourceGroup/providers/Microsoft.Network/publicIPAddresses/publicIPAddressName",
ID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clusterResourceGroup/providers/Microsoft.Network/publicIPAddresses/publicIPAddressName",
},
},
ManagedOutboundIPs: &ManagedOutboundIPs{
@ -91,9 +97,8 @@ func ExampleOpenShiftClusterGetResponse() interface{} {
},
}
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
{
OperatorName: "",
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"": {
ResourceID: "",
ClientID: "",
ObjectID: "",

Просмотреть файл

@ -447,18 +447,8 @@ func (sv openShiftClusterStaticValidator) validateDelta(oc, current *OpenShiftCl
}
if current.UsesWorkloadIdentity() {
currentIdentities := map[string]PlatformWorkloadIdentity{}
for _, i := range current.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
currentIdentities[i.OperatorName] = i
}
updateIdentities := map[string]PlatformWorkloadIdentity{}
for _, i := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
updateIdentities[i.OperatorName] = i
}
for name, currentIdentity := range currentIdentities {
updateIdentity, present := updateIdentities[name]
for name, currentIdentity := range current.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
updateIdentity, present := oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[name]
// this also validates that existing identities' names haven't changed
if !present {
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodePropertyChangeNotAllowed, "properties.platformWorkloadIdentityProfile.platformWorkloadIdentities", "Operator identity cannot be removed or have its name changed.")
@ -478,27 +468,19 @@ func (sv openShiftClusterStaticValidator) validatePlatformWorkloadIdentityProfil
return nil
}
// collect operator names to check for duplicates
operators := map[string]struct{}{}
// Validate the PlatformWorkloadIdentities
for n, p := range pwip.PlatformWorkloadIdentities {
for name, p := range pwip.PlatformWorkloadIdentities {
resource, err := azcorearm.ParseResourceID(p.ResourceID)
if err != nil {
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, fmt.Sprintf("%s.PlatformWorkloadIdentities[%d].resourceID", path, n), "ResourceID %s formatted incorrectly.", p.ResourceID)
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, fmt.Sprintf("%s.PlatformWorkloadIdentities[%s].resourceID", path, name), "ResourceID %s formatted incorrectly.", p.ResourceID)
}
if p.OperatorName == "" {
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, fmt.Sprintf("%s.PlatformWorkloadIdentities[%d].resourceID", path, n), "Operator name is empty.")
if name == "" {
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, fmt.Sprintf("%s.PlatformWorkloadIdentities[%s].resourceID", path, name), "Operator name is empty.")
}
if _, found := operators[p.OperatorName]; found {
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, fmt.Sprintf("%s.platformWorkloadIdentities", path), "Operator identities cannot have duplicate names.")
}
operators[p.OperatorName] = struct{}{}
if resource.ResourceType.Type != "userAssignedIdentities" {
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, fmt.Sprintf("%s.PlatformWorkloadIdentities[%d].resourceID", path, n), "Resource must be a user assigned identity.")
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, fmt.Sprintf("%s.PlatformWorkloadIdentities[%s].resourceID", path, name), "Resource must be a user assigned identity.")
}
}

Просмотреть файл

@ -45,17 +45,12 @@ const (
var (
subscriptionID = "00000000-0000-0000-0000-000000000000"
platformIdentity1 = PlatformWorkloadIdentity{
OperatorName: "FAKE-OPERATOR",
ResourceID: "/subscriptions/12345678-1234-1234-1234-123456789012/resourceGroups/a-fake-group/providers/Microsoft.RedHatOpenShift/userAssignedIdentities/fake-cluster-name",
}
platformIdentity2 = PlatformWorkloadIdentity{
OperatorName: "ANOTHER-FAKE-OPERATOR",
ResourceID: "/subscriptions/12345678-1234-1234-1234-123456789012/resourceGroups/a-fake-group/providers/Microsoft.RedHatOpenShift/userAssignedIdentities/fake-cluster-name-two",
}
clusterIdentity1 = ClusterUserAssignedIdentity{
ClientID: "11111111-1111-1111-1111-111111111111",
PrincipalID: "SOMETHING",
}
clusterIdentity1 = UserAssignedIdentity{}
)
func getResourceID(clusterName string) string {
@ -208,7 +203,7 @@ func runTests(t *testing.T, mode testMode, tests []*validateTest) {
err := v.Static(oc, current, v.location, v.domain, tt.requireD2sV3Workers, v.resourceID)
if err == nil {
if tt.wantErr != "" {
t.Error(err)
t.Errorf("Expected error %s, got nil", tt.wantErr)
}
} else {
if err.Error() != tt.wantErr {
@ -1245,12 +1240,12 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
name: "valid workloadIdentityProfile",
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"name": platformIdentity1,
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": {
ClientID: "11111111-1111-1111-1111-111111111111",
PrincipalID: "SOMETHING",
@ -1263,8 +1258,8 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
{
name: "invalid resourceID",
modify: func(oc *OpenShiftCluster) {
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": {
ClientID: "11111111-1111-1111-1111-111111111111",
PrincipalID: "SOMETHING",
@ -1272,47 +1267,45 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
},
}
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
{
OperatorName: "FAKE-OPERATOR",
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"FAKE-OPERATOR": {
ResourceID: "BAD",
},
},
}
oc.Properties.ServicePrincipalProfile = nil
},
wantErr: "400: InvalidParameter: properties.platformWorkloadIdentityProfile.PlatformWorkloadIdentities[0].resourceID: ResourceID BAD formatted incorrectly.",
wantErr: "400: InvalidParameter: properties.platformWorkloadIdentityProfile.PlatformWorkloadIdentities[FAKE-OPERATOR].resourceID: ResourceID BAD formatted incorrectly.",
},
{
name: "wrong resource type",
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
{
OperatorName: "FAKE-OPERATOR",
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"FAKE-OPERATOR": {
ResourceID: "/subscriptions/12345678-1234-1234-1234-123456789012/resourceGroups/a-fake-group/providers/Microsoft.RedHatOpenShift/otherThing/fake-cluster-name",
},
},
}
oc.Properties.ServicePrincipalProfile = nil
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
},
wantErr: "400: InvalidParameter: properties.platformWorkloadIdentityProfile.PlatformWorkloadIdentities[0].resourceID: Resource must be a user assigned identity.",
wantErr: "400: InvalidParameter: properties.platformWorkloadIdentityProfile.PlatformWorkloadIdentities[FAKE-OPERATOR].resourceID: Resource must be a user assigned identity.",
},
{
name: "no credentials with identities",
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"name": platformIdentity1,
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
@ -1326,8 +1319,8 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
{
name: "cluster identity missing platform workload identity",
modify: func(oc *OpenShiftCluster) {
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
@ -1338,10 +1331,8 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
name: "platform workload identity missing cluster identity",
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
{
OperatorName: "operator_name",
},
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"operator_name": {},
},
}
oc.Properties.ServicePrincipalProfile = nil
@ -1352,36 +1343,33 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
name: "platform workload identity - cluster identity map is empty",
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
{
OperatorName: "operator_name",
},
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"operator_name": {},
},
}
oc.Properties.ServicePrincipalProfile = nil
oc.Identity = &Identity{}
oc.Identity = &ManagedServiceIdentity{}
},
wantErr: "400: InvalidParameter: identity: The provided cluster identity is invalid; there should be exactly one.",
},
{
name: "operator name missing",
modify: func(oc *OpenShiftCluster) {
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
{
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"": {
ResourceID: "/subscriptions/12345678-1234-1234-1234-123456789012/resourceGroups/a-fake-group/providers/Microsoft.RedHatOpenShift/userAssignedIdentities/fake-cluster-name",
OperatorName: "",
},
},
}
oc.Properties.ServicePrincipalProfile = nil
},
wantErr: "400: InvalidParameter: properties.platformWorkloadIdentityProfile.PlatformWorkloadIdentities[0].resourceID: Operator name is empty.",
wantErr: "400: InvalidParameter: properties.platformWorkloadIdentityProfile.PlatformWorkloadIdentities[].resourceID: Operator name is empty.",
},
{
name: "identity and service principal missing",
@ -1394,9 +1382,9 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
{
name: "valid UpgradeableTo value",
modify: func(oc *OpenShiftCluster) {
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
"Dummy": ClusterUserAssignedIdentity{},
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"Dummy": {},
},
}
oc.Properties.ServicePrincipalProfile = nil
@ -1408,9 +1396,9 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
{
name: "invalid UpgradeableTo value",
modify: func(oc *OpenShiftCluster) {
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
"Dummy": ClusterUserAssignedIdentity{},
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"Dummy": {},
},
}
oc.Properties.ServicePrincipalProfile = nil
@ -1420,27 +1408,6 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
},
wantErr: `400: InvalidParameter: properties.platformWorkloadIdentityProfile.UpgradeableTo[16.107.invalid]: UpgradeableTo must be a valid OpenShift version in the format 'x.y.z'.`,
},
{
name: "invalid duplicate identity",
current: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
{
OperatorName: platformIdentity1.OperatorName,
ResourceID: "/subscriptions/12345678-1234-1234-1234-123456789012/resourceGroups/a-fake-group/providers/Microsoft.RedHatOpenShift/userAssignedIdentities/fake-cluster-name-three",
},
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
"first": clusterIdentity1,
},
}
oc.Properties.ServicePrincipalProfile = nil
},
wantErr: "400: InvalidParameter: properties.platformWorkloadIdentityProfile.platformWorkloadIdentities: Operator identities cannot have duplicate names.",
},
}
updateTests := []*validateTest{
@ -1448,38 +1415,41 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
name: "addition of operator identity",
current: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"FAKE-OPERATOR": platformIdentity1,
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
oc.Properties.ServicePrincipalProfile = nil
},
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = append(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities, platformIdentity2)
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities["ANOTHER-FAKE-OPERATOR"] = platformIdentity2
},
},
{
name: "invalid change of operator identity name",
current: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"FAKE-OPERATOR": platformIdentity1,
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
oc.Properties.ServicePrincipalProfile = nil
},
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[0].OperatorName = "FAKE-OPERATOR-OTHER"
pwi := map[string]PlatformWorkloadIdentity{
"FAKE-OPERATOR-OTHER": platformIdentity1,
}
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = pwi
},
wantErr: "400: PropertyChangeNotAllowed: properties.platformWorkloadIdentityProfile.platformWorkloadIdentities: Operator identity cannot be removed or have its name changed.",
},
@ -1487,19 +1457,19 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
name: "invalid change of operator identity resource ID",
current: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"FAKE-OPERATOR": platformIdentity1,
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
oc.Properties.ServicePrincipalProfile = nil
},
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[0].ResourceID = platformIdentity2.ResourceID
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities["FAKE-OPERATOR"] = platformIdentity2
},
wantErr: "400: PropertyChangeNotAllowed: properties.platformWorkloadIdentityProfile.platformWorkloadIdentities: Operator identity resource ID cannot be changed.",
},
@ -1507,22 +1477,22 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
name: "change of operator identity order",
current: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
platformIdentity2,
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"OPERATOR-1": platformIdentity1,
"OPERATOR-2": platformIdentity2,
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
oc.Properties.ServicePrincipalProfile = nil
},
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = []PlatformWorkloadIdentity{
platformIdentity2,
platformIdentity1,
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = map[string]PlatformWorkloadIdentity{
"OPERATOR-1": platformIdentity1,
"OPERATOR-2": platformIdentity2,
}
},
},
@ -1530,20 +1500,22 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
name: "invalid change of operator identity name and resource ID",
current: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"FAKE-OPERATOR": platformIdentity1,
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
oc.Properties.ServicePrincipalProfile = nil
},
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[0].OperatorName = platformIdentity2.OperatorName
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities[0].ResourceID = platformIdentity2.ResourceID
pwi := map[string]PlatformWorkloadIdentity{
"FAKE-OPERATOR-OTHER": platformIdentity2,
}
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = pwi
},
wantErr: "400: PropertyChangeNotAllowed: properties.platformWorkloadIdentityProfile.platformWorkloadIdentities: Operator identity cannot be removed or have its name changed.",
},
@ -1551,49 +1523,25 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin
name: "invalid removal of identity",
current: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
platformIdentity2,
PlatformWorkloadIdentities: map[string]PlatformWorkloadIdentity{
"operator1": platformIdentity1,
"operator2": platformIdentity2,
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
oc.Identity = &ManagedServiceIdentity{
UserAssignedIdentities: map[string]UserAssignedIdentity{
"first": clusterIdentity1,
},
}
oc.Properties.ServicePrincipalProfile = nil
},
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = []PlatformWorkloadIdentity{
platformIdentity1,
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = map[string]PlatformWorkloadIdentity{
"operator1": platformIdentity1,
}
},
wantErr: "400: PropertyChangeNotAllowed: properties.platformWorkloadIdentityProfile.platformWorkloadIdentities: Operator identity cannot be removed or have its name changed.",
},
{
name: "invalid duplicate identity",
current: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []PlatformWorkloadIdentity{
platformIdentity1,
},
}
oc.Identity = &Identity{
UserAssignedIdentities: UserAssignedIdentities{
"first": clusterIdentity1,
},
}
oc.Properties.ServicePrincipalProfile = nil
},
modify: func(oc *OpenShiftCluster) {
oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = append(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities,
PlatformWorkloadIdentity{
OperatorName: platformIdentity1.OperatorName,
ResourceID: "/subscriptions/12345678-1234-1234-1234-123456789012/resourceGroups/a-fake-group/providers/Microsoft.RedHatOpenShift/userAssignedIdentities/fake-cluster-name-three",
})
},
wantErr: "400: InvalidParameter: properties.platformWorkloadIdentityProfile.platformWorkloadIdentities: Operator identities cannot have duplicate names.",
},
}
runTests(t, testModeCreate, createTests)

Просмотреть файл

@ -17,25 +17,6 @@ package redhatopenshift
// Code generated by Microsoft (R) AutoRest Code Generator.
// Changes may cause incorrect behavior and will be lost if the code is regenerated.
// CreatedByType enumerates the values for created by type.
type CreatedByType string
const (
// Application ...
Application CreatedByType = "Application"
// Key ...
Key CreatedByType = "Key"
// ManagedIdentity ...
ManagedIdentity CreatedByType = "ManagedIdentity"
// User ...
User CreatedByType = "User"
)
// PossibleCreatedByTypeValues returns an array of possible values for the CreatedByType const type.
func PossibleCreatedByTypeValues() []CreatedByType {
return []CreatedByType{Application, Key, ManagedIdentity, User}
}
// EncryptionAtHost enumerates the values for encryption at host.
type EncryptionAtHost string

Просмотреть файл

@ -24,7 +24,6 @@ import (
"github.com/Azure/go-autorest/autorest"
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/date"
"github.com/Azure/go-autorest/autorest/to"
"github.com/Azure/go-autorest/tracing"
)
@ -145,8 +144,6 @@ type OpenShiftCluster struct {
autorest.Response `json:"-"`
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
// Tags - Resource tags.
Tags map[string]*string `json:"tags"`
// Location - The geo-location where the resource lives
@ -192,15 +189,6 @@ func (osc *OpenShiftCluster) UnmarshalJSON(body []byte) error {
}
osc.OpenShiftClusterProperties = &openShiftClusterProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
osc.SystemData = &systemData
}
case "tags":
if v != nil {
var tags map[string]*string
@ -579,8 +567,6 @@ type OpenShiftClusterUpdate struct {
Tags map[string]*string `json:"tags"`
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for OpenShiftClusterUpdate.
@ -622,15 +608,6 @@ func (oscu *OpenShiftClusterUpdate) UnmarshalJSON(body []byte) error {
}
oscu.OpenShiftClusterProperties = &openShiftClusterProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
oscu.SystemData = &systemData
}
}
}
@ -847,22 +824,6 @@ type ServicePrincipalProfile struct {
ClientSecret *string `json:"clientSecret,omitempty"`
}
// SystemData metadata pertaining to creation and last modification of the resource.
type SystemData struct {
// CreatedBy - The identity that created the resource.
CreatedBy *string `json:"createdBy,omitempty"`
// CreatedByType - The type of identity that created the resource. Possible values include: 'User', 'Application', 'ManagedIdentity', 'Key'
CreatedByType CreatedByType `json:"createdByType,omitempty"`
// CreatedAt - The timestamp of resource creation (UTC).
CreatedAt *date.Time `json:"createdAt,omitempty"`
// LastModifiedBy - The identity that last modified the resource.
LastModifiedBy *string `json:"lastModifiedBy,omitempty"`
// LastModifiedByType - The type of identity that last modified the resource. Possible values include: 'User', 'Application', 'ManagedIdentity', 'Key'
LastModifiedByType CreatedByType `json:"lastModifiedByType,omitempty"`
// LastModifiedAt - The type of identity that last modified the resource.
LastModifiedAt *date.Time `json:"lastModifiedAt,omitempty"`
}
// TrackedResource the resource model definition for an Azure Resource Manager tracked top level resource
type TrackedResource struct {
// Tags - Resource tags.

Просмотреть файл

@ -98,7 +98,6 @@ func (client OpenShiftClustersClient) CreateOrUpdatePreparer(ctx context.Context
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPut(),
@ -782,7 +781,6 @@ func (client OpenShiftClustersClient) UpdatePreparer(ctx context.Context, resour
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -17,25 +17,6 @@ package redhatopenshift
// Code generated by Microsoft (R) AutoRest Code Generator.
// Changes may cause incorrect behavior and will be lost if the code is regenerated.
// CreatedByType enumerates the values for created by type.
type CreatedByType string
const (
// Application ...
Application CreatedByType = "Application"
// Key ...
Key CreatedByType = "Key"
// ManagedIdentity ...
ManagedIdentity CreatedByType = "ManagedIdentity"
// User ...
User CreatedByType = "User"
)
// PossibleCreatedByTypeValues returns an array of possible values for the CreatedByType const type.
func PossibleCreatedByTypeValues() []CreatedByType {
return []CreatedByType{Application, Key, ManagedIdentity, User}
}
// EncryptionAtHost enumerates the values for encryption at host.
type EncryptionAtHost string

Просмотреть файл

@ -24,7 +24,6 @@ import (
"github.com/Azure/go-autorest/autorest"
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/date"
"github.com/Azure/go-autorest/autorest/to"
"github.com/Azure/go-autorest/tracing"
)
@ -145,8 +144,6 @@ type OpenShiftCluster struct {
autorest.Response `json:"-"`
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
// Tags - Resource tags.
Tags map[string]*string `json:"tags"`
// Location - The geo-location where the resource lives
@ -192,15 +189,6 @@ func (osc *OpenShiftCluster) UnmarshalJSON(body []byte) error {
}
osc.OpenShiftClusterProperties = &openShiftClusterProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
osc.SystemData = &systemData
}
case "tags":
if v != nil {
var tags map[string]*string
@ -579,8 +567,6 @@ type OpenShiftClusterUpdate struct {
Tags map[string]*string `json:"tags"`
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for OpenShiftClusterUpdate.
@ -622,15 +608,6 @@ func (oscu *OpenShiftClusterUpdate) UnmarshalJSON(body []byte) error {
}
oscu.OpenShiftClusterProperties = &openShiftClusterProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
oscu.SystemData = &systemData
}
}
}
@ -847,22 +824,6 @@ type ServicePrincipalProfile struct {
ClientSecret *string `json:"clientSecret,omitempty"`
}
// SystemData metadata pertaining to creation and last modification of the resource.
type SystemData struct {
// CreatedBy - The identity that created the resource.
CreatedBy *string `json:"createdBy,omitempty"`
// CreatedByType - The type of identity that created the resource. Possible values include: 'User', 'Application', 'ManagedIdentity', 'Key'
CreatedByType CreatedByType `json:"createdByType,omitempty"`
// CreatedAt - The timestamp of resource creation (UTC).
CreatedAt *date.Time `json:"createdAt,omitempty"`
// LastModifiedBy - The identity that last modified the resource.
LastModifiedBy *string `json:"lastModifiedBy,omitempty"`
// LastModifiedByType - The type of identity that last modified the resource. Possible values include: 'User', 'Application', 'ManagedIdentity', 'Key'
LastModifiedByType CreatedByType `json:"lastModifiedByType,omitempty"`
// LastModifiedAt - The type of identity that last modified the resource.
LastModifiedAt *date.Time `json:"lastModifiedAt,omitempty"`
}
// TrackedResource the resource model definition for an Azure Resource Manager tracked top level resource
type TrackedResource struct {
// Tags - Resource tags.

Просмотреть файл

@ -98,7 +98,6 @@ func (client OpenShiftClustersClient) CreateOrUpdatePreparer(ctx context.Context
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPut(),
@ -782,7 +781,6 @@ func (client OpenShiftClustersClient) UpdatePreparer(ctx context.Context, resour
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client MachinePoolsClient) UpdatePreparer(ctx context.Context, resourceGro
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -374,8 +374,6 @@ type MachinePoolProperties struct {
type MachinePoolUpdate struct {
// MachinePoolProperties - The MachinePool Properties
*MachinePoolProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for MachinePoolUpdate.
@ -405,15 +403,6 @@ func (mpu *MachinePoolUpdate) UnmarshalJSON(body []byte) error {
}
mpu.MachinePoolProperties = &machinePoolProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
mpu.SystemData = &systemData
}
}
}
@ -879,8 +868,6 @@ type OpenShiftClusterUpdate struct {
Tags map[string]*string `json:"tags"`
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for OpenShiftClusterUpdate.
@ -922,15 +909,6 @@ func (oscu *OpenShiftClusterUpdate) UnmarshalJSON(body []byte) error {
}
oscu.OpenShiftClusterProperties = &openShiftClusterProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
oscu.SystemData = &systemData
}
}
}
@ -1644,8 +1622,6 @@ type SecretProperties struct {
type SecretUpdate struct {
// SecretProperties - The Secret Properties
*SecretProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SecretUpdate.
@ -1675,15 +1651,6 @@ func (su *SecretUpdate) UnmarshalJSON(body []byte) error {
}
su.SecretProperties = &secretProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
su.SystemData = &systemData
}
}
}
@ -1950,8 +1917,6 @@ type SyncIdentityProviderProperties struct {
type SyncIdentityProviderUpdate struct {
// SyncIdentityProviderProperties - The SyncIdentityProvider Properties
*SyncIdentityProviderProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncIdentityProviderUpdate.
@ -1981,15 +1946,6 @@ func (sipu *SyncIdentityProviderUpdate) UnmarshalJSON(body []byte) error {
}
sipu.SyncIdentityProviderProperties = &syncIdentityProviderProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
sipu.SystemData = &systemData
}
}
}
@ -2249,8 +2205,6 @@ type SyncSetProperties struct {
type SyncSetUpdate struct {
// SyncSetProperties - The Syncsets properties
*SyncSetProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncSetUpdate.
@ -2280,15 +2234,6 @@ func (ssu *SyncSetUpdate) UnmarshalJSON(body []byte) error {
}
ssu.SyncSetProperties = &syncSetProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
ssu.SystemData = &systemData
}
}
}

Просмотреть файл

@ -774,7 +774,6 @@ func (client OpenShiftClustersClient) UpdatePreparer(ctx context.Context, resour
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SecretsClient) UpdatePreparer(ctx context.Context, resourceGroupNam
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -532,7 +532,6 @@ func (client SyncIdentityProvidersClient) UpdatePreparer(ctx context.Context, re
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SyncSetsClient) UpdatePreparer(ctx context.Context, resourceGroupNa
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client MachinePoolsClient) UpdatePreparer(ctx context.Context, resourceGro
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -374,8 +374,6 @@ type MachinePoolProperties struct {
type MachinePoolUpdate struct {
// MachinePoolProperties - The MachinePool Properties
*MachinePoolProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for MachinePoolUpdate.
@ -405,15 +403,6 @@ func (mpu *MachinePoolUpdate) UnmarshalJSON(body []byte) error {
}
mpu.MachinePoolProperties = &machinePoolProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
mpu.SystemData = &systemData
}
}
}
@ -881,8 +870,6 @@ type OpenShiftClusterUpdate struct {
Tags map[string]*string `json:"tags"`
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for OpenShiftClusterUpdate.
@ -924,15 +911,6 @@ func (oscu *OpenShiftClusterUpdate) UnmarshalJSON(body []byte) error {
}
oscu.OpenShiftClusterProperties = &openShiftClusterProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
oscu.SystemData = &systemData
}
}
}
@ -1646,8 +1624,6 @@ type SecretProperties struct {
type SecretUpdate struct {
// SecretProperties - The Secret Properties
*SecretProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SecretUpdate.
@ -1677,15 +1653,6 @@ func (su *SecretUpdate) UnmarshalJSON(body []byte) error {
}
su.SecretProperties = &secretProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
su.SystemData = &systemData
}
}
}
@ -1952,8 +1919,6 @@ type SyncIdentityProviderProperties struct {
type SyncIdentityProviderUpdate struct {
// SyncIdentityProviderProperties - The SyncIdentityProvider Properties
*SyncIdentityProviderProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncIdentityProviderUpdate.
@ -1983,15 +1948,6 @@ func (sipu *SyncIdentityProviderUpdate) UnmarshalJSON(body []byte) error {
}
sipu.SyncIdentityProviderProperties = &syncIdentityProviderProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
sipu.SystemData = &systemData
}
}
}
@ -2251,8 +2207,6 @@ type SyncSetProperties struct {
type SyncSetUpdate struct {
// SyncSetProperties - The Syncsets properties
*SyncSetProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncSetUpdate.
@ -2282,15 +2236,6 @@ func (ssu *SyncSetUpdate) UnmarshalJSON(body []byte) error {
}
ssu.SyncSetProperties = &syncSetProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
ssu.SystemData = &systemData
}
}
}

Просмотреть файл

@ -774,7 +774,6 @@ func (client OpenShiftClustersClient) UpdatePreparer(ctx context.Context, resour
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SecretsClient) UpdatePreparer(ctx context.Context, resourceGroupNam
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -532,7 +532,6 @@ func (client SyncIdentityProvidersClient) UpdatePreparer(ctx context.Context, re
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SyncSetsClient) UpdatePreparer(ctx context.Context, resourceGroupNa
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client MachinePoolsClient) UpdatePreparer(ctx context.Context, resourceGro
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -413,8 +413,6 @@ type MachinePoolProperties struct {
type MachinePoolUpdate struct {
// MachinePoolProperties - The MachinePool Properties
*MachinePoolProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for MachinePoolUpdate.
@ -444,15 +442,6 @@ func (mpu *MachinePoolUpdate) UnmarshalJSON(body []byte) error {
}
mpu.MachinePoolProperties = &machinePoolProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
mpu.SystemData = &systemData
}
}
}
@ -929,8 +918,6 @@ type OpenShiftClusterUpdate struct {
Tags map[string]*string `json:"tags"`
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for OpenShiftClusterUpdate.
@ -972,15 +959,6 @@ func (oscu *OpenShiftClusterUpdate) UnmarshalJSON(body []byte) error {
}
oscu.OpenShiftClusterProperties = &openShiftClusterProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
oscu.SystemData = &systemData
}
}
}
@ -1707,8 +1685,6 @@ type SecretProperties struct {
type SecretUpdate struct {
// SecretProperties - The Secret Properties
*SecretProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SecretUpdate.
@ -1738,15 +1714,6 @@ func (su *SecretUpdate) UnmarshalJSON(body []byte) error {
}
su.SecretProperties = &secretProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
su.SystemData = &systemData
}
}
}
@ -2013,8 +1980,6 @@ type SyncIdentityProviderProperties struct {
type SyncIdentityProviderUpdate struct {
// SyncIdentityProviderProperties - The SyncIdentityProvider Properties
*SyncIdentityProviderProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncIdentityProviderUpdate.
@ -2044,15 +2009,6 @@ func (sipu *SyncIdentityProviderUpdate) UnmarshalJSON(body []byte) error {
}
sipu.SyncIdentityProviderProperties = &syncIdentityProviderProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
sipu.SystemData = &systemData
}
}
}
@ -2312,8 +2268,6 @@ type SyncSetProperties struct {
type SyncSetUpdate struct {
// SyncSetProperties - The Syncsets properties
*SyncSetProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncSetUpdate.
@ -2343,15 +2297,6 @@ func (ssu *SyncSetUpdate) UnmarshalJSON(body []byte) error {
}
ssu.SyncSetProperties = &syncSetProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
ssu.SystemData = &systemData
}
}
}

Просмотреть файл

@ -774,7 +774,6 @@ func (client OpenShiftClustersClient) UpdatePreparer(ctx context.Context, resour
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SecretsClient) UpdatePreparer(ctx context.Context, resourceGroupNam
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -532,7 +532,6 @@ func (client SyncIdentityProvidersClient) UpdatePreparer(ctx context.Context, re
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SyncSetsClient) UpdatePreparer(ctx context.Context, resourceGroupNa
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client MachinePoolsClient) UpdatePreparer(ctx context.Context, resourceGro
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -374,8 +374,6 @@ type MachinePoolProperties struct {
type MachinePoolUpdate struct {
// MachinePoolProperties - The MachinePool Properties
*MachinePoolProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for MachinePoolUpdate.
@ -405,15 +403,6 @@ func (mpu *MachinePoolUpdate) UnmarshalJSON(body []byte) error {
}
mpu.MachinePoolProperties = &machinePoolProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
mpu.SystemData = &systemData
}
}
}
@ -918,8 +907,6 @@ type OpenShiftClusterUpdate struct {
Tags map[string]*string `json:"tags"`
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for OpenShiftClusterUpdate.
@ -961,15 +948,6 @@ func (oscu *OpenShiftClusterUpdate) UnmarshalJSON(body []byte) error {
}
oscu.OpenShiftClusterProperties = &openShiftClusterProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
oscu.SystemData = &systemData
}
}
}
@ -1683,8 +1661,6 @@ type SecretProperties struct {
type SecretUpdate struct {
// SecretProperties - The Secret Properties
*SecretProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SecretUpdate.
@ -1714,15 +1690,6 @@ func (su *SecretUpdate) UnmarshalJSON(body []byte) error {
}
su.SecretProperties = &secretProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
su.SystemData = &systemData
}
}
}
@ -1989,8 +1956,6 @@ type SyncIdentityProviderProperties struct {
type SyncIdentityProviderUpdate struct {
// SyncIdentityProviderProperties - The SyncIdentityProvider Properties
*SyncIdentityProviderProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncIdentityProviderUpdate.
@ -2020,15 +1985,6 @@ func (sipu *SyncIdentityProviderUpdate) UnmarshalJSON(body []byte) error {
}
sipu.SyncIdentityProviderProperties = &syncIdentityProviderProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
sipu.SystemData = &systemData
}
}
}
@ -2288,8 +2244,6 @@ type SyncSetProperties struct {
type SyncSetUpdate struct {
// SyncSetProperties - The Syncsets properties
*SyncSetProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncSetUpdate.
@ -2319,15 +2273,6 @@ func (ssu *SyncSetUpdate) UnmarshalJSON(body []byte) error {
}
ssu.SyncSetProperties = &syncSetProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
ssu.SystemData = &systemData
}
}
}

Просмотреть файл

@ -774,7 +774,6 @@ func (client OpenShiftClustersClient) UpdatePreparer(ctx context.Context, resour
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SecretsClient) UpdatePreparer(ctx context.Context, resourceGroupNam
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -532,7 +532,6 @@ func (client SyncIdentityProvidersClient) UpdatePreparer(ctx context.Context, re
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SyncSetsClient) UpdatePreparer(ctx context.Context, resourceGroupNa
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client MachinePoolsClient) UpdatePreparer(ctx context.Context, resourceGro
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -425,8 +425,6 @@ type MachinePoolProperties struct {
type MachinePoolUpdate struct {
// MachinePoolProperties - The MachinePool Properties
*MachinePoolProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for MachinePoolUpdate.
@ -456,15 +454,6 @@ func (mpu *MachinePoolUpdate) UnmarshalJSON(body []byte) error {
}
mpu.MachinePoolProperties = &machinePoolProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
mpu.SystemData = &systemData
}
}
}
@ -978,8 +967,6 @@ type OpenShiftClusterUpdate struct {
Tags map[string]*string `json:"tags"`
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for OpenShiftClusterUpdate.
@ -1021,15 +1008,6 @@ func (oscu *OpenShiftClusterUpdate) UnmarshalJSON(body []byte) error {
}
oscu.OpenShiftClusterProperties = &openShiftClusterProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
oscu.SystemData = &systemData
}
}
}
@ -1743,8 +1721,6 @@ type SecretProperties struct {
type SecretUpdate struct {
// SecretProperties - The Secret Properties
*SecretProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SecretUpdate.
@ -1774,15 +1750,6 @@ func (su *SecretUpdate) UnmarshalJSON(body []byte) error {
}
su.SecretProperties = &secretProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
su.SystemData = &systemData
}
}
}
@ -2049,8 +2016,6 @@ type SyncIdentityProviderProperties struct {
type SyncIdentityProviderUpdate struct {
// SyncIdentityProviderProperties - The SyncIdentityProvider Properties
*SyncIdentityProviderProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncIdentityProviderUpdate.
@ -2080,15 +2045,6 @@ func (sipu *SyncIdentityProviderUpdate) UnmarshalJSON(body []byte) error {
}
sipu.SyncIdentityProviderProperties = &syncIdentityProviderProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
sipu.SystemData = &systemData
}
}
}
@ -2348,8 +2304,6 @@ type SyncSetProperties struct {
type SyncSetUpdate struct {
// SyncSetProperties - The Syncsets properties
*SyncSetProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncSetUpdate.
@ -2379,15 +2333,6 @@ func (ssu *SyncSetUpdate) UnmarshalJSON(body []byte) error {
}
ssu.SyncSetProperties = &syncSetProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
ssu.SystemData = &systemData
}
}
}

Просмотреть файл

@ -774,7 +774,6 @@ func (client OpenShiftClustersClient) UpdatePreparer(ctx context.Context, resour
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SecretsClient) UpdatePreparer(ctx context.Context, resourceGroupNam
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -532,7 +532,6 @@ func (client SyncIdentityProvidersClient) UpdatePreparer(ctx context.Context, re
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -531,7 +531,6 @@ func (client SyncSetsClient) UpdatePreparer(ctx context.Context, resourceGroupNa
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -22,6 +22,7 @@ package redhatopenshift
import (
"github.com/Azure/go-autorest/autorest"
"github.com/gofrs/uuid"
)
const (
@ -33,17 +34,17 @@ const (
type BaseClient struct {
autorest.Client
BaseURI string
SubscriptionID string
SubscriptionID uuid.UUID
}
// New creates an instance of the BaseClient client.
func New(subscriptionID string) BaseClient {
func New(subscriptionID uuid.UUID) BaseClient {
return NewWithBaseURI(DefaultBaseURI, subscriptionID)
}
// NewWithBaseURI creates an instance of the BaseClient client using a custom endpoint. Use this when interacting with
// an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient {
func NewWithBaseURI(baseURI string, subscriptionID uuid.UUID) BaseClient {
return BaseClient{
Client: autorest.NewClientWithUserAgent(UserAgent()),
BaseURI: baseURI,

Просмотреть файл

@ -66,6 +66,25 @@ func PossibleFipsValidatedModulesValues() []FipsValidatedModules {
return []FipsValidatedModules{FipsValidatedModulesDisabled, FipsValidatedModulesEnabled}
}
// ManagedServiceIdentityType enumerates the values for managed service identity type.
type ManagedServiceIdentityType string
const (
// None ...
None ManagedServiceIdentityType = "None"
// SystemAssigned ...
SystemAssigned ManagedServiceIdentityType = "SystemAssigned"
// SystemAssignedUserAssigned ...
SystemAssignedUserAssigned ManagedServiceIdentityType = "SystemAssigned,UserAssigned"
// UserAssigned ...
UserAssigned ManagedServiceIdentityType = "UserAssigned"
)
// PossibleManagedServiceIdentityTypeValues returns an array of possible values for the ManagedServiceIdentityType const type.
func PossibleManagedServiceIdentityTypeValues() []ManagedServiceIdentityType {
return []ManagedServiceIdentityType{None, SystemAssigned, SystemAssignedUserAssigned, UserAssigned}
}
// OutboundType enumerates the values for outbound type.
type OutboundType string
@ -121,6 +140,25 @@ func PossibleProvisioningStateValues() []ProvisioningState {
return []ProvisioningState{AdminUpdating, Canceled, Creating, Deleting, Failed, Succeeded, Updating}
}
// SkuTier enumerates the values for sku tier.
type SkuTier string
const (
// Basic ...
Basic SkuTier = "Basic"
// Free ...
Free SkuTier = "Free"
// Premium ...
Premium SkuTier = "Premium"
// Standard ...
Standard SkuTier = "Standard"
)
// PossibleSkuTierValues returns an array of possible values for the SkuTier const type.
func PossibleSkuTierValues() []SkuTier {
return []SkuTier{Basic, Free, Premium, Standard}
}
// Visibility enumerates the values for visibility.
type Visibility string

Просмотреть файл

@ -25,6 +25,7 @@ import (
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/validation"
"github.com/Azure/go-autorest/tracing"
"github.com/gofrs/uuid"
)
// MachinePoolsClient is the rest API for Azure Red Hat OpenShift 4
@ -33,13 +34,13 @@ type MachinePoolsClient struct {
}
// NewMachinePoolsClient creates an instance of the MachinePoolsClient client.
func NewMachinePoolsClient(subscriptionID string) MachinePoolsClient {
func NewMachinePoolsClient(subscriptionID uuid.UUID) MachinePoolsClient {
return NewMachinePoolsClientWithBaseURI(DefaultBaseURI, subscriptionID)
}
// NewMachinePoolsClientWithBaseURI creates an instance of the MachinePoolsClient client using a custom endpoint. Use
// this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func NewMachinePoolsClientWithBaseURI(baseURI string, subscriptionID string) MachinePoolsClient {
func NewMachinePoolsClientWithBaseURI(baseURI string, subscriptionID uuid.UUID) MachinePoolsClient {
return MachinePoolsClient{NewWithBaseURI(baseURI, subscriptionID)}
}
@ -61,8 +62,6 @@ func (client MachinePoolsClient) CreateOrUpdate(ctx context.Context, resourceGro
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -158,8 +157,6 @@ func (client MachinePoolsClient) Delete(ctx context.Context, resourceGroupName s
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -252,8 +249,6 @@ func (client MachinePoolsClient) Get(ctx context.Context, resourceGroupName stri
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -346,8 +341,6 @@ func (client MachinePoolsClient) List(ctx context.Context, resourceGroupName str
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -479,8 +472,6 @@ func (client MachinePoolsClient) Update(ctx context.Context, resourceGroupName s
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -531,7 +522,6 @@ func (client MachinePoolsClient) UpdatePreparer(ctx context.Context, resourceGro
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -27,6 +27,7 @@ import (
"github.com/Azure/go-autorest/autorest/date"
"github.com/Azure/go-autorest/autorest/to"
"github.com/Azure/go-autorest/tracing"
"github.com/gofrs/uuid"
)
// The package's fully qualified name.
@ -55,7 +56,7 @@ func (asp APIServerProfile) MarshalJSON() ([]byte, error) {
type AzureEntityResource struct {
// Etag - READ-ONLY; Resource Etag.
Etag *string `json:"etag,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -105,13 +106,6 @@ type ClusterProfile struct {
OidcIssuer *string `json:"oidcIssuer,omitempty"`
}
// ClusterUserAssignedIdentity clusterUserAssignedIdentity stores information about a user-assigned managed
// identity in a predefined format required by Microsoft's Managed Identity team.
type ClusterUserAssignedIdentity struct {
ClientID *string `json:"clientId,omitempty"`
PrincipalID *string `json:"principalId,omitempty"`
}
// ConsoleProfile consoleProfile represents a console profile.
type ConsoleProfile struct {
// URL - READ-ONLY; The URL to access the cluster console.
@ -143,24 +137,6 @@ type EffectiveOutboundIP struct {
ID *string `json:"id,omitempty"`
}
// Identity identity stores information about the cluster MSI(s) in a workload identity cluster.
type Identity struct {
Type *string `json:"type,omitempty"`
UserAssignedIdentities map[string]*ClusterUserAssignedIdentity `json:"userAssignedIdentities"`
}
// MarshalJSON is the custom marshaler for Identity.
func (i Identity) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if i.Type != nil {
objectMap["type"] = i.Type
}
if i.UserAssignedIdentities != nil {
objectMap["userAssignedIdentities"] = i.UserAssignedIdentities
}
return json.Marshal(objectMap)
}
// IngressProfile ingressProfile represents an ingress profile.
type IngressProfile struct {
// Name - The ingress profile name.
@ -205,7 +181,7 @@ type MachinePool struct {
autorest.Response `json:"-"`
// MachinePoolProperties - The MachinePool Properties
*MachinePoolProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -452,8 +428,6 @@ type MachinePoolProperties struct {
type MachinePoolUpdate struct {
// MachinePoolProperties - The MachinePool Properties
*MachinePoolProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for MachinePoolUpdate.
@ -483,15 +457,6 @@ func (mpu *MachinePoolUpdate) UnmarshalJSON(body []byte) error {
}
mpu.MachinePoolProperties = &machinePoolProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
mpu.SystemData = &systemData
}
}
}
@ -505,6 +470,30 @@ type ManagedOutboundIPs struct {
Count *int32 `json:"count,omitempty"`
}
// ManagedServiceIdentity managed service identity (system assigned and/or user assigned identities)
type ManagedServiceIdentity struct {
// PrincipalID - READ-ONLY; The service principal ID of the system assigned identity. This property will only be provided for a system assigned identity.
PrincipalID *uuid.UUID `json:"principalId,omitempty"`
// TenantID - READ-ONLY; The tenant ID of the system assigned identity. This property will only be provided for a system assigned identity.
TenantID *uuid.UUID `json:"tenantId,omitempty"`
// Type - Possible values include: 'None', 'SystemAssigned', 'UserAssigned', 'SystemAssignedUserAssigned'
Type ManagedServiceIdentityType `json:"type,omitempty"`
// UserAssignedIdentities - The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.
UserAssignedIdentities map[string]*UserAssignedIdentity `json:"userAssignedIdentities"`
}
// MarshalJSON is the custom marshaler for ManagedServiceIdentity.
func (msi ManagedServiceIdentity) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if msi.Type != "" {
objectMap["type"] = msi.Type
}
if msi.UserAssignedIdentities != nil {
objectMap["userAssignedIdentities"] = msi.UserAssignedIdentities
}
return json.Marshal(objectMap)
}
// MasterProfile masterProfile represents a master profile.
type MasterProfile struct {
// VMSize - The size of the master VMs.
@ -537,12 +526,12 @@ type OpenShiftCluster struct {
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// Identity - Identity stores information about the cluster MSI(s) in a workload identity cluster.
Identity *Identity `json:"identity,omitempty"`
Identity *ManagedServiceIdentity `json:"identity,omitempty"`
// Tags - Resource tags.
Tags map[string]*string `json:"tags"`
// Location - The geo-location where the resource lives
Location *string `json:"location,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -590,7 +579,7 @@ func (osc *OpenShiftCluster) UnmarshalJSON(body []byte) error {
}
case "identity":
if v != nil {
var identity Identity
var identity ManagedServiceIdentity
err = json.Unmarshal(*v, &identity)
if err != nil {
return err
@ -1025,9 +1014,7 @@ type OpenShiftClusterUpdate struct {
// OpenShiftClusterProperties - The cluster properties.
*OpenShiftClusterProperties `json:"properties,omitempty"`
// Identity - Identity stores information about the cluster MSI(s) in a workload identity cluster.
Identity *Identity `json:"identity,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
Identity *ManagedServiceIdentity `json:"identity,omitempty"`
}
// MarshalJSON is the custom marshaler for OpenShiftClusterUpdate.
@ -1074,22 +1061,13 @@ func (oscu *OpenShiftClusterUpdate) UnmarshalJSON(body []byte) error {
}
case "identity":
if v != nil {
var identity Identity
var identity ManagedServiceIdentity
err = json.Unmarshal(*v, &identity)
if err != nil {
return err
}
oscu.Identity = &identity
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
oscu.SystemData = &systemData
}
}
}
@ -1100,7 +1078,7 @@ func (oscu *OpenShiftClusterUpdate) UnmarshalJSON(body []byte) error {
type OpenShiftVersion struct {
// OpenShiftVersionProperties - The properties for the OpenShiftVersion resource.
*OpenShiftVersionProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -1513,23 +1491,34 @@ func NewOperationListPage(cur OperationList, getNextPage func(context.Context, O
}
}
// Plan plan for the resource.
type Plan struct {
// Name - A user defined name of the 3rd Party Artifact that is being procured.
Name *string `json:"name,omitempty"`
// Publisher - The publisher of the 3rd Party Artifact that is being bought. E.g. NewRelic
Publisher *string `json:"publisher,omitempty"`
// Product - The 3rd Party artifact that is being procured. E.g. NewRelic. Product maps to the OfferID specified for the artifact at the time of Data Market onboarding.
Product *string `json:"product,omitempty"`
// PromotionCode - A publisher provided promotion code as provisioned in Data Market for the said product/artifact.
PromotionCode *string `json:"promotionCode,omitempty"`
// Version - The version of the desired product/artifact.
Version *string `json:"version,omitempty"`
}
// PlatformWorkloadIdentity platformWorkloadIdentity stores information representing a single workload
// identity.
type PlatformWorkloadIdentity struct {
OperatorName *string `json:"operatorName,omitempty"`
// ResourceID - The resource ID of the PlatformWorkloadIdentity resource
ResourceID *string `json:"resourceId,omitempty"`
// ClientID - READ-ONLY
// ClientID - READ-ONLY; The ClientID of the PlatformWorkloadIdentity resource
ClientID *string `json:"clientId,omitempty"`
// ObjectID - READ-ONLY
// ObjectID - READ-ONLY; The ObjectID of the PlatformWorkloadIdentity resource
ObjectID *string `json:"objectId,omitempty"`
}
// MarshalJSON is the custom marshaler for PlatformWorkloadIdentity.
func (pwi PlatformWorkloadIdentity) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if pwi.OperatorName != nil {
objectMap["operatorName"] = pwi.OperatorName
}
if pwi.ResourceID != nil {
objectMap["resourceId"] = pwi.ResourceID
}
@ -1540,13 +1529,290 @@ func (pwi PlatformWorkloadIdentity) MarshalJSON() ([]byte, error) {
// specific to workload identity clusters.
type PlatformWorkloadIdentityProfile struct {
UpgradeableTo *string `json:"upgradeableTo,omitempty"`
PlatformWorkloadIdentities *[]PlatformWorkloadIdentity `json:"platformWorkloadIdentities,omitempty"`
PlatformWorkloadIdentities map[string]*PlatformWorkloadIdentity `json:"platformWorkloadIdentities"`
}
// MarshalJSON is the custom marshaler for PlatformWorkloadIdentityProfile.
func (pwip PlatformWorkloadIdentityProfile) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if pwip.UpgradeableTo != nil {
objectMap["upgradeableTo"] = pwip.UpgradeableTo
}
if pwip.PlatformWorkloadIdentities != nil {
objectMap["platformWorkloadIdentities"] = pwip.PlatformWorkloadIdentities
}
return json.Marshal(objectMap)
}
// PlatformWorkloadIdentityRole platformWorkloadIdentityRole represents a mapping from a particular OCP
// operator to the built-in role that should be assigned to that operator's corresponding managed identity.
type PlatformWorkloadIdentityRole struct {
// OperatorName - OperatorName represents the name of the operator that this role is for.
OperatorName *string `json:"operatorName,omitempty"`
// RoleDefinitionName - RoleDefinitionName represents the name of the role.
RoleDefinitionName *string `json:"roleDefinitionName,omitempty"`
// RoleDefinitionID - RoleDefinitionID represents the resource ID of the role definition.
RoleDefinitionID *string `json:"roleDefinitionId,omitempty"`
}
// PlatformWorkloadIdentityRoleSet platformWorkloadIdentityRoleSet represents a mapping from the names of
// OCP operators to the built-in roles that should be assigned to those operator's corresponding managed
// identities for a particular OCP version.
type PlatformWorkloadIdentityRoleSet struct {
// PlatformWorkloadIdentityRoleSetProperties - The properties for the PlatformWorkloadIdentityRoleSet resource.
*PlatformWorkloadIdentityRoleSetProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
Type *string `json:"type,omitempty"`
// SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for PlatformWorkloadIdentityRoleSet.
func (pwirs PlatformWorkloadIdentityRoleSet) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if pwirs.PlatformWorkloadIdentityRoleSetProperties != nil {
objectMap["properties"] = pwirs.PlatformWorkloadIdentityRoleSetProperties
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for PlatformWorkloadIdentityRoleSet struct.
func (pwirs *PlatformWorkloadIdentityRoleSet) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "properties":
if v != nil {
var platformWorkloadIdentityRoleSetProperties PlatformWorkloadIdentityRoleSetProperties
err = json.Unmarshal(*v, &platformWorkloadIdentityRoleSetProperties)
if err != nil {
return err
}
pwirs.PlatformWorkloadIdentityRoleSetProperties = &platformWorkloadIdentityRoleSetProperties
}
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
pwirs.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
pwirs.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
pwirs.Type = &typeVar
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
pwirs.SystemData = &systemData
}
}
}
return nil
}
// PlatformWorkloadIdentityRoleSetList platformWorkloadIdentityRoleSetList represents a List of role sets.
type PlatformWorkloadIdentityRoleSetList struct {
autorest.Response `json:"-"`
// Value - The list of role sets.
Value *[]PlatformWorkloadIdentityRoleSet `json:"value,omitempty"`
// NextLink - Next Link to next operation.
NextLink *string `json:"nextLink,omitempty"`
}
// PlatformWorkloadIdentityRoleSetListIterator provides access to a complete listing of
// PlatformWorkloadIdentityRoleSet values.
type PlatformWorkloadIdentityRoleSetListIterator struct {
i int
page PlatformWorkloadIdentityRoleSetListPage
}
// NextWithContext advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
func (iter *PlatformWorkloadIdentityRoleSetListIterator) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/PlatformWorkloadIdentityRoleSetListIterator.NextWithContext")
defer func() {
sc := -1
if iter.Response().Response.Response != nil {
sc = iter.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
iter.i++
if iter.i < len(iter.page.Values()) {
return nil
}
err = iter.page.NextWithContext(ctx)
if err != nil {
iter.i--
return err
}
iter.i = 0
return nil
}
// Next advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (iter *PlatformWorkloadIdentityRoleSetListIterator) Next() error {
return iter.NextWithContext(context.Background())
}
// NotDone returns true if the enumeration should be started or is not yet complete.
func (iter PlatformWorkloadIdentityRoleSetListIterator) NotDone() bool {
return iter.page.NotDone() && iter.i < len(iter.page.Values())
}
// Response returns the raw server response from the last page request.
func (iter PlatformWorkloadIdentityRoleSetListIterator) Response() PlatformWorkloadIdentityRoleSetList {
return iter.page.Response()
}
// Value returns the current value or a zero-initialized value if the
// iterator has advanced beyond the end of the collection.
func (iter PlatformWorkloadIdentityRoleSetListIterator) Value() PlatformWorkloadIdentityRoleSet {
if !iter.page.NotDone() {
return PlatformWorkloadIdentityRoleSet{}
}
return iter.page.Values()[iter.i]
}
// Creates a new instance of the PlatformWorkloadIdentityRoleSetListIterator type.
func NewPlatformWorkloadIdentityRoleSetListIterator(page PlatformWorkloadIdentityRoleSetListPage) PlatformWorkloadIdentityRoleSetListIterator {
return PlatformWorkloadIdentityRoleSetListIterator{page: page}
}
// IsEmpty returns true if the ListResult contains no values.
func (pwirsl PlatformWorkloadIdentityRoleSetList) IsEmpty() bool {
return pwirsl.Value == nil || len(*pwirsl.Value) == 0
}
// hasNextLink returns true if the NextLink is not empty.
func (pwirsl PlatformWorkloadIdentityRoleSetList) hasNextLink() bool {
return pwirsl.NextLink != nil && len(*pwirsl.NextLink) != 0
}
// platformWorkloadIdentityRoleSetListPreparer prepares a request to retrieve the next set of results.
// It returns nil if no more results exist.
func (pwirsl PlatformWorkloadIdentityRoleSetList) platformWorkloadIdentityRoleSetListPreparer(ctx context.Context) (*http.Request, error) {
if !pwirsl.hasNextLink() {
return nil, nil
}
return autorest.Prepare((&http.Request{}).WithContext(ctx),
autorest.AsJSON(),
autorest.AsGet(),
autorest.WithBaseURL(to.String(pwirsl.NextLink)))
}
// PlatformWorkloadIdentityRoleSetListPage contains a page of PlatformWorkloadIdentityRoleSet values.
type PlatformWorkloadIdentityRoleSetListPage struct {
fn func(context.Context, PlatformWorkloadIdentityRoleSetList) (PlatformWorkloadIdentityRoleSetList, error)
pwirsl PlatformWorkloadIdentityRoleSetList
}
// NextWithContext advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
func (page *PlatformWorkloadIdentityRoleSetListPage) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/PlatformWorkloadIdentityRoleSetListPage.NextWithContext")
defer func() {
sc := -1
if page.Response().Response.Response != nil {
sc = page.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
for {
next, err := page.fn(ctx, page.pwirsl)
if err != nil {
return err
}
page.pwirsl = next
if !next.hasNextLink() || !next.IsEmpty() {
break
}
}
return nil
}
// Next advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (page *PlatformWorkloadIdentityRoleSetListPage) Next() error {
return page.NextWithContext(context.Background())
}
// NotDone returns true if the page enumeration should be started or is not yet complete.
func (page PlatformWorkloadIdentityRoleSetListPage) NotDone() bool {
return !page.pwirsl.IsEmpty()
}
// Response returns the raw server response from the last page request.
func (page PlatformWorkloadIdentityRoleSetListPage) Response() PlatformWorkloadIdentityRoleSetList {
return page.pwirsl
}
// Values returns the slice of values for the current page or nil if there are no values.
func (page PlatformWorkloadIdentityRoleSetListPage) Values() []PlatformWorkloadIdentityRoleSet {
if page.pwirsl.IsEmpty() {
return nil
}
return *page.pwirsl.Value
}
// Creates a new instance of the PlatformWorkloadIdentityRoleSetListPage type.
func NewPlatformWorkloadIdentityRoleSetListPage(cur PlatformWorkloadIdentityRoleSetList, getNextPage func(context.Context, PlatformWorkloadIdentityRoleSetList) (PlatformWorkloadIdentityRoleSetList, error)) PlatformWorkloadIdentityRoleSetListPage {
return PlatformWorkloadIdentityRoleSetListPage{
fn: getNextPage,
pwirsl: cur,
}
}
// PlatformWorkloadIdentityRoleSetProperties platformWorkloadIdentityRoleSetProperties represents the
// properties of a PlatformWorkloadIdentityRoleSet resource.
type PlatformWorkloadIdentityRoleSetProperties struct {
// OpenShiftVersion - OpenShiftVersion represents the version associated with this set of roles.
OpenShiftVersion *string `json:"openShiftVersion,omitempty"`
// PlatformWorkloadIdentityRoles - PlatformWorkloadIdentityRoles represents the set of roles associated with this version.
PlatformWorkloadIdentityRoles *[]PlatformWorkloadIdentityRole `json:"platformWorkloadIdentityRoles,omitempty"`
}
// ProxyResource the resource model definition for a Azure Resource Manager proxy resource. It will not
// have tags and a location
type ProxyResource struct {
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -1564,7 +1830,7 @@ func (pr ProxyResource) MarshalJSON() ([]byte, error) {
// Resource common fields that are returned in the response for all Azure Resource Manager resources
type Resource struct {
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -1580,12 +1846,66 @@ func (r Resource) MarshalJSON() ([]byte, error) {
return json.Marshal(objectMap)
}
// ResourceModelWithAllowedPropertySet the resource model definition containing the full set of allowed
// properties for a resource. Except properties bag, there cannot be a top level property outside of this
// set.
type ResourceModelWithAllowedPropertySet struct {
// ManagedBy - The fully qualified resource ID of the resource that manages this resource. Indicates if this resource is managed by another Azure resource. If this is present, complete mode deployment will not delete the resource if it is removed from the template since it is managed by another resource.
ManagedBy *string `json:"managedBy,omitempty"`
// Kind - Metadata used by portal/tooling/etc to render different UX experiences for resources of the same type. E.g. ApiApps are a kind of Microsoft.Web/sites type. If supported, the resource provider must validate and persist this value.
Kind *string `json:"kind,omitempty"`
// Etag - READ-ONLY; The etag field is *not* required. If it is provided in the response body, it must also be provided as a header per the normal etag convention. Entity tags are used for comparing two or more entities from the same requested resource. HTTP/1.1 uses entity tags in the etag (section 14.19), If-Match (section 14.24), If-None-Match (section 14.26), and If-Range (section 14.27) header fields.
Etag *string `json:"etag,omitempty"`
Identity *ManagedServiceIdentity `json:"identity,omitempty"`
Sku *Sku `json:"sku,omitempty"`
Plan *Plan `json:"plan,omitempty"`
// Tags - Resource tags.
Tags map[string]*string `json:"tags"`
// Location - The geo-location where the resource lives
Location *string `json:"location,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
Type *string `json:"type,omitempty"`
// SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for ResourceModelWithAllowedPropertySet.
func (rmwaps ResourceModelWithAllowedPropertySet) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if rmwaps.ManagedBy != nil {
objectMap["managedBy"] = rmwaps.ManagedBy
}
if rmwaps.Kind != nil {
objectMap["kind"] = rmwaps.Kind
}
if rmwaps.Identity != nil {
objectMap["identity"] = rmwaps.Identity
}
if rmwaps.Sku != nil {
objectMap["sku"] = rmwaps.Sku
}
if rmwaps.Plan != nil {
objectMap["plan"] = rmwaps.Plan
}
if rmwaps.Tags != nil {
objectMap["tags"] = rmwaps.Tags
}
if rmwaps.Location != nil {
objectMap["location"] = rmwaps.Location
}
return json.Marshal(objectMap)
}
// Secret secret represents a secret.
type Secret struct {
autorest.Response `json:"-"`
// SecretProperties - The Secret Properties
*SecretProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -1833,8 +2153,6 @@ type SecretProperties struct {
type SecretUpdate struct {
// SecretProperties - The Secret Properties
*SecretProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SecretUpdate.
@ -1864,15 +2182,6 @@ func (su *SecretUpdate) UnmarshalJSON(body []byte) error {
}
su.SecretProperties = &secretProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
su.SystemData = &systemData
}
}
}
@ -1887,12 +2196,26 @@ type ServicePrincipalProfile struct {
ClientSecret *string `json:"clientSecret,omitempty"`
}
// Sku the resource model definition representing SKU
type Sku struct {
// Name - The name of the SKU. E.g. P3. It is typically a letter+number code
Name *string `json:"name,omitempty"`
// Tier - Possible values include: 'Free', 'Basic', 'Standard', 'Premium'
Tier SkuTier `json:"tier,omitempty"`
// Size - The SKU size. When the name field is the combination of tier and some other value, this would be the standalone code.
Size *string `json:"size,omitempty"`
// Family - If the service has different generations of hardware, for the same SKU, then that can be captured here.
Family *string `json:"family,omitempty"`
// Capacity - If the SKU supports scale out/in then the capacity integer should be included. If scale out/in is not possible for the resource this may be omitted.
Capacity *int32 `json:"capacity,omitempty"`
}
// SyncIdentityProvider syncIdentityProvider represents a SyncIdentityProvider
type SyncIdentityProvider struct {
autorest.Response `json:"-"`
// SyncIdentityProviderProperties - The SyncIdentityProvider Properties
*SyncIdentityProviderProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -2139,8 +2462,6 @@ type SyncIdentityProviderProperties struct {
type SyncIdentityProviderUpdate struct {
// SyncIdentityProviderProperties - The SyncIdentityProvider Properties
*SyncIdentityProviderProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncIdentityProviderUpdate.
@ -2170,15 +2491,6 @@ func (sipu *SyncIdentityProviderUpdate) UnmarshalJSON(body []byte) error {
}
sipu.SyncIdentityProviderProperties = &syncIdentityProviderProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
sipu.SystemData = &systemData
}
}
}
@ -2190,7 +2502,7 @@ type SyncSet struct {
autorest.Response `json:"-"`
// SyncSetProperties - The Syncsets properties
*SyncSetProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -2438,8 +2750,6 @@ type SyncSetProperties struct {
type SyncSetUpdate struct {
// SyncSetProperties - The Syncsets properties
*SyncSetProperties `json:"properties,omitempty"`
// SystemData - READ-ONLY; The system meta data relating to this resource.
SystemData *SystemData `json:"systemData,omitempty"`
}
// MarshalJSON is the custom marshaler for SyncSetUpdate.
@ -2469,15 +2779,6 @@ func (ssu *SyncSetUpdate) UnmarshalJSON(body []byte) error {
}
ssu.SyncSetProperties = &syncSetProperties
}
case "systemData":
if v != nil {
var systemData SystemData
err = json.Unmarshal(*v, &systemData)
if err != nil {
return err
}
ssu.SystemData = &systemData
}
}
}
@ -2507,7 +2808,7 @@ type TrackedResource struct {
Tags map[string]*string `json:"tags"`
// Location - The geo-location where the resource lives
Location *string `json:"location,omitempty"`
// ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
// ID - READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; The name of the resource
Name *string `json:"name,omitempty"`
@ -2529,6 +2830,20 @@ func (tr TrackedResource) MarshalJSON() ([]byte, error) {
return json.Marshal(objectMap)
}
// UserAssignedIdentity user assigned identity properties
type UserAssignedIdentity struct {
// PrincipalID - READ-ONLY; The principal ID of the assigned identity.
PrincipalID *uuid.UUID `json:"principalId,omitempty"`
// ClientID - READ-ONLY; The client ID of the assigned identity.
ClientID *uuid.UUID `json:"clientId,omitempty"`
}
// MarshalJSON is the custom marshaler for UserAssignedIdentity.
func (uai UserAssignedIdentity) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
return json.Marshal(objectMap)
}
// WorkerProfile workerProfile represents a worker profile.
type WorkerProfile struct {
// Name - The worker profile name.

Просмотреть файл

@ -25,6 +25,7 @@ import (
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/validation"
"github.com/Azure/go-autorest/tracing"
"github.com/gofrs/uuid"
)
// OpenShiftClustersClient is the rest API for Azure Red Hat OpenShift 4
@ -33,14 +34,14 @@ type OpenShiftClustersClient struct {
}
// NewOpenShiftClustersClient creates an instance of the OpenShiftClustersClient client.
func NewOpenShiftClustersClient(subscriptionID string) OpenShiftClustersClient {
func NewOpenShiftClustersClient(subscriptionID uuid.UUID) OpenShiftClustersClient {
return NewOpenShiftClustersClientWithBaseURI(DefaultBaseURI, subscriptionID)
}
// NewOpenShiftClustersClientWithBaseURI creates an instance of the OpenShiftClustersClient client using a custom
// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure
// stack).
func NewOpenShiftClustersClientWithBaseURI(baseURI string, subscriptionID string) OpenShiftClustersClient {
func NewOpenShiftClustersClientWithBaseURI(baseURI string, subscriptionID uuid.UUID) OpenShiftClustersClient {
return OpenShiftClustersClient{NewWithBaseURI(baseURI, subscriptionID)}
}
@ -61,8 +62,6 @@ func (client OpenShiftClustersClient) CreateOrUpdate(ctx context.Context, resour
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
@ -151,8 +150,6 @@ func (client OpenShiftClustersClient) Delete(ctx context.Context, resourceGroupN
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
@ -238,8 +235,6 @@ func (client OpenShiftClustersClient) Get(ctx context.Context, resourceGroupName
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
@ -319,12 +314,6 @@ func (client OpenShiftClustersClient) List(ctx context.Context) (result OpenShif
tracing.EndSpan(ctx, sc, err)
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
return result, validation.NewError("redhatopenshift.OpenShiftClustersClient", "List", err.Error())
}
result.fn = client.listNextResults
req, err := client.ListPreparer(ctx)
if err != nil {
@ -442,8 +431,6 @@ func (client OpenShiftClustersClient) ListAdminCredentials(ctx context.Context,
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
@ -526,8 +513,6 @@ func (client OpenShiftClustersClient) ListByResourceGroup(ctx context.Context, r
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
@ -652,8 +637,6 @@ func (client OpenShiftClustersClient) ListCredentials(ctx context.Context, resou
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
@ -738,8 +721,6 @@ func (client OpenShiftClustersClient) Update(ctx context.Context, resourceGroupN
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
@ -774,7 +755,6 @@ func (client OpenShiftClustersClient) UpdatePreparer(ctx context.Context, resour
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -25,6 +25,7 @@ import (
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/validation"
"github.com/Azure/go-autorest/tracing"
"github.com/gofrs/uuid"
)
// OpenShiftVersionsClient is the rest API for Azure Red Hat OpenShift 4
@ -33,20 +34,20 @@ type OpenShiftVersionsClient struct {
}
// NewOpenShiftVersionsClient creates an instance of the OpenShiftVersionsClient client.
func NewOpenShiftVersionsClient(subscriptionID string) OpenShiftVersionsClient {
func NewOpenShiftVersionsClient(subscriptionID uuid.UUID) OpenShiftVersionsClient {
return NewOpenShiftVersionsClientWithBaseURI(DefaultBaseURI, subscriptionID)
}
// NewOpenShiftVersionsClientWithBaseURI creates an instance of the OpenShiftVersionsClient client using a custom
// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure
// stack).
func NewOpenShiftVersionsClientWithBaseURI(baseURI string, subscriptionID string) OpenShiftVersionsClient {
func NewOpenShiftVersionsClientWithBaseURI(baseURI string, subscriptionID uuid.UUID) OpenShiftVersionsClient {
return OpenShiftVersionsClient{NewWithBaseURI(baseURI, subscriptionID)}
}
// List the operation returns the installable OpenShift versions as strings.
// Parameters:
// location - the name of Azure region.
// location - the name of the Azure region.
func (client OpenShiftVersionsClient) List(ctx context.Context, location string) (result OpenShiftVersionListPage, err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/OpenShiftVersionsClient.List")
@ -59,8 +60,6 @@ func (client OpenShiftVersionsClient) List(ctx context.Context, location string)
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: location,
Constraints: []validation.Constraint{{Target: "location", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
return result, validation.NewError("redhatopenshift.OpenShiftVersionsClient", "List", err.Error())

Просмотреть файл

@ -24,6 +24,7 @@ import (
"github.com/Azure/go-autorest/autorest"
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/tracing"
"github.com/gofrs/uuid"
)
// OperationsClient is the rest API for Azure Red Hat OpenShift 4
@ -32,13 +33,13 @@ type OperationsClient struct {
}
// NewOperationsClient creates an instance of the OperationsClient client.
func NewOperationsClient(subscriptionID string) OperationsClient {
func NewOperationsClient(subscriptionID uuid.UUID) OperationsClient {
return NewOperationsClientWithBaseURI(DefaultBaseURI, subscriptionID)
}
// NewOperationsClientWithBaseURI creates an instance of the OperationsClient client using a custom endpoint. Use this
// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func NewOperationsClientWithBaseURI(baseURI string, subscriptionID string) OperationsClient {
func NewOperationsClientWithBaseURI(baseURI string, subscriptionID uuid.UUID) OperationsClient {
return OperationsClient{NewWithBaseURI(baseURI, subscriptionID)}
}

Просмотреть файл

@ -0,0 +1,168 @@
package redhatopenshift
// Copyright (c) Microsoft and contributors. All rights reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//
// See the License for the specific language governing permissions and
// limitations under the License.
//
// Code generated by Microsoft (R) AutoRest Code Generator.
// Changes may cause incorrect behavior and will be lost if the code is regenerated.
import (
"context"
"net/http"
"github.com/Azure/go-autorest/autorest"
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/validation"
"github.com/Azure/go-autorest/tracing"
"github.com/gofrs/uuid"
)
// PlatformWorkloadIdentityRoleSetClient is the rest API for Azure Red Hat OpenShift 4
type PlatformWorkloadIdentityRoleSetClient struct {
BaseClient
}
// NewPlatformWorkloadIdentityRoleSetClient creates an instance of the PlatformWorkloadIdentityRoleSetClient client.
func NewPlatformWorkloadIdentityRoleSetClient(subscriptionID uuid.UUID) PlatformWorkloadIdentityRoleSetClient {
return NewPlatformWorkloadIdentityRoleSetClientWithBaseURI(DefaultBaseURI, subscriptionID)
}
// NewPlatformWorkloadIdentityRoleSetClientWithBaseURI creates an instance of the PlatformWorkloadIdentityRoleSetClient
// client using a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI
// (sovereign clouds, Azure stack).
func NewPlatformWorkloadIdentityRoleSetClientWithBaseURI(baseURI string, subscriptionID uuid.UUID) PlatformWorkloadIdentityRoleSetClient {
return PlatformWorkloadIdentityRoleSetClient{NewWithBaseURI(baseURI, subscriptionID)}
}
// List this operation returns PlatformWorkloadIdentityRoleSet as a string
// Parameters:
// location - the name of the Azure region.
func (client PlatformWorkloadIdentityRoleSetClient) List(ctx context.Context, location string) (result PlatformWorkloadIdentityRoleSetListPage, err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/PlatformWorkloadIdentityRoleSetClient.List")
defer func() {
sc := -1
if result.pwirsl.Response.Response != nil {
sc = result.pwirsl.Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: location,
Constraints: []validation.Constraint{{Target: "location", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil {
return result, validation.NewError("redhatopenshift.PlatformWorkloadIdentityRoleSetClient", "List", err.Error())
}
result.fn = client.listNextResults
req, err := client.ListPreparer(ctx, location)
if err != nil {
err = autorest.NewErrorWithError(err, "redhatopenshift.PlatformWorkloadIdentityRoleSetClient", "List", nil, "Failure preparing request")
return
}
resp, err := client.ListSender(req)
if err != nil {
result.pwirsl.Response = autorest.Response{Response: resp}
err = autorest.NewErrorWithError(err, "redhatopenshift.PlatformWorkloadIdentityRoleSetClient", "List", resp, "Failure sending request")
return
}
result.pwirsl, err = client.ListResponder(resp)
if err != nil {
err = autorest.NewErrorWithError(err, "redhatopenshift.PlatformWorkloadIdentityRoleSetClient", "List", resp, "Failure responding to request")
return
}
if result.pwirsl.hasNextLink() && result.pwirsl.IsEmpty() {
err = result.NextWithContext(ctx)
return
}
return
}
// ListPreparer prepares the List request.
func (client PlatformWorkloadIdentityRoleSetClient) ListPreparer(ctx context.Context, location string) (*http.Request, error) {
pathParameters := map[string]interface{}{
"location": autorest.Encode("path", location),
"subscriptionId": autorest.Encode("path", client.SubscriptionID),
}
const APIVersion = "2024-08-12-preview"
queryParameters := map[string]interface{}{
"api-version": APIVersion,
}
preparer := autorest.CreatePreparer(
autorest.AsGet(),
autorest.WithBaseURL(client.BaseURI),
autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.RedHatOpenShift/locations/{location}/platformworkloadidentityroleset", pathParameters),
autorest.WithQueryParameters(queryParameters))
return preparer.Prepare((&http.Request{}).WithContext(ctx))
}
// ListSender sends the List request. The method will close the
// http.Response Body if it receives an error.
func (client PlatformWorkloadIdentityRoleSetClient) ListSender(req *http.Request) (*http.Response, error) {
return client.Send(req, azure.DoRetryWithRegistration(client.Client))
}
// ListResponder handles the response to the List request. The method always
// closes the http.Response Body.
func (client PlatformWorkloadIdentityRoleSetClient) ListResponder(resp *http.Response) (result PlatformWorkloadIdentityRoleSetList, err error) {
err = autorest.Respond(
resp,
azure.WithErrorUnlessStatusCode(http.StatusOK),
autorest.ByUnmarshallingJSON(&result),
autorest.ByClosing())
result.Response = autorest.Response{Response: resp}
return
}
// listNextResults retrieves the next set of results, if any.
func (client PlatformWorkloadIdentityRoleSetClient) listNextResults(ctx context.Context, lastResults PlatformWorkloadIdentityRoleSetList) (result PlatformWorkloadIdentityRoleSetList, err error) {
req, err := lastResults.platformWorkloadIdentityRoleSetListPreparer(ctx)
if err != nil {
return result, autorest.NewErrorWithError(err, "redhatopenshift.PlatformWorkloadIdentityRoleSetClient", "listNextResults", nil, "Failure preparing next results request")
}
if req == nil {
return
}
resp, err := client.ListSender(req)
if err != nil {
result.Response = autorest.Response{Response: resp}
return result, autorest.NewErrorWithError(err, "redhatopenshift.PlatformWorkloadIdentityRoleSetClient", "listNextResults", resp, "Failure sending next results request")
}
result, err = client.ListResponder(resp)
if err != nil {
err = autorest.NewErrorWithError(err, "redhatopenshift.PlatformWorkloadIdentityRoleSetClient", "listNextResults", resp, "Failure responding to next results request")
}
return
}
// ListComplete enumerates all values, automatically crossing page boundaries as required.
func (client PlatformWorkloadIdentityRoleSetClient) ListComplete(ctx context.Context, location string) (result PlatformWorkloadIdentityRoleSetListIterator, err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/PlatformWorkloadIdentityRoleSetClient.List")
defer func() {
sc := -1
if result.Response().Response.Response != nil {
sc = result.page.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
result.page, err = client.List(ctx, location)
return
}

Просмотреть файл

@ -41,6 +41,14 @@ type OpenShiftVersionsClientAPI interface {
var _ OpenShiftVersionsClientAPI = (*redhatopenshift.OpenShiftVersionsClient)(nil)
// PlatformWorkloadIdentityRoleSetClientAPI contains the set of methods on the PlatformWorkloadIdentityRoleSetClient type.
type PlatformWorkloadIdentityRoleSetClientAPI interface {
List(ctx context.Context, location string) (result redhatopenshift.PlatformWorkloadIdentityRoleSetListPage, err error)
ListComplete(ctx context.Context, location string) (result redhatopenshift.PlatformWorkloadIdentityRoleSetListIterator, err error)
}
var _ PlatformWorkloadIdentityRoleSetClientAPI = (*redhatopenshift.PlatformWorkloadIdentityRoleSetClient)(nil)
// OpenShiftClustersClientAPI contains the set of methods on the OpenShiftClustersClient type.
type OpenShiftClustersClientAPI interface {
CreateOrUpdate(ctx context.Context, resourceGroupName string, resourceName string, parameters redhatopenshift.OpenShiftCluster) (result redhatopenshift.OpenShiftClustersCreateOrUpdateFuture, err error)

Просмотреть файл

@ -25,6 +25,7 @@ import (
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/validation"
"github.com/Azure/go-autorest/tracing"
"github.com/gofrs/uuid"
)
// SecretsClient is the rest API for Azure Red Hat OpenShift 4
@ -33,13 +34,13 @@ type SecretsClient struct {
}
// NewSecretsClient creates an instance of the SecretsClient client.
func NewSecretsClient(subscriptionID string) SecretsClient {
func NewSecretsClient(subscriptionID uuid.UUID) SecretsClient {
return NewSecretsClientWithBaseURI(DefaultBaseURI, subscriptionID)
}
// NewSecretsClientWithBaseURI creates an instance of the SecretsClient client using a custom endpoint. Use this when
// interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func NewSecretsClientWithBaseURI(baseURI string, subscriptionID string) SecretsClient {
func NewSecretsClientWithBaseURI(baseURI string, subscriptionID uuid.UUID) SecretsClient {
return SecretsClient{NewWithBaseURI(baseURI, subscriptionID)}
}
@ -61,8 +62,6 @@ func (client SecretsClient) CreateOrUpdate(ctx context.Context, resourceGroupNam
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -158,8 +157,6 @@ func (client SecretsClient) Delete(ctx context.Context, resourceGroupName string
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -252,8 +249,6 @@ func (client SecretsClient) Get(ctx context.Context, resourceGroupName string, r
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -346,8 +341,6 @@ func (client SecretsClient) List(ctx context.Context, resourceGroupName string,
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -479,8 +472,6 @@ func (client SecretsClient) Update(ctx context.Context, resourceGroupName string
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -531,7 +522,6 @@ func (client SecretsClient) UpdatePreparer(ctx context.Context, resourceGroupNam
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -25,6 +25,7 @@ import (
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/validation"
"github.com/Azure/go-autorest/tracing"
"github.com/gofrs/uuid"
)
// SyncIdentityProvidersClient is the rest API for Azure Red Hat OpenShift 4
@ -33,14 +34,14 @@ type SyncIdentityProvidersClient struct {
}
// NewSyncIdentityProvidersClient creates an instance of the SyncIdentityProvidersClient client.
func NewSyncIdentityProvidersClient(subscriptionID string) SyncIdentityProvidersClient {
func NewSyncIdentityProvidersClient(subscriptionID uuid.UUID) SyncIdentityProvidersClient {
return NewSyncIdentityProvidersClientWithBaseURI(DefaultBaseURI, subscriptionID)
}
// NewSyncIdentityProvidersClientWithBaseURI creates an instance of the SyncIdentityProvidersClient client using a
// custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds,
// Azure stack).
func NewSyncIdentityProvidersClientWithBaseURI(baseURI string, subscriptionID string) SyncIdentityProvidersClient {
func NewSyncIdentityProvidersClientWithBaseURI(baseURI string, subscriptionID uuid.UUID) SyncIdentityProvidersClient {
return SyncIdentityProvidersClient{NewWithBaseURI(baseURI, subscriptionID)}
}
@ -62,8 +63,6 @@ func (client SyncIdentityProvidersClient) CreateOrUpdate(ctx context.Context, re
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -159,8 +158,6 @@ func (client SyncIdentityProvidersClient) Delete(ctx context.Context, resourceGr
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -253,8 +250,6 @@ func (client SyncIdentityProvidersClient) Get(ctx context.Context, resourceGroup
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -347,8 +342,6 @@ func (client SyncIdentityProvidersClient) List(ctx context.Context, resourceGrou
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -480,8 +473,6 @@ func (client SyncIdentityProvidersClient) Update(ctx context.Context, resourceGr
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -532,7 +523,6 @@ func (client SyncIdentityProvidersClient) UpdatePreparer(ctx context.Context, re
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -25,6 +25,7 @@ import (
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/validation"
"github.com/Azure/go-autorest/tracing"
"github.com/gofrs/uuid"
)
// SyncSetsClient is the rest API for Azure Red Hat OpenShift 4
@ -33,13 +34,13 @@ type SyncSetsClient struct {
}
// NewSyncSetsClient creates an instance of the SyncSetsClient client.
func NewSyncSetsClient(subscriptionID string) SyncSetsClient {
func NewSyncSetsClient(subscriptionID uuid.UUID) SyncSetsClient {
return NewSyncSetsClientWithBaseURI(DefaultBaseURI, subscriptionID)
}
// NewSyncSetsClientWithBaseURI creates an instance of the SyncSetsClient client using a custom endpoint. Use this
// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
func NewSyncSetsClientWithBaseURI(baseURI string, subscriptionID string) SyncSetsClient {
func NewSyncSetsClientWithBaseURI(baseURI string, subscriptionID uuid.UUID) SyncSetsClient {
return SyncSetsClient{NewWithBaseURI(baseURI, subscriptionID)}
}
@ -61,8 +62,6 @@ func (client SyncSetsClient) CreateOrUpdate(ctx context.Context, resourceGroupNa
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -158,8 +157,6 @@ func (client SyncSetsClient) Delete(ctx context.Context, resourceGroupName strin
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -252,8 +249,6 @@ func (client SyncSetsClient) Get(ctx context.Context, resourceGroupName string,
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -346,8 +341,6 @@ func (client SyncSetsClient) List(ctx context.Context, resourceGroupName string,
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -479,8 +472,6 @@ func (client SyncSetsClient) Update(ctx context.Context, resourceGroupName strin
}()
}
if err := validation.Validate([]validation.Validation{
{TargetValue: client.SubscriptionID,
Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}},
{TargetValue: resourceGroupName,
Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}},
@ -531,7 +522,6 @@ func (client SyncSetsClient) UpdatePreparer(ctx context.Context, resourceGroupNa
"api-version": APIVersion,
}
parameters.SystemData = nil
preparer := autorest.CreatePreparer(
autorest.AsContentType("application/json; charset=utf-8"),
autorest.AsPatch(),

Просмотреть файл

@ -85,9 +85,9 @@ Response contained no body
name: "error - invalid resource ID (theoretically not possible, but still)",
doc: &api.OpenShiftClusterDocument{
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
UserAssignedIdentities: api.UserAssignedIdentities{
"Hi hello I'm not a valid resource ID": api.ClusterUserAssignedIdentity{},
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
"Hi hello I'm not a valid resource ID": {},
},
},
},
@ -99,11 +99,11 @@ Response contained no body
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {
ClientID: mockGuid,
PrincipalID: mockGuid,
},
@ -121,11 +121,11 @@ Response contained no body
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {
ClientID: mockGuid,
PrincipalID: mockGuid,
},
@ -150,11 +150,11 @@ Response contained no body
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {
ClientID: mockGuid,
PrincipalID: mockGuid,
},
@ -182,11 +182,11 @@ Response contained no body
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {
ClientID: mockGuid,
PrincipalID: mockGuid,
},
@ -263,9 +263,9 @@ func TestClusterMsiSecretName(t *testing.T) {
name: "error - invalid resource ID (theoretically not possible, but still)",
doc: &api.OpenShiftClusterDocument{
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
UserAssignedIdentities: api.UserAssignedIdentities{
"Hi hello I'm not a valid resource ID": api.ClusterUserAssignedIdentity{},
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
"Hi hello I'm not a valid resource ID": {},
},
},
},
@ -277,9 +277,9 @@ func TestClusterMsiSecretName(t *testing.T) {
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{},
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {},
},
},
},
@ -392,9 +392,9 @@ Response contained no body
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{},
},
Identity: &api.Identity{
UserAssignedIdentities: api.UserAssignedIdentities{
"Hi hello I'm not a valid resource ID": api.ClusterUserAssignedIdentity{},
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
"Hi hello I'm not a valid resource ID": {},
},
},
},
@ -410,11 +410,11 @@ Response contained no body
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{},
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {},
},
},
},
@ -437,11 +437,11 @@ Response contained no body
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{},
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {},
},
},
},
@ -454,11 +454,11 @@ Response contained no body
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {
ClientID: miClientId,
PrincipalID: miObjectId,
},
@ -476,11 +476,11 @@ Response contained no body
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceIdIncorrectCasing: api.ClusterUserAssignedIdentity{},
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceIdIncorrectCasing: {},
},
},
},
@ -493,11 +493,11 @@ Response contained no body
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceIdIncorrectCasing: api.ClusterUserAssignedIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceIdIncorrectCasing: {
ClientID: miClientId,
PrincipalID: miObjectId,
},

Просмотреть файл

@ -394,8 +394,8 @@ func (m *manager) deleteFederatedCredentials(ctx context.Context) error {
platformWIRolesByRoleName := m.platformWorkloadIdentityRolesByVersion.GetPlatformWorkloadIdentityRolesByRoleName()
platformWorkloadIdentities := m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities
for _, identity := range platformWorkloadIdentities {
_, exists := platformWIRolesByRoleName[identity.OperatorName]
for name, identity := range platformWorkloadIdentities {
_, exists := platformWIRolesByRoleName[name]
if !exists {
continue
}
@ -405,7 +405,7 @@ func (m *manager) deleteFederatedCredentials(ctx context.Context) error {
return err
}
platformWIRole, exists := platformWIRolesByRoleName[identity.OperatorName]
platformWIRole, exists := platformWIRolesByRoleName[name]
if !exists {
continue
}

Просмотреть файл

@ -395,7 +395,7 @@ func TestDeleteClusterMsiCertificate(t *testing.T) {
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{},
Identity: &api.ManagedServiceIdentity{},
},
},
},
@ -404,8 +404,8 @@ func TestDeleteClusterMsiCertificate(t *testing.T) {
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
UserAssignedIdentities: api.UserAssignedIdentities{},
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{},
},
},
},
@ -415,9 +415,9 @@ func TestDeleteClusterMsiCertificate(t *testing.T) {
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
UserAssignedIdentities: api.UserAssignedIdentities{
"not a valid MI resource ID": api.ClusterUserAssignedIdentity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
"not a valid MI resource ID": {
ClientID: mockGuid,
PrincipalID: mockGuid,
},
@ -432,9 +432,9 @@ func TestDeleteClusterMsiCertificate(t *testing.T) {
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {
ClientID: mockGuid,
PrincipalID: mockGuid,
},
@ -452,9 +452,9 @@ func TestDeleteClusterMsiCertificate(t *testing.T) {
doc: &api.OpenShiftClusterDocument{
ID: mockGuid,
OpenShiftCluster: &api.OpenShiftCluster{
Identity: &api.Identity{
UserAssignedIdentities: api.UserAssignedIdentities{
miResourceId: api.ClusterUserAssignedIdentity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
miResourceId: {
ClientID: mockGuid,
PrincipalID: mockGuid,
},
@ -537,7 +537,7 @@ func TestDeleteFederatedCredentials(t *testing.T) {
},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")),
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{},
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{},
},
},
},
@ -556,13 +556,11 @@ func TestDeleteFederatedCredentials(t *testing.T) {
},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")),
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "CloudControllerManager",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"CloudControllerManager": {
ResourceID: fmt.Sprintf("%s/%s", resourceID, "ccm"),
},
{
OperatorName: "ClusterIngressOperator",
"ClusterIngressOperator": {
ResourceID: fmt.Sprintf("%s/%s", resourceID, "cio"),
},
},
@ -584,11 +582,11 @@ func TestDeleteFederatedCredentials(t *testing.T) {
},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")),
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"foo": {
ResourceID: fmt.Sprintf("%s/%s", resourceID, "ccm"),
},
{
"bar": {
ResourceID: fmt.Sprintf("%s/%s", resourceID, "cio"),
},
},
@ -610,9 +608,8 @@ func TestDeleteFederatedCredentials(t *testing.T) {
},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")),
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "CloudControllerManager",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"CloudControllerManager": {
ResourceID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/aro-cluster",
},
},

Просмотреть файл

@ -19,9 +19,9 @@ func (m *manager) createOrUpdateDenyAssignment(ctx context.Context) error {
// needed for AdminUpdate so it would not block other steps
if m.doc.OpenShiftCluster.UsesWorkloadIdentity() {
for _, i := range m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
if i.ObjectID == "" {
m.log.Print(fmt.Sprintf("skipping createOrUpdateDenyAssignment: ObjectID for identity %s is empty", i.OperatorName))
for operatorName, identity := range m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
if identity.ObjectID == "" {
m.log.Print(fmt.Sprintf("skipping createOrUpdateDenyAssignment: ObjectID for identity %s is empty", operatorName))
return nil
}
}

Просмотреть файл

@ -98,9 +98,8 @@ func TestCreateOrUpdateDenyAssignment(t *testing.T) {
ResourceGroupID: fmt.Sprintf("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/%s", clusterRGName),
},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "anything",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"anything": {
ObjectID: "00000000-0000-0000-0000-000000000000",
ClientID: "11111111-1111-1111-1111-111111111111",
ResourceID: "/subscriptions/22222222-2222-2222-2222-222222222222/resourceGroups/something/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity-name",
@ -136,9 +135,8 @@ func TestCreateOrUpdateDenyAssignment(t *testing.T) {
ResourceGroupID: fmt.Sprintf("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/%s", clusterRGName),
},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "anything",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"anything": {
ClientID: "11111111-1111-1111-1111-111111111111",
ResourceID: "/subscriptions/22222222-2222-2222-2222-222222222222/resourceGroups/something/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity-name",
},

Просмотреть файл

@ -477,13 +477,13 @@ func (m *manager) federateIdentityCredentials(ctx context.Context) error {
platformWIRolesByRoleName := m.platformWorkloadIdentityRolesByVersion.GetPlatformWorkloadIdentityRolesByRoleName()
platformWorkloadIdentities := m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities
for _, identity := range platformWorkloadIdentities {
for name, identity := range platformWorkloadIdentities {
identityResourceId, err := azure.ParseResourceID(identity.ResourceID)
if err != nil {
return err
}
platformWIRole, exists := platformWIRolesByRoleName[identity.OperatorName]
platformWIRole, exists := platformWIRolesByRoleName[name]
if !exists {
continue
}

Просмотреть файл

@ -101,8 +101,8 @@ func (m *manager) platformWorkloadIdentityRBAC() ([]*arm.Resource, error) {
platformWIRolesByRoleName := m.platformWorkloadIdentityRolesByVersion.GetPlatformWorkloadIdentityRolesByRoleName()
platformWorkloadIdentities := m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities
for _, identity := range platformWorkloadIdentities {
role, exists := platformWIRolesByRoleName[identity.OperatorName]
for name, identity := range platformWorkloadIdentities {
role, exists := platformWIRolesByRoleName[name]
if !exists {
continue
}

Просмотреть файл

@ -61,9 +61,8 @@ func TestDenyAssignment(t *testing.T) {
ResourceGroupID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-cluster",
},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "anything",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"anything": {
ObjectID: "00000000-0000-0000-0000-000000000000",
ClientID: "11111111-1111-1111-1111-111111111111",
ResourceID: "/subscriptions/22222222-2222-2222-2222-222222222222/resourceGroups/something/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity-name",

Просмотреть файл

@ -1733,13 +1733,11 @@ func TestGenerateFederatedIdentityCredentials(t *testing.T) {
},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")),
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "CloudControllerManager",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"CloudControllerManager": {
ResourceID: fmt.Sprintf("%s/%s", resourceID, "ccm"),
},
{
OperatorName: "ClusterIngressOperator",
"ClusterIngressOperator": {
ResourceID: fmt.Sprintf("%s/%s", resourceID, "cio"),
},
},
@ -1797,13 +1795,11 @@ func TestGenerateFederatedIdentityCredentials(t *testing.T) {
Properties: api.OpenShiftClusterProperties{
ClusterProfile: api.ClusterProfile{},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "CloudControllerManager",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"CloudControllerManager": {
ResourceID: fmt.Sprintf("%s/%s", resourceID, "ccm"),
},
{
OperatorName: "ClusterIngressOperator",
"ClusterIngressOperator": {
ResourceID: fmt.Sprintf("%s/%s", resourceID, "cio"),
},
},
@ -1826,9 +1822,8 @@ func TestGenerateFederatedIdentityCredentials(t *testing.T) {
},
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")),
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "DummyOperator",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"DummyOperator": {
ResourceID: fmt.Sprintf("%s/%s", resourceID, "ccm"),
},
},

Просмотреть файл

@ -20,21 +20,20 @@ func (m *manager) platformWorkloadIdentityIDs(ctx context.Context) error {
}
identities := m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities
updatedIdentities := make([]api.PlatformWorkloadIdentity, len(identities))
updatedIdentities := make(map[string]api.PlatformWorkloadIdentity, len(identities))
for i, identity := range identities {
for operatorName, identity := range identities {
resourceId, err := arm.ParseResourceID(identity.ResourceID)
if err != nil {
return fmt.Errorf("platform workload identity '%s' invalid: %w", identity.OperatorName, err)
return fmt.Errorf("platform workload identity '%s' invalid: %w", operatorName, err)
}
identityDetails, err := m.userAssignedIdentities.Get(ctx, resourceId.ResourceGroupName, resourceId.Name, &armmsi.UserAssignedIdentitiesClientGetOptions{})
if err != nil {
return fmt.Errorf("error occured when retrieving platform workload identity '%s' details: %w", identity.OperatorName, err)
return fmt.Errorf("error occured when retrieving platform workload identity '%s' details: %w", operatorName, err)
}
updatedIdentities[i] = api.PlatformWorkloadIdentity{
OperatorName: identity.OperatorName,
updatedIdentities[operatorName] = api.PlatformWorkloadIdentity{
ResourceID: identity.ResourceID,
ClientID: *identityDetails.Properties.ClientID,
ObjectID: *identityDetails.Properties.PrincipalID,

Просмотреть файл

@ -43,13 +43,11 @@ func TestPlatformWorkloadIdentityIDs(t *testing.T) {
OpenShiftCluster: &api.OpenShiftCluster{
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: identityFooName,
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
identityFooName: {
ResourceID: identityFooResourceId,
},
{
OperatorName: identityBarName,
identityBarName: {
ResourceID: identityBarResourceId,
},
},
@ -64,7 +62,7 @@ func TestPlatformWorkloadIdentityIDs(t *testing.T) {
doc *api.OpenShiftClusterDocument
userAssignedIdentitiesClientMocks func(*mock_armmsi.MockUserAssignedIdentitiesClient)
wantErr string
wantIdentities *[]api.PlatformWorkloadIdentity
wantIdentities *map[string]api.PlatformWorkloadIdentity
}{
{
name: "error - CSP cluster",
@ -90,10 +88,8 @@ func TestPlatformWorkloadIdentityIDs(t *testing.T) {
OpenShiftCluster: &api.OpenShiftCluster{
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "invalid",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"invalid": {
ResourceID: "I am not a resource ID.",
},
},
@ -111,9 +107,8 @@ func TestPlatformWorkloadIdentityIDs(t *testing.T) {
OpenShiftCluster: &api.OpenShiftCluster{
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: identityFooName,
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
identityFooName: {
ResourceID: identityFooResourceId,
},
},
@ -151,15 +146,13 @@ func TestPlatformWorkloadIdentityIDs(t *testing.T) {
},
}, nil)
},
wantIdentities: &[]api.PlatformWorkloadIdentity{
{
OperatorName: identityFooName,
wantIdentities: &map[string]api.PlatformWorkloadIdentity{
identityFooName: {
ResourceID: identityFooResourceId,
ClientID: identityFooClientId,
ObjectID: identityFooObjectId,
},
{
OperatorName: identityBarName,
identityBarName: {
ResourceID: identityBarResourceId,
ClientID: identityBarClientId,
ObjectID: identityBarObjectId,
@ -194,7 +187,7 @@ func TestPlatformWorkloadIdentityIDs(t *testing.T) {
utilerror.AssertErrorMessage(t, err, tt.wantErr)
if tt.wantIdentities != nil {
assert.ElementsMatch(t, *tt.wantIdentities, m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities)
assert.Equal(t, *tt.wantIdentities, m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities)
}
})
}

Просмотреть файл

@ -71,8 +71,8 @@ func (m *manager) generatePlatformWorkloadIdentitySecrets() ([]*corev1.Secret, e
roles := m.platformWorkloadIdentityRolesByVersion.GetPlatformWorkloadIdentityRolesByRoleName()
secrets := []*corev1.Secret{}
for _, identity := range m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
if role, ok := roles[identity.OperatorName]; ok {
for name, identity := range m.doc.OpenShiftCluster.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
if role, ok := roles[name]; ok {
// Skip creating a secret for the ARO Operator. This will be
// generated by the ARO Operator deployer instead
// (see pkg/operator/deploy/deploy.go#generateOperatorIdentitySecret())

Просмотреть файл

@ -29,7 +29,7 @@ func TestGenerateWorkloadIdentityResources(t *testing.T) {
for _, tt := range []struct {
name string
usesWorkloadIdentity bool
identities []api.PlatformWorkloadIdentity
identities map[string]api.PlatformWorkloadIdentity
roles []api.PlatformWorkloadIdentityRole
want map[string]kruntime.Object
wantErr string
@ -41,13 +41,11 @@ func TestGenerateWorkloadIdentityResources(t *testing.T) {
{
name: "generates all expected resources",
usesWorkloadIdentity: true,
identities: []api.PlatformWorkloadIdentity{
{
OperatorName: "foo",
identities: map[string]api.PlatformWorkloadIdentity{
"foo": {
ClientID: "00f00f00-0f00-0f00-0f00-f00f00f00f00",
},
{
OperatorName: "bar",
"bar": {
ClientID: "00ba4ba4-0ba4-0ba4-0ba4-ba4ba4ba4ba4",
},
},
@ -189,25 +187,23 @@ func TestGeneratePlatformWorkloadIdentitySecrets(t *testing.T) {
for _, tt := range []struct {
name string
identities []api.PlatformWorkloadIdentity
identities map[string]api.PlatformWorkloadIdentity
roles []api.PlatformWorkloadIdentityRole
want []*corev1.Secret
}{
{
name: "no identities, no secrets",
identities: []api.PlatformWorkloadIdentity{},
identities: map[string]api.PlatformWorkloadIdentity{},
roles: []api.PlatformWorkloadIdentityRole{},
want: []*corev1.Secret{},
},
{
name: "converts cluster PWIs if a role definition is present",
identities: []api.PlatformWorkloadIdentity{
{
OperatorName: "foo",
identities: map[string]api.PlatformWorkloadIdentity{
"foo": {
ClientID: "00f00f00-0f00-0f00-0f00-f00f00f00f00",
},
{
OperatorName: "bar",
"bar": {
ClientID: "00ba4ba4-0ba4-0ba4-0ba4-ba4ba4ba4ba4",
},
},
@ -268,13 +264,11 @@ func TestGeneratePlatformWorkloadIdentitySecrets(t *testing.T) {
},
{
name: "ignores identities with no role present",
identities: []api.PlatformWorkloadIdentity{
{
OperatorName: "foo",
identities: map[string]api.PlatformWorkloadIdentity{
"foo": {
ClientID: "00f00f00-0f00-0f00-0f00-f00f00f00f00",
},
{
OperatorName: "bar",
"bar": {
ClientID: "00ba4ba4-0ba4-0ba4-0ba4-ba4ba4ba4ba4",
},
},
@ -283,13 +277,11 @@ func TestGeneratePlatformWorkloadIdentitySecrets(t *testing.T) {
},
{
name: "skips ARO operator identity",
identities: []api.PlatformWorkloadIdentity{
{
OperatorName: "foo",
identities: map[string]api.PlatformWorkloadIdentity{
"foo": {
ClientID: "00f00f00-0f00-0f00-0f00-f00f00f00f00",
},
{
OperatorName: "aro-operator",
"aro-operator": {
ClientID: "00ba4ba4-0ba4-0ba4-0ba4-ba4ba4ba4ba4",
},
},

Просмотреть файл

@ -2087,44 +2087,36 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
name: "create a new workload identity cluster",
request: func(oc *v20240812preview.OpenShiftCluster) {
oc.Properties.ClusterProfile.Version = defaultVersion
oc.Identity = &v20240812preview.Identity{
oc.Identity = &v20240812preview.ManagedServiceIdentity{
Type: "UserAssigned",
UserAssignedIdentities: v20240812preview.UserAssignedIdentities{
mockMiResourceId: v20240812preview.ClusterUserAssignedIdentity{},
UserAssignedIdentities: map[string]v20240812preview.UserAssignedIdentity{
mockMiResourceId: {},
},
}
oc.Properties.PlatformWorkloadIdentityProfile = &v20240812preview.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []v20240812preview.PlatformWorkloadIdentity{
{
OperatorName: "AzureFilesStorageOperator",
PlatformWorkloadIdentities: map[string]v20240812preview.PlatformWorkloadIdentity{
"AzureFilesStorageOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "CloudControllerManager",
"CloudControllerManager": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "ClusterIngressOperator",
"ClusterIngressOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "ImageRegistryOperator",
"ImageRegistryOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "MachineApiOperator",
"MachineApiOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "NetworkOperator",
"NetworkOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "ServiceOperator",
"ServiceOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "StorageOperator",
"StorageOperator": {
ResourceID: mockMiResourceId,
},
},
@ -2158,10 +2150,10 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
ID: testdatabase.GetResourcePath(mockGuid, "resourceName"),
Name: "resourceName",
Type: "Microsoft.RedHatOpenShift/openShiftClusters",
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
Type: "UserAssigned",
UserAssignedIdentities: api.UserAssignedIdentities{
mockMiResourceId: api.ClusterUserAssignedIdentity{},
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
mockMiResourceId: {},
},
IdentityURL: middleware.MockIdentityURL,
TenantID: mockGuid,
@ -2193,37 +2185,29 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
},
OperatorFlags: operator.DefaultOperatorFlags(),
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "AzureFilesStorageOperator",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"AzureFilesStorageOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "CloudControllerManager",
"CloudControllerManager": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "ClusterIngressOperator",
"ClusterIngressOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "ImageRegistryOperator",
"ImageRegistryOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "MachineApiOperator",
"MachineApiOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "NetworkOperator",
"NetworkOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "ServiceOperator",
"ServiceOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "StorageOperator",
"StorageOperator": {
ResourceID: mockMiResourceId,
},
},
@ -2240,10 +2224,10 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
Name: "resourceName",
Type: "Microsoft.RedHatOpenShift/openShiftClusters",
SystemData: &v20240812preview.SystemData{},
Identity: &v20240812preview.Identity{
Identity: &v20240812preview.ManagedServiceIdentity{
Type: "UserAssigned",
UserAssignedIdentities: v20240812preview.UserAssignedIdentities{
mockMiResourceId: v20240812preview.ClusterUserAssignedIdentity{},
UserAssignedIdentities: map[string]v20240812preview.UserAssignedIdentity{
mockMiResourceId: {},
},
},
Properties: v20240812preview.OpenShiftClusterProperties{
@ -2265,37 +2249,29 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
},
},
PlatformWorkloadIdentityProfile: &v20240812preview.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []v20240812preview.PlatformWorkloadIdentity{
{
OperatorName: "AzureFilesStorageOperator",
PlatformWorkloadIdentities: map[string]v20240812preview.PlatformWorkloadIdentity{
"AzureFilesStorageOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "CloudControllerManager",
"CloudControllerManager": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "ClusterIngressOperator",
"ClusterIngressOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "ImageRegistryOperator",
"ImageRegistryOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "MachineApiOperator",
"MachineApiOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "NetworkOperator",
"NetworkOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "ServiceOperator",
"ServiceOperator": {
ResourceID: mockMiResourceId,
},
{
OperatorName: "StorageOperator",
"StorageOperator": {
ResourceID: mockMiResourceId,
},
},
@ -3789,11 +3765,11 @@ func TestValidateIdentityUrl(t *testing.T) {
{
name: "pass - identity URL passed",
cluster: &api.OpenShiftCluster{
Identity: &api.Identity{},
Identity: &api.ManagedServiceIdentity{},
},
identityURL: "http://foo.bar",
expected: &api.OpenShiftCluster{
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
IdentityURL: "http://foo.bar",
},
},
@ -3830,11 +3806,11 @@ func TestValidateIdentityTenantID(t *testing.T) {
{
name: "pass - tenantID passed",
cluster: &api.OpenShiftCluster{
Identity: &api.Identity{},
Identity: &api.ManagedServiceIdentity{},
},
tenantID: "bogus",
expected: &api.OpenShiftCluster{
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
TenantID: "bogus",
},
},

Просмотреть файл

@ -272,8 +272,8 @@ func (o *operator) resources(ctx context.Context) ([]kruntime.Object, error) {
func (o *operator) generateOperatorIdentitySecret() (*corev1.Secret, error) {
var operatorIdentity *api.PlatformWorkloadIdentity // use a pointer to make it easy to check if we found an identity below
for _, i := range o.oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
if i.OperatorName == pkgoperator.OperatorIdentityName {
for k, i := range o.oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
if k == pkgoperator.OperatorIdentityName {
operatorIdentity = &i
break
}

Просмотреть файл

@ -636,9 +636,8 @@ func TestGenerateOperatorIdentitySecret(t *testing.T) {
Location: "eastus1",
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: pkgoperator.OperatorIdentityName,
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
pkgoperator.OperatorIdentityName: {
ClientID: "11111111-1111-1111-1111-111111111111",
},
},

Просмотреть файл

@ -37,22 +37,22 @@ func (g *generator) generateExamples(outputDir string, s *Swagger) error {
switch param := param.(type) {
case Reference:
switch param.Ref {
case "../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/ApiVersionParameter":
case "../../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/ApiVersionParameter":
example.Parameters = append(example.Parameters, NameParameter{
Name: "api-version",
Parameter: stringutils.LastTokenByte(outputDir, '/'),
})
case "../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/SubscriptionIdParameter":
case "../../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/SubscriptionIdParameter":
example.Parameters = append(example.Parameters, NameParameter{
Name: "subscriptionId",
Parameter: "subscriptionId",
Parameter: "00000000-0000-0000-0000-000000000000",
})
case "../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/ResourceGroupNameParameter":
case "../../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/ResourceGroupNameParameter":
example.Parameters = append(example.Parameters, NameParameter{
Name: "resourceGroupName",
Parameter: "resourceGroup",
})
case "../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/LocationParameter":
case "../../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/LocationParameter":
example.Parameters = append(example.Parameters, NameParameter{
Name: "location",
Parameter: "location",
@ -174,6 +174,8 @@ func (g *generator) generateExamples(outputDir string, s *Swagger) error {
body = g.exampleOperationListResponse()
case "#/definitions/OpenShiftVersionList":
body = g.exampleOpenShiftVersionListResponse()
case "#/definitions/PlatformWorkloadIdentityRoleSetList":
body = g.examplePlatformWorkloadIdentityRoleSetListResponse()
}
}

Просмотреть файл

@ -54,6 +54,7 @@ type generator struct {
exampleOpenShiftClusterAdminKubeconfigResponse func() interface{}
exampleOpenShiftClusterListResponse func() interface{}
exampleOpenShiftVersionListResponse func() interface{}
examplePlatformWorkloadIdentityRoleSetListResponse func() interface{}
exampleOperationListResponse func() interface{}
systemData bool
@ -61,6 +62,8 @@ type generator struct {
installVersionList bool
clusterManager bool
workerProfilesStatus bool
roleSetList bool
managedServiceIdentity bool
xmsEnum []string
xmsSecretList []string
xmsIdentifiers []string
@ -314,17 +317,20 @@ var apis = map[string]*generator{
exampleOpenShiftClusterListResponse: v20240812preview.ExampleOpenShiftClusterListResponse,
exampleOpenShiftClusterAdminKubeconfigResponse: v20240812preview.ExampleOpenShiftClusterAdminKubeconfigResponse,
exampleOpenShiftVersionListResponse: v20240812preview.ExampleOpenShiftVersionListResponse,
examplePlatformWorkloadIdentityRoleSetListResponse: v20240812preview.ExamplePlatformWorkloadIdentityRoleSetListResponse,
exampleOperationListResponse: api.ExampleOperationListResponse,
xmsEnum: []string{"ProvisioningState", "PreconfiguredNSG", "EncryptionAtHost", "FipsValidatedModules", "SoftwareDefinedNetwork", "Visibility", "OutboundType"},
xmsEnum: []string{"ProvisioningState", "PreconfiguredNSG", "EncryptionAtHost", "FipsValidatedModules", "SoftwareDefinedNetwork", "Visibility", "OutboundType", "ManagedServiceIdentityType"},
xmsSecretList: []string{"kubeconfig", "kubeadminPassword", "secretResources"},
xmsIdentifiers: []string{},
commonTypesVersion: "v3",
commonTypesVersion: "v6",
managedServiceIdentity: true,
systemData: true,
clusterManager: true,
installVersionList: true,
kubeConfig: true,
workerProfilesStatus: true,
roleSetList: true,
},
}

Просмотреть файл

@ -29,25 +29,25 @@ import (
func (g *generator) populateParameters(n int, typ, friendlyName string) (s []interface{}) {
s = []interface{}{
Reference{
Ref: "../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/ApiVersionParameter",
Ref: "../../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/ApiVersionParameter",
},
}
if n > 0 {
s = append(s, Reference{
Ref: "../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/SubscriptionIdParameter",
Ref: "../../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/SubscriptionIdParameter",
})
}
if n == 6 {
s = append(s, Reference{
Ref: "../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/LocationParameter",
Ref: "../../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/LocationParameter",
})
return
}
if n > 1 {
s = append(s, Reference{
Ref: "../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/ResourceGroupNameParameter",
Ref: "../../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/parameters/ResourceGroupNameParameter",
})
}
@ -88,7 +88,7 @@ func (g *generator) populateParameters(n int, typ, friendlyName string) (s []int
// TODO: refactor this entire function to make sense
// so we can stop thinking about what int value builds a proper swagger parameter
if n > 3 && n != 7 && n != 10 {
s = append(s, Parameter{
resourceParameter := Parameter{
Name: "parameters",
In: "body",
Description: "The " + friendlyName + " resource.",
@ -96,7 +96,9 @@ func (g *generator) populateParameters(n int, typ, friendlyName string) (s []int
Schema: &Schema{
Ref: "#/definitions/" + typ,
},
})
}
s = append(s, resourceParameter)
}
if n == 5 || n == 9 {

Просмотреть файл

@ -25,6 +25,7 @@ var proxyResources = []string{
"MachinePool",
"Secret",
"OpenShiftVersion",
"PlatformWorkloadIdentityRoleSet",
}
// resourceNamePattern is a regex pattern to validate resource names
@ -132,6 +133,22 @@ func Run(api, outputDir string) error {
}
}
if g.roleSetList {
s.Paths["/subscriptions/{subscriptionId}/providers/Microsoft.RedHatOpenShift/locations/{location}/platformworkloadidentityroleset"] = &PathItem{
Get: &Operation{
Tags: []string{"PlatformWorkloadIdentityRoleSet"},
Summary: "Lists a mapping of OpenShift versions to identity requirements, which include operatorName, roleDefinitionName, roleDefinitionId, and serviceAccounts.",
Description: "This operation returns PlatformWorkloadIdentityRoleSet as a string",
OperationID: "PlatformWorkloadIdentityRoleSet_List",
Parameters: g.populateParameters(6, "PlatformWorkloadIdentityRoleSetList", "Platform Workload Identity Role Set"),
Responses: g.populateResponses("PlatformWorkloadIdentityRoleSetList", false, http.StatusOK),
Pageable: &Pageable{
NextLinkName: "nextLink",
},
},
}
}
if g.clusterManager {
g.populateChildResourcePaths(s.Paths, "Microsoft.RedHatOpenShift", "openShiftCluster", "syncSet", "SyncSet")
g.populateChildResourcePaths(s.Paths, "Microsoft.RedHatOpenShift", "openShiftCluster", "machinePool", "MachinePool")
@ -150,19 +167,23 @@ func Run(api, outputDir string) error {
names = append(names, "OpenShiftVersionList")
}
if g.roleSetList {
names = append(names, "PlatformWorkloadIdentityRoleSetList")
}
if g.clusterManager {
// This needs to be the top level struct
// in most cases, the "list" struct (a collection of resources)
names = append(names, "SyncSetList", "MachinePoolList", "SyncIdentityProviderList", "SecretList")
}
err = define(s.Definitions, api, g.xmsEnum, g.xmsSecretList, g.xmsIdentifiers, names...)
err = define(s.Definitions, api, g.xmsEnum, g.xmsSecretList, g.xmsIdentifiers, g.commonTypesVersion, names...)
if err != nil {
return err
}
names = []string{"CloudError", "OperationList"}
err = define(s.Definitions, "github.com/Azure/ARO-RP/pkg/api", g.xmsEnum, g.xmsSecretList, g.xmsIdentifiers, names...)
err = define(s.Definitions, "github.com/Azure/ARO-RP/pkg/api", g.xmsEnum, g.xmsSecretList, g.xmsIdentifiers, g.commonTypesVersion, names...)
if err != nil {
return err
}
@ -180,6 +201,10 @@ func Run(api, outputDir string) error {
azureResources = append(azureResources, "OpenShiftVersion")
}
if g.roleSetList {
azureResources = append(azureResources, "PlatformWorkloadIdentityRoleSet")
}
for _, azureResource := range azureResources {
def, err := deepCopy(s.Definitions[azureResource])
if err != nil {
@ -207,7 +232,7 @@ func Run(api, outputDir string) error {
if !slices.Contains(proxyResources, azureResource) {
s.Definitions[azureResource].AllOf = []Schema{
{
Ref: "../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/definitions/TrackedResource",
Ref: "../../../../../../common-types/resource-management/" + g.commonTypesVersion + "/types.json#/definitions/TrackedResource",
},
}
} else {
@ -225,15 +250,20 @@ func Run(api, outputDir string) error {
}
s.Definitions[azureResource].Properties = properties
// Don't include an update object for "OpenShiftVersion" as it is not updatable via the API
// Don't include an update object for either "OpenShiftVersion"
// or "PlatformWorkloadIdentityRoleSet" as they are not updatable via the API
azureResources := []string{azureResource}
if azureResource != "OpenShiftVersion" {
if azureResource != "OpenShiftVersion" && azureResource != "PlatformWorkloadIdentityRoleSet" {
s.Definitions[azureResource+"Update"] = update
azureResources = append(azureResources, azureResource+"Update")
}
if g.systemData {
s.defineSystemData(azureResources, g.commonTypesVersion)
s.defineSystemData(azureResources)
}
if g.managedServiceIdentity {
s.defineManagedServiceIdentity(g.commonTypesVersion)
}
}
@ -270,24 +300,35 @@ func deepCopy(v interface{}) (interface{}, error) {
// defineSystemData will configure systemData fields for required definitions.
// SystemData is not user consumable, so we remove definitions from auto-generated code
// In addition to this we use common-types definition so we replace one we generate with common-types
func (s *Swagger) defineSystemData(resources []string, commonVersion string) {
func (s *Swagger) defineSystemData(resources []string) {
for _, resource := range resources {
s.Definitions[resource].Properties = removeNamedSchemas(s.Definitions[resource].Properties, "systemData")
}
// SystemData is not user side consumable type. It is being returned as Read-Only,
// but should not be generated into API or swagger as API/SDK type
delete(s.Definitions, "SystemData")
delete(s.Definitions, "CreatedByType")
}
func (s *Swagger) defineManagedServiceIdentity(commonVersion string) {
resources := []string{"OpenShiftCluster", "OpenShiftClusterUpdate"}
for _, resource := range resources {
s.Definitions[resource].Properties = removeNamedSchemas(s.Definitions[resource].Properties, "identity")
s.Definitions[resource].Properties = append(s.Definitions[resource].Properties,
NameSchema{
Name: "systemData",
Name: "identity",
Schema: &Schema{
ReadOnly: true,
Description: "The system meta data relating to this resource.",
Ref: "../../../../../common-types/resource-management/" + commonVersion + "/types.json#/definitions/systemData",
Description: "Identity stores information about the cluster MSI(s) in a workload identity cluster.",
Ref: "../../../../../../common-types/resource-management/" + commonVersion + "/managedidentity.json#/definitions/ManagedServiceIdentity",
},
})
}
delete(s.Definitions, "ManagedServiceIdentity")
delete(s.Definitions, "ManagedServiceIdentityType")
delete(s.Definitions, "UserAssignedIdentity")
delete(s.Definitions, "Resource")
}
func removeNamedSchemas(list NameSchemas, remove string) NameSchemas {

Просмотреть файл

@ -25,9 +25,10 @@ type typeWalker struct {
xmsEnumList []string
xmsSecretList []string
xmsIdentifiers []string
commonTypesVersion string
}
func newTypeWalker(pkgname string, xmsEnumList, xmsSecretList []string, xmsIdentifiers []string) (*typeWalker, error) {
func newTypeWalker(pkgname string, xmsEnumList, xmsSecretList []string, xmsIdentifiers []string, commonTypesVersion string) (*typeWalker, error) {
pkgs, err := packages.Load(&packages.Config{Mode: packages.NeedSyntax | packages.NeedTypes | packages.NeedTypesInfo}, pkgname)
if err != nil {
return nil, err
@ -42,6 +43,7 @@ func newTypeWalker(pkgname string, xmsEnumList, xmsSecretList []string, xmsIdent
xmsEnumList: xmsEnumList,
xmsSecretList: xmsSecretList,
xmsIdentifiers: xmsIdentifiers,
commonTypesVersion: commonTypesVersion,
}
// populate enums: walk all types declared at package scope
@ -170,7 +172,7 @@ func (tw *typeWalker) schemaFromType(t types.Type, deps map[*types.Named]struct{
if field.Name() == "proxyResource" {
s.AllOf = []Schema{
{
Ref: "../../../../../common-types/resource-management/v3/types.json#/definitions/ProxyResource",
Ref: fmt.Sprintf("../../../../../../common-types/resource-management/%s/types.json#/definitions/ProxyResource", tw.commonTypesVersion),
},
}
}
@ -221,8 +223,8 @@ func (tw *typeWalker) define(definitions Definitions, name string) {
}
// define adds a Definition for the named types in the given package
func define(definitions Definitions, pkgname string, xmsEnumList, xmsSecretList []string, xmsIdentifiers []string, names ...string) error {
th, err := newTypeWalker(pkgname, xmsEnumList, xmsSecretList, xmsIdentifiers)
func define(definitions Definitions, pkgname string, xmsEnumList, xmsSecretList []string, xmsIdentifiers []string, commonTypesVersion string, names ...string) error {
th, err := newTypeWalker(pkgname, xmsEnumList, xmsSecretList, xmsIdentifiers, commonTypesVersion)
if err != nil {
return err
}

Просмотреть файл

@ -10,6 +10,7 @@ import (
"time"
"github.com/Azure/go-autorest/autorest"
gofrsuuid "github.com/gofrs/uuid"
mgmtredhatopenshift20240812preview "github.com/Azure/ARO-RP/pkg/client/services/redhatopenshift/mgmt/2024-08-12-preview/redhatopenshift"
"github.com/Azure/ARO-RP/pkg/env"
@ -33,7 +34,7 @@ var _ OpenShiftClustersClient = &openShiftClustersClient{}
func NewOpenShiftClustersClient(environment *azureclient.AROEnvironment, subscriptionID string, authorizer autorest.Authorizer) OpenShiftClustersClient {
var client mgmtredhatopenshift20240812preview.OpenShiftClustersClient
if env.IsLocalDevelopmentMode() {
client = mgmtredhatopenshift20240812preview.NewOpenShiftClustersClientWithBaseURI("https://localhost:8443", subscriptionID)
client = mgmtredhatopenshift20240812preview.NewOpenShiftClustersClientWithBaseURI("https://localhost:8443", gofrsuuid.FromStringOrNil(subscriptionID))
client.Sender = &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
@ -42,7 +43,7 @@ func NewOpenShiftClustersClient(environment *azureclient.AROEnvironment, subscri
},
}
} else {
client = mgmtredhatopenshift20240812preview.NewOpenShiftClustersClientWithBaseURI(environment.ResourceManagerEndpoint, subscriptionID)
client = mgmtredhatopenshift20240812preview.NewOpenShiftClustersClientWithBaseURI(environment.ResourceManagerEndpoint, gofrsuuid.FromStringOrNil(subscriptionID))
client.Authorizer = authorizer
}
client.PollingDelay = 10 * time.Second

Просмотреть файл

@ -8,6 +8,7 @@ import (
"net/http"
"github.com/Azure/go-autorest/autorest"
gofrsuuid "github.com/gofrs/uuid"
mgmtredhatopenshift20240812preview "github.com/Azure/ARO-RP/pkg/client/services/redhatopenshift/mgmt/2024-08-12-preview/redhatopenshift"
"github.com/Azure/ARO-RP/pkg/env"
@ -29,7 +30,7 @@ var _ OperationsClient = &operationsClient{}
func NewOperationsClient(environment *azureclient.AROEnvironment, subscriptionID string, authorizer autorest.Authorizer) OperationsClient {
var client mgmtredhatopenshift20240812preview.OperationsClient
if env.IsLocalDevelopmentMode() {
client = mgmtredhatopenshift20240812preview.NewOperationsClientWithBaseURI("https://localhost:8443", subscriptionID)
client = mgmtredhatopenshift20240812preview.NewOperationsClientWithBaseURI("https://localhost:8443", gofrsuuid.FromStringOrNil(subscriptionID))
client.Sender = &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
@ -38,7 +39,7 @@ func NewOperationsClient(environment *azureclient.AROEnvironment, subscriptionID
},
}
} else {
client = mgmtredhatopenshift20240812preview.NewOperationsClientWithBaseURI(environment.ResourceManagerEndpoint, subscriptionID)
client = mgmtredhatopenshift20240812preview.NewOperationsClientWithBaseURI(environment.ResourceManagerEndpoint, gofrsuuid.FromStringOrNil(subscriptionID))
client.Authorizer = authorizer
}

Просмотреть файл

@ -49,7 +49,7 @@ func TestValidateDiskEncryptionSets(t *testing.T) {
name string
oc *api.OpenShiftCluster
actionInfos []remotepdp.ActionInfo
platformIdentities []api.PlatformWorkloadIdentity
platformIdentities map[string]api.PlatformWorkloadIdentity
platformIdentityMap map[string][]string
mocks func(*mock_compute.MockDiskEncryptionSetsClient, *mock_remotepdp.MockRemotePDPClient, *mock_azcore.MockTokenCredential, context.CancelFunc)
wantErr string

Просмотреть файл

@ -90,7 +90,7 @@ type dynamic struct {
checkAccessSubjectInfoCred azcore.TokenCredential
env env.Interface
azEnv *azureclient.AROEnvironment
platformIdentities []api.PlatformWorkloadIdentity
platformIdentities map[string]api.PlatformWorkloadIdentity
platformIdentitiesActionsMap map[string][]string
virtualNetworks virtualNetworksGetClient
@ -828,11 +828,11 @@ func (dv *dynamic) ValidatePreConfiguredNSGs(ctx context.Context, oc *api.OpenSh
// validateActions calls validateActionsByOID with object ID in case of MIWI cluster otherwise without object ID
func (dv *dynamic) validateActions(ctx context.Context, r *azure.Resource, actions []string) (*string, error) {
if dv.platformIdentities != nil {
for _, platformIdentity := range dv.platformIdentities {
actionsToValidate := stringutils.GroupsIntersect(actions, dv.platformIdentitiesActionsMap[platformIdentity.OperatorName])
for name, platformIdentity := range dv.platformIdentities {
actionsToValidate := stringutils.GroupsIntersect(actions, dv.platformIdentitiesActionsMap[name])
if len(actionsToValidate) > 0 {
if err := dv.validateActionsByOID(ctx, r, actionsToValidate, &platformIdentity.ObjectID); err != nil {
return &platformIdentity.OperatorName, err
return &name, err
}
}
}

Просмотреть файл

@ -615,9 +615,8 @@ var (
platformIdentity1SubnetActionsNoIntersect = []string{
"Microsoft.Network/virtualNetworks/nointersect/nointersect",
}
platformIdentities = []api.PlatformWorkloadIdentity{
{
OperatorName: "Dummy",
platformIdentities = map[string]api.PlatformWorkloadIdentity{
"Dummy": {
ResourceID: platformIdentity1,
ClientID: dummyClientId,
ObjectID: dummyObjectId,
@ -720,7 +719,7 @@ func TestValidateVnetPermissions(t *testing.T) {
for _, tt := range []struct {
name string
platformIdentities []api.PlatformWorkloadIdentity
platformIdentities map[string]api.PlatformWorkloadIdentity
platformIdentityMap map[string][]string
mocks func(*mock_azcore.MockTokenCredential, *mock_remotepdp.MockRemotePDPClient, context.CancelFunc)
wantErr string
@ -927,7 +926,7 @@ func TestValidateRouteTablesPermissions(t *testing.T) {
for _, tt := range []struct {
name string
subnet Subnet
platformIdentities []api.PlatformWorkloadIdentity
platformIdentities map[string]api.PlatformWorkloadIdentity
platformIdentityMap map[string][]string
pdpClientMocks func(*mock_azcore.MockTokenCredential, *mock_remotepdp.MockRemotePDPClient, context.CancelFunc)
vnetMocks func(*mock_network.MockVirtualNetworksClient, mgmtnetwork.VirtualNetwork)
@ -1209,7 +1208,7 @@ func TestValidateNatGatewaysPermissions(t *testing.T) {
for _, tt := range []struct {
name string
subnet Subnet
platformIdentities []api.PlatformWorkloadIdentity
platformIdentities map[string]api.PlatformWorkloadIdentity
platformIdentityMap map[string][]string
pdpClientMocks func(*mock_azcore.MockTokenCredential, *mock_remotepdp.MockRemotePDPClient, context.CancelFunc)
vnetMocks func(*mock_network.MockVirtualNetworksClient, mgmtnetwork.VirtualNetwork)
@ -1515,7 +1514,7 @@ func TestValidatePreconfiguredNSGPermissions(t *testing.T) {
for _, tt := range []struct {
name string
modifyOC func(*api.OpenShiftCluster)
platformIdentities []api.PlatformWorkloadIdentity
platformIdentities map[string]api.PlatformWorkloadIdentity
platformIdentityMap map[string][]string
checkAccessMocks func(context.CancelFunc, *mock_remotepdp.MockRemotePDPClient, *mock_azcore.MockTokenCredential)
vnetMocks func(*mock_network.MockVirtualNetworksClient, mgmtnetwork.VirtualNetwork)

Просмотреть файл

@ -22,13 +22,13 @@ func (dv *dynamic) ValidatePlatformWorkloadIdentityProfile(ctx context.Context,
dv.log.Print("ValidatePlatformWorkloadIdentityProfile")
dv.platformIdentitiesActionsMap = map[string][]string{}
dv.platformIdentities = []api.PlatformWorkloadIdentity{}
dv.platformIdentities = map[string]api.PlatformWorkloadIdentity{}
for _, pwi := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
_, ok := platformWorkloadIdentityRolesByRoleName[pwi.OperatorName]
for k, pwi := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities {
_, ok := platformWorkloadIdentityRolesByRoleName[k]
if ok {
dv.platformIdentitiesActionsMap[pwi.OperatorName] = nil
dv.platformIdentities = append(dv.platformIdentities, pwi)
dv.platformIdentitiesActionsMap[k] = nil
dv.platformIdentities[k] = pwi
}
}
@ -90,14 +90,14 @@ func (dv *dynamic) validateClusterMSI(ctx context.Context, oc *api.OpenShiftClus
}
// Validate that the cluster MSI has all permissions specified in AzureRedHatOpenShiftFederatedCredentialRole over each platform managed identity
func (dv *dynamic) validateClusterMSIPermissions(ctx context.Context, oid string, platformIdentities []api.PlatformWorkloadIdentity, roleDefinitions armauthorization.RoleDefinitionsClient) error {
func (dv *dynamic) validateClusterMSIPermissions(ctx context.Context, oid string, platformIdentities map[string]api.PlatformWorkloadIdentity, roleDefinitions armauthorization.RoleDefinitionsClient) error {
actions, err := getActionsForRoleDefinition(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, roleDefinitions)
if err != nil {
return err
}
for _, platformIdentity := range platformIdentities {
dv.log.Printf("validateClusterMSIPermissions for %s", platformIdentity.OperatorName)
for name, platformIdentity := range platformIdentities {
dv.log.Printf("validateClusterMSIPermissions for %s", name)
pid, err := azure.ParseResourceID(platformIdentity.ResourceID)
if err != nil {
return err

Просмотреть файл

@ -135,19 +135,16 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
msiResourceID := resourceGroupID + "/providers/Microsoft.ManagedIdentity/userAssignedIdentities/miwi-msi-resource"
dummyClientId := uuid.DefaultGenerator.Generate()
dummyObjectId := uuid.DefaultGenerator.Generate()
platformWorkloadIdentities := []api.PlatformWorkloadIdentity{
{
OperatorName: "Dummy2",
platformWorkloadIdentities := map[string]api.PlatformWorkloadIdentity{
"Dummy2": {
ResourceID: platformIdentity1,
},
{
OperatorName: "Dummy1",
"Dummy1": {
ResourceID: platformIdentity1,
},
}
desiredPlatformWorkloadIdentities := []api.PlatformWorkloadIdentity{
{
OperatorName: "Dummy1",
desiredPlatformWorkloadIdentities := map[string]api.PlatformWorkloadIdentity{
"Dummy1": {
ResourceID: platformIdentity1,
},
}
@ -156,8 +153,8 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
OperatorName: "Dummy1",
},
}
clusterMSI := api.UserAssignedIdentities{
msiResourceID: api.ClusterUserAssignedIdentity{
clusterMSI := map[string]api.UserAssignedIdentity{
msiResourceID: {
ClientID: dummyClientId,
PrincipalID: dummyObjectId,
},
@ -174,7 +171,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
platformIdentityRoles map[string]api.PlatformWorkloadIdentityRole
oc *api.OpenShiftCluster
mocks func(*mock_armauthorization.MockRoleDefinitionsClient)
wantPlatformIdentities []api.PlatformWorkloadIdentity
wantPlatformIdentities map[string]api.PlatformWorkloadIdentity
wantPlatformIdentitiesActionsMap map[string][]string
checkAccessMocks func(context.CancelFunc, *mock_remotepdp.MockRemotePDPClient, *mock_azcore.MockTokenCredential)
wantErr string
@ -185,9 +182,8 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
oc: &api.OpenShiftCluster{
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "Dummy1",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"Dummy1": {
ResourceID: platformIdentity1,
},
},
@ -196,7 +192,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -227,7 +223,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -240,9 +236,8 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
msiAuthReq := createAuthorizationRequest(dummyObjectId, platformIdentity1, msiRequiredPermissionsList...)
pdpClient.EXPECT().CheckAccess(gomock.Any(), msiAuthReq).Return(&msiAllowedActions, nil).AnyTimes()
},
wantPlatformIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "Dummy1",
wantPlatformIdentities: map[string]api.PlatformWorkloadIdentity{
"Dummy1": {
ResourceID: platformIdentity1,
},
},
@ -262,7 +257,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -297,7 +292,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -320,7 +315,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -343,7 +338,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -355,13 +350,13 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
oc: &api.OpenShiftCluster{
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{},
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{},
},
ClusterProfile: api.ClusterProfile{
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -373,13 +368,11 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
oc: &api.OpenShiftCluster{
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "Dummy2",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"Dummy2": {
ResourceID: platformIdentity1,
},
{
OperatorName: "Dummy3",
"Dummy3": {
ResourceID: platformIdentity1,
},
},
@ -388,7 +381,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -406,8 +399,8 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
UserAssignedIdentities: api.UserAssignedIdentities{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: map[string]api.UserAssignedIdentity{
"invalidUUID": {},
},
},
@ -426,7 +419,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -441,19 +434,17 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
oc: &api.OpenShiftCluster{
Properties: api.OpenShiftClusterProperties{
PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{
PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{
{
OperatorName: "Dummy2",
PlatformWorkloadIdentities: map[string]api.PlatformWorkloadIdentity{
"Dummy2": {
ResourceID: "Invalid UUID",
},
{
OperatorName: "Dummy1",
"Dummy1": {
ResourceID: "Invalid UUID",
},
},
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -474,7 +465,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -503,7 +494,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},
@ -532,7 +523,7 @@ func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) {
Version: openShiftVersion,
},
},
Identity: &api.Identity{
Identity: &api.ManagedServiceIdentity{
UserAssignedIdentities: clusterMSI,
},
},

Просмотреть файл

@ -18,10 +18,7 @@ class AROPlatformWorkloadIdentityAddAction(argparse._AppendAction):
raise argparse.ArgumentError(self, msg)
operator_name, resource_id = values
parsed = PlatformWorkloadIdentity(
operator_name=operator_name,
resource_id=resource_id
)
parsed = (operator_name, PlatformWorkloadIdentity(resource_id=resource_id))
super().__call__(parser, namespace, parsed, option_string)

Просмотреть файл

@ -345,20 +345,20 @@ def validate_platform_workload_identities(isCreate):
if isCreate and not namespace.enable_managed_identity:
raise RequiredArgumentMissingError('Must set --enable-managed-identity when providing platform workload identities') # pylint: disable=line-too-long
names = list(map(lambda identity: identity.operator_name, namespace.platform_workload_identities))
names = [name for (name, _) in namespace.platform_workload_identities]
name_counter = Counter()
name_counter.update(names)
duplicates = [name for name, count in name_counter.items() if count > 1]
if duplicates:
raise InvalidArgumentValueError(f"Platform workload identities {duplicates} were provided multiple times")
for identity in namespace.platform_workload_identities:
for (name, identity) in namespace.platform_workload_identities:
if not is_valid_resource_id(identity.resource_id):
identity.resource_id = identity_name_to_resource_id(
cmd, namespace, identity.resource_id)
if not is_valid_identity_resource_id(identity.resource_id):
raise InvalidArgumentValueError(f"Resource {identity.resource_id} used for platform workload identity {identity.operator_name} is not a valid userAssignedIdentity") # pylint: disable=line-too-long
raise InvalidArgumentValueError(f"Resource {identity.resource_id} used for platform workload identity {name} is not a valid userAssignedIdentity") # pylint: disable=line-too-long
return _validate_platform_workload_identities

Просмотреть файл

@ -205,10 +205,10 @@ def aro_create(cmd, # pylint: disable=too-many-locals
if enable_managed_identity is True:
oc.platform_workload_identity_profile = openshiftcluster.PlatformWorkloadIdentityProfile(
platform_workload_identities=platform_workload_identities
platform_workload_identities=dict(platform_workload_identities)
)
oc.identity = openshiftcluster.Identity(
oc.identity = openshiftcluster.ManagedServiceIdentity(
type='UserAssigned',
user_assigned_identities={mi_user_assigned: {}}
)
@ -485,17 +485,7 @@ def aro_update(cmd,
oc_update.platform_workload_identity_profile = openshiftcluster.PlatformWorkloadIdentityProfile()
if platform_workload_identities is not None:
pwis = {}
for i in oc.platform_workload_identity_profile.platform_workload_identities:
pwis[i.operator_name] = openshiftcluster.PlatformWorkloadIdentity(
operator_name=i.operator_name,
resource_id=i.resource_id
)
for i in platform_workload_identities:
pwis[i.operator_name] = i
oc_update.platform_workload_identity_profile.platform_workload_identities = list(pwis.values())
oc_update.platform_workload_identity_profile.platform_workload_identities.update(platform_workload_identities) # pylint: disable=line-too-long
oc_update.platform_workload_identity_profile.upgradeable_to = upgradeable_to

Просмотреть файл

@ -93,7 +93,7 @@ test_validate_client_id_data = [
),
(
"should raise MutuallyExclusiveArgumentError when platform_workload_identities is present",
Mock(client_id="12345678123456781234567812345678", platform_workload_identities=[Mock(resource_id='Foo')]),
Mock(client_id="12345678123456781234567812345678", platform_workload_identities=[("foo", Mock(resource_id='Foo'))]),
MutuallyExclusiveArgumentError
),
(
@ -148,13 +148,13 @@ test_validate_client_secret_data = [
(
"should raise MutuallyExclusiveArgumentError when isCreate is true and platform_workload_identities is present",
True,
Mock(client_secret="123", platform_workload_identities=[Mock(resource_id='Foo')]),
Mock(client_secret="123", platform_workload_identities=[("foo", Mock(resource_id='Foo'))]),
MutuallyExclusiveArgumentError
),
(
"should raise MutuallyExclusiveArgumentError when isCreate is false and platform_workload_identities is present",
False,
Mock(client_secret="123", platform_workload_identities=[Mock(resource_id='Foo')]),
Mock(client_secret="123", platform_workload_identities=[("foo", Mock(resource_id='Foo'))]),
MutuallyExclusiveArgumentError
),
(
@ -1046,7 +1046,7 @@ test_validate_enable_managed_identity_data = [
Mock(enable_managed_identity=True,
client_id=None, client_secret=None,
version="4.14.0",
platform_workload_identities=[Mock(resource_id="foo")],
platform_workload_identities=[("foo", Mock(resource_id='Foo'))],
mi_user_assigned=None),
RequiredArgumentMissingError, 'Enabling managed identity requires cluster identity to be provided'
),
@ -1055,7 +1055,7 @@ test_validate_enable_managed_identity_data = [
Mock(enable_managed_identity=True,
client_id=None, client_secret=None,
version="4.14.0",
platform_workload_identities=[Mock(resource_id="foo")],
platform_workload_identities=[("foo", Mock(resource_id='Foo'))],
mi_user_assigned="foo"),
None, None
)
@ -1106,7 +1106,7 @@ test_validate_platform_workload_identities_data = [
subscription_id="00000000-0000-0000-0000-000000000000",
resource_group_name="resourceGroup",
platform_workload_identities=[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.Network/virtualNetworks/foo"),
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.Network/virtualNetworks/foo")),
]),
InvalidArgumentValueError,
None
@ -1118,8 +1118,8 @@ test_validate_platform_workload_identities_data = [
subscription_id="00000000-0000-0000-0000-000000000000",
resource_group_name="resourceGroup",
platform_workload_identities=[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo"),
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="bar")
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/foo")),
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="bar"))
]),
InvalidArgumentValueError,
None,
@ -1131,13 +1131,13 @@ test_validate_platform_workload_identities_data = [
subscription_id="00000000-0000-0000-0000-000000000000",
resource_group_name="resourceGroup",
platform_workload_identities=[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo"),
openshiftcluster.PlatformWorkloadIdentity(operator_name="bar", resource_id="bar")
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo")),
("bar", openshiftcluster.PlatformWorkloadIdentity(resource_id="bar"))
]),
None,
[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo"),
openshiftcluster.PlatformWorkloadIdentity(operator_name="bar", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/bar"),
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo")),
("bar", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/bar")),
]
),
(
@ -1147,8 +1147,8 @@ test_validate_platform_workload_identities_data = [
subscription_id="00000000-0000-0000-0000-000000000000",
resource_group_name="resourceGroup",
platform_workload_identities=[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo"),
openshiftcluster.PlatformWorkloadIdentity(operator_name="bar", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/bar")
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo")),
("bar", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/bar"))
]),
None,
None
@ -1166,7 +1166,7 @@ test_validate_platform_workload_identities_data = [
Mock(subscription_id="00000000-0000-0000-0000-000000000000",
resource_group_name="resourceGroup",
platform_workload_identities=[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.Network/virtualNetworks/foo"),
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.Network/virtualNetworks/foo")),
]),
InvalidArgumentValueError,
None
@ -1178,8 +1178,8 @@ test_validate_platform_workload_identities_data = [
subscription_id="00000000-0000-0000-0000-000000000000",
resource_group_name="resourceGroup",
platform_workload_identities=[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo"),
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="bar")
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/foo")),
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="bar"))
]),
InvalidArgumentValueError,
None,
@ -1190,13 +1190,13 @@ test_validate_platform_workload_identities_data = [
Mock(subscription_id="00000000-0000-0000-0000-000000000000",
resource_group_name="resourceGroup",
platform_workload_identities=[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo"),
openshiftcluster.PlatformWorkloadIdentity(operator_name="bar", resource_id="bar")
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo")),
("bar", openshiftcluster.PlatformWorkloadIdentity(resource_id="bar"))
]),
None,
[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo"),
openshiftcluster.PlatformWorkloadIdentity(operator_name="bar", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/bar"),
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo")),
("bar", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/bar")),
]
),
(
@ -1205,8 +1205,8 @@ test_validate_platform_workload_identities_data = [
Mock(subscription_id="00000000-0000-0000-0000-000000000000",
resource_group_name="resourceGroup",
platform_workload_identities=[
openshiftcluster.PlatformWorkloadIdentity(operator_name="foo", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo"),
openshiftcluster.PlatformWorkloadIdentity(operator_name="bar", resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/bar")
("foo", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/anotherResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/foo")),
("bar", openshiftcluster.PlatformWorkloadIdentity(resource_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/bar"))
]),
None,
None
@ -1230,7 +1230,8 @@ def test_validate_platform_workload_identities(test_description, isCreate, names
if expected_identities is not None:
for expected, actual in zip(expected_identities, namespace.platform_workload_identities):
assert (expected.resource_id == actual.resource_id)
assert (expected[0] == actual[0])
assert (expected[1].resource_id == actual[1].resource_id)
test_validate_cluster_identity_data = [
@ -1308,20 +1309,17 @@ test_validate_upgradeable_to_data = [
Mock(upgradeable_to="", client_id=None, client_secret=None),
None, None
),
(
"should raise InvalidArgumentValueError Exception because upgradeable_to format is invalid",
Mock(upgradeable_to="a", client_id=None, client_secret=None),
InvalidArgumentValueError, "--upgradeable-to is invalid"
),
(
"Should raise InvalidArgumentValueError when --upgradeable-to < 4.14.0",
Mock(upgradeable_to="4.0.4",
client_id=None, client_secret=None),
InvalidArgumentValueError, 'Enabling managed identity requires --upgradeable-to >= 4.14.0'
),
]
@ -1330,7 +1328,7 @@ test_validate_upgradeable_to_data = [
test_validate_upgradeable_to_data,
ids=[i[0] for i in test_validate_upgradeable_to_data]
)
def test_validate_upgradeable_to_data(test_description, namespace, expected_exception, expected_exception_message):
def test_validate_upgradeable_to(test_description, namespace, expected_exception, expected_exception_message):
if expected_exception is None:
validate_upgradeable_to_format(namespace)
else:

Просмотреть файл

@ -32,7 +32,6 @@ try:
from ._models_py3 import OperationList
from ._models_py3 import Resource
from ._models_py3 import ServicePrincipalProfile
from ._models_py3 import SystemData
from ._models_py3 import TrackedResource
from ._models_py3 import WorkerProfile
except (SyntaxError, ImportError):
@ -53,12 +52,10 @@ except (SyntaxError, ImportError):
from ._models import OperationList # type: ignore
from ._models import Resource # type: ignore
from ._models import ServicePrincipalProfile # type: ignore
from ._models import SystemData # type: ignore
from ._models import TrackedResource # type: ignore
from ._models import WorkerProfile # type: ignore
from ._azure_red_hat_open_shift_client_enums import (
CreatedByType,
EncryptionAtHost,
ProvisioningState,
SoftwareDefinedNetwork,
@ -84,10 +81,8 @@ __all__ = [
'OperationList',
'Resource',
'ServicePrincipalProfile',
'SystemData',
'TrackedResource',
'WorkerProfile',
'CreatedByType',
'EncryptionAtHost',
'ProvisioningState',
'SoftwareDefinedNetwork',

Просмотреть файл

@ -19,15 +19,6 @@ from six import with_metaclass
from azure.core import CaseInsensitiveEnumMeta
class CreatedByType(with_metaclass(CaseInsensitiveEnumMeta, str, Enum)):
"""The type of identity that created the resource.
"""
USER = "User"
APPLICATION = "Application"
MANAGED_IDENTITY = "ManagedIdentity"
KEY = "Key"
class EncryptionAtHost(with_metaclass(CaseInsensitiveEnumMeta, str, Enum)):
"""EncryptionAtHost represents encryption at host state
"""

Просмотреть файл

@ -446,8 +446,6 @@ class OpenShiftCluster(TrackedResource):
:vartype tags: dict[str, str]
:ivar location: Required. The geo-location where the resource lives.
:vartype location: str
:ivar system_data: The system meta data relating to this resource.
:vartype system_data: ~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.SystemData
:ivar provisioning_state: The cluster provisioning state. Possible values include:
"AdminUpdating", "Creating", "Deleting", "Failed", "Succeeded", "Updating".
:vartype provisioning_state: str or
@ -479,7 +477,6 @@ class OpenShiftCluster(TrackedResource):
'name': {'readonly': True},
'type': {'readonly': True},
'location': {'required': True},
'system_data': {'readonly': True},
}
_attribute_map = {
@ -488,7 +485,6 @@ class OpenShiftCluster(TrackedResource):
'type': {'key': 'type', 'type': 'str'},
'tags': {'key': 'tags', 'type': '{str}'},
'location': {'key': 'location', 'type': 'str'},
'system_data': {'key': 'systemData', 'type': 'SystemData'},
'provisioning_state': {'key': 'properties.provisioningState', 'type': 'str'},
'cluster_profile': {'key': 'properties.clusterProfile', 'type': 'ClusterProfile'},
'console_profile': {'key': 'properties.consoleProfile', 'type': 'ConsoleProfile'},
@ -538,7 +534,6 @@ class OpenShiftCluster(TrackedResource):
list[~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.IngressProfile]
"""
super(OpenShiftCluster, self).__init__(**kwargs)
self.system_data = None
self.provisioning_state = kwargs.get('provisioning_state', None)
self.cluster_profile = kwargs.get('cluster_profile', None)
self.console_profile = kwargs.get('console_profile', None)
@ -634,12 +629,8 @@ class OpenShiftClusterList(msrest.serialization.Model):
class OpenShiftClusterUpdate(msrest.serialization.Model):
"""OpenShiftCluster represents an Azure Red Hat OpenShift cluster.
Variables are only populated by the server, and will be ignored when sending a request.
:ivar tags: A set of tags. The resource tags.
:vartype tags: dict[str, str]
:ivar system_data: The system meta data relating to this resource.
:vartype system_data: ~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.SystemData
:ivar provisioning_state: The cluster provisioning state. Possible values include:
"AdminUpdating", "Creating", "Deleting", "Failed", "Succeeded", "Updating".
:vartype provisioning_state: str or
@ -666,13 +657,8 @@ class OpenShiftClusterUpdate(msrest.serialization.Model):
list[~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.IngressProfile]
"""
_validation = {
'system_data': {'readonly': True},
}
_attribute_map = {
'tags': {'key': 'tags', 'type': '{str}'},
'system_data': {'key': 'systemData', 'type': 'SystemData'},
'provisioning_state': {'key': 'properties.provisioningState', 'type': 'str'},
'cluster_profile': {'key': 'properties.clusterProfile', 'type': 'ClusterProfile'},
'console_profile': {'key': 'properties.consoleProfile', 'type': 'ConsoleProfile'},
@ -721,7 +707,6 @@ class OpenShiftClusterUpdate(msrest.serialization.Model):
"""
super(OpenShiftClusterUpdate, self).__init__(**kwargs)
self.tags = kwargs.get('tags', None)
self.system_data = None
self.provisioning_state = kwargs.get('provisioning_state', None)
self.cluster_profile = kwargs.get('cluster_profile', None)
self.console_profile = kwargs.get('console_profile', None)
@ -828,67 +813,6 @@ class ServicePrincipalProfile(msrest.serialization.Model):
self.client_secret = kwargs.get('client_secret', None)
class SystemData(msrest.serialization.Model):
"""Metadata pertaining to creation and last modification of the resource.
:ivar created_by: The identity that created the resource.
:vartype created_by: str
:ivar created_by_type: The type of identity that created the resource. Possible values include:
"User", "Application", "ManagedIdentity", "Key".
:vartype created_by_type: str or
~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.CreatedByType
:ivar created_at: The timestamp of resource creation (UTC).
:vartype created_at: ~datetime.datetime
:ivar last_modified_by: The identity that last modified the resource.
:vartype last_modified_by: str
:ivar last_modified_by_type: The type of identity that last modified the resource. Possible
values include: "User", "Application", "ManagedIdentity", "Key".
:vartype last_modified_by_type: str or
~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.CreatedByType
:ivar last_modified_at: The type of identity that last modified the resource.
:vartype last_modified_at: ~datetime.datetime
"""
_attribute_map = {
'created_by': {'key': 'createdBy', 'type': 'str'},
'created_by_type': {'key': 'createdByType', 'type': 'str'},
'created_at': {'key': 'createdAt', 'type': 'iso-8601'},
'last_modified_by': {'key': 'lastModifiedBy', 'type': 'str'},
'last_modified_by_type': {'key': 'lastModifiedByType', 'type': 'str'},
'last_modified_at': {'key': 'lastModifiedAt', 'type': 'iso-8601'},
}
def __init__(
self,
**kwargs
):
"""
:keyword created_by: The identity that created the resource.
:paramtype created_by: str
:keyword created_by_type: The type of identity that created the resource. Possible values
include: "User", "Application", "ManagedIdentity", "Key".
:paramtype created_by_type: str or
~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.CreatedByType
:keyword created_at: The timestamp of resource creation (UTC).
:paramtype created_at: ~datetime.datetime
:keyword last_modified_by: The identity that last modified the resource.
:paramtype last_modified_by: str
:keyword last_modified_by_type: The type of identity that last modified the resource. Possible
values include: "User", "Application", "ManagedIdentity", "Key".
:paramtype last_modified_by_type: str or
~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.CreatedByType
:keyword last_modified_at: The type of identity that last modified the resource.
:paramtype last_modified_at: ~datetime.datetime
"""
super(SystemData, self).__init__(**kwargs)
self.created_by = kwargs.get('created_by', None)
self.created_by_type = kwargs.get('created_by_type', None)
self.created_at = kwargs.get('created_at', None)
self.last_modified_by = kwargs.get('last_modified_by', None)
self.last_modified_by_type = kwargs.get('last_modified_by_type', None)
self.last_modified_at = kwargs.get('last_modified_at', None)
class WorkerProfile(msrest.serialization.Model):
"""WorkerProfile represents a worker profile.

Просмотреть файл

@ -14,7 +14,6 @@
# Code generated by Microsoft (R) AutoRest Code Generator.Changes may cause incorrect behavior and will be lost if the code is regenerated.
# --------------------------------------------------------------------------
import datetime
from typing import Dict, List, Optional, Union
import msrest.serialization
@ -488,8 +487,6 @@ class OpenShiftCluster(TrackedResource):
:vartype tags: dict[str, str]
:ivar location: Required. The geo-location where the resource lives.
:vartype location: str
:ivar system_data: The system meta data relating to this resource.
:vartype system_data: ~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.SystemData
:ivar provisioning_state: The cluster provisioning state. Possible values include:
"AdminUpdating", "Creating", "Deleting", "Failed", "Succeeded", "Updating".
:vartype provisioning_state: str or
@ -521,7 +518,6 @@ class OpenShiftCluster(TrackedResource):
'name': {'readonly': True},
'type': {'readonly': True},
'location': {'required': True},
'system_data': {'readonly': True},
}
_attribute_map = {
@ -530,7 +526,6 @@ class OpenShiftCluster(TrackedResource):
'type': {'key': 'type', 'type': 'str'},
'tags': {'key': 'tags', 'type': '{str}'},
'location': {'key': 'location', 'type': 'str'},
'system_data': {'key': 'systemData', 'type': 'SystemData'},
'provisioning_state': {'key': 'properties.provisioningState', 'type': 'str'},
'cluster_profile': {'key': 'properties.clusterProfile', 'type': 'ClusterProfile'},
'console_profile': {'key': 'properties.consoleProfile', 'type': 'ConsoleProfile'},
@ -592,7 +587,6 @@ class OpenShiftCluster(TrackedResource):
list[~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.IngressProfile]
"""
super(OpenShiftCluster, self).__init__(tags=tags, location=location, **kwargs)
self.system_data = None
self.provisioning_state = provisioning_state
self.cluster_profile = cluster_profile
self.console_profile = console_profile
@ -696,12 +690,8 @@ class OpenShiftClusterList(msrest.serialization.Model):
class OpenShiftClusterUpdate(msrest.serialization.Model):
"""OpenShiftCluster represents an Azure Red Hat OpenShift cluster.
Variables are only populated by the server, and will be ignored when sending a request.
:ivar tags: A set of tags. The resource tags.
:vartype tags: dict[str, str]
:ivar system_data: The system meta data relating to this resource.
:vartype system_data: ~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.SystemData
:ivar provisioning_state: The cluster provisioning state. Possible values include:
"AdminUpdating", "Creating", "Deleting", "Failed", "Succeeded", "Updating".
:vartype provisioning_state: str or
@ -728,13 +718,8 @@ class OpenShiftClusterUpdate(msrest.serialization.Model):
list[~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.IngressProfile]
"""
_validation = {
'system_data': {'readonly': True},
}
_attribute_map = {
'tags': {'key': 'tags', 'type': '{str}'},
'system_data': {'key': 'systemData', 'type': 'SystemData'},
'provisioning_state': {'key': 'properties.provisioningState', 'type': 'str'},
'cluster_profile': {'key': 'properties.clusterProfile', 'type': 'ClusterProfile'},
'console_profile': {'key': 'properties.consoleProfile', 'type': 'ConsoleProfile'},
@ -794,7 +779,6 @@ class OpenShiftClusterUpdate(msrest.serialization.Model):
"""
super(OpenShiftClusterUpdate, self).__init__(**kwargs)
self.tags = tags
self.system_data = None
self.provisioning_state = provisioning_state
self.cluster_profile = cluster_profile
self.console_profile = console_profile
@ -911,74 +895,6 @@ class ServicePrincipalProfile(msrest.serialization.Model):
self.client_secret = client_secret
class SystemData(msrest.serialization.Model):
"""Metadata pertaining to creation and last modification of the resource.
:ivar created_by: The identity that created the resource.
:vartype created_by: str
:ivar created_by_type: The type of identity that created the resource. Possible values include:
"User", "Application", "ManagedIdentity", "Key".
:vartype created_by_type: str or
~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.CreatedByType
:ivar created_at: The timestamp of resource creation (UTC).
:vartype created_at: ~datetime.datetime
:ivar last_modified_by: The identity that last modified the resource.
:vartype last_modified_by: str
:ivar last_modified_by_type: The type of identity that last modified the resource. Possible
values include: "User", "Application", "ManagedIdentity", "Key".
:vartype last_modified_by_type: str or
~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.CreatedByType
:ivar last_modified_at: The type of identity that last modified the resource.
:vartype last_modified_at: ~datetime.datetime
"""
_attribute_map = {
'created_by': {'key': 'createdBy', 'type': 'str'},
'created_by_type': {'key': 'createdByType', 'type': 'str'},
'created_at': {'key': 'createdAt', 'type': 'iso-8601'},
'last_modified_by': {'key': 'lastModifiedBy', 'type': 'str'},
'last_modified_by_type': {'key': 'lastModifiedByType', 'type': 'str'},
'last_modified_at': {'key': 'lastModifiedAt', 'type': 'iso-8601'},
}
def __init__(
self,
*,
created_by: Optional[str] = None,
created_by_type: Optional[Union[str, "CreatedByType"]] = None,
created_at: Optional[datetime.datetime] = None,
last_modified_by: Optional[str] = None,
last_modified_by_type: Optional[Union[str, "CreatedByType"]] = None,
last_modified_at: Optional[datetime.datetime] = None,
**kwargs
):
"""
:keyword created_by: The identity that created the resource.
:paramtype created_by: str
:keyword created_by_type: The type of identity that created the resource. Possible values
include: "User", "Application", "ManagedIdentity", "Key".
:paramtype created_by_type: str or
~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.CreatedByType
:keyword created_at: The timestamp of resource creation (UTC).
:paramtype created_at: ~datetime.datetime
:keyword last_modified_by: The identity that last modified the resource.
:paramtype last_modified_by: str
:keyword last_modified_by_type: The type of identity that last modified the resource. Possible
values include: "User", "Application", "ManagedIdentity", "Key".
:paramtype last_modified_by_type: str or
~azure.mgmt.redhatopenshift.v2021_09_01_preview.models.CreatedByType
:keyword last_modified_at: The type of identity that last modified the resource.
:paramtype last_modified_at: ~datetime.datetime
"""
super(SystemData, self).__init__(**kwargs)
self.created_by = created_by
self.created_by_type = created_by_type
self.created_at = created_at
self.last_modified_by = last_modified_by
self.last_modified_by_type = last_modified_by_type
self.last_modified_at = last_modified_at
class WorkerProfile(msrest.serialization.Model):
"""WorkerProfile represents a worker profile.

Просмотреть файл

@ -32,7 +32,6 @@ try:
from ._models_py3 import OperationList
from ._models_py3 import Resource
from ._models_py3 import ServicePrincipalProfile
from ._models_py3 import SystemData
from ._models_py3 import TrackedResource
from ._models_py3 import WorkerProfile
except (SyntaxError, ImportError):
@ -53,12 +52,10 @@ except (SyntaxError, ImportError):
from ._models import OperationList # type: ignore
from ._models import Resource # type: ignore
from ._models import ServicePrincipalProfile # type: ignore
from ._models import SystemData # type: ignore
from ._models import TrackedResource # type: ignore
from ._models import WorkerProfile # type: ignore
from ._azure_red_hat_open_shift_client_enums import (
CreatedByType,
EncryptionAtHost,
FipsValidatedModules,
ProvisioningState,
@ -83,10 +80,8 @@ __all__ = [
'OperationList',
'Resource',
'ServicePrincipalProfile',
'SystemData',
'TrackedResource',
'WorkerProfile',
'CreatedByType',
'EncryptionAtHost',
'FipsValidatedModules',
'ProvisioningState',

Просмотреть файл

@ -19,15 +19,6 @@ from six import with_metaclass
from azure.core import CaseInsensitiveEnumMeta
class CreatedByType(with_metaclass(CaseInsensitiveEnumMeta, str, Enum)):
"""The type of identity that created the resource.
"""
USER = "User"
APPLICATION = "Application"
MANAGED_IDENTITY = "ManagedIdentity"
KEY = "Key"
class EncryptionAtHost(with_metaclass(CaseInsensitiveEnumMeta, str, Enum)):
"""EncryptionAtHost represents encryption at host state
"""

Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше