Azure · julienstroheker · Sep 20, 2018 · Sep 20, 2018 · Sep 20, 2018 · Sep 20, 2018
@@ -3,6 +3,10 @@
 Release History
 ===============
 
+0.2.2
++++++
+* Add ManagedApplicationPreparer
+
 0.2.1
 +++++
 * Minor fixes

@@ -7,15 +7,15 @@
 
 from .base import ScenarioTest, LiveScenarioTest
 from .preparers import (StorageAccountPreparer, ResourceGroupPreparer, RoleBasedServicePrincipalPreparer,
-                        KeyVaultPreparer)
+                        ManagedApplicationPreparer, KeyVaultPreparer)
 from .exceptions import CliTestError
 from .checkers import (JMESPathCheck, JMESPathCheckExists, JMESPathCheckGreaterThan, NoneCheck, StringCheck,
                        StringContainCheck)
 from .decorators import api_version_constraint
 from .utilities import create_random_name
 
 __all__ = ['ScenarioTest', 'LiveScenarioTest', 'ResourceGroupPreparer', 'StorageAccountPreparer',
-           'RoleBasedServicePrincipalPreparer', 'CliTestError', 'JMESPathCheck', 'JMESPathCheckExists', 'NoneCheck',
+           'RoleBasedServicePrincipalPreparer', 'ManagedApplicationPreparer', 'CliTestError', 'JMESPathCheck', 'JMESPathCheckExists', 'NoneCheck',
            'live_only', 'record_only', 'StringCheck', 'StringContainCheck', 'get_sha1_hash', 'KeyVaultPreparer',
            'JMESPathCheckGreaterThan', 'api_version_constraint', 'create_random_name']
 

@@ -174,6 +174,47 @@ def remove_resource(self, name, **kwargs):
             execute(self.cli_ctx, 'az ad sp delete --id {}'.format(self.result['appId']))
 
 
+# Managed Application preparer
+
+# pylint: disable=too-many-instance-attributes
+class ManagedApplicationPreparer(AbstractPreparer, SingleValueReplacer):
+    def __init__(self, name_prefix='clitest', parameter_name='aad_client_app_id',
+                 parameter_secret='aad_client_app_secret', app_name='app_name',
+                 parameter_tenant='aad_tenant_id',
+                 dev_setting_app_name='AZURE_CLI_TEST_DEV_APP_NAME',
+                 dev_setting_app_secret='AZURE_CLI_TEST_DEV_APP_SECRET',
+                 dev_setting_app_tenant='AZURE_CLI_TEST_DEV_APP_TENANT',
+                 key='app'):
+        super(ManagedApplicationPreparer, self).__init__(name_prefix, 24)
+        self.cli_ctx = get_dummy_cli()
+        self.parameter_name = parameter_name
+        self.parameter_secret = parameter_secret
+        self.parameter_tenant = parameter_tenant
+        self.result = {}
+        self.app_name = app_name
+        self.dev_setting_app_name = os.environ.get(dev_setting_app_name, None)
+        self.dev_setting_app_secret = os.environ.get(dev_setting_app_secret, None)
+        self.dev_setting_app_tenant = os.environ.get(dev_setting_app_tenant, None)
+        self.key = key
+
+    def create_resource(self, name, **kwargs):
+        if not self.dev_setting_app_name:
+            template = 'az ad app create --display-name {} --key-type Password --password {} --identifier-uris ' \
+                       'http://microsoft.onmicrosoft.com/{}'
+            self.result = execute(self.cli_ctx, template.format(name, name, name)).get_output_in_json()
+            self.test_class_instance.kwargs[self.key] = name
+            # The slice is the easiest way for know to return the Teanant from the same command
+            return {self.parameter_name: self.result['appId'], self.parameter_secret: name,
+                    self.parameter_tenant: self.result['odata.metadata'][26:62]}
+        self.test_class_instance.kwargs[self.key] = name
+        return {self.parameter_name: self.dev_setting_sp_name,
+                self.parameter_secret: self.dev_setting_app_secret,
+                self.parameter_tenant: self.dev_setting_app_tenant}
+
+    def remove_resource(self, name, **kwargs):
+        if not self.dev_setting_app_name:
+            execute(self.cli_ctx, 'az ad app delete --id {}'.format(self.result['appId']))
+
 # Utility
 
 

@@ -14,7 +14,7 @@
     logger.warn("Wheel is not available, disabling bdist_wheel hook")
     cmdclass = {}
 
-VERSION = "0.2.1"
+VERSION = "0.2.2"
 
 CLASSIFIERS = [
     'Development Status :: 3 - Alpha',

diff --git a/src/command_modules/azure-cli-acs/HISTORY.rst b/src/command_modules/azure-cli-acs/HISTORY.rst
@@ -3,6 +3,10 @@
 Release History
 ===============
 
+2.3.6
++++++
+* Add Managed OpenShift commands
+
 2.3.5
 +++++
 * bugfix: Fall back to 'scp' when Parimiko fails.

diff --git a/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/_client_factory.py b/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/_client_factory.py
@@ -19,6 +19,10 @@ def cf_managed_clusters(cli_ctx, *_):
     return get_container_service_client(cli_ctx).managed_clusters
 
 
+def cf_openshift_managed_clusters(cli_ctx, *_):
+    return get_osa_container_service_client(cli_ctx).open_shift_managed_clusters
+
+
 def cf_resource_groups(cli_ctx, subscription_id=None):
     return get_mgmt_service_client(cli_ctx, ResourceType.MGMT_RESOURCE_RESOURCES,
                                    subscription_id=subscription_id).resource_groups
@@ -46,6 +50,12 @@ def get_container_service_client(cli_ctx, **_):
     return get_mgmt_service_client(cli_ctx, ContainerServiceClient)
 
 
+def get_osa_container_service_client(cli_ctx, **_):
+    from azure.mgmt.containerservice import ContainerServiceClient
+
+    return get_mgmt_service_client(cli_ctx, ContainerServiceClient)
+
+
 def get_graph_rbac_management_client(cli_ctx, **_):
     from azure.cli.core.commands.client_factory import configure_common_settings
     from azure.cli.core._profile import Profile

@@ -526,3 +526,73 @@
           text: |-
             az aks wait -g MyResourceGroup -n MyManagedCluster --updated --interval 60 --timeout 1800
 """
+
+# OpenShift command help
+
+helps['openshift'] = """
+     type: group
+     short-summary: Manage Azure OpenShift Services.
+"""
+
+helps['openshift create'] = """
+    type: command
+    short-summary: Create a new managed OpenShift cluster.
+    parameters:
+        - name: --node-vm-size -s
+          type: string
+          short-summary: Size of Virtual Machines to create as OpenShift nodes.
+        - name: --node-count -c
+          type: int
+          short-summary: Number of nodes in the OpenShift node pool.
+        - name: --fqdn
+          type: string
+          short-summary: FQDN for OpenShift API server loadbalancer internal hostname. For example
+                         myopenshiftcluster.eastus.cloudapp.azure.com
+        - name: --aad-client-app-id
+          type: string
+          short-summary: The ID of an Azure Active Directory client application of type "Native".
+        - name: --aad-client-app-secret
+          type: string
+          short-summary: The secret of an Azure Active Directory client application.
+        - name: --aad-tenant-id
+          type: string
+          short-summary: The ID of an Azure Active Directory tenant.
+
+    examples:
+        - name: Create an OpenShift cluster.
+          text: az openshift create -g MyResourceGroup -n MyManagedCluster --fqdn <FQDN>
+                --aad-client-app-id <APP_ID> --aad-client-app-secret <APP_SECRET> --aad-tenant-id <TENANT_ID>
+        - name: Create an OpenShift cluster with 5 compute nodes.
+          text: az openshift create -g MyResourceGroup -n MyManagedCluster --fqdn <FQDN>
+                --aad-client-app-id <APP_ID> --aad-client-app-secret <APP_SECRET> --aad-tenant-id <TENANT_ID> --node-count 5
+"""
+
+helps['openshift scale'] = """
+    type: command
+    short-summary: Scale the compute pool in a managed OpenShift cluster.
+    parameters:
+        - name: --node-count -c
+          type: int
+          short-summary: Number of nodes in the OpenShift compute pool.
+"""
+
+helps['openshift show'] = """
+    type: command
+    short-summary: Show the details for a managed OpenShift cluster.
+"""
+
+helps['openshift delete'] = """
+    type: command
+    short-summary: Delete a managed OpenShift cluster.
+"""
+
+helps['openshift wait'] = """
+    type: command
+    short-summary: Wait for a managed OpenShift cluster to reach a desired state.
+    long-summary: If an operation on a cluster was interrupted or was started with `--no-wait`, use this command to
+                  wait for it to complete.
+    examples:
+        - name: Wait for a cluster to be upgraded, polling every minute for up to thirty minutes.
+          text: |-
+            az openshift wait -g MyResourceGroup -n MyManagedCluster --updated --interval 60 --timeout 1800
+"""
diff --git a/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/_params.py b/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/_params.py
@@ -228,6 +228,23 @@ def load_arguments(self, _):
     with self.argument_context('aks remove-dev-spaces') as c:
         c.argument('prompt', options_list=['--yes', '-y'], action='store_true', help='Do not prompt for confirmation')
 
+    # OpenShift command argument configuration
+    with self.argument_context('openshift') as c:
+        c.argument('resource_name', name_type, help='Name of the managed OpenShift cluster.',
+                   completer=get_resource_name_completion_list('Microsoft.ContainerService/OpenShiftManagedClusters'))
+        c.argument('name', name_type, help='Name of the managed OpenShift cluster.',
+                   completer=get_resource_name_completion_list('Microsoft.ContainerService/OpenShiftManagedClusters'))
+        c.argument('node_count', options_list=['--node-count', '-c'], type=int, default=4)
+        c.argument('tags', tags_type)
+
+    with self.argument_context('openshift create') as c:
+        c.argument('name', validator=validate_linux_host_name)
+        c.argument('node_vm_size', options_list=['--node-vm-size', '-s'])
+        c.argument('fqdn')
+        c.argument('aad_client_app_id')
+        c.argument('aad_client_app_secret')
+        c.argument('aad_tenant_id')
+
 
 def _get_default_install_location(exe_name):
     system = platform.system()

diff --git a/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/commands.py b/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/commands.py
@@ -8,6 +8,7 @@
 
 from ._client_factory import cf_container_services
 from ._client_factory import cf_managed_clusters
+from ._client_factory import cf_openshift_managed_clusters
 from ._format import aks_list_table_format
 from ._format import aks_show_table_format
 from ._format import aks_upgrades_table_format
@@ -28,6 +29,12 @@ def load_command_table(self, _):
         client_factory=cf_managed_clusters
     )
 
+    openshift_managed_clusters_sdk = CliCommandType(
+        operations_tmpl='azure.mgmt.containerservice.operations.'
+                        'open_shift_managed_clusters_operations#OpenShiftManagedClustersOperations.{}',
+        client_factory=cf_openshift_managed_clusters
+    )
+
     # ACS base commands
     with self.command_group('acs', container_services_sdk, client_factory=cf_container_services) as g:
         g.custom_command('browse', 'acs_browse')
@@ -76,3 +83,11 @@ def load_command_table(self, _):
 
     with self.command_group('aks', container_services_sdk, client_factory=cf_container_services) as g:
         g.custom_command('get-versions', 'aks_get_versions', table_transformer=aks_versions_table_format)
+
+    # OSA commands
+    with self.command_group('openshift', openshift_managed_clusters_sdk, client_factory=cf_openshift_managed_clusters) as g:
+        g.custom_command('create', 'openshift_create', supports_no_wait=True)
+        g.command('delete', 'delete', supports_no_wait=True, confirmation=True)
+        g.custom_command('scale', 'openshift_scale', supports_no_wait=True)
+        g.custom_show_command('show', 'openshift_show')
+        g.wait_command('wait')
diff --git a/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/custom.py b/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/custom.py
@@ -56,6 +56,17 @@
 from azure.mgmt.containerservice.models import ManagedClusterAADProfile
 from azure.mgmt.containerservice.models import ManagedClusterAddonProfile
 from azure.mgmt.containerservice.models import ManagedClusterAgentPoolProfile
+from azure.mgmt.containerservice.models import OpenShiftManagedClusterAgentPoolProfile
+from azure.mgmt.containerservice.models import OSType
+from azure.mgmt.containerservice.models import OpenShiftAgentPoolProfileRole
+from azure.mgmt.containerservice.models import OpenShiftManagedClusterIdentityProviders
+from azure.mgmt.containerservice.models import OpenShiftManagedClusterServiceAADIdentityProvider
+from azure.mgmt.containerservice.models import OpenShiftManagedCluster
+from azure.mgmt.containerservice.models import OpenShiftManagedClusterMasterPoolProfile
+from azure.mgmt.containerservice.models import OpenShiftContainerServiceVMSize
+from azure.mgmt.containerservice.models import OpenShiftRouterProfile
+from azure.mgmt.containerservice.models import OpenShiftManagedClusterAuthProfile
+
 from ._client_factory import cf_container_services
 from ._client_factory import cf_resource_groups
 from ._client_factory import get_auth_management_client
@@ -2164,3 +2175,106 @@ def _validate_aci_location(norm_location):
     if norm_location not in aci_locations:
         raise CLIError('Azure Container Instance is not available at location "{}".'.format(norm_location) +
                        ' The available locations are "{}"'.format(','.join(aci_locations)))
+
+
+def openshift_create(cmd, client, resource_group_name, name,  # pylint: disable=too-many-locals
+                     location=None,
+                     node_vm_size="Standard_D4s_v3",
+                     node_count=3,
+                     fqdn='',
+                     aad_client_app_id=None,
+                     aad_client_app_secret=None,
+                     aad_tenant_id=None,
+                     tags=None,
+                     no_wait=False):
+
+    rg_location = _get_rg_location(cmd.cli_ctx, resource_group_name)
+    if location is None:
+        location = rg_location
+
+    agent_pool_profiles = []
+    agent_node_pool_profile = OpenShiftManagedClusterAgentPoolProfile(
+        name='compute',  # Must be 12 chars or less before ACS RP adds to it
+        count=int(node_count),
+        vm_size=node_vm_size,
+        os_type="Linux",
+        role=OpenShiftAgentPoolProfileRole.compute
+    )
+
+    agent_infra_pool_profile = OpenShiftManagedClusterAgentPoolProfile(
+        name='infra',  # Must be 12 chars or less before ACS RP adds to it
+        count=int(2),
+        vm_size="Standard_D4s_v3",
+        os_type="Linux",
+        role=OpenShiftAgentPoolProfileRole.infra
+    )
+
+    agent_pool_profiles.append(agent_node_pool_profile)
+    agent_pool_profiles.append(agent_infra_pool_profile)
+
+    agent_master_pool_profile = OpenShiftManagedClusterAgentPoolProfile(
+        name='master',  # Must be 12 chars or less before ACS RP adds to it
+        count=int(3),
+        vm_size="Standard_D2s_v3",
+        os_type="Linux"
+    )
+    identity_providers = []
+
+    if any([aad_client_app_id, aad_client_app_secret, aad_tenant_id]):
+        identity_providers.append(
+            OpenShiftManagedClusterIdentityProviders(
+                name='Azure AD',
+                provider=OpenShiftManagedClusterServiceAADIdentityProvider(
+                    kind='AADIdentityProvider',
+                    client_id=aad_client_app_id,
+                    secret=aad_client_app_secret,
+                    tenant_id=aad_tenant_id
+                )
+            )
+        )
+    auth_profile = OpenShiftManagedClusterAuthProfile(identity_providers=identity_providers)
+
+    default_router_profile = OpenShiftRouterProfile(name='default')
+
+    osamc = OpenShiftManagedCluster(
+        location=location, tags=tags,
+        open_shift_version="v3.10",
+        fqdn=fqdn,
+        auth_profile=auth_profile,
+        agent_pool_profiles=agent_pool_profiles,
+        master_pool_profile=agent_master_pool_profile,
+        router_profiles=[default_router_profile])
+
+    # We don't creating the AADIdentity for the user right now but maybe later so keeping this
+    # Keeping this Due to SPN replication latency, we do a few retries here
+    max_retry = 30
+    retry_exception = Exception(None)
+    for _ in range(0, max_retry):
+        try:
+            # long_running_operation_timeout=300
+            return sdk_no_wait(no_wait, client.create_or_update,
+                               resource_group_name=resource_group_name, resource_name=name, parameters=osamc)
+        except CloudError as ex:
+            retry_exception = ex
+            if 'not found in Active Directory tenant' in ex.message:
+                time.sleep(3)
+            else:
+                raise ex
+    raise retry_exception
+
+
+def openshift_show(cmd, client, resource_group_name, name):
+    mc = client.get(resource_group_name, name)
+    return [mc][0]
+
+
+def openshift_scale(cmd, client, resource_group_name, name, node_count, no_wait=False):
+    instance = client.get(resource_group_name, name)
+    # TODO: change this approach when we support multiple agent pools.
+    instance.agent_pool_profiles[0].count = int(node_count)  # pylint: disable=no-member
+
+    # null out the AAD profile and add manually the masterAP name because otherwise validation complains
+    instance.master_pool_profile.name = "master"
+    instance.auth_profile = None
+
+    return sdk_no_wait(no_wait, client.create_or_update, resource_group_name, name, instance)