Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

{AKS} Filter tests #5154

Merged
merged 7 commits into from
Jul 27, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions src/aks-preview/HISTORY.rst
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ Pending

* Move Azure KeyVault KMS to GA.
* Support disabling Azure KeyVault KMS.
* Update to use 2022-06-02-preview api version.

0.5.91
++++++
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,13 @@
],
"need feature registration": [
"test_aks_create_enable_encryption",
"test_aks_create_edge_zone",
"test_aks_create_edge_zone"
],
"need namespace registration (AME)": [
"test_aks_create_with_monitoring_aad_auth_msi",
"test_aks_create_with_monitoring_aad_auth_uai",
"test_aks_enable_monitoring_with_aad_auth_msi",
"test_aks_enable_monitoring_with_aad_auth_uai",
"test_aks_create_with_defender",
"test_aks_update_with_defender"
"test_aks_enable_monitoring_with_aad_auth_uai"
]
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,6 @@
"test_aks_create_with_pod_identity_enabled",
"test_aks_create_using_azurecni_with_pod_identity_enabled",
"test_aks_pod_identity_usage",
"test_aks_create_with_monitoring_aad_auth_msi",
"test_aks_create_with_monitoring_aad_auth_uai",
"test_aks_enable_monitoring_with_aad_auth_msi",
"test_aks_enable_monitoring_with_aad_auth_uai",
"test_aks_nodepool_add_with_workload_runtime",
"test_aks_nodepool_add_with_gpu_instance_profile",
"test_aks_create_with_crg_id",
Expand All @@ -29,9 +25,19 @@
"test_list_trustedaccess_roles",
"test_aks_custom_ca_trust_flow",
"test_aks_create_with_csi_driver_v2",
"test_aks_create_and_update_csi_driver_to_v2",
"test_aks_create_and_update_csi_driver_to_v2"
],
"toggle": [
"test_aks_create_with_azurekeyvaultkms_private_key_vault",
"test_aks_update_with_azurekeyvaultkms_private_key_vault"
"test_aks_update_with_azurekeyvaultkms_private_key_vault",
"test_aks_create_with_azurekeyvaultkms_public_key_vault",
"test_aks_create_with_azurekeyvaultkms_private_cluster_v1_private_key_vault"
],
"need namespace registration (AME)": [
"test_aks_create_with_monitoring_aad_auth_msi",
"test_aks_create_with_monitoring_aad_auth_uai",
"test_aks_enable_monitoring_with_aad_auth_msi",
"test_aks_enable_monitoring_with_aad_auth_uai"
]
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,117 @@
interactions:
- request:
body: null
headers:
Accept:
- application/json
Accept-Encoding:
- gzip, deflate
CommandName:
- aks trustedaccess role list
Connection:
- keep-alive
ParameterSetName:
- -l
User-Agent:
- AZURECLI/2.38.0 azsdk-python-azure-mgmt-containerservice/20.0.0b Python/3.8.10
(Linux-5.15.0-1014-azure-x86_64-with-glibc2.29)
method: GET
uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus2euap/trustedAccessRoles?api-version=2022-06-02-preview
response:
body:
string: "{\n \"value\": [\n {\n \"sourceResourceType\": \"Microsoft.Compute/virtualMachineScaleSets\",\n
\ \"name\": \"test-node-reader\",\n \"rules\": [\n {\n \"verbs\":
[\n \"list\"\n ],\n \"apiGroups\": [\n \"\"\n ],\n
\ \"resources\": [\n \"nodes\"\n ]\n }\n ]\n },\n
\ {\n \"sourceResourceType\": \"Microsoft.Compute/virtualMachineScaleSets\",\n
\ \"name\": \"test-pod-reader\",\n \"rules\": [\n {\n \"verbs\":
[\n \"list\"\n ],\n \"apiGroups\": [\n \"\"\n ],\n
\ \"resources\": [\n \"pods\"\n ]\n }\n ]\n },\n {\n
\ \"sourceResourceType\": \"Microsoft.Compute/virtualMachineScaleSets\",\n
\ \"name\": \"test-admin\",\n \"rules\": [\n {\n \"verbs\":
[\n \"*\"\n ],\n \"apiGroups\": [\n \"\"\n ],\n
\ \"resources\": [\n \"*\"\n ]\n }\n ]\n },\n {\n
\ \"sourceResourceType\": \"Microsoft.DataProtection/BackupVaults\",\n \"name\":
\"pvbackup\",\n \"rules\": [\n {\n \"verbs\": [\n \"list\"\n
\ ],\n \"apiGroups\": [\n \"\"\n ],\n \"resources\":
[\n \"events\"\n ]\n },\n {\n \"verbs\": [\n \"get\",\n
\ \"list\"\n ],\n \"apiGroups\": [\n \"\"\n ],\n
\ \"resources\": [\n \"namespaces\",\n \"deployments\",\n
\ \"statefulsets\",\n \"replicasets\",\n \"daemonsets\"\n
\ ]\n },\n {\n \"verbs\": [\n \"create\",\n \"get\",\n
\ \"list\",\n \"patch\",\n \"update\",\n \"delete\"\n
\ ],\n \"apiGroups\": [\n \"\"\n ],\n \"resources\":
[\n \"persistentvolumes\",\n \"persistentvolumeclaims\"\n ]\n
\ },\n {\n \"verbs\": [\n \"get\",\n \"list\"\n ],\n
\ \"apiGroups\": [\n \"storage.k8s.io\"\n ],\n \"resources\":
[\n \"csidrivers\"\n ]\n },\n {\n \"verbs\": [\n \"create\",\n
\ \"get\",\n \"list\",\n \"patch\",\n \"update\"\n
\ ],\n \"apiGroups\": [\n \"storage.k8s.io\"\n ],\n \"resources\":
[\n \"storageclasses\",\n \"volumeattachments\"\n ]\n },\n
\ {\n \"verbs\": [\n \"create\",\n \"get\",\n \"list\",\n
\ \"patch\",\n \"update\",\n \"delete\"\n ],\n \"apiGroups\":
[\n \"snapshot.storage.k8s.io\"\n ],\n \"resources\": [\n
\ \"volumesnapshots\",\n \"volumesnapshotcontents\",\n \"volumesnapshotclasses\"\n
\ ]\n }\n ]\n },\n {\n \"sourceResourceType\": \"Microsoft.MachineLearningServices/workspaces\",\n
\ \"name\": \"training\",\n \"rules\": [\n {\n \"verbs\": [\n
\ \"create\",\n \"get\",\n \"list\",\n \"patch\",\n
\ \"update\",\n \"delete\"\n ],\n \"apiGroups\": [\n
\ \"\"\n ],\n \"resources\": [\n \"services\",\n \"services/proxy\"\n
\ ]\n }\n ]\n },\n {\n \"sourceResourceType\": \"Microsoft.MachineLearningServices/workspaces\",\n
\ \"name\": \"inferenceV2\",\n \"rules\": [\n {\n \"verbs\":
[\n \"create\",\n \"get\",\n \"list\",\n \"patch\",\n
\ \"update\",\n \"delete\"\n ],\n \"apiGroups\": [\n
\ \"\"\n ],\n \"resources\": [\n \"services\",\n \"services/proxy\"\n
\ ]\n }\n ]\n },\n {\n \"sourceResourceType\": \"Microsoft.MachineLearningServices/workspaces\",\n
\ \"name\": \"inferenceV1\",\n \"rules\": [\n {\n \"verbs\":
[\n \"list\"\n ],\n \"apiGroups\": [\n \"\"\n ],\n
\ \"resources\": [\n \"events\",\n \"nodes\"\n ]\n },\n
\ {\n \"verbs\": [\n \"create\",\n \"get\",\n \"list\",\n
\ \"patch\",\n \"update\",\n \"delete\"\n ],\n \"apiGroups\":
[\n \"\"\n ],\n \"resources\": [\n \"persistentvolumes\",\n
\ \"persistentvolumeclaims\"\n ]\n },\n {\n \"verbs\":
[\n \"create\",\n \"get\",\n \"list\",\n \"patch\",\n
\ \"update\",\n \"delete\"\n ],\n \"apiGroups\": [\n
\ \"\"\n ],\n \"resources\": [\n \"namespaces\",\n \"pods\",\n
\ \"configmaps\",\n \"secrets\",\n \"services\",\n \"services/proxy\",\n
\ \"serviceaccounts\"\n ]\n },\n {\n \"verbs\": [\n
\ \"create\",\n \"get\",\n \"list\",\n \"patch\",\n
\ \"update\",\n \"delete\"\n ],\n \"apiGroups\": [\n
\ \"\"\n ],\n \"resources\": [\n \"deployments\",\n \"replicasets\",\n
\ \"daemonsets\"\n ]\n },\n {\n \"verbs\": [\n \"create\",\n
\ \"get\",\n \"list\"\n ],\n \"apiGroups\": [\n \"\"\n
\ ],\n \"resources\": [\n \"jobs\"\n ]\n },\n {\n
\ \"verbs\": [\n \"create\",\n \"get\",\n \"list\",\n
\ \"patch\",\n \"update\",\n \"delete\"\n ],\n \"apiGroups\":
[\n \"storage.k8s.io\"\n ],\n \"resources\": [\n \"csidrivers\"\n
\ ]\n },\n {\n \"verbs\": [\n \"create\",\n \"get\",\n
\ \"list\",\n \"update\"\n ],\n \"apiGroups\": [\n \"rbac.authorization.k8s.io\"\n
\ ],\n \"resources\": [\n \"clusterroles\",\n \"clusterrolebindings\"\n
\ ]\n }\n ]\n }\n ]\n }"
headers:
cache-control:
- no-cache
content-length:
- '4926'
content-type:
- application/json
date:
- Tue, 26 Jul 2022 07:07:41 GMT
expires:
- '-1'
pragma:
- no-cache
server:
- nginx
strict-transport-security:
- max-age=31536000; includeSubDomains
transfer-encoding:
- chunked
vary:
- Accept-Encoding
x-content-type-options:
- nosniff
status:
code: 200
message: OK
version: 1
Original file line number Diff line number Diff line change
Expand Up @@ -4977,13 +4977,11 @@ def test_aks_update_with_keda(self, resource_group, resource_group_location):
self.is_empty(),
])

@live_only() # live only is required for test environment setup like `az login`
@AllowLargeResponse()
def test_list_trustedaccess_roles(self):
cmd = 'aks trustedaccess role list -l eastus2euap'
self.cmd(cmd, checks=[
self.check(
'type', 'Microsoft.ContainerService/locations/trustedaccessroles')
self.exists('[0].sourceResourceType')
])

@live_only() # this test requires live_only because a binary is downloaded
Expand Down