From c2f52cc572060d4c3fa553a690872e1292d46de5 Mon Sep 17 00:00:00 2001 From: Bin Xia Date: Fri, 11 Nov 2022 10:34:27 +0000 Subject: [PATCH] Mark PodSecurityPolicy deprecated --- src/aks-preview/HISTORY.rst | 2 ++ src/aks-preview/azext_aks_preview/_help.py | 11 ++++++----- src/aks-preview/azext_aks_preview/_params.py | 6 +++--- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/src/aks-preview/HISTORY.rst b/src/aks-preview/HISTORY.rst index 5a55defdd39..be9d2d190af 100644 --- a/src/aks-preview/HISTORY.rst +++ b/src/aks-preview/HISTORY.rst @@ -12,6 +12,8 @@ To release a new version, please select a new version number (usually plus 1 to Pending +++++++ +* Mark "--enable-pod-security-policy" deprecated + 0.5.115 +++++++ diff --git a/src/aks-preview/azext_aks_preview/_help.py b/src/aks-preview/azext_aks_preview/_help.py index f6a06e2e67a..95576e2a150 100644 --- a/src/aks-preview/azext_aks_preview/_help.py +++ b/src/aks-preview/azext_aks_preview/_help.py @@ -281,7 +281,8 @@ short-summary: Agent pool vm set type. VirtualMachineScaleSets or AvailabilitySet. - name: --enable-pod-security-policy type: bool - short-summary: (PREVIEW) Enable pod security policy. + short-summary: Enable pod security policy. + long-summary: --enable-pod-security-policy is deprecated. See https://aka.ms/aks/psp for details. - name: --node-resource-group type: string short-summary: The node resource group is the resource group where all customer's resources will be created in, such as virtual machines. @@ -666,10 +667,12 @@ long-summary: This option will change the way how the outbound connections are managed in the AKS cluster. Default is loadbalancer, other available options are managedNATGateway, userassignedNATGateway, UDR - name: --enable-pod-security-policy type: bool - short-summary: (PREVIEW) Enable pod security policy. + short-summary: Enable pod security policy. + long-summary: --enable-pod-security-policy is deprecated. See https://aka.ms/aks/psp for details. - name: --disable-pod-security-policy type: bool - short-summary: (PREVIEW) Disable pod security policy. + short-summary: Disable pod security policy + long-summary: PodSecurityPolicy is deprecated. See https://aka.ms/aks/psp for details. - name: --attach-acr type: string short-summary: Grant the 'acrpull' role assignment to the ACR specified by name or resource ID. @@ -914,8 +917,6 @@ text: az aks update --disable-cluster-autoscaler -g MyResourceGroup -n MyManagedCluster - name: Update min-count or max-count for cluster autoscaler. text: az aks update --update-cluster-autoscaler --min-count 1 --max-count 10 -g MyResourceGroup -n MyManagedCluster - - name: Enable pod security policy. - text: az aks update --enable-pod-security-policy -g MyResourceGroup -n MyManagedCluster - name: Disable pod security policy. text: az aks update --disable-pod-security-policy -g MyResourceGroup -n MyManagedCluster - name: Update a kubernetes cluster with standard SKU load balancer to use two AKS created IPs for the load balancer outbound connection usage. diff --git a/src/aks-preview/azext_aks_preview/_params.py b/src/aks-preview/azext_aks_preview/_params.py index cc75c7bcbda..5a91c991c8a 100644 --- a/src/aks-preview/azext_aks_preview/_params.py +++ b/src/aks-preview/azext_aks_preview/_params.py @@ -315,7 +315,7 @@ def load_arguments(self, _): c.argument('pod_cidrs') c.argument('service_cidrs') c.argument('load_balancer_managed_outbound_ipv6_count', type=int) - c.argument('enable_pod_security_policy', action='store_true') + c.argument('enable_pod_security_policy', action='store_true', deprecate_info=c.deprecate(hide=True)) c.argument('enable_pod_identity', action='store_true') c.argument('enable_pod_identity_with_kubenet', action='store_true') c.argument('enable_workload_identity', arg_type=get_three_state_flag(), is_preview=True) @@ -415,8 +415,8 @@ def load_arguments(self, _): c.argument('http_proxy_config') c.argument('load_balancer_managed_outbound_ipv6_count', type=int) c.argument('outbound_type', arg_type=get_enum_type(outbound_types)) - c.argument('enable_pod_security_policy', action='store_true') - c.argument('disable_pod_security_policy', action='store_true') + c.argument('enable_pod_security_policy', action='store_true', deprecate_info=c.deprecate(hide=True)) + c.argument('disable_pod_security_policy', action='store_true', is_preview=True) c.argument('enable_pod_identity', action='store_true') c.argument('enable_pod_identity_with_kubenet', action='store_true') c.argument('disable_pod_identity', action='store_true')