[connectedk8s] Update extension CLI to v1.10.5 (#8454)

Author: bavneetsingh16

src/connectedk8s/HISTORY.rst

@@ -3,6 +3,13 @@
 Release History
 ===============
 
+1.10.5
+++++++
+* Fixed bug impacting long-running operations of the az connectedk8s proxy command.
+* Refactored code to reduce proxy command startup time.
+* Added support for downloading proxy binaries from MCR, including more architecture-specific versions.
+* Enhanced telemetry to capture detailed error information during Helm installation failures.
+
 1.10.4
 ++++++
 * Fixed the issue where the 'connectedk8s proxy' command would fail if the kubeconfig file was empty.

src/connectedk8s/azext_connectedk8s/_constants.py

@@ -163,6 +163,7 @@
 Create_Directory_Fault_Type = (
     "Error while creating directory for placing the executable"
 )
+Remove_File_Fault_Type = "Error while deleting the specified file"
 Run_Clientproxy_Fault_Type = "Error while starting client proxy process."
 Post_Hybridconn_Fault_Type = (
     "Error while posting hybrid connection details to proxy process"
@@ -460,23 +461,20 @@
 )
 DNS_Check_Result_String = "DNS Result:"
 AZ_CLI_ADAL_TO_MSAL_MIGRATE_VERSION = "2.30.0"
-CLIENT_PROXY_VERSION = "1.3.022011"
+CLIENT_PROXY_VERSION = "1.3.029301"
+CLIENT_PROXY_FOLDER = ".clientproxy"
 API_SERVER_PORT = 47011
 CLIENT_PROXY_PORT = 47010
 CLIENTPROXY_CLIENT_ID = "04b07795-8ddb-461a-bbee-02f9e1bf7b46"
 API_CALL_RETRIES = 12
 DEFAULT_REQUEST_TIMEOUT = 10  # seconds
-RELEASE_DATE_WINDOWS = "release12-01-23"
-RELEASE_DATE_LINUX = "release12-01-23"
 CSP_REFRESH_TIME = 300
 
 # Default timeout in seconds for Onboarding Helm Install
 DEFAULT_MAX_ONBOARDING_TIMEOUT_HELMVALUE_SECONDS = "1200"
 
 # URL constants
-CSP_Storage_Url = "https://k8sconnectcsp.azureedge.net"
-CSP_Storage_Url_Mooncake = "https://k8sconnectcsp.blob.core.chinacloudapi.cn"
-CSP_Storage_Url_Fairfax = "https://k8sconnectcsp.azureedge.us"
+CLIENT_PROXY_MCR_TARGET = "mcr.microsoft.com/azureconnectivity/proxy"
 HELM_STORAGE_URL = "https://k8connecthelm.azureedge.net"
 HELM_VERSION = "v3.12.2"
 Download_And_Install_Kubectl_Fault_Type = "Failed to download and install kubectl"

src/connectedk8s/azext_connectedk8s/_fileutils.py

@@ -0,0 +1,42 @@
+# --------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+# --------------------------------------------------------------------------------------------
+
+import os
+
+from azure.cli.core import azclierror, telemetry
+from knack import log
+
+import azext_connectedk8s._constants as consts
+
+logger = log.get_logger(__name__)
+
+
+def delete_file(file_path: str, message: str, warning: bool = False) -> None:
+    # pylint: disable=broad-except
+    if os.path.isfile(file_path):
+        try:
+            os.remove(file_path)
+        except Exception as e:
+            telemetry.set_exception(
+                exception=e,
+                fault_type=consts.Remove_File_Fault_Type,
+                summary=f"Unable to delete file at {file_path}",
+            )
+            if warning:
+                logger.warning(message)
+            else:
+                raise azclierror.FileOperationError(message + "Error: " + str(e)) from e
+
+
+def create_directory(file_path: str, error_message: str) -> None:
+    try:
+        os.makedirs(file_path)
+    except Exception as e:
+        telemetry.set_exception(
+            exception=e,
+            fault_type=consts.Create_Directory_Fault_Type,
+            summary="Unable to create installation directory",
+        )
+        raise azclierror.FileOperationError(error_message + "Error: " + str(e)) from e

src/connectedk8s/azext_connectedk8s/_troubleshootutils.py

@@ -1769,8 +1769,7 @@ def check_msi_expiry(connected_cluster: ConnectedCluster) -> str:
     # To handle any exception that may occur during the execution
     except Exception as e:
         logger.exception(
-            "An exception has occured while performing msi expiry check on the "
-            "cluster."
+            "An exception has occured while performing msi expiry check on the cluster."
         )
         telemetry.set_exception(
             exception=e,

src/connectedk8s/azext_connectedk8s/_utils.py

@@ -7,6 +7,7 @@
 import contextlib
 import json
 import os
+import re
 import shutil
 import subprocess
 import sys
@@ -1307,6 +1308,16 @@ def helm_install_release(
     _, error_helm_install = response_helm_install.communicate()
     if response_helm_install.returncode != 0:
         helm_install_error_message = error_helm_install.decode("ascii")
+        helm_install_error_message = process_helm_error_detail(
+            helm_install_error_message
+        )
+        helm_error_detail = {
+            "Context.Default.AzureCLI.onboardingErrorType": consts.Install_HelmRelease_Fault_Type,
+            "Context.Default.AzureCLI.onboardingErrorMessage": helm_install_error_message,
+        }
+        # Replace the existing calls with the new function
+
+        telemetry.add_extension_event("connectedk8s", helm_error_detail)
         if any(
             message in helm_install_error_message
             for message in consts.Helm_Install_Release_Userfault_Messages
@@ -1328,6 +1339,55 @@ def helm_install_release(
         )
 
 
+def process_helm_error_detail(helm_error_detail: str) -> str:
+    helm_error_detail = remove_rsa_private_key(helm_error_detail)
+    helm_error_detail = scrub_proxy_url(helm_error_detail)
+    helm_error_detail = redact_base64_strings(helm_error_detail)
+    helm_error_detail = redact_sensitive_fields_from_string(helm_error_detail)
+
+    return helm_error_detail
+
+
+def remove_rsa_private_key(input_text: str) -> str:
+    # Regex to identify RSA private key
+    rsa_key_pattern = re.compile(
+        r"-----BEGIN RSA PRIVATE KEY-----.*?-----END RSA PRIVATE KEY-----", re.DOTALL
+    )
+    # Search for the key in the input text
+    if rsa_key_pattern.search(input_text):
+        # Remove the RSA private key
+        return rsa_key_pattern.sub("[RSA PRIVATE KEY REMOVED]", input_text)
+    return input_text
+
+
+def scrub_proxy_url(proxy_url_str: str) -> str:
+    regex = re.compile(r"://.*?:.*?@")
+    # Replace matches with "://[REDACTED]:[REDACTED]@"
+    proxy_url_str = regex.sub("://[REDACTED]:[REDACTED]@", proxy_url_str)
+    return proxy_url_str
+
+
+def redact_base64_strings(content: str) -> str:
+    base64_pattern = r"\b[A-Za-z0-9+/=]{40,}\b"
+    return re.sub(base64_pattern, "[REDACTED]", content)
+
+
+def redact_sensitive_fields_from_string(input_text: str) -> str:
+    # Define regex patterns for keys
+    patterns = {
+        r"(username:\s*).*": r"\1[REDACTED]",
+        r"(password:\s*).*": r"\1[REDACTED]",
+        r"(token:\s*).*": r"\1[REDACTED]",
+    }
+
+    # Apply regex to redact sensitive fields
+    for pattern, replacement in patterns.items():
+        input_text = re.sub(pattern, replacement, input_text)
+
+    # Return the redacted text
+    return input_text
+
+
 def get_release_namespace(
     kube_config: str | None,
     kube_context: str | None,
@@ -1542,18 +1602,6 @@ def az_cli(args_str: str) -> Any:
     return True
 
 
-# def is_cli_using_msal_auth():
-#     response_cli_version = az_cli("version --output json")
-#     try:
-#         cli_version = response_cli_version['azure-cli']
-#     except Exception as ex:
-#         raise CLIInternalError(f"Unable to decode the az cli version installed: {ex}")
-#     if version.parse(cli_version) >= version.parse(consts.AZ_CLI_ADAL_TO_MSAL_MIGRATE_VERSION):
-#         return True
-#     else:
-#         return False
-
-
 def is_cli_using_msal_auth() -> bool:
     response_cli_version = az_cli("version --output json")
     try:

src/connectedk8s/azext_connectedk8s/clientproxyhelper/__init__.py

@@ -0,0 +1,4 @@
+# --------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+# --------------------------------------------------------------------------------------------