diff --git a/src/aks-preview/HISTORY.rst b/src/aks-preview/HISTORY.rst index e89e54ea0da..e527c3a0916 100644 --- a/src/aks-preview/HISTORY.rst +++ b/src/aks-preview/HISTORY.rst @@ -9,6 +9,10 @@ If there is no rush to release a new version, please just add a description of t To release a new version, please select a new version number (usually plus 1 to last patch version, X.Y.Z -> Major.Minor.Patch, more details in `\doc `_), and then add a new section named as the new version number in this file, the content should include the new modifications and everything from the *Pending* section. Finally, update the `VERSION` variable in `setup.py` with this new version number. +13.0.0b5 ++++++++ +* `az aks create/az aks nodepool add`: Emit error message when using `--asg-ids` alone without `--allowed-host-ports`. + 13.0.0b4 +++++++ * `az aks nodepool upgrade`: Fix `--node-soak-duration` cannot be specified as 0 diff --git a/src/aks-preview/azext_aks_preview/_validators.py b/src/aks-preview/azext_aks_preview/_validators.py index 6cea612709a..5c5dbe8b82e 100644 --- a/src/aks-preview/azext_aks_preview/_validators.py +++ b/src/aks-preview/azext_aks_preview/_validators.py @@ -756,13 +756,27 @@ def validate_allowed_host_ports(namespace): def validate_application_security_groups(namespace): + is_nodepool_operation = False if hasattr((namespace), "nodepool_asg_ids"): + is_nodepool_operation = True asg_ids = namespace.nodepool_asg_ids + host_ports = namespace.nodepool_allowed_host_ports else: asg_ids = namespace.asg_ids + host_ports = namespace.allowed_host_ports + if not asg_ids: return + if not host_ports: + if is_nodepool_operation: + raise ArgumentUsageError( + '--nodepool-asg-ids must be used with --nodepool-allowed-host-ports' + ) + raise ArgumentUsageError( + '--asg-ids must be used with --allowed-host-ports' + ) + for asg in asg_ids.split(","): if not is_valid_resource_id(asg): raise InvalidArgumentValueError(asg + " is not a valid Azure resource ID.") diff --git a/src/aks-preview/azext_aks_preview/tests/latest/test_validators.py b/src/aks-preview/azext_aks_preview/tests/latest/test_validators.py index b83b11a7adb..9a0bdaf307e 100644 --- a/src/aks-preview/azext_aks_preview/tests/latest/test_validators.py +++ b/src/aks-preview/azext_aks_preview/tests/latest/test_validators.py @@ -638,32 +638,94 @@ def test_invalid_application_security_groups(self): namespace = SimpleNamespace( **{ "asg_ids": "invalid", + "allowed_host_ports": ["80/tcp", "443/tcp", "8080-8090/tcp", "53/udp"], } ) with self.assertRaises(InvalidArgumentValueError): - validators.validate_application_security_groups(namespace) + validators.validate_application_security_groups( + namespace + ) + + def test_application_security_groups_without_allowed_host_ports(self): + asg_ids = ",".join([ + "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/applicationSecurityGroups/asg1", + ]) + namespace = SimpleNamespace( + **{ + "asg_ids": asg_ids, + "allowed_host_ports": [], + } + ) + with self.assertRaises(ArgumentUsageError): + validators.validate_application_security_groups( + namespace + ) + + def test_nodepool_application_security_groups_without_allowed_host_ports(self): + asg_ids = ",".join([ + "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/applicationSecurityGroups/asg1", + ]) + namespace = SimpleNamespace( + **{ + "nodepool_asg_ids": asg_ids, + "nodepool_allowed_host_ports": [], + } + ) + with self.assertRaises(ArgumentUsageError): + validators.validate_application_security_groups( + namespace + ) def test_empty_application_security_groups(self): namespace = SimpleNamespace( **{ "asg_ids": "", + "allowed_host_ports": [], } ) - validators.validate_application_security_groups(namespace) + validators.validate_application_security_groups( + namespace + ) - def test_multiple_application_security_groups(self): - asg_ids = ",".join( - [ - "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/applicationSecurityGroups/asg1", - "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg2/providers/Microsoft.Network/applicationSecurityGroups/asg2", - ] + def test_empty_nodepool_application_security_groups(self): + namespace = SimpleNamespace( + **{ + "nodepool_asg_ids": "", + "nodepool_allowed_host_ports": [], + } + ) + validators.validate_application_security_groups( + namespace ) + def test_multiple_application_security_groups(self): + asg_ids = ",".join([ + "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/applicationSecurityGroups/asg1", + "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg2/providers/Microsoft.Network/applicationSecurityGroups/asg2", + ]) namespace = SimpleNamespace( **{ "asg_ids": asg_ids, + "allowed_host_ports": ["80/tcp", "443/tcp", "8080-8090/tcp", "53/udp"], } ) - validators.validate_application_security_groups(namespace) + validators.validate_application_security_groups( + namespace + ) + + def test_multiple_nodepool_application_security_groups(self): + asg_ids = ",".join([ + "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Network/applicationSecurityGroups/asg1", + "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg2/providers/Microsoft.Network/applicationSecurityGroups/asg2", + ]) + namespace = SimpleNamespace( + **{ + "nodepool_asg_ids": asg_ids, + "nodepool_allowed_host_ports": ["80/tcp", "443/tcp", "8080-8090/tcp", "53/udp"], + } + ) + validators.validate_application_security_groups( + namespace + ) class MaintenanceWindowNameSpace: diff --git a/src/aks-preview/setup.py b/src/aks-preview/setup.py index 33da92678be..d19942e21ac 100644 --- a/src/aks-preview/setup.py +++ b/src/aks-preview/setup.py @@ -9,7 +9,7 @@ from setuptools import setup, find_packages -VERSION = "13.0.0b4" +VERSION = "13.0.0b5" CLASSIFIERS = [ "Development Status :: 4 - Beta",