[Service Connector] az spring connection: Enable new auth types for Spring Boot and Cosmos SQL connection (#26719)

* add Spring Cloud Azure migration warning

* update warning message

* delete whitespace

* delete redundant whitespaces

* fix typo

* fix line-too-long error

* improve warning messages

* add check and test results

* fix not-in-list ValueError

* fix CLI style

* add logs

* fix style

Author: wchigit

src/azure-cli/azure/cli/command_modules/serviceconnector/_addon_factory.py

@@ -9,6 +9,7 @@
     parse_resource_id,
     is_valid_resource_id
 )
+from azure.cli.core import telemetry
 from azure.cli.core.commands.client_factory import get_subscription_id
 from azure.cli.core.azclierror import (
     CLIInternalError,
@@ -174,7 +175,9 @@ def _retrive_source_rg(self):
         '''Retrieve the resource group name in source resource id
         '''
         if not is_valid_resource_id(self._source_id):
-            raise InvalidArgumentValueError('The source resource id is invalid: {}'.format(self._source_id))
+            e = InvalidArgumentValueError('The source resource id is invalid: {}'.format(self._source_id))
+            telemetry.set_exception(e, "source-id-invalid")
+            raise e
 
         segments = parse_resource_id(self._source_id)
         return segments.get('resource_group')
@@ -195,7 +198,9 @@ def _get_source_type(self):
             matched = re.match(get_resource_regex(resource), self._source_id)
             if matched:
                 return _type
-        raise InvalidArgumentValueError('The source resource id is invalid: {}'.format(self._source_id))
+        e = InvalidArgumentValueError('The source resource id is invalid: {}'.format(self._source_id))
+        telemetry.set_exception(e, "source-id-invalid")
+        raise e
 
     def _get_target_type(self):
         '''Get target resource type

src/azure-cli/azure/cli/command_modules/serviceconnector/_resource_config.py

@@ -966,6 +966,7 @@ class CLIENT_TYPE(Enum):
             CLIENT_TYPE.Java,
             CLIENT_TYPE.Python,
             CLIENT_TYPE.Nodejs,
+            CLIENT_TYPE.SpringBoot,
             CLIENT_TYPE.Blank
         ],
         RESOURCE.StorageBlob: [

src/azure-cli/azure/cli/command_modules/serviceconnector/_utils.py

@@ -435,3 +435,45 @@ def _install_extension(cmd, extension_name):
     except Exception:  # nopa pylint: disable=broad-except
         return False
     return True
+
+
+def springboot_migration_warning(require_update=False, check_version=False, both_version=False):
+    warning_message = "It is recommended to use Spring Cloud Azure version 4.0 and above. \
+The configurations in the format of \"azure.cosmos.*\" from Spring Cloud Azure 3.x will no longer be supported after 1st July, 2024. \
+Please refer to https://microsoft.github.io/spring-cloud-azure/current/reference/html/appendix.html\
+#configuration-spring-cloud-azure-starter-data-cosmos for more details."
+
+    update_message = "\nPlease update your connection to include the configurations for the newer version."
+
+    check_version_message = "\nManaged identity and service principal are only supported \
+in Spring Cloud Azure version 4.0 and above. Please check your Spring Cloud Azure version. \
+Learn more at https://spring.io/projects/spring-cloud-azure#overview"
+    both_version_message = "\nTwo sets of configuration properties will be configured \
+according to Spring Cloud Azure version 3.x and 4.x. \
+Learn more at https://spring.io/projects/spring-cloud-azure#overview"
+
+    if require_update:
+        warning_message += update_message
+    if check_version:
+        warning_message += check_version_message
+    if both_version:
+        warning_message += both_version_message
+
+    return warning_message
+
+
+def decorate_springboot_cosmossql_config(configs):
+    is_springboot_cosmossql = False
+    require_update = True
+
+    for config in configs.configurations:
+        if config.name.startswith("azure.cosmos."):
+            is_springboot_cosmossql = True
+            config.note = "This configuration property is used in Spring Cloud Azure version 3.x and below."
+        elif config.name.startswith("spring.cloud.azure.cosmos."):
+            is_springboot_cosmossql = True
+            require_update = False
+            config.note = "This configuration property is used in Spring Cloud Azure version 4.0 and above."
+
+    if is_springboot_cosmossql:
+        logger.warning(springboot_migration_warning(require_update=require_update))

src/azure-cli/azure/cli/command_modules/serviceconnector/_validators.py

@@ -16,6 +16,7 @@
     parse_resource_id,
     is_valid_resource_id
 )
+from azure.cli.core import telemetry
 from azure.cli.core.commands.client_factory import get_subscription_id
 from azure.cli.core.azclierror import (
     ValidationError,
@@ -345,15 +346,19 @@ def validate_source_resource_id(namespace):
     '''
     if getattr(namespace, 'source_id', None):
         if not is_valid_resource_id(namespace.source_id):
-            raise InvalidArgumentValueError('Resource id is invalid: {}'.format(namespace.source_id))
+            e = InvalidArgumentValueError('Resource id is invalid: {}'.format(namespace.source_id))
+            telemetry.set_exception(e, 'source-id-invalid')
+            raise e
         matched = False
         for resource in SOURCE_RESOURCES.values():
             matched = re.match(get_resource_regex(resource), namespace.source_id)
             if matched:
                 namespace.source_id = matched.group()
                 return True
         if not matched:
-            raise InvalidArgumentValueError('Unsupported source resource id: {}'.format(namespace.source_id))
+            e = InvalidArgumentValueError('Unsupported source resource id: {}'.format(namespace.source_id))
+            telemetry.set_exception(e, 'source-id-unsupported')
+            raise e
 
     return False
 
@@ -371,7 +376,9 @@ def validate_connection_id(namespace):
                 namespace.connection_name = matched.group(2)
                 return True
         if not matched:
-            raise InvalidArgumentValueError('Connection id is invalid: {}'.format(namespace.indentifier))
+            e = InvalidArgumentValueError('Connection id is invalid: {}'.format(namespace.indentifier))
+            telemetry.set_exception(e, 'connection-id-invalid')
+            raise e
 
     return False
 
@@ -381,15 +388,19 @@ def validate_target_resource_id(namespace):
     '''
     if getattr(namespace, 'target_id', None):
         if not is_valid_resource_id(namespace.target_id):
-            raise InvalidArgumentValueError('Resource id is invalid: {}'.format(namespace.target_id))
+            e = InvalidArgumentValueError('Resource id is invalid: {}'.format(namespace.target_id))
+            telemetry.set_exception(e, 'target-id-invalid')
+            raise e
         matched = False
         for resource in TARGET_RESOURCES.values():
             matched = re.match(get_resource_regex(resource), namespace.target_id, re.IGNORECASE)
             if matched:
                 namespace.target_id = matched.group()
                 return True
         if not matched:
-            raise InvalidArgumentValueError('Unsupported target resource id is invalid: {}'.format(namespace.target_id))
+            e = InvalidArgumentValueError('Unsupported target resource id is invalid: {}'.format(namespace.target_id))
+            telemetry.set_exception(e, 'target-id-unsupported')
+            raise e
 
     return False
 
@@ -607,8 +618,10 @@ def validate_default_params(cmd, namespace):
 
 def validate_connection_name(name):
     if not re.match(r'^[A-Za-z0-9\._]+$', name):
-        raise InvalidArgumentValueError("Resource name can only contain letters (A-Z, a-z), "
-                                        "numbers (0-9), periods ('.'), and underscores ('_')")
+        e = InvalidArgumentValueError("Resource name can only contain letters (A-Z, a-z), "
+                                      "numbers (0-9), periods ('.'), and underscores ('_')")
+        telemetry.set_exception('connection-name-invalid')
+        raise e
     return True
 
 

src/azure-cli/azure/cli/command_modules/serviceconnector/commands.py

@@ -4,6 +4,7 @@
 # --------------------------------------------------------------------------------------------
 
 from azure.cli.core.commands import CliCommandType
+from knack.log import get_logger
 from ._transformers import (
     transform_support_types,
     transform_linker_properties,
@@ -19,6 +20,9 @@
 from ._utils import should_load_source
 
 
+logger = get_logger(__name__)
+
+
 def load_command_table(self, _):  # pylint: disable=too-many-statements
 
     from azure.cli.command_modules.serviceconnector._client_factory import (
@@ -52,7 +56,10 @@ def load_command_table(self, _):  # pylint: disable=too-many-statements
             # use SUPPORTED_AUTH_TYPE to decide target resource, as some
             # target resources are not avialable for certain source resource
             supported_target_resources = list(SUPPORTED_AUTH_TYPE.get(source).keys())
-            supported_target_resources.remove(RESOURCE.ConfluentKafka)
+            if RESOURCE.ConfluentKafka in supported_target_resources:
+                supported_target_resources.remove(RESOURCE.ConfluentKafka)
+            else:
+                logger.warning("ConfluentKafka is not in supported target resources for %s", source.value)
             for target in supported_target_resources:
                 with self.command_group('{} connection create'.format(source.value),
                                         connection_type, client_factory=cf_linker) as ig:
@@ -98,7 +105,10 @@ def load_command_table(self, _):  # pylint: disable=too-many-statements
 
     supported_target_resources = list(
         SUPPORTED_AUTH_TYPE.get(RESOURCE.Local).keys())
-    supported_target_resources.remove(RESOURCE.ConfluentKafka)
+    if RESOURCE.ConfluentKafka in supported_target_resources:
+        supported_target_resources.remove(RESOURCE.ConfluentKafka)
+    else:
+        logger.warning("ConfluentKafka is not in supported target resources for %s", RESOURCE.Local.value)
     for target in supported_target_resources:
         with self.command_group('connection preview-configuration', client_factory=cf_configuration_names) as ig:
             ig.custom_command(target.value, 'connection_preview_configuration')

src/azure-cli/azure/cli/command_modules/serviceconnector/custom.py

@@ -19,6 +19,7 @@
     SUPPORTED_AUTH_TYPE,
     SUPPORTED_CLIENT_TYPE,
     TARGET_RESOURCES,
+    AUTH_TYPE,
     RESOURCE
 )
 from ._validators import (
@@ -35,7 +36,9 @@
     get_cloud_conn_auth_info,
     get_local_conn_auth_info,
     _get_azext_module,
-    _get_or_add_extension
+    _get_or_add_extension,
+    springboot_migration_warning,
+    decorate_springboot_cosmossql_config
 )
 from ._credential_free import is_passwordless_command
 # pylint: disable=unused-argument,unsubscriptable-object,unsupported-membership-test,too-many-statements,too-many-locals
@@ -175,9 +178,13 @@ def connection_list_configuration(client,
                                   spring=None, app=None, deployment='default'):
     if not source_id or not connection_name:
         raise RequiredArgumentMissingError(err_msg.format('--source-id, --connection'))
-    return auto_register(client.list_configurations,
-                         resource_uri=source_id,
-                         linker_name=connection_name)
+    configurations = auto_register(client.list_configurations,
+                                   resource_uri=source_id,
+                                   linker_name=connection_name)
+
+    decorate_springboot_cosmossql_config(configurations)
+
+    return configurations
 
 
 def local_connection_generate_configuration(cmd, client,
@@ -459,6 +466,15 @@ def connection_create_func(cmd, client,  # pylint: disable=too-many-locals,too-m
         new_auth_info = enable_mi_for_db_linker(
             cmd, source_id, target_id, auth_info, client_type, connection_name)
         parameters['auth_info'] = new_auth_info or parameters['auth_info']
+
+    # migration warning for Spring Azure Cloud
+    if client_type == CLIENT_TYPE.SpringBoot.value and target_type == RESOURCE.CosmosSql:
+        isSecretType = (auth_info['auth_type'] == AUTH_TYPE.SecretAuto.value or
+                        auth_info['auth_type'] == AUTH_TYPE.Secret.value)
+        logger.warning(springboot_migration_warning(require_update=False,
+                                                    check_version=(not isSecretType),
+                                                    both_version=isSecretType))
+
     return auto_register(sdk_no_wait, no_wait,
                          client.begin_create_or_update,
                          resource_uri=source_id,
@@ -684,6 +700,14 @@ def connection_update(cmd, client,  # pylint: disable=too-many-locals, too-many-
     elif private_endpoint is False and linker.get('vNetSolution').get('type') == 'privateLink':
         parameters['v_net_solution'] = None
 
+    # migration warning for Spring Azure Cloud
+    if client_type == CLIENT_TYPE.SpringBoot.value and target_type == RESOURCE.CosmosSql:
+        isSecretType = (auth_info['auth_type'] == AUTH_TYPE.SecretAuto.value or
+                        auth_info['auth_type'] == AUTH_TYPE.Secret.value)
+        logger.warning(springboot_migration_warning(require_update=False,
+                                                    check_version=(not isSecretType),
+                                                    both_version=isSecretType))
+
     return auto_register(sdk_no_wait, no_wait,
                          client.begin_create_or_update,
                          resource_uri=source_id,