added fleet kubeconfig retriever and tests (#441)

* added fleet kubeconfig retriever and tests

* refactored utility function

* refactored

* Delete common-npm-packages/azure-arm-rest/Tests/azure-arm-aks-service-tests.js

* added tests

* added additional params for tests

* refactored tests

* fixed nits

* Version bump

---------

Co-authored-by: audrastump <[email protected]>
Co-authored-by: Audra Stump <[email protected]>

Author: nwnt

common-npm-packages/azure-arm-rest/Tests/azure-arm-aks-service-tests.ts

@@ -43,12 +43,25 @@ export class AksServiceTests {
             tl.setResult(tl.TaskResult.Failed, 'AksServiceTests.credentialsByCustomClusterUser() should have passed but failed');
         }
     }
+
+    public static async credentialsFleetUser() {
+    let aksService: AzureAksService = new AzureAksService(endpoint);
+    try {
+        let result = await aksService.getFleetCredential("MOCK_RESOURCE_GROUP_NAME", "MOCK_FLEET");
+        console.log(`Fleet Credential Found: ${result.name}`);
+    }
+    catch(error) {
+        console.log(error);
+        tl.setResult(tl.TaskResult.Failed, 'AksServiceTests.credentialsByCustomFleetUser() should have passed but failed');
+    }
+}
 }
 
 async function RUNTESTS() {
     await AksServiceTests.credentialsByClusterAdmin();
     await AksServiceTests.credentialsByClusterUser();
     await AksServiceTests.credentialsByCustomClusterUser();
+    await AksServiceTests.credentialsFleetUser()
 }
 
 RUNTESTS();

common-npm-packages/azure-arm-rest/Tests/mock_utils.ts

@@ -751,4 +751,18 @@ export function mockAzureAksServiceTests() {
         }]
      }).persist();
 
+     nock('https://management.azure.com', {
+        reqheaders: {
+            "authorization": "Bearer DUMMY_ACCESS_TOKEN",
+            "content-type": "application/json; charset=utf-8"
+        }
+    }).post("/subscriptions/MOCK_SUBSCRIPTION_ID/resourceGroups/MOCK_RESOURCE_GROUP_NAME/providers/Microsoft.ContainerService/fleets/MOCK_FLEET/listCredentials?api-version=2024-04-01")
+    .reply(200, {
+        kubeconfigs: [{
+            name: "clusterAdmin",
+            value: "base46kubeconfig"
+        }]
+     }).persist();
+
+
 }

common-npm-packages/azure-arm-rest/aksUtility.ts

@@ -4,22 +4,39 @@ import { AzureRMEndpoint } from './azure-arm-endpoint';
 import { AzureEndpoint, AKSClusterAccessProfile, AKSCredentialResult} from './azureModels';
 
 
-async function getKubeConfigFromAKS(azureSubscriptionEndpoint: string, resourceGroup: string, clusterName: string, useClusterAdmin?: boolean) : Promise<string> {
+
+async function getKubeConfigFromAKS(azureSubscriptionEndpoint: string, resourceGroup: string, name: string, isFleet: boolean, useClusterAdmin?: boolean): Promise<string> {
     const azureEndpoint: AzureEndpoint = await (new AzureRMEndpoint(azureSubscriptionEndpoint)).getEndpoint();
     const aks = new AzureAksService(azureEndpoint);
-    const USE_AKS_CREDENTIAL_API = tl.getBoolFeatureFlag('USE_AKS_CREDENTIAL_API');
-    tl.debug(tl.loc("KubernetesClusterResourceGroup", clusterName, resourceGroup));
+    tl.debug(tl.loc("KubernetesClusterResourceGroup", name, resourceGroup));
     let base64Kubeconfig;
+
+    const USE_AKS_CREDENTIAL_API = tl.getBoolFeatureFlag('USE_AKS_CREDENTIAL_API');
     if (USE_AKS_CREDENTIAL_API) {
-        let clusterInfo : AKSCredentialResult = await aks.getClusterCredential(resourceGroup, clusterName, useClusterAdmin);
+        let clusterInfo: AKSCredentialResult = await aks.getClusterCredential(resourceGroup, name, useClusterAdmin);
         base64Kubeconfig = Buffer.from(clusterInfo.value, 'base64');
     } else {
-        let clusterInfo : AKSClusterAccessProfile = await aks.getAccessProfile(resourceGroup, clusterName, useClusterAdmin);
+        let clusterInfo: AKSClusterAccessProfile = await aks.getAccessProfile(resourceGroup, name, useClusterAdmin);
         base64Kubeconfig = Buffer.from(clusterInfo.properties.kubeConfig, 'base64');
     }
+
     return base64Kubeconfig.toString();
 }
 
+export async function getKubeConfigFromFleet(azureSubscriptionEndpoint, resourceGroup, fleetName): Promise<string> {
+  tl.debug(tl.loc("KubernetesClusterResourceGroup", name, resourceGroup));
+  const azureEndpoint: AzureEndpoint = await (new AzureRMEndpoint(azureSubscriptionEndpoint)).getEndpoint();
+  const aks = new AzureAksService(azureEndpoint);
+  let clusterInfo: AKSCredentialResult = await aks.getFleetCredential(resourceGroup, fleetName);
+  let base64Kubeconfig = Buffer.from(clusterInfo.value, 'base64');
+  return base64Kubeconfig.toString();
+}
+
+
 export async function getKubeConfig(azureSubscriptionEndpoint, resourceGroup, clusterName, useClusterAdmin): Promise<string> {
-    return getKubeConfigFromAKS(azureSubscriptionEndpoint, resourceGroup, clusterName, useClusterAdmin);
+    return getKubeConfigFromAKS(azureSubscriptionEndpoint, resourceGroup, clusterName, false, useClusterAdmin);
+}
+
+export async function getKubeConfigForFleet(azureSubscriptionEndpoint, resourceGroup, fleetName): Promise<string> {
+    return getKubeConfigFromFleet(azureSubscriptionEndpoint, resourceGroup, fleetName);
 }

common-npm-packages/azure-arm-rest/azure-arm-aks-service.ts

@@ -39,7 +39,7 @@ export class AzureAksService {
                 throw ToError(response);
             }
         });
-    } 
+    }
 
     public getAccessProfile(resourceGroup : string , clusterName : string, useClusterAdmin?: boolean): Promise<Model.AKSClusterAccessProfile> {
         var accessProfileName = !!useClusterAdmin ? 'clusterAdmin' : 'clusterUser';
@@ -54,30 +54,59 @@ export class AzureAksService {
             throw Error(tl.loc('CantDownloadAccessProfile',clusterName,  this._client.getFormattedError(reason)));
         });
     }
+    private createFleetParameters(resourceGroup: string, name: string): { uri: string, parameters: any, apiVersion: string } {
+        const uri = `//subscriptions/{subscriptionId}/resourceGroups/{ResourceGroupName}/providers/Microsoft.ContainerService/fleets/{FleetName}/listCredentials`;
+        const parameters = {
+            '{ResourceGroupName}': resourceGroup,
+            '{FleetName}': name,
+        };
+        const apiVersion = '2024-04-01';
+        return { uri, parameters, apiVersion };
+    }
 
-    public getClusterCredentials(resourceGroup : string , clusterName : string, useClusterAdmin?: boolean): Promise<Model.AKSCredentialResults> {
-        var credentialAction = !!useClusterAdmin ? 'listClusterAdminCredential' : 'listClusterUserCredential';
-        return this.beginRequest(`//subscriptions/{subscriptionId}/resourceGroups/{ResourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{ClusterName}/{CredentialAction}`,
-        {
+    private createManagedClusterParameters(resourceGroup: string, name: string, useClusterAdmin?: boolean): { uri: string, parameters: any, apiVersion: string } {
+        const credentialAction = !!useClusterAdmin ? 'listClusterAdminCredential' : 'listClusterUserCredential';
+        const uri = `//subscriptions/{subscriptionId}/resourceGroups/{ResourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{ClusterName}/{CredentialAction}`;
+        const parameters = {
             '{ResourceGroupName}': resourceGroup,
-            '{ClusterName}': clusterName,
-            '{CredentialAction}': credentialAction
-        }, '2024-05-01', "POST").then((response) => {
-            return  response.body;
+            '{ClusterName}': name,
+            '{CredentialAction}': credentialAction,
+        };
+        const apiVersion = '2024-05-01';
+        return { uri, parameters, apiVersion };
+    }
+
+    public getCredentials(resourceGroup: string, name: string, uri: string, parameters: any, apiVersion: string): Promise<Model.AKSCredentialResults> {
+        return this.beginRequest(uri, parameters, apiVersion, "POST").then((response) => {
+            return response.body;
         }, (reason) => {
-            throw Error(tl.loc('CantDownloadClusterCredentials', clusterName,  this._client.getFormattedError(reason)));
+            throw Error(tl.loc('CantDownloadClusterCredentials', name, this._client.getFormattedError(reason)));
         });
-    }
+}
+
+public getClusterCredential(resourceGroup: string, name: string, useClusterAdmin?: boolean, credentialName?: string): Promise<Model.AKSCredentialResult> {
+    const { uri, parameters, apiVersion } = this.createManagedClusterParameters(resourceGroup, name, useClusterAdmin);
+    const credentialsPromise = this.getCredentials(resourceGroup, name, uri, parameters, apiVersion);
+    return credentialsPromise.then((credentials) => {
+        const credential = credentials.kubeconfigs.find(cred => cred.name === (credentialName || (!!useClusterAdmin ? 'clusterAdmin' : 'clusterUser')));
+        if (credential === undefined) {
+            throw Error(tl.loc('CantDownloadClusterCredentials', name, `${credentialName || 'default'} not found in the list of credentials.`));
+        }
+        return credential;
+    });
+}
+
+public getFleetCredential(resourceGroup: string, name: string): Promise<Model.AKSCredentialResult> {
+
+    const { uri, parameters, apiVersion } = this.createFleetParameters(resourceGroup, name);
+    const credentialsPromise = this.getCredentials(resourceGroup, name, uri, parameters, apiVersion);
+    return credentialsPromise.then((credentials) => {
+        const credential = credentials.kubeconfigs[0];
+        if (credential === undefined) {
+            throw Error(tl.loc('CantDownloadClusterCredentials'));
+        }
+        return credential;
+    });
+}
 
-    public getClusterCredential(resourceGroup : string , clusterName : string, useClusterAdmin?: boolean, credentialName?: string): Promise<Model.AKSCredentialResult> {
-        var credentialName = !!credentialName ? credentialName : !!useClusterAdmin ? 'clusterAdmin' : 'clusterUser';
-        var clusterCredentials = this.getClusterCredentials(resourceGroup, clusterName, useClusterAdmin)
-        return clusterCredentials.then((credentials) => {
-           var credential = credentials.kubeconfigs.find(credential => credential.name == credentialName)
-            if (credential === undefined) {
-                throw Error(tl.loc('CantDownloadClusterCredentials', clusterName, `${credentialName} not found in the list of cluster credentials.`));
-            }
-            return credential;
-        })
-    }
 }

common-npm-packages/azure-arm-rest/package.json

@@ -1,6 +1,6 @@
 {
   "name": "azure-pipelines-tasks-azure-arm-rest",
-  "version": "3.254.0",
+  "version": "3.254.2",
   "description": "Common Lib for Azure ARM REST apis",
   "repository": {
     "type": "git",