Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed mgmt, support convenience API for publicNetworkAccess #39357

Merged
merged 7 commits into from
Mar 28, 2024
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@
"AssetsRepo": "Azure/azure-sdk-assets",
"AssetsRepoPrefixPath": "java",
"TagPrefix": "java/resourcemanager/azure-resourcemanager-appservice",
"Tag": "java/resourcemanager/azure-resourcemanager-appservice_c5279701f3"
"Tag": "java/resourcemanager/azure-resourcemanager-appservice_6d9bee9aaa"
}
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@
import com.azure.resourcemanager.appservice.models.OperatingSystem;
import com.azure.resourcemanager.appservice.models.PhpVersion;
import com.azure.resourcemanager.appservice.models.PlatformArchitecture;
import com.azure.resourcemanager.appservice.models.PublicNetworkAccess;
import com.azure.resourcemanager.appservice.models.PythonVersion;
import com.azure.resourcemanager.appservice.models.RedundancyMode;
import com.azure.resourcemanager.appservice.models.RemoteVisualStudioVersion;
Expand Down Expand Up @@ -1835,6 +1836,31 @@ public FluentImplT withoutIpAddressRangeAccess(String ipAddressCidr) {
return (FluentImplT) this;
}

@Override
@SuppressWarnings("unchecked")
public FluentImplT enablePublicNetworkAccess() {
if (Objects.isNull(this.siteConfig)) {
this.siteConfig = new SiteConfigResourceInner();
}
this.siteConfig.withPublicNetworkAccess("Enabled");
return (FluentImplT) this;
}

@Override
@SuppressWarnings("unchecked")
public FluentImplT disablePublicNetworkAccess() {
if (Objects.isNull(this.siteConfig)) {
this.siteConfig = new SiteConfigResourceInner();
}
this.siteConfig.withPublicNetworkAccess("Disabled");
return (FluentImplT) this;
}

@Override
public PublicNetworkAccess publicNetworkAccess() {
return Objects.isNull(innerModel().publicNetworkAccess()) ? null : PublicNetworkAccess.fromString(innerModel().publicNetworkAccess());
}

@Override
@SuppressWarnings("unchecked")
public FluentImplT withContainerSize(int containerSize) {
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

package com.azure.resourcemanager.appservice.models;

import com.azure.core.util.ExpandableStringEnum;
import com.fasterxml.jackson.annotation.JsonCreator;

import java.util.Collection;

/**
* Whether requests from Public Network are allowed.
*/
public final class PublicNetworkAccess extends ExpandableStringEnum<PublicNetworkAccess> {
/**
* Static value Enabled for PublicNetworkAccess.
*/
public static final PublicNetworkAccess ENABLED = fromString("Enabled");

/**
* Static value Disabled for PublicNetworkAccess.
*/
public static final PublicNetworkAccess DISABLED = fromString("Disabled");

/**
* Creates a new instance of PublicNetworkAccess value.
*
* @deprecated Use the {@link #fromString(String)} factory method.
*/
@Deprecated
public PublicNetworkAccess() {
}

/**
* Creates or finds a PublicNetworkAccess from its string representation.
*
* @param name a name to look for.
* @return the corresponding PublicNetworkAccess.
*/
@JsonCreator
public static PublicNetworkAccess fromString(String name) {
return fromString(name, PublicNetworkAccess.class);
}

/**
* Gets known PublicNetworkAccess values.
*
* @return known PublicNetworkAccess values.
*/
public static Collection<PublicNetworkAccess> values() {
return values(PublicNetworkAccess.class);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -203,6 +203,13 @@ public interface WebAppBase extends HasName, GroupableResource<AppServiceManager
/** @return an Observable streaming all logs */
Flux<String> streamAllLogsAsync();

/**
* Whether the web app can be accessed from public network.
*
* @return whether the web app can be accessed from public network.
*/
PublicNetworkAccess publicNetworkAccess();

/**
* Verifies the ownership of the domain for a certificate order by verifying a hostname of the domain is bound to
* this web app.
Expand Down Expand Up @@ -940,6 +947,13 @@ interface WithNetworkAccess<FluentT> {
* @return the next stage of the definition
*/
WithCreate<FluentT> withAccessRule(IpSecurityRestriction ipSecurityRule);

/**
* Disables public network access for the web app.
*
* @return the next stage of the definition
*/
WithCreate<FluentT> disablePublicNetworkAccess();
}

/** The stage of web app definition allowing to configure container size. */
Expand Down Expand Up @@ -1665,6 +1679,19 @@ interface WithNetworkAccess<FluentT> {
* @return the next stage of the update
*/
Update<FluentT> withoutIpAddressRangeAccess(String ipAddressCidr);

/**
* Enables public network access for the web app, for private link feature.
*
* @return the next stage of the update
*/
Update<FluentT> enablePublicNetworkAccess();
/**
* Disables public network access for the web app, for private link feature.
*
* @return the next stage of the update
*/
Update<FluentT> disablePublicNetworkAccess();
}

/** The stage of web app update allowing to configure container size. */
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
import com.azure.resourcemanager.appservice.models.LogLevel;
import com.azure.resourcemanager.appservice.models.NetFrameworkVersion;
import com.azure.resourcemanager.appservice.models.OperatingSystem;
import com.azure.resourcemanager.appservice.models.PublicNetworkAccess;
import com.azure.resourcemanager.appservice.models.PricingTier;
import com.azure.resourcemanager.appservice.models.RemoteVisualStudioVersion;
import com.azure.resourcemanager.appservice.models.WebApp;
Expand Down Expand Up @@ -284,4 +285,45 @@ public void canUpdateIpRestriction() {
Assertions.assertEquals("Allow", webApp1.ipSecurityRules().iterator().next().action());
Assertions.assertEquals("Any", webApp1.ipSecurityRules().iterator().next().ipAddress());
}

@Test
public void canCreateWebAppWithDisablePublicNetworkAccess() {
resourceManager.resourceGroups().define(rgName1).withRegion(Region.US_WEST).create();
resourceManager.resourceGroups().define(rgName2).withRegion(Region.US_WEST).create();
WebApp webApp =
appServiceManager
.webApps()
.define(webappName1)
.withRegion(Region.US_WEST)
.withExistingResourceGroup(rgName1)
.withNewWindowsPlan(appServicePlanName1, PricingTier.BASIC_B1)
.disablePublicNetworkAccess()
.withRemoteDebuggingEnabled(RemoteVisualStudioVersion.VS2019)
.create();
webApp.refresh();
Assertions.assertEquals(PublicNetworkAccess.DISABLED, webApp.publicNetworkAccess());
}

@Test
public void canUpdatePublicNetworkAccess() {
resourceManager.resourceGroups().define(rgName1).withRegion(Region.US_WEST).create();
resourceManager.resourceGroups().define(rgName2).withRegion(Region.US_WEST).create();
WebApp webApp =
appServiceManager
.webApps()
.define(webappName1)
.withRegion(Region.US_WEST)
.withExistingResourceGroup(rgName1)
.withNewWindowsPlan(appServicePlanName1, PricingTier.BASIC_B1)
.withRemoteDebuggingEnabled(RemoteVisualStudioVersion.VS2019)
.create();

webApp.update().disablePublicNetworkAccess().apply();
webApp.refresh();
Assertions.assertEquals(PublicNetworkAccess.DISABLED, webApp.publicNetworkAccess());

webApp.update().enablePublicNetworkAccess().apply();
webApp.refresh();
Assertions.assertEquals(PublicNetworkAccess.ENABLED, webApp.publicNetworkAccess());
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@
"AssetsRepo": "Azure/azure-sdk-assets",
"AssetsRepoPrefixPath": "java",
"TagPrefix": "java/resourcemanager/azure-resourcemanager-containerservice",
"Tag": "java/resourcemanager/azure-resourcemanager-containerservice_93dbce086c"
"Tag": "java/resourcemanager/azure-resourcemanager-containerservice_bb2ea4e1ac"
}
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.PowerState;
import com.azure.resourcemanager.containerservice.models.PublicNetworkAccess;
import com.azure.resourcemanager.containerservice.models.ResourceIdentityType;
import com.azure.resourcemanager.containerservice.models.UserAssignedIdentity;
import com.azure.resourcemanager.resources.fluentcore.arm.models.PrivateEndpoint;
Expand Down Expand Up @@ -299,6 +300,11 @@ public String agentPoolResourceGroup() {
return innerModel().nodeResourceGroup();
}

@Override
public PublicNetworkAccess publicNetworkAccess() {
return this.innerModel().publicNetworkAccess();
}

@Override
public void start() {
this.startAsync().block();
Expand Down Expand Up @@ -705,6 +711,18 @@ public KubernetesClusterImpl withAgentPoolResourceGroup(String resourceGroupName
return this;
}

@Override
public KubernetesClusterImpl enablePublicNetworkAccess() {
this.innerModel().withPublicNetworkAccess(PublicNetworkAccess.ENABLED);
return this;
}

@Override
public KubernetesClusterImpl disablePublicNetworkAccess() {
this.innerModel().withPublicNetworkAccess(PublicNetworkAccess.DISABLED);
return this;
}

private static final class PrivateLinkResourceImpl implements PrivateLinkResource {
private final PrivateLinkResourceInner innerModel;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,13 @@ public interface KubernetesCluster
*/
String agentPoolResourceGroup();

/**
* Whether the kubernetes cluster can be accessed from public network.
*
* @return whether the kubernetes cluster can be accessed from public network.
*/
PublicNetworkAccess publicNetworkAccess();

// Actions

/**
Expand Down Expand Up @@ -175,6 +182,7 @@ interface Definition
DefinitionStages.WithNetworkProfile,
DefinitionStages.WithAddOnProfiles,
DefinitionStages.WithManagedClusterSku,
DefinitionStages.WithPublicNetworkAccess,
KubernetesCluster.DefinitionStages.WithCreate {
}

Expand Down Expand Up @@ -596,6 +604,16 @@ interface WithAgentPoolResourceGroup {
WithCreate withAgentPoolResourceGroup(String resourceGroupName);
}

/** The stage of Kubernetes cluster definition allowing to configure network access settings. */
interface WithPublicNetworkAccess {
/**
* Disables public network access for the kubernetes cluster.
*
* @return the next stage of the definition
*/
WithCreate disablePublicNetworkAccess();
}

/**
* The stage of the definition which contains all the minimum required inputs for the resource to be created,
* but also allows for any other optional settings to be specified.
Expand All @@ -615,6 +633,7 @@ interface WithCreate
WithDiskEncryption,
WithAgentPoolResourceGroup,
WithManagedClusterSku,
WithPublicNetworkAccess,
Resource.DefinitionWithTags<WithCreate> {
}
}
Expand All @@ -630,6 +649,7 @@ interface Update
UpdateStages.WithLocalAccounts,
UpdateStages.WithVersion,
UpdateStages.WithManagedClusterSku,
UpdateStages.WithPublicNetworkAccess,
Resource.UpdateWithTags<KubernetesCluster.Update>,
Appliable<KubernetesCluster> {
}
Expand Down Expand Up @@ -807,5 +827,22 @@ interface WithVersion {
*/
Update withVersion(String kubernetesVersion);
}


/** The stage of kubernetes cluster update allowing to configure network access settings. */
interface WithPublicNetworkAccess {
/**
* Enables public network access for the kubernetes cluster.
*
* @return the next stage of the update
*/
Update enablePublicNetworkAccess();
/**
* Disables public network access for the kubernetes cluster.
*
* @return the next stage of the update
*/
Update disablePublicNetworkAccess();
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.OSDiskType;
import com.azure.resourcemanager.containerservice.models.OrchestratorVersionProfile;
import com.azure.resourcemanager.containerservice.models.PublicNetworkAccess;
import com.azure.resourcemanager.containerservice.models.ScaleSetEvictionPolicy;
import com.azure.resourcemanager.containerservice.models.ScaleSetPriority;
import com.azure.resourcemanager.resources.fluentcore.model.Accepted;
Expand Down Expand Up @@ -626,4 +627,63 @@ public void testUpdateManagedClusterSkuAndKubernetesSupportPlan() {
Assertions.assertEquals(ManagedClusterSkuTier.FREE, kubernetesCluster.sku().tier());
Assertions.assertEquals(KubernetesSupportPlan.KUBERNETES_OFFICIAL, kubernetesCluster.innerModel().supportPlan());
}

@Test
public void canCreateKubernetesClusterWithDisablePublicNetworkAccess() {
String aksName = generateRandomResourceName("aks", 15);
String dnsPrefix = generateRandomResourceName("dns", 10);
String agentPoolName = generateRandomResourceName("ap0", 10);

// create
KubernetesCluster kubernetesCluster =
v-hongli1 marked this conversation as resolved.
Show resolved Hide resolved
containerServiceManager.kubernetesClusters().define(aksName)
.withRegion(Region.US_SOUTH_CENTRAL)
.withExistingResourceGroup(rgName)
.withDefaultVersion()
.withRootUsername("testaks")
.withSshKey(SSH_KEY)
.withSystemAssignedManagedServiceIdentity()
.defineAgentPool(agentPoolName)
.withVirtualMachineSize(ContainerServiceVMSizeTypes.STANDARD_D2_V2)
.withAgentPoolVirtualMachineCount(1)
.withAgentPoolType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withAgentPoolMode(AgentPoolMode.SYSTEM)
.attach()
.withDnsPrefix("mp1" + dnsPrefix)
.disablePublicNetworkAccess()
.create();

Assertions.assertEquals(PublicNetworkAccess.DISABLED, kubernetesCluster.publicNetworkAccess());
}

@Test
public void canUpdatePublicNetworkAccess() {
String aksName = generateRandomResourceName("aks", 15);
String dnsPrefix = generateRandomResourceName("dns", 10);
String agentPoolName = generateRandomResourceName("ap0", 10);

// create
KubernetesCluster kubernetesCluster =
containerServiceManager.kubernetesClusters().define(aksName)
.withRegion(Region.US_SOUTH_CENTRAL)
.withExistingResourceGroup(rgName)
.withDefaultVersion()
.withRootUsername("testaks")
.withSshKey(SSH_KEY)
.withSystemAssignedManagedServiceIdentity()
.defineAgentPool(agentPoolName)
.withVirtualMachineSize(ContainerServiceVMSizeTypes.STANDARD_D2_V2)
.withAgentPoolVirtualMachineCount(1)
.withAgentPoolType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withAgentPoolMode(AgentPoolMode.SYSTEM)
.attach()
.withDnsPrefix("mp1" + dnsPrefix)
.create();

kubernetesCluster.update().disablePublicNetworkAccess().apply();
Assertions.assertEquals(PublicNetworkAccess.DISABLED, kubernetesCluster.publicNetworkAccess());

kubernetesCluster.update().enablePublicNetworkAccess().apply();
Assertions.assertEquals(PublicNetworkAccess.ENABLED, kubernetesCluster.publicNetworkAccess());
}
}
Loading
Loading