From 611b81fcd59015c9021eb7136aa78cb0bf844fb9 Mon Sep 17 00:00:00 2001
From: Jonathan Innis <jonathan.innis.ji@gmail.com>
Date: Tue, 27 Jul 2021 14:51:02 -0700
Subject: [PATCH] Don't Send Identity Headers If In DF (#67)

* Don't send identity for clusters in dogfood

* Add location to model for identity

* Add identity validation to testing
---
 src/k8s-extension/HISTORY.rst                              | 6 ++++++
 src/k8s-extension/azext_k8s_extension/consts.py            | 1 +
 src/k8s-extension/azext_k8s_extension/custom.py            | 7 ++++++-
 .../azext_k8s_extension/vendored_sdks/models/_models.py    | 4 ++++
 .../vendored_sdks/models/_models_py3.py                    | 5 +++++
 src/k8s-extension/setup.py                                 | 2 +-
 testing/test/extensions/public/AzureMonitor.Tests.ps1      | 4 +++-
 testing/test/helper/Helper.ps1                             | 6 ++++++
 8 files changed, 32 insertions(+), 3 deletions(-)

diff --git a/src/k8s-extension/HISTORY.rst b/src/k8s-extension/HISTORY.rst
index 5855f96591f..295bb0e4136 100644
--- a/src/k8s-extension/HISTORY.rst
+++ b/src/k8s-extension/HISTORY.rst
@@ -3,6 +3,12 @@
 Release History
 ===============
 
+0.6.1
+++++++++++++++++++
+* Remove sending identity for clusters in Dogfood
+* Provide fix for getting tested distros for microsoft.openservicemesh
+* Add location to model for identity
+
 0.6.0
 ++++++++++++++++++
 * Update extension resource models to Track2
diff --git a/src/k8s-extension/azext_k8s_extension/consts.py b/src/k8s-extension/azext_k8s_extension/consts.py
index c75489d2362..b7fe91cb8eb 100644
--- a/src/k8s-extension/azext_k8s_extension/consts.py
+++ b/src/k8s-extension/azext_k8s_extension/consts.py
@@ -8,3 +8,4 @@
 EXTENSION_PACKAGE_NAME = "azext_k8s_extension"
 PROVIDER_NAMESPACE = 'Microsoft.KubernetesConfiguration'
 REGISTERED = "Registered"
+DF_RM_ENDPOINT = 'https://api-dogfood.resources.windows-int.net/'
diff --git a/src/k8s-extension/azext_k8s_extension/custom.py b/src/k8s-extension/azext_k8s_extension/custom.py
index 9a6bdb10656..42f5d3234fc 100644
--- a/src/k8s-extension/azext_k8s_extension/custom.py
+++ b/src/k8s-extension/azext_k8s_extension/custom.py
@@ -138,7 +138,8 @@ def create_k8s_extension(cmd, client, resource_group_name, cluster_name, name, c
     validate_cc_registration(cmd)
 
     # Create identity, if required
-    if create_identity:
+    # We don't create the identity if we are in DF
+    if create_identity and not __is_dogfood_cluster(cmd):
         extension_instance.identity, extension_instance.location = \
             __create_identity(cmd, resource_group_name, cluster_name, cluster_type, cluster_rp)
 
@@ -292,3 +293,7 @@ def __get_config_settings_from_file(file_path):
         raise Exception("File {} is empty".format(file_path))
 
     return settings
+
+
+def __is_dogfood_cluster(cmd):
+    return cmd.cli_ctx.cloud.endpoints.resource_manager == consts.DF_RM_ENDPOINT
diff --git a/src/k8s-extension/azext_k8s_extension/vendored_sdks/models/_models.py b/src/k8s-extension/azext_k8s_extension/vendored_sdks/models/_models.py
index 315237c6587..9370d28bbff 100644
--- a/src/k8s-extension/azext_k8s_extension/vendored_sdks/models/_models.py
+++ b/src/k8s-extension/azext_k8s_extension/vendored_sdks/models/_models.py
@@ -279,6 +279,8 @@ class ExtensionInstance(ProxyResource):
     :param identity: The identity of the configuration.
     :type identity:
      ~azure.mgmt.kubernetesconfiguration.v2020_07_01_preview.models.ConfigurationIdentity
+    :param location: Location of resource type
+    :type location: str
     """
 
     _validation = {
@@ -311,6 +313,7 @@ class ExtensionInstance(ProxyResource):
         'last_status_time': {'key': 'properties.lastStatusTime', 'type': 'str'},
         'error_info': {'key': 'properties.errorInfo', 'type': 'ErrorDefinition'},
         'identity': {'key': 'identity', 'type': 'ConfigurationIdentity'},
+        'location': {'key': 'location', 'type': 'str'},
     }
 
     def __init__(
@@ -332,6 +335,7 @@ def __init__(
         self.last_status_time = None
         self.error_info = None
         self.identity = kwargs.get('identity', None)
+        self.location = kwargs.get('location', None)
 
 
 class ExtensionInstancesList(msrest.serialization.Model):
diff --git a/src/k8s-extension/azext_k8s_extension/vendored_sdks/models/_models_py3.py b/src/k8s-extension/azext_k8s_extension/vendored_sdks/models/_models_py3.py
index f749d3d7078..a3cb0d37faf 100644
--- a/src/k8s-extension/azext_k8s_extension/vendored_sdks/models/_models_py3.py
+++ b/src/k8s-extension/azext_k8s_extension/vendored_sdks/models/_models_py3.py
@@ -297,6 +297,8 @@ class ExtensionInstance(ProxyResource):
     :param identity: The identity of the configuration.
     :type identity:
      ~azure.mgmt.kubernetesconfiguration.v2020_07_01_preview.models.ConfigurationIdentity
+    :param location: Location of resource type
+    :type location: str
     """
 
     _validation = {
@@ -329,6 +331,7 @@ class ExtensionInstance(ProxyResource):
         'last_status_time': {'key': 'properties.lastStatusTime', 'type': 'str'},
         'error_info': {'key': 'properties.errorInfo', 'type': 'ErrorDefinition'},
         'identity': {'key': 'identity', 'type': 'ConfigurationIdentity'},
+        'location': {'key': 'location', 'type': 'str'},
     }
 
     def __init__(
@@ -344,6 +347,7 @@ def __init__(
         configuration_protected_settings: Optional[Dict[str, str]] = None,
         statuses: Optional[List["ExtensionStatus"]] = None,
         identity: Optional["ConfigurationIdentity"] = None,
+        location: Optional[str] = None,
         **kwargs
     ):
         super(ExtensionInstance, self).__init__(system_data=system_data, **kwargs)
@@ -361,6 +365,7 @@ def __init__(
         self.last_status_time = None
         self.error_info = None
         self.identity = identity
+        self.location = location
 
 
 class ExtensionInstancesList(msrest.serialization.Model):
diff --git a/src/k8s-extension/setup.py b/src/k8s-extension/setup.py
index 6efb1bc5a59..014ed287490 100644
--- a/src/k8s-extension/setup.py
+++ b/src/k8s-extension/setup.py
@@ -32,7 +32,7 @@
 # TODO: Add any additional SDK dependencies here
 DEPENDENCIES = []
 
-VERSION = "0.6.0"
+VERSION = "0.6.1"
 
 with open('README.rst', 'r', encoding='utf-8') as f:
     README = f.read()
diff --git a/testing/test/extensions/public/AzureMonitor.Tests.ps1 b/testing/test/extensions/public/AzureMonitor.Tests.ps1
index a78ec6ba980..bc7b1fedd8f 100644
--- a/testing/test/extensions/public/AzureMonitor.Tests.ps1
+++ b/testing/test/extensions/public/AzureMonitor.Tests.ps1
@@ -24,7 +24,9 @@ Describe 'Azure Monitor Testing' {
         do 
         {
             if (Has-ExtensionData $extensionName) {
-                break
+                if (Has-Identity-Provisioned) {
+                    break
+                }
             }
             Start-Sleep -Seconds 10
             $n += 1
diff --git a/testing/test/helper/Helper.ps1 b/testing/test/helper/Helper.ps1
index 7bb11146ab2..4ff949e7ab4 100644
--- a/testing/test/helper/Helper.ps1
+++ b/testing/test/helper/Helper.ps1
@@ -18,6 +18,12 @@ function Has-ExtensionData {
     return $false
 }
 
+
+function Has-Identity-Provisioned {
+    $output = kubectl get azureclusteridentityrequests -n azure-arc container-insights-clusteridentityrequest -o json | ConvertFrom-Json
+    return ($null -ne $output.status.expirationTime) -and ($null -ne $output.status.tokenReference.dataName) -and ($null -ne $output.status.tokenReference.secretName)
+}
+
 function Get-ExtensionStatus {
     param(
         [string]$extensionName