Skip to content

fix(aks): preserve existing ACNS settings during partial updates #33049

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
nddq wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

fix(aks): preserve existing ACNS settings during partial updates #33049

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 34 additions & 19 deletions src/azure-cli/azure/cli/command_modules/acs/managed_cluster_decorator.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8316,31 +8316,46 @@ def update_network_profile_advanced_networking(self, mc: ManagedCluster) -> Mana
acns_advanced_networkpolicies = self.context.get_acns_advanced_networkpolicies()
acns_transit_encryption = self.context.get_acns_transit_encryption_type()
if acns_enabled is not None:
acns = self.models.AdvancedNetworking(
enabled=acns_enabled,
)
# Preserve existing advanced_networking settings, only overwrite fields the user specified
if mc.network_profile.advanced_networking is None:
mc.network_profile.advanced_networking = self.models.AdvancedNetworking()
mc.network_profile.advanced_networking.enabled = acns_enabled
# When disabling ACNS, explicitly disable sub-features for a consistent payload
if not acns_enabled:
if mc.network_profile.advanced_networking.observability is not None:
mc.network_profile.advanced_networking.observability.enabled = False
if mc.network_profile.advanced_networking.security is not None:
mc.network_profile.advanced_networking.security.enabled = False
if acns_observability is not None:
acns.observability = self.models.AdvancedNetworkingObservability(
enabled=acns_observability,
)
if mc.network_profile.advanced_networking.observability is None:
mc.network_profile.advanced_networking.observability = (
self.models.AdvancedNetworkingObservability()
)
mc.network_profile.advanced_networking.observability.enabled = acns_observability
if acns_security is not None:
acns.security = self.models.AdvancedNetworkingSecurity(
enabled=acns_security,
)
if mc.network_profile.advanced_networking.security is None:
mc.network_profile.advanced_networking.security = (
self.models.AdvancedNetworkingSecurity()
)
mc.network_profile.advanced_networking.security.enabled = acns_security
if acns_advanced_networkpolicies is not None:
if acns.security is None:
acns.security = self.models.AdvancedNetworkingSecurity(
advanced_network_policies=acns_advanced_networkpolicies
if mc.network_profile.advanced_networking.security is None:
mc.network_profile.advanced_networking.security = (
self.models.AdvancedNetworkingSecurity()
)
else:
acns.security.advanced_network_policies = acns_advanced_networkpolicies
mc.network_profile.advanced_networking.security.advanced_network_policies = (
acns_advanced_networkpolicies
)
if acns_transit_encryption is not None:
if acns.security is None:
acns.security = self.models.AdvancedNetworkingSecurity()
acns.security.transit_encryption = self.models.AdvancedNetworkingSecurityTransitEncryption(
type=acns_transit_encryption,
if mc.network_profile.advanced_networking.security is None:
mc.network_profile.advanced_networking.security = (
self.models.AdvancedNetworkingSecurity()
)
mc.network_profile.advanced_networking.security.transit_encryption = (
self.models.AdvancedNetworkingSecurityTransitEncryption(
type=acns_transit_encryption,
)
)
mc.network_profile.advanced_networking = acns
elif acns_transit_encryption is not None:
if (mc.network_profile.advanced_networking is None or
not mc.network_profile.advanced_networking.enabled):
Expand Down
Loading
Loading