Add Microsoft.PolicyInsights extension (#17)

* Add Policy extension * Update comment * Update args * Fix linting errors Co-authored-by: Jonathan Innis <jonathan.innis.ji@gmail.com>
AzureArcForKubernetes · Apr 4, 2021 · 01e9117 · 01e9117
1 parent 5cd6c0e
commit 01e9117
Show file tree

Hide file tree

Showing 4 changed files with 88 additions and 2 deletions.
diff --git a/src/k8s-extension/HISTORY.rst b/src/k8s-extension/HISTORY.rst
@@ -3,6 +3,10 @@
 Release History
 ===============
 
+0.2.2
+++++++++++++++++++
+* Add support for microsoft.policyinsights extension type
+
 0.2.1
 ++++++++++++++++++
 

diff --git a/src/k8s-extension/azext_k8s_extension/_consts_private.py b/src/k8s-extension/azext_k8s_extension/_consts_private.py
@@ -5,4 +5,4 @@
 # --------------------------------------------------------------------------------------------
 
 EXTENSION_NAME = 'k8s-extension-private'
-VERSION = "0.2.1"
+VERSION = "0.2.2"
diff --git a/src/k8s-extension/azext_k8s_extension/custom.py b/src/k8s-extension/azext_k8s_extension/custom.py
@@ -22,6 +22,7 @@
 from azext_k8s_extension.partner_extensions.Cassandra import Cassandra
 from azext_k8s_extension.partner_extensions.OpenServiceMesh import OpenServiceMesh
 from azext_k8s_extension.partner_extensions.AzureMLKubernetes import AzureMLKubernetes
+from azext_k8s_extension.partner_extensions.AzurePolicy import AzurePolicy
 from azext_k8s_extension.partner_extensions.DefaultExtension import DefaultExtension
 import azext_k8s_extension._consts as consts
 
@@ -37,7 +38,8 @@ def ExtensionFactory(extension_name):
         'microsoft.azuredefender.kubernetes': AzureDefender,
         'microsoft.openservicemesh': OpenServiceMesh,
         'microsoft.azureml.kubernetes': AzureMLKubernetes,
-        'cassandradatacentersoperator': Cassandra
+        'cassandradatacentersoperator': Cassandra,
+        'microsoft.policyinsights': AzurePolicy
     }
 
     # Return the extension if we find it in the map, else return the default

diff --git a/src/k8s-extension/azext_k8s_extension/partner_extensions/AzurePolicy.py b/src/k8s-extension/azext_k8s_extension/partner_extensions/AzurePolicy.py
@@ -0,0 +1,80 @@
+# --------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+# --------------------------------------------------------------------------------------------
+
+# pylint: disable=unused-argument
+
+from knack.util import CLIError
+from knack.log import get_logger
+
+from azext_k8s_extension.vendored_sdks.models import ExtensionInstance
+from azext_k8s_extension.vendored_sdks.models import ExtensionInstanceUpdate
+from azext_k8s_extension.vendored_sdks.models import ScopeCluster
+from azext_k8s_extension.vendored_sdks.models import Scope
+
+from azext_k8s_extension.partner_extensions.PartnerExtensionModel import PartnerExtensionModel
+
+logger = get_logger(__name__)
+
+
+class AzurePolicy(PartnerExtensionModel):
+    def Create(self, cmd, client, resource_group_name, cluster_name, name, cluster_type, extension_type,
+               scope, auto_upgrade_minor_version, release_train, version, target_namespace,
+               release_namespace, configuration_settings, configuration_protected_settings,
+               configuration_settings_file, configuration_protected_settings_file):
+
+        """ExtensionType 'Microsoft.PolicyInsights' specific validations & defaults for Create
+           Must create and return a valid 'ExtensionInstance' object.
+
+        """
+
+        # Hardcode scope to cluster
+        ext_scope = None
+        scope_cluster = ScopeCluster(release_namespace=release_namespace)
+        ext_scope = Scope(cluster=scope_cluster, namespace=None)
+        logger.warning('Ignoring scope parameters since %s '
+                       'only supports cluster scope', extension_type)
+
+        # If release-train is not provided, set it to 'preview'
+        valid_release_trains = ['preview', 'dev']
+        if release_train is None:
+            release_train = 'preview'
+
+        # If release-train is other than valid_release_trains raise error
+        if release_train.lower() not in valid_release_trains:
+            raise CLIError("Invalid release-train '{}'.  Valid values are 'preview', 'dev'.".format(release_train))
+
+        # Create Managed Identity for extension
+        create_identity = True
+
+        extension_instance = ExtensionInstance(
+            extension_type=extension_type,
+            auto_upgrade_minor_version=auto_upgrade_minor_version,
+            release_train=release_train,
+            version=version,
+            scope=ext_scope,
+            configuration_settings=configuration_settings,
+            configuration_protected_settings=configuration_protected_settings,
+        )
+        return extension_instance, name, create_identity
+
+    def Update(self, extension, auto_upgrade_minor_version, release_train, version):
+        """ExtensionType 'Microsoft.PolicyInsights' specific validations & defaults for Update
+           Must create and return a valid 'ExtensionInstanceUpdate' object.
+
+        """
+        # If release-train is not provided, set it to 'preview'
+        valid_release_trains = ['preview', 'dev']
+        if release_train is None:
+            release_train = 'preview'
+
+        # If release-train is other than valid_release_trains raise error
+        if release_train.lower() not in valid_release_trains:
+            raise CLIError("Invalid release-train '{}'.  Valid values are 'preview', 'dev'.".format(release_train))
+
+        return ExtensionInstanceUpdate(
+            auto_upgrade_minor_version=auto_upgrade_minor_version,
+            release_train=release_train,
+            version=version
+        )