[CDN] Fixes #12152: Add custom domain BYOC support. #12648
Conversation
|
add to S167 |
fore5fire
changed the title
fore5fire
force-pushed
the
cdn/byoc
branch
2 times, most recently
from
0338ff3 to
1fc1d57
Compare
|
Hi again @Juliehzl, what's the timeframe for when I can get a review for this? |
There was a problem hiding this comment.
Why are there so many recording deleted?
There was a problem hiding this comment.
I believe this is due to some change in the cli core, it seems like the authentication request at the beginning of some tests is no longer needed.
…s for Verizon and Microsoft SKUs.
|
add to S169 |
|
@lsmith130 Could you address the comments so that we can merge this PR to fix issues |
|
/azp run Azure.azure-cli |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
@myronfanqiu, I've addressed the comments and CI failures. |
mmyyrroonn
left a comment
mmyyrroonn
left a comment
There was a problem hiding this comment.
LGTM in general except for one question. Wait for @haroldrandom @Juliehzl
| arg_group='Bring Your Own Certificate', | ||
| help='The protocol type of the certificate.', | ||
| arg_type=get_enum_type(['sni', 'ip'])) | ||
| c.argument('user_cert_subscription_id', |
There was a problem hiding this comment.
is it possible to support one secret id argument?
There was a problem hiding this comment.
This is a non-trivial request, as we would need to add extra logic to retrieve the correct resource group name for the secret, which is not included in the secret id because it doesn't use a standard Azure resource id. We would also have to correctly handle permissions issues where the user may not have permission to perform that lookup even though they do have permission to reference the key through CDN. Can we include this later as a separate PR if customers request it?
|
add to S170 |
| accept-language: | ||
| - en-US | ||
| method: GET | ||
| uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_cdn_domain000001/providers/Microsoft.Cdn/profiles/cdnprofile1?api-version=2019-06-15-preview |
There was a problem hiding this comment.
This is a get method and a call for profile. So this doesn't match the command you're describing.
There was a problem hiding this comment.
This profile GET is only part of the setup for the test. If you look below, later requests are actually performing enableCustomHttps POST commands on the custom domains
| - en-US | ||
| method: GET | ||
| uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest.rg000001/providers/Microsoft.Cdn/profiles/profile123?api-version=2019-06-15-preview | ||
| response: |
There was a problem hiding this comment.
Same here. This is for a pull request to fix this call and the tests seem off. It's weird.
There was a problem hiding this comment.
Again, the tests must perform required setup before testing the actual area of interest.
There was a problem hiding this comment.
Thanks for the explanation. For some reason I assumed these were combined with the other tests considering the setup could be handled in that manor. But this makes it a lot clearer.
My apologies for the comments going a bit to far. The lock-down has put me on edge and frustration got the better of me.
| accept-language: | ||
| - en-US | ||
| method: GET | ||
| uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest.rg000001/providers/Microsoft.Cdn/profiles/profile123/endpoints/cdn-cli-test-4/customDomains/customdomain000002?api-version=2019-06-15-preview |
There was a problem hiding this comment.
Why is this happening in multiple places...
There was a problem hiding this comment.
This GET request is retrieving the custom domain to verify its status is now correct after the previous POST enableCustomHttps request.
| accept-language: | ||
| - en-US | ||
| method: GET | ||
| uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest.rg000001/providers/Microsoft.Cdn/profiles/profile123?api-version=2019-06-15-preview |
There was a problem hiding this comment.
Am I maybe understanding these test wrong or what's the deal.
| accept-language: | ||
| - en-US | ||
| method: GET | ||
| uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/clitest.rg000001/providers/Microsoft.Cdn/profiles/profile123/endpoints/cdn-cli-test-4/customDomains/customdomain000003?api-version=2019-06-15-preview |
There was a problem hiding this comment.
Do I need to put this at every enable-https request that has a get method? Because some do use the proper uri en method. So I don't know if it really is a mistake anymore. I think the message is getting through right?
There was a problem hiding this comment.
Same as above. This is a required part of the test. Since these are not unit tests it is impossible to test only the functionality of interest without making addition setup calls and reading state to verify correct behavior. Please let me know if I have not addressed your concerns in my comments.
|
@Juliehzl is it possible to approve this PR? I've addressed all questions and requested changes. |
| c.argument('location', validator=get_default_location_from_resource_group) | ||
|
|
||
| with self.argument_context('cdn custom-domain enable-https') as c: | ||
| c.argument('profile_name', id_part=None, help='Name of the parent profile.') |
There was a problem hiding this comment.
Prefer ['--name', '-n' ]
There was a problem hiding this comment.
The name_arg_type parameter to the argument custom_domain_name already makes the parameter use --name, -n as requested. See the example for cdn custom-domain enable-https
|
add to S171 |
|
@haroldrandom could you take another look at this PR? I've addressed all comments and I believe it just needs code-owner approval before it can be merged. |
6 participants
Adds CDN custom domain BYOC support and fixes CDN-managed certs for Verizon and Microsoft SKUs. Fixes #12152 and #9894.
History Notes:
[CDN] az cdn custom-domain enable-https: Add BYOC support.
[CDN] az cdn custom-domain enable-https: Fix enabling custom HTTPS with CDN managed certificates for Standard_Verizon and Standard_Microsoft SKUs.
This checklist is used to make sure that common guidelines for a pull request are followed.
The PR title and description has followed the guideline in Submitting Pull Requests.
I adhere to the Command Guidelines.