PR comment - refactoring

carlotaarvela · carlotaarvela · commit 837ccac6f641 · 2026-03-19T12:22:28.000Z
diff --git a/src/aks-preview/azext_aks_preview/managed_cluster_decorator.py b/src/aks-preview/azext_aks_preview/managed_cluster_decorator.py
@@ -171,6 +171,21 @@
 ResourceReference = TypeVar("ResourceReference")
 
 
+def _get_monitoring_addon_key(cluster, addon_consts):
+    """Resolve the monitoring addon key from the cluster's addon_profiles.
+
+    The API response may return the addon key as either "omsagent" or "omsAgent".
+    Returns the key present in addon_profiles, or the default constant if neither is found.
+    """
+    const_monitoring = addon_consts.get("CONST_MONITORING_ADDON_NAME")
+    if cluster.addon_profiles:
+        if const_monitoring in cluster.addon_profiles:
+            return const_monitoring
+        if CONST_MONITORING_ADDON_NAME_CAMELCASE in cluster.addon_profiles:
+            return CONST_MONITORING_ADDON_NAME_CAMELCASE
+    return const_monitoring
+
+
 # pylint: disable=too-few-public-methods
 class AKSPreviewManagedClusterModels(AKSManagedClusterModels):
     """Store the models used in aks series of commands.
@@ -5191,113 +5206,111 @@ def _should_create_dcra(self) -> bool:
         params = self.context.raw_param
         return (
             params.get("enable_addons") is not None or
-            params.get("enable-azure-monitor-logs") is not None or
+            params.get("enable_azure_monitor_logs") is not None or
+            self._is_cnl_or_hlsm_changing()
+        )
+
+    def _is_cnl_or_hlsm_changing(self) -> bool:
+        """Return True if any CNL or High Log Scale Mode flag was provided."""
+        params = self.context.raw_param
+        return (
             params.get("enable_container_network_logs") is not None or
             params.get("enable_retina_flow_logs") is not None or
             params.get("disable_container_network_logs") is not None or
             params.get("disable_retina_flow_logs") is not None or
             params.get("enable_high_log_scale_mode") is not None
         )
 
-    # pylint: disable=too-many-locals,too-many-branches
-    def postprocessing_after_mc_created(self, cluster: ManagedCluster) -> None:
-        """Postprocessing performed after the cluster is created.
+    def _postprocess_monitoring_enable(self, cluster: ManagedCluster) -> None:
+        """Handle monitoring addon postprocessing for the enable case."""
+        enable_msi_auth_for_monitoring = self.context.get_enable_msi_auth_for_monitoring()
+        if not enable_msi_auth_for_monitoring:
+            # add cluster spn/msi Monitoring Metrics Publisher role assignment to publish metrics to MDM
+            # mdm metrics is supported only in azure public cloud, so add the role assignment only in this cloud
+            cloud_name = self.cmd.cli_ctx.cloud.name
+            if cloud_name.lower() == "azurecloud":
+                cluster_resource_id = resource_id(
+                    subscription=self.context.get_subscription_id(),
+                    resource_group=self.context.get_resource_group_name(),
+                    namespace="Microsoft.ContainerService",
+                    type="managedClusters",
+                    name=self.context.get_name(),
+                )
+                self.context.external_functions.add_monitoring_role_assignment(
+                    cluster, cluster_resource_id, self.cmd
+                )
+        elif self._should_create_dcra():
+            addon_consts = self.context.get_addon_consts()
+            monitoring_addon_key = _get_monitoring_addon_key(cluster, addon_consts)
+            self.context.external_functions.ensure_container_insights_for_monitoring(
+                self.cmd,
+                cluster.addon_profiles[monitoring_addon_key],
+                self.context.get_subscription_id(),
+                self.context.get_resource_group_name(),
+                self.context.get_name(),
+                self.context.get_location(),
+                remove_monitoring=False,
+                aad_route=self.context.get_enable_msi_auth_for_monitoring(),
+                create_dcr=self._is_cnl_or_hlsm_changing(),
+                create_dcra=True,
+                enable_syslog=self.context.get_enable_syslog(),
+                data_collection_settings=self.context.get_data_collection_settings(),
+                is_private_cluster=self.context.get_enable_private_cluster(),
+                ampls_resource_id=self.context.get_ampls_resource_id(),
+                enable_high_log_scale_mode=self.context.get_enable_high_log_scale_mode(),
+            )
 
-        :return: None
-        """
-        # monitoring addon
-        monitoring_addon_enabled = self.context.get_intermediate("monitoring_addon_enabled", default_value=False)
-        if monitoring_addon_enabled:
-            enable_msi_auth_for_monitoring = self.context.get_enable_msi_auth_for_monitoring()
-            if not enable_msi_auth_for_monitoring:
-                # add cluster spn/msi Monitoring Metrics Publisher role assignment to publish metrics to MDM
-                # mdm metrics is supported only in azure public cloud, so add the role assignment only in this cloud
-                cloud_name = self.cmd.cli_ctx.cloud.name
-                if cloud_name.lower() == "azurecloud":
-                    cluster_resource_id = resource_id(
-                        subscription=self.context.get_subscription_id(),
-                        resource_group=self.context.get_resource_group_name(),
-                        namespace="Microsoft.ContainerService",
-                        type="managedClusters",
-                        name=self.context.get_name(),
-                    )
-                    self.context.external_functions.add_monitoring_role_assignment(
-                        cluster, cluster_resource_id, self.cmd
-                    )
-            elif self._should_create_dcra():
-                # Create/update the DCR when CNL or HLSM flags change so that the DCR streams
-                # (e.g. Microsoft-ContainerLogV2-HighScale) are kept in sync.
-                cnl_or_hlsm_changing = (
-                    self.context.raw_param.get("enable_container_network_logs") is not None or
-                    self.context.raw_param.get("enable_retina_flow_logs") is not None or
-                    self.context.raw_param.get("disable_container_network_logs") is not None or
-                    self.context.raw_param.get("disable_retina_flow_logs") is not None or
-                    self.context.raw_param.get("enable_high_log_scale_mode") is not None
-                )
-                addon_consts = self.context.get_addon_consts()
-                CONST_MONITORING_ADDON_NAME = addon_consts.get("CONST_MONITORING_ADDON_NAME")
-                # The API response may return the addon key as either "omsagent" or "omsAgent"
-                monitoring_addon_key = CONST_MONITORING_ADDON_NAME
-                if CONST_MONITORING_ADDON_NAME not in cluster.addon_profiles and \
-                   CONST_MONITORING_ADDON_NAME_CAMELCASE in cluster.addon_profiles:
-                    monitoring_addon_key = CONST_MONITORING_ADDON_NAME_CAMELCASE
+    def _postprocess_monitoring_disable(self) -> None:
+        """Handle monitoring addon postprocessing for the disable case."""
+        addon_consts = self.context.get_addon_consts()
+        CONST_MONITORING_ADDON_NAME = addon_consts.get("CONST_MONITORING_ADDON_NAME")
+
+        # Get the current cluster state to check config before it was disabled
+        current_cluster = self.client.get(self.context.get_resource_group_name(), self.context.get_name())
+
+        if (current_cluster.addon_profiles and
+                CONST_MONITORING_ADDON_NAME in current_cluster.addon_profiles):
+
+            addon_profile = current_cluster.addon_profiles[CONST_MONITORING_ADDON_NAME]
+
+            try:
                 self.context.external_functions.ensure_container_insights_for_monitoring(
                     self.cmd,
-                    cluster.addon_profiles[monitoring_addon_key],
+                    addon_profile,
                     self.context.get_subscription_id(),
                     self.context.get_resource_group_name(),
                     self.context.get_name(),
                     self.context.get_location(),
-                    remove_monitoring=False,
-                    aad_route=self.context.get_enable_msi_auth_for_monitoring(),
-                    create_dcr=cnl_or_hlsm_changing,
+                    remove_monitoring=True,
+                    aad_route=True,
+                    create_dcr=False,
                     create_dcra=True,
-                    enable_syslog=self.context.get_enable_syslog(),
-                    data_collection_settings=self.context.get_data_collection_settings(),
-                    is_private_cluster=self.context.get_enable_private_cluster(),
-                    ampls_resource_id=self.context.get_ampls_resource_id(),
-                    enable_high_log_scale_mode=self.context.get_enable_high_log_scale_mode(),
+                    enable_syslog=False,
+                    data_collection_settings=None,
+                    ampls_resource_id=None,
+                    enable_high_log_scale_mode=False
                 )
+            except TypeError:
+                pass
+
+    # pylint: disable=too-many-locals,too-many-branches
+    def postprocessing_after_mc_created(self, cluster: ManagedCluster) -> None:
+        """Postprocessing performed after the cluster is created.
+
+        :return: None
+        """
+        # monitoring addon
+        monitoring_addon_enabled = self.context.get_intermediate("monitoring_addon_enabled", default_value=False)
+        if monitoring_addon_enabled:
+            self._postprocess_monitoring_enable(cluster)
 
         # Handle monitoring addon postprocessing (disable case) - same logic as aks_disable_addons
         monitoring_addon_disable_postprocessing_required = self.context.get_intermediate(
             "monitoring_addon_disable_postprocessing_required", default_value=False
         )
 
         if monitoring_addon_disable_postprocessing_required:
-            addon_consts = self.context.get_addon_consts()
-            CONST_MONITORING_ADDON_NAME = addon_consts.get("CONST_MONITORING_ADDON_NAME")
-
-            # Get the current cluster state to check config before it was disabled
-            current_cluster = self.client.get(self.context.get_resource_group_name(), self.context.get_name())
-
-            if (current_cluster.addon_profiles and
-                    CONST_MONITORING_ADDON_NAME in current_cluster.addon_profiles):
-
-                # Use the current cluster addon profile for cleanup
-                addon_profile = current_cluster.addon_profiles[CONST_MONITORING_ADDON_NAME]
-
-                # Call ensure_container_insights_for_monitoring with remove_monitoring=True (same as aks_disable_addons)
-                try:
-                    self.context.external_functions.ensure_container_insights_for_monitoring(
-                        self.cmd,
-                        addon_profile,
-                        self.context.get_subscription_id(),
-                        self.context.get_resource_group_name(),
-                        self.context.get_name(),
-                        self.context.get_location(),
-                        remove_monitoring=True,
-                        aad_route=True,
-                        create_dcr=False,
-                        create_dcra=True,
-                        enable_syslog=False,
-                        data_collection_settings=None,
-                        ampls_resource_id=None,
-                        enable_high_log_scale_mode=False
-                    )
-                except TypeError:
-                    # Ignore TypeError just like aks_disable_addons does
-                    pass
+            self._postprocess_monitoring_disable()
 
         # ingress appgw addon
         ingress_appgw_addon_enabled = self.context.get_intermediate("ingress_appgw_addon_enabled", default_value=False)
@@ -7965,18 +7978,12 @@ def postprocessing_after_mc_created(self, cluster: ManagedCluster) -> None:
         )
         if monitoring_addon_postprocessing_required:
             addon_consts = self.context.get_addon_consts()
-            CONST_MONITORING_ADDON_NAME = addon_consts.get("CONST_MONITORING_ADDON_NAME")
             CONST_MONITORING_USING_AAD_MSI_AUTH = addon_consts.get("CONST_MONITORING_USING_AAD_MSI_AUTH")
 
-            # The API response may return the addon key as either "omsagent" or "omsAgent"
-            monitoring_addon_key = None
-            if cluster.addon_profiles:
-                if CONST_MONITORING_ADDON_NAME in cluster.addon_profiles:
-                    monitoring_addon_key = CONST_MONITORING_ADDON_NAME
-                elif CONST_MONITORING_ADDON_NAME_CAMELCASE in cluster.addon_profiles:
-                    monitoring_addon_key = CONST_MONITORING_ADDON_NAME_CAMELCASE
+            monitoring_addon_key = _get_monitoring_addon_key(cluster, addon_consts)
 
-            if (monitoring_addon_key and
+            if (cluster.addon_profiles and
+                    monitoring_addon_key in cluster.addon_profiles and
                     cluster.addon_profiles[monitoring_addon_key].enabled):
 
                 # Check if MSI auth is enabled
diff --git a/src/aks-preview/azext_aks_preview/tests/latest/test_managed_cluster_decorator.py b/src/aks-preview/azext_aks_preview/tests/latest/test_managed_cluster_decorator.py
@@ -8125,7 +8125,7 @@ def test_postprocessing_create_dcr_false_when_only_enable_addons(self):
     def test_postprocessing_ensure_container_insights_not_called_without_relevant_flags(self):
         """ensure_container_insights_for_monitoring is NOT called when no relevant flags are set.
 
-        When neither enable_addons, enable-azure-monitor-logs, nor any CNL/HLSM flag is
+        When neither enable_addons, enable_azure_monitor_logs, nor any CNL/HLSM flag is
         present in raw_params, the outer elif is not entered.
         """
         dec = self._make_postprocessing_decorator({})
@@ -8287,6 +8287,23 @@ def test_postprocessing_create_dcr_true_with_camelcase_addon_key(self):
         _, kwargs = mock_ecifm.call_args
         self.assertTrue(kwargs["create_dcr"])
 
+    def test_postprocessing_create_dcr_false_when_enable_azure_monitor_logs(self):
+        """create_dcr=False when enable_azure_monitor_logs triggers ensure_container_insights_for_monitoring.
+
+        enable_azure_monitor_logs is in the outer _should_create_dcra condition but NOT in
+        _is_cnl_or_hlsm_changing, so create_dcr must be False.
+        """
+        dec = self._make_postprocessing_decorator({"enable_azure_monitor_logs": True})
+        cluster = self._make_cluster_with_monitoring()
+        external_functions = dec.context.external_functions
+        with patch.object(
+            external_functions, "ensure_container_insights_for_monitoring", return_value=None
+        ) as mock_ecifm:
+            dec.postprocessing_after_mc_created(cluster)
+        mock_ecifm.assert_called_once()
+        _, kwargs = mock_ecifm.call_args
+        self.assertFalse(kwargs["create_dcr"])
+
 
     def test_set_up_health_monitor_profile(self):
         # no flag - no change
