[AKS] Remove validation of --azure-keyvault-kms-key-id when PMK is enabled#9388
[AKS] Remove validation of --azure-keyvault-kms-key-id when PMK is enabled#9388yanzhudd merged 1 commit intoAzure:mainfrom
Conversation
️✔️Azure CLI Extensions Breaking Change Test
|
|
Hi @bingosummer, |
|
Thank you for your contribution! We will review the pull request and get back to you soon. |
|
The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR. Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions). pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>
|
microsoft-github-policy-service
bot
requested review from
evelyn-ys,
yanzhudd,
yonzhan and
zhoxing-ms
|
Hi @bingosummer Release SuggestionsModule: aks-preview
Notes
|
There was a problem hiding this comment.
Pull Request Overview
This pull request removes PMK (Platform-Managed Keys) validation logic from the Azure Key Vault KMS key ID parameter handling. Previously, the code enforced different key ID format requirements based on whether PMK was enabled (versionless key IDs for PMK, versioned key IDs otherwise). The change simplifies the implementation by removing these format validations entirely.
- Removed PMK-based validation logic from
_get_azure_keyvault_kms_key_idmethod - Updated all test cases to expect acceptance of both versioned and versionless key IDs regardless of PMK status
- Added changelog entry documenting the removal of PMK validation
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| src/aks-preview/azext_aks_preview/managed_cluster_decorator.py | Removed 26 lines of PMK validation logic that enforced key ID format requirements |
| src/aks-preview/azext_aks_preview/tests/latest/test_managed_cluster_decorator.py | Updated test expectations to reflect removal of validation - removed exception assertions and added assertions that all key ID formats are now accepted |
| src/aks-preview/HISTORY.rst | Added changelog entry for the PMK validation removal |
Comments suppressed due to low confidence (1)
src/aks-preview/azext_aks_preview/managed_cluster_decorator.py:1423
- The docstring is outdated and references validation logic that has been removed. The sentence 'It will also validate the key ID format based on PMK (Platform Managed Key) enablement status.' should be removed since PMK validation is no longer performed.
This function supports the option of enable_validation. When enabled, it will check if
azure_keyvault_kms_key_id is assigned but enable_azure_keyvault_kms is not specified,
if so, raise a RequiredArgumentMissingError. It will also validate the key ID format
based on PMK (Platform Managed Key) enablement status.
|
/azp run |
|
Azure Pipelines successfully started running 2 pipeline(s). |
This checklist is used to make sure that common guidelines for a pull request are followed.
Related command
General Guidelines
azdev style <YOUR_EXT>locally? (pip install azdevrequired)python scripts/ci/test_index.py -qlocally? (pip install wheel==0.30.0required)For new extensions:
About Extension Publish
There is a pipeline to automatically build, upload and publish extension wheels.
Once your pull request is merged into main branch, a new pull request will be created to update
src/index.jsonautomatically.You only need to update the version information in file setup.py and historical information in file HISTORY.rst in your PR but do not modify
src/index.json.