Skip to content

Commit 22be663

Browse files
nddqnddq
committed
{AKS} Fix ACNS update to preserve existing advanced networking settings
The update_network_profile_advanced_networking method was creating a new AdvancedNetworking object on every update, discarding existing sub-properties (observability, security, transit encryption) that the user didn't explicitly specify. This changes the method to modify the existing object in-place, only overwriting fields the user provided. Signed-off-by: Quang Nguyen <nguyenquang@microsoft.com>
1 parent dc9fdb3 commit 22be663

File tree

4 files changed

+2822
-19
lines changed

4 files changed

+2822
-19
lines changed

src/azure-cli/azure/cli/command_modules/acs/managed_cluster_decorator.py

Lines changed: 28 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -8316,31 +8316,40 @@ def update_network_profile_advanced_networking(self, mc: ManagedCluster) -> Mana
83168316
acns_advanced_networkpolicies = self.context.get_acns_advanced_networkpolicies()
83178317
acns_transit_encryption = self.context.get_acns_transit_encryption_type()
83188318
if acns_enabled is not None:
8319-
acns = self.models.AdvancedNetworking(
8320-
enabled=acns_enabled,
8321-
)
8319+
# Preserve existing advanced_networking settings, only overwrite fields the user specified
8320+
if mc.network_profile.advanced_networking is None:
8321+
mc.network_profile.advanced_networking = self.models.AdvancedNetworking()
8322+
mc.network_profile.advanced_networking.enabled = acns_enabled
83228323
if acns_observability is not None:
8323-
acns.observability = self.models.AdvancedNetworkingObservability(
8324-
enabled=acns_observability,
8325-
)
8324+
if mc.network_profile.advanced_networking.observability is None:
8325+
mc.network_profile.advanced_networking.observability = (
8326+
self.models.AdvancedNetworkingObservability()
8327+
)
8328+
mc.network_profile.advanced_networking.observability.enabled = acns_observability
83268329
if acns_security is not None:
8327-
acns.security = self.models.AdvancedNetworkingSecurity(
8328-
enabled=acns_security,
8329-
)
8330+
if mc.network_profile.advanced_networking.security is None:
8331+
mc.network_profile.advanced_networking.security = (
8332+
self.models.AdvancedNetworkingSecurity()
8333+
)
8334+
mc.network_profile.advanced_networking.security.enabled = acns_security
83308335
if acns_advanced_networkpolicies is not None:
8331-
if acns.security is None:
8332-
acns.security = self.models.AdvancedNetworkingSecurity(
8333-
advanced_network_policies=acns_advanced_networkpolicies
8336+
if mc.network_profile.advanced_networking.security is None:
8337+
mc.network_profile.advanced_networking.security = (
8338+
self.models.AdvancedNetworkingSecurity()
83348339
)
8335-
else:
8336-
acns.security.advanced_network_policies = acns_advanced_networkpolicies
8340+
mc.network_profile.advanced_networking.security.advanced_network_policies = (
8341+
acns_advanced_networkpolicies
8342+
)
83378343
if acns_transit_encryption is not None:
8338-
if acns.security is None:
8339-
acns.security = self.models.AdvancedNetworkingSecurity()
8340-
acns.security.transit_encryption = self.models.AdvancedNetworkingSecurityTransitEncryption(
8341-
type=acns_transit_encryption,
8344+
if mc.network_profile.advanced_networking.security is None:
8345+
mc.network_profile.advanced_networking.security = (
8346+
self.models.AdvancedNetworkingSecurity()
8347+
)
8348+
mc.network_profile.advanced_networking.security.transit_encryption = (
8349+
self.models.AdvancedNetworkingSecurityTransitEncryption(
8350+
type=acns_transit_encryption,
8351+
)
83428352
)
8343-
mc.network_profile.advanced_networking = acns
83448353
elif acns_transit_encryption is not None:
83458354
if (mc.network_profile.advanced_networking is None or
83468355
not mc.network_profile.advanced_networking.enabled):

0 commit comments

Comments
 (0)