[Network] Fix #31129: az network vnet-gateway create/update: Refine the logic of --root-cert-data (#31166)

* fix root-cert-data logic

* remove unused import

Author: cxznmhdcxz

src/azure-cli/azure/cli/command_modules/network/custom.py

@@ -12,7 +12,7 @@
 from knack.log import get_logger
 from azure.mgmt.core.tools import parse_resource_id, is_valid_resource_id, resource_id
 
-from azure.cli.core.aaz import AAZClientConfiguration, has_value, register_client
+from azure.cli.core.aaz import AAZClientConfiguration, has_value, register_client, AAZFileArgTextFormat
 from azure.cli.core.aaz._client import AAZMgmtClient
 from azure.cli.core.aaz.utils import assign_aaz_list_arg
 from azure.cli.core.commands.client_factory import get_subscription_id, get_mgmt_service_client
@@ -5925,11 +5925,19 @@ def _build_arguments_schema(cls, *args, **kwargs):
         return args_schema
 
 
+class RootCertFormat(AAZFileArgTextFormat):
+    def read_file(self, file_path):
+        with open(file_path, 'r', encoding=self._encoding) as cert_file:
+            lines = cert_file.readlines()
+
+        cert_data = ''.join(line.strip() for line in lines if not line.startswith('-----'))
+        return cert_data
+
+
 class VnetGatewayCreate(_VnetGatewayCreate):
     @classmethod
     def _build_arguments_schema(cls, *args, **kwargs):
-        from azure.cli.core.aaz import AAZListArg, AAZStrArg, AAZFileArg, AAZResourceIdArg, AAZResourceIdArgFormat, \
-            AAZFileArgBase64EncodeFormat
+        from azure.cli.core.aaz import AAZListArg, AAZStrArg, AAZFileArg, AAZResourceIdArg, AAZResourceIdArgFormat
         args_schema = super()._build_arguments_schema(*args, **kwargs)
         args_schema.public_ip_addresses = AAZListArg(options=['--public-ip-addresses', '--public-ip-address'],
                                                      help="Specify a single public IP (name or ID) for an active-standby gateway. Specify two space-separated public IPs for an active-active gateway.")
@@ -5956,7 +5964,7 @@ def _build_arguments_schema(cls, *args, **kwargs):
         )
         args_schema.root_cert_data = AAZFileArg(options=['--root-cert-data'], arg_group="Root Cert Authentication",
                                                 help="Base64 contents of the root certificate file or file path.",
-                                                fmt=AAZFileArgBase64EncodeFormat())
+                                                fmt=RootCertFormat())
         args_schema.root_cert_name = AAZStrArg(options=['--root-cert-name'], arg_group="Root Cert Authentication",
                                                help="Root certificate name.")
         args_schema.gateway_default_site._fmt = AAZResourceIdArgFormat(
@@ -6019,13 +6027,12 @@ def pre_operations(self):
             args.nat_rules = rules
 
         if has_value(args.address_prefixes) or has_value(args.client_protocol):
-            import os
             if has_value(args.root_cert_data):
-                path = os.path.expanduser(args.root_cert_data.to_serialized_data())
+                data = args.root_cert_data.to_serialized_data()
             else:
-                path = None
+                data = None
             if has_value(args.root_cert_name):
-                args.vpn_client_root_certificates = [{'name': args.root_cert_name, 'public_cert_data': path}]
+                args.vpn_client_root_certificates = [{'name': args.root_cert_name, 'public_cert_data': data}]
             else:
                 args.vpn_client_root_certificates = []
 
@@ -6048,8 +6055,7 @@ def _output(self, *args, **kwargs):
 class VnetGatewayUpdate(_VnetGatewayUpdate):
     @classmethod
     def _build_arguments_schema(cls, *args, **kwargs):
-        from azure.cli.core.aaz import AAZListArg, AAZStrArg, AAZFileArg, AAZResourceIdArg, AAZResourceIdArgFormat, \
-            AAZFileArgBase64EncodeFormat
+        from azure.cli.core.aaz import AAZListArg, AAZStrArg, AAZFileArg, AAZResourceIdArg, AAZResourceIdArgFormat
         args_schema = super()._build_arguments_schema(*args, **kwargs)
         args_schema.public_ip_addresses = AAZListArg(options=['--public-ip-addresses', '--public-ip-address'],
                                                      help="Specify a single public IP (name or ID) for an active-standby gateway. Specify two space-separated public IPs for an active-active gateway.",
@@ -6069,7 +6075,7 @@ def _build_arguments_schema(cls, *args, **kwargs):
         )
         args_schema.root_cert_data = AAZFileArg(options=['--root-cert-data'], arg_group="Root Cert Authentication",
                                                 help="Base64 contents of the root certificate file or file path.",
-                                                fmt=AAZFileArgBase64EncodeFormat(), nullable=True)
+                                                fmt=RootCertFormat(), nullable=True)
         args_schema.root_cert_name = AAZStrArg(options=['--root-cert-name'], arg_group="Root Cert Authentication",
                                                help="Root certificate name.", nullable=True,)
         args_schema.gateway_default_site._fmt = AAZResourceIdArgFormat(
@@ -6084,10 +6090,6 @@ def _build_arguments_schema(cls, *args, **kwargs):
 
     def pre_operations(self):
         args = self.ctx.args
-        if has_value(args.root_cert_data):
-            import os
-            path = os.path.expanduser(args.root_cert_data.to_serialized_data())
-            args.root_cert_data = path
 
         if has_value(args.sku):
             args.sku_tier = args.sku