{ARM} az policy: Rewrite Azure Policy CRUD commands using auto-generation#31496
{ARM} az policy: Rewrite Azure Policy CRUD commands using auto-generation#31496zhoxing-ms merged 20 commits intoAzure:devfrom
az policy: Rewrite Azure Policy CRUD commands using auto-generation#31496Conversation
️✔️AzureCLI-FullTest
|
❌AzureCLI-BreakingChangeTest
Please submit your Breaking Change Pre-announcement ASAP if you haven't already. Please note:
|
|
Thank you for your contribution! We will review the pull request and get back to you soon. |
|
The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR. Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions). pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>
|
microsoft-github-policy-service
bot
added
the
ARM
There was a problem hiding this comment.
Pull Request Overview
This PR replaces custom Azure Policy CRUD implementations with autogenerated AAZ-based commands and removes legacy parameter and completer definitions.
- Introduces AAZ command groups and operations for policy, assignment, identity, non-compliance-message, definition, exemption.
- Removes custom parameter contexts and completers for policy commands in the resource module.
- Cleans up deprecated client factory functions for policy resources.
Reviewed Changes
Copilot reviewed 72 out of 72 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| src/.../policy/exemption/__cmd_group.py | Adds autogenerated command group for policy exemptions. |
| src/.../policy/definition/_delete.py | Replaces policy definition delete with AAZ-generated code. |
| src/.../resource/_params.py | Removes old policy argument contexts (custom parameters). |
| src/.../resource/_completers.py | Removes legacy policy completer functions. |
| src/.../policyinsights/_completers.py | Adds policy completers under policyinsights module. |
Comments suppressed due to low confidence (2)
src/azure-cli/azure/cli/command_modules/resource/_params.py:209
- The removal of the
policyargument context in_params.pydisables all custom CLI parameter definitions for policy commands, breaking argument parsing. Please reintroduce or migrate these parameter contexts to support the new AAZ-based command implementations.
with self.argument_context('policy') as c:
src/azure-cli/azure/cli/command_modules/resource/_completers.py:8
- Legacy policy completer functions were removed, which will break tab-completion for policy definitions, assignments, and exemptions. Ensure completers are either restored in this module or correctly imported in the new AAZ command context.
from azure.cli.command_modules.resource._client_factory import (_resource_policy_client_factory, _resource_client_factory)
|
/azp run |
|
Azure Pipelines successfully started running 3 pipeline(s). |
|
Please refer to this guideline https://github.com/Azure/azure-cli/tree/dev/doc/authoring_command_modules#format-pr-title and specify the breaking changes included in this PR in the |
|
Additionally, since you missed the Build Breaking Change Window, we can only postpone it to the Ignite Breaking Change Window to release it |
Updated |
OK. What's the process for that? |
|
@mentat9 Actually, what I want to ask is, could you specify which breaking changes are there? Because customers need to know the details of these breaking changes to help them better migrate usage |
This is the process https://github.com/Azure/azure-cli/blob/dev/doc/how_to_introduce_breaking_changes.md about how to introduce Breaking Changes |
@zhoxing-ms - I believe we've done everything documented there. My question is what is the process for "postpone it to the Ignite Breaking Change Window to release it". |
OK, made the change. |
|
@zhoxing-ms - Is there anything else I need to do to get approval for this PR? If not, can you please approve? |
|
@mentat9 I have approved this PR, do we need to merge it now? |
@zhoxing-ms - Yes, please merge this PR as soon as you can. I would do it myself, but I'm still not allowed. 
|
|
@jsntcy - Please review/approve as soon as you get a chance, thanks. |
|
@zhoxing-ms, @jsntcy - I had to reintegrate this PR yet again, so
I still need to merge this PR as soon as possible and need your help: |
|
/azp run |
|
Azure Pipelines successfully started running 3 pipeline(s). |
|
please fix the CI issues. |
@yanzhudd - AFAICT, the SBOM failures are false-positive caused by the way PRs are built in this repo (see this thread: https://teams.microsoft.com/l/message/19:uI30QGN30KqwIekK4iquJi0SE5yHF2Nu3Kfi8s_xPOQ1@thread.tacv2/1749777015327?tenantId=72f988bf-86f1-41af-91ab-2d7cd011db47&groupId=ef54ced4-3f58-4488-a2fd-6511552227ea&parentMessageId=1749777015327&teamName=SBOM%20Support&channelName=SBOM%20Support%20-%20General&createdTime=1749777015327). If you know something different, can you tell me how to follow this up? Note that many/most/all builds are failing the same way right now: 
|
The real reason for the failure is that the Partner Center dependency package is outdated. |
|
/azp run |
|
Azure Pipelines successfully started running 3 pipeline(s). |
|
/azp run |
|
Commenter does not have sufficient privileges for PR 31496 in repo Azure/azure-cli |
|
@wangzelin007 - I've refreshed from upstream dev. |
|
/azp run |
|
Azure Pipelines successfully started running 3 pipeline(s). |
…this PR: Azure/azure-cli#31496 to onboard the policy CLI commands to auto-generation.
Related command
az policy assignment {create, delete, list, show, update}
az policy assignment identity {assign, remove, show}
az policy assignment non-compliance-message {create, delete, list, show, update}
az policy definition {create, delete, list, show, update}
az policy exemption {create, delete, list, show, update}
az policy set-definition {create, delete, list, show, update}
Description
Reimplement all azure policy CRUD commands using the auto-generation toolset with customization.
Remove existing custom implementations.
Testing Guide
All tests are updated and passing in record and playback modes.
Few new tests added.
History Notes
{ARM} Rewrite Azure Policy CRUD commands using auto generation toolset
{ARM} Rerecord tests
{ARM} Reorganize tests for simpler code and better cleanup
{ARM} Add setup for recording attestation tests
This checklist is used to make sure that common guidelines for a pull request are followed.
The PR title and description has followed the guideline in Submitting Pull Requests.
I adhere to the Command Guidelines.
I adhere to the Error Handling Guidelines.