From a4bc33ca7c3350feb92c9edc1989ae59168bfbd1 Mon Sep 17 00:00:00 2001 From: asalbers Date: Thu, 31 Aug 2023 10:54:00 -0500 Subject: [PATCH 1/2] Choosing a more secure option should not come with a warning - #621 (#623) * changed note field * changed additional file * Update principals.json * Update clusterTab.js --------- Co-authored-by: Ayobami Ayodeji Co-authored-by: Gordon Byers --- helper/src/components/clusterTab.js | 4 ++-- helper/src/configpresets/principals.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/helper/src/components/clusterTab.js b/helper/src/components/clusterTab.js index 430b4aa63..3f59ca1cd 100644 --- a/helper/src/components/clusterTab.js +++ b/helper/src/components/clusterTab.js @@ -397,7 +397,7 @@ export default function ({ defaults, tabValues, updateFn, featureFlag, invalidAr options={[ { key: 'none', text: 'Public IP with no IP restrictions' }, { key: 'whitelist', text: 'Create allowed IP ranges (defaults to IP address of machine running the script)' }, - { key: 'private', text: 'Private Cluster (WARNING: most complex to operate)' } + { key: 'private', text: 'Private Cluster (Most secure option for your apps, but requires most involved access management)' } ]} onChange={(ev, { key }) => updateFn("apisecurity", key)} @@ -503,4 +503,4 @@ export default function ({ defaults, tabValues, updateFn, featureFlag, invalidAr } ) -} \ No newline at end of file +} diff --git a/helper/src/configpresets/principals.json b/helper/src/configpresets/principals.json index 79a1b5c83..7396d400c 100644 --- a/helper/src/configpresets/principals.json +++ b/helper/src/configpresets/principals.json @@ -291,7 +291,7 @@ "description": { "title": "Best option for highly secure, regulated environments or sensitive data requirements.", "titleWarning": { - "description": "WARNING: most complex environment option to operate", + "description": "Most secure option for your apps, but requires most involved access management", "MessageBarType": 5 }, "bulets": [ @@ -471,4 +471,4 @@ } ] } -} \ No newline at end of file +} From ef95b74707262eab8ae4fa7f380bebad9297f2ce Mon Sep 17 00:00:00 2001 From: Nelly Kiboi <3062772+nellyk@users.noreply.github.com> Date: Mon, 18 Sep 2023 17:13:03 +0100 Subject: [PATCH 2/2] Alter default outbound Networking options #619 (#631) * Alter default outbound Networking options #619 * fixing playwright test. --------- Co-authored-by: Gordon Byers --- .../helper-test-managednatgw.spec.js | 22 ++++++++++++++++--- helper/src/configpresets/principals.json | 10 ++++----- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/helper/.playwrighttests/helper-test-managednatgw.spec.js b/helper/.playwrighttests/helper-test-managednatgw.spec.js index 77bbb70be..2d5d01555 100644 --- a/helper/.playwrighttests/helper-test-managednatgw.spec.js +++ b/helper/.playwrighttests/helper-test-managednatgw.spec.js @@ -4,7 +4,7 @@ const { matchers } = require('playwright-expect'); // add custom matchers expect.extend(matchers); -test('managed-natgw-option-is-now-the-prod-default', async ({ page }) => { +test('default-outbound-option-to-be-load-balancer', async ({ page }) => { await page.goto('http://localhost:3000/AKS-Construction'); @@ -14,15 +14,31 @@ test('managed-natgw-option-is-now-the-prod-default', async ({ page }) => { //Check default value const dropdown = await page.waitForSelector('[data-testid="net-aksEgressType"]') await expect(dropdown).toBeVisible() + await expect(dropdown).toMatchText('Load Balancer') + +}); + +test('managed-natgw-option-is-now-the-prod-default', async ({ page }) => { + + await page.goto('http://localhost:3000/AKS-Construction'); + + // Click the 4th Tab in the portal Navigation Pivot (network) + await page.click('[data-testid="portalnav-Pivot"] > button:nth-child(4)'); + + //Change default value + const dropdown = await page.waitForSelector('[data-testid="net-aksEgressType"]') + await expect(dropdown).toBeVisible() await expect(dropdown).toMatchText('NAT Gateway') // Click the 1st Tab in the portal Navigation Pivot (network) await page.click('[data-testid="portalnav-Pivot"] > button:nth-child(1)'); - // //Check parameter is there + // Check parameter is absent await page.waitForSelector('[data-testid="deploy-deploycmd"]') const clitextbox = await page.$('[data-testid="deploy-deploycmd"]') await expect(clitextbox).toBeVisible() - await expect(clitextbox).toContainText('aksOutboundTrafficType=natGateway') + await expect(clitextbox).not.toContainText('natGateway') }); + + //TODO: Change value and check (this is a real pain with the DropDown control) \ No newline at end of file diff --git a/helper/src/configpresets/principals.json b/helper/src/configpresets/principals.json index 7396d400c..9688dc806 100644 --- a/helper/src/configpresets/principals.json +++ b/helper/src/configpresets/principals.json @@ -281,7 +281,8 @@ "vnet_opt": "custom", "vnetprivateend": false, "afw": false, - "bastion": false + "bastion": false, + "aksOutboundTrafficType":"loadBalancer" } } }, @@ -386,7 +387,8 @@ "vnet_opt": "custom", "vnetprivateend": true, "afw": true, - "bastion": true + "bastion": true, + "aksOutboundTrafficType": "userDefinedRouting" } } } @@ -426,8 +428,6 @@ "automationAccountScheduledStartStop": "Weekday" }, "net": { - "createNatGateway": false, - "aksOutboundTrafficType": "loadBalancer" } } }, @@ -462,8 +462,6 @@ "automationAccountScheduledStartStop": "" }, "net": { - "createNatGateway": true, - "aksOutboundTrafficType": "natGateway" } } }