Azure · zhoxing-ms · Oct 26, 2021 · Sep 30, 2021 · Oct 11, 2021 · Oct 11, 2021
diff --git a/src/spring-cloud/HISTORY.md b/src/spring-cloud/HISTORY.md
@@ -1,5 +1,13 @@
 Release History
 ===============
+
+2.11.1
+-----
+* Add support for public certificate crud, source could be either key vault or local file
+* Application could load public certificate by using argument`--loaded_public_certificate_file` in batch or 
+  directly using `spring-cloud app append-loaded-public-certificate` one by one
-* Application could load public certificate by using argument`--loaded_public_certificate_file` in batch or 
-  directly using `spring-cloud app append-loaded-public-certificate` one by one
+* Application could load public certificate by using argument `--loaded_public_certificate_file` in batch or 
+  directly using `spring-cloud app append-loaded-public-certificate` one by one
-* Application could load public certificate by using argument`--loaded_public_certificate_file` in batch or 
-  directly using `spring-cloud app append-loaded-public-certificate` one by one
+* Application could load public certificate by using argument `--loaded_public_certificate_file` in batch or 
+  directly using `spring-cloud app append-loaded-public-certificate` one by one
+* Add support to list all apps which have loaded the certificate `spring-cloud certificate list-reference-app`
+
 2.10.0
 -----
 * Support functions for Java In-Process Agent feature General Available.

diff --git a/src/spring-cloud/azext_spring_cloud/_client_factory.py b/src/spring-cloud/azext_spring_cloud/_client_factory.py
@@ -11,6 +11,9 @@
 from .vendored_sdks.appplatform.v2021_06_01_preview import (
     AppPlatformManagementClient as AppPlatformManagementClient_20210601preview
 )
+from .vendored_sdks.appplatform.v2021_09_01_preview import (
+    AppPlatformManagementClient as AppPlatformManagementClient_20210901preview
+)
 
 
 def cf_spring_cloud(cli_ctx, *_):
@@ -25,6 +28,10 @@ def cf_spring_cloud_20210601preview(cli_ctx, *_):
     return get_mgmt_service_client(cli_ctx, AppPlatformManagementClient_20210601preview)
 
 
+def cf_spring_cloud_20210901preview(cli_ctx, *_):
+    return get_mgmt_service_client(cli_ctx, AppPlatformManagementClient_20210901preview)
+
+
 def cf_resource_groups(cli_ctx, subscription_id=None):
     return get_mgmt_service_client(cli_ctx, ResourceType.MGMT_RESOURCE_RESOURCES,
                                    subscription_id=subscription_id).resource_groups

diff --git a/src/spring-cloud/azext_spring_cloud/_help.py b/src/spring-cloud/azext_spring_cloud/_help.py
@@ -377,6 +377,14 @@
     short-summary: Update an Azure Cache for Redis service binding of the app.
 """
 
+helps['spring-cloud app append-loaded-public-certificate'] = """
+    type: command
+    short-summary: Append a new loaded public certificate to an app in the Azure Spring Cloud.
+    examples:
+    - name: Append a new loaded public certificate to an app.
+      text: az spring-cloud app append-loaded-public-certificate --name MyApp --service MyCluster --resource-group MyResourceGroup --certificate-name MyCertName --load-trust-store true
+"""
+
 helps['spring-cloud certificate'] = """
     type: group
     short-summary: Commands to manage certificates.
@@ -408,6 +416,14 @@
     short-summary: Remove a certificate in Azure Spring Cloud.
 """
 
+helps['spring-cloud certificate list-reference-app'] = """
+    type: command
+    short-summary: List all the apps reference an existing certificate in the Azure Spring Cloud.
+    examples:
+    - name: List all the apps reference an existing certificate in spring cloud service.
+      text: az spring-cloud certificate list-reference-app --service MyCluster --resource-group MyResourceGroup --name MyCertName
+"""
+
 helps['spring-cloud app custom-domain'] = """
     type: group
     short-summary: Commands to manage custom domains.

diff --git a/src/spring-cloud/azext_spring_cloud/_params.py b/src/spring-cloud/azext_spring_cloud/_params.py
@@ -119,13 +119,17 @@ def load_arguments(self, _):
                    help='Memory resource quantity. Should be 512Mi or #Gi, e.g., 1Gi, 3Gi.')
         c.argument('instance_count', type=int,
                    default=1, help='Number of instance.', validator=validate_instance_count)
+        c.argument('loaded_public_certificate_file', options_list=['--loaded-public-certificate-file', '-f'], type=str,
+                   help='A json file path indicates the certificates which would be loaded to app')
 
     with self.argument_context('spring-cloud app update') as c:
         c.argument('assign_endpoint', arg_type=get_three_state_flag(),
                    help='If true, assign endpoint URL for direct access.',
                    options_list=['--assign-endpoint', c.deprecate(target='--is-public', redirect='--assign-endpoint', hide=True)])
         c.argument('https_only', arg_type=get_three_state_flag(), help='If true, access app via https', default=False)
         c.argument('enable_end_to_end_tls', arg_type=get_three_state_flag(), help='If true, enable end to end tls')
+        c.argument('loaded_public_certificate_file', type=str, options_list=['--loaded-public-certificate-file', '-f'],
+                   help='A json file path indicates the certificates which would be loaded to app')
 
     for scope in ['spring-cloud app update', 'spring-cloud app start', 'spring-cloud app stop', 'spring-cloud app restart', 'spring-cloud app deploy', 'spring-cloud app scale', 'spring-cloud app set-deployment', 'spring-cloud app show-deploy-log']:
         with self.argument_context(scope) as c:
@@ -245,6 +249,10 @@ def prepare_logs_argument(c):
             c.argument('key', help='Api key of the service.')
             c.argument('disable_ssl', arg_type=get_three_state_flag(), help='If true, disable SSL. If false, enable SSL.', default=False)
 
+    with self.argument_context('spring-cloud app append-loaded-public-certificate') as c:
+        c.argument('certificate_name', help='Name of the certificate to be appended')
+        c.argument('load_trust_store', arg_type=get_three_state_flag(), help='If true, the certificate would be loaded into trust store for Java applications', default=False)
+
     with self.argument_context('spring-cloud config-server set') as c:
         c.argument('config_file',
                    help='A yaml file path for the configuration of Spring Cloud config server')
@@ -286,6 +294,14 @@ def prepare_logs_argument(c):
     with self.argument_context('spring-cloud certificate add') as c:
         c.argument('vault_uri', help='The key vault uri where store the certificate')
         c.argument('vault_certificate_name', help='The certificate name in key vault')
+        c.argument('only_public_cert', arg_type=get_three_state_flag(),
+                   help='If true, only import public certificate part from key vault.', default=False)
+        c.argument('public_certificate_file', options_list=['--public-certificate-file', '-f'],
+                   help='A file path for the public certificate to be uploaded')
+
+    with self.argument_context('spring-cloud certificate list') as c:
+        c.argument('certificate_type', help='Type of uploaded certificate',
+                   arg_type=get_enum_type(['KeyVaultCertificate', 'ContentCertificate']))
 
     with self.argument_context('spring-cloud app custom-domain') as c:
         c.argument('service', service_name_type)

diff --git a/src/spring-cloud/azext_spring_cloud/commands.py b/src/spring-cloud/azext_spring_cloud/commands.py
@@ -10,6 +10,7 @@
                               cf_spring_cloud,
                               cf_spring_cloud_20201101preview,
                               cf_spring_cloud_20210601preview,
+                              cf_spring_cloud_20210901preview,
                               cf_config_servers)
 from ._transformers import (transform_spring_cloud_table_output,
                             transform_app_table_output,
@@ -69,6 +70,7 @@ def load_command_table(self, _):
         g.custom_command('stop', 'app_stop', supports_no_wait=True)
         g.custom_command('restart', 'app_restart', supports_no_wait=True)
         g.custom_command('logs', 'app_tail_log')
+        g.custom_command('append-loaded-public-certificate', 'app_append_loaded_public_certificate')
 
     with self.command_group('spring-cloud app identity', client_factory=cf_spring_cloud,
                             exception_handler=handle_asc_exception) as g:
@@ -102,12 +104,13 @@ def load_command_table(self, _):
         g.custom_command('redis update', 'binding_redis_update')
         g.custom_show_command('remove', 'binding_remove')
 
-    with self.command_group('spring-cloud certificate', client_factory=cf_spring_cloud,
+    with self.command_group('spring-cloud certificate', client_factory=cf_spring_cloud_20210901preview,
                             exception_handler=handle_asc_exception) as g:
         g.custom_command('add', 'certificate_add')
         g.custom_show_command('show', 'certificate_show', table_transformer=transform_spring_cloud_certificate_output)
         g.custom_command('list', 'certificate_list', table_transformer=transform_spring_cloud_certificate_output)
         g.custom_command('remove', 'certificate_remove')
+        g.custom_command('list-reference-app', 'certificate_list_reference_app', table_transformer=transform_app_table_output)
 
     with self.command_group('spring-cloud app custom-domain', client_factory=cf_spring_cloud,
                             exception_handler=handle_asc_exception) as g: