diff --git a/scripts/ci/aladdin/aladdin.py b/scripts/ci/aladdin/aladdin.py index 838ea725b0a..638ffe7ab55 100644 --- a/scripts/ci/aladdin/aladdin.py +++ b/scripts/ci/aladdin/aladdin.py @@ -169,12 +169,14 @@ These addons are available: - http_application_routing : configure ingress with automatic public DNS name creation. - monitoring : turn on Log Analytics monitoring. Requires "--workspace-resource-id". + Requires "--enable_msi_auth_for_monitoring" for managed identity auth. If monitoring addon is enabled --no-wait argument will have no effect - virtual-node : enable AKS Virtual Node. Requires --subnet-name to provide the name of an existing subnet for the Virtual Node to use. - azure-policy : enable Azure policy. The Azure Policy add-on for AKS enables at-scale enforcements and safeguards on your clusters in a centralized, consistent manner. Learn more at aka.ms/aks/policy. - ingress-appgw : enable Application Gateway Ingress Controller addon. - open-service-mesh : enable Open Service Mesh addon. + - azure-keyvault-secrets-provider : enable Azure Keyvault Secrets Provider addon. parameters: - name: --addons -a type: string @@ -182,6 +184,9 @@ - name: --workspace-resource-id type: string short-summary: The resource ID of an existing Log Analytics Workspace to use for storing monitoring data. + - name: --enable-msi-auth-for-monitoring + type: bool + short-summary: Enable Managed Identity Auth for Monitoring addon. - name: --appgw-name type: string short-summary: Name of the application gateway to create/use in the node resource group. Use with ingress-azure addon. @@ -200,6 +205,12 @@ - name: --enable-sgxquotehelper type: bool short-summary: Enable SGX quote helper for confcom addon. + - name: --enable-secret-rotation + type: bool + short-summary: Enable secret rotation. Use with azure-keyvault-secrets-provider addon. + - name: --rotation-poll-interval + type: string + short-summary: Set interval of rotation poll. Use with azure-keyvault-secrets-provider addon. examples: - name: Enable Kubernetes addons. (autogenerated) text: az aks enable-addons --addons virtual-node --name MyManagedCluster --resource-group MyResourceGroup --subnet MySubnetName @@ -233,6 +244,9 @@ - name: --public-fqdn type: bool short-summary: Get private cluster credential with server address to be public fqdn. + - name: --format + type: string + short-summary: Specify the format of the returned credential. Available values are ["exec", "azure"]. Only take effect when requesting clusterUser credential of AAD clusters. examples: - name: Get access credentials for a managed Kubernetes cluster. (autogenerated) text: az aks get-credentials --name MyManagedCluster --resource-group MyResourceGroup @@ -378,6 +392,16 @@ +aladdin_helps['apim api schema wait'] = """ +type: command +short-summary: Place the CLI in a waiting state until a condition of an apim api schema is met. +examples: + - name: Place the CLI in a waiting state until a condition of a apim api schema is met. + text: | + az apim api schema wait --created --api-id MyApi --name MyApim --schema-id schemaId -g MyResourceGroup + crafted: true +""" + aladdin_helps['apim api wait'] = """ type: command short-summary: Place the CLI in a waiting state until a condition of an apim api is met. @@ -433,7 +457,7 @@ short-summary: Get the app service plans for a resource group or a set of resource groups. examples: - name: Get the app service plans for a resource group or a set of resource groups. (autogenerated) - text: az appservice plan show --name MyAppServicePlan --resource-group MyResourceGroup + text: az appservice plan show --name MyAppServicePlan --resource-group MyResourceGroup crafted: true """ @@ -746,7 +770,7 @@ aladdin_helps['functionapp identity remove'] = """ type: command -short-summary: Disable web app's managed service identity +short-summary: Disable web app's managed identity examples: - name: Disable web app's system managed identity text: az functionapp identity remove --name MyFunctionApp --resource-group MyResourceGroup @@ -755,9 +779,9 @@ aladdin_helps['functionapp identity show'] = """ type: command -short-summary: display web app's managed service identity +short-summary: display web app's managed identity examples: - - name: display functionapp's managed service identity (autogenerated) + - name: display functionapp's managed identity (autogenerated) text: az functionapp identity show --name MyFunctionApp --resource-group MyResourceGroup crafted: true """ @@ -882,6 +906,24 @@ crafted: true """ +aladdin_helps['staticwebapp identity remove'] = """ +type: command +short-summary: Disable static web app's managed identity +examples: + - name: Disable static web app's system managed identity + text: az staticwebapp identity remove --name MyApp --resource-group MyResourceGroup + crafted: true +""" + +aladdin_helps['staticwebapp identity show'] = """ +type: command +short-summary: display static web app's managed identity +examples: + - name: display static web app's managed identity (autogenerated) + text: az staticwebapp identity show --name MyApp --resource-group MyResourceGroup + crafted: true +""" + aladdin_helps['webapp auth show'] = """ type: command short-summary: Show the authentification settings for the webapp. @@ -1254,18 +1296,18 @@ aladdin_helps['webapp identity remove'] = """ type: command -short-summary: Disable web app's managed service identity +short-summary: Disable web app's managed identity examples: - - name: Disable web app's system managed service identity + - name: Disable web app's system managed identity text: az webapp identity remove --name MyWebApp --resource-group MyResourceGroup crafted: true """ aladdin_helps['webapp identity show'] = """ type: command -short-summary: display web app's managed service identity +short-summary: display web app's managed identity examples: - - name: display webapp's managed service identity (autogenerated) + - name: display webapp's managed identity (autogenerated) text: az webapp identity show --name MyWebapp --resource-group MyResourceGroup crafted: true """ @@ -1578,7 +1620,7 @@ short-summary: Find out whether the virtual machine is protected or not. If protected, it returns the recovery services vault ID, otherwise it returns empty. examples: - name: Find out whether the virtual machine is protected or not. If protected, it returns the recovery services vault ID, otherwise it returns empty. (autogenerated) - text: az backup protection check-vm --vm-id {vm-id} + text: az backup protection check-vm --resource-group MyResourceGroup --vm myVM crafted: true """ @@ -2074,8 +2116,8 @@ type: command short-summary: Changes the failover priority for the Azure Cosmos DB database account. examples: - - name: Changes the failover priority for the Azure Cosmos DB database account. (autogenerated) - text: az cosmosdb failover-priority-change --failover-policies regionName=failoverPriority --name MyCosmosDBDatabaseAccount --resource-group MyResourceGroup + - name: Changes the failover priority for the Azure Cosmos DB database account. + text: az cosmosdb failover-priority-change --failover-policies southafricanorth=0 westus=8 northeurope=3 --name MyCosmosDBDatabaseAccount --resource-group MyResourceGroup crafted: true """ @@ -2722,9 +2764,11 @@ + + aladdin_helps['iot dps certificate show'] = """ type: command -short-summary: Show information about a particular Azure IoT Hub Device Provisioning Service certificate. +short-summary: Show information about a particular certificate in an Azure IoT Hub Device Provisioning Service instance. examples: - name: Show information about a particular Azure IoT Hub Device Provisioning Service certificate. (autogenerated) text: az iot dps certificate show --certificate-name MyCertificate --dps-name MyDps --resource-group MyResourceGroup --subscription MySubscription @@ -3138,6 +3182,9 @@ Azure Function: Format: --action azurefunction NAME FUNCTION_APP_RESOURCE_ID FUNCTION_NAME HTTP_TRIGGER_URL [usecommonalertschema] Example: --action azurefunction test_function test_rsrc test_func http://trigger usecommonalertschema + Event Hub: + Format: --action eventhub NAME SUBSCRIPTION_ID EVENT_HUB_NAME_SPACE EVENT_HUB_NAME [usecommonalertschema] + Example: --action eventhub test_eventhub 5def922a-3ed4-49c1-b9fd-05ec533819a3 eventhubNameSpace testEventHubName usecommonalertschema Multiple actions can be specified by using more than one `--add-action` argument. 'useaadauth', 'isglobalrunbook' and 'usecommonalertschema' are optional arguements that only need to be passed to set the respective parameter to True. If the 'useaadauth' argument is passed, then the OBJECT_ID and IDENTIFIER_URI values are required as well. @@ -3200,6 +3247,9 @@ Azure Function: Format: --add-action azurefunction NAME FUNCTION_APP_RESOURCE_ID FUNCTION_NAME HTTP_TRIGGER_URL [usecommonalertschema] Example: --add-action azurefunction test_function test_rsrc test_func http://trigger usecommonalertschema + Event Hub: + Format: --action eventhub NAME SUBSCRIPTION_ID EVENT_HUB_NAME_SPACE EVENT_HUB_NAME [usecommonalertschema] + Example: --action eventhub test_eventhub 5def922a-3ed4-49c1-b9fd-05ec533819a3 eventhubNameSpace testEventHubName usecommonalertschema Multiple actions can be specified by using more than one `--add-action` argument. 'useaadauth', 'isglobalrunbook' and 'usecommonalertschema' are optional arguements that only need to be passed to set the respective parameter to True. If the 'useaadauth' argument is passed, then the OBJECT_ID and IDENTIFIER_URI values are required as well. @@ -3973,7 +4023,7 @@ examples: - name: Update an application gateway. (autogenerated) text: | - az network application-gateway update --name MyApplicationGateway --resource-group MyResourceGroup --set useRemoteGateways=true + az network application-gateway update --name MyApplicationGateway --resource-group MyResourceGroup --set sku.tier=WAF_v2 crafted: true """ @@ -4171,7 +4221,7 @@ type: command short-summary: Show a Azure bastion host machine. examples: - - name: Show a Azure bastion host machine. (autogenerated) + - name: Show a Azure bastion host machine. text: | az network bastion show --name MyBastionHost --resource-group MyResourceGroup crafted: true @@ -5726,7 +5776,7 @@ aladdin_helps['ad app permission admin-consent'] = """ type: command short-summary: Grant Application & Delegated permissions through admin-consent. -long-summary: You must login as a directory administrator +long-summary: You must login as a global administrator examples: - name: Grant Application & Delegated permissions through admin-consent. (autogenerated) text: az ad app permission admin-consent --id 00000000-0000-0000-0000-000000000000 @@ -5975,39 +6025,12 @@ crafted: true """ -aladdin_helps['mysql flexible-server firewall-rule delete'] = """ -type: command -short-summary: Delete a firewall rule. -examples: - - name: Delete a firewall rule. - text: az mysql flexible-server firewall-rule delete --rule-name testRule --resource-group testGroup --name testServer - crafted: true -""" - aladdin_helps['mysql flexible-server firewall-rule show'] = """ type: command short-summary: Get the details of a firewall rule. examples: - name: Get the details of a firewall rule. - text: az mysql flexible-server firewall-rule show --rule-name testRule --resource-group testGroup --name testServer - crafted: true -""" - -aladdin_helps['mysql flexible-server parameter list'] = """ -type: command -short-summary: List the parameter values for a flexible server. -examples: - - name: List the parameter values for a flexible server. - text: az mysql flexible-server parameter list --resource-group testGroup --server-name servername - crafted: true -""" - -aladdin_helps['mysql flexible-server parameter show'] = """ -type: command -short-summary: Get the parameter for a flexible server." -examples: - - name: Get the parameter for a server.W - text: az mysql flexible-server parameter show --name parameterName + text: az mysql flexible-server firewall-rule show --rule-name testRule --resource-group testGroup --name testserver crafted: true """ @@ -6016,7 +6039,7 @@ short-summary: Restart a flexible server. examples: - name: Restart a flexible server. - text: az mysql flexible-server restart --resource-group testGroup --name testServer + text: az mysql flexible-server restart --resource-group testGroup --name testserver crafted: true """ @@ -6025,7 +6048,7 @@ short-summary: Get the details of a flexible server. examples: - name: Get the details of a flexible server - text: az mysql flexible-server show --resource-group testGroup --name testServer + text: az mysql flexible-server show --resource-group testGroup --name testserver crafted: true """ @@ -6034,7 +6057,7 @@ short-summary: Start a flexible server. examples: - name: Start a flexible server. - text: az mysql flexible-server start --resource-group testGroup --name testServer + text: az mysql flexible-server start --resource-group testGroup --name testserver crafted: true """ @@ -6043,7 +6066,7 @@ short-summary: Stop a flexible server. examples: - name: Stop a flexible server. - text: az mysql flexible-server stop --resource-group testGroup --name testServer + text: az mysql flexible-server stop --resource-group testGroup --name testserver crafted: true """ @@ -6052,7 +6075,7 @@ short-summary: Update a flexible server. examples: - name: Update a flexible server's tags. - text: az mysql flexible-server update --resource-group testGroup --name testServer --tags "k1=v1" "k2=v2" + text: az mysql flexible-server update --resource-group testGroup --name testserver --tags "k1=v1" "k2=v2" crafted: true """ @@ -6061,7 +6084,7 @@ short-summary: Wait for the flexible server to satisfy certain conditions. examples: - name: Wait for the flexible server to satisfy certain conditions. - text: az mysql flexible-server wait --exists --resource-group testGroup --name testServer + text: az mysql flexible-server wait --exists --resource-group testGroup --name testserver crafted: true """ @@ -6164,87 +6187,6 @@ crafted: true """ -aladdin_helps['postgres flexible-server firewall-rule delete'] = """ -type: command -short-summary: Delete a firewall rule. -examples: - - name: Delete a firewall rule. - text: az postgres flexible-server firewall-rule delete --rule-name testRule --resource-group testGroup --name testServer - crafted: true -""" - -aladdin_helps['postgres flexible-server firewall-rule show'] = """ -type: command -short-summary: Get the details of a firewall rule. -examples: - - name: Get the details of a firewall rule. - text: az postgres flexible-server firewall-rule show --rule-name testRule --resource-group testGroup --name testServer - crafted: true -""" - -aladdin_helps['postgres flexible-server parameter list'] = """ -type: command -short-summary: List the parameter values for a flexible server. -examples: - - name: List the parameter values for a flexible server. - text: az postgres flexible-server parameter list --resource-group testGroup --server-name servername - crafted: true -""" - -aladdin_helps['postgres flexible-server parameter show'] = """ -type: command -short-summary: Get the parameter for a flexible server." -examples: - - name: Get the parameter for a server.W - text: az postgres flexible-server parameter show --name parameterName - crafted: true -""" - -aladdin_helps['postgres flexible-server restart'] = """ -type: command -short-summary: Restart a flexible server. -examples: - - name: Restart a flexible server. - text: az postgres flexible-server restart --resource-group testGroup --name testServer - crafted: true -""" - -aladdin_helps['postgres flexible-server show'] = """ -type: command -short-summary: Get the details of a flexible server. -examples: - - name: Get the details of a flexible server - text: az postgres flexible-server show --resource-group testGroup --name testServer - crafted: true -""" - -aladdin_helps['postgres flexible-server start'] = """ -type: command -short-summary: Start a flexible server. -examples: - - name: Start a flexible server. - text: az postgres flexible-server start --resource-group testGroup --name testServer - crafted: true -""" - -aladdin_helps['postgres flexible-server stop'] = """ -type: command -short-summary: Stop a flexible server. -examples: - - name: Stop a flexible server. - text: az postgres flexible-server stop --resource-group testGroup --name testServer - crafted: true -""" - -aladdin_helps['postgres flexible-server update'] = """ -type: command -short-summary: Update a flexible server. -examples: - - name: Reset password - text: az postgres flexible-server update --resource-group testGroup --name testServer -p password123 - crafted: true -""" - aladdin_helps['postgres server configuration list'] = """ type: command short-summary: List the configuration values for a server. @@ -6340,10 +6282,87 @@ aladdin_helps['redis create'] = """ type: command short-summary: Create new Redis Cache instance. +parameters: + - name: --redis-configuration + short-summary: A json file used to set redis-configuration settings. You may encounter parse errors if the json file is invalid. + long-summary: | + Usage: --redis-configuration @"{config_file.json}" + + An example json file for configuring max-memory policies + [ + { + "maxmemory-policy": "allkeys-lru" + } + ] + + An example json file for enabling the RDB back up data persistence is + [ + { + "rdb-storage-connection-string": "DefaultEndpointsProtocol=https;AccountName=mystorageaccount;AccountKey=myAccountKey;EndpointSuffix=core.windows.net", + "rdb-backup-enabled": "true", + "rdb-backup-frequency": "15", + "rdb-backup-max-snapshot-count": "1" + } + ] + + An example json file for enabling the AOF back up data persistence is + [ + { + "aof-backup-enabled": "true", + "aof-storage-connection-string-0": "DefaultEndpointsProtocol=https;AccountName=mystorageaccount;AccountKey=myAccountKey;EndpointSuffix=core.windows.net", + "aof-storage-connection-string-1": "DefaultEndpointsProtocol=https;AccountName=mystorageaccount;AccountKey=myAccountKey;EndpointSuffix=core.windows.net" + } + ] examples: - name: Create new Redis Cache instance. (autogenerated) text: az redis create --location westus2 --name MyRedisCache --resource-group MyResourceGroup --sku Basic --vm-size c0 crafted: true + - name: Configure the multiple zones for new Premium Azure Cache for Redis + text: az redis create --location westus2 --name MyRedisCache --resource-group MyResourceGroup --sku Premium --vm-size p1 --zones 1 2 + crafted: true + - name: Configure the memory policies for the cache. + text: az redis create --resource-group resourceGroupName --name cacheName --location westus2 --sku Standard --vm-size c0 --redis-configuration @"config_max-memory.json" + crafted: true + - name: Configure and enable the RDB back up data persistence for new Premium Azure Cache for Redis. + text: az redis create --location westus2 --name MyRedisCache --resource-group MyResourceGroup --sku Premium --vm-size p1 --redis-configuration @"config_rdb.json" + crafted: true + - name: Configure and enable the AOF back up data persistence for new Premium Azure Cache for Redis + text: az redis create --location westus2 --name MyRedisCache --resource-group MyResourceGroup --sku Premium --vm-size p1 --redis-configuration @"config_aof.json" + crafted: true + - name: Create a Premium Azure Cache for Redis with clustering enabled + text: az redis create --location westus2 --name MyRedisCache --resource-group MyResourceGroup --sku Premium --vm-size p1 --shard-count 2 + crafted: true + - name: Deploying a Premium Azure Cache for Redis inside an existing Azure Virtual Network + text: az redis create --location westus2 --name MyRedisCache --resource-group MyResourceGroup --sku Premium --vm-size p1 --subnet-id "/subscriptions/{subid}/resourceGroups/{resourceGroupName}/providers/Microsoft.{Network|ClassicNetwork}/virtualNetworks/vnet1/subnets/subnet1" + crafted: true +""" + +aladdin_helps['redis update'] = """ +type: command +short-summary: Update a Redis cache. +long-summary: Scale or update settings of a Redis cache. +examples: + - name: Update the maxmemory-policy for your Azure Cache for Redis named MyRedisCache + text: az redis update --name MyRedisCache --resource-group MyResourceGroup --set "redisConfiguration.maxmemory-policy"="allkeys-lru" + crafted: true + - name: Disable the RDB back up data persistence for Premium Azure Cache for Redis + text: az redis update --name MyRedisCache --resource-group MyResourceGroup --set "redisConfiguration.rdb-backup-enabled"="false" + crafted: true + - name: Configure the RDB back up enabled data persistence for already created Premium Azure Cache for Redis + text: az redis update --name MyRedisCache --resource-group MyResourceGroup --set "redisConfiguration.rdb-storage-connection-string"="DefaultEndpointsProtocol=https;AccountName=mystorageaccount;AccountKey=myAccountKey;EndpointSuffix=core.windows.net" "redisConfiguration.rdb-backup-enabled"="true" "redisConfiguration.rdb-backup-frequency"="15" "redisConfiguration.rdb-backup-max-snapshot-count"="1" + crafted: true + - name: Scale an Azure Cache for Redis Instance - Update to different size (An example to scale from c0 to c1). + text: az redis update --name MyRedisCache --resource-group MyResourceGroup --set "sku.capacity"="2" + crafted: true + - name: Scale an Azure Cache for Redis Instance - Update to different tier (From Basic to Standard or Standard to Premium). + text: az redis update --name MyRedisCache --resource-group MyResourceGroup --set "sku.name"="Premium" "sku.capacity"="1" "sku.family"="P" + crafted: true + - name: Scale an Azure Cache for Redis Instance - Enable Clustering. + text: az redis update --name MyRedisCache --resource-group MyResourceGroup --set "shardCount"="1" + crafted: true + - name: Scale an Azure Cache for Redis Instance in/out using Redis Cluster. + text: az redis update --name MyRedisCache --resource-group MyResourceGroup --set "shardCount"="2" + crafted: true """ aladdin_helps['relay hyco authorization-rule keys list'] = """ @@ -6939,6 +6958,8 @@ + + aladdin_helps['sql db delete'] = """ type: command short-summary: Delete a database. @@ -6950,9 +6971,9 @@ aladdin_helps['sql db list'] = """ type: command -short-summary: List databases a server or elastic pool. +short-summary: List databases on a server or elastic pool. examples: - - name: List databases a server or elastic pool. (autogenerated) + - name: List databases on a server or elastic pool. (autogenerated) text: az sql db list --resource-group MyResourceGroup --server myserver crafted: true """ @@ -7364,16 +7385,14 @@ aladdin_helps['storage blob upload'] = """ type: command short-summary: Upload a file to a storage blob. -long-summary: Creates a new blob from a file path, or updates the content of an existing blob with automatic chunking and progress notifications. +long-summary: Create a new blob from a file path, or updates the content of an existing blob with automatic chunking and progress notifications. parameters: - name: --type -t - short-summary: Defaults to 'page' for *.vhd files, or 'block' otherwise. + short-summary: Default to 'page' for *.vhd files, or 'block' otherwise. - name: --maxsize-condition short-summary: The max length in bytes permitted for an append blob. - name: --validate-content - short-summary: Specifies that an MD5 hash shall be calculated for each chunk of the blob and verified by the service when the chunk has arrived. - - name: --tier - short-summary: A page blob tier value to set the blob to. The tier correlates to the size of the blob and number of allowed IOPS. This is only applicable to page blobs on premium storage accounts. + short-summary: Specify that an MD5 hash shall be calculated for each chunk of the blob and verified by the service when the chunk has arrived. examples: - name: Upload a file to a storage blob. (autogenerated) text: | @@ -7505,8 +7524,6 @@ - name: --if-exists type: string short-summary: Behavior when an entity already exists for the specified PartitionKey and RowKey. - - name: --timeout - short-summary: The server timeout, expressed in seconds. examples: - name: Insert an entity into a table. (autogenerated) text: | @@ -8056,12 +8073,16 @@ aladdin_helps['vm disk attach'] = """ type: command -short-summary: Attach a managed persistent disk to a VM. Please note that --ids only supports one disk. +short-summary: Attach a managed persistent disk to a VM. long-summary: This allows for the preservation of data, even if the VM is reprovisioned due to maintenance or resizing. examples: - name: Attach a managed persistent disk to a VM. (autogenerated) text: | - az vm disk attach --disk $diskId --new --resource-group MyResourceGroup --size-gb 128 --sku Standard_LRS --vm-name MyVm + az vm disk attach --name $diskId --new --resource-group MyResourceGroup --size-gb 128 --sku Standard_LRS --vm-name MyVm + crafted: true + - name: Attach multiple managed disks to a VM. + text: | + az vm disk attach --vm-name MyVm --resource-group MyResourceGroup --sku Standard_LRS --disks diskId1 diskId2 diskId3 crafted: true """ @@ -8237,21 +8258,6 @@ crafted: true """ -aladdin_helps['vm run-command show'] = """ -type: command -parameters: - - name: --command-id - type: string - short-summary: The command id - populator-commands: - - az vm run-command list -examples: - - name: vm run-command show (autogenerated) - text: | - az vm run-command show --command-id RunShellScript --location westus2 - crafted: true -""" - aladdin_helps['vm secret add'] = """ type: command short-summary: Add a secret to a VM. @@ -8486,21 +8492,6 @@ crafted: true """ -aladdin_helps['vmss run-command show'] = """ -type: command -parameters: - - name: --command-id - type: string - short-summary: The command id - populator-commands: - - az vmss run-command list -examples: - - name: Gets specific run command for a subscription in a location. (autogenerated) - text: | - az vmss run-command show --command-id RunShellScript --location westus2 --subscription mysubscription - crafted: true -""" - aladdin_helps['vmss scale'] = """ type: command short-summary: Change the number of VMs within a VMSS.