diff --git a/src/command_modules/azure-cli-acs/HISTORY.rst b/src/command_modules/azure-cli-acs/HISTORY.rst index 7745a8265fc..63a8a317c40 100644 --- a/src/command_modules/azure-cli-acs/HISTORY.rst +++ b/src/command_modules/azure-cli-acs/HISTORY.rst @@ -6,6 +6,7 @@ Release History 2.0.35 ++++++ * Updated options of `az aks use-dev-spaces` command. Added `--update` support. +* `az aks get-credentials --admin` won't replace the user context in $HOME/.kube/config 2.0.34 ++++++ diff --git a/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/custom.py b/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/custom.py index b27004a06c6..4ec3be4dc1a 100644 --- a/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/custom.py +++ b/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/custom.py @@ -996,6 +996,16 @@ def merge_kubernetes_configurations(existing_file, addition_file): existing = load_kubernetes_configuration(existing_file) addition = load_kubernetes_configuration(addition_file) + # rename the admin context so it doesn't overwrite the user context + for ctx in addition.get('contexts', []): + try: + if ctx['context']['user'].startswith('clusterAdmin'): + admin_name = ctx['name'] + '-admin' + addition['current-context'] = ctx['name'] = admin_name + break + except (KeyError, TypeError): + continue + if addition is None: raise CLIError('failed to load additional configuration from {}'.format(addition_file)) diff --git a/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/tests/latest/test_custom.py b/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/tests/latest/test_custom.py index 12499726fe2..6668d5cdfbc 100644 --- a/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/tests/latest/test_custom.py +++ b/src/command_modules/azure-cli-acs/azure/cli/command_modules/acs/tests/latest/test_custom.py @@ -200,6 +200,107 @@ def test_merge_credentials(self): self.assertEqual(merged['users'], ['user1', 'user2']) self.assertEqual(merged['current-context'], obj2['current-context']) + def test_merge_admin_credentials(self): + existing = tempfile.NamedTemporaryFile(delete=False) + existing.close() + addition = tempfile.NamedTemporaryFile(delete=False) + addition.close() + obj1 = { + 'apiVersion': 'v1', + 'clusters': [ + { + 'cluster': { + 'certificate-authority-data': 'certificateauthoritydata1', + 'server': 'https://aztest-aztest-abc123-abcd1234.hcp.eastus.azmk8s.io:443' + }, + 'name': 'aztest' + } + ], + 'contexts': [ + { + 'context': { + 'cluster': 'aztest', + 'user': 'clusterUser_aztest_aztest' + }, + 'name': 'aztest' + } + ], + 'current-context': 'aztest', + 'kind': 'Config', + 'preferences': {}, + 'users': [ + { + 'name': 'clusterUser_aztest_aztest', + 'user': { + 'client-certificate-data': 'clientcertificatedata1', + 'client-key-data': 'clientkeydata1', + 'token': 'token1' + } + } + ] + } + with open(existing.name, 'w+') as stream: + yaml.dump(obj1, stream) + self.addCleanup(os.remove, existing.name) + obj2 = { + 'apiVersion': 'v1', + 'clusters': [ + { + 'cluster': { + 'certificate-authority-data': 'certificateauthoritydata2', + 'server': 'https://aztest-aztest-abc123-abcd1234.hcp.eastus.azmk8s.io:443' + }, + 'name': 'aztest' + } + ], + 'contexts': [ + { + 'context': { + 'cluster': 'aztest', + 'user': 'clusterAdmin_aztest_aztest' + }, + 'name': 'aztest' + } + ], + 'current-context': 'aztest', + 'kind': 'Config', + 'preferences': {}, + 'users': [ + { + 'name': 'clusterAdmin_aztest_aztest', + 'user': { + 'client-certificate-data': 'someclientcertificatedata2', + 'client-key-data': 'someclientkeydata2', + 'token': 'token2' + } + } + ] + } + with open(addition.name, 'w+') as stream: + yaml.dump(obj2, stream) + self.addCleanup(os.remove, addition.name) + + merge_kubernetes_configurations(existing.name, addition.name) + + with open(existing.name, 'r') as stream: + merged = yaml.load(stream) + self.assertEqual(len(merged['clusters']), 2) + self.assertEqual([c['cluster'] for c in merged['clusters']], + [{'certificate-authority-data': 'certificateauthoritydata1', + 'server': 'https://aztest-aztest-abc123-abcd1234.hcp.eastus.azmk8s.io:443'}, + {'certificate-authority-data': 'certificateauthoritydata2', + 'server': 'https://aztest-aztest-abc123-abcd1234.hcp.eastus.azmk8s.io:443'}]) + self.assertEqual(len(merged['contexts']), 2) + self.assertEqual(merged['contexts'], + [{'context': {'cluster': 'aztest', 'user': 'clusterUser_aztest_aztest'}, + 'name': 'aztest'}, + {'context': {'cluster': 'aztest', 'user': 'clusterAdmin_aztest_aztest'}, + 'name': 'aztest-admin'}]) + self.assertEqual(len(merged['users']), 2) + self.assertEqual([u['name'] for u in merged['users']], + ['clusterUser_aztest_aztest', 'clusterAdmin_aztest_aztest']) + self.assertEqual(merged['current-context'], 'aztest-admin') + def test_merge_credentials_missing(self): existing = tempfile.NamedTemporaryFile(delete=False) existing.close()