(dZddlmZddlmZddlmZddlZddlmZddl m Z ddl m Z ddl mZdd lmZdd lmZd Zd Zd ZdZej.dej0j2j4dZdZdj;dj=ej>Dcgc] }e| c}Z dZ!e jDe jFgZ$e jJe jDe jFgZ&ej.dej0jNjPdZ)dZ*dZ+dZ,dZ-ddZ.dZ/dZ0dZ1d Z2dd!Z3d"Z4dd#Z5d$Z6dd%Z7d&Z8d'Z9d(Z:dd)Z;d*Zdd-Z?d.Z@dd/ZAd0ZBd1ZCd2ZDd3ZEd4ZFd5ZGd6ZHd7ZId8ZJdd9ZKd:ZLd;ZMd<ZNd=ZOd>ZPd?ZQd@ZRdAZSdBZTdCZUdDZVdEZWdFZXdGZYdHZZdIZ[dJZ\dKZ]dLZ^dMZ_dNZ`dOZadPZbdQZcdRZddSZedTZfdUZgdVZhdWZidXZjdYZkdZZldd[Zmd\Znd]Zod^Zpd_Zqd`ZrddaZsddbZtdcZuddZvdeZwdfZxdgZydhZzdiZ{djZ|dkZ}dlZ~dmZdnZddoZdpZdqZdrZ ddsZdtZduZdvZdwZdxZdyZdzZd{Zd|Zd}Zd~ZddZdZdZdZdZdZycc}w)z;Helpers for flags in commands working with GKE Multi-cloud.)absolute_import)division)unicode_literalsN)util) arg_parsers) constants) arg_utils) propertiescT|jd}djd|DS)z'Converts hyphen-case name to CamelCase.-c3<K|]}|jyw)N)title).0xs ?lib/googlecloudsdk/command_lib/container/gkemulticloud/flags.py z_ToCamelCase.."s*EqEs)splitjoinnamepartss r _ToCamelCasers$ **S/% *E* **cb|jd}dj|jS)z(Converts hyphen-case name to SNAKE_CASE.r _)rrupperrs r_ToSnakeCaseUpperr%& **S/% %    rcb|jd}dj|jS)z#Converts SNAKE_CASE to hyphen-case.rr )rrlowerrs r _ToHyphenCaser"+rrcNtjdj|||S)Nz&Invalid value [{}] for argument {}. {})rArgumentTypeErrorformat)valueflagdetails r_InvalidValueErrorr)1s'  & &.55eT6J r --node-taintsc d|vSN UNSPECIFIED)effects rr0:s -v"=r)include_filterz)Node taint is of format key=value:effect.zEffect must be one of: {}.z, zIReplica placement is of format subnetid:zone, for example subnetid12345:1--binauthz-evaluation-modec d|vSr,r.)modes rr0r0Rs T 9rc,|jdddy)z(Adds the --pod-address-cidr-blocks flag.z--pod-address-cidr-blocksTzQIP address range for the pods in this cluster in CIDR notation (e.g. 10.0.0.0/8).requiredhelpN add_argumentparsers rAddPodAddressCidrBlocksr=Vs ! ( rc*t|dd}|r|gSgS)z1Gets the value of --pod-address-cidr-blocks flag.pod_address_cidr_blocksNgetattrargs cidr_blockss rGetPodAddressCidrBlocksrEbs 7>+%+-2-rc,|jdddy)z+Add the --service-address-cidr-blocks flag.z--service-address-cidr-blocksTzIIP address range for the services IPs in CIDR notation (e.g. 10.0.0.0/8).r6Nr9r;s rAddServiceAddressCidrBlocksrGhs %  rc*t|dd}|r|gSgS)z5Gets the value of --service-address-cidr-blocks flag.service_address_cidr_blocksNr@rBs rGetServiceAddressCidrBlocksrJts ;TB+%+-2-rcJ|jd|dj|y)zAdd the --subnet-id flag.z --subnet-idz,Subnet ID of an existing VNET to use for {}.r6Nr:r%)r< help_textr7s r AddSubnetIDrNzs) 9 @ @ Krct|ddS)N subnet_idr@rCs r GetSubnetIDrR {D ))rcH|jddj|y)zAdd an output file argument. Args: parser: The argparse.parser to add the output file argument to. help_action: str, describes the action of what will be stored. z --output-filezPath to the output file {}.r8NrLr< help_actions r AddOutputFilerXs( 9@@MrcJ|jdddj|y)zAdd the --validate-only argument. Args: parser: The argparse.parser to add the argument to. help_action: str, describes the action that will be validated. z--validate-only store_truez/Validate the {}, but don't actually perform it.actionr8NrLrVs rAddValidateOnlyr]s.   < C C  rct|ddS)N validate_onlyr@rQs rGetValidateOnlyr`  --rc@d}|r|dz }|jddd|y)NzzEnable node autorepair feature for a node pool. Use --no-enable-autorepair to disable. $ {command} --enable-autorepair z) Node autorepair is disabled by default. z--enable-autorepairrZr\defaultr8r9r< for_createrMs rAddEnableAutoRepairrgs;)  I L$Yrct|ddS)Nenable_autorepairr@rQs r GetAutoRepairrj *D 11rc,|jd|dy)Nz--cluster-versionz*Kubernetes version to use for the cluster.r6r9r<r7s rAddClusterVersionrns 7rct|ddS)Ncluster_versionr@rQs rGetClusterVersionrq ($ //rc,|jd|dy)Nz --descriptionzDescription for the cluster.r6r9rms rAddDescriptionrts/Mrct|ddS)N descriptionr@rQs rGetDescriptionrw }d ++rc.|jddddy)zgAdds the --clear-description flag. Args: parser: The argparse.parser to add the arguments to. z--clear-descriptionrZNz&Clear the description for the cluster.rcr9r;s rAddClearDescriptionrzs#    3 rcV|jdd}t|t|y)zoAdds description related flags for update. Args: parser: The argparse.parser to add the arguments to. DescriptionTmutexN) add_grouprtrzr<groups rAddDescriptionForUpdaters)   =  5%erct|jdtjdddj|y)Nz --annotations min_length ANNOTATIONzAnnotations for the {}.typemetavarr8)r:rArgDictr%r<nouns rAddAnnotationsrs7   ! , $ + +D 1 rcL|jddddj|y)zAdds flag for clearing the annotations. Args: parser: The argparse.parser to add the arguments to. noun: The resource type to which the flag is applicable. z--clear-annotationsrZNz!Clear the annotations for the {}.rcrLrs rAddClearAnnotationsrs.   . 5 5d ; rc$t|ddxsiS)N annotationsr@rQs rGetAnnotationsr }d + 1r1rcZ|jdd}t||t||y)zAdds annotations related flags for update. Args: parser: The argparse.parser to add the arguments to. noun: The resource type to which the flag is applicable. AnnotationsTr}N)rrrr<rrs rAddAnnotationsForUpdaters-   =  5%eT"rc,|jd|dy)Nz--node-versionz,Kubernetes version to use for the node pool.r6r9rms rAddNodeVersionrs 9rct|ddS)N node_versionr@rQs rGetNodeVersionr ~t ,,rc|jd|}|jd|td|jd|tdy) zAdds node pool autoscaling flags. Args: parser: The argparse.parser to add the arguments to. required: bool, whether autoscaling flags are required. zNode pool autoscaling)r7z --min-nodesz)Minimum number of nodes in the node pool.)r7rr8z --max-nodesz)Maximum number of nodes in the node pool.N)add_argument_groupr:int)r<r7rs rAddAutoscalingrsZ  # #$;h # O%  6    6 rcBd}d}|j}|j}||fS)Nr) min_nodes max_nodes)rCrrs rGetAutoscalingParamsr4s)))nn)nn) Y rct|ddS)Nrr@rQs r GetMinNodesr=rSrct|ddS)Nrr@rQs r GetMaxNodesrArSrc6|jdtddy)Nz--max-pods-per-nodez Maximum number of pods per node.T)rr8r7r:rr;s rAddMaxPodsPerNoderEs!  - rct|ddS)Nmax_pods_per_noder@rQs rGetMaxPodsPerNoderNrkrc*|jddy)Nz--azure-availability-zonezt|dd}|syt|dz S)Nroot_volume_sizerArrCsizes rGetRootVolumeSizer' )4 0$  TbrcZ|jdtjgdddy)Nz--main-volume-sizerrrzSize of the main volume. The value must be a whole number followed by a size unit of `GB` for gigabyte, or `TB` for terabyte. If no size unit is specified, GB is assumed.rrr;s rAddMainVolumeSizerrrc>t|dd}|syt|dz S)Nmain_volume_sizerrrs rGetMainVolumeSizerrrcdj||jddj}|jdt j dd|y) Nzz Applies the given tags (comma separated) on the {0}. Example: $ {{command}} EXAMPLE_{1} --tags=tag1=one,tag2=two  rz--tagsrrTAGr)r%replacerr:rr)r<rrMs rAddTagsrsZ fT4<<S)//12      ! ,  rcL|jddddj|y)zAdds flag for clearing the tags. Args: parser: The argparse.parser to add the arguments to. noun: The resource type to which the flag is applicable. z --clear-tagsrZNz/Clear any tags associated with the {}'s nodes. rcrLrs r AddClearTagsrs.   < C CD I rcZ|jdd}t||t||y)zAdds tags related flags for update. Args: parser: The argparse.parser to add the arguments to. noun: The resource type to which the flags are applicable. TagsTr}N)rrrrs rAddTagsForUpdaters-   6  .% %udrc$t|ddxsiS)Ntagsr@rQs rGetTagsrs vt $ **rc*|jddy)zdAdds database encryption flags. Args: parser: The argparse.parser to add the arguments to. z--database-encryption-key-idzbURL the of the Azure Key Vault key (with its version) to use to encrypt / decrypt cluster secrets.rUNr9r;s rAddDatabaseEncryptionrs  $ 9rct|ddS)Ndatabase_encryption_key_idr@rQs rGetDatabaseEncryptionKeyIdrs 3T ::rcP|jdd|jddy)zbAdds config encryption flags. Args: parser: The argparse.parser to add the arguments to. z--config-encryption-key-idz^URL the of the Azure Key Vault key (with its version) to use to encrypt / decrypt config data.rUz--config-encryption-public-keyzLRSA key of the Azure Key Vault public key to use for encrypting config data.Nr9r;s rAddConfigEncryptionrs<  " 5 & rct|ddS)Nconfig_encryption_key_idr@rQs rGetConfigEncryptionKeyIdrs 14 88rct|ddS)Nconfig_encryption_public_keyr@rQs rGetConfigEncryptionPublicKeyrs 5t <rrct|ddS)Nproxy_secret_idr@rQs rGetProxySecretIdrArrrcr|jdtjtjdddy)Nz--fleet-projectz=--fleet-project must be a valid project ID or project number.TzGID or number of the Fleet host project where the cluster is registered.)rr7r8)r:rCustomFunctionValidator project_utilValidateProjectIdentifierr;s rAddFleetProjectrFs<  . .  0 0 I   rct|dd}|sy|js$djtj|Sdj|S)a\Gets and parses the fleet project argument. Project ID if specified is converted to project number. The parsed fleet project has format projects/. Args: args: Arguments parsed from the command. Returns: The fleet project in format projects/ or None if the fleet projectnot is not specified. fleet_projectNz projects/{})rAisdigitr%rDGetProjectNumber)rCps rGetFleetProjectrLsNdOT*!      = =a @ AA   a  rc.|jddddy)Nz--private-endpointFrZz+If set, use private VPC for authentication.rdr\r8r9r;s rAddPrivateEndpointrOs!  8 rc.|jddddy)Nz--exec-credentialFrZzBIf set, format access token as a Kubernetes execCredential object.rNr9r;s rAddExecCredentialrQs!  O rchd}|r|dz }|jdtjdd|y)Nz=Users that can perform operations as a cluster administrator.z> If not specified, the value of property core/account is used.z --admin-usersrrUSERrr:rr2)r<createhelp_txts r AddAdminUsersrWs? L(  PPH   ! ,  rct|dsy|jr |jStjjj j gS)N admin_users)hasattrrYr VALUEScoreaccount GetOrFailrQs r GetAdminUsersr_ sH } %         ( ( 2 2 4 55rcV|jdd}t|t|y)zuAdds admin group configuration flags for update. Args: parser: The argparse.parser to add the arguments to. z Admin groupsTr}N)rAddAdminGroupsAddClearAdminGroupsrs rAddAdminGroupsForUpdatercs)   >  6%ercXd}|jdtjdd|y)NzI Groups of users that can perform operations as a cluster administrator. z--admin-groupsGROUPF)rrr7r8rT)r<rVs rraras6(       rc.|jddddy)zcAdds the --clear-admin-groups. Args: parser: The argparse.parser to add the arguments to. z--clear-admin-groupsrZNz2Clear the admin groups associated with the clusterrcr9r;s rrbrb-s#    ? rcNt|dsy|jr |jSy)N admin_groups)rZrhrQs rGetAdminGroupsri;s' ~ &      rcd}g}|r t}|dz }nt}|jdtjd|d|y) zAdds the --logging flag.z Set the components that have logging enabled. Examples: $ {command} --logging=SYSTEM $ {command} --logging=SYSTEM,WORKLOADz $ {command} --logging=NONE --loggingr)rr  COMPONENTrN)_ALLOW_DISABLE_LOGGING_CHOICES_LOGGING_CHOICESr:rr2)r<allow_disabledrMlogging_choicess r AddLoggingrqCsZ+)/4O I'O   !_ E  rct|dd}|sytj|vr@tj|vstj|vrt dj |ddtj}|j}|j}tj|vr0|r|j|St dj |ddtj|vrt dj |ddtj|vr%|jj|jtj|vr%|jj|j|j|S) aWParses and validates the value of the --logging flag. Args: args: Arguments parsed from the command. allow_disabled: If disabling logging is allowed for this cluster. Returns: The logging config object as GoogleCloudGkemulticloudV1LoggingConfig. Raises: ArgumentError: If the value of the --logging flag is invalid. loggingN,rkzFInvalid logging config. NONE is not supported with SYSTEM or WORKLOAD.)componentConfigz.Invalid logging config. NONE is not supported.z6Must include SYSTEM logging if any logging is enabled.)rArNONESYSTEMWORKLOADr)rrr0GoogleCloudGkemulticloudV1LoggingComponentConfig(EnableComponentsValueListEntryValuesEnum'GoogleCloudGkemulticloudV1LoggingConfigenableComponentsrSYSTEM_COMPONENTS WORKLOADS)rCrorsmessagesconfigenums r GetLoggingr^sn D)T *'  ^^w'!Y%7%77%B     ' ' )(  D D F&  8 8$^^w  = = >  ((7   :  W$  @    ""4#9#9:7" ""4>>2  9 9 : rc.d}|jd|y)zAdds the --image-type flag.z Set the OS image type to use on node pool instances. Examples: $ {command} --image-type=windows $ {command} --image-type=ubuntu z --image-typerUNr9r<rMs r AddImageTypers) n95rct|ddS)N image_typer@rQs r GetImageTypers |T **rc,|jdddy)Nz--azure-regionTz_Azure location to deploy the cluster. Refer to your Azure subscription for available locations.r6r9r;s rAddAzureRegionrs! F rct|ddS)N azure_regionr@rQs rGetAzureRegionrrrc,|jdddy)Nz--resource-group-idTz=ID of the Azure Resource Group to associate the cluster with.r6r9r;s rAddResourceGroupIdrs Jrct|ddS)Nresource_group_idr@rQs rGetResourceGroupIdrrkrc,|jdddy)Nz --vnet-idTz>ID of the Azure Virtual Network to associate with the cluster.r6r9r;s r AddVnetIdrs Krct|ddS)Nvnet_idr@rQs r GetVnetIdrrrc*|jddy)Nz!--service-load-balancer-subnet-idzARM ID of the subnet where Kubernetes private service type load balancers are deployed, when the Service lacks a subnet annotation.rUr9r;s rAddServiceLoadBalancerSubnetIdrs) rct|ddS)Nservice_load_balancer_subnet_idr@rQs rGetServiceLoadBalancerSubnetIdrs 8$ ??rc*|jddy)Nz--endpoint-subnet-idzARM ID of the subnet where the control plane load balancer is deployed. When unspecified, it defaults to the control plane subnet ID.rUr9r;s rAddEndpointSubnetIdrs rct|ddS)Nendpoint_subnet_idr@rQs rGetEndpointSubnetIdrs +T 22rc|jd}|jd|d|jd|d|s t|yy)z8Adds --azure-tenant-id and --azure-application-id flags.zAzure services authenticationz--azure-tenant-idz1ID of the Azure Tenant to manage Azure resources.r6z--azure-application-idz6ID of the Azure Application to manage Azure resources.N)rr:AddClearClient)auth_config_grouprUrs rAddAzureServicesAuthenticationrs_  . ./N O% >  C 5 rc.|jddddy)zbAdds the --clear-client flag. Args: parser: The argparse.parser to add the arguments to. z--clear-clientrZNzClear the Azure client. This flag is required when updating to use Azure workload identity federation from Azure client to manage Azure resources.rcr9r;s rrrs%      rct|ddS)Nazure_tenant_idr@rQs rGetAzureTenantIDrrrrct|ddS)Nazure_application_idr@rQs rGetAzureApplicationIDrs -t 44rcd}d}d}|rV|jddd||r>|jdd }|jd dd||jd dd|yy|jd d }|jdddd|jdddd|r>|jdd }|jd ddd|jd dddyy)z'Adds monitoring config flags to parser.aL Enables managed collection for Managed Service for Prometheus in the cluster. See https://cloud.google.com/stackdriver/docs/managed-prometheus/setup-managed#enable-mgdcoll-gke for more info. Managed Prometheus is enabled by default for cluster versions 1.27 or greater, use --no-enable-managed-prometheus to disable. z Enables managed collection for Cloud Monitoring in the cluster. Cloud Monitoring is enabled by default for all clusters. Beginning with cluster version 1.31, use --disable-cloud-monitoring to disable. z Disables managed collection for Cloud Monitoring in the cluster. Cloud Monitoring is enabled by default for all clusters. Beginning with cluster version 1.31, use --disable-cloud-monitoring to disable. z--enable-managed-prometheusrZNrczCloud Monitoring ConfigTr}z--disable-cloud-monitoringz--enable-cloud-monitoringzMonitoring Configz--disable-managed-prometheusz>Disable managed collection for Managed Service for Prometheus.z=Enable managed collection for Managed Service for Prometheus.z0Disable managed collection for Cloud Monitoring.z/Enable managed collection for Cloud Monitoring.)r:r)r<rfcloud_monitoring_optionprometheus_enable_help_text!cloud_monitoring_enable_help_text"cloud_monitoring_disable_help_textrs rAddMonitoringConfigrsV!'# ($  % (  8Ee  &1    %0    0  =E & M   % L  8Ee  &@   %@ rct|dd}t|dd}tj}|j}|rd|_n |rd|_nd}t|dd}t|dd}tj}|j }|rd|_n |rd|_nd}||y|j ||S) aAParses and validates the value of the managed prometheus and cloud monitoring config flags. Args: args: Arguments parsed from the command. Returns: The monitoring config object as GoogleCloudGkemulticloudV1MonitoringConfig. None if both enable_managed_prometheus and enable_cloud_monitoring are None. enable_managed_prometheusNdisable_managed_prometheusTFenable_cloud_monitoringdisable_cloud_monitoring)managedPrometheusConfigcloudMonitoringConfig)rArr1GoogleCloudGkemulticloudV1ManagedPrometheusConfigenabled/GoogleCloudGkemulticloudV1CloudMonitoringConfig*GoogleCloudGkemulticloudV1MonitoringConfig)rCenabled_prometheusdisabled_prometheusrprometheus_configenabled_cloud_monitoringdisabled_cloud_monitoringcloud_monitoring_configs rGetMonitoringConfigrgst%@$G&BDI  ' ' )(@@B $ %$T+DdK%d,FM  ' ' )(>>@&*# &+#"#:#B   < </3 = rcPd}|jdd|j|y)NzsAllow idempotent deletion of {resource}. The request will still succeed in case the {resource} does not exist. z--allow-missingrZ)resourcer[rL)r<rrVs rAddAllowMissingrs2(   ??H? -rct|ddS)N allow_missingr@rQs rGetAllowMissingrrarcRd}|jdd|j||y)NzForce delete an {platform} {resource}. Deletion of the {platform} {resource} will succeed even if errors occur during deleting in-{resource} resources. Using this parameter may result in orphaned resources in the {resource}. z--ignore-errorsrZ)rplatformr[rL)r<rrrVs rAddIgnoreErrorsrs4(    ??Hx? @rct|ddS)N ignore_errorsr@rQs rGetIgnoreErrorsrrarc |jdtjDcgc] }t|c}ddycc}w)z/Adds --binauthz-evaluation-mode flag to parser.r2Nz:Set Binary Authorization evaluation mode for this cluster.)r rdr8)r:_BINAUTHZ_EVAL_MODE_ENUM_MAPPERr r)r<cs rAddBinauthzEvaluationModersI"(G(O(O(O1 A (O G s< c^t|dd}|ytjt|S)Nbinauthz_evaluation_mode)rArrr")rCevaluation_modes rGetBinauthzEvaluationModers5D"rArFrLrOrQrWr_rcrarbrirqrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr)rs0rr sbB&'K/HD:*+ ! !  7I66H DDZZ= A188II(A(I(IJ(I1|A(IJK P$$i&8&89NN  " #=)"<"< H NNll9# . . *   . 20 ,  2 #-. **28 (/     + ;,9=2*, :6 : (80 !* 6   67t 6+-2(@3"$05 7<K\,^. .   %  1<7 ,. 3S(Ks(J