Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add bulk key regeneration to az iot hub device-identity renew-key and az iot hub module-identity renew-key #710

Merged
merged 34 commits into from
Aug 12, 2024
Merged

feat: add bulk key regeneration to az iot hub device-identity renew-key and az iot hub module-identity renew-key #710

merged 34 commits into from
Aug 12, 2024

Conversation

vilit1
Copy link
Contributor

@vilit1 vilit1 commented Jul 17, 2024

Currently only in canary (7/17)

New sdk for bulk key regeneration.

Fun limitations (hidden to the customer):

  1. need to say what devices you want (even if you want all)
  2. can only send 100 devices to renew at a time (rip hubs with millions of devices)
  3. still counts as crud + goes towards the crud limitations.
  4. need to specify all device and module combos (so if you have one device with 2 modules, that results in 3 entries)

Since swap is not a bulk key regeneration item (it doesn't create new keys), we limit it to one device (to minimize headache + calls)

Key stuff
image

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Thank you for contributing to the IoT extension!

This checklist is used to make sure that common guidelines for a pull request are followed.

General Guidelines

Intent for Production

  • It is expected that pull requests made to default or core branches such as dev or main are of production grade. Corollary to this, any merged contributions to these branches may be deployed in a public release at any given time. By checking this box, you agree and commit to the expected production quality of code.

Basic expectations

  • If introducing new functionality or modified behavior, are they backed by unit and/or integration tests?
  • In the same context as above are command names and their parameter definitions accurate? Do help docs have sufficient content?
  • Have all the relevant unit and integration tests pass? i.e. pytest <project root> -vv. Please provide evidence in the form of a screenshot showing a succesful run of tests locally OR a link to a test pipeline that has been run against the change-set.
  • Have linter checks passed using the .pylintrc and .flake8 rules? Look at the CI scripts for example usage.
  • Have extraneous print or debug statements, commented out code-blocks or code-statements (if any) been removed from the surface area of changes?
  • Have you made an entry in HISTORY.rst which concisely explains your user-facing feature or change?

Azure IoT CLI maintainers reserve the right to enforce any of the outlined expectations.

A PR is considered ready for review when all basic expectations have been met (or do not apply).

@vilit1 vilit1 requested a review from digimaun as a code owner July 17, 2024 21:16
c-ryan-k
c-ryan-k reviewed Aug 7, 2024
View reviewed changes
.azure-devops/templates/run-tests-parallel.yml Outdated Show resolved Hide resolved
azext_iot/operations/hub.py Outdated Show resolved Hide resolved
azext_iot/operations/hub.py Show resolved Hide resolved
azext_iot/operations/hub.py Outdated Show resolved Hide resolved
azext_iot/operations/hub.py Outdated Show resolved Hide resolved
azext_iot/tests/digitaltwins/test_dt_twin_unit.py Show resolved Hide resolved
azext_iot/tests/iothub/core/test_iot_ext_unit.py Show resolved Hide resolved
azext_iot/tests/iothub/devices/test_iothub_devices_int.py Show resolved Hide resolved
setup.py Outdated Show resolved Hide resolved
tox.ini Outdated Show resolved Hide resolved
@vilit1
Copy link
Contributor Author

vilit1 commented Aug 8, 2024

image

@vilit1
Copy link
Contributor Author

vilit1 commented Aug 8, 2024

Updated idea:
if a single device is specified - then the device identity is returned (with the rotated keys)
if mutliple devices are specified, then the bulk key regeneration result is returned

this removes the concern for breaking changes

c-ryan-k
c-ryan-k reviewed Aug 8, 2024
View reviewed changes
azext_iot/_help.py Outdated Show resolved Hide resolved
azext_iot/_help.py Outdated Show resolved Hide resolved
azext_iot/operations/hub.py Outdated Show resolved Hide resolved
@vilit1 vilit1 merged commit 4e47054 into Azure:dev Aug 12, 2024
27 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@c-ryan-k c-ryan-k c-ryan-k approved these changes

@digimaun digimaun Awaiting requested review from digimaun digimaun is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vilit1 @c-ryan-k