Merge pull request #4731 from hyonholee/preview

Fix Get-AzureRmVmssVMDiskEncryption for data disk

Author: markcowl

src/ResourceManager/Compute/Commands.Compute.Test/ScenarioTests/VirtualMachineScaleSetExtensionTests.cs

@@ -39,6 +39,12 @@ public void TestGetVirtualMachineScaleSetDiskEncryptionStatus()
         {
             ComputeTestController.NewInstance.RunPsTest("Test-GetVirtualMachineScaleSetDiskEncryptionStatus");
         }
-    }
 
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestGetVirtualMachineScaleSetDiskEncryptionDataDisk()
+        {
+            ComputeTestController.NewInstance.RunPsTest("Test-GetVirtualMachineScaleSetDiskEncryptionDataDisk");
+        }
+    }
 }

src/ResourceManager/Compute/Commands.Compute.Test/ScenarioTests/VirtualMachineScaleSetExtensionTests.ps1

@@ -259,3 +259,43 @@ function Test-GetVirtualMachineScaleSetDiskEncryptionStatus
         Clean-ResourceGroup $rgname
     }
 }
+
+<#
+.SYNOPSIS
+Test Get Virtual Machine Scale Set Disk Encryption for VMSS with a data disk.
+Precondition: The given VMSS has an encrypted data disk.
+#>
+function Test-GetVirtualMachineScaleSetDiskEncryptionDataDisk
+{
+    $rgname = "hyleevmssdetest2";
+    $vmssName = "vmsshyleevmssdetest3";
+    $result = Get-AzureRmVmssDiskEncryption -ResourceGroupName $rgname;
+    $output = $result | Out-String;
+
+    $result = Get-AzureRmVmssDiskEncryption -ResourceGroupName $rgname -VMScaleSetName $vmssName;
+    $output = $result | Out-String;
+
+    $result = Get-AzureRmVmssVMDiskEncryption -ResourceGroupName $rgname -VMScaleSetName $vmssName;
+    Assert-AreEqual "Encrypted" $result[0].DataVolumesEncrypted;
+    $output = $result | Out-String;
+
+    $result = Get-AzureRmVmssVMDiskEncryption -ResourceGroupName $rgname -VMScaleSetName $vmssName -InstanceId "1";
+    Assert-AreEqual "Encrypted" $result.DataVolumesEncrypted;
+    $output = $result | Out-String;
+
+    Disable-AzureRmVmssDiskEncryption -ResourceGroupName $rgname -VMScaleSetName $vmssName -Force;
+
+    $result = Get-AzureRmVmssDiskEncryption -ResourceGroupName $rgname;
+    $output = $result | Out-String;
+
+    $result = Get-AzureRmVmssDiskEncryption -ResourceGroupName $rgname -VMScaleSetName $vmssName;
+    $output = $result | Out-String;
+
+    $result = Get-AzureRmVmssVMDiskEncryption -ResourceGroupName $rgname -VMScaleSetName $vmssName;
+    Assert-AreEqual "NotEncrypted" $result[0].DataVolumesEncrypted;
+    $output = $result | Out-String;
+
+    $result = Get-AzureRmVmssVMDiskEncryption -ResourceGroupName $rgname -VMScaleSetName $vmssName -InstanceId "1";
+    Assert-AreEqual "NotEncrypted" $result.DataVolumesEncrypted;
+    $output = $result | Out-String;
+}

src/ResourceManager/Compute/Commands.Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.VirtualMachineScaleSetExtensionTests/TestGetVirtualMachineScaleSetDiskEncryptionDataDisk.json

@@ -54,7 +54,10 @@ public class DisableAzureDiskEncryptionCommand : VirtualMachineExtensionBaseCmdl
             Position = 2,
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "Type of the volume (OS, Data or All) to perform decryption operation")]
-        [ValidateSet("OS", "Data", "All")]
+        [ValidateSet(
+            AzureDiskEncryptionExtensionContext.VolumeTypeOS,
+            AzureDiskEncryptionExtensionContext.VolumeTypeData,
+            AzureDiskEncryptionExtensionContext.VolumeTypeAll)]
         public string VolumeType { get; set; }
 
         [Alias("ExtensionName")]

src/ResourceManager/Compute/Commands.Compute/Extension/AzureDiskEncryption/DisableAzureDiskEncryption.cs

@@ -119,7 +119,10 @@ public class SetAzureDiskEncryptionExtensionCommand : VirtualMachineExtensionBas
             Position = 9,
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "Type of the volume (OS or Data) to perform encryption operation")]
-        [ValidateSet("OS", "Data", "All")]
+        [ValidateSet(
+            AzureDiskEncryptionExtensionContext.VolumeTypeOS,
+            AzureDiskEncryptionExtensionContext.VolumeTypeData,
+            AzureDiskEncryptionExtensionContext.VolumeTypeAll)]
         public string VolumeType { get; set; }
 
         [Parameter(

src/ResourceManager/Compute/Commands.Compute/Extension/AzureDiskEncryption/SetAzureDiskEncryptionExtension.cs

@@ -12,6 +12,7 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
+using Microsoft.Azure.Commands.Compute.Extension.AzureDiskEncryption;
 using Microsoft.Azure.Management.Compute;
 using Microsoft.Azure.Management.Compute.Models;
 using System;
@@ -90,7 +91,9 @@ protected string GetVolumeType(string VolumeType, VirtualMachineScaleSetStorageP
         {
             if (string.IsNullOrWhiteSpace(VolumeType))
             {
-                return this.CurrentOSType == OperatingSystemTypes.Windows ? "All" : "Data";
+                return this.CurrentOSType == OperatingSystemTypes.Windows 
+                    ? AzureVmssDiskEncryptionExtensionContext.VolumeTypeAll 
+                    : AzureVmssDiskEncryptionExtensionContext.VolumeTypeData;
             }
             else
             {

src/ResourceManager/Compute/Commands.Compute/Extension/VirtualMachineScaleSetExtensionBaseCmdlet.cs

@@ -32,7 +32,7 @@ public class AzureVmssDiskEncryptionExtensionContext : PSVirtualMachineScaleSetE
         public const string VolumeTypeOS = "OS";
         public const string VolumeTypeData = "Data";
         public const string VolumeTypeAll = "All";
-        public const string StatusSucceeded = "Succeeded";
+        public const string StatusSucceeded = "succeeded";
         public const string EncryptionStateString = "EncryptionState/";
     }
 }

src/ResourceManager/Compute/Commands.Compute/Extension/VmssDiskEncryption/AzureVmssDiskEncryptionExtensionContext.cs

@@ -59,7 +59,10 @@ public class RemoveAzureVmssDiskEncryptionCommand : VirtualMachineScaleSetExtens
             Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "Type of the volume (OS or Data) to perform encryption operation")]
-        [ValidateSet("OS", "Data", "All")]
+        [ValidateSet(
+            AzureVmssDiskEncryptionExtensionContext.VolumeTypeOS,
+            AzureVmssDiskEncryptionExtensionContext.VolumeTypeData,
+            AzureVmssDiskEncryptionExtensionContext.VolumeTypeAll)]
         public string VolumeType { get; set; }
 
         [Parameter(

src/ResourceManager/Compute/Commands.Compute/Extension/VmssDiskEncryption/DisableAzureVmssDiskEncryption.cs

@@ -17,6 +17,7 @@
 using Microsoft.Azure.Commands.Compute.Models;
 using Microsoft.Azure.Management.Compute;
 using Microsoft.Azure.Management.Compute.Models;
+using Newtonsoft.Json;
 using System.Collections.Generic;
 using System.Linq;
 using System.Management.Automation;
@@ -125,9 +126,6 @@ private PSVmssVMDiskEncryptionStatusContext GetDiskStatus(string rgName, string
                 psResult.Disks.Add(disk);
             }
 
-            psResult.OsVolumeEncrypted = GetOsDiskEncryptionStatus(psResult.Disks, vmssVM.StorageProfile);
-            psResult.DataVolumesEncrypted = GetDataDiskEncryptionStatus(psResult.Disks, vmssVM.StorageProfile);
-
             try
             {
                 psResult.Extension = vmssVMInstanceView.Extensions.First(e => e.Name.Equals(this.ExtensionName));
@@ -144,6 +142,9 @@ private PSVmssVMDiskEncryptionStatusContext GetDiskStatus(string rgName, string
                 psResult.DiskEncryptionStatus = psResult.Extension.Statuses[0].DisplayStatus;
             }
 
+            psResult.OsVolumeEncrypted = GetOsDiskEncryptionStatus(psResult.Disks, vmssVM.StorageProfile);
+            psResult.DataVolumesEncrypted = GetDataDiskEncryptionStatus(rgName, vmssName, psResult.DiskEncryptionStatus, vmssVM.StorageProfile);
+
             return psResult;
         }
 
@@ -175,33 +176,49 @@ private EncryptionStatus GetOsDiskEncryptionStatus(List<DiskInstanceView> disks,
                 : ConvertToEncryptionStatus(status.Code.Replace(AzureVmssDiskEncryptionExtensionContext.EncryptionStateString, ""));
         }
 
-        private EncryptionStatus GetDataDiskEncryptionStatus(List<DiskInstanceView> disks, StorageProfile storage)
+        private EncryptionStatus GetDataDiskEncryptionStatus(string rgName, string vmssName, string encryptionStatus, StorageProfile storage)
         {
             if (storage == null || storage.DataDisks == null || storage.DataDisks.Count == 0)
             {
                 return EncryptionStatus.NotMounted;
             }
 
-            InstanceViewStatus status = null;
+            // Data disk does not have disk encryption extension setting.
+
+            var vmssResult = this.VirtualMachineScaleSetClient.Get(rgName, vmssName);
+            if (vmssResult.VirtualMachineProfile == null
+                || vmssResult.VirtualMachineProfile.ExtensionProfile == null
+                || vmssResult.VirtualMachineProfile.ExtensionProfile.Extensions == null
+                || vmssResult.VirtualMachineProfile.ExtensionProfile.Extensions.Count == 0)
+            {
+                return EncryptionStatus.NotEncrypted;
+            }
+
             try
             {
-                var disk = disks.First(e => e.Name.Equals(storage.DataDisks[0].Name));
+                VirtualMachineScaleSetExtension ext = vmssResult.VirtualMachineProfile.ExtensionProfile.Extensions.First(
+                         e => e.Type.Equals(this.ExtensionName));
 
-                if (disk == null)
+                AzureVmssDiskEncryptionExtensionPublicSettings encryptionSettings = JsonConvert.DeserializeObject<AzureVmssDiskEncryptionExtensionPublicSettings>(
+                ext.Settings.ToString());
+                if (encryptionSettings.VolumeType.Equals(AzureVmssDiskEncryptionExtensionContext.VolumeTypeAll, StringComparison.OrdinalIgnoreCase)
+                    || encryptionSettings.VolumeType.Equals(AzureVmssDiskEncryptionExtensionContext.VolumeTypeData, StringComparison.OrdinalIgnoreCase))
                 {
-                    return EncryptionStatus.Unknown;
+                    if (encryptionSettings.EncryptionOperation.Equals(AzureDiskEncryptionExtensionConstants.enableEncryptionOperation, StringComparison.OrdinalIgnoreCase))
+                    {
+                        return !string.IsNullOrEmpty(encryptionStatus) &&
+                            encryptionStatus.EndsWith(AzureVmssDiskEncryptionExtensionContext.StatusSucceeded, StringComparison.OrdinalIgnoreCase)
+                            ? EncryptionStatus.Encrypted
+                            : EncryptionStatus.Unknown;
+                    }
                 }
 
-                status = disk.Statuses.First(s => s.Code.Contains(AzureVmssDiskEncryptionExtensionContext.EncryptionStateString));
+                return EncryptionStatus.NotEncrypted;
             }
             catch (InvalidOperationException)
             {
-                return EncryptionStatus.NotEncrypted;
+                return EncryptionStatus.Unknown;
             }
-
-            return (status == null)
-                ? EncryptionStatus.NotEncrypted
-                : ConvertToEncryptionStatus(status.Code.Replace(AzureVmssDiskEncryptionExtensionContext.EncryptionStateString, ""));
         }
 
         private EncryptionStatus ConvertToEncryptionStatus(string encryptionStatusString)

src/ResourceManager/Compute/Commands.Compute/Extension/VmssDiskEncryption/GetAzureVmssVMDiskEncryptionStatus.cs

@@ -92,7 +92,10 @@ public class SetAzureVmssDiskEncryptionExtensionCommand : VirtualMachineScaleSet
             Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "Type of the volume (OS or Data) to perform encryption operation")]
-        [ValidateSet("OS", "Data", "All")]
+        [ValidateSet(
+            AzureVmssDiskEncryptionExtensionContext.VolumeTypeOS,
+            AzureVmssDiskEncryptionExtensionContext.VolumeTypeData,
+            AzureVmssDiskEncryptionExtensionContext.VolumeTypeAll)]
         public string VolumeType { get; set; }
 
         [Parameter(