Merge pull request #91 from hieumoscow/main

feat: enhance AKS-MCP with Kubernetes placement operations

Author: gossion

README.md

@@ -6,6 +6,7 @@ It allows AI tools to:
 
 - Operate (CRUD) AKS resources
 - Retrieve details related to AKS clusters (VNets, Subnets, NSGs, Route Tables, etc.)
+- Manage Azure Fleet operations for multi-cluster scenarios
 
 ## How it works
 
@@ -151,6 +152,14 @@ List all my AKS clusters in my subscription xxx.
 What is the network configuration of my AKS cluster?
 
 Show me the network security groups associated with my cluster.
+
+Create a new Azure Fleet named prod-fleet in eastus region.
+
+List all members in my fleet.
+
+Create a placement to deploy nginx workloads to clusters with app=frontend label.
+
+Show me all ClusterResourcePlacements in my fleet.
 ```
 
 ## Available Tools
@@ -231,9 +240,14 @@ The AKS-MCP server provides the following tools for interacting with AKS cluster
 <summary>Fleet Tools</summary>
 
 - `az_fleet`: Execute Azure Fleet commands with structured parameters for AKS Fleet management
-  - Supports operations: list, show, create, update, delete, start, stop
-  - Supports resources: fleet, member, updaterun, updatestrategy
+  - Supports operations: list, show, create, update, delete, start, stop, get-credentials
+  - Supports resources: fleet, member, updaterun, updatestrategy, clusterresourceplacement
   - Requires readwrite or admin access for write operations
+  - **Kubernetes ClusterResourcePlacement Operations**: Create and manage ClusterResourcePlacements
+    - `clusterresourceplacement create`: Create new ClusterResourcePlacement with policy and selectors
+    - `clusterresourceplacement list`: List all ClusterResourcePlacements
+    - `clusterresourceplacement show/get`: Show ClusterResourcePlacement details
+    - `clusterresourceplacement delete`: Delete ClusterResourcePlacement
 </details>
 
 <details>

internal/azcli/fleet_executor.go

@@ -4,18 +4,23 @@ import (
 	"fmt"
 	"strings"
 
+	"github.com/Azure/aks-mcp/internal/components/fleet/kubernetes"
 	"github.com/Azure/aks-mcp/internal/config"
 )
 
 // FleetExecutor handles structured fleet command execution
 type FleetExecutor struct {
 	*AzExecutor
+	k8sClient            *kubernetes.Client
+	placementOps         *kubernetes.PlacementOperations
+	k8sClientInitialized bool
 }
 
 // NewFleetExecutor creates a new fleet command executor
 func NewFleetExecutor() *FleetExecutor {
 	return &FleetExecutor{
-		AzExecutor: NewExecutor(),
+		AzExecutor:           NewExecutor(),
+		k8sClientInitialized: false,
 	}
 }
 
@@ -37,16 +42,30 @@ func (e *FleetExecutor) Execute(params map[string]interface{}, cfg *config.Confi
 		return "", fmt.Errorf("args parameter is required and must be a string")
 	}
 
-	// Validate operation/resource combination
+	// Route clusterresourceplacement operations to Kubernetes
+	if resource == "clusterresourceplacement" {
+		// Validate clusterresourceplacement operations separately
+		if err := e.validateClusterResourcePlacementCombination(operation); err != nil {
+			return "", err
+		}
+		return e.executeKubernetesClusterResourcePlacement(operation, args, cfg)
+	}
+
+	// Validate operation/resource combination for non-placement resources
 	if err := e.validateCombination(operation, resource); err != nil {
 		return "", err
 	}
 
 	// Construct the full command
-	command := fmt.Sprintf("az fleet %s %s", resource, operation)
+	var command string
 	if operation == "list" && resource == "fleet" {
 		// Special case: "az fleet list" without resource in between
 		command = "az fleet list"
+	} else if operation == "get-credentials" && resource == "fleet" {
+		// Special case: "az fleet get-credentials"
+		command = "az fleet get-credentials"
+	} else {
+		command = fmt.Sprintf("az fleet %s %s", resource, operation)
 	}
 
 	// Check access level
@@ -72,7 +91,7 @@ func (e *FleetExecutor) Execute(params map[string]interface{}, cfg *config.Confi
 // validateCombination validates if the operation/resource combination is valid
 func (e *FleetExecutor) validateCombination(operation, resource string) error {
 	validCombinations := map[string][]string{
-		"fleet":          {"list", "show", "create", "update", "delete"},
+		"fleet":          {"list", "show", "create", "update", "delete", "get-credentials"},
 		"member":         {"list", "show", "create", "update", "delete"},
 		"updaterun":      {"list", "show", "create", "start", "stop", "delete"},
 		"updatestrategy": {"list", "show", "create", "delete"},
@@ -96,7 +115,7 @@ func (e *FleetExecutor) validateCombination(operation, resource string) error {
 // checkAccessLevel ensures the operation is allowed for the current access level
 func (e *FleetExecutor) checkAccessLevel(operation, resource string, accessLevel string) error {
 	// Read-only operations are allowed for all access levels
-	readOnlyOps := []string{"list", "show"}
+	readOnlyOps := []string{"list", "show", "get", "get-credentials"}
 	for _, op := range readOnlyOps {
 		if operation == op {
 			return nil
@@ -114,9 +133,13 @@ func (e *FleetExecutor) checkAccessLevel(operation, resource string, accessLevel
 
 // GetCommandForValidation returns the constructed command for security validation
 func (e *FleetExecutor) GetCommandForValidation(operation, resource, args string) string {
-	command := fmt.Sprintf("az fleet %s %s", resource, operation)
+	var command string
 	if operation == "list" && resource == "fleet" {
 		command = "az fleet list"
+	} else if operation == "get-credentials" && resource == "fleet" {
+		command = "az fleet get-credentials"
+	} else {
+		command = fmt.Sprintf("az fleet %s %s", resource, operation)
 	}
 
 	if args != "" {
@@ -125,3 +148,179 @@ func (e *FleetExecutor) GetCommandForValidation(operation, resource, args string
 
 	return command
 }
+
+// executeKubernetesClusterResourcePlacement handles clusterresourceplacement operations via Kubernetes API
+func (e *FleetExecutor) executeKubernetesClusterResourcePlacement(operation, args string, cfg *config.ConfigData) (string, error) {
+	// Check access level for clusterresourceplacement operations
+	if err := e.checkAccessLevel(operation, "clusterresourceplacement", cfg.AccessLevel); err != nil {
+		return "", err
+	}
+
+	// Initialize Kubernetes client if needed
+	if !e.k8sClientInitialized {
+		if err := e.initializeKubernetesClient(); err != nil {
+			return "", err
+		}
+	}
+
+	// Check if placement operations are initialized
+	if e.placementOps == nil {
+		return "", fmt.Errorf("clusterresourceplacement operations not initialized")
+	}
+
+	// Parse arguments
+	parsedArgs, parseErr := kubernetes.ParsePlacementArgs(args)
+	if parseErr != nil {
+		return "", fmt.Errorf("failed to parse clusterresourceplacement arguments: %w", parseErr)
+	}
+
+	// Execute the clusterresourceplacement operation with error recovery
+	var result string
+	var err error
+
+	func() {
+		defer func() {
+			if r := recover(); r != nil {
+				// Provide a helpful error message without stdout pollution
+				err = fmt.Errorf("kubectl operation failed. Please ensure kubectl is installed, properly configured, and the cluster is accessible. Error: %v", r)
+			}
+		}()
+
+		switch operation {
+		case "create":
+			result, err = e.createClusterResourcePlacement(parsedArgs, cfg)
+		case "get", "show":
+			result, err = e.getClusterResourcePlacement(parsedArgs, cfg)
+		case "list":
+			result, err = e.placementOps.ListPlacements(cfg)
+		case "delete":
+			result, err = e.deleteClusterResourcePlacement(parsedArgs, cfg)
+		default:
+			err = fmt.Errorf("unsupported clusterresourceplacement operation: %s", operation)
+		}
+
+	}()
+
+	// Clean and validate the result for MCP compatibility
+	if err == nil {
+		result = cleanResult(result)
+	}
+
+	return result, err
+}
+
+// cleanResult sanitizes the result for MCP compatibility
+func cleanResult(result string) string {
+	// Just clean problematic characters and return as-is
+	cleaned := result
+	cleaned = strings.ReplaceAll(cleaned, "\x00", "") // Null bytes
+	cleaned = strings.ReplaceAll(cleaned, "\r", "")   // Carriage returns
+	cleaned = strings.ReplaceAll(cleaned, "\x1b", "") // Escape sequences
+	cleaned = strings.TrimSpace(cleaned)
+
+	return cleaned
+}
+
+// initializeKubernetesClient initializes the Kubernetes client
+func (e *FleetExecutor) initializeKubernetesClient() error {
+	defer func() {
+		// Recover from any panics during client initialization
+		if r := recover(); r != nil {
+			e.k8sClientInitialized = false
+		}
+	}()
+
+	client, err := kubernetes.NewClient()
+	if err != nil {
+		return fmt.Errorf("failed to initialize Kubernetes client. Please ensure kubectl is installed and kubeconfig is properly configured: %w", err)
+	}
+
+	// Test if the client is actually usable
+	if client == nil {
+		return fmt.Errorf("kubernetes client is nil after initialization")
+	}
+
+	e.k8sClient = client
+	e.placementOps = kubernetes.NewPlacementOperations(client)
+	e.k8sClientInitialized = true
+
+	return nil
+}
+
+// validateClusterResourcePlacementCombination validates clusterresourceplacement operations
+func (e *FleetExecutor) validateClusterResourcePlacementCombination(operation string) error {
+	validOps := []string{"list", "show", "get", "create", "delete"}
+
+	for _, validOp := range validOps {
+		if operation == validOp {
+			return nil
+		}
+	}
+
+	return fmt.Errorf("invalid operation '%s' for resource 'clusterresourceplacement'. Valid operations: %s",
+		operation, strings.Join(validOps, ", "))
+}
+
+// createClusterResourcePlacement creates a clusterresourceplacement using placement operations
+func (e *FleetExecutor) createClusterResourcePlacement(args map[string]string, cfg *config.ConfigData) (string, error) {
+	name, ok := args["name"]
+	if !ok || name == "" {
+		return "", fmt.Errorf("--name is required for create operation")
+	}
+
+	selector := args["selector"]
+	policy := args["policy"]
+
+	// Default policy if not specified
+	if policy == "" {
+		policy = "PickAll"
+	}
+
+	// Validate policy
+	validPolicies := []string{"PickAll", "PickFixed", "PickN"}
+	isValidPolicy := false
+	for _, validPolicy := range validPolicies {
+		if strings.EqualFold(policy, validPolicy) {
+			policy = validPolicy
+			isValidPolicy = true
+			break
+		}
+	}
+	if !isValidPolicy {
+		return "", fmt.Errorf("invalid policy '%s'. Valid policies: %s", policy, strings.Join(validPolicies, ", "))
+	}
+
+	if e.placementOps == nil {
+		return "", fmt.Errorf("clusterresourceplacement operations not initialized")
+	}
+
+	return e.placementOps.CreatePlacement(name, selector, policy, cfg)
+}
+
+// getClusterResourcePlacement retrieves a clusterresourceplacement using placement operations
+func (e *FleetExecutor) getClusterResourcePlacement(args map[string]string, cfg *config.ConfigData) (string, error) {
+	name, ok := args["name"]
+	if !ok || name == "" {
+		return "", fmt.Errorf("--name is required for get/show operation")
+	}
+
+	if e.placementOps == nil {
+		return "", fmt.Errorf("clusterresourceplacement operations not initialized")
+	}
+
+	return e.placementOps.GetPlacement(name, cfg)
+}
+
+// deleteClusterResourcePlacement deletes a clusterresourceplacement using placement operations
+func (e *FleetExecutor) deleteClusterResourcePlacement(args map[string]string, cfg *config.ConfigData) (string, error) {
+	name, ok := args["name"]
+	if !ok || name == "" {
+		return "", fmt.Errorf("--name is required for delete operation")
+	}
+
+	if e.placementOps == nil {
+		return "", fmt.Errorf("clusterresourceplacement operations not initialized")
+	}
+
+	return e.placementOps.DeletePlacement(name, cfg)
+}