{Compute} Change KeyVaultClient to CertificateClient in vm module

src/azure-cli/azure/cli/command_modules/vm/_vm_utils.py

@@ -105,9 +105,9 @@ def check_existence(cli_ctx, value, resource_group, provider_namespace, resource
         return False
 
 
-def create_keyvault_data_plane_client(cli_ctx):
-    from azure.cli.command_modules.keyvault._client_factory import keyvault_data_plane_factory
-    return keyvault_data_plane_factory(cli_ctx)
+def create_keyvault_data_plane_client(cli_ctx, vault_base_url):
+    from azure.cli.command_modules.keyvault._client_factory import data_plane_azure_keyvault_certificate_client
+    return data_plane_azure_keyvault_certificate_client(cli_ctx, {"vault_base_url": vault_base_url})
 
 
 def get_key_vault_base_url(cli_ctx, vault_name):

src/azure-cli/azure/cli/command_modules/vm/custom.py

@@ -2861,10 +2861,10 @@ def add_vm_secret(cmd, resource_group_name, vm_name, keyvault, certificate, cert
     vm = get_vm_to_update(cmd, resource_group_name, vm_name)
 
     if '://' not in certificate:  # has a cert name rather a full url?
-        keyvault_client = create_keyvault_data_plane_client(cmd.cli_ctx)
-        cert_info = keyvault_client.get_certificate(
-            get_key_vault_base_url(cmd.cli_ctx, parse_resource_id(keyvault)['name']), certificate, '')
-        certificate = cert_info.sid
+        keyvault_client = create_keyvault_data_plane_client(
+            cmd.cli_ctx, get_key_vault_base_url(cmd.cli_ctx, parse_resource_id(keyvault)['name']))
+        cert_info = keyvault_client.get_certificate(certificate)
+        certificate = cert_info.secret_id
 
     if not _is_linux_os(vm):
         certificate_store = certificate_store or 'My'

src/azure-cli/azure/cli/command_modules/vm/disk_encryption.py

@@ -362,8 +362,9 @@ def show_vm_encryption_status(cmd, resource_group_name, vm_name):
 
 
 def _get_keyvault_key_url(cli_ctx, keyvault_name, key_name):
-    client = create_keyvault_data_plane_client(cli_ctx)
-    result = client.get_key(get_key_vault_base_url(cli_ctx, keyvault_name), key_name, '')
+    vault_base_url = get_key_vault_base_url(cli_ctx, keyvault_name)
+    client = create_keyvault_data_plane_client(cli_ctx, vault_base_url)
+    result = client.get_key(key_name)
     return result.key.kid  # pylint: disable=no-member
 
 

src/azure-cli/azure/cli/command_modules/vm/tests/hybrid_2018_03_01/test_vm_commands.py

@@ -1939,7 +1939,7 @@ def test_run_command_with_parameters(self, resource_group):
 class VMDiskEncryptionTest(ScenarioTest):
 
     @ResourceGroupPreparer(name_prefix='cli_test_vm_encryption', location='westus')
-    @KeyVaultPreparer(name_prefix='vault', name_len=10, location='westus', key='vault', additional_params='--enabled-for-disk-encryption')
+    @KeyVaultPreparer(name_prefix='vault', name_len=10, location='westus', key='vault', skip_purge=True, additional_params='--enabled-for-disk-encryption')
     def test_vm_disk_encryption_e2e(self, resource_group, resource_group_location):
         self.kwargs.update({
             'vm': 'vm1'

src/azure-cli/azure/cli/command_modules/vm/tests/hybrid_2019_03_01/test_vm_commands.py

@@ -2292,7 +2292,7 @@ def test_vm_run_command_with_parameters(self, resource_group):
         self.cmd('vm run-command invoke -g {rg} -n{vm} --command-id RunShellScript  --scripts "echo $0 $1" --parameters hello world')
 
     @ResourceGroupPreparer(name_prefix='cli_test_vm_encryption', location='westus')
-    @KeyVaultPreparer(name_prefix='vault', name_len=10, key='vault', additional_params='--enabled-for-disk-encryption')
+    @KeyVaultPreparer(name_prefix='vault', name_len=10, key='vault', skip_purge=True, additional_params='--enabled-for-disk-encryption')
     def test_vm_disk_encryption_e2e(self, resource_group, resource_group_location):
         self.kwargs.update({
             'vm': 'vm1'