From 554a0f7d62459d8fc307b13a5e95a4c347137156 Mon Sep 17 00:00:00 2001 From: davdhacs <105243888+davdhacs@users.noreply.github.com> Date: Fri, 22 Dec 2023 09:05:55 -0700 Subject: [PATCH] ROX-20252: add rosa hcp option (#1053) Co-authored-by: Tom Martensen Co-authored-by: Gavin Jefferies --- chart/infra-server/static/flavors.yaml | 75 ++++++++ .../static/workflow-openshift-rosa-hcp.yaml | 179 ++++++++++++++++++ .../static/workflow-openshift-rosa.yaml | 4 +- chart/infra-server/templates/secrets.yaml | 3 + 4 files changed, 259 insertions(+), 2 deletions(-) create mode 100644 chart/infra-server/static/workflow-openshift-rosa-hcp.yaml diff --git a/chart/infra-server/static/flavors.yaml b/chart/infra-server/static/flavors.yaml index 2e98f33d5..abad1a993 100644 --- a/chart/infra-server/static/flavors.yaml +++ b/chart/infra-server/static/flavors.yaml @@ -796,6 +796,81 @@ - name: cluster-console-password description: The password to login at the openshift console +######################## +# Openshift ROSA HCP # +######################## +- id: rosahcp + name: Hypershift on ROSA (HCP) + description: Openshift ROSA HCP (Hypershift ManagedCP) cluster + availability: stable + workflow: configuration/workflow-openshift-rosa-hcp.yaml + parameters: + - name: name + description: cluster name + value: example1 + + - name: nodes + description: number of nodes + value: "2" + kind: optional + + - name: aws-region + description: aws region for cluster + value: "us-east-1" + kind: optional + + - name: managed-cp + description: Use managed control-plane? + value: "true" + kind: optional + help: | + Run as ROSA HCP? Setting this to `false` will create a + ROSA Classic cluster instead of HCP/Hypershift. + + - name: subnet-ids + description: Subnets for the cluster. + value: "" + kind: optional + help: | + Set like "public_subnet,private_subnet" + It will be placed in the command like `rosa create cluster --subnet-ids $SUBNET_IDS` + Set empty for the installer to create a new empty vpc and subnets. + + - name: rosa-args + description: additional rosa cli args + value: "--sts" + kind: optional + help: | + Arguments such as, + - `--sts` + - `--private-link` + See `rosa create cluster --help` + + - name: machine-type + description: node machine type + value: m5.2xlarge + kind: optional + + artifacts: + - name: kubeconfig + description: Kube config for connecting to this cluster + + - name: dotenv + description: Environment variables used to access the cluster and consoles + + - name: data + description: An archive that includes ssh keys to connect to cluster nodes + + - name: cluster-console-url + description: The URL for the openshift console + tags: [url] + + - name: cluster-console-username + description: The username to login at the openshift console + + - name: cluster-console-password + description: The password to login at the openshift console + ######################### # Openshift OSD on AWS # ######################### diff --git a/chart/infra-server/static/workflow-openshift-rosa-hcp.yaml b/chart/infra-server/static/workflow-openshift-rosa-hcp.yaml new file mode 100644 index 000000000..b42757738 --- /dev/null +++ b/chart/infra-server/static/workflow-openshift-rosa-hcp.yaml @@ -0,0 +1,179 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: rosa- +spec: + entrypoint: start + arguments: + parameters: + - name: name + - name: rosa-args + value: "" + - name: aws-region + value: "us-east-1" + - name: managed-cp + value: true + - name: subnet-ids + value: "" + - name: nodes + value: "2" + - name: machine-type + value: "m5.2xlarge" + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 10Mi + + templates: + - name: start + steps: + - - name: create + template: create + + - - name: gather + template: gather + + - - name: wait + template: wait + + - - name: destroy + template: destroy + + - name: create + activeDeadlineSeconds: 7200 + container: + image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.9.5 + imagePullPolicy: Always + command: + - ./entrypoint.sh + args: + - create + - "{{workflow.parameters.name}}" + env: + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: osd-access-secrets + key: AWS_ACCESS_KEY_ID + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: osd-access-secrets + key: AWS_SECRET_ACCESS_KEY + - name: REDHAT_PULL_SECRET_BASE64 + valueFrom: + secretKeyRef: + name: osd-access-secrets + key: REDHAT_PULL_SECRET_BASE64 + - name: OPENSHIFT_CLUSTER_MANAGER_API_TOKEN + valueFrom: + secretKeyRef: + name: osd-access-secrets + key: OPENSHIFT_CLUSTER_MANAGER_API_TOKEN + - name: ROSA_ARGS + value: "{{workflow.parameters.rosa-args}}" + - name: AWS_REGION + value: "{{workflow.parameters.aws-region}}" + - name: MANAGED_CP + value: "{{workflow.parameters.managed-cp}}" + - name: SUBNET_IDS + value: "{{workflow.parameters.subnet-ids}}" + - name: NODE_COUNT + value: "{{workflow.parameters.nodes}}" + - name: INSTANCE_TYPE + value: "{{workflow.parameters.machine-type}}" + - name: CREATION_SOURCE + value: "infra" + volumeMounts: + - name: data + mountPath: /data + + - name: gather + script: + image: busybox + command: [sh] + source: | + cd /data + . ./dotenv + if [[ -z "${CONSOLE_ENDPOINT// /}" ]]; then + CONSOLE_ENDPOINT="https://console-openshift-console.apps.rosa${API_ENDPOINT#https://api}" + echo "$CONSOLE_ENDPOINT" \ + | sed -e 's/:[0-9]*$//' > cluster-console-url + else + echo "${CONSOLE_ENDPOINT}" > cluster-console-url + fi + echo "${CONSOLE_USER}" > cluster-console-username + echo "${CONSOLE_PASSWORD}" > cluster-console-password + volumeMounts: + - name: data + mountPath: /data + outputs: + artifacts: + - name: kubeconfig + path: /data/kubeconfig + archive: + none: {} + - name: dotenv + path: /data/dotenv + archive: + none: {} + - name: data + path: /data + archive: + tar: {} + - name: cluster-console-url + path: /data/cluster-console-url + archive: + none: {} + - name: cluster-console-username + path: /data/cluster-console-username + archive: + none: {} + - name: cluster-console-password + path: /data/cluster-console-password + archive: + none: {} + + - name: wait + suspend: {} + + - name: destroy + activeDeadlineSeconds: 3600 + container: + image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.9.5 + imagePullPolicy: Always + command: + - ./entrypoint.sh + args: + - destroy + - "{{workflow.parameters.name}}" + env: + - name: AWS_REGION + value: "{{workflow.parameters.aws-region}}" + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: osd-access-secrets + key: AWS_ACCESS_KEY_ID + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: osd-access-secrets + key: AWS_SECRET_ACCESS_KEY + - name: OPENSHIFT_CLUSTER_MANAGER_API_TOKEN + valueFrom: + secretKeyRef: + name: osd-access-secrets + key: OPENSHIFT_CLUSTER_MANAGER_API_TOKEN + - name: REDHAT_PULL_SECRET_BASE64 + valueFrom: + secretKeyRef: + name: osd-access-secrets + key: REDHAT_PULL_SECRET_BASE64 + volumeMounts: + - name: data + mountPath: /data diff --git a/chart/infra-server/static/workflow-openshift-rosa.yaml b/chart/infra-server/static/workflow-openshift-rosa.yaml index 5641d2506..161558297 100644 --- a/chart/infra-server/static/workflow-openshift-rosa.yaml +++ b/chart/infra-server/static/workflow-openshift-rosa.yaml @@ -38,7 +38,7 @@ spec: - name: create activeDeadlineSeconds: 7200 container: - image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.7.5 + image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.9.5 imagePullPolicy: Always command: - ./entrypoint.sh @@ -122,7 +122,7 @@ spec: - name: destroy activeDeadlineSeconds: 3600 container: - image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.7.5 + image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.9.5 imagePullPolicy: Always command: - ./entrypoint.sh diff --git a/chart/infra-server/templates/secrets.yaml b/chart/infra-server/templates/secrets.yaml index 6f3f74ad8..79993b62b 100644 --- a/chart/infra-server/templates/secrets.yaml +++ b/chart/infra-server/templates/secrets.yaml @@ -64,6 +64,9 @@ data: workflow-openshift-rosa.yaml: |- {{- .Files.Get "static/workflow-openshift-rosa.yaml" | b64enc | nindent 4 }} + workflow-openshift-rosa-hcp.yaml: |- + {{- .Files.Get "static/workflow-openshift-rosa-hcp.yaml" | b64enc | nindent 4 }} + workflow-osd-aws.yaml: |- {{- .Files.Get "static/workflow-osd-aws.yaml" | b64enc | nindent 4 }}