chore: match infra OCP credentialsMode with stackrox CI (#1057)

CHANGELOG.md

@@ -8,6 +8,11 @@ Please avoid adding duplicate information across this changelog and JIRA/doc inp
 
 ## [NEXT RELEASE]
 
+## [0.8.7]
+
+- Add support for credentialsMode to openshift-4* flavors and default to
+  Passthrough to mimic CI.
+
 ## [0.8.6]
 
 - Chore: Bump demo versions to 4.2.2

chart/infra-server/Chart.yaml

@@ -8,3 +8,4 @@ sources:
   - https://github.com/stackrox/infra
 annotations:
   acsDemoVersion: 4.2.2
+  ocpCredentialsMode: Passthrough

chart/infra-server/static/flavors.yaml

@@ -307,6 +307,14 @@
       value: false
       kind: optional
 
+    - name: credentials-mode
+      description: credentials mode
+      value: {{ .Chart.Annotations.ocpCredentialsMode }}
+      kind: optional
+      help: |
+        Consult OCP documentation for details. {{ .Chart.Annotations.ocpCredentialsMode }} is the value used by
+        stackrox CI.
+
   artifacts:
     - name: kubeconfig
       description: Kube config for connecting to this cluster
@@ -426,6 +434,14 @@
       value: false
       kind: optional
 
+    - name: credentials-mode
+      description: credentials mode
+      value: {{ .Chart.Annotations.ocpCredentialsMode }}
+      kind: optional
+      help: |
+        Consult OCP documentation for details. {{ .Chart.Annotations.ocpCredentialsMode }} is the value used by
+        stackrox CI.
+
   artifacts:
     - name: admin-password
       description: Admin password for StackRox console
@@ -528,6 +544,14 @@
       value: false
       kind: optional
 
+    - name: credentials-mode
+      description: credentials mode
+      value: {{ .Chart.Annotations.ocpCredentialsMode }}
+      kind: optional
+      help: |
+        Consult OCP documentation for details. {{ .Chart.Annotations.ocpCredentialsMode }} is the value used by
+        stackrox CI.
+
   artifacts:
     - name: kubeconfig
       description: Kube config for connecting to this cluster

chart/infra-server/static/workflow-openshift-4-demo.yaml

@@ -18,6 +18,7 @@ spec:
       - name: central-services-helm-chart-version
       - name: secured-cluster-services-helm-chart-version
       - name: trusted-certs-enabled
+      - name: credentials-mode
   volumeClaimTemplates:
     - metadata:
         name: data
@@ -76,7 +77,7 @@ spec:
 
     - name: create
       container:
-        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.2
+        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.7
         imagePullPolicy: Always
         volumeMounts:
           - name: data
@@ -114,6 +115,8 @@ spec:
             value: "us-east1"
           - name: TRUSTED_CERTS_ENABLED
             value: "{{workflow.parameters.trusted-certs-enabled}}"
+          - name: CREDENTIALS_MODE
+            value: "{{workflow.parameters.credentials-mode}}"
 
     - name: pre-install
       script:
@@ -256,7 +259,7 @@ spec:
 
     - name: destroy
       container:
-        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.2
+        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.7
         imagePullPolicy: Always
         command:
           - entrypoint.sh

chart/infra-server/static/workflow-openshift-4-perf-scale.yaml

@@ -23,6 +23,7 @@ spec:
         value: ""
       - name: fips-enabled
       - name: trusted-certs-enabled
+      - name: credentials-mode
   volumeClaimTemplates:
     - metadata:
         name: data
@@ -79,7 +80,7 @@ spec:
             archive:
               tar: {}
       container:
-        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.2
+        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.7
         imagePullPolicy: Always
         command:
           - entrypoint.sh
@@ -118,6 +119,8 @@ spec:
             value: "{{workflow.parameters.fips-enabled}}"
           - name: TRUSTED_CERTS_ENABLED
             value: "{{workflow.parameters.trusted-certs-enabled}}"
+          - name: CREDENTIALS_MODE
+            value: "{{workflow.parameters.credentials-mode}}"
         volumeMounts:
           - name: data
             mountPath: /data
@@ -155,7 +158,7 @@ spec:
 
     - name: destroy
       container:
-        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.2
+        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.7
         imagePullPolicy: Always
         command:
           - entrypoint.sh

chart/infra-server/static/workflow-openshift-4.yaml

@@ -23,6 +23,7 @@ spec:
         value: ""
       - name: fips-enabled
       - name: trusted-certs-enabled
+      - name: credentials-mode
   volumeClaimTemplates:
     - metadata:
         name: data
@@ -79,7 +80,7 @@ spec:
             archive:
               tar: {}
       container:
-        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.2
+        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.7
         imagePullPolicy: Always
         command:
           - entrypoint.sh
@@ -118,6 +119,8 @@ spec:
             value: "{{workflow.parameters.fips-enabled}}"
           - name: TRUSTED_CERTS_ENABLED
             value: "{{workflow.parameters.trusted-certs-enabled}}"
+          - name: CREDENTIALS_MODE
+            value: "{{workflow.parameters.credentials-mode}}"
         volumeMounts:
           - name: data
             mountPath: /data
@@ -155,7 +158,7 @@ spec:
 
     - name: destroy
       container:
-        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.2
+        image: quay.io/stackrox-io/ci:automation-flavors-openshift-4-0.8.7
         imagePullPolicy: Always
         command:
           - entrypoint.sh