stackrox · davdhacs · Dec 22, 2023 · Aug 29, 2023 · Aug 30, 2023 · Aug 30, 2023
@@ -771,6 +771,28 @@
       value: "4"
       kind: optional
 
+    - name: aws-region
+      description: aws region for cluster
+      value: "us-east-2"
+      kind: optional
+
+    - name: managed-cp
+      description: Use managed control-plane?
+      value: "false"
+      kind: optional
+      help: |
+        Run as ROSA HCP?
+
+    - name: rosa-args
+      description: additional rosa cli args
+      value: ""
+      kind: optional
+      help: |
+        Arguments such as,
+        --sts
+        --private-link
+        See `rosa create cluster --help`
+
     - name: machine-type
       description: node machine type
       value: m5.xlarge
@@ -796,6 +818,80 @@
     - name: cluster-console-password
       description: The password to login at the openshift console
 
+########################
+#  Openshift ROSA HCP  #
+########################
+- id: rosahcp
+  name: Hypershift on ROSA (HCP)
+  description: Openshift ROSA HCP (Hypershift ManagedCP) cluster
+  availability: stable
+  workflow: configuration/workflow-openshift-rosa-hcp.yaml
+  parameters:
+    - name: name
+      description: cluster name
+      value: example1
+
+    - name: nodes
+      description: number of nodes
+      value: "2"
+      kind: optional
+
+    - name: aws-region
+      description: aws region for cluster
+      value: "us-east-1"
+      kind: optional
+
+    - name: managed-cp
+      description: Use managed control-plane?
+      value: "true"
+      kind: optional
+      help: |
+        Run as ROSA HCP?
+
+    - name: subnet-ids
+      description: Subnets for the cluster.
+      value: ""
+      kind: optional
+      help: |
+        Set like "public_subnet,private_subnet"
+        It will be placed in the command like `rosa create cluster --subnet-ids $SUBNET_IDS` 
+        Set empty for the installer to create a new empty vpc and subnets.
+
+    - name: rosa-args
+      description: additional rosa cli args
+      value: "--sts"
+      kind: optional
+      help: |
+        Arguments such as,
+        --sts
+        --private-link
+        See `rosa create cluster --help`
+
+    - name: machine-type
+      description: node machine type
+      value: m5.2xlarge
+      kind: optional
+
+  artifacts:
+    - name: kubeconfig
+      description: Kube config for connecting to this cluster
+
+    - name: dotenv
+      description: Environment variables used to access the cluster and consoles
+
+    - name: data
+      description: An archive that includes ssh keys to connect to cluster nodes
+
+    - name: cluster-console-url
+      description: The URL for the openshift console
+      tags: [url]
+
+    - name: cluster-console-username
+      description: The username to login at the openshift console
+
+    - name: cluster-console-password
+      description: The password to login at the openshift console
+
 #########################
 #  Openshift OSD on AWS #
 #########################

@@ -0,0 +1,179 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Workflow
+metadata:
+  generateName: rosa-
+spec:
+  entrypoint: start
+  arguments:
+    parameters:
+      - name: name
+      - name: rosa-args
+        value: ""
+      - name: aws-region
+        value: "us-east-1"
+      - name: managed-cp
+        value: true
+      - name: subnet-ids
+        value: ""
+      - name: nodes
+        value: "2"
+      - name: machine-type
+        value: "m5.2xlarge"
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+      spec:
+        accessModes: [ "ReadWriteOnce" ]
+        resources:
+          requests:
+            storage: 10Mi
+
+  templates:
+    - name: start
+      steps:
+        - - name: create
+            template: create
+
+        - - name: gather
+            template: gather
+
+        - - name: wait
+            template: wait
+
+        - - name: destroy
+            template: destroy
+
+    - name: create
+      activeDeadlineSeconds: 7200
+      container:
+        image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.9.5
+        imagePullPolicy: Always
+        command:
+          - ./entrypoint.sh
+        args:
+          - create
+          - "{{workflow.parameters.name}}"
+        env:
+          - name: AWS_ACCESS_KEY_ID
+            valueFrom:
+              secretKeyRef:
+                name: osd-access-secrets
+                key: AWS_ACCESS_KEY_ID
+          - name: AWS_SECRET_ACCESS_KEY
+            valueFrom:
+              secretKeyRef:
+                name: osd-access-secrets
+                key: AWS_SECRET_ACCESS_KEY
+          - name: REDHAT_PULL_SECRET_BASE64
+            valueFrom:
+              secretKeyRef:
+                name: osd-access-secrets
+                key: REDHAT_PULL_SECRET_BASE64
+          - name: OPENSHIFT_CLUSTER_MANAGER_API_TOKEN
+            valueFrom:
+              secretKeyRef:
+                name: osd-access-secrets
+                key: OPENSHIFT_CLUSTER_MANAGER_API_TOKEN
+          - name: ROSA_ARGS
+            value: "{{workflow.parameters.rosa-args}}"
+          - name: AWS_REGION
+            value: "{{workflow.parameters.aws-region}}"
+          - name: MANAGED_CP
+            value: "{{workflow.parameters.managed-cp}}"
+          - name: SUBNET_IDS
+            value: "{{workflow.parameters.subnet-ids}}"
+          - name: NODE_COUNT
+            value: "{{workflow.parameters.nodes}}"
+          - name: INSTANCE_TYPE
+            value: "{{workflow.parameters.machine-type}}"
+          - name: CREATION_SOURCE
+            value: "infra"
+        volumeMounts:
+          - name: data
+            mountPath: /data
+
+    - name: gather
+      script:
+        image: busybox
+        command: [sh]
+        source: |
+          cd /data
+          . ./dotenv
+          if [[ -z "${CONSOLE_ENDPOINT// /}" ]]; then
+            CONSOLE_ENDPOINT="https://console-openshift-console.apps.rosa${API_ENDPOINT#https://api}"
+            echo "$CONSOLE_ENDPOINT" \
+              | sed -e 's/:[0-9]*$//' > cluster-console-url
+          else
+            echo "${CONSOLE_ENDPOINT}" > cluster-console-url
+          fi
+          echo "${CONSOLE_USER}" > cluster-console-username
+          echo "${CONSOLE_PASSWORD}" > cluster-console-password
+        volumeMounts:
+          - name: data
+            mountPath: /data
+      outputs:
+        artifacts:
+          - name: kubeconfig
+            path: /data/kubeconfig
+            archive:
+              none: {}
+          - name: dotenv
+            path: /data/dotenv
+            archive:
+              none: {}
+          - name: data
+            path: /data
+            archive:
+              tar: {}
+          - name: cluster-console-url
+            path: /data/cluster-console-url
+            archive:
+              none: {}
+          - name: cluster-console-username
+            path: /data/cluster-console-username
+            archive:
+              none: {}
+          - name: cluster-console-password
+            path: /data/cluster-console-password
+            archive:
+              none: {}
+
+    - name: wait
+      suspend: {}
+
+    - name: destroy
+      activeDeadlineSeconds: 3600
+      container:
+        image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.9.5
+        imagePullPolicy: Always
+        command:
+          - ./entrypoint.sh
+        args:
+          - destroy
+          - "{{workflow.parameters.name}}"
+        env:
+          - name: AWS_REGION
+            value: "{{workflow.parameters.aws-region}}"
+          - name: AWS_ACCESS_KEY_ID
+            valueFrom:
+              secretKeyRef:
+                name: osd-access-secrets
+                key: AWS_ACCESS_KEY_ID
+          - name: AWS_SECRET_ACCESS_KEY
+            valueFrom:
+              secretKeyRef:
+                name: osd-access-secrets
+                key: AWS_SECRET_ACCESS_KEY
+          - name: OPENSHIFT_CLUSTER_MANAGER_API_TOKEN
+            valueFrom:
+              secretKeyRef:
+                name: osd-access-secrets
+                key: OPENSHIFT_CLUSTER_MANAGER_API_TOKEN
+          - name: REDHAT_PULL_SECRET_BASE64
+            valueFrom:
+              secretKeyRef:
+                name: osd-access-secrets
+                key: REDHAT_PULL_SECRET_BASE64
+        volumeMounts:
+          - name: data
+            mountPath: /data
@@ -7,6 +7,12 @@ spec:
   arguments:
     parameters:
       - name: name
+      - name: rosa-args
+        value: ""
+      - name: aws-region
+        value: "us-east-2"
+      - name: managed-cp
+        value: false
       - name: nodes
         value: "4"
       - name: machine-type
@@ -38,7 +44,7 @@ spec:
     - name: create
       activeDeadlineSeconds: 7200
       container:
-        image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.7.5
+        image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.9.5
         imagePullPolicy: Always
         command:
           - ./entrypoint.sh
@@ -66,6 +72,12 @@ spec:
               secretKeyRef:
                 name: osd-access-secrets
                 key: OPENSHIFT_CLUSTER_MANAGER_API_TOKEN
+          - name: ROSA_ARGS
+            value: "{{workflow.parameters.rosa-args}}"
+          - name: AWS_REGION
+            value: "{{workflow.parameters.aws-region}}"
+          - name: MANAGED_CP
+            value: "{{workflow.parameters.managed-cp}}"
           - name: NODE_COUNT
             value: "{{workflow.parameters.nodes}}"
           - name: INSTANCE_TYPE
@@ -122,14 +134,16 @@ spec:
     - name: destroy
       activeDeadlineSeconds: 3600
       container:
-        image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.7.5
+        image: quay.io/stackrox-io/ci:automation-flavors-rosa-0.9.5
         imagePullPolicy: Always
         command:
           - ./entrypoint.sh
         args:
           - destroy
           - "{{workflow.parameters.name}}"
         env:
+          - name: AWS_REGION
+            value: "{{workflow.parameters.aws-region}}"
           - name: AWS_ACCESS_KEY_ID
             valueFrom:
               secretKeyRef:

@@ -64,6 +64,9 @@ data:
   workflow-openshift-rosa.yaml: |-
     {{- .Files.Get "static/workflow-openshift-rosa.yaml" | b64enc | nindent 4 }}
 
+  workflow-openshift-rosa-hcp.yaml: |-
+    {{- .Files.Get "static/workflow-openshift-rosa-hcp.yaml" | b64enc | nindent 4 }}
+
   workflow-osd-aws.yaml: |-
     {{- .Files.Get "static/workflow-osd-aws.yaml" | b64enc | nindent 4 }}