template ev2 gap

Signed-off-by: Gerd Oberlechner <[email protected]>
Azure · Nov 14, 2024 · 978f363 · 978f363
1 parent 3bf5906
commit 978f363
Show file tree

Hide file tree

Showing 37 changed files with 1,839 additions and 436 deletions.
diff --git a/config/config.yaml b/config/config.yaml
@@ -1,11 +1,14 @@
 defaults:
   region: {{ .ctx.region }}
+  # Subscriptions
+  serviceClusterSubscription: hcp-{{ .ctx.region }}
+  managementClusterSubscription: hcp-{{ .ctx.region }}
   # Resourcegroups
   globalRG: global
-  regionRG: hcp-underlay-{{ .ctx.region }}-{{ .ctx.regionStamp }}
-  serviceClusterRG: hcp-underlay-{{ .ctx.region }}-{{ .ctx.regionStamp }}-svc
-  managementClusterRG: hcp-underlay-{{ .ctx.region }}-{{ .ctx.regionStamp }}-mgmt-{{ .ctx.cxStamp }}
-  imageSyncRG: hcp-underlay-{{ .ctx.region }}-{{ .ctx.regionStamp }}-imagesync
+  regionRG: hcp-underlay-{{ .ctx.regionShort }}
+  serviceClusterRG: hcp-underlay-{{ .ctx.regionShort }}-svc
+  managementClusterRG: hcp-underlay-{{ .ctx.regionShort }}-mgmt-{{ .ctx.stamp }}
+  imageSyncRG: hcp-underlay-{{ .ctx.regionShort }}-imagesync
 
   # General AKS config
   kubernetesVersion: 1.30.5
@@ -19,30 +22,30 @@ defaults:
   serviceComponentAcrResourceGroups: global
 
   # SVC cluster specifics
-  svcEtcdKVName: {{ azureKeyVaultName "aro-hcp-etcd" 5 .ctx.region .ctx.regionStamp }}
+  svcEtcdKVName: arohcp-etcd-{{ .ctx.regionShort }}
   svcEtcdKVSoftDelete: true
 
   # MGMT cluster specifics
-  mgmtEtcdKVName: {{ azureKeyVaultName "aro-hcp-etcd" 5 .ctx.region .ctx.regionStamp .ctx.cxStamp }}
+  mgmtEtcdKVName: arohcp-etcd-{{ .ctx.regionShort }}-{{ .ctx.stamp }}
   mgmtEtcdKVSoftDelete: true
 
   # Frontend
   frontendCosmosDBDeploy: true
   frontendCosmosDBDisableLocalAuth: true
-  frontendCosmosDBName: {{ azureCosmosDBName "aro-hcp-rp" 5 .ctx.region .ctx.regionStamp }}
+  frontendCosmosDBName: arohcp-rp-{{ .ctx.regionShort }}
 
   # Maestro
-  maestroKeyVaultName: {{ azureKeyVaultName "maestro" 5 .ctx.region .ctx.regionStamp }}
-  maestroEventgridName: {{ azureEventGridName "maestro" 5 .ctx.region .ctx.regionStamp }}
+  maestroKeyVaultName: arohcp-maestro-{{ .ctx.regionShort }}
+  maestroEventgridName: arohcp-maestro-{{ .ctx.regionShort }}
   maestroEventGridMaxClientSessionsPerAuthName: '4'
   maestroCertDomain: 'selfsigned.maestro.keyvault.azure.com'
-  maestroPostgresName: {{ azurePostgresName "maestro" 5 .ctx.region .ctx.regionStamp }}
+  maestroPostgresName: arohcp-maestro-{{ .ctx.regionShort }}
   maestroPostgresServerVersion: '15'
   maestroPostgresServerStorageSizeGB: '32'
   maestroPostgresDeploy: true
   maestroPostgresPrivate: false
   maestroRestrictIstioIngress: true
-  maestroConsumerName: hcp-underlay-{{ .ctx.region }}-{{ .ctx.regionStamp }}-mgmt-{{ .ctx.cxStamp }}
+  maestroConsumerName: hcp-underlay-{{ .ctx.regionShort }}-mgmt-{{ .ctx.stamp }}
 
   # Hypershift
   hypershiftNamespace: hypershift
@@ -51,7 +54,7 @@ defaults:
   externalDNSServiceAccountName: external-dns
 
   # Cluster Service
-  clusterServicePostgresName: {{ azurePostgresName "cs" 5 .ctx.region .ctx.regionStamp }}
+  clusterServicePostgresName: arohcp-cs-{{ .ctx.regionShort }}
   clusterServicePostgresDeploy: true
   clusterServicePostgresPrivate: false
   clusterServiceAcrRG: global
@@ -66,20 +69,20 @@ defaults:
   ocMirrorImageTag: 7abc8af
 
   # Service KeyVault
-  serviceKeyVaultName: {{ azureKeyVaultName "aro-hcp-svc" 5 .ctx.region .ctx.regionStamp }}
-  serviceKeyVaultRG: hcp-underlay-{{ .ctx.region }}-svc-{{ .ctx.regionStamp }}
+  serviceKeyVaultName: arohcp-svc-{{ .ctx.regionShort }}
+  serviceKeyVaultRG: hcp-underlay-{{ .ctx.regionShort }}
   serviceKeyVaultRegion: {{ .ctx.region }}
   serviceKeyVaultSoftDelete: true
   serviceKeyVaultPrivate: true
 
   # Management Cluster KV
-  cxKeyVaultName: {{ azureKeyVaultName "aro-hcp-cx" 5 .ctx.region .ctx.regionStamp .ctx.cxStamp }}
+  cxKeyVaultName: arohcp-cx-{{ .ctx.regionShort }}-{{ .ctx.stamp }}
   cxKeyVaultSoftDelete: true
   cxKeyVaultPrivate: true
-  msiKeyVaultName: {{ azureKeyVaultName "aro-hcp-msi" 5 .ctx.region .ctx.regionStamp .ctx.cxStamp }}
+  msiKeyVaultName: arohcp-msi-{{ .ctx.regionShort }}-{{ .ctx.stamp }}
   msiKeyVaultSoftDelete: true
   msiKeyVaultPrivate: true
-  mgmtKeyVaultName: {{ azureKeyVaultName "aro-hcp-mgmt" 5 .ctx.region .ctx.regionStamp .ctx.cxStamp }}
+  mgmtKeyVaultName: arohcp-mgmt-{{ .ctx.regionShort }}-{{ .ctx.stamp }}
   mgmtKeyVaultSoftDelete: true
   mgmtKeyVaultPrivate: true
 
@@ -90,6 +93,9 @@ clouds:
     # this configuration serves as a template for for all RH DEV subscription deployments
     # the following vars need approprivate overrides:
     defaults:
+      # Subscription
+      serviceClusterSubscription: ARO Hosted Control Planes (EA Subscription 1)
+      managementClusterSubscription: ARO Hosted Control Planes (EA Subscription 1)
       # DNS
       baseDnsZoneName: 'hcp.osadev.cloud'
       # MGMTM AKS nodepools - big enough for 2 HCPs
@@ -136,11 +142,11 @@ clouds:
       # Shared Image Sync
       imageSyncRG: hcp-underlay-westus3-imagesync-dev
       # OIDC
-      oidcStorageAccountName: {{ azureStorageAccountName "arohcpoidc" 5 .ctx.region .ctx.regionStamp }}
+      oidcStorageAccountName: arohcpoidc{{ .ctx.regionShort }}
       # Metrics
-      monitoringWorkspaceName: 'aro-hcp-monitor-{{ uniqueString 5 .ctx.region .ctx.regionStamp}}'
-      grafanaName: 'aro-hcp-grafana-{{ uniqueString 5 .ctx.region .ctx.regionStamp}}'
-      monitoringMsiName: 'aro-hcp-metrics-msi-{{ uniqueString 5 .ctx.region .ctx.regionStamp }}'
+      monitoringWorkspaceName: 'arohcp-{{ .ctx.regionShort }}'
+      grafanaName: 'arohcp-{{ .ctx.regionShort }}'
+      monitoringMsiName: 'aro-hcp-metrics-msi-{{ .ctx.regionShort }}'
       grafanaAdminGroupPrincipalId: 6b6d3adf-8476-4727-9812-20ffdef2b85c
       # DEVOPS MSI
       aroDevopsMsiId: '/subscriptions/1d3378d3-5a3f-4712-85a1-2485495dfc4b/resourceGroups/global/providers/Microsoft.ManagedIdentity/userAssignedIdentities/aro-hcp-devops'
@@ -153,6 +159,9 @@ clouds:
           mgmtUserAgentPoolMaxCount: 12
           # DNS
           regionalDNSSubdomain: '{{ .ctx.region }}'
+        regions:
+          westus2:
+            mgmtUserAgentPoolMinCount: 5
       cs-pr:
         # this is the cluster service PR check and full cycle test environment
         defaults:
@@ -169,7 +178,7 @@ clouds:
           # Cluster Service
           clusterServicePostgresDeploy: false
           # DNS
-          regionalDNSSubdomain: '{{ .ctx.region }}-{{ uniqueString 5 .ctx.region .ctx.regionStamp }}'
+          regionalDNSSubdomain: '{{ .ctx.regionShort }}'
           # Hypershift
           # uncomment the following line if you want to install the hypershift operator
           # with CRD support for managedIdentities

diff --git a/maestro/server/pipeline.yaml b/maestro/server/pipeline.yaml
@@ -0,0 +1,30 @@
+serviceGroup: Microsoft.Azure.ARO.Test
+rolloutName: Maestro Server Rollout
+steps:
+- name: deploy
+  subscription: {{ .serviceClusterSubscription }}
+  resourceGroup: {{ .serviceClusterRG }}
+  aksCluster: {{ .aksName }}
+  action:
+    type: Shell
+    command: ["/bin/bash", "-c", "make deploy"]
+    # we could infer the pwd from the location of this file and could avoid make -C
+    env:
+    - name: EVENTGRID_NAME
+      configRef: maestroEventgridName
+    - name: REGION_RG
+      configRef: regionRG
+    - name: SVC_RG
+      configRef: serviceClusterRG
+    - name: AKS_NAME
+      configRef: aksName
+    - name: IMAGE_BASE
+      configRef: maestroImageBase
+    - name: IMAGE_TAG
+      configRef: maestroImageTag
+    - name: USE_AZURE_DB
+      configRef: maestroPostgresDeploy
+    - name: ISTIO_RESTRICT_INGRESS
+      configRef: maestroRestrictIstioIngress
+    - name: KEYVAULT_NAME
+      configRef: maestroKeyVaultName
diff --git a/templatize.sh b/templatize.sh
@@ -61,10 +61,39 @@ while getopts "c:r:x:e:" opt; do
     esac
 done
 
+# short names from EV2 prod ServiceConfig
+case ${REGION} in
+    eastus)
+        REGION_SHORT="bl"
+        ;;
+    westus)
+        REGION_SHORT="by"
+        ;;
+    centralus)
+        REGION_SHORT="dm"
+        ;;
+    northcentralus)
+        REGION_SHORT="ch"
+        ;;
+    southcentralus)
+        REGION_SHORT="sn"
+        ;;
+    westus2)
+        REGION_SHORT="mwh"
+        ;;
+    westus3)
+        REGION_SHORT="usw3"
+        ;;
+    *)
+        echo "unsupported region: ${REGION}"
+        exit 1
+esac
+
 if [ "$DEPLOY_ENV" == "personal-dev" ]; then
-    REGION_STAMP=${USER}
+    REGION_STAMP="${REGION_SHORT}${USER:0:4}"
 else
-    REGION_STAMP=${DEPLOY_ENV}
+    CLEAN_DEPLOY_ENV=$(echo "${DEPLOY_ENV}" | tr -cd '[:alnum:]')
+    REGION_STAMP="${CLEAN_DEPLOY_ENV}"
 fi
 
 TEMPLATIZE=${PROJECT_ROOT_DIR}/tooling/templatize/templatize
@@ -79,8 +108,8 @@ if [ -n "$INPUT" ] && [ -n "$OUTPUT" ]; then
         --cloud=${CLOUD} \
         --deploy-env=${DEPLOY_ENV} \
         --region=${REGION} \
-        --region-stamp=${REGION_STAMP} \
-        --cx-stamp=${CXSTAMP} \
+        --region-short=${REGION_STAMP} \
+        --stamp=${CXSTAMP} \
         --input=${INPUT} \
         --output=${OUTPUT} \
         ${EXTRA_ARGS}
@@ -90,7 +119,7 @@ else
         --cloud=${CLOUD} \
         --deploy-env=${DEPLOY_ENV} \
         --region=${REGION} \
-        --region-stamp=${REGION_STAMP} \
-        --cx-stamp=${CXSTAMP} \
+        --region-short=${REGION_STAMP} \
+        --stamp=${CXSTAMP} \
         ${EXTRA_ARGS}
 fi
diff --git a/tooling/templatize/cmd/generate/generate.go → tooling/templatize/cmd/generate/cmd.go b/tooling/templatize/cmd/generate/generate.go → tooling/templatize/cmd/generate/cmd.go
diff --git a/.../templatize/cmd/generate/generate_test.go → tooling/templatize/cmd/generate/cmd_test.go b/.../templatize/cmd/generate/generate_test.go → tooling/templatize/cmd/generate/cmd_test.go
@@ -9,21 +9,22 @@ import (
 	"github.com/google/go-cmp/cmp"
 	"github.com/stretchr/testify/assert"
 
-	"github.com/Azure/ARO-HCP/tooling/templatize/internal/config"
+	options "github.com/Azure/ARO-HCP/tooling/templatize/cmd"
+	"github.com/Azure/ARO-HCP/tooling/templatize/pkg/config"
 )
 
 func TestExecuteTemplate(t *testing.T) {
 	for _, testCase := range []struct {
-		name   string
-		config config.Variables
-		input  string
+		name  string
+		vars  config.Variables
+		input string
 
 		expected      string
 		expectedError bool
 	}{
 		{
 			name: "happy case generates a file",
-			config: config.Variables{
+			vars: config.Variables{
 				"region_maestro_keyvault":    "kv",
 				"region_eventgrid_namespace": "ns",
 			},
@@ -36,7 +37,7 @@ param maestroEventGridMaxClientSessionsPerAuthName = 4`,
 		},
 		{
 			name: "referencing unset variable errors",
-			config: config.Variables{
+			vars: config.Variables{
 				"region_maestro_keyvault": "kv",
 			},
 			input: `param maestroKeyVaultName = '{{ .region_maestro_keyvault }}'
@@ -49,10 +50,10 @@ param maestroEventGridMaxClientSessionsPerAuthName = 4`,
 			output := &bytes.Buffer{}
 			opts := GenerationOptions{
 				completedGenerationOptions: &completedGenerationOptions{
-					Config:    testCase.config,
-					Input:     fstest.MapFS{"test": &fstest.MapFile{Data: []byte(testCase.input)}},
-					InputFile: "test",
-					Output:    &nopCloser{Writer: output},
+					InputFS:        fstest.MapFS{"test": &fstest.MapFile{Data: []byte(testCase.input)}},
+					InputFile:      "test",
+					OutputFile:     &nopCloser{Writer: output},
+					RolloutOptions: options.NewRolloutOptions(testCase.vars),
 				},
 			}
 			err := opts.ExecuteTemplate()