From b235b7ad561ade917be616947c84aa21c71db6be Mon Sep 17 00:00:00 2001 From: Gerd Oberlechner Date: Thu, 24 Oct 2024 12:08:00 +0200 Subject: [PATCH] azure cli gh action Signed-off-by: Gerd Oberlechner --- .github/actions/install-azure-cli/action.yml | 14 +++++ .github/actions/templatize.yml | 46 ++++++++++++++++ .../workflows/aro-hcp-dev-bicep-what-if.yml | 24 ++++----- .github/workflows/cs-pr-bicep-what-if.yml | 24 ++++----- .github/workflows/dev-infrastructure.yml | 4 +- .github/workflows/yaml-lint.yml | 2 +- .yamllint.yml | 1 - dev-infrastructure/Makefile | 31 +++-------- dev-infrastructure/Makefile.lint.mk | 17 ++++++ .../cs-integ-metrics.bicepparam | 7 --- .../cs-integ-mgmt-cluster.bicepparam | 32 ------------ .../configurations/cs-integ-msi.bicepparam | 7 --- .../configurations/cs-integ-region.bicepparam | 16 ------ .../cs-integ-svc-cluster.bicepparam | 44 ---------------- dev-infrastructure/configurations/cs-integ.mk | 6 --- .../configurations/dev-metrics.bicepparam | 8 --- .../configurations/mvp-dev-acr.bicepparam | 52 ------------------- .../configurations/mvp-dev-ocp-acr.bicepparam | 26 ---------- .../configurations/mvp-dev-svc-acr.bicepparam | 32 ------------ .../configurations/mvp-image-sync.bicepparam | 10 ---- .../configurations/mvp-metrics.bicepparam | 8 --- .../mvp-mgmt-cluster.bicepparam | 32 ------------ .../configurations/mvp-region.bicepparam | 15 ------ .../configurations/mvp-svc-cluster.bicepparam | 44 ---------------- .../templates/mgmt-cluster.bicep | 1 - .../templatize/cmd/generate/generate_test.go | 2 +- .../templatize/cmd/generate/options_test.go | 7 +-- tooling/templatize/internal/config/config.go | 8 +-- .../templatize/internal/config/config_test.go | 2 +- tooling/templatize/internal/naming/azure.go | 1 - tooling/templatize/internal/naming/common.go | 2 +- .../testdata/zz_fixture_TestRawOptions.sh | 6 +-- 32 files changed, 125 insertions(+), 406 deletions(-) create mode 100644 .github/actions/install-azure-cli/action.yml create mode 100644 .github/actions/templatize.yml create mode 100644 dev-infrastructure/Makefile.lint.mk delete mode 100644 dev-infrastructure/configurations/cs-integ-metrics.bicepparam delete mode 100644 dev-infrastructure/configurations/cs-integ-mgmt-cluster.bicepparam delete mode 100644 dev-infrastructure/configurations/cs-integ-msi.bicepparam delete mode 100644 dev-infrastructure/configurations/cs-integ-region.bicepparam delete mode 100644 dev-infrastructure/configurations/cs-integ-svc-cluster.bicepparam delete mode 100644 dev-infrastructure/configurations/cs-integ.mk delete mode 100644 dev-infrastructure/configurations/dev-metrics.bicepparam delete mode 100644 dev-infrastructure/configurations/mvp-dev-acr.bicepparam delete mode 100644 dev-infrastructure/configurations/mvp-dev-ocp-acr.bicepparam delete mode 100644 dev-infrastructure/configurations/mvp-dev-svc-acr.bicepparam delete mode 100644 dev-infrastructure/configurations/mvp-image-sync.bicepparam delete mode 100644 dev-infrastructure/configurations/mvp-metrics.bicepparam delete mode 100644 dev-infrastructure/configurations/mvp-mgmt-cluster.bicepparam delete mode 100644 dev-infrastructure/configurations/mvp-region.bicepparam delete mode 100644 dev-infrastructure/configurations/mvp-svc-cluster.bicepparam diff --git a/.github/actions/install-azure-cli/action.yml b/.github/actions/install-azure-cli/action.yml new file mode 100644 index 000000000..20e2709eb --- /dev/null +++ b/.github/actions/install-azure-cli/action.yml @@ -0,0 +1,14 @@ +name: Install azure-cli +description: Installs the azure cli. +runs: + using: composite + steps: + - name: install azure-cli + run: | + sudo apt-get install -y ca-certificates curl apt-transport-https lsb-release gnupg + curl -sL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/microsoft.gpg > /dev/null + AZ_REPO=$(lsb_release -cs) + echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO main" | sudo tee /etc/apt/sources.list.d/azure-cli.list + sudo apt-get update + sudo apt-get install -y azure-cli + shell: bash diff --git a/.github/actions/templatize.yml b/.github/actions/templatize.yml new file mode 100644 index 000000000..0e5b5a660 --- /dev/null +++ b/.github/actions/templatize.yml @@ -0,0 +1,46 @@ +name: 'Azure CLI, Go, and Make' +description: 'Install Azure CLI, Go, and Make, and run a script' +runs: + using: 'composite' + steps: + - name: 'Prepare workspace' + run: mkdir -p /workspace/bin + + - name: 'Copy Azure CLI' + uses: docker://mcr.microsoft.com/azure-cli:2.64.0 + with: + args: | + /bin/bash -c " + cp -r /usr/local/bin/az /workspace/bin/ && + cp -r /usr/local/az /workspace/bin/ + " + volumes: + - name: workspace + path: /workspace + + - name: 'Build templatize' + uses: docker://golang:1.23 + with: + args: | + /bin/bash -c " + go build -o /workspace/templatize ./tooling/templatize + " + env: + GO111MODULE: 'on' + volumes: + - name: workspace + path: /workspace + + - name: 'Install Make' + run: | + sudo apt-get update + sudo apt-get install -y make + + - name: 'Run script' + run: ${{ inputs.script }} + shell: bash + +inputs: + script: + description: 'The script to run' + required: true diff --git a/.github/workflows/aro-hcp-dev-bicep-what-if.yml b/.github/workflows/aro-hcp-dev-bicep-what-if.yml index 55bf8e408..4dfb8f4a1 100644 --- a/.github/workflows/aro-hcp-dev-bicep-what-if.yml +++ b/.github/workflows/aro-hcp-dev-bicep-what-if.yml @@ -30,16 +30,16 @@ jobs: tenant-id: ${{ secrets.AZURE_TENANT_ID }} subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + - name: 'Deployment What If' - uses: azure/cli@089eac9d8cc39f5d003e94f8b65efc51076c9cbd # v2.1.0 - with: - azcliversion: 2.63.0 - inlineScript: | - dev-infrastructure/make ${DEPLOY_ENV} acr.what-if - dev-infrastructure/make ${DEPLOY_ENV} acr-svc.what-if - dev-infrastructure/make ${DEPLOY_ENV} acr-ocp.what-if - dev-infrastructure/make ${DEPLOY_ENV} region.what-if - dev-infrastructure/make ${DEPLOY_ENV} svc.what-if - dev-infrastructure/make ${DEPLOY_ENV} mgmt.what-if - dev-infrastructure/make ${DEPLOY_ENV} metrics-infra.what-if - dev-infrastructure/make ${DEPLOY_ENV} image-sync.what-if + run: | + dev-infrastructure/make ${DEPLOY_ENV} acr.what-if + dev-infrastructure/make ${DEPLOY_ENV} acr-svc.what-if + dev-infrastructure/make ${DEPLOY_ENV} acr-ocp.what-if + dev-infrastructure/make ${DEPLOY_ENV} region.what-if + dev-infrastructure/make ${DEPLOY_ENV} svc.what-if + dev-infrastructure/make ${DEPLOY_ENV} mgmt.what-if + dev-infrastructure/make ${DEPLOY_ENV} metrics-infra.what-if + dev-infrastructure/make ${DEPLOY_ENV} imagesync.what-if diff --git a/.github/workflows/cs-pr-bicep-what-if.yml b/.github/workflows/cs-pr-bicep-what-if.yml index 50f63babb..c4d026cbd 100644 --- a/.github/workflows/cs-pr-bicep-what-if.yml +++ b/.github/workflows/cs-pr-bicep-what-if.yml @@ -30,16 +30,16 @@ jobs: tenant-id: ${{ secrets.AZURE_TENANT_ID }} subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + - name: Install Azure CLI + uses: ./.github/actions/install-azure-cli + - name: 'Deployment What If' - uses: azure/cli@089eac9d8cc39f5d003e94f8b65efc51076c9cbd # v2.1.0 - with: - azcliversion: 2.63.0 - inlineScript: | - dev-infrastructure/make ${DEPLOY_ENV} acr.what-if - dev-infrastructure/make ${DEPLOY_ENV} acr-svc.what-if - dev-infrastructure/make ${DEPLOY_ENV} acr-ocp.what-if - dev-infrastructure/make ${DEPLOY_ENV} region.what-if - dev-infrastructure/make ${DEPLOY_ENV} svc.what-if - dev-infrastructure/make ${DEPLOY_ENV} mgmt.what-if - dev-infrastructure/make ${DEPLOY_ENV} metrics-infra.what-if - dev-infrastructure/make ${DEPLOY_ENV} image-sync.what-if + run: | + dev-infrastructure/make ${DEPLOY_ENV} acr.what-if + dev-infrastructure/make ${DEPLOY_ENV} acr-svc.what-if + dev-infrastructure/make ${DEPLOY_ENV} acr-ocp.what-if + dev-infrastructure/make ${DEPLOY_ENV} region.what-if + dev-infrastructure/make ${DEPLOY_ENV} svc.what-if + dev-infrastructure/make ${DEPLOY_ENV} mgmt.what-if + dev-infrastructure/make ${DEPLOY_ENV} metrics-infra.what-if + dev-infrastructure/make ${DEPLOY_ENV} imagesync.what-if diff --git a/.github/workflows/dev-infrastructure.yml b/.github/workflows/dev-infrastructure.yml index 2d52f2a5c..202e9de9e 100644 --- a/.github/workflows/dev-infrastructure.yml +++ b/.github/workflows/dev-infrastructure.yml @@ -25,8 +25,8 @@ jobs: working-directory: './dev-infrastructure' run: | az bicep version - make fmt - make lint + make -f Makefile.lint.mk fmt + make -f Makefile.lint.mk lint - name: Check for uncommitted changes working-directory: './dev-infrastructure' diff --git a/.github/workflows/yaml-lint.yml b/.github/workflows/yaml-lint.yml index c8a75d1fd..6fd927b88 100644 --- a/.github/workflows/yaml-lint.yml +++ b/.github/workflows/yaml-lint.yml @@ -22,4 +22,4 @@ jobs: - name: Linters uses: oxsecurity/megalinter/flavors/ci_light@v8 env: - FILTER_REGEX_EXCLUDE: 'hypershiftoperator/deploy/base/|hypershiftoperator/deploy/crds/|maestro/deploy/helm/|acm/deploy/helm/multicluster-engine-config/charts/policy/charts' + FILTER_REGEX_EXCLUDE: 'hypershiftoperator/deploy/base/|hypershiftoperator/deploy/crds/|maestro/server/helm/templates/allow-cluster-service.authorizationpolicy.yaml|acm/deploy/helm/multicluster-engine-config/charts/policy/charts' diff --git a/.yamllint.yml b/.yamllint.yml index e02c0be71..22af28228 100644 --- a/.yamllint.yml +++ b/.yamllint.yml @@ -5,7 +5,6 @@ yaml-files: - '.yamllint' rules: - braces: enable brackets: enable colons: enable commas: enable diff --git a/dev-infrastructure/Makefile b/dev-infrastructure/Makefile index c50f41f5a..0f28f8fa6 100644 --- a/dev-infrastructure/Makefile +++ b/dev-infrastructure/Makefile @@ -1,6 +1,7 @@ SHELL = /bin/bash include configurations/config.mk +include Makefile.lint.mk # Set SKIP_CONFIRM to a non-empty value to skip "what-if" confirmation prompts. ifndef SKIP_CONFIRM @@ -11,24 +12,6 @@ list: @grep '^[^#[:space:]].*:' Makefile .PHONY: list -fmt: - set -e; \ - FILES="$$(find . -type f -name "*.bicep*")"; \ - for file in $$FILES; do \ - echo "az bicep format --file $${file}"; \ - az bicep format --file $$file; \ - done -.PHONY: fmt - -lint: - set -e; \ - FILES="$$(find . -type f -name "*.bicep*")"; \ - for file in $$FILES; do \ - echo "az bicep lint --file $${file}"; \ - az bicep lint --file $$file; \ - done -.PHONY: lint - feature-registration: # hardcoded to eastus as this is a subscription deployment, not a resource group @az deployment sub create \ --name "feature-registration" \ @@ -280,7 +263,7 @@ acr: globalRg az deployment group create \ --name "acr" \ --resource-group $(GLOBAL_RESOURCEGROUP) \ - --template-file templates/acr.bicep \ + --template-file templates/dev-acr.bicep \ $(PROMPT_TO_CONFIRM) \ --parameters \ configurations/acr.bicepparam @@ -290,7 +273,7 @@ acr.what-if: globalRg az deployment group what-if \ --name "acr" \ --resource-group $(GLOBAL_RESOURCEGROUP) \ - --template-file templates/acr.bicep \ + --template-file templates/dev-acr.bicep \ --parameters \ configurations/acr.bicepparam @@ -298,7 +281,7 @@ acr-svc: globalRg az deployment group create \ --name "acr-svc" \ --resource-group $(GLOBAL_RESOURCEGROUP) \ - --template-file templates/acr-svc.bicep \ + --template-file templates/dev-acr.bicep \ $(PROMPT_TO_CONFIRM) \ --parameters \ configurations/acr-svc.bicepparam @@ -308,7 +291,7 @@ acr-svc.what-if: globalRg az deployment group what-if \ --name "acr-svc" \ --resource-group $(GLOBAL_RESOURCEGROUP) \ - --template-file templates/acr-svc.bicep \ + --template-file templates/dev-acr.bicep \ --parameters \ configurations/acr-svc.bicepparam @@ -316,7 +299,7 @@ acr-ocp: globalRg az deployment group create \ --name "acr-ocp" \ --resource-group $(GLOBAL_RESOURCEGROUP) \ - --template-file templates/acr-ocp.bicep \ + --template-file templates/dev-acr.bicep \ $(PROMPT_TO_CONFIRM) \ --parameters \ configurations/acr-ocp.bicepparam @@ -326,7 +309,7 @@ acr-ocp.what-if: globalRg az deployment group what-if \ --name "acr-ocp" \ --resource-group $(GLOBAL_RESOURCEGROUP) \ - --template-file templates/acr-ocp.bicep \ + --template-file templates/dev-acr.bicep \ --parameters \ configurations/acr-ocp.bicepparam diff --git a/dev-infrastructure/Makefile.lint.mk b/dev-infrastructure/Makefile.lint.mk new file mode 100644 index 000000000..97ed18694 --- /dev/null +++ b/dev-infrastructure/Makefile.lint.mk @@ -0,0 +1,17 @@ +fmt: + set -e; \ + FILES="$$(find . -type f \( -name "*.bicep" -o -name "*.bicepparam" \) ! -name "*.tmpl.bicepparam")"; \ + for file in $$FILES; do \ + echo "az bicep format --file $${file}"; \ + az bicep format --file $$file; \ + done +.PHONY: fmt + +lint: + set -e; \ + FILES="$$(find . -type f \( -name "*.bicep" -o -name "*.bicepparam" \) ! -name "*.tmpl.bicepparam")"; \ + for file in $$FILES; do \ + echo "az bicep lint --file $${file}"; \ + az bicep lint --file $$file; \ + done +.PHONY: lint diff --git a/dev-infrastructure/configurations/cs-integ-metrics.bicepparam b/dev-infrastructure/configurations/cs-integ-metrics.bicepparam deleted file mode 100644 index 66c739799..000000000 --- a/dev-infrastructure/configurations/cs-integ-metrics.bicepparam +++ /dev/null @@ -1,7 +0,0 @@ -using '../modules/metrics/metrics.bicep' - -param grafanaName = 'cs-integ-grafana' -param msiName = 'cs-integ-metrics-msi' - -// overriden in makefile -param globalResourceGroup = '' diff --git a/dev-infrastructure/configurations/cs-integ-mgmt-cluster.bicepparam b/dev-infrastructure/configurations/cs-integ-mgmt-cluster.bicepparam deleted file mode 100644 index f8759cff2..000000000 --- a/dev-infrastructure/configurations/cs-integ-mgmt-cluster.bicepparam +++ /dev/null @@ -1,32 +0,0 @@ -using '../templates/mgmt-cluster.bicep' - -param kubernetesVersion = '1.30.4' -param vnetAddressPrefix = '10.132.0.0/14' -param subnetPrefix = '10.132.8.0/21' -param podSubnetPrefix = '10.132.64.0/18' -param aksClusterName = take('cs-integ-mgmt-cluster-${uniqueString('cs-integ-mgmt-cluster')}', 63) -param aksKeyVaultName = 'aks-kv-cs-integ-mc-1' -param systemAgentMinCount = 2 -param systemAgentMaxCount = 6 -param systemAgentVMSize = 'Standard_D2s_v3' -param aksSystemOsDiskSizeGB = 32 -param userAgentMinCount = 1 -param userAgentMaxCount = 12 -param userAgentVMSize = 'Standard_D4s_v3' -param aksUserOsDiskSizeGB = 100 -param userAgentPoolAZCount = 3 -param persist = true - -param deployMaestroConsumer = true -param maestroKeyVaultName = 'maestro-kv-cs-integ' -param maestroEventGridNamespacesName = 'maestro-eventgrid-cs-integ' -param maestroCertDomain = 'selfsigned.maestro.keyvault.aro-dev.azure.com' - -param baseDNSZoneName = 'hcp.osadev.cloud' -param regionalDNSSubdomain = 'westus3-cs' - -param acrPullResourceGroups = [regionalResourceGroup, 'global'] - -// These parameters are always overridden in the Makefile -param currentUserId = '' -param regionalResourceGroup = '' diff --git a/dev-infrastructure/configurations/cs-integ-msi.bicepparam b/dev-infrastructure/configurations/cs-integ-msi.bicepparam deleted file mode 100644 index 2ebe4c9fe..000000000 --- a/dev-infrastructure/configurations/cs-integ-msi.bicepparam +++ /dev/null @@ -1,7 +0,0 @@ -using '../templates/cs-integration-msi.bicep' - -param namespaceFormatString = 'sandbox-jenkins-{0}-aro-hcp' - -param clusterServiceManagedIdentityName = 'clusters-service' - -param clusterName = take('cs-integ-svc-cluster-${uniqueString('svc-cluster')}', 63) diff --git a/dev-infrastructure/configurations/cs-integ-region.bicepparam b/dev-infrastructure/configurations/cs-integ-region.bicepparam deleted file mode 100644 index 42886d231..000000000 --- a/dev-infrastructure/configurations/cs-integ-region.bicepparam +++ /dev/null @@ -1,16 +0,0 @@ -using '../templates/region.bicep' - -param persist = true - -// dns -param baseDNSZoneName = 'hcp.osadev.cloud' -param regionalDNSSubdomain = 'westus3-cs' -param baseDNSZoneResourceGroup = 'global' - -// maestro -param maestroKeyVaultName = 'maestro-kv-cs-integ' -param maestroEventGridNamespacesName = 'maestro-eventgrid-cs-integ' -param maestroEventGridMaxClientSessionsPerAuthName = 4 - -// This parameter is always overriden in the Makefile -param currentUserId = '' diff --git a/dev-infrastructure/configurations/cs-integ-svc-cluster.bicepparam b/dev-infrastructure/configurations/cs-integ-svc-cluster.bicepparam deleted file mode 100644 index c940ec182..000000000 --- a/dev-infrastructure/configurations/cs-integ-svc-cluster.bicepparam +++ /dev/null @@ -1,44 +0,0 @@ -using '../templates/svc-cluster.bicep' - -param kubernetesVersion = '1.30.4' -param istioVersion = ['asm-1-22'] -param vnetAddressPrefix = '10.128.0.0/14' -param subnetPrefix = '10.128.8.0/21' -param podSubnetPrefix = '10.128.64.0/18' -param persist = true -param aksClusterName = take('cs-integ-svc-cluster-${uniqueString('svc-cluster')}', 63) -param aksKeyVaultName = 'aks-kv-cs-integ-sc' -param disableLocalAuth = false -param deployFrontendCosmos = true - -param maestroKeyVaultName = 'maestro-kv-cs-integ' -param maestroEventGridNamespacesName = 'maestro-eventgrid-cs-integ' -param maestroCertDomain = 'selfsigned.maestro.keyvault.aro-dev.azure.com' -param maestroPostgresServerName = 'maestro-pg-cs-integ' -param maestroPostgresServerVersion = '15' -param maestroPostgresServerStorageSizeGB = 32 -param deployMaestroPostgres = false -param maestroPostgresPrivate = false - -param deployCsInfra = false -param csPostgresServerName = 'cs-pg-cs-integ' -param clusterServicePostgresPrivate = false - -param serviceKeyVaultName = 'aro-hcp-dev-svc-kv' -param serviceKeyVaultResourceGroup = 'global' -param serviceKeyVaultSoftDelete = true -param serviceKeyVaultPrivate = false - -param acrPullResourceGroups = ['global'] -param clustersServiceAcrResourceGroupNames = ['global'] -param imageSyncAcrResourceGroupNames = ['global'] - -param oidcStorageAccountName = 'arohcpoidccsinteg' -param aroDevopsMsiId = '/subscriptions/1d3378d3-5a3f-4712-85a1-2485495dfc4b/resourceGroups/global/providers/Microsoft.ManagedIdentity/userAssignedIdentities/aro-hcp-devops' - -param baseDNSZoneName = 'hcp.osadev.cloud' -param regionalDNSSubdomain = 'westus3-cs' - -// These parameters are always overridden in the Makefile -param currentUserId = '' -param regionalResourceGroup = '' diff --git a/dev-infrastructure/configurations/cs-integ.mk b/dev-infrastructure/configurations/cs-integ.mk deleted file mode 100644 index ca1de3066..000000000 --- a/dev-infrastructure/configurations/cs-integ.mk +++ /dev/null @@ -1,6 +0,0 @@ -REGION ?= westus3 -RESOURCEGROUP ?= cs-integ-$(USER)-$(REGION)-$(AKSCONFIG) -REGIONAL_RESOURCEGROUP ?= cs-integ-$(USER)-$(REGION) -SVC_KV_RESOURCEGROUP ?= global -ARO_HCP_IMAGE_ACR ?= arohcpdev -REGIONAL_ACR_NAME ?= arohcpdev$(shell echo $(CURRENTUSER) | sha256sum | head -c 24) diff --git a/dev-infrastructure/configurations/dev-metrics.bicepparam b/dev-infrastructure/configurations/dev-metrics.bicepparam deleted file mode 100644 index e91b70fa2..000000000 --- a/dev-infrastructure/configurations/dev-metrics.bicepparam +++ /dev/null @@ -1,8 +0,0 @@ -using '../modules/metrics/metrics.bicep' - -param monitorName = 'aro-hcp-monitor-${take(uniqueString(readEnvironmentVariable('CURRENTUSER', '')), 5)}' -param grafanaName = take('aro-hcp-grafana-${uniqueString(readEnvironmentVariable('CURRENTUSER', ''))}', 23) -param msiName = 'aro-hcp-metrics-msi-${take(uniqueString(readEnvironmentVariable('CURRENTUSER', '')), 5)}' - -// overriden in makefile -param globalResourceGroup = '' diff --git a/dev-infrastructure/configurations/mvp-dev-acr.bicepparam b/dev-infrastructure/configurations/mvp-dev-acr.bicepparam deleted file mode 100644 index c28541b5c..000000000 --- a/dev-infrastructure/configurations/mvp-dev-acr.bicepparam +++ /dev/null @@ -1,52 +0,0 @@ -using '../templates/dev-acr.bicep' - -param acrName = 'arohcpdev' -param acrSku = 'Premium' -param location = 'westus3' - -param quayRepositoriesToCache = [ - { - ruleName: 'openshiftReleaseDev' - sourceRepo: 'quay.io/openshift-release-dev/*' - targetRepo: 'openshift-release-dev/*' - userIdentifier: 'quay-username' - passwordIdentifier: 'quay-password' - } - { - ruleName: 'csSandboxImages' - sourceRepo: 'quay.io/app-sre/ocm-clusters-service-sandbox' - targetRepo: 'app-sre/ocm-clusters-service-sandbox' - userIdentifier: 'quay-componentsync-username' - passwordIdentifier: 'quay-componentsync-password' - } - { - ruleName: 'acm-d-mce' - sourceRepo: 'quay.io/acm-d/*' - targetRepo: 'acm-d-mce/multicluster-engine/*' - userIdentifier: 'acm-d-componentsync-username' - passwordIdentifier: 'acm-d-componentsync-password' - } -] - -param purgeJobs = [ - { - name: 'ocm-clusters-service-sandbox-purge' - purgeFilter: 'quay.io/app-sre/ocm-clusters-service-sandbox:.*' - purgeAfter: '2d' - imagesToKeep: 1 - } - { - name: 'openshift-release-dev-purge' - purgeFilter: 'quay.io/openshift-release-dev/.*:.*' - purgeAfter: '2d' - imagesToKeep: 1 - } - { - name: 'arohcpfrontend-purge' - purgeFilter: 'arohcpfrontend:.*' - purgeAfter: '7d' - imagesToKeep: 3 - } -] - -param keyVaultName = 'aro-hcp-dev-global-kv' diff --git a/dev-infrastructure/configurations/mvp-dev-ocp-acr.bicepparam b/dev-infrastructure/configurations/mvp-dev-ocp-acr.bicepparam deleted file mode 100644 index 4cddbf50d..000000000 --- a/dev-infrastructure/configurations/mvp-dev-ocp-acr.bicepparam +++ /dev/null @@ -1,26 +0,0 @@ -using '../templates/dev-acr.bicep' - -param acrName = 'arohcpocpdev' -param acrSku = 'Premium' -param location = 'westus3' - -param quayRepositoriesToCache = [ - { - ruleName: 'openshiftReleaseDev' - sourceRepo: 'quay.io/openshift-release-dev/*' - targetRepo: 'openshift-release-dev/*' - userIdentifier: 'quay-username' - passwordIdentifier: 'quay-password' - } -] - -param purgeJobs = [ - { - name: 'openshift-release-dev-purge' - purgeFilter: 'quay.io/openshift-release-dev/.*:.*' - purgeAfter: '2d' - imagesToKeep: 1 - } -] - -param keyVaultName = 'aro-hcp-dev-global-kv' diff --git a/dev-infrastructure/configurations/mvp-dev-svc-acr.bicepparam b/dev-infrastructure/configurations/mvp-dev-svc-acr.bicepparam deleted file mode 100644 index c7c27084c..000000000 --- a/dev-infrastructure/configurations/mvp-dev-svc-acr.bicepparam +++ /dev/null @@ -1,32 +0,0 @@ -using '../templates/dev-acr.bicep' - -param acrName = 'arohcpsvcdev' -param acrSku = 'Premium' -param location = 'westus3' - -param quayRepositoriesToCache = [ - { - ruleName: 'csSandboxImages' - sourceRepo: 'quay.io/app-sre/ocm-clusters-service-sandbox' - targetRepo: 'app-sre/ocm-clusters-service-sandbox' - userIdentifier: 'quay-componentsync-username' - passwordIdentifier: 'quay-componentsync-password' - } -] - -param purgeJobs = [ - { - name: 'ocm-clusters-service-sandbox-purge' - purgeFilter: 'quay.io/app-sre/ocm-clusters-service-sandbox:.*' - purgeAfter: '2d' - imagesToKeep: 1 - } - { - name: 'arohcpfrontend-purge' - purgeFilter: 'arohcpfrontend:.*' - purgeAfter: '7d' - imagesToKeep: 3 - } -] - -param keyVaultName = 'aro-hcp-dev-global-kv' diff --git a/dev-infrastructure/configurations/mvp-image-sync.bicepparam b/dev-infrastructure/configurations/mvp-image-sync.bicepparam deleted file mode 100644 index eb12ea165..000000000 --- a/dev-infrastructure/configurations/mvp-image-sync.bicepparam +++ /dev/null @@ -1,10 +0,0 @@ -using '../templates/image-sync.bicep' - -param acrResourceGroup = 'gobal' - -param keyVaultName = 'aro-hcp-dev-global-kv' - -param requiredSecretNames = [ - 'pull-secret' - 'bearer-secret' -] diff --git a/dev-infrastructure/configurations/mvp-metrics.bicepparam b/dev-infrastructure/configurations/mvp-metrics.bicepparam deleted file mode 100644 index ff7efe0b4..000000000 --- a/dev-infrastructure/configurations/mvp-metrics.bicepparam +++ /dev/null @@ -1,8 +0,0 @@ -using '../modules/metrics/metrics.bicep' - -param monitorName = 'aro-hcp-monitor' -param grafanaName = 'aro-hcp-grafana' -param msiName = 'aro-hcp-metrics-msi' - -// overriden in makefile -param globalResourceGroup = '' diff --git a/dev-infrastructure/configurations/mvp-mgmt-cluster.bicepparam b/dev-infrastructure/configurations/mvp-mgmt-cluster.bicepparam deleted file mode 100644 index 6af5e300e..000000000 --- a/dev-infrastructure/configurations/mvp-mgmt-cluster.bicepparam +++ /dev/null @@ -1,32 +0,0 @@ -using '../templates/mgmt-cluster.bicep' - -param kubernetesVersion = '1.30.4' -param vnetAddressPrefix = '10.132.0.0/14' -param subnetPrefix = '10.132.8.0/21' -param podSubnetPrefix = '10.132.64.0/18' -param aksClusterName = take('aro-hcp-mgmt-cluster-${uniqueString('mgmt-cluster')}', 63) -param aksKeyVaultName = 'aks-kv-aro-hcp-dev-mc-1' -param systemAgentMinCount = 2 -param systemAgentMaxCount = 3 -param systemAgentVMSize = 'Standard_D2s_v3' -param aksSystemOsDiskSizeGB = 32 -param userAgentMinCount = 1 -param userAgentMaxCount = 9 -param userAgentVMSize = 'Standard_D4s_v3' -param aksUserOsDiskSizeGB = 100 -param userAgentPoolAZCount = 3 -param persist = true - -param deployMaestroConsumer = true -param maestroKeyVaultName = 'maestro-kv-aro-hcp-dev' -param maestroEventGridNamespacesName = 'maestro-eventgrid-aro-hcp-dev' -param maestroCertDomain = 'selfsigned.maestro.keyvault.aro-dev.azure.com' - -param baseDNSZoneName = 'hcp.osadev.cloud' -param regionalDNSSubdomain = 'westus3' - -param acrPullResourceGroups = [regionalResourceGroup, 'global'] - -// These parameters are always overridden in the Makefile -param currentUserId = '' -param regionalResourceGroup = '' diff --git a/dev-infrastructure/configurations/mvp-region.bicepparam b/dev-infrastructure/configurations/mvp-region.bicepparam deleted file mode 100644 index 9d58a7a44..000000000 --- a/dev-infrastructure/configurations/mvp-region.bicepparam +++ /dev/null @@ -1,15 +0,0 @@ -using '../templates/region.bicep' - -param persist = true - -// dns -param baseDNSZoneName = 'hcp.osadev.cloud' -param baseDNSZoneResourceGroup = 'global' - -// maestro -param maestroKeyVaultName = 'maestro-kv-aro-hcp-dev' -param maestroEventGridNamespacesName = 'maestro-eventgrid-aro-hcp-dev' -param maestroEventGridMaxClientSessionsPerAuthName = 4 - -// This parameter is always overriden in the Makefile -param currentUserId = '' diff --git a/dev-infrastructure/configurations/mvp-svc-cluster.bicepparam b/dev-infrastructure/configurations/mvp-svc-cluster.bicepparam deleted file mode 100644 index d1c310ec8..000000000 --- a/dev-infrastructure/configurations/mvp-svc-cluster.bicepparam +++ /dev/null @@ -1,44 +0,0 @@ -using '../templates/svc-cluster.bicep' - -param kubernetesVersion = '1.30.4' -param istioVersion = ['asm-1-22'] -param vnetAddressPrefix = '10.128.0.0/14' -param subnetPrefix = '10.128.8.0/21' -param podSubnetPrefix = '10.128.64.0/18' -param persist = true -param aksClusterName = take('aro-hcp-svc-cluster-${uniqueString('svc-cluster')}', 63) -param aksKeyVaultName = 'aks-kv-aro-hcp-dev-sc' -param disableLocalAuth = false -param deployFrontendCosmos = true - -param maestroKeyVaultName = 'maestro-kv-aro-hcp-dev' -param maestroEventGridNamespacesName = 'maestro-eventgrid-aro-hcp-dev' -param maestroCertDomain = 'selfsigned.maestro.keyvault.aro-dev.azure.com' -param maestroPostgresServerName = 'maestro-pg-aro-hcp-dev' -param maestroPostgresServerVersion = '15' -param maestroPostgresServerStorageSizeGB = 32 -param deployMaestroPostgres = false -param maestroPostgresPrivate = false - -param deployCsInfra = false -param csPostgresServerName = 'cs-pg-aro-hcp-dev' -param clusterServicePostgresPrivate = false - -param serviceKeyVaultName = 'aro-hcp-dev-svc-kv' -param serviceKeyVaultResourceGroup = 'global' -param serviceKeyVaultSoftDelete = true -param serviceKeyVaultPrivate = false - -param acrPullResourceGroups = ['global'] -param clustersServiceAcrResourceGroupNames = ['global'] -param imageSyncAcrResourceGroupNames = ['global'] - -param oidcStorageAccountName = 'arohcpoidcdev' -param aroDevopsMsiId = '/subscriptions/1d3378d3-5a3f-4712-85a1-2485495dfc4b/resourceGroups/global/providers/Microsoft.ManagedIdentity/userAssignedIdentities/aro-hcp-devops' - -param baseDNSZoneName = 'hcp.osadev.cloud' -param regionalDNSSubdomain = 'westus3' - -// These parameters are always overridden in the Makefile -param currentUserId = '' -param regionalResourceGroup = '' diff --git a/dev-infrastructure/templates/mgmt-cluster.bicep b/dev-infrastructure/templates/mgmt-cluster.bicep index 97f964553..cb2ff5005 100644 --- a/dev-infrastructure/templates/mgmt-cluster.bicep +++ b/dev-infrastructure/templates/mgmt-cluster.bicep @@ -66,7 +66,6 @@ param deployMaestroConsumer bool param maestroCertDomain string @description('The name of the keyvault for Maestro Eventgrid namespace certificates.') -@maxLength(24) param maestroKeyVaultName string @description('The name of the managed identity that will manage certificates in maestros keyvault.') diff --git a/tooling/templatize/cmd/generate/generate_test.go b/tooling/templatize/cmd/generate/generate_test.go index abcd38ca2..68feaa407 100644 --- a/tooling/templatize/cmd/generate/generate_test.go +++ b/tooling/templatize/cmd/generate/generate_test.go @@ -43,7 +43,7 @@ param maestroEventGridMaxClientSessionsPerAuthName = 4`, param maestroEventGridNamespacesName = '{{index . "region_eventgrid_namespace"}}' param maestroEventGridMaxClientSessionsPerAuthName = 4`, expected: `param maestroKeyVaultName = 'kv' -param maestroEventGridNamespacesName = '' +param maestroEventGridNamespacesName = '' param maestroEventGridMaxClientSessionsPerAuthName = 4`, }, } { diff --git a/tooling/templatize/cmd/generate/options_test.go b/tooling/templatize/cmd/generate/options_test.go index 4a44101dd..3fd96d475 100644 --- a/tooling/templatize/cmd/generate/options_test.go +++ b/tooling/templatize/cmd/generate/options_test.go @@ -1,6 +1,7 @@ package generate import ( + "fmt" "path/filepath" "testing" @@ -15,14 +16,14 @@ func TestRawOptions(t *testing.T) { opts := &RawGenerationOptions{ RawOptions: options.RawOptions{ ConfigFile: "../../testdata/config.yaml", - Cloud: "fairfax", - DeployEnv: "prod", + Cloud: "public", + DeployEnv: "dev", Region: "uksouth", RegionStamp: "1", CXStamp: "cx", }, Input: "../../testdata/helm.sh", - Output: tmpdir, + Output: fmt.Sprintf("%s/helm.sh", tmpdir), } assert.NoError(t, generate(opts)) testutil.CompareFileWithFixture(t, filepath.Join(tmpdir, "helm.sh")) diff --git a/tooling/templatize/internal/config/config.go b/tooling/templatize/internal/config/config.go index 329ca7069..876e13263 100644 --- a/tooling/templatize/internal/config/config.go +++ b/tooling/templatize/internal/config/config.go @@ -66,11 +66,11 @@ func (cp *configProviderImpl) loadConfig(cloud, deployEnv string) (*VariableOver } functions := template.FuncMap{ - "azureEventGridName": naming.AzureEventGridName, - "azurePostgresName": naming.AzurePostgresName, - "azureKeyVaultName": naming.AzureKeyVaultName, + "azureEventGridName": naming.AzureEventGridName, + "azurePostgresName": naming.AzurePostgresName, + "azureKeyVaultName": naming.AzureKeyVaultName, "azureStorageAccountName": naming.AzureStorageAccountName, - "uniqueString": naming.UniqueString, + "uniqueString": naming.UniqueString, } // parse, execute and unmarshal the config file as a template to generate the final config file diff --git a/tooling/templatize/internal/config/config_test.go b/tooling/templatize/internal/config/config_test.go index 557400a5d..fe98028a3 100644 --- a/tooling/templatize/internal/config/config_test.go +++ b/tooling/templatize/internal/config/config_test.go @@ -19,7 +19,7 @@ func TestConfigProvider(t *testing.T) { assert.NotNil(t, variables) // key is not in the config file - assert.Equal(t, "", variables["svc_resourcegroup"]) + assert.Nil(t, variables["svc_resourcegroup"]) // key is in the config file, region constant value assert.Equal(t, "uksouth", variables["test"]) diff --git a/tooling/templatize/internal/naming/azure.go b/tooling/templatize/internal/naming/azure.go index 3bb7be615..ec9d5b666 100644 --- a/tooling/templatize/internal/naming/azure.go +++ b/tooling/templatize/internal/naming/azure.go @@ -15,4 +15,3 @@ func AzureKeyVaultName(prefix string, suffixLength int, suffixDigestArgs ...stri func AzureStorageAccountName(prefix string, suffixLength int, suffixDigestArgs ...string) (string, error) { return suffixedName(prefix, "", 24, suffixLength, suffixDigestArgs...) } - diff --git a/tooling/templatize/internal/naming/common.go b/tooling/templatize/internal/naming/common.go index ab75b8b62..7822ebb87 100644 --- a/tooling/templatize/internal/naming/common.go +++ b/tooling/templatize/internal/naming/common.go @@ -34,6 +34,6 @@ func suffixedName(prefix string, suffixDelim string, maxLength int, suffixLength return name, nil } -func UniqueString(length int, digestArgs ...string) (string, error) { +func UniqueString(length int, digestArgs ...string) (string, error) { return suffixDigest(length, digestArgs...) } diff --git a/tooling/templatize/testdata/zz_fixture_TestRawOptions.sh b/tooling/templatize/testdata/zz_fixture_TestRawOptions.sh index 200d3d0cb..198bb1a47 100644 --- a/tooling/templatize/testdata/zz_fixture_TestRawOptions.sh +++ b/tooling/templatize/testdata/zz_fixture_TestRawOptions.sh @@ -3,11 +3,11 @@ deploy-server: TENANT_ID="72f988bf-86f1-41af-91ab-2d7cd011db47" REGION_RG="hcp-underlay-uksouth-1" EVENTGRID_NS="maestro-eventgrid-uksouth-1" - MAESTRO_KV="" - SERVICE_RG="" + MAESTRO_KV="maestro-kv-uksouth-1" + SERVICE_RG="hcp-underlay-uksouth-svc-1" AKS="aro-hcp-aks" MAESTRO_MI="maestro-server" - HELM_CHART="" + HELM_CHART="../maestro/deploy/helm/server" EVENTGRID_HOSTNAME=$(az event namespace show -g "${REGION_RG}" -n "${EVENTGRID_NS}" --query "properties.topicSpacesConfiguration.hostname") MAESTRO_MI_CLIENT_ID=$(az identity show -g "${SERVICE_RG}" -n "${MAESTRO_MI}" --query "clientId")