From d4e0f11ae03c2198290bcfcd802ff89b2f1e3df5 Mon Sep 17 00:00:00 2001 From: Gerd Oberlechner Date: Wed, 27 Nov 2024 08:35:13 +0100 Subject: [PATCH] varous fixes Signed-off-by: Gerd Oberlechner --- config/config.msft.yaml | 12 +++---- config/config.schema.json | 4 +-- config/config.yaml | 6 ++-- config/public-cloud-cs-pr.json | 6 ++-- config/public-cloud-dev.json | 6 ++-- config/public-cloud-msft-int.json | 12 +++---- config/public-cloud-personal-dev.json | 6 ++-- .../svc-cluster.tmpl.bicepparam | 32 +++++++++---------- dev-infrastructure/svc-pipeline.yaml | 2 +- 9 files changed, 43 insertions(+), 43 deletions(-) diff --git a/config/config.msft.yaml b/config/config.msft.yaml index f3d375778..d05c1e296 100644 --- a/config/config.msft.yaml +++ b/config/config.msft.yaml @@ -51,13 +51,13 @@ defaults: maestro: eventGrid: name: arohcp-maestro-{{ .ctx.regionShort }} - maxClientSessionsPerAuthName: '4' + maxClientSessionsPerAuthName: 4 private: false certDomain: 'selfsigned.maestro.keyvault.azure.com' postgres: name: arohcp-maestro-{{ .ctx.regionShort }} serverVersion: '15' - serverStorageSizeGB: '32' + serverStorageSizeGB: 32 deploy: false private: false minTLSVersion: 'TLSV1.2' @@ -90,7 +90,7 @@ defaults: serviceKeyVault: name: arohcp-svc-{{ .ctx.regionShort }} - rg: hcp-underlay-{{ .ctx.regionShort }} + rg: hcp-underlay-{{ .ctx.region }}-svc region: {{ .ctx.region }} softDelete: false private: false @@ -163,7 +163,7 @@ clouds: osDiskSizeGB: 100 azCount: 3 # DNS - baseDnsZoneName: aro-hcp.azure-test.net' + baseDnsZoneName: aro-hcp.azure-test.net regionalDNSSubdomain: '{{ .ctx.region }}' # ACR @@ -192,9 +192,9 @@ clouds: # Grafana monitoring: - grafanaAdminGroupPrincipalId: '??? the one to be used as Grafana Admin in grafana.bicep ???' + grafanaAdminGroupPrincipalId: '2fdb57d4-3fd3-415d-b604-1d0e37a188fe' # Azure Red Hat OpenShift MSFT Engineering # DEVOPS MSI # lets create this MSI manually for the time being and automate soon # but we should use the MSI name as an input and not the resource ID of the MSI - aroDevopsMsiId: '??? the one for OIDC deployment script / lives in the global RG / needs to be created first thing on regional buildout ???' + aroDevopsMsiId: '/subscriptions/5299e6b7-b23b-46c8-8277-dc1147807117/resourcegroups/global-shared-resources/providers/Microsoft.ManagedIdentity/userAssignedIdentities/aroint-int-public-oidc' diff --git a/config/config.schema.json b/config/config.schema.json index a12598003..926ece73d 100644 --- a/config/config.schema.json +++ b/config/config.schema.json @@ -229,7 +229,7 @@ "type": "object", "properties": { "maxClientSessionsPerAuthName": { - "type": "string" + "type": "integer" }, "name": { "type": "string" @@ -264,7 +264,7 @@ "type": "boolean" }, "serverStorageSizeGB": { - "type": "string" + "type": "integer" }, "serverVersion": { "type": "string" diff --git a/config/config.yaml b/config/config.yaml index 356f04416..bb9f2685f 100644 --- a/config/config.yaml +++ b/config/config.yaml @@ -7,7 +7,7 @@ defaults: # General AKS config kubernetesVersion: 1.30.5 - istioVersion: "['asm-1-22']" + istioVersion: "asm-1-22" vnetAddressPrefix: "10.128.0.0/14" subnetPrefix: "10.128.8.0/21" podSubnetPrefix: "10.128.64.0/18" @@ -51,13 +51,13 @@ defaults: maestro: eventGrid: name: arohcp-maestro-{{ .ctx.regionShort }} - maxClientSessionsPerAuthName: '4' + maxClientSessionsPerAuthName: 4 private: false certDomain: 'selfsigned.maestro.keyvault.azure.com' postgres: name: arohcp-maestro-{{ .ctx.regionShort }} serverVersion: '15' - serverStorageSizeGB: '32' + serverStorageSizeGB: 32 deploy: true private: false minTLSVersion: 'TLSV1.2' diff --git a/config/public-cloud-cs-pr.json b/config/public-cloud-cs-pr.json index 00a90eab5..5bd4fe422 100644 --- a/config/public-cloud-cs-pr.json +++ b/config/public-cloud-cs-pr.json @@ -51,13 +51,13 @@ "repositories": "registry.k8s.io/external-dns/external-dns,quay.io/acm-d/rhtap-hypershift-operator,quay.io/app-sre/uhc-clusters-service,quay.io/package-operator/package-operator-package", "rg": "hcp-underlay-westus3-imagesync-dev" }, - "istioVersion": "['asm-1-22']", + "istioVersion": "asm-1-22", "kubernetesVersion": "1.30.5", "maestro": { "certDomain": "selfsigned.maestro.keyvault.azure.com", "consumerName": "hcp-underlay-cspr-mgmt-1", "eventGrid": { - "maxClientSessionsPerAuthName": "4", + "maxClientSessionsPerAuthName": 4, "name": "arohcp-maestro-cspr", "private": false }, @@ -68,7 +68,7 @@ "minTLSVersion": "TLSV1.2", "name": "arohcp-maestro-cspr", "private": false, - "serverStorageSizeGB": "32", + "serverStorageSizeGB": 32, "serverVersion": "15" }, "restrictIstioIngress": false, diff --git a/config/public-cloud-dev.json b/config/public-cloud-dev.json index ccffefeaf..0dca3ad2f 100644 --- a/config/public-cloud-dev.json +++ b/config/public-cloud-dev.json @@ -51,13 +51,13 @@ "repositories": "registry.k8s.io/external-dns/external-dns,quay.io/acm-d/rhtap-hypershift-operator,quay.io/app-sre/uhc-clusters-service,quay.io/package-operator/package-operator-package", "rg": "hcp-underlay-westus3-imagesync-dev" }, - "istioVersion": "['asm-1-22']", + "istioVersion": "asm-1-22", "kubernetesVersion": "1.30.5", "maestro": { "certDomain": "selfsigned.maestro.keyvault.azure.com", "consumerName": "hcp-underlay-dev-mgmt-1", "eventGrid": { - "maxClientSessionsPerAuthName": "4", + "maxClientSessionsPerAuthName": 4, "name": "arohcp-maestro-dev", "private": false }, @@ -68,7 +68,7 @@ "minTLSVersion": "TLSV1.2", "name": "arohcp-maestro-dev", "private": false, - "serverStorageSizeGB": "32", + "serverStorageSizeGB": 32, "serverVersion": "15" }, "restrictIstioIngress": true, diff --git a/config/public-cloud-msft-int.json b/config/public-cloud-msft-int.json index dc258e0bd..70b7478bc 100644 --- a/config/public-cloud-msft-int.json +++ b/config/public-cloud-msft-int.json @@ -1,8 +1,8 @@ { "acrName": "arohcpint", "aksName": "aro-hcp-aks", - "aroDevopsMsiId": "??? the one for OIDC deployment script / lives in the global RG / needs to be created first thing on regional buildout ???", - "baseDnsZoneName": "aro-hcp.azure-test.net'", + "aroDevopsMsiId": "/subscriptions/5299e6b7-b23b-46c8-8277-dc1147807117/resourcegroups/global-shared-resources/providers/Microsoft.ManagedIdentity/userAssignedIdentities/aroint-int-public-oidc", + "baseDnsZoneName": "aro-hcp.azure-test.net", "baseDnsZoneRG": "westus3-shared-resources", "clusterService": { "acrRG": "", @@ -57,7 +57,7 @@ "certDomain": "selfsigned.maestro.keyvault.azure.com", "consumerName": "hcp-underlay-int-mgmt-1", "eventGrid": { - "maxClientSessionsPerAuthName": "4", + "maxClientSessionsPerAuthName": 4, "name": "arohcp-maestro-int", "private": false }, @@ -68,7 +68,7 @@ "minTLSVersion": "TLSV1.2", "name": "arohcp-maestro-int", "private": false, - "serverStorageSizeGB": "32", + "serverStorageSizeGB": 32, "serverVersion": "15" }, "restrictIstioIngress": true, @@ -102,7 +102,7 @@ "softDelete": false }, "monitoring": { - "grafanaAdminGroupPrincipalId": "??? the one to be used as Grafana Admin in grafana.bicep ???", + "grafanaAdminGroupPrincipalId": "2fdb57d4-3fd3-415d-b604-1d0e37a188fe", "grafanaName": "arohcp-int", "msiName": "aro-hcp-metrics-msi-int", "workspaceName": "arohcp-int" @@ -127,7 +127,7 @@ "name": "arohcp-svc-int", "private": false, "region": "westus3", - "rg": "hcp-underlay-int", + "rg": "hcp-underlay-westus3-svc", "softDelete": false }, "subnetPrefix": "10.128.8.0/21", diff --git a/config/public-cloud-personal-dev.json b/config/public-cloud-personal-dev.json index 62a703a5c..0c75aac7c 100644 --- a/config/public-cloud-personal-dev.json +++ b/config/public-cloud-personal-dev.json @@ -51,13 +51,13 @@ "repositories": "registry.k8s.io/external-dns/external-dns,quay.io/acm-d/rhtap-hypershift-operator,quay.io/app-sre/uhc-clusters-service,quay.io/package-operator/package-operator-package", "rg": "hcp-underlay-westus3-imagesync-dev" }, - "istioVersion": "['asm-1-22']", + "istioVersion": "asm-1-22", "kubernetesVersion": "1.30.5", "maestro": { "certDomain": "selfsigned.maestro.keyvault.azure.com", "consumerName": "hcp-underlay-usw3tst-mgmt-1", "eventGrid": { - "maxClientSessionsPerAuthName": "4", + "maxClientSessionsPerAuthName": 4, "name": "arohcp-maestro-usw3tst", "private": false }, @@ -68,7 +68,7 @@ "minTLSVersion": "TLSV1.2", "name": "arohcp-maestro-usw3tst", "private": false, - "serverStorageSizeGB": "32", + "serverStorageSizeGB": 32, "serverVersion": "15" }, "restrictIstioIngress": true, diff --git a/dev-infrastructure/configurations/svc-cluster.tmpl.bicepparam b/dev-infrastructure/configurations/svc-cluster.tmpl.bicepparam index 8dbd8178a..3718da6fb 100644 --- a/dev-infrastructure/configurations/svc-cluster.tmpl.bicepparam +++ b/dev-infrastructure/configurations/svc-cluster.tmpl.bicepparam @@ -1,24 +1,24 @@ using '../templates/svc-cluster.bicep' param kubernetesVersion = '{{ .kubernetesVersion }}' -param istioVersion = {{ .istioVersion }} +param istioVersion = ['{{ .istioVersion }}'] param vnetAddressPrefix = '{{ .vnetAddressPrefix }}' param subnetPrefix = '{{ .subnetPrefix }}' param podSubnetPrefix = '{{ .podSubnetPrefix }}' param aksClusterName = '{{ .aksName }}' param aksKeyVaultName = '{{ .svc.etcd.kvName }}' -param aksEtcdKVEnableSoftDelete = {{ .svc.etcd.kvSoftDelete }} +param aksEtcdKVEnableSoftDelete = any('{{ .svc.etcd.kvSoftDelete }}') -param userAgentMinCount = {{ .svc.userAgentPool.minCount }} -param userAgentMaxCount = {{ .svc.userAgentPool.maxCount }} +param userAgentMinCount = any('{{ .svc.userAgentPool.minCount }}') +param userAgentMaxCount = any('{{ .svc.userAgentPool.maxCount }}') param userAgentVMSize = '{{ .svc.userAgentPool.vmSize }}' -param aksUserOsDiskSizeGB = {{ .svc.userAgentPool.osDiskSizeGB }} -param userAgentPoolAZCount = {{ .svc.userAgentPool.azCount }} +param aksUserOsDiskSizeGB = any('{{ .svc.userAgentPool.osDiskSizeGB }}') +param userAgentPoolAZCount = any('{{ .svc.userAgentPool.azCount }}') -param disableLocalAuth = {{ .frontend.cosmosDB.disableLocalAuth }} -param deployFrontendCosmos = {{ .frontend.cosmosDB.deploy }} +param disableLocalAuth = any('{{ .frontend.cosmosDB.disableLocalAuth }}') +param deployFrontendCosmos = any('{{ .frontend.cosmosDB.deploy }}') param rpCosmosDbName = '{{ .frontend.cosmosDB.name }}' -param rpCosmosDbPrivate = {{ .frontend.cosmosDB.private }} +param rpCosmosDbPrivate = any('{{ .frontend.cosmosDB.private }}') param maestroEventGridNamespacesName = '{{ .maestro.eventGrid.name }}' param maestroServerMqttClientName = '{{ .maestro.serverMqttClientName }}' @@ -26,20 +26,20 @@ param maestroCertDomain = '{{ .maestro.certDomain}}' param maestroPostgresServerName = '{{ .maestro.postgres.name }}' param maestroPostgresServerMinTLSVersion = '{{ .maestro.postgres.minTLSVersion }}' param maestroPostgresServerVersion = '{{ .maestro.postgres.serverVersion }}' -param maestroPostgresServerStorageSizeGB = {{ .maestro.postgres.serverStorageSizeGB }} -param deployMaestroPostgres = {{ .maestro.postgres.deploy }} -param maestroPostgresPrivate = {{ .maestro.postgres.private }} +param maestroPostgresServerStorageSizeGB = any('{{ .maestro.postgres.serverStorageSizeGB }}') +param deployMaestroPostgres = any('{{ .maestro.postgres.deploy }}') +param maestroPostgresPrivate = any('{{ .maestro.postgres.private }}') -param csPostgresDeploy = {{ .clusterService.postgres.deploy }} +param csPostgresDeploy = any('{{ .clusterService.postgres.deploy }}') param csPostgresServerName = '{{ .clusterService.postgres.name }}' param csPostgresServerMinTLSVersion = '{{ .clusterService.postgres.minTLSVersion }}' -param clusterServicePostgresPrivate = {{ .clusterService.postgres.private }} +param clusterServicePostgresPrivate = any('{{ .clusterService.postgres.private }}') param serviceKeyVaultName = '{{ .serviceKeyVault.name }}' param serviceKeyVaultResourceGroup = '{{ .serviceKeyVault.rg }}' param serviceKeyVaultLocation = '{{ .serviceKeyVault.region }}' -param serviceKeyVaultSoftDelete = {{ .serviceKeyVault.softDelete }} -param serviceKeyVaultPrivate = {{ .serviceKeyVault.private }} +param serviceKeyVaultSoftDelete = any('{{ .serviceKeyVault.softDelete }}') +param serviceKeyVaultPrivate = any('{{ .serviceKeyVault.private }}') param acrPullResourceGroups = ['{{ .serviceComponentAcrResourceGroups }}'] param clustersServiceAcrResourceGroupNames = ['{{ .clusterService.acrRG }}'] diff --git a/dev-infrastructure/svc-pipeline.yaml b/dev-infrastructure/svc-pipeline.yaml index 743b0415a..cee2de6ef 100644 --- a/dev-infrastructure/svc-pipeline.yaml +++ b/dev-infrastructure/svc-pipeline.yaml @@ -1,4 +1,4 @@ -serviceGroup: Microsoft.Azure.ARO.Test +serviceGroup: Microsoft.Azure.ARO.HCP.Service.Infra rolloutName: Service Cluster Rollout resourceGroups: - name: {{ .svc.rg }}