OCTOPUS-546: refactor the approve and issue to consider the z1,z2,z3 …

…zones Signed-off-by: Paul Bastide <[email protected]>
IBM · Nov 7, 2023 · 9628603 · 9628603
1 parent 0e9b65e
commit 9628603
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 6 deletions.
diff --git a/modules/7_post/files/approve_and_issue.sh b/modules/7_post/files/approve_and_issue.sh
@@ -6,13 +6,16 @@
 ################################################################
 
 # Approve and Issue CSRs for our generated amd64 workers only
+# The hostname is of the style - ${name_prefix}-worker-${ZONE}-${index}
 
 # Var: ${self.triggers.counts}
 INTEL_COUNT="${1}"
 
 # Var: ${self.triggers.approve}
 INTEL_PREFIX="${2}"
 
+INTEL_ZONE="${3}"
+
 APPROVED_WORKERS=0
 ISSUED_WORKERS=0
 
@@ -33,7 +36,7 @@ do
     NODE_NAME=$(echo ${CSR_REQU} | base64 -d | openssl req -text | grep 'Subject:' | awk '{print $NF}')
     echo "NODE_NAME: ${NODE_NAME}"
 
-    if grep -q "system:node:${INTEL_PREFIX}-worker-" <<< "$NODE_NAME"
+    if grep -q "system:node:${INTEL_PREFIX}-worker-${INTEL_ZONE}-${INTEL_ZONE}-" <<< "$NODE_NAME"
     then
       echo ""
       echo "${CSR_NAME}" | xargs -r oc adm certificate approve
@@ -45,10 +48,10 @@ do
   while [ "$LOCAL_WORKER_SCAN" -lt "$INTEL_COUNT" ]
   do
     # username: system:node:mac-674e-worker-0
-    for CSR_NAME in $(oc get csr -o json | jq -r '.items[] | select (.spec.username == "'system:node:${INTEL_PREFIX}-worker-${ISSUED_WORKERS}'")' | jq -r '.metadata.name')
+    for CSR_NAME in $(oc get csr -o json | jq -r '.items[] | select (.spec.username == "'system:node:${INTEL_PREFIX}-worker-${INTEL_ZONE}-${ISSUED_WORKERS}'")' | jq -r '.metadata.name')
     do
       # Dev note: will approve more than one matching csr
-      echo "Approving: ${CSR_NAME} system:node:${INTEL_PREFIX}-worker-${ISSUED_WORKERS}"
+      echo "Approving: ${CSR_NAME} system:node:${INTEL_PREFIX}-worker-${INTEL_ZONE}-${ISSUED_WORKERS}"
       echo "${CSR_NAME}" | xargs -r oc adm certificate approve
     done
     LOCAL_WORKER_SCAN=$(($LOCAL_WORKER_SCAN + 1))
@@ -66,10 +69,10 @@ do
   do
     EXISTS=$(oc get nodes -l kubernetes.io/arch=amd64 -o json | \
       jq -r '.items[].metadata.name' | \
-      grep "${INTEL_PREFIX}-worker-${ISSUED_WORKERS}")
+      grep "${INTEL_PREFIX}-worker-${INTEL_ZONE}-${ISSUED_WORKERS}")
     if [ -z "${EXISTS}" ]
     then
-      echo "Haven't found worker yet: ${INTEL_PREFIX}-worker-${ISSUED_WORKERS}"
+      echo "Haven't found worker yet: ${INTEL_PREFIX}-worker-${INTEL_ZONE}-${ISSUED_WORKERS}"
       STOP_SEARCH="NOT_FOUND"
       break
     fi

diff --git a/modules/7_post/post.tf b/modules/7_post/post.tf
@@ -91,7 +91,9 @@ resource "null_resource" "approve_and_issue" {
     inline = [<<EOF
 echo "Running the CSR approval and issue"
 cd ${local.ansible_post_path}
-bash approve_and_issue.sh ${local.worker_count} ${var.name_prefix}
+bash approve_and_issue.sh ${var.worker_1["count"]} ${var.name_prefix} "z1"
+bash approve_and_issue.sh ${var.worker_2["count"]} ${var.name_prefix} "z2"
+bash approve_and_issue.sh ${var.worker_3["count"]} ${var.name_prefix} "z3"
 EOF
     ]
   }