From 6dd525ce6ac40a4e5260f974f37fbd62e380255e Mon Sep 17 00:00:00 2001 From: Ekaterina Kazakova Date: Wed, 18 Dec 2024 20:08:24 +0400 Subject: [PATCH] Add AKS ManagedCluster and Credential yamls --- Makefile | 4 +++ config/dev/aks-clusterdeployment.yaml | 18 +++++++++++++ config/dev/aks-credentials.yaml | 25 +++++++++++++++++++ internal/webhook/clusterdeployment_webhook.go | 3 ++- 4 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 config/dev/aks-clusterdeployment.yaml create mode 100644 config/dev/aks-credentials.yaml diff --git a/Makefile b/Makefile index 335ff5ee..c74ae368 100644 --- a/Makefile +++ b/Makefile @@ -352,6 +352,10 @@ dev-vsphere-creds: envsubst dev-eks-creds: dev-aws-creds +.PHONY: dev-aks-creds +dev-aks-creds: envsubst + @NAMESPACE=$(NAMESPACE) $(ENVSUBST) -no-unset -i config/dev/aks-credentials.yaml | $(KUBECTL) apply -f - + .PHONY: dev-apply ## Apply the development environment by deploying the kind cluster, local registry and the HMC helm chart. dev-apply: kind-deploy registry-deploy dev-push dev-deploy dev-templates dev-release diff --git a/config/dev/aks-clusterdeployment.yaml b/config/dev/aks-clusterdeployment.yaml new file mode 100644 index 00000000..ecbef22f --- /dev/null +++ b/config/dev/aks-clusterdeployment.yaml @@ -0,0 +1,18 @@ +apiVersion: hmc.mirantis.com/v1alpha1 +kind: ClusterDeployment +metadata: + name: azure-aks-dev + namespace: ${NAMESPACE} +spec: + template: azure-aks-0-0-1 + credential: azure-aks-credential + propagateCredentials: false + config: + location: "westus" + machinePools: + system: + count: 1 + vmSize: Standard_A4_v2 + user: + count: 1 + vmSize: Standard_A4_v2 diff --git a/config/dev/aks-credentials.yaml b/config/dev/aks-credentials.yaml new file mode 100644 index 00000000..0632111c --- /dev/null +++ b/config/dev/aks-credentials.yaml @@ -0,0 +1,25 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: azure-aks-credential + namespace: ${NAMESPACE} +stringData: + AZURE_CLIENT_ID: "${AZURE_CLIENT_ID}" + AZURE_CLIENT_SECRET: "${AZURE_CLIENT_SECRET}" + AZURE_SUBSCRIPTION_ID: "${AZURE_SUBSCRIPTION_ID}" + AZURE_TENANT_ID: "${AZURE_TENANT_ID}" +type: Opaque +--- +apiVersion: hmc.mirantis.com/v1alpha1 +kind: Credential +metadata: + name: azure-aks-credential + namespace: ${NAMESPACE} +spec: + description: Azure AKS credentials + identityRef: + apiVersion: v1 + kind: Secret + name: azure-aks-credential + namespace: ${NAMESPACE} diff --git a/internal/webhook/clusterdeployment_webhook.go b/internal/webhook/clusterdeployment_webhook.go index ef8923c7..0ae33912 100644 --- a/internal/webhook/clusterdeployment_webhook.go +++ b/internal/webhook/clusterdeployment_webhook.go @@ -277,7 +277,8 @@ func isCredMatchTemplate(cred *hmcv1alpha1.Credential, template *hmcv1alpha1.Clu return errMsg(provider) } case "infrastructure-azure": - if idtyKind != "AzureClusterIdentity" { + if idtyKind != "AzureClusterIdentity" && + idtyKind != "Secret" { return errMsg(provider) } case "infrastructure-vsphere":