From e306f2c6d5dc4425ee5dfa67a2b9df807e4cf723 Mon Sep 17 00:00:00 2001 From: willie-yao Date: Fri, 29 Sep 2023 23:04:48 +0000 Subject: [PATCH] Fix secrets --- ....io_azuremanagedcontrolplanetemplates.yaml | 1 + ...luster-template-prow-aks-clusterclass.yaml | 23 ++++++++ .../prow-aks-clusterclass/kustomization.yaml | 3 +- .../ci/prow-aks-clusterclass/patches.yaml | 54 +++++++++++++++++++ 4 files changed, 80 insertions(+), 1 deletion(-) create mode 100644 templates/test/ci/prow-aks-clusterclass/patches.yaml diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml index d4c849b6346..b992a4cef59 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_azuremanagedcontrolplanetemplates.yaml @@ -398,6 +398,7 @@ spec: enum: - Free - Paid + - Standard type: string required: - tier diff --git a/templates/test/ci/cluster-template-prow-aks-clusterclass.yaml b/templates/test/ci/cluster-template-prow-aks-clusterclass.yaml index 0f16f3dff93..475dd168b66 100644 --- a/templates/test/ci/cluster-template-prow-aks-clusterclass.yaml +++ b/templates/test/ci/cluster-template-prow-aks-clusterclass.yaml @@ -14,6 +14,29 @@ spec: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: AzureManagedClusterTemplate name: ${CLUSTER_NAME} + patches: + - definitions: + - jsonPatches: + - op: replace + path: /spec/template/spec/files + valueFrom: + template: | + - contentFrom: + secret: + key: worker-node-azure.json + name: "{{ .builtin.machinePool.infrastructureRef.name }}-azure-json" + owner: root:root + path: /etc/kubernetes/azure.json + permissions: "0644" + selector: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfigTemplate + matchResources: + machinePoolClass: + names: + - ${CLUSTER_NAME}-pool0 + - ${CLUSTER_NAME}-pool1 + name: workerAzureJsonSecretName workers: machinePools: - class: default-system diff --git a/templates/test/ci/prow-aks-clusterclass/kustomization.yaml b/templates/test/ci/prow-aks-clusterclass/kustomization.yaml index 90ab7444b50..70b9d47dffa 100644 --- a/templates/test/ci/prow-aks-clusterclass/kustomization.yaml +++ b/templates/test/ci/prow-aks-clusterclass/kustomization.yaml @@ -8,4 +8,5 @@ patchesStrategicMerge: - patches/tags-aks-clusterclass.yaml - patches/aks-clusterclass-pool0.yaml - patches/aks-clusterclass-pool1.yaml - - patches/addons.yaml \ No newline at end of file + - patches/addons.yaml + - patches.yaml diff --git a/templates/test/ci/prow-aks-clusterclass/patches.yaml b/templates/test/ci/prow-aks-clusterclass/patches.yaml new file mode 100644 index 00000000000..e1f56605018 --- /dev/null +++ b/templates/test/ci/prow-aks-clusterclass/patches.yaml @@ -0,0 +1,54 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: ClusterClass +metadata: + name: ${CLUSTER_CLASS_NAME} +spec: + workers: + machinePools: + - class: default-system + template: + bootstrap: + ref: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfigTemplate + name: ${CLUSTER_NAME}-pool0 + infrastructure: + ref: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureManagedMachinePoolTemplate + name: ${CLUSTER_NAME}-pool0 + - class: default-worker + template: + bootstrap: + ref: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfigTemplate + name: ${CLUSTER_NAME}-pool1 + infrastructure: + ref: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureManagedMachinePoolTemplate + name: ${CLUSTER_NAME}-pool1 + patches: + - name: workerAzureJsonSecretName + definitions: + - selector: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfigTemplate + matchResources: + machinePoolClass: + names: + - ${CLUSTER_NAME}-pool0 + - ${CLUSTER_NAME}-pool1 + jsonPatches: + - op: replace + path: "/spec/template/spec/files" + valueFrom: + template: | + - contentFrom: + secret: + key: worker-node-azure.json + name: "{{ .builtin.machinePool.infrastructureRef.name }}-azure-json" + owner: root:root + path: /etc/kubernetes/azure.json + permissions: "0644"