add DisableSignedCertificates feature flag

2021-03-10 07:46:52 -06:00 · 2021-03-10 07:46:52 -06:00 · 40fef70e85
--- a/pkg/cluster/delete.go
+++ b/pkg/cluster/delete.go
@ -303,7 +303,7 @@ func (m *manager) Delete(ctx context.Context) error {
 		return err
 	}

-	if !m.env.IsDevelopmentMode() {
+	if !m.env.FeatureIsSet(env.FeatureDisableSignedCertificates) {
 		managedDomain, err := dns.ManagedDomain(m.env, m.doc.OpenShiftCluster.Properties.ClusterProfile.Domain)
 		if err != nil {
 			return err
@ -322,7 +322,9 @@ func (m *manager) Delete(ctx context.Context) error {
 				return err
 			}
 		}
+	}

+	if !m.env.IsDevelopmentMode() {
 		acrManager, err := acrtoken.NewManager(m.env, m.localFpAuthorizer)
 		if err != nil {
 			return err
--- a/pkg/cluster/tls.go
+++ b/pkg/cluster/tls.go
@ -15,13 +15,14 @@ import (
 	corev1client "k8s.io/client-go/kubernetes/typed/core/v1"
 	"k8s.io/client-go/util/retry"

+	"github.com/Azure/ARO-RP/pkg/env"
 	"github.com/Azure/ARO-RP/pkg/util/dns"
 	"github.com/Azure/ARO-RP/pkg/util/keyvault"
 	utilpem "github.com/Azure/ARO-RP/pkg/util/pem"
 )

 func (m *manager) createCertificates(ctx context.Context) error {
-	if m.env.IsDevelopmentMode() {
+	if m.env.FeatureIsSet(env.FeatureDisableSignedCertificates) {
 		return nil
 	}

@ -119,7 +120,7 @@ func (m *manager) ensureSecret(ctx context.Context, secrets corev1client.SecretI
 }

 func (m *manager) configureAPIServerCertificate(ctx context.Context) error {
-	if m.env.IsDevelopmentMode() {
+	if m.env.FeatureIsSet(env.FeatureDisableSignedCertificates) {
 		return nil
 	}

@ -160,7 +161,7 @@ func (m *manager) configureAPIServerCertificate(ctx context.Context) error {
 }

 func (m *manager) configureIngressCertificate(ctx context.Context) error {
-	if m.env.IsDevelopmentMode() {
+	if m.env.FeatureIsSet(env.FeatureDisableSignedCertificates) {
 		return nil
 	}

--- a/pkg/env/dev.go
+++ b/pkg/env/dev.go
@ -56,6 +56,7 @@ func newDev(ctx context.Context, log *logrus.Entry) (Interface, error) {
 	}

 	d.features[FeatureDisableDenyAssignments] = true
+	d.features[FeatureDisableSignedCertificates] = true

 	ccc := auth.ClientCredentialsConfig{
 		ClientID:     os.Getenv("AZURE_ARM_CLIENT_ID"),
--- a/pkg/env/env.go
+++ b/pkg/env/env.go
@ -25,6 +25,7 @@ type Feature int
 // production default is not set (in production RP_FEATURES is unset).
 const (
 	FeatureDisableDenyAssignments Feature = iota
+	FeatureDisableSignedCertificates
 )

 const (
--- a/pkg/env/zz_generated_feature_enumer.go
+++ b/pkg/env/zz_generated_feature_enumer.go
@ -7,9 +7,9 @@ import (
 	"fmt"
 )

-const _FeatureName = "FeatureDisableDenyAssignments"
+const _FeatureName = "FeatureDisableDenyAssignmentsFeatureDisableSignedCertificates"

-var _FeatureIndex = [...]uint8{0, 29}
+var _FeatureIndex = [...]uint8{0, 29, 61}

 func (i Feature) String() string {
 	if i < 0 || i >= Feature(len(_FeatureIndex)-1) {
@ -18,10 +18,11 @@ func (i Feature) String() string {
 	return _FeatureName[_FeatureIndex[i]:_FeatureIndex[i+1]]
 }

-var _FeatureValues = []Feature{0}
+var _FeatureValues = []Feature{0, 1}

 var _FeatureNameToValueMap = map[string]Feature{
-	_FeatureName[0:29]: 0,
+	_FeatureName[0:29]:  0,
+	_FeatureName[29:61]: 1,
 }

 // FeatureString retrieves an enum value from the enum constants string name.