implement container registry replication

cmd/aro/deploy.go

@@ -35,6 +35,10 @@ func deploy(ctx context.Context, log *logrus.Entry) error {
 		return fmt.Errorf("invalid deploy version %q", deployVersion)
 	}
 
+	if strings.ToLower(flag.Arg(2)) != flag.Arg(2) {
+		return fmt.Errorf("location %s must be lower case", flag.Arg(2))
+	}
+
 	config, err := deployer.GetConfig(flag.Arg(1), flag.Arg(2))
 	if err != nil {
 		return err

deploy/config.yaml.example

@@ -13,6 +13,7 @@ configuration:
   extraKeyvaultAccessPolicies: []
   fpServicePrincipalId: ''
   globalMonitoringKeyVaultUri: ''
+  globalResourceGroupName: ''
   globalSubscriptionId: ''
   keyvaultPrefix: ''
   mdmFrontendUrl: ''

pkg/deploy/config.go

@@ -36,6 +36,7 @@ type Configuration struct {
 	ExtraKeyvaultAccessPolicies  []interface{} `json:"extraKeyvaultAccessPolicies,omitempty"`
 	FPServicePrincipalID         string        `json:"fpServicePrincipalId,omitempty"`
 	GlobalMonitoringKeyVaultURI  string        `json:"globalMonitoringKeyVaultUri,omitempty"`
+	GlobalResourceGroupName      string        `json:"globalResourceGroupName,omitempty"`
 	GlobalSubscriptionID         string        `json:"globalSubscriptionId,omitempty"`
 	KeyvaultPrefix               string        `json:"keyvaultPrefix,omitempty"`
 	MDMFrontendURL               string        `json:"mdmFrontendUrl,omitempty"`

pkg/deploy/deploy.go

@@ -25,6 +25,7 @@ import (
 	"github.com/Azure/ARO-RP/pkg/deploy/generator"
 	"github.com/Azure/ARO-RP/pkg/util/arm"
 	"github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/compute"
+	"github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/containerregistry"
 	"github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/resources"
 	"github.com/Azure/ARO-RP/pkg/util/keyvault"
 )
@@ -40,12 +41,13 @@ type Deployer interface {
 type deployer struct {
 	log *logrus.Entry
 
-	globaldeployments resources.DeploymentsClient
-	deployments       resources.DeploymentsClient
-	groups            resources.GroupsClient
-	vmss              compute.VirtualMachineScaleSetsClient
-	vmssvms           compute.VirtualMachineScaleSetVMsClient
-	keyvault          keyvault.Manager
+	globaldeployments  resources.DeploymentsClient
+	globalreplications containerregistry.ReplicationsClient
+	deployments        resources.DeploymentsClient
+	groups             resources.GroupsClient
+	vmss               compute.VirtualMachineScaleSetsClient
+	vmssvms            compute.VirtualMachineScaleSetVMsClient
+	keyvault           keyvault.Manager
 
 	cli *http.Client
 
@@ -68,12 +70,13 @@ func New(ctx context.Context, log *logrus.Entry, config *RPConfig, version strin
 	return &deployer{
 		log: log,
 
-		globaldeployments: resources.NewDeploymentsClient(config.Configuration.GlobalSubscriptionID, authorizer),
-		deployments:       resources.NewDeploymentsClient(config.SubscriptionID, authorizer),
-		groups:            resources.NewGroupsClient(config.SubscriptionID, authorizer),
-		vmss:              compute.NewVirtualMachineScaleSetsClient(config.SubscriptionID, authorizer),
-		vmssvms:           compute.NewVirtualMachineScaleSetVMsClient(config.SubscriptionID, authorizer),
-		keyvault:          keyvault.NewManager(kvAuthorizer),
+		globaldeployments:  resources.NewDeploymentsClient(config.Configuration.GlobalSubscriptionID, authorizer),
+		globalreplications: containerregistry.NewReplicationsClient(config.Configuration.GlobalSubscriptionID, authorizer),
+		deployments:        resources.NewDeploymentsClient(config.SubscriptionID, authorizer),
+		groups:             resources.NewGroupsClient(config.SubscriptionID, authorizer),
+		vmss:               compute.NewVirtualMachineScaleSetsClient(config.SubscriptionID, authorizer),
+		vmssvms:            compute.NewVirtualMachineScaleSetVMsClient(config.SubscriptionID, authorizer),
+		keyvault:           keyvault.NewManager(kvAuthorizer),
 
 		cli: &http.Client{
 			Timeout: 5 * time.Second,

pkg/deploy/predeploy.go

@@ -9,6 +9,7 @@ import (
 	"encoding/json"
 	"path/filepath"
 
+	mgmtcontainerregistry "github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2019-06-01-preview/containerregistry"
 	"github.com/Azure/azure-sdk-for-go/services/keyvault/v7.0/keyvault"
 	mgmtresources "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/resources"
 	"github.com/Azure/go-autorest/autorest/to"
@@ -52,6 +53,11 @@ func (d *deployer) PreDeploy(ctx context.Context) (string, error) {
 		return "", err
 	}
 
+	err = d.ensureContainerRegistryReplication(ctx)
+	if err != nil {
+		return "", err
+	}
+
 	return rpServicePrincipalID, nil
 }
 
@@ -256,3 +262,7 @@ func (d *deployer) ensureServiceCertificates(ctx context.Context, serviceKeyVaul
 
 	return nil
 }
+
+func (d *deployer) ensureContainerRegistryReplication(ctx context.Context) error {
+	return d.globalreplications.CreateAndWait(ctx, d.config.Configuration.GlobalResourceGroupName, "arosvc", d.config.Location, mgmtcontainerregistry.Replication{})
+}

pkg/util/azureclient/mgmt/containerregistry/generate.go

@@ -3,5 +3,5 @@ package containerregistry
 // Copyright (c) Microsoft Corporation.
 // Licensed under the Apache License 2.0.
 
-//go:generate go run ../../../../../vendor/github.com/golang/mock/mockgen -destination=../../../../util/mocks/azureclient/mgmt/$GOPACKAGE/$GOPACKAGE.go github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/$GOPACKAGE TokensClient,RegistriesClient
+//go:generate go run ../../../../../vendor/github.com/golang/mock/mockgen -destination=../../../../util/mocks/azureclient/mgmt/$GOPACKAGE/$GOPACKAGE.go github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/$GOPACKAGE TokensClient,RegistriesClient,ReplicationsClient
 //go:generate go run ../../../../../vendor/golang.org/x/tools/cmd/goimports -local=github.com/Azure/ARO-RP -e -w ../../../../util/mocks/azureclient/mgmt/$GOPACKAGE/$GOPACKAGE.go

pkg/util/azureclient/mgmt/containerregistry/replications.go

@@ -0,0 +1,30 @@
+package containerregistry
+
+// Copyright (c) Microsoft Corporation.
+// Licensed under the Apache License 2.0.
+
+import (
+	mgmtcontainerregistry "github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2019-06-01-preview/containerregistry"
+	"github.com/Azure/go-autorest/autorest"
+)
+
+// ReplicationsClient is a minimal interface for azure ReplicationsClient
+type ReplicationsClient interface {
+	ReplicationsAddons
+}
+
+type replicationsClient struct {
+	mgmtcontainerregistry.ReplicationsClient
+}
+
+var _ ReplicationsClient = &replicationsClient{}
+
+// NewReplicationsClient creates a new ReplicationsClient
+func NewReplicationsClient(subscriptionID string, authorizer autorest.Authorizer) ReplicationsClient {
+	client := mgmtcontainerregistry.NewReplicationsClient(subscriptionID)
+	client.Authorizer = authorizer
+
+	return &replicationsClient{
+		ReplicationsClient: client,
+	}
+}

pkg/util/azureclient/mgmt/containerregistry/replications_addons.go

@@ -0,0 +1,24 @@
+package containerregistry
+
+// Copyright (c) Microsoft Corporation.
+// Licensed under the Apache License 2.0.
+
+import (
+	"context"
+
+	mgmtcontainerregistry "github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2019-06-01-preview/containerregistry"
+)
+
+// ReplicationsAddons contains addons for ReplicationsClient
+type ReplicationsAddons interface {
+	CreateAndWait(ctx context.Context, resourceGroupName string, registryName string, replicationName string, replication mgmtcontainerregistry.Replication) (err error)
+}
+
+func (r *replicationsClient) CreateAndWait(ctx context.Context, resourceGroupName string, registryName string, replicationName string, replication mgmtcontainerregistry.Replication) (err error) {
+	future, err := r.ReplicationsClient.Create(ctx, resourceGroupName, registryName, replicationName, replication)
+	if err != nil {
+		return err
+	}
+
+	return future.WaitForCompletionRef(ctx, r.Client)
+}

pkg/util/mocks/azureclient/mgmt/containerregistry/containerregistry.go

@@ -1,5 +1,5 @@
 // Code generated by MockGen. DO NOT EDIT.
-// Source: github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/containerregistry (interfaces: TokensClient,RegistriesClient)
+// Source: github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/containerregistry (interfaces: TokensClient,RegistriesClient,ReplicationsClient)
 
 // Package mock_containerregistry is a generated GoMock package.
 package mock_containerregistry
@@ -100,3 +100,40 @@ func (mr *MockRegistriesClientMockRecorder) GenerateCredentials(arg0, arg1, arg2
 	mr.mock.ctrl.T.Helper()
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GenerateCredentials", reflect.TypeOf((*MockRegistriesClient)(nil).GenerateCredentials), arg0, arg1, arg2, arg3)
 }
+
+// MockReplicationsClient is a mock of ReplicationsClient interface
+type MockReplicationsClient struct {
+	ctrl     *gomock.Controller
+	recorder *MockReplicationsClientMockRecorder
+}
+
+// MockReplicationsClientMockRecorder is the mock recorder for MockReplicationsClient
+type MockReplicationsClientMockRecorder struct {
+	mock *MockReplicationsClient
+}
+
+// NewMockReplicationsClient creates a new mock instance
+func NewMockReplicationsClient(ctrl *gomock.Controller) *MockReplicationsClient {
+	mock := &MockReplicationsClient{ctrl: ctrl}
+	mock.recorder = &MockReplicationsClientMockRecorder{mock}
+	return mock
+}
+
+// EXPECT returns an object that allows the caller to indicate expected use
+func (m *MockReplicationsClient) EXPECT() *MockReplicationsClientMockRecorder {
+	return m.recorder
+}
+
+// CreateAndWait mocks base method
+func (m *MockReplicationsClient) CreateAndWait(arg0 context.Context, arg1, arg2, arg3 string, arg4 containerregistry.Replication) error {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "CreateAndWait", arg0, arg1, arg2, arg3, arg4)
+	ret0, _ := ret[0].(error)
+	return ret0
+}
+
+// CreateAndWait indicates an expected call of CreateAndWait
+func (mr *MockReplicationsClientMockRecorder) CreateAndWait(arg0, arg1, arg2, arg3, arg4 interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateAndWait", reflect.TypeOf((*MockReplicationsClient)(nil).CreateAndWait), arg0, arg1, arg2, arg3, arg4)
+}