Development subscription migration

2022-04-20 14:11:56 -07:00 · 2022-04-20 14:11:56 -07:00 · 8acace0bd4
--- a/8
+++ b/8
@ -179,6 +179,14 @@ test-python: pyenv az

 admin.kubeconfig:
 	hack/get-admin-kubeconfig.sh /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${RESOURCEGROUP}/providers/Microsoft.RedHatOpenShift/openShiftClusters/${CLUSTER} >admin.kubeconfig
+	$(MAKE) update-admin.kubeconfig
+
+# ! Temporary solution till dns can be migrated to new subscription
+PUBLIC_IP_ADDR = $(shell az network dns record-set a show -g ${RESOURCEGROUP} --zone-name ${LOCATION}.${PARENT_DOMAIN_NAME} -n api.${CLUSTER} --query "aRecords[0].ipv4Address" -o tsv)
+PUBLIC_IP_FQDN = $(shell az network dns record-set a show -g ${RESOURCEGROUP} --zone-name ${LOCATION}.${PARENT_DOMAIN_NAME} -n api.${CLUSTER} --query fqdn -o tsv)
+update-admin.kubeconfig:
+	sudo -- sh -c -e "echo '$(PUBLIC_IP_ADDR) ${PUBLIC_IP_FQDN}' >> /etc/hosts";
+

 vendor:
 	# See comments in the script for background on why we need it
--- a/deploy/env-development.json
+++ b/deploy/env-development.json
@ -241,7 +241,7 @@
            ]
        },
        {
-            "name": "[concat(take(resourceGroup().name,15), '-sharedKV')]",
+            "name": "[concat(take(resourceGroup().name,10), '-dev-sharedKV')]",
            "type": "Microsoft.KeyVault/vaults",
            "location": "[resourceGroup().location]",
            "properties": {
@ -261,16 +261,16 @@
                "kty": "RSA",
                "keySize": 4096
            },
-            "name": "[concat(concat(take(resourceGroup().name,15), '-sharedKV'), '/', concat(resourceGroup().name, '-disk-encryption-key'))]",
+            "name": "[concat(concat(take(resourceGroup().name,10), '-dev-sharedKV'), '/', concat(resourceGroup().name, '-disk-encryption-key'))]",
            "type": "Microsoft.KeyVault/vaults/keys",
            "location": "[resourceGroup().location]",
            "apiVersion": "2019-09-01",
            "dependsOn": [
-                "[resourceId('Microsoft.KeyVault/vaults', concat(take(resourceGroup().name,15), '-sharedKV'))]"
+                "[resourceId('Microsoft.KeyVault/vaults', concat(take(resourceGroup().name,10), '-dev-sharedKV'))]"
            ]
        },
        {
-            "name": "[concat(concat(take(resourceGroup().name,15), '-sharedKV'), '/add')]",
+            "name": "[concat(concat(take(resourceGroup().name,10), '-dev-sharedKV'), '/add')]",
            "type": "Microsoft.KeyVault/vaults/accessPolicies",
            "location": "[resourceGroup().location]",
            "properties": {
@ -300,9 +300,9 @@
            "properties": {
                "activeKey": {
                    "sourceVault": {
-                        "id": "[resourceId('Microsoft.KeyVault/vaults', concat(take(resourceGroup().name,15), '-sharedKV'))]"
+                        "id": "[resourceId('Microsoft.KeyVault/vaults', concat(take(resourceGroup().name,10), '-dev-sharedKV'))]"
                    },
-                    "keyUrl": "[reference(resourceId('Microsoft.KeyVault/vaults/keys', concat(take(resourceGroup().name,15), '-sharedKV'), concat(resourceGroup().name, '-disk-encryption-key')), '2019-09-01', 'Full').properties.keyUriWithVersion]"
+                    "keyUrl": "[reference(resourceId('Microsoft.KeyVault/vaults/keys', concat(take(resourceGroup().name,10), '-dev-sharedKV'), concat(resourceGroup().name, '-disk-encryption-key')), '2019-09-01', 'Full').properties.keyUriWithVersion]"
                }
            },
            "name": "[concat(resourceGroup().name, '-disk-encryption-set')]",
@ -310,7 +310,7 @@
            "location": "[resourceGroup().location]",
            "apiVersion": "2020-12-01",
            "dependsOn": [
-                "[resourceId('Microsoft.KeyVault/vaults/keys', concat(take(resourceGroup().name,15), '-sharedKV'), concat(resourceGroup().name, '-disk-encryption-key'))]"
+                "[resourceId('Microsoft.KeyVault/vaults/keys', concat(take(resourceGroup().name,10), '-dev-sharedKV'), concat(resourceGroup().name, '-disk-encryption-key'))]"
            ]
        },
        {
--- a/docs/deploy-development-rp.md
+++ b/docs/deploy-development-rp.md
@ -46,7 +46,7 @@
   shared development environment secrets and save them in `secrets`:

   ```bash
-   SECRET_SA_ACCOUNT_NAME=rharosecrets make secrets
+   SECRET_SA_ACCOUNT_NAME=rharosecretsdev make secrets
   ```

 1. Copy, edit (if necessary) and source your environment file.  The required
--- a/pkg/deploy/bindata.go
+++ b/pkg/deploy/bindata.go
--- a/pkg/deploy/generator/resources_dev.go
+++ b/pkg/deploy/generator/resources_dev.go
@ -509,11 +509,11 @@ rm cron
 }

 const (
-	sharedKeyVaultName          = "concat(take(resourceGroup().name,15), '" + SharedKeyVaultNameSuffix + "')"
+	sharedKeyVaultName          = "concat(take(resourceGroup().name,10), '" + SharedKeyVaultNameSuffix + "')"
 	sharedDiskEncryptionSetName = "concat(resourceGroup().name, '" + SharedDiskEncryptionSetNameSuffix + "')"
 	sharedDiskEncryptionKeyName = "concat(resourceGroup().name, '-disk-encryption-key')"
-
-	SharedKeyVaultNameSuffix          = "-sharedKV"
+	// Conflicts with current development subscription. cannot have two keyvaults with same name
+	SharedKeyVaultNameSuffix          = "-dev-sharedKV"
 	SharedDiskEncryptionSetNameSuffix = "-disk-encryption-set"
 )

--- a/pkg/util/cluster/cluster.go
+++ b/pkg/util/cluster/cluster.go
@ -178,10 +178,10 @@ func (c *Cluster) Create(ctx context.Context, vnetResourceGroup, clusterName str
 	}

 	var kvName string
-	if len(vnetResourceGroup) > 15 {
+	if len(vnetResourceGroup) > 10 {
 		// keyvault names need to have a maximum length of 24,
 		// so we need to cut off some chars if the resource group name is too long
-		kvName = vnetResourceGroup[:15] + generator.SharedKeyVaultNameSuffix
+		kvName = vnetResourceGroup[:10] + generator.SharedKeyVaultNameSuffix
 	} else {
 		kvName = vnetResourceGroup + generator.SharedKeyVaultNameSuffix
 	}