Граф коммитов

4365 Коммитов

Автор SHA1 Сообщение Дата
ehvs ffca22b0ba pkg/cluster: Use Action for fixupClusterSPObjectID 2024-07-16 13:51:01 +02:00
Amber Brown d9800f0e7d
Update controllergen commands to work with 0.9.0 (#3680)
* update controllergen commands to work with 0.9.0

* changes from yaml output

* go mod vendor
2024-07-16 19:10:56 +10:00
Amit 49af5c640a CIF - ServerError: ZonalAllocationFailed 2024-07-16 11:19:33 +05:30
Tanmay Satam 934d8fb2e5 Update generated files 2024-07-15 16:07:43 -04:00
Amber Brown 31af734103
[ARO-5368] Try and log the VM info + console log on failure (#3629)
Dumps the VM info + console logs on failure so that we don't need to run the Geneva Action or have the control plane still around to get it. Also refactors frontend and geneva action to make use of the same code path.
2024-07-15 16:32:23 +10:00
kimorris27 7fabe1569b Fix disk encryption set in a different place and `make generate` again 2024-07-12 14:59:15 -05:00
kimorris27 8c5e5d6af9 Fix disk encryption set version and `make generate`
The 2024-03-01 API version doesn't seem to work with disk encryption sets, so I used the version that's already in the map.
2024-07-12 14:22:43 -05:00
kimorris27 9bab3334b1 `make generate` 2024-07-12 14:11:21 -05:00
kimorris27 8889acfa44 Add comment to clarify purpose of apiVersions map 2024-07-12 14:07:46 -05:00
kimorris27 6e03c60184 Replace the compute API version with the latest stable version
For context, this version needs to be replaced because I encountered an
error while trying to deploy shared RP dev infra that indicates that the
2021-12-01 version somehow doesn't exist anymore:

DeploymentWhatIfResourceError - The request to predict template deployment changes to scope '/subscriptions/redacted-sub-id/resourceGroups/v4-westeurope' has failed due to a resource error. See details for more information.
NoRegisteredProviderFound - No registered resource provider found for location 'westeurope' and API version '2021-12-01' for type 'virtualMachineScaleSets'. The supported api-versions are '2015-05-01-preview, 2015-06-15, 2016-03-30, 2016-04-30-preview, 2016-08-30, 2017-03-30, 2017-10-30-preview, 2017-12-01, 2018-04-01, 2018-06-01, 2018-10-01, 2019-03-01, 2019-07-01, 2019-12-01, 2020-06-01, 2020-12-01, 2021-03-01, 2021-04-01, 2021-07-01, 2021-11-01, 2022-03-01, 2022-08-01, 2022-11-01, 2023-03-01, 2023-07-01, 2023-09-01, 2024-03-01, 2024-07-01'. The supported locations are 'eastus, eastus2, westus, centralus, northcentralus, southcentralus, northeurope, westeurope, eastasia, southeastasia, japaneast, japanwest, australiaeast, australiasoutheast, australiacentral, brazilsouth, southindia, centralindia, westindia, canadacentral, canadaeast, westus2, westcentralus, uksouth, ukwest, koreacentral, koreasouth, francecentral, southafricanorth, uaenorth, switzerlandnorth, germanywestcentral, norwayeast, jioindiawest, westus3, swedencentral, qatarcentral, polandcentral, italynorth, israelcentral, spaincentral, mexicocentral, brazilsoutheast'.
2024-07-12 14:05:48 -05:00
Tanmay Satam 1b6e0e7584
Add controller to disable CPMS on ARO clusters (#3660)
* Update openshift/api to release-4.12

* Add machinev1 resources to scheme

* Add CPMSDeactivatorEnabled flag

* Add CPMS Deactivator operator controller

* Add controlplanemachinesets to system:aro-sre ClusterRole

* Use better naming convention for CPMS controller flag

* Change debug log messages to info

* Make CPMS controller exit early if clusterversion < 4.12

* Only setup CPMS controller on clusters with machinev1 API

This is necessary in order to Watch the CPMS resource - this operation will fail on
clusters that do not support the Machine V1 API (OCP <= 4.11), causing controller
setup to fail. Since these clusters do not have a CPMS resource to manage, we can
safely skip running this controller on those clusters.

* Fix CPMS controller name
2024-07-12 12:38:39 -06:00
Maitiú Ó Ciaráin 367a4799fd
Merge pull request #3600 from Azure/nwnt/trusted-launch-devproxy
Make dev-proxy use Trusted Launch
2024-07-12 08:53:47 +02:00
Maitiú Ó Ciaráin 3cd8bc51b4
Merge pull request #3617 from Azure/cadenmarchese/ARO-6449/go-script
New cmd to populate PlatformWorkloadIdentityRoleSets in dev and prod
2024-07-12 08:50:37 +02:00
Jonathan Chang c999a58ecc remove white space 2024-07-11 09:08:41 -07:00
Jonathan Chang 8e2eb0d678 add error 2024-07-11 09:02:22 -07:00
Jonathan Chang a0e4aafe79 fix azcore 2024-07-11 08:36:07 -07:00
Jonathan Chang 2b270a40fa change variable 2024-07-11 08:36:07 -07:00
Jonathan Chang 32fbfb909b change cluster 2024-07-11 08:36:05 -07:00
Jonathan Chang 6a775b25fd add 2024-07-11 08:32:47 -07:00
Jonathan Chang cdda20ff43 replace with sdkdns 2024-07-11 08:32:47 -07:00
Jonathan Chang 8eca5665f1 remove white space 2024-07-11 08:32:46 -07:00
Jonathan Chang e5bf96e41a remove azidentity 2024-07-11 08:32:46 -07:00
jonachang 74374a9f90 create client and vendor for armdns 2024-07-11 08:32:46 -07:00
Nont 6b30e877f1 Fix lint 2024-07-11 09:20:56 -05:00
Maitiú Ó Ciaráin 6effeb1260
Merge pull request #3594 from Azure/network-track2-rest
Update network SDK to track2
2024-07-11 12:47:15 +02:00
Nont 5f00bdb54a Change to DiskEncryptionSetIdentityType 2024-07-10 17:57:01 -05:00
Mohammed Safwan Aslam Kazi 001751784b
Updates Test Suite To Use New GA API Plus Adds Missing Functionality To Our Internal Utility Clients (#3640)
* adds the missing functionality to these apis

* removes the functionality from 20230904 as it is not needed

* replaces old api referencings with new ones

* small fixup and referencing to new api

* creates cluster with new api
2024-07-10 14:54:17 -04:00
Amber Brown e711e610a0
Move to maintained yaml lib (#3454)
* move to maintained yaml lib

* update validate-imports

* go mod
2024-07-10 09:57:42 +10:00
Maitiú Ó Ciaráin ff69ffef6a
Merge pull request #3292 from tsatam/ARO-4632/operator-predicates
ARO Operator - Reduce unnecessary reconciles by limiting watched resources/changes
2024-07-09 15:43:21 +02:00
kimorris27 9f664c0075 Fix a few nits 2024-07-09 08:47:22 -04:00
kimorris27 8a0597e7b9 Revert changes to API versioning in `pkg/util/cluster` - use same API
version for everything

I don't see why this change is needed, and
https://github.com/Azure/ARO-RP/pull/3583 was just recently merged. I'm
thinking that maybe Caden added these changes by mistake while
mid-merge.
2024-07-09 08:47:22 -04:00
cadenmarchese a51d0f3d3e new cmd to populate role sets in prod 2024-07-09 08:47:22 -04:00
cadenmarchese a6dab8f38f add default role set, populate in dev cosmosdb 2024-07-09 08:47:17 -04:00
Marius Schulz 10e5de36b5
[ARO-7788] Don't overwrite default installer version in local dev (#3671) 2024-07-09 11:55:16 +02:00
Maitiú Ó Ciaráin d1198c6f66
Merge pull request #3665 from Azure/mociarain/ARO-8608-refactor
Mociarain/aro 8608 refactor
2024-07-09 11:09:38 +02:00
Steven Fairchild 3db436013f Improve logging, handling of empty metric values 2024-07-08 13:12:33 -07:00
Steven Fairchild cf51f260ac Emit cluster features enabled/disabled during cluster provisioning
Add workload identity or cluster service principal metrics emission
Add emit features
Emit features concerning newly installed clusters.
Add emitMetrics to all provisioning states
Add logging statements for metrics,
Allows metrics being emitted to also be used in kusto dashboards.
Constant values are used for all metric names in deminsions.
If an error is encountered while gathering metrics, that metric is omitted.
Unit tests provide 100% coverage for emitMetrics.

Rename emitMetrics to emitProvisioningMetrics, rename emitInstallMetrics to emitMetrics,
emitMetrics can be used for all provisioning states, not just creating state. Changed name to reflect this.
2024-07-08 13:12:33 -07:00
Maitiú Ó Ciaráin b6aec4e258
Merge pull request #3656 from Azure/tsatam/hotfix-increase-dev-proxy-vmss-disk-size
Increase dev-proxy-vmss OSDisk to 64GB
2024-07-08 11:47:11 +02:00
Amber Brown 309e84bbe1 In admin updates, update the Operator version and then update the Cluster object 2024-07-05 16:02:16 +10:00
Maitiú Ó Ciaráin 6b911872da
Merge pull request #3655 from Azure/ARO-8608
Add tenant ID to internal apis for CMSI usage
2024-07-04 10:51:42 +02:00
Maitiú Ó Ciaráin 446be7a32d Use consistent naming 2024-07-04 08:41:39 +02:00
Maitiú Ó Ciaráin 783ea2464f Collect arguments in a struct 2024-07-04 08:41:12 +02:00
Ayato Tokubi 2d9d821c4b
cluster.go 2024-07-03 16:43:50 +01:00
Ayato Tokubi fe2027c74a
generate 2024-07-03 16:37:33 +01:00
Ayato Tokubi ec2b148532
securitygroups 2024-07-03 16:37:33 +01:00
Ayato Tokubi 032ec5b520
privatelinkservices 2024-07-03 16:37:32 +01:00
Ayato Tokubi 4f5b046944
privateendpoints 2024-07-03 16:37:32 +01:00
Nicolas Ontiveros 786e0cf651 Fix unit tests 2024-07-02 07:57:39 -07:00
Amit Arora 176a68d4b8
Add validation for default CIDR range (#3611) 2024-07-02 16:12:03 +05:30
Nicolas Ontiveros 8fa599f554 Add todo for shared function 2024-07-01 07:53:04 -07:00
Nicolas Ontiveros ecbc28d7d0 Revert "Add function to test if miwi enabled"
This reverts commit 524b396b72.
2024-07-01 07:51:27 -07:00
Nicolas Ontiveros 0c840e3977 Revert "Add license"
This reverts commit 0cdcd00c93.
2024-07-01 07:51:16 -07:00
Tanmay Satam 9c166704cd Increase dev-proxy-vmss OSDisk to 64GB 2024-07-01 10:29:40 -04:00
Jeff Yuan a100c615e2 Merge branch 'master' into yjst2012/ARO-8531 2024-07-01 13:28:40 +12:00
Rajdeep Singh Chauhan 42daa82815 ARO-4373 resolve comments and parameter fixes 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan 17805e9120 ARO-4373 Enable Web Endpoint for the OIDC Storage Account 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan 90fde763c3 ARO-4373 update mgmtstorage sdk to 2019-06-01 for disabling allowSharedKeyAccess 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan a485dcbf50 ARO-4373 change OIDCIssuer field to pointer 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan 3fcdf91a4d ARO-4373 convert BoundServiceAccountSigningKey to *SecureString 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan 57a64c739d ARO-4373 add RP Feature Flag EnablePublicOIDCBlobAccess 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan 2388ad605c ARO-4373 additional unit tests and comments resolution 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan bd9a5b8638 ARO-4373 resolve PR comments 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan e884fd8105 ARO-4373 change BoundServiceAccountSigningKey SecureString to SecureBytes 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan c0621ea276 ARO-4373 add unit test cases 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan 5c6ca9d820 ARO-4373 generate keypair and oidc docs for miwi clusters 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan 47c214a363 ARO-4373 add the BoundServiceAccountSigningKey to ClusterProfile 2024-06-30 20:38:28 -04:00
Rajdeep Singh Chauhan 80651af83f ARO-4373 set envs for storage account name and AFD endpoints 2024-06-30 20:38:28 -04:00
Nicolas Ontiveros 0cdcd00c93 Add license 2024-06-28 15:56:48 -07:00
Nicolas Ontiveros 524b396b72 Add function to test if miwi enabled 2024-06-28 15:55:20 -07:00
Nicolas Ontiveros 2c53a3157b Revert "Add util for checking miwi cluster"
This reverts commit 681810f483.
2024-06-28 15:26:22 -07:00
Nicolas Ontiveros 681810f483 Add util for checking miwi cluster 2024-06-28 15:08:57 -07:00
Nicolas Ontiveros 56ed7ae2bb fix error naming 2024-06-28 14:27:58 -07:00
Nicolas Ontiveros a0a5d22a0a Further refactor the code 2024-06-28 11:31:36 -07:00
Nicolas Ontiveros d76314eb97 Add unit tests 2024-06-28 11:13:42 -07:00
Nicolas Ontiveros 401380f572 fix put/patch 2024-06-28 11:01:17 -07:00
Nicolas Ontiveros 7ee903f81c Add tenant ID to Identity struct 2024-06-28 10:36:50 -07:00
Ayato Tokubi ce6152db5b
Use track2 SDK in updateAPIIPEarly (#3638) 2024-06-28 17:41:20 +02:00
Jonathan CHang a8ee84c506
[ARO-4562] Migrate DNS to track2 SDK, arm dns client creation. (#3625) 2024-06-26 15:14:37 -04:00
Amber Brown 7590d55b55
Merge pull request #3614 from Azure/tony-schndr/ARO-7414-e2e-sub-migration
Migrate PR e2e to ARO Classic E2E subscription
2024-06-25 13:31:29 +10:00
Sanjana Lawande 835352dd2c
Adding logging statements for pullsecret controller (#3613)
* Adding logging for pullsecret controller

* Fixing unit tests

Co-authored-by: Sanjana Lawande <slawande@slawande-thinkpadt14sgen2i.remote.csb>
2024-06-24 09:06:33 -04:00
Tony Schneider aa3cb69498 remove provisioning state from arm template 2024-06-21 15:02:04 -05:00
Tony Schneider 5338e08f21 fix AzSecPack managed identity resource id 2024-06-21 14:56:02 -05:00
Jeff Yuan 51157b4f91 adding test using openshift-marketplace ns 2024-06-21 12:06:34 +12:00
Jeff Yuan 0f25a74dcc update guardrails protected namespaces list 2024-06-21 11:50:38 +12:00
kimorris27 47289ba59e `make client` 2024-06-18 11:38:56 -05:00
kimorris27 b9aba8ee66 Add new Identity field to OpenShiftCluster swagger API spec 2024-06-18 11:38:43 -05:00
Tony Schneider fab8715f33 adjust DataContributorRoleAssignement scope for development databases 2024-06-17 13:20:43 -05:00
Tony Schneider f02c46b846 generate after rebase 2024-06-17 13:20:43 -05:00
Tony Schneider 90525cf4b2 add database role assignements to the RP Service Principal 2024-06-17 13:20:42 -05:00
Tony Schneider 225a660344 add function and template to deploy e2e global keyvault 2024-06-17 13:20:42 -05:00
Tony Schneider b3d3140659 add functions and related assets to deploy shared e2e environment to new tenant 2024-06-17 13:20:40 -05:00
Miguel Abad Perez 5fc6067914 Reverting usage of SDK track2 clients from #3579 2024-06-17 15:44:52 +00:00
Or Raz a42f1acad3
Use newer default dev kubernetes version (#3601)
Update default Kubernetes version as it was asked by deploy_aks_dev function from hack/devtools/deploy-shared-env.sh
2024-06-17 11:33:43 +02:00
Daniel Holmes e44a826063
Merge pull request #3630 from Azure/hawkowl/cleanup-log-lines-steps
Reduces the amount of package names in the logs
2024-06-17 09:35:02 +10:00
Nont 048f09da55 Fix SQL Role assignments 2024-06-13 17:30:06 -05:00
Nont f01002e9ea EnableAutomaticOSUpgrade for dev-proxy, remove SA parameters 2024-06-13 13:13:38 -05:00
Amber Brown e57930cfbd add better comments 2024-06-13 14:53:47 +10:00
Amber Brown ec12eb5f50 cleanups 2024-06-13 14:53:47 +10:00
Amber Brown a33264f005 use an instantiated struct for this test, like the real steps 2024-06-13 14:53:47 +10:00
Amber Brown da4b09a2f1 fixes 2024-06-13 14:53:47 +10:00
Amber Brown 0de597a07f reduce the amount of package names in the logs 2024-06-13 14:53:47 +10:00
Hilliary Lipsig 7775d14a6b
Merge pull request #3584 from Azure/anshulvermapatel/ARO-7195
Removed DBToken. Made the components uses Managed Identity
2024-06-12 09:27:32 -07:00
Ana Clara Zoppi Serpa 2ee5231333 replacing my package-lock with masters 2024-06-11 12:50:59 -07:00
Anshul Verma 555aec78d8 fixed the arm template error seen in INT 2024-06-11 22:39:30 +05:30
Anshul Verma b8ed0da73f added scope to be of the database rather than the whole cosmosdb account 2024-06-11 22:24:46 +05:30
Anshul Verma ce4e04bd6e corrected the new database client methods for components. 2024-06-11 22:24:46 +05:30
Anshul Verma f13b7a9119 fixed json marshal issue 2024-06-11 22:24:46 +05:30
Anshul Verma ba7da1dee3 added arm templates for cosmosdb triggers 2024-06-11 22:24:46 +05:30
Anshul Verma 7b5dc42104 generated code from the lastest merge in go-cosmosdb repo 2024-06-11 22:24:45 +05:30
Anshul Verma e7dcf95c6d added logic to create the role assigments while deploying 2024-06-11 22:24:45 +05:30
Anshul Verma 8928e025b2 createUpdateTriggers were taking time. Reduced poll fequency time 2024-06-11 22:24:45 +05:30
Anshul Verma 7a568dbad1 removed all the references of dbtoken 2024-06-11 22:24:45 +05:30
Anshul Verma 8d0407cfbb generate issue 2024-06-11 22:24:45 +05:30
Anshul Verma 6a6dc9a9c2 Previously missed changing triggers logic for monitor, added it 2024-06-11 22:24:45 +05:30
Anshul Verma ca06e6de0f fixed usgov scope thing, also changed few things. 2024-06-11 22:24:45 +05:30
Anshul Verma 49f572ae6e removed generate issues 2024-06-11 22:24:45 +05:30
Amber Brown a70b607697
[ARO-8385] Bump resolve-url-loader to fix CVE audit (#3626)
* bump resolve-url-loader to fix CVE

* npm install

* rebuild

* missing file?
2024-06-11 11:49:57 -04:00
Ana Clara Zoppi Serpa 5875f5d98d removing unnecessary package locks 2024-06-10 15:38:34 -07:00
Ana Clara Zoppi Serpa eb4ac47f37 npm fix 2024-06-10 15:31:44 -07:00
Ana Clara Zoppi Serpa b99e58c374 removing parameters 2024-06-10 14:26:28 -07:00
Hilliary Lipsig 5fec700f5c
Merge pull request #3603 from Azure/azoppiserpa/ARO-7791/migrating-package
Making Gateway and RP Managed Boot Diagnostics
2024-06-10 14:04:08 -07:00
Tony Schneider 62253dd77d
Multi ip per load balancer followup (#3508)
* change lb profile validation to use fp sp
* refactors to multiple public IP code, including some concurrency
2024-06-07 16:33:47 -06:00
Ayato Tokubi 9216fef5b0
Update SDK to track2 in UpdateAPIIPEarly (#3579)
* ip address
* updateAPIIPEarly use track2 SDK
* make clients reusable
* refactor ipaddresses_test.go
2024-06-07 09:36:15 +02:00
Jeff Yuan 85ea77a763
Merge pull request #3539 from Azure/f/guardrails-3.15.1
feat(guardrails): Update manifests to match 3.15.1
2024-06-07 18:30:33 +12:00
Kipp Morris 31c72522fe
MIWI API endpoints (#3608)
* Add Cosmos DB container for PlatformWorkloadIdentityRoleSets

* Revert change to AKS k8s version - committed by mistake

* Fix bug in converter

When I first wrote the converter, I thought Go would treat the the slice
we `make` few lines above these changes as a slice full of zero-value
structs, but it actually treats it as an empty slice, which led to
out-of-bound issues when I first tried to use this converter to work on
the API endpoints.

* Add the PlatformWorkloadIdentityRoleSetConverter to the API register

* Implement the change feed for role sets in the easiest, most naive way

* Implement the external API endpoint for listing role sets

* Fix a small oversight from earlier on

* Add unit tests for the list endpoint

* Add unit tests for changefeed changes

* Uncomment the static validator

* Fix more slice out of bounds bugs in the converters...

* Add converter and static validator to the admin API register

* Add list and put endpoints

* Fix name of function to match convention

* Fix bug in static validator

I originally wrote the code the way I did so that we could aggregate
errors so that we could provide a better UX in cases where there are
multiple similar errors in the request content. I found while writing
unit tests that aggregating the errors in this way and not wrapping them
in a CloudError causes the RP to return an internal server error instead
of a 400 bad request.

Is there a way we can aggregate the errors and still wrap them in a
CloudError? I'm not sure of the formatting requirements for the text of
CloudErrors.

* Add unit tests for new API endpoints

* Fix typo

* Appease the linter

* Appease the linter

* Add TODO comment re: the number of parameters

* Update static validator to return multiple validation issues at the same time where applicable for better UX

* Add a simple utility function to make semver comparisons of OpenShift minor version more readable

* Log error before returning 500 to user

* Log errors before returning 500 to user

* Improve naming of unit test cases

* Add additional unit test cases
2024-06-06 10:15:44 -04:00
Tanmay Satam b038645848 Update deployment assets to use new version (generated) 2024-06-06 09:11:52 -04:00
Tanmay Satam 9f96803e31 Preserve segmented paths in MDMIMAGE value on RP/GWY VMSS scripts 2024-06-06 09:11:52 -04:00
Tanmay Satam dfda5402fa Update MDM/MDSD coordinates
- Use /distroless/ repository prefix to reference the distroless variants of these images
- Explicitly specify the image digest to ensure we get exactly the images we intend to use
- Update versions to the versions mirrored by the new image mirroring pipeline
2024-06-06 09:11:52 -04:00
Tanmay Satam d2f3972f16 Downgrade API version to 20230904 2024-06-06 09:11:23 -04:00
Tanmay Satam 190b7f49b5 Use single ARO API/client version in pkg/util/cluster 2024-06-06 09:11:23 -04:00
Ana Clara Zoppi Serpa 33e117a536 Removing the RP and Gateway SA creation functions 2024-06-05 12:24:45 -07:00
Ayato Tokubi e34a95b852
Change env var to skip pki unit tests (#3605) 2024-06-05 20:35:24 +02:00
Tanmay Satam 02cbe54766
Retry failed ARM template deployments during cluster installation when FPSP is missing roleassignments (#3590)
* Retry InvalidTemplateDeployment errors when the underlying error is Authorization Failed
* Remove short-circuit nil err check in DeployTemplate
2024-06-05 08:59:09 -06:00
Hilliary Lipsig bf7ddde2ef
Merge pull request #3514 from Azure/ARO-6086/cuamsi-api-changes
Add identityURL to internal apis for CMSI usage
2024-06-04 12:15:01 -07:00
Hilliary Lipsig 0f8830b422
Merge pull request #3575 from Azure/cadenmarchese/ARO-7348/upgrade-annotations
Allow customers to annotate CloudCredential resource on update
2024-06-04 12:12:39 -07:00
Ana Clara Zoppi Serpa b2b1882fcf removing the custom uri to test managed boot diagnostics 2024-06-03 17:13:03 -07:00
Ankur Singh 83a4cb30a3
Making 4.13.40 as default version for local dev (#3604) 2024-06-03 12:29:45 +05:30
Nont de3f34242f Use the correct API version for compute 2024-05-30 14:14:33 -05:00
cadenmarchese 1fae910e49 use the singular, make client 2024-05-30 13:59:57 -04:00
cadenmarchese 0c47ee7f2c fix typos, use semver 2024-05-30 13:48:54 -04:00
cadenmarchese 2567659273 remove unneccesary nil check 2024-05-30 13:28:08 -04:00
Nont 2ec5499208 Make dev-proxy use Trusted Launch 2024-05-28 22:24:02 -05:00
Anshul Verma 6a973ea1f1
[BUGFIX] This is to fix the cluster installation failure when preconfigured NSGs used (#3591)
* changed the api functions to properly set the NetworkProfile.PreconfiguredNSG field

* changed for the admin api as well

* make generate fixed
2024-05-27 10:19:19 +05:30
cadenmarchese 1da7fb84bc mutable:true struct tags 2024-05-23 17:22:12 -04:00
cadenmarchese e47ec72c96 mutable:true on identityURL, remove from admin api 2024-05-23 17:13:31 -04:00
cadenmarchese aaccab3c28 add identityURL handling to the API 2024-05-23 15:36:27 -04:00
cadenmarchese fcca98c075 unit test, static validation
allow existing cc annotations, more test cases
2024-05-22 16:36:35 -04:00
kimorris27 34f593b0f0 Two fixes:
- Initialize the operatorcli in both the real code and the unit tests
- Compare the actual annotations on the CloudCredentials to the
  wantAnnotations
2024-05-22 16:36:35 -04:00
cadenmarchese 0db13aadf7 add field and type, make client, converters 2024-05-22 16:36:26 -04:00
Hilliary Lipsig 191526ca26
Merge pull request #3562 from Azure/nwnt/mariner-dev-proxy
Migrate dev-proxy-vmss to Azure Linux and enable rolling OS update
2024-05-22 11:34:45 -07:00
Kipp Morris 74ba48ff5b
Add Cosmos DB container and pkg/database client for PlatformWorkloadIdentityRoleSets (#3582)
* Add generated Cosmos DB client for PlatformWorkloadIdentityRoleSetDocuments

* Add Cosmos DB container for PlatformWorkloadIdentityRoleSets

* Add the manually typed portion of the PlatformWorkloadIdentityRoleSets database client

* Revert change to AKS k8s version - committed by mistake
2024-05-22 18:47:32 +05:30
Nicolas Ontiveros e88bd57f3f
Add exemption tags for OIDC dev and RP version storage accounts (#3585)
* Add tag to oic storage account

* Add tag to rp version storage account

* Fix generate rp storage account

* Update assets
2024-05-21 16:25:33 -04:00
Alex Chvatal e71343ad58
ARO-6425 v20240812preview validation (#3563) 2024-05-21 13:44:10 -04:00
Ayato Tokubi cceb396a67
Add track2 API Client to Cluster struct (loadbalancer and interfaces) (#3568) 2024-05-16 08:15:57 +02:00
Nont 92dd9cce01 Add azsecpack autoconfig 2024-05-14 23:13:03 -05:00
Rajdeep Chauhan c918d24fec
ARO-6623 add nil check before populating clientsecrets for different routes (#3567) 2024-05-13 11:29:46 -04:00
Ayato Tokubi f227127e94
Accept pull-secret when we use hack script to create a cluster (#3486) 2024-05-10 10:00:33 +02:00
Maitiú Ó Ciaráin e2b1587a39
Refactor adminUpdate steps (#3449)
* Lay it out clearly
* Break the steps up into groups
* Factor out the common 0th setup/fixes
* Update unit test
* Factor out common bootstrap steps
* Remove initializeOperatorDeployer for Hive steps
* Revise the updateOperator Task
* Decouple OperatorUpdate and CertificateRenewal
* Move ConcatMultipleSlices in generic helpers
* Fix typos
* Revert the order for ensuring the API server is up
2024-05-07 21:22:29 +02:00
Hilliary Lipsig cd39e24771
Merge pull request #3529 from Azure/ARO-6623/service-principal-pointer
Convert ServicePrincipalProfile to pointer
2024-05-07 11:43:20 -07:00
Maitiú Ó Ciaráin 780ee50eb4
s/With*Hook/WithPost*Hook (#3549) 2024-05-07 17:54:42 +02:00
Jeff Yuan fc564970f7 Merge branch 'master' into f/guardrails-3.15.1 2024-05-07 17:55:29 +12:00
Jeff Yuan 2015715ee9
Merge pull request #3548 from Azure/arrislee/ARO-6716
update go version to 1.20.12
2024-05-07 17:49:00 +12:00
Nont d48f3ab789 Change to Azure Linux with VMSS Rolling Update 2024-05-06 17:51:44 -05:00
Nont c07ac36794 Add healthcheck to Proxy 2024-05-06 17:50:26 -05:00
cadenmarchese f1834cb641 disallow nil spp in older api versions 2024-05-06 09:49:55 -04:00
azoppiserpa 9425887d94
Removing the e2e functionality for v4 cleanup (#3494) 2024-05-03 16:13:45 -04:00
Tanmay Satam 0e67a0425b Do not perform explicit CSP roleassignment deletion in prod e2e 2024-05-02 13:04:35 -04:00
cadenmarchese e7f7b692e1 Convert ServicePrincipalProfile to pointer
* Adjust converters + tests
2024-05-02 09:08:02 -04:00
Jeff Yuan d67323be48
Merge pull request #3552 from Azure/rajdeepc2792/fix-e2e-cosmosdb-deployment
add dependsOn for cosmosdb container deployment templates
2024-05-02 14:29:52 +12:00
Tony Schneider bc30095884
Bug fix - clear ReadOnly fields on PUT or PATCH for 2023-11-22 and 2024-08-12-preview APIs (#3538)
* add read only fields to ExternalNoReady

* run ExternalNoReadOnly on put or patch

* clear readonly fields in 2024-08-12-preview
2024-05-01 12:36:26 -04:00
Rajdeep Singh Chauhan 982e5e3991 add dependsOn for cosmosdb container deployment templates 2024-05-01 11:57:47 -04:00
Rajdeep Chauhan 666225b576
use checkAccessv2 for all permission validations and deprecate listPermissions for validations (#3524)
* use checkAccessv2 for all permission validations

* remove permission client dependency

* dev fpsp requires authorization action permission for checkAccessv2
2024-05-01 16:18:02 +05:30
Jeff Yuan 6d8b0421b7 fix a regex change, plus correct naming typo 2024-04-30 17:02:29 +12:00
Jeff Yuan c1d1e7b94d 'must have at least one stored version', otherwise can't be created 2024-04-30 16:00:48 +12:00
Edison Cardenas 7a901cfa76
ARO-7160: Increase polling duration of vm to 30mins (#3541) 2024-04-29 14:19:31 +05:30
Arris Li 6d27d26ff0 bump go version to 1.20.12 2024-04-29 19:47:35 +12:00
Ankur Singh e1b8a4e95e
Setting TLS1.2 as min for cosmoDB (#3520)
* setting TLS1.2 as min for cosmoDB

* nitpick

* fixing marshalling
2024-04-29 10:38:24 +05:30
Maitiú Ó Ciaráin 3c3088e8a4 Drop ErrorIfNoField 2024-04-26 14:07:07 +02:00
Daniel J. Holmes (jaitaiwan) dbd387808d feat(guardrails): Update test to match crds 2024-04-26 11:25:25 +10:00
Daniel Holmes 040e016b07
Merge pull request #3531 from Azure/hawkowl/misc/clienthooks-updates
Update some clienthelper hooks for better testing
2024-04-26 10:34:07 +10:00
Daniel J. Holmes (jaitaiwan) 79db3ed857 feat(guardrails): Update default gatekeeper version 2024-04-26 10:28:06 +10:00
Daniel J. Holmes (jaitaiwan) 7b3efe5596 feat(guardrails): Update manifests to match 3.15.1 2024-04-26 09:46:58 +10:00
Nont 902f9f73a7
Change the upgrademode of VMSS to rolling (#3519) 2024-04-25 11:59:25 +02:00
Daniel Ionel Bizau c50e0c0773
extended maximum wait time per loop to 30 minutes (#3536) 2024-04-25 11:49:02 +02:00
Tanmay Satam 5da867078f
Do not perform explicit cluster deletion in prod e2e (#3513)
* Do not perform explicit cluster deletion in prod e2e

* Add more robust logging to deletion process

* Refactor pkg/util/cluster Delete function to declaratively define deletion steps
2024-04-25 11:46:15 +02:00
Jonathan CHang 32c15b1a3f
[ARO-4637] Migrate keyvault to track2 SDK (#3275)
* create client and vendor for armkeyvault

* fix cluster

* remove old keyvault

* change input option to environment option

* add credit

* fix mix import

* fix lint

* fix import in valut

* reoreder valut impoty

* fix vulnerability

* remobe package lock

* fix audit

* audit force

* fix audit

* ufix audit

* run npm update then fix

* fix nit

* bump version

* bump version

* bump

* bump

* match with master

* remove

* lint

* remove package-lock.json

* change to arm option

* mod vendor

* fix lint

* fix lint

---------

Co-authored-by: jonachang <jonachang@microsoft.com>
2024-04-25 11:40:15 +02:00
Kipp Morris 37f24021ab
MIWI preview API - Add PlatformWorkloadIdentityRoleSet proxy resource type (#3522)
* Add new internal types
* Add document types
* Add new external API types
* Add external API converter and example
* Add new admin API types
* Add admin API converter and static validator
* Added ServiceAccounts to admin API static validator
2024-04-23 05:36:33 -07:00
Amber Brown 433da1ea1f clienthelper updates for testing 2024-04-23 13:49:24 +10:00
Ankur Singh 91a82f3acf Adding 4.13.23 as deafult version 2024-04-17 10:57:12 -07:00
Ayato Tokubi d6fc9fcf63
add export in createapp.env (#3518) 2024-04-17 10:47:29 +10:00
Edison Cardenas 8878b0d460
ARO-5325: Propagate install error to user (#3509)
* ARO-5325: Propagate error to user and add unit test.

* Refactor: Revert  double quote
2024-04-15 11:48:25 +05:30
Maitiú Ó Ciaráin d6082a5ecb
Use the correct MDSD image (#3517) 2024-04-11 13:09:56 +00:00
b-jhoreman 99838eacc4 adding retry logic on yum commands to avoid resource locking 2024-04-09 11:11:36 -07:00
b-jhoreman 220a14d390 adding retry logic on yum commands to avoid resource locking 2024-04-09 11:05:07 -07:00
b-jhoreman 55c8b9df29 adding retry logic on yum commands to avoid resource locking 2024-04-09 10:59:41 -07:00
b-jhoreman f2ae7c1488 adding retry logic on yum commands to avoid resource locking 2024-04-09 10:35:34 -07:00
Hilliary Lipsig df91955909
Merge pull request #3487 from Azure/tsatam/hotfix-mdsd-pullspec-allow-reset-to-default
Ensure Fluentbit/MDSD spec operatorflags assume default version when set to empty string
2024-04-08 10:20:35 -07:00
Hilliary Lipsig a9a3ffc5e0
Merge pull request #3504 from Azure/nwnt/remove-skiplinuxazsecpack-tag
Remove SkipLinuxAzSecPack from RP and Gateway VMSS
2024-04-08 10:14:40 -07:00
Caden Marchese adc4836520
Add new initial fields to v20240812preview (#3478)
* Add new initial fields to v20240812preview
* update openshiftcluster_example.go
* add new fields to converter

Co-authored-by: kimorris27 <kimorris@redhat.com>
2024-04-08 09:26:41 -04:00
Amber Brown 867b0d5979
Load the app/SP from the environment instead of automatically creating it (#3498)
* use multierror here, so it's more obvious if we're missing multiple keys

* Ignore the written out clusterapp.env

* move create/delete into separate commands, which write out a clusterapp.env file

* delete the app in the e2e.sh file

* update the docs
2024-04-08 08:06:53 +10:00