automated setup of rosa hcp prerequisites

openshift-pipelines · Dec 19, 2023 · 398824e · 398824e
1 parent 1b12ab2
commit 398824e
Showing 1 changed file with 69 additions and 60 deletions.
diff --git a/ci/hack/rosa_hcp_setup.sh b/ci/hack/rosa_hcp_setup.sh
@@ -5,16 +5,6 @@ set -o errexit
 set -o nounset
 set -o pipefail
 
-SCRIPT_DIR="$(
-    cd "$(dirname "$0")" >/dev/null
-    pwd
-)"
-
-PROJECT_DIR="$(
-  cd "$SCRIPT_DIR/../.." >/dev/null || exit 1
-  pwd
-)"
-
 # shellcheck source=ci/images/ci-runner/hack/bin/utils.sh
 source "$PROJECT_DIR/ci/images/ci-runner/hack/bin/utils.sh"
 
@@ -28,36 +18,44 @@ Configure resources for ROSA HCP cluster on AWS
 Mandatory arguments:
     -r, --region
         AWS region name.
-    --prefix
-        Prefix for the cluster name.
-    -v, --version
-        Version of the ROSA HCP cluster.
+    --name
+        Name for the cluster name.
     
 Optional arguments:
     -d, --debug
         Activate tracing/debug mode.
     -h, --help
         Display this message.
 Example:
-    ${0##*/} ./rosa_hcp_setup.sh --prefix test0612 -r us-east-1 -v 4.12
+    ${0##*/} ./rosa_hcp_setup.sh --name <cluster-name> -r us-east-1
 " >&2
 }
 
+init() {
+    SCRIPT_DIR="$(
+        cd "$(dirname "$0")" >/dev/null
+        pwd
+    )"
+
+    PROJECT_DIR="$(
+        cd "$SCRIPT_DIR/../.." >/dev/null || exit 1
+        pwd
+    )"
+
+    TMPDIR=$(dirname "$(mktemp -u)")
+}
+
 parse_args() {
     while [[ $# -gt 0 ]]; do
         case $1 in
-        --prefix)
+        --name)
             shift
-            export PREFIX_NAME="$1"
+            export CLUSTER_NAME="$1"
             ;;
         -r | --region)
             shift
             export AWS_REGION="$1"
             ;;
-        -v | --version)
-            shift
-            export VERSION="$1"
-            ;;
         -d | --debug)
             set -x
             ;;
@@ -75,69 +73,80 @@ parse_args() {
     done
 }
 
-init() {
-    # Retrieve AWS Credential file from Bitwarden
-    open_bitwarden_session
-    get_aws_credentials
-    get_rosa_token
-}
-
 prechecks() {
-    if [[ -z "${PREFIX_NAME:-}" ]]; then
-      printf "[ERROR] PREFIX_NAME is not set\n\n" >&2
-      usage
-      exit 1
+    # if rosa is not login, exit
+    if ! rosa whoami; then
+        printf "[ERROR] rosa is not login\n\n" >&2
+        usage
+        exit 1
     fi
-    if [[ -z "${AWS_REGION:-}" ]]; then
-      printf "[ERROR] AWS region is not set\n\n" >&2
-      usage
-      exit 1
+
+    if [[ -z "${AWS_ACCESS_KEY_ID:-}" ]]; then
+        printf "[ERROR] AWS_ACCESS_KEY_ID variable is not set\n\n" >&2
+        usage
+        exit 1
+    fi
+
+    if [[ -z "${AWS_SECRET_ACCESS_KEY:-}" ]]; then
+        printf "[ERROR] AWS_SECRET_ACCESS_KEY variable is not set\n\n" >&2
+        usage
+        exit 1
     fi
-    if [[ -z "${VERSION:-}" ]]; then
-      printf "[ERROR] OCP version is not set\n\n" >&2
-      usage
-      exit 1
+
+    if [[ -z "${CLUSTER_NAME:-}" ]]; then
+        printf "[ERROR] cluster name is not set\n\n" >&2
+        usage
+        exit 1
+    fi
+    if [[ -z "${AWS_REGION:-}" ]]; then
+        printf "[ERROR] AWS region is not set\n\n" >&2
+        usage
+        exit 1
     fi
 }
 
 create_vpc() {
-    # Create a directory for the Terraform files and navigate to it
-    mkdir hypershift-tf
-    cd hypershift-tf
-
-    # Download the setup-vpc.tf file from GitHub
-    curl --fail --silent --output setup-vpc.tf https://raw.githubusercontent.com/openshift-cs/OpenShift-Troubleshooting-Templates/master/rosa-hcp-terraform/setup-vpc.tf
+    cd "${TMPDIR}" || exit 1
+    git clone https://github.com/openshift-cs/terraform-vpc-example.git
+    cd terraform-vpc-example
 
     # Initialize Terraform
     terraform init
 
     # Plan the Terraform deployment and save the plan to a file
-    terraform plan -out rosa.plan -var aws_region="$AWS_REGION" -var cluster_name="${PREFIX_NAME}"
+    terraform plan -out rosa.tfplan -var region="$AWS_REGION" -var cluster_name="${CLUSTER_NAME}"
 
-    # Apply the Terraform plan
-    terraform apply rosa.plan
+    # Apply the Terraform planc
+    terraform apply rosa.tfplan
+    # save file `terraform.tfstate` to the current directory for VPC cleanup
+    cp "${TMPDIR}/terraform-vpc-example/terraform.tfstate" "${SCRIPT_DIR}"/terraform.tfstate_"${CLUSTER_NAME}"
 }
 
-create_account_roles() {
-    local ROLE_PREFIX="${PREFIX_NAME}-role"
-    # Login to the cluster
-    rosa login --token="$ROSA_TOKEN"
+create_resources() {
+    local ROLE_PREFIX="${CLUSTER_NAME}-role"
     # Create the account-wide STS roles and policies
-    role_output=$(rosa create account-roles --prefix "$ROLE_PREFIX" -f --mode auto -y --version "$VERSION")
-    installer_role_arn=$(echo "$role_output" | awk -v prefix="$ROLE_PREFIX" '$0 ~ prefix"-Installer-Role" {gsub(/'\''/, "", $NF); print $NF}')
+    rosa create account-roles --prefix "$ROLE_PREFIX" --hosted-cp -f --mode auto -y
+    installer_role_arn=$(rosa list account-roles | grep "$ROLE_PREFIX"-HCP-ROSA-Installer-Role | awk '{print $3}')
+
     # Create an OpenID Connect Configuration
-    oidc_output=$(rosa create oidc-config --mode auto --managed --yes)
-    oidc_config_id=$(echo "$oidc_output" | awk -F/ '{print $NF}')
+    rosa create oidc-config -y --mode auto --output json --managed \
+        >"${TMPDIR}/oidc-config"
+    oidc_config_id=$(jq -r '.id' "${TMPDIR}/oidc-config")
     # Create Operator-roles
-    rosa create operator-roles --prefix plnsvc-ci --oidc-config-id "$oidc_config_id" --installer-role-arn "$installer_role_arn" --hosted-cp --mode auto -y
+    rosa create operator-roles --prefix "${CLUSTER_NAME}" --oidc-config-id "${oidc_config_id}" --installer-role-arn "${installer_role_arn}" --hosted-cp --mode auto -y
+}
+
+clean_up() {
+    rm -rf "${TMPDIR}"
 }
 
 main() {
+    init
     parse_args "$@"
     prechecks
-    init
     create_vpc
-    create_account_roles
+    create_resources
+    clean_up
 }
 
 if [ "${BASH_SOURCE[0]}" == "$0" ]; then