From 9dae1b3e2941cf1ab184ac69aa1c9d11fff28990 Mon Sep 17 00:00:00 2001 From: Jack Francis Date: Fri, 24 May 2024 09:43:14 -0700 Subject: [PATCH] back-compat just for CI_RG and USER_IDENTITY Signed-off-by: Jack Francis --- scripts/kind-with-registry.sh | 10 ---------- .../test/dev/cluster-template-custom-builds.yaml | 7 ++----- .../test/dev/custom-builds/kustomization.yaml | 1 - .../azure-cluster-identity-user-assigned.yaml | 15 --------------- 4 files changed, 2 insertions(+), 31 deletions(-) delete mode 100644 templates/test/dev/custom-builds/patches/azure-cluster-identity-user-assigned.yaml diff --git a/scripts/kind-with-registry.sh b/scripts/kind-with-registry.sh index b7d82ab115d..f2884a7fc4a 100755 --- a/scripts/kind-with-registry.sh +++ b/scripts/kind-with-registry.sh @@ -82,17 +82,7 @@ function checkAZWIENVPreReqsAndCreateFiles() { fi # Back-compat logic to deal with previous implementation of this script if [ -n "${SERVICE_ACCOUNT_SIGNING_PUB}" ] && [ -n "${SERVICE_ACCOUNT_SIGNING_KEY}" ]; then - mkdir -p "$(dirname "${SERVICE_ACCOUNT_SIGNING_PUB_FILEPATH}")" - mkdir -p "$(dirname "${SERVICE_ACCOUNT_SIGNING_KEY_FILEPATH}")" - echo "${SERVICE_ACCOUNT_SIGNING_PUB}" > "${SERVICE_ACCOUNT_SIGNING_PUB_FILEPATH}" - echo "${SERVICE_ACCOUNT_SIGNING_KEY}" > "${SERVICE_ACCOUNT_SIGNING_KEY_FILEPATH}" - export SERVICE_ACCOUNT_ISSUER="${SERVICE_ACCOUNT_ISSUER:-https://oidcissuercapzci.blob.core.windows.net/oidc-capzci/}" - export USER_IDENTITY="cloud-provider-user-identity" - export CI_RG="capz-ci" - AZURE_IDENTITY_ID=$(az identity show -n "${USER_IDENTITY}" -g "${CI_RG}" --query clientId -o tsv) - echo "${AZURE_IDENTITY_ID}" > "${AZURE_IDENTITY_ID_FILEPATH}" touch "${USE_BACK_COMPAT_IDENTITY}" - return fi if [ -z "${SERVICE_ACCOUNT_ISSUER}" ]; then # check if user is logged into azure cli diff --git a/templates/test/dev/cluster-template-custom-builds.yaml b/templates/test/dev/cluster-template-custom-builds.yaml index 2d01d6703c5..510f8b0c7d6 100644 --- a/templates/test/dev/cluster-template-custom-builds.yaml +++ b/templates/test/dev/cluster-template-custom-builds.yaml @@ -587,12 +587,9 @@ metadata: namespace: default spec: allowedNamespaces: {} - clientID: ${AZURE_CLIENT_ID} - clientSecret: - name: ${AZURE_CLUSTER_IDENTITY_SECRET_NAME} - namespace: ${AZURE_CLUSTER_IDENTITY_SECRET_NAMESPACE} + clientID: ${AZURE_CLIENT_ID_USER_ASSIGNED_IDENTITY} tenantID: ${AZURE_TENANT_ID} - type: ServicePrincipal + type: WorkloadIdentity --- apiVersion: addons.cluster.x-k8s.io/v1beta1 kind: ClusterResourceSet diff --git a/templates/test/dev/custom-builds/kustomization.yaml b/templates/test/dev/custom-builds/kustomization.yaml index f74cefaacde..f9651b84640 100644 --- a/templates/test/dev/custom-builds/kustomization.yaml +++ b/templates/test/dev/custom-builds/kustomization.yaml @@ -52,7 +52,6 @@ patches: - path: ../../../test/ci/patches/windows-machine-deployment-replicas.yaml - path: ../../../test/ci/patches/metrics-server-enabled-cluster.yaml - path: ../../../test/ci/patches/controller-manager-featuregates.yaml -- path: patches/azure-cluster-identity-user-assigned.yaml configMapGenerator: - behavior: merge files: diff --git a/templates/test/dev/custom-builds/patches/azure-cluster-identity-user-assigned.yaml b/templates/test/dev/custom-builds/patches/azure-cluster-identity-user-assigned.yaml deleted file mode 100644 index 902ad866b9e..00000000000 --- a/templates/test/dev/custom-builds/patches/azure-cluster-identity-user-assigned.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: AzureClusterIdentity -metadata: - name: "${CLUSTER_IDENTITY_NAME}" - labels: - clusterctl.cluster.x-k8s.io/move-hierarchy: "true" -spec: - type: ServicePrincipal - allowedNamespaces: {} - clientID: ${AZURE_CLIENT_ID} - clientSecret: - name: ${AZURE_CLUSTER_IDENTITY_SECRET_NAME} - namespace: ${AZURE_CLUSTER_IDENTITY_SECRET_NAMESPACE} - tenantID: "${AZURE_TENANT_ID}"