ci-operator: add cluster-profile-azure4 secrets

abhinavdahiya · abhinavdahiya · commit 4d630ab4c0ac · 2019-05-30T09:46:16.000-07:00
azure4 cluster-profile will be used for OpenShift 4 Azure testing.
diff --git a/Makefile b/Makefile
@@ -315,6 +315,15 @@ azure-secrets:
 	oc create secret generic codecov-token --from-literal=upload=${CODECOV_UPLOAD_TOKEN} -o yaml --dry-run | oc apply -n azure -f -
 .PHONY: azure-secrets
 
+azure4-secrets:
+	oc create secret generic cluster-secrets-azure4 \
+	--from-file=cluster/test-deploy/azure4/osServicePrincipal.json \
+	--from-file=cluster/test-deploy/azure4/pull-secret \
+	--from-file=cluster/test-deploy/azure4/ssh-privatekey \
+	--from-file=cluster/test-deploy/azure4/ssh-publickey \
+	-o yaml --dry-run | oc apply -n ocp -f -
+.PHONY: azure4-secrets
+
 metering:
 	$(MAKE) -C projects/metering
 .PHONY: metering
diff --git a/ci-operator/SECRETS.md b/ci-operator/SECRETS.md
@@ -54,6 +54,15 @@ currently exist:
 | `metrics-int.key`             | Azure Geneva metrics authentication key |
 | `system-docker-config.json`   | Root/node/system level docker config.json file, currently holding access registry.redhat.io |
 
+#### `cluster-secrets-azure4`
+
+|       Key                         | Description |
+| ----------------------------------| ----------- |
+| `osServicePrincipal.json`     | Credentials for the Azure API. This is a json file that contains fields described in [upstream credentials doc](https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-create-service-principals#create-a-service-principal-using-a-client-secret). |
+| `pull-secret`    | Credentials for pulling OpenShift images from Quay and for authenticating to telemetry. Retrieved from [try.openshift.com](https://try.openshift.com) under the ccoleman+openshift-ci-test@redhat.com account, and has the service account token from the `ocp` namespace added with `oc registry login --to=/tmp/pull-secret -z default -n ocp`.|
+| `ssh-privatekey` | Private half of the SSH key, for connecting to Azure VMs. |
+| `ssh-publickey`  | Public half of the SSH key, for connecting to Azure VMs. |
+
 #### `cluster-secrets-vsphere`
 
 |       Key             | Description |
diff --git a/cluster/ci/config/secret-mirroring/mapping.yaml b/cluster/ci/config/secret-mirroring/mapping.yaml
@@ -17,6 +17,12 @@ secrets:
   to:
     namespace: ci-stg
     name: cluster-secrets-azure
+- from:
+    namespace: ci
+    name: cluster-secrets-azure4
+  to:
+    namespace: ci-stg
+    name: cluster-secrets-azure4
 - from:
     namespace: ci
     name: cluster-secrets-gcp
diff --git a/cluster/test-deploy/azure4/.gitignore b/cluster/test-deploy/azure4/.gitignore
@@ -0,0 +1,5 @@
+*
+!.type
+!.gitignore
+!OWNERS
+!secret_example
diff --git a/cluster/test-deploy/azure4/.type b/cluster/test-deploy/azure4/.type
@@ -0,0 +1 @@
+azure4
diff --git a/cluster/test-deploy/azure4/secret_example b/cluster/test-deploy/azure4/secret_example
@@ -0,0 +1,6 @@
+{
+  "subscriptionId": "xxxxx",
+  "clientId": "xxxxx",
+  "clientSecret": "xxxxx",
+  "tenantId": "xxxxx"
+}

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +*
 +!.type
 +!.gitignore
 +!OWNERS
 +!secret_example