aws: use byo hosted zone in sharednetwork workflow

ci-operator/step-registry/ipi/aws/post/sharednetwork/OWNERS

@@ -0,0 +1,11 @@
+approvers:
+- smarterclayton
+- wking
+- stevekuznetsov
+- vrutkovs
+- abhinavdahiya
+- deads2k
+- crawford
+- ewolinetz
+- csrwng
+- staebler

ci-operator/step-registry/ipi/aws/post/sharednetwork/ipi-aws-post-sharednetwork-chain.metadata.json

@@ -0,0 +1,17 @@
+{
+	"path": "ipi/aws/post/sharednetwork/ipi-aws-post-sharednetwork-chain.yaml",
+	"owners": {
+		"approvers": [
+			"smarterclayton",
+			"wking",
+			"stevekuznetsov",
+			"vrutkovs",
+			"abhinavdahiya",
+			"deads2k",
+			"crawford",
+			"ewolinetz",
+			"csrwng",
+			"staebler"
+		]
+	}
+}

ci-operator/step-registry/ipi/aws/post/sharednetwork/ipi-aws-post-sharednetwork-chain.yaml

@@ -0,0 +1,8 @@
+chain:
+  as: ipi-aws-post-sharednetwork
+  steps:
+  - chain: ipi-aws-post
+  - ref: ipi-deprovision-aws-sharednetwork
+  documentation: |-
+    The IPI post step contains all steps that provision an OpenShift cluster
+    in a shared VPC configuration on AWS.

ci-operator/step-registry/ipi/conf/aws/sharednetwork/ipi-conf-aws-sharednetwork-commands.sh

@@ -5,12 +5,15 @@ set -o errexit
 set -o pipefail
 
 # TODO: move to image
-curl -L https://github.com/mikefarah/yq/releases/download/3.3.0/yq_linux_amd64 -o /tmp/yq && chmod +x /tmp/yq
+pip3 install --user yq
+export PATH=~/.local/bin:$PATH
+
+export AWS_SHARED_CREDENTIALS_FILE=$CLUSTER_PROFILE_DIR/.awscred
 
 CONFIG="${SHARED_DIR}/install-config.yaml"
 PATCH="${SHARED_DIR}/install-config-sharednetwork.yaml.patch"
 
-aws_region=$(/tmp/yq r "${CONFIG}" 'platform.aws.region')
+aws_region=$(yq -r '.platform.aws.region' "${CONFIG}")
 
 subnets="[]"
 case "${aws_region}_$((RANDOM % 4))" in
@@ -34,10 +37,28 @@ us-west-2_3) subnets="['subnet-072d00dcf02ad90a6','subnet-0ad913e4bd6ff53fa','su
 esac
 echo "Subnets : ${subnets}"
 
+first_subnet="$(echo ${subnets} | yq -r '.[0]')"
+
+vpc_id="$(aws --region "${aws_region}" ec2 describe-subnets --subnet-ids "${first_subnet}" | jq -r '.[][0].VpcId')"
+echo "Using vpc_id: ${vpc_id}"
+
+cluster_domain=$(yq -r '.metadata.name + "." + .baseDomain' "${CONFIG}")
+hosted_zone="$(aws route53 create-hosted-zone \
+    --name "${cluster_domain}" \
+    --vpc VPCRegion="${aws_region}",VPCId="${vpc_id}" \
+    --caller-reference "${cluster_domain}-$(date +"%Y-%m-%d-%H-%M-%S")" \
+    --hosted-zone-config Comment="BYO hosted zone for ${cluster_domain}",PrivateZone=true |
+  jq -r '.HostedZone.Id' | \
+  sed -E 's|^/hostedzone/(.+)$|\1|' \
+  )"
+echo "Using hosted zone: ${hosted_zone}"
+
 cat >> "${PATCH}" << EOF
 platform:
   aws:
     subnets: ${subnets}
+    hostedZone: ${hosted_zone}
 EOF
 
-/tmp/yq m -x -i "${CONFIG}" "${PATCH}"
+yq -y -s '.[0] * .[1]' "${CONFIG}" "${PATCH}" > "${CONFIG}.patched"
+mv "${CONFIG}.patched" "${CONFIG}"

ci-operator/step-registry/ipi/conf/aws/sharednetwork/ipi-conf-aws-sharednetwork-ref.yaml

@@ -1,9 +1,9 @@
 ref:
   as: ipi-conf-aws-sharednetwork
   from_image:
-   namespace: origin
-   name: centos
-   tag: '8'
+    namespace: ocp
+    name: "4.8"
+    tag: upi-installer
   commands: ipi-conf-aws-sharednetwork-commands.sh
   resources:
     requests:

ci-operator/step-registry/ipi/deprovision/aws/OWNERS

@@ -0,0 +1,11 @@
+approvers:
+- smarterclayton
+- wking
+- stevekuznetsov
+- vrutkovs
+- abhinavdahiya
+- deads2k
+- crawford
+- ewolinetz
+- csrwng
+- staebler

ci-operator/step-registry/ipi/deprovision/aws/sharednetwork/OWNERS

@@ -0,0 +1,11 @@
+approvers:
+- smarterclayton
+- wking
+- stevekuznetsov
+- vrutkovs
+- abhinavdahiya
+- deads2k
+- crawford
+- ewolinetz
+- csrwng
+- staebler

ci-operator/step-registry/ipi/deprovision/aws/sharednetwork/ipi-deprovision-aws-sharednetwork-commands.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+set -o nounset
+set -o errexit
+set -o pipefail
+
+# TODO: move to image
+pip3 install --user yq
+export PATH=~/.local/bin:$PATH
+
+export AWS_SHARED_CREDENTIALS_FILE=$CLUSTER_PROFILE_DIR/.awscred
+
+CONFIG="${SHARED_DIR}/install-config.yaml"
+
+hosted_zone="$(yq -r '.platform.aws.hostedZone' "${CONFIG}")"
+echo "Deleting hosted zone: ${hosted_zone}"
+aws route53 delete-hosted-zone --id "${hosted_zone}"

ci-operator/step-registry/ipi/deprovision/aws/sharednetwork/ipi-deprovision-aws-sharednetwork-ref.metadata.json

@@ -0,0 +1,17 @@
+{
+	"path": "ipi/deprovision/aws/sharednetwork/ipi-deprovision-aws-sharednetwork-ref.yaml",
+	"owners": {
+		"approvers": [
+			"smarterclayton",
+			"wking",
+			"stevekuznetsov",
+			"vrutkovs",
+			"abhinavdahiya",
+			"deads2k",
+			"crawford",
+			"ewolinetz",
+			"csrwng",
+			"staebler"
+		]
+	}
+}

ci-operator/step-registry/ipi/deprovision/aws/sharednetwork/ipi-deprovision-aws-sharednetwork-ref.yaml

@@ -0,0 +1,13 @@
+ref:
+  as: ipi-deprovision-aws-sharednetwork
+  from_image:
+    namespace: ocp
+    name: "4.8"
+    tag: upi-installer
+  commands: ipi-deprovision-aws-sharednetwork-commands.sh
+  resources:
+    requests:
+      cpu: 10m
+      memory: 100Mi
+  documentation: |-
+    The IPI AWS sharednetwork deprovision step deletes the AWS resources for shared network.

ci-operator/step-registry/openshift/e2e/aws/sharednetwork/openshift-e2e-aws-sharednetwork-workflow.yaml

@@ -6,6 +6,6 @@ workflow:
     test:
     - ref: openshift-e2e-test
     post:
-    - chain: ipi-aws-post
+    - chain: ipi-aws-post-sharednetwork
   documentation: |-
     The Openshift E2E AWS workflow executes the common end-to-end test suite on AWS in a shared network cluster configuration.