diff --git a/ci-operator/populate-secrets-from-bitwarden.sh b/ci-operator/populate-secrets-from-bitwarden.sh index 8ef9286630efa..dd324c3d10430 100755 --- a/ci-operator/populate-secrets-from-bitwarden.sh +++ b/ci-operator/populate-secrets-from-bitwarden.sh @@ -195,6 +195,7 @@ update_secret generic "ci-pull-credentials" --type=kubernetes.io/dockerconfigjso target_cloud="aws" update_secret generic "cluster-secrets-${target_cloud}" \ "$( format_attachment "quay.io" pull-secret )" \ + "$( format_attachment "insights-ci-account" insights-live.yaml )" \ "$( format_attachment "jenkins-ci-iam" .awscred )" \ "$( format_attachment "jenkins-ci-iam" ssh-privatekey )" \ "$( format_attachment "mirror.openshift.com" cert-key.pem ops-mirror.pem )" \ @@ -203,6 +204,7 @@ update_secret generic "cluster-secrets-${target_cloud}" target_cloud="gcp" update_secret generic "cluster-secrets-${target_cloud}" \ "$( format_attachment "quay.io" pull-secret )" \ + "$( format_attachment "insights-ci-account" insights-live.yaml )" \ "$( format_attachment "jenkins-ci-provisioner" credentials.json gce.json )" \ "$( format_attachment "jenkins-ci-provisioner" ssh-privatekey )" \ "$( format_attachment "jenkins-ci-provisioner" ssh-publickey )" \ @@ -213,12 +215,14 @@ target_cloud="openstack" update_secret generic "cluster-secrets-${target_cloud}" \ --from-literal=pull-secret="$(merge_pull_secrets)" \ "$( format_attachment "openstack" clouds.yaml )" \ + "$( format_attachment "insights-ci-account" insights-live.yaml )" \ "$( format_attachment "jenkins-ci-provisioner" ssh-privatekey )" \ "$( format_attachment "jenkins-ci-provisioner" ssh-publickey )" target_cloud="vsphere" update_secret generic "cluster-secrets-${target_cloud}" \ "$( format_attachment "quay.io" pull-secret )" \ + "$( format_attachment "insights-ci-account" insights-live.yaml )" \ "$( format_attachment "jenkins-ci-iam" .awscred )" \ "$( format_attachment "jenkins-ci-iam" ssh-privatekey )" \ "$( format_attachment "jenkins-ci-iam" ssh-publickey )" \ @@ -227,6 +231,7 @@ update_secret generic "cluster-secrets-${target_cloud}" \ target_cloud="metal" update_secret generic "cluster-secrets-${target_cloud}" \ "$( format_attachment "quay.io" pull-secret )" \ + "$( format_attachment "insights-ci-account" insights-live.yaml )" \ "$( format_attachment "jenkins-ci-iam" .awscred )" \ "$( format_attachment "jenkins-ci-iam" ssh-privatekey )" \ "$( format_attachment "jenkins-ci-iam" ssh-publickey )" \ @@ -246,5 +251,5 @@ update_secret generic "sentry-dsn" "$( format_field_value "sentry" "ci-operator" # Configuration for the .git-credentials used by the release controller to clone # private repositories to generate changelogs -oc -n "ci-release" create secret generic "git-credentials" "--from-literal=.git-credentials=https://openshift-bot:$( field_value "openshift-bot" "GitHub OAuth Token" "oauth" )@github.com" -oc -n "ci-release" label secret "git-credentials" "ci.openshift.io/managed=true" +oc -n "ci-release" create secret generic "git-credentials" "--from-literal=.git-credentials=https://openshift-bot:$( field_value "openshift-bot" "GitHub OAuth Token" "oauth" )@github.com" --dry-run -o yaml | oc apply -f - +oc -n "ci-release" label secret "git-credentials" "ci.openshift.io/managed=true" --overwrite diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-console.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-console.yaml index 7654434a71965..579624ff23575 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-console.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-console.yaml @@ -140,9 +140,11 @@ objects: break done - until oc --insecure-skip-tls-verify wait clusterversion/version --for condition=available 2>/dev/null; do - sleep 10 & wait - done + # if the cluster profile included an insights secret, install it to the cluster to + # report support data from the support-operator + if [[ -f /tmp/cluster/insights-live.yaml ]]; then + oc create -f /tmp/cluster/insights-live.yaml || true + fi # set up cloud-provider-specific env vars export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-e2e.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-e2e.yaml index ba8e94c282ed4..0bcd1372fdf5e 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-e2e.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-e2e.yaml @@ -133,9 +133,11 @@ objects: break done - until oc --insecure-skip-tls-verify wait clusterversion/version --for condition=available 2>/dev/null; do - sleep 10 & wait - done + # if the cluster profile included an insights secret, install it to the cluster to + # report support data from the support-operator + if [[ -f /tmp/cluster/insights-live.yaml ]]; then + oc create -f /tmp/cluster/insights-live.yaml || true + fi # set up cloud-provider-specific env vars export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-metal-e2e.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-metal-e2e.yaml index edb7ac55ed350..0bf53670d10c2 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-metal-e2e.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-metal-e2e.yaml @@ -140,9 +140,11 @@ objects: break done - until oc --insecure-skip-tls-verify wait clusterversion/version --for condition=available 2>/dev/null; do - sleep 10 & wait - done + # if the cluster profile included an insights secret, install it to the cluster to + # report support data from the support-operator + if [[ -f /tmp/cluster/insights-live.yaml ]]; then + oc create -f /tmp/cluster/insights-live.yaml || true + fi # set up cloud-provider-specific env vars export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-openstack-e2e.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-openstack-e2e.yaml index 186a90754ab69..58ab87aa3ea16 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-openstack-e2e.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-openstack-e2e.yaml @@ -136,9 +136,11 @@ objects: break done - until oc --insecure-skip-tls-verify wait clusterversion/version --for condition=available 2>/dev/null; do - sleep 10 & wait - done + # if the cluster profile included an insights secret, install it to the cluster to + # report support data from the support-operator + if [[ -f /tmp/cluster/insights-live.yaml ]]; then + oc create -f /tmp/cluster/insights-live.yaml || true + fi # set up env vars export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-src.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-src.yaml index 41c622c3d1d92..494ce0c0f9598 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-src.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-src.yaml @@ -136,9 +136,11 @@ objects: break done - until oc --insecure-skip-tls-verify wait clusterversion/version --for condition=available 2>/dev/null; do - sleep 10 & wait - done + # if the cluster profile included an insights secret, install it to the cluster to + # report support data from the support-operator + if [[ -f /tmp/cluster/insights-live.yaml ]]; then + oc create -f /tmp/cluster/insights-live.yaml || true + fi # set up cloud-provider-specific env vars export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" diff --git a/ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml b/ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml index 6daeb5763e716..460f7e6fec526 100644 --- a/ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml +++ b/ci-operator/templates/openshift/installer/cluster-launch-installer-upi-e2e.yaml @@ -209,6 +209,12 @@ objects: break done + # if the cluster profile included an insights secret, install it to the cluster to + # report support data from the support-operator + if [[ -f /tmp/cluster/insights-live.yaml ]]; then + oc create -f /tmp/cluster/insights-live.yaml || true + fi + # set up cloud-provider-specific env vars export KUBE_SSH_BASTION="$( oc --insecure-skip-tls-verify get node -l node-role.kubernetes.io/master -o 'jsonpath={.items[0].status.addresses[?(@.type=="ExternalIP")].address}' ):22" export KUBE_SSH_KEY_PATH=/tmp/cluster/ssh-privatekey