From f6f94d51b16485b4f806aaf671602ebb0f758961 Mon Sep 17 00:00:00 2001
From: Jon Huhn <johuhn@microsoft.com>
Date: Tue, 11 Jun 2024 20:43:36 +0000
Subject: [PATCH] add user-assigned identity to worker nodes for CI version
 templates

---
 .../test/ci/cluster-template-prow-ci-version-dual-stack.yaml   | 3 +++
 templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml   | 3 +++
 templates/test/ci/cluster-template-prow-ci-version.yaml        | 3 +++
 .../test/ci/cluster-template-prow-machine-pool-ci-version.yaml | 3 +++
 templates/test/ci/prow-ci-version/kustomization.yaml           | 1 +
 .../test/ci/prow-machine-pool-ci-version/kustomization.yaml    | 1 +
 6 files changed, 14 insertions(+)

diff --git a/templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml b/templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml
index 6c5e42d8d26..0dba073b64b 100644
--- a/templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml
+++ b/templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml
@@ -296,6 +296,7 @@ spec:
   template:
     spec:
       enableIPForwarding: true
+      identity: UserAssigned
       image:
         marketplace:
           offer: capi
@@ -306,6 +307,8 @@ spec:
         diskSizeGB: 128
         osType: Linux
       sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""}
+      userAssignedIdentities:
+      - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity}
       vmExtensions:
       - name: CustomScript
         protectedSettings:
diff --git a/templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml b/templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml
index 5233f6f4921..07c551c1614 100644
--- a/templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml
+++ b/templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml
@@ -303,6 +303,7 @@ spec:
   template:
     spec:
       enableIPForwarding: true
+      identity: UserAssigned
       image:
         marketplace:
           offer: capi
@@ -313,6 +314,8 @@ spec:
         diskSizeGB: 128
         osType: Linux
       sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""}
+      userAssignedIdentities:
+      - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity}
       vmExtensions:
       - name: CustomScript
         protectedSettings:
diff --git a/templates/test/ci/cluster-template-prow-ci-version.yaml b/templates/test/ci/cluster-template-prow-ci-version.yaml
index 24315f2b05e..a3f378d9804 100644
--- a/templates/test/ci/cluster-template-prow-ci-version.yaml
+++ b/templates/test/ci/cluster-template-prow-ci-version.yaml
@@ -273,6 +273,7 @@ metadata:
 spec:
   template:
     spec:
+      identity: UserAssigned
       image:
         marketplace:
           offer: capi
@@ -283,6 +284,8 @@ spec:
         diskSizeGB: 128
         osType: Linux
       sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""}
+      userAssignedIdentities:
+      - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity}
       vmExtensions:
       - name: CustomScript
         protectedSettings:
diff --git a/templates/test/ci/cluster-template-prow-machine-pool-ci-version.yaml b/templates/test/ci/cluster-template-prow-machine-pool-ci-version.yaml
index fc6219f914c..5135a38cc7d 100644
--- a/templates/test/ci/cluster-template-prow-machine-pool-ci-version.yaml
+++ b/templates/test/ci/cluster-template-prow-machine-pool-ci-version.yaml
@@ -265,6 +265,7 @@ metadata:
   name: ${CLUSTER_NAME}-mp-0
   namespace: default
 spec:
+  identity: UserAssigned
   location: ${AZURE_LOCATION}
   strategy:
     rollingUpdate:
@@ -295,6 +296,8 @@ spec:
       publisher: Microsoft.Azure.Extensions
       version: "2.1"
     vmSize: ${AZURE_NODE_MACHINE_TYPE}
+  userAssignedIdentities:
+  - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${CI_RG:=capz-ci}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_IDENTITY:=cloud-provider-user-identity}
 ---
 apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
 kind: KubeadmConfig
diff --git a/templates/test/ci/prow-ci-version/kustomization.yaml b/templates/test/ci/prow-ci-version/kustomization.yaml
index 0cb95378c71..abf9cc9dbf5 100644
--- a/templates/test/ci/prow-ci-version/kustomization.yaml
+++ b/templates/test/ci/prow-ci-version/kustomization.yaml
@@ -55,6 +55,7 @@ patches:
 - path: patches/machine-deployment-ci-version-control-plane.yaml
 - path: ../patches/metrics-server-enabled-cluster.yaml
 - path: ../patches/controller-manager-featuregates.yaml
+- path: ../patches/uami-md-0.yaml
 configMapGenerator:
 - behavior: merge
   files:
diff --git a/templates/test/ci/prow-machine-pool-ci-version/kustomization.yaml b/templates/test/ci/prow-machine-pool-ci-version/kustomization.yaml
index 3a704dae3c5..3a705480363 100644
--- a/templates/test/ci/prow-machine-pool-ci-version/kustomization.yaml
+++ b/templates/test/ci/prow-machine-pool-ci-version/kustomization.yaml
@@ -29,6 +29,7 @@ patches:
 - path: patches/machine-pool-ci-version.yaml
 - path: ../patches/machine-pool-worker-counts.yaml
 - path: patches/machine-pool-ci-version-windows.yaml
+- path: ../patches/uami-mp-0.yaml
 configMapGenerator:
 - behavior: merge
   files: