azurepathfix: create Azure Stack Hub environment file accordingly

Author: flavianmissi

cmd/move-blobs/main.go

@@ -31,6 +31,10 @@ func main() {
 		opts.environment = "AZUREPUBLICCLOUD"
 	}
 
+	if err := createASHEnvironmentFile(opts); err != nil {
+		panic(err)
+	}
+
 	cloudConfig, err := getCloudConfig(opts.environment)
 	if err != nil {
 		panic(err)
@@ -218,6 +222,34 @@ type configOpts struct {
 	federatedTokenFile string
 	accountKey         string
 	environment        string
+	// environmentFilePath and environmentFileContents are specific
+	// for Azure Stack Hub
+	environmentFilePath     string
+	environmentFileContents string
+}
+
+func createASHEnvironmentFile(opts *configOpts) error {
+	if len(opts.environmentFilePath) == 0 || len(opts.environmentFileContents) == 0 {
+		klog.Info("Azure Stack Hub environment variables not present in current environment, skipping setup...")
+		return nil
+	}
+	f, err := os.Create(opts.environmentFilePath)
+	if err != nil {
+		return err
+	}
+
+	_, err = f.WriteString(opts.environmentFileContents)
+	if err != nil {
+		f.Close()
+		os.Remove(f.Name())
+		return err
+	}
+
+	err = f.Close()
+	if err != nil {
+		return err
+	}
+	return nil
 }
 
 func getCloudConfig(environment string) (cloud.Configuration, error) {
@@ -238,14 +270,16 @@ func getCloudConfig(environment string) (cloud.Configuration, error) {
 
 func getConfigOpts() *configOpts {
 	return &configOpts{
-		storageAccountName: strings.TrimSpace(os.Getenv("AZURE_STORAGE_ACCOUNT_NAME")),
-		containerName:      strings.TrimSpace(os.Getenv("AZURE_CONTAINER_NAME")),
-		clientID:           strings.TrimSpace(os.Getenv("AZURE_CLIENT_ID")),
-		tenantID:           strings.TrimSpace(os.Getenv("AZURE_TENANT_ID")),
-		clientSecret:       strings.TrimSpace(os.Getenv("AZURE_CLIENT_SECRET")),
-		federatedTokenFile: strings.TrimSpace(os.Getenv("AZURE_FEDERATED_TOKEN_FILE")),
-		accountKey:         strings.TrimSpace(os.Getenv("AZURE_ACCOUNTKEY")),
-		environment:        strings.TrimSpace(os.Getenv("AZURE_ENVIRONMENT")),
+		storageAccountName:      strings.TrimSpace(os.Getenv("AZURE_STORAGE_ACCOUNT_NAME")),
+		containerName:           strings.TrimSpace(os.Getenv("AZURE_CONTAINER_NAME")),
+		clientID:                strings.TrimSpace(os.Getenv("AZURE_CLIENT_ID")),
+		tenantID:                strings.TrimSpace(os.Getenv("AZURE_TENANT_ID")),
+		clientSecret:            strings.TrimSpace(os.Getenv("AZURE_CLIENT_SECRET")),
+		federatedTokenFile:      strings.TrimSpace(os.Getenv("AZURE_FEDERATED_TOKEN_FILE")),
+		accountKey:              strings.TrimSpace(os.Getenv("AZURE_ACCOUNTKEY")),
+		environment:             strings.TrimSpace(os.Getenv("AZURE_ENVIRONMENT")),
+		environmentFilePath:     strings.TrimSpace(os.Getenv("AZURE_ENVIRONMENT_FILEPATH")),
+		environmentFileContents: strings.TrimSpace(os.Getenv("AZURE_ENVIRONMENT_FILECONTENTS")),
 	}
 }
 

cmd/move-blobs/main_test.go

@@ -3,6 +3,7 @@ package main
 import (
 	"context"
 	"fmt"
+	"io"
 	"math/rand"
 	"os"
 	"strings"
@@ -244,3 +245,30 @@ func TestValidation(t *testing.T) {
 		})
 	}
 }
+
+func TestStackHubEnvironmentFile(t *testing.T) {
+	path := strings.TrimSpace(os.Getenv("AZURE_ENVIRONMENT_FILEPATH"))
+	contents := strings.TrimSpace(os.Getenv("AZURE_ENVIRONMENT_FILECONTENTS"))
+	if len(path) == 0 || len(contents) == 0 {
+		t.Fatal("both AZURE_ENVIRONMENT_FILEPATH and AZURE_ENVIRONMENT_FILECONTENTS must be set")
+	}
+	opts := getConfigOpts()
+	err := createASHEnvironmentFile(opts)
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.Remove(path)
+	f, err := os.Open(path)
+	if err != nil {
+		t.Fatalf("error opening file %q: %v", path, err)
+	}
+	b, err := io.ReadAll(f)
+	if err != nil {
+		t.Fatalf("error reading file %q: %v", path, err)
+	}
+	if string(b) != contents {
+		t.Logf("AZURE_ENVIRONMENT_FILECONTENTS: %s", contents)
+		t.Logf("%s: %s", path, string(b))
+		t.Fatalf("file contents differed from AZURE_ENVIRONMENT_FILECONTENTS")
+	}
+}

pkg/operator/azurepathfixcontroller.go

@@ -45,6 +45,7 @@ type AzurePathFixController struct {
 	podLister                 corev1listers.PodNamespaceLister
 	infrastructureLister      configlisters.InfrastructureLister
 	proxyLister               configlisters.ProxyLister
+	openshiftConfigLister     corev1listers.ConfigMapNamespaceLister
 	kubeconfig                *restclient.Config
 
 	cachesToSync []cache.InformerSynced
@@ -60,6 +61,7 @@ func NewAzurePathFixController(
 	infrastructureInformer configv1informers.InfrastructureInformer,
 	secretInformer corev1informers.SecretInformer,
 	proxyInformer configv1informers.ProxyInformer,
+	openshiftConfigInformer corev1informers.ConfigMapInformer,
 	podInformer corev1informers.PodInformer,
 ) (*AzurePathFixController, error) {
 	c := &AzurePathFixController{
@@ -71,6 +73,7 @@ func NewAzurePathFixController(
 		secretLister:              secretInformer.Lister().Secrets(defaults.ImageRegistryOperatorNamespace),
 		podLister:                 podInformer.Lister().Pods(defaults.ImageRegistryOperatorNamespace),
 		proxyLister:               proxyInformer.Lister(),
+		openshiftConfigLister:     openshiftConfigInformer.Lister().ConfigMaps(defaults.OpenShiftConfigNamespace),
 		kubeconfig:                kubeconfig,
 		queue:                     workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "AzurePathFixController"),
 	}
@@ -105,6 +108,11 @@ func NewAzurePathFixController(
 	}
 	c.cachesToSync = append(c.cachesToSync, proxyInformer.Informer().HasSynced)
 
+	if _, err := openshiftConfigInformer.Informer().AddEventHandler(c.eventHandler()); err != nil {
+		return nil, err
+	}
+	c.cachesToSync = append(c.cachesToSync, openshiftConfigInformer.Informer().HasSynced)
+
 	// bootstrap the job if it doesn't exist
 	c.queue.Add("instance")
 
@@ -182,6 +190,7 @@ func (c *AzurePathFixController) sync() error {
 		c.secretLister,
 		c.infrastructureLister,
 		c.proxyLister,
+		c.openshiftConfigLister,
 		imageRegistryConfig,
 		c.kubeconfig,
 	)

pkg/operator/starter.go

@@ -177,6 +177,7 @@ func RunOperator(ctx context.Context, kubeconfig *restclient.Config) error {
 		configInformers.Config().V1().Infrastructures(),
 		kubeInformers.Core().V1().Secrets(),
 		configInformers.Config().V1().Proxies(),
+		kubeInformersForOpenShiftConfig.Core().V1().ConfigMaps(),
 		kubeInformers.Core().V1().Pods(),
 	)
 	if err != nil {

pkg/resource/azurepathfixjob.go

@@ -27,13 +27,14 @@ import (
 var _ Mutator = &generatorAzurePathFixJob{}
 
 type generatorAzurePathFixJob struct {
-	lister               batchlisters.JobNamespaceLister
-	secretLister         corev1listers.SecretNamespaceLister
-	infrastructureLister configlisters.InfrastructureLister
-	proxyLister          configlisters.ProxyLister
-	client               batchset.BatchV1Interface
-	cr                   *imageregistryv1.Config
-	kubeconfig           *restclient.Config
+	lister                batchlisters.JobNamespaceLister
+	secretLister          corev1listers.SecretNamespaceLister
+	infrastructureLister  configlisters.InfrastructureLister
+	proxyLister           configlisters.ProxyLister
+	openshiftConfigLister corev1listers.ConfigMapNamespaceLister
+	client                batchset.BatchV1Interface
+	cr                    *imageregistryv1.Config
+	kubeconfig            *restclient.Config
 }
 
 func NewGeneratorAzurePathFixJob(
@@ -42,17 +43,19 @@ func NewGeneratorAzurePathFixJob(
 	secretLister corev1listers.SecretNamespaceLister,
 	infrastructureLister configlisters.InfrastructureLister,
 	proxyLister configlisters.ProxyLister,
+	openshiftConfigLister corev1listers.ConfigMapNamespaceLister,
 	cr *imageregistryv1.Config,
 	kubeconfig *restclient.Config,
 ) *generatorAzurePathFixJob {
 	return &generatorAzurePathFixJob{
-		lister:               lister,
-		client:               client,
-		cr:                   cr,
-		infrastructureLister: infrastructureLister,
-		secretLister:         secretLister,
-		proxyLister:          proxyLister,
-		kubeconfig:           kubeconfig,
+		lister:                lister,
+		client:                client,
+		cr:                    cr,
+		infrastructureLister:  infrastructureLister,
+		secretLister:          secretLister,
+		proxyLister:           proxyLister,
+		openshiftConfigLister: openshiftConfigLister,
+		kubeconfig:            kubeconfig,
 	}
 }
 
@@ -88,6 +91,7 @@ func (gapfj *generatorAzurePathFixJob) expected() (runtime.Object, error) {
 
 	optional := true
 	envs := []corev1.EnvVar{
+		{Name: "AZURE_ENVIRONMENT_FILEPATH", Value: os.Getenv("AZURE_ENVIRONMENT_FILEPATH")},
 		{Name: "AZURE_STORAGE_ACCOUNT_NAME", Value: azureStorage.AccountName},
 		{Name: "AZURE_CONTAINER_NAME", Value: azureStorage.Container},
 		{Name: "AZURE_CLIENT_ID", Value: azureCfg.ClientID},
@@ -105,6 +109,17 @@ func (gapfj *generatorAzurePathFixJob) expected() (runtime.Object, error) {
 		}},
 	}
 
+	// for Azure Stack Hub, the move-blobs command needs to know the endpoints,
+	// and those come from the cloud-provider-config in the openshift-config
+	// namespace.
+	cm, err := gapfj.openshiftConfigLister.Get("cloud-provider-config")
+	if err != nil && !errors.IsNotFound(err) {
+		return nil, err
+	}
+	if cm != nil {
+		envs = append(envs, corev1.EnvVar{Name: "AZURE_ENVIRONMENT_FILECONTENTS", Value: cm.Data["endpoints"]})
+	}
+
 	if len(azureStorage.CloudName) > 0 {
 		envs = append(envs, corev1.EnvVar{Name: "AZURE_ENVIRONMENT", Value: azureStorage.CloudName})
 	}