OCPBUGS#6001: Add a step to create a secret for Azure

xenolinux · xenolinux · commit 8c75e8f30757 · 2023-02-22T10:06:13.000+05:30
diff --git a/modules/manually-create-identity-access-management.adoc b/modules/manually-create-identity-access-management.adoc
@@ -198,7 +198,7 @@ spec:
 ----
 endif::google-cloud-platform[]
 
-. Create YAML files for secrets in the `openshift-install` manifests directory that you generated previously. The secrets must be stored using the namespace and secret name defined in the `spec.secretRef` for each `CredentialsRequest` object. 
+. Create YAML files for secrets in the `openshift-install` manifests directory that you generated previously. The secrets must be stored using the namespace and secret name defined in the `spec.secretRef` for each `CredentialsRequest` object.
 +
 ifdef::ash[] 
 .Sample `CredentialsRequest` object
@@ -228,6 +228,49 @@ spec:
 +
 endif::ash[] 
 
+.Sample `CredentialsRequest` object
+[source,yaml]
+----
+apiVersion: cloudcredential.openshift.io/v1
+kind: CredentialsRequest
+metadata:
+  annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
+    include.release.openshift.io/self-managed-high-availability: "true"
+    include.release.openshift.io/single-node-developer: "true"
+  labels:
+    controller-tools.k8s.io: "1.0"
+  name: openshift-image-registry-azure
+  namespace: openshift-cloud-credential-operator
+spec:
+  providerSpec:
+    apiVersion: cloudcredential.openshift.io/v1
+    kind: AzureProviderSpec
+    roleBindings:
+    - role: Contributor
+  secretRef:
+    name: installer-cloud-credentials
+    namespace: openshift-image-registry
+----
++
+.Sample `Secret` object
+[source,yaml]
+----
+apiVersion: v1
+kind: Secret
+metadata:
+  namespace: openshift-image-registry
+  name: installer-cloud-credentials
+data:
+  azure_subscription_id: <base64_encrypted_azure_subscription_id>
+  azure_client_id: <base64_encrypted_azure_client_id>
+  azure_client_secret: <base64_encrypted_azure_client_secret>
+  azure_tenant_id: <base64_encrypted_azure_tenant_id>
+  azure_resource_prefix: <base64_encrypted_azure_resource_prefix>
+  azure_resourcegroup: <base64_encrypted_azure_resourcegroup>
+  azure_region: <base64_encrypted_azure_region>
+----
++
 [IMPORTANT]
 ====
 The release image includes `CredentialsRequest` objects for Technology Preview features that are enabled by the `TechPreviewNoUpgrade` feature set. You can identify these objects by their use of the `release.openshift.io/feature-set: TechPreviewNoUpgrade` annotation.
