Skip to content

Commit 98fcdbb

Browse files
janbolljanboll
authored
Merge pull request #1544 from Azure/ARO-15882-add-SP-IDs-to-to-cluster-service-config
ARO-15882 | Add Principal and Client IDs of required SPs to CS Configmap
2 parents 0f3f459 + 5461874 commit 98fcdbb

File tree

2 files changed

+31
-1
lines changed

2 files changed

+31
-1
lines changed

cluster-service/Makefile

+11-1
Original file line numberDiff line numberDiff line change
@@ -85,8 +85,18 @@ deploy:
8585

8686
deploy-pr-env-deps:
8787
AZURE_CS_MI_CLIENT_ID=$(shell az identity show -g ${RESOURCEGROUP} -n clusters-service --query clientId -o tsv) && \
88+
AZURE_FIRST_PARTY_APPLICATION_CLIENT_ID=$(shell az ad app list --display-name aro-dev-first-party2 --query '[*]'.appId -o tsv) && \
89+
AZURE_ARM_HELPER_IDENTITY_CLIENT_ID=$(shell az ad app list --display-name aro-dev-arm-helper2 --query '[*]'.appId -o tsv) && \
90+
AZURE_ARM_HELPER_MOCK_FPA_PRINCIPAL_ID=$(shell az ad sp list --display-name aro-dev-first-party2 --query "[*].id" -o tsv) && \
91+
AZURE_MI_MOCK_SERVICE_PRINCIPAL_CLIENT_ID=$(shell az ad sp list --display-name aro-dev-msi-mock2 --query "[*].appId" -o tsv) && \
92+
AZURE_MI_MOCK_SERVICE_PRINCIPAL_PRINCIPAL_ID=$(shell az ad sp list --display-name aro-dev-msi-mock2 --query "[*].id" -o tsv) && \
8893
oc process --local -f cspr/cluster-service-namespace.yaml \
89-
-p CLIENT_ID=$${AZURE_CS_MI_CLIENT_ID} | oc apply -f -
94+
-p CLIENT_ID=$${AZURE_CS_MI_CLIENT_ID} \
95+
-p FPA_CLIENT_ID=$${AZURE_FIRST_PARTY_APPLICATION_CLIENT_ID} \
96+
-p ARM_HELPER_CLIENT_ID=$${AZURE_ARM_HELPER_IDENTITY_CLIENT_ID} \
97+
-p ARM_HELPER_MOCK_FPA_PRINCIPAL_ID=$${AZURE_ARM_HELPER_MOCK_FPA_PRINCIPAL_ID} \
98+
-p MSI_MOCK_CLIENT_ID=$${AZURE_MI_MOCK_SERVICE_PRINCIPAL_CLIENT_ID} \
99+
-p MSI_MOCK_PRINCIPAL_ID=$${AZURE_MI_MOCK_SERVICE_PRINCIPAL_PRINCIPAL_ID} | oc apply -f -
90100

91101
create-pr-env-sp:
92102
CLUSTER_ID=$(shell az aks show -g ${RESOURCEGROUP} -n ${AKS_NAME} --query id -o tsv) && \

cluster-service/cspr/cluster-service-namespace.yaml

+20
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,21 @@ parameters:
1010
- name: CLIENT_ID
1111
description: The Azure Client ID used for federation
1212
required: true
13+
- name: FPA_CLIENT_ID
14+
description: Client ID of First Party Application
15+
required: true
16+
- name: ARM_HELPER_CLIENT_ID
17+
description: Client ID of Arm Helper Identity
18+
required: true
19+
- name: ARM_HELPER_MOCK_FPA_PRINCIPAL_ID
20+
description: Principal ID of mock FPA Identity
21+
required: true
22+
- name: MSI_MOCK_CLIENT_ID
23+
description: Client ID of MSI Mock
24+
required: true
25+
- name: MSI_MOCK_PRINCIPAL_ID
26+
description: Principal ID of MSI Mock
27+
required: true
1328
- name: ORPHANED_NAMESPACE_CLEANER_NAMESPACE
1429
description: The namespace to create to have a cronjob which will delete the orphaned namespace which are not deleted due to any issues with the jenkins job.
1530
value: orphaned-namespace-cleaner
@@ -75,6 +90,11 @@ objects:
7590
name: cluster-service-config
7691
namespace: ${NAMESPACE}
7792
data:
93+
msi-mock-client-id: ${MSI_MOCK_CLIENT_ID}
94+
msi-mock-principal-id: ${MSI_MOCK_PRINCIPAL_ID}
95+
arm-helper-client-id: ${ARM_HELPER_CLIENT_ID}
96+
arm-helper-mock-fpa-principal-id: ${ARM_HELPER_MOCK_FPA_PRINCIPAL_ID}
97+
fpa-client-id: ${FPA_CLIENT_ID}
7898
cs-client-id: ${CLIENT_ID}
7999
- apiVersion: v1
80100
kind: Namespace

0 commit comments

Comments
 (0)