feat: Add support for Azure CAPI (#687)

* Add recipe and terraform for Azure CAPI

* Add helm for Azure CAPI

* Add client ID and secret to recipe config

* Bump chart version

* Add Azure identity helm

* Revert last change

* Fix secret creation

* Pass resource group in terraform

* Add aadpodidentity.k8s.io CRDs

* Update location, resource group and Kubernetes version

* Bump bootstrap-controller version

* Bump chart version

Author: maciaszczykm

bootstrap/helm/bootstrap-operator/Chart.yaml

@@ -2,12 +2,14 @@ apiVersion: v2
 name: bootstrap-operator
 description: A Helm chart for the bootstrap operator
 type: application
-version: 0.1.8
+version: 0.1.12
 home: https://github.com/pluralsh/plural-helm-charts
 keywords:
   - clusterapi
   - operator
 maintainers:
   - name: zreigz
   - name: floreks
+  - name: maciaszczykm
+    email: [email protected]
 appVersion: "0.1.0"

bootstrap/helm/bootstrap-operator/crds/azure-identity.yaml

@@ -0,0 +1,9 @@
+{{ if eq .Values.provider "azure" }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cluster-identity-secret
+type: Opaque
+data:
+  clientSecret: {{ .Values.operator.clientSecret }}
+{{ end }}

bootstrap/helm/bootstrap-operator/templates/azure.yaml

@@ -11,7 +11,7 @@ image:
   controller:
     repository: ghcr.io/pluralsh/bootstrap-controller
     pullPolicy: Always
-    tag: 0.0.7
+    tag: 0.0.11
 
 imagePullSecrets: []
 nameOverride: ""
@@ -61,8 +61,12 @@ tolerations: []
 
 affinity: {}
 
+provider: ""
+
 operator:
   clusterName: ""
   skipClusterCreation: true
   secret: {}
-  cloud: {}
+  cloud: {}
+  # Used by Azure
+  clientSecret: ""

bootstrap/helm/bootstrap-operator/values.yaml

@@ -1,3 +1,7 @@
+provider: {{ .Provider }}
+{{ if eq .Provider "azure" }}
+kubernetesVersion: v1.26.3
+{{ end }}
 operator:
   clusterName: {{ .Cluster }}
   secret: {}
@@ -83,6 +87,42 @@ operator:
         name: variables
         key: AWS_SESSION_TOKEN
 {{ end }}
+{{ if eq .Provider "azure" }}
+  clientSecret: {{ .Context.ClientSecret | b64enc | quote }}
+  cloud:
+    azure:
+      version: v1.8.2
+      clusterIdentity: 
+        name: azure-cluster-identity
+        allowedNamespaces: {}
+        clientID: {{ .Context.ClientId }}
+        clientSecret:
+          name: cluster-identity-secret
+          namespace: bootstrap
+        tenantID: {{ .Context.TenantId }}
+        type: ServicePrincipal
+      managedCluster: {}
+      controlPlane:
+        version: v1.26.3
+        resourceGroupName: {{ .Project }}
+        location: {{ .Region }}
+        sshPublicKey: ''
+        subscriptionID: {{ .Context.SubscriptionId }}
+        identityRef:
+          apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+          kind: AzureClusterIdentity
+          name: azure-cluster-identity
+          namespace: bootstrap
+      machinePools:
+      - name: pool0
+        replicas: 1
+        mode: System
+        sku: Standard_D2s_v3
+      - name: pool1
+        replicas: 2
+        mode: User
+        sku: Standard_D2s_v3
+{{ end }}
 {{ if eq .Provider "google" }}
   secret:
     GCP_B64ENCODED_CREDENTIALS: {{ .Context.Credentials | quote }}

bootstrap/helm/bootstrap-operator/values.yaml.tpl

@@ -0,0 +1,24 @@
+name: azure-cluster-api
+description: Creates an AKS cluster and installs the bootstrap chart
+provider: AZURE
+primary: false
+private: true
+dependencies: []
+sections:
+  - name: bootstrap
+    configuration:
+    - name: client_id
+      documentation: Service principal client ID
+      type: STRING
+    - name: client_secret
+      documentation: Service principal password
+      type: STRING
+    items:
+      - type: TERRAFORM
+        name: azure-bootstrap-cluster-api
+      - type: HELM
+        name: bootstrap
+      - type: HELM
+        name: plural-certmanager-webhook
+      - type: HELM
+        name: bootstrap-operator

bootstrap/plural/recipes/azure-cluster-api.yaml

@@ -0,0 +1,11 @@
+apiVersion: plural.sh/v1alpha1
+kind: Dependencies
+metadata:
+  description: Creates an AKS cluster and prepares it for bootstrapping
+  version: 0.1.0
+spec:
+  breaking: true
+  dependencies: []
+  providers:
+  - azure
+

bootstrap/terraform/azure-bootstrap-cluster-api/deps.yaml

@@ -0,0 +1,4 @@
+data "azurerm_kubernetes_cluster" "cluster" {
+  name = var.cluster_name
+  resource_group_name = var.resource_group
+}

bootstrap/terraform/azure-bootstrap-cluster-api/main.tf

@@ -0,0 +1,2 @@
+cluster_name = {{ .Cluster | quote }}
+resource_group = {{ .Project | quote }}

bootstrap/terraform/azure-bootstrap-cluster-api/terraform.tfvars

@@ -0,0 +1,8 @@
+variable "cluster_name" {
+  type = string
+  default = "plural"
+}
+
+variable "resource_group" {
+  type = string
+}