Merge "Use proxy settings from env vars"

manifests/function/airshipctl-catalogues/env-vars-template.yaml

@@ -0,0 +1,21 @@
+apiVersion: airshipit.org/v1alpha1
+kind: Templater
+metadata:
+  name: env-vars-template
+  labels:
+    airshipit.org/deploy-k8s: "false"
+template: |
+  ---
+  apiVersion: airshipit.org/v1alpha1
+  kind: VariableCatalogue
+  metadata:
+    labels:
+      airshipit.org/deploy-k8s: "false"
+    name: env-vars-catalogue
+  env:
+    HTTP_PROXY: '{{ env "HTTP_PROXY" }}'
+    HTTPS_PROXY: '{{ env "HTTPS_PROXY" }}'
+    http_proxy: '{{ env "http_proxy" }}'
+    https_proxy: '{{ env "https_proxy" }}'
+    NO_PROXY: '{{ env "NO_PROXY" }}'
+    no_proxy: '{{ env "no_proxy" }}'

manifests/function/airshipctl-catalogues/kustomization.yaml

@@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - versions-airshipctl.yaml
+  - env-vars-template.yaml

manifests/function/baremetal-operator/ironic-vars.yaml

@@ -5,6 +5,12 @@ metadata:
   labels:
   name: ironic-vars
 data:
+  HTTP_PROXY: ""
+  HTTPS_PROXY: ""
+  http_proxy: ""
+  https_proxy: ""
+  NO_PROXY: ""
+  no_proxy: ""
   PROVISIONING_IP: "192.168.10.100"
   DHCP_RANGE: "192.168.10.200,192.168.10.250"
   PROVISIONING_INTERFACE: "pxe"

manifests/function/baremetal-operator/replacements/ironic-env-vars.yaml

@@ -0,0 +1,61 @@
+# These rules inject env vars into the baremetal-operator function.
+apiVersion: airshipit.org/v1alpha1
+kind: ReplacementTransformer
+metadata:
+  name: baremetal-operator-env-vars-replacements
+replacements:
+# Replace the proxy vars
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTP_PROXY
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.HTTP_PROXY"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTPS_PROXY
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.HTTPS_PROXY"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.http_proxy
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.http_proxy"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.https_proxy
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.https_proxy"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.NO_PROXY
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.NO_PROXY"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.no_proxy
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.no_proxy"]

manifests/function/baremetal-operator/replacements/kustomization.yaml

@@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - versions.yaml
+  - ironic-env-vars.yaml

manifests/function/ephemeral/replacements/ephemeral-env-vars.yaml

@@ -0,0 +1,34 @@
+# These rules inject env vars into the ephemeral function.
+apiVersion: airshipit.org/v1alpha1
+kind: ReplacementTransformer
+metadata:
+  name: ephemeral-env-vars-replacements
+replacements:
+# Replace the proxy vars
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTP_PROXY
+  target:
+    objref:
+      kind: Secret
+      name: ephemeral-bmc-secret
+    fieldrefs: ["stringData.userData%REPLACEMENT_HTTP_PROXY%"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTPS_PROXY
+  target:
+    objref:
+      kind: Secret
+      name: ephemeral-bmc-secret
+    fieldrefs: ["stringData.userData%REPLACEMENT_HTTPS_PROXY%"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.NO_PROXY
+  target:
+    objref:
+      kind: Secret
+      name: ephemeral-bmc-secret
+    fieldrefs: ["stringData.userData%REPLACEMENT_NO_PROXY%"]

manifests/function/ephemeral/replacements/kustomization.yaml

@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ephemeral-env-vars.yaml

manifests/function/ephemeral/secret.yaml

@@ -4,7 +4,7 @@ metadata:
   labels:
     airshipit.org/ephemeral-user-data: "true"
     airshipit.org/deploy-k8s: "false"
-  name: node1-bmc-secret
+  name: ephemeral-bmc-secret
 type: Opaque
 stringData:
   userData: |
@@ -28,6 +28,12 @@ stringData:
       EOF
     - sysctl --system
     - swapoff -a
+    - export HTTP_PROXY=REPLACEMENT_HTTP_PROXY
+    - export HTTPS_PROXY=REPLACEMENT_HTTPS_PROXY
+    - export http_proxy=${HTTP_PROXY}
+    - export https_proxy=${HTTPS_PROXY}
+    - export NO_PROXY=REPLACEMENT_NO_PROXY
+    - export no_proxy=${NO_PROXY}
     - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
     - curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
     - echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee -a /etc/apt/sources.list
@@ -40,9 +46,18 @@ stringData:
         containerd.io
     - apt install -y kubelet=1.18.6-00 kubeadm=1.18.6-00 kubectl=1.18.6-00
     - apt-mark hold docker-ce docker-ce-cli containerd.io kubelet kubeadm kubectl
+    - unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY
     - kubeadm init --config /tmp/kubeadm.yaml
     - mkdir -p /opt/metal3-dev-env/ironic/html/images
     write_files:
+    - path: /etc/systemd/system/docker.service.d/http-proxy.conf
+      permissions: '0644'
+      owner: root:root
+      content: |
+        [Service]
+        Environment="HTTP_PROXY=REPLACEMENT_HTTP_PROXY"
+        Environment="HTTPS_PROXY=REPLACEMENT_HTTPS_PROXY"
+        Environment="NO_PROXY=REPLACEMENT_NO_PROXY"
     - content: |
         apiVersion: v1
         clusters:

manifests/site/test-site/ephemeral/bootstrap/kustomization.yaml

@@ -2,9 +2,14 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - ../../../../type/gating
+  - ../../../../function/airshipctl-catalogues
 
 generators:
   - hostgenerator
+  - ../../../../function/airshipctl-catalogues
 
 patchesStrategicMerge:
   - baremetalhost.yaml
+
+transformers:
+  - ../../../../function/ephemeral/replacements

manifests/site/test-site/ephemeral/controlplane/kustomization.yaml

@@ -6,7 +6,12 @@ resources:
   - nodes
   - ../../../../function/airshipctl-catalogues
   - ../../../../function/k8scontrol
+
 patchesStrategicMerge:
   - versions-catalogue-patch.yaml
+
+generators:
+  - ../../../../function/airshipctl-catalogues
+
 transformers:
   - ../../../../function/k8scontrol/replacements

manifests/site/test-site/ephemeral/initinfra/kustomization.yaml

@@ -3,9 +3,15 @@ resources:
   - ../../../../function/clusterctl
   - ../../../../function/airshipctl-catalogues
   - ../../../../function/baremetal-operator
+
 patchesStrategicMerge:
   - patch_bmo_config.yaml
+
 commonLabels:
   airshipit.org/stage: initinfra
+
+generators:
+  - ../../../../function/airshipctl-catalogues
+
 transformers:
   - ../../../../function/baremetal-operator/replacements

manifests/site/test-site/target/controlplane/kustomization.yaml

@@ -5,7 +5,12 @@ resources:
   # otherwise nodes will hang in 'registering' state for quite a long time
   - nodes
   - ../../../../function/k8scontrol
+
 patchesStrategicMerge:
   - control-machine-template-patch.yaml
+
 commonLabels:
   airshipit.org/stage: initinfra
+
+generators:
+  - ../../../../function/airshipctl-catalogues

manifests/site/test-site/target/initinfra/kustomization.yaml

@@ -4,9 +4,15 @@ resources:
   - ../../../../function/airshipctl-catalogues
   - ../../../../function/baremetal-operator
   - ../../../../function/helm-operator
+
 patchesStrategicMerge:
   - patch_bmo_config.yaml
+
 commonLabels:
   airshipit.org/stage: initinfra
+
+generators:
+  - ../../../../function/airshipctl-catalogues
+
 transformers:
   - ../../../../function/baremetal-operator/replacements