Azure · ross-bryan · Jun 17, 2022 · Jun 10, 2022 · Jun 10, 2022 · Jun 10, 2022
@@ -30,3 +30,5 @@ gomock_reflect_*
 /portal/v1/node_modules/
 /portal/v2/node_modules/
 .idea*
+/hack/hive-config/crds
+/hack/hive-config/hive-deployment.yaml
@@ -0,0 +1,37 @@
+# Hive
+
+## Version
+
+Replace the HIVE_IMAGE define with the latest version of the Hive image in the hack/hive-generate-config.sh file and update the HIVE_IMAGE_COMMIT_HASH define to the commit sha the image was built from. This ensures we use the correct config files for the version we are using.
+
+## Generating config
+
+In order to generate config for a dev environment you need to ensure you have the correct `LOCATION` set in your env file. Once this is done you can simple run the config generation script.
+
+```bash
+# source your environment file
+. ./env
+# run the config generation
+./hack/hive-generate-config.sh
+```
+
+This will download the latest source, reset to the hash specified in HIVE_IMAGE_COMMIT_HASH and build the config using kustomise.
+
+## Installing
+
+Ensure you have the latest AKS kubefig:
+```bash
+# get the AKS kubeconfig
+make aks.config
+```
+
+Set KUBECONFIG to the aks.kubeconfig file, for example:
+```bash
+export KUBECONFIG="$(pwd)/aks.kubeconfig"
+```
+
+Installing then simply requires the running of the install script.
+
+```bash
+./hack/hive-dev-install.sh
+```
@@ -0,0 +1,6 @@
+apiVersion: hive.openshift.io/v1
+kind: ClusterImageSet
+metadata:
+  name: openshift-v4.10.15
+spec:
+  releaseImage: quay.io/openshift-release-dev/ocp-release@sha256:ddcb70ce04a01ce487c0f4ad769e9e36a10c8c832a34307c1b1eb8e03a5b7ddb
@@ -0,0 +1,15 @@
+apiVersion: hive.openshift.io/v1
+kind: HiveConfig
+metadata:
+  name: hive
+spec:
+  logLevel: debug
+  targetNamespace: HIVE_OPERATOR_NS
+  deleteProtection: enabled
+  disabledControllers:
+  - remoteingress
+  failedProvisionConfig:
+    retryReasons:
+    - UnknownError
+  globalPullSecretRef:
+    name: hive-global-pull-secret
@@ -0,0 +1,80 @@
+#!/bin/bash
+
+HIVE_OPERATOR_NS="hive"
+KUBECTL=$( which kubectl 2> /dev/null || which oc 2> /dev/null)
+
+function cleanup {
+	[ -f "$(pwd)/kubectl" ] && rm -f "$(pwd)/kubectl"
+}
+
+function download_tmp_kubectl {
+	curl -sLO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+	if [ $? -ne 0 ]; then
+		echo ": error downloading kubectl"
+		exit
+	fi
+	chmod 755 kubectl
+	KUBECTL="$(pwd)/kubectl"
+}
+
+function verify_tools {
+	if [ ! -z "$KUBECTL" ]; then
+		return
+	fi
+	echo -n "kubectl or oc not detected, downloading"
+	download_tmp_kubectl
+	echo ", done."
+
+	if [ $( $KUBECTL get nodes 2>/dev/null | wc -l ) -eq 0 ]; then
+		echo "unable to connect to the cluster"
+		exit
+	fi
+}
+
+set -e
+trap cleanup EXIT
+
+if [ ! -f go.mod ] || [ ! -d ".git" ]; then
+	echo "this script must by run from the repo's root directory"
+	exit 1
+fi
+
+if [ ! -f "./hack/hive-config/hive-deployment.yaml" ] || [ ! -d "././hack/hive-config/crds" ] ; then
+	echo "hive config is missing, generating config, please rerun this script afterwards"
+	./hack/hive-generate-config.sh
+	if [ $? -ne 0 ]; then
+		echo "error generating the hive configs"
+		exit 1
+	fi
+fi
+
+if [ -z "$PULL_SECRET" ]; then
+	echo "global pull secret variable required, please source ./env"
+	exit
+fi
+
+verify_tools
+
+if [ $( $KUBECTL get namespace $HIVE_OPERATOR_NS -oyaml 2>/dev/null | wc -l ) -ne 0 ]; then
+	echo "hive is already installed in the namespace"
+	echo -n "would you like to reapply the configs? (y/N): "
+	read answer
+	if [[ "$answer" != "y" ]]; then
+		exit
+	fi
+else
+	$KUBECTL create namespace $HIVE_OPERATOR_NS
+fi
+
+$KUBECTL apply -f ./hack/hive-config/crds
+$KUBECTL apply -f ./hack/hive-config/hive-deployment.yaml
+$KUBECTL apply -f ./hack/hive-config/cluster-image-sets
+
+echo "$PULL_SECRET" > /tmp/.tmp-secret
+# Using dry-run allows updates to work seamlessly
+$KUBECTL create secret generic hive-global-pull-secret --from-file=.dockerconfigjson=/tmp/.tmp-secret --type=kubernetes.io/dockerconfigjson --namespace $HIVE_OPERATOR_NS -oyaml --dry-run=client | $KUBECTL apply -f - 2>/dev/null
+rm -f /tmp/.tmp-secret
+
+sed "s/HIVE_OPERATOR_NS/$HIVE_OPERATOR_NS/g" hack/hive-config/hive-config.yaml | $KUBECTL apply -f -
+
+echo -e "\nHive is installed."
@@ -0,0 +1,94 @@
+#!/bin/bash
+
+# For now we'll use the quay hive image, but this will change to an ACR once the quay.io -> ACR mirroring is setup
+# Note: semi-scientific way to get the latest image: `podman search --list-tags --limit 10000 quay.io/app-sre/hive | tail -n1`
+HIVE_IMAGE="quay.io/app-sre/hive:86bd8fc"
+
+# This is the commit sha that the above image was built from and ensures we use the correct configs for the release
+HIVE_IMAGE_COMMIT_HASH=86bd8fc5a
+
+HIVE_OPERATOR_NS="hive"
+
+# This version is specified in the hive repo and is the only hard dependency for this script
+# https://github.com/openshift/hive/blob/master/vendor/github.com/openshift/build-machinery-go/make/targets/openshift/kustomize.mk#L7
+KUSTOMIZE_VERSION=4.1.3
+KUSTOMIZE=$( which kustomize 2>/dev/null )
+TMPDIR=$( mktemp -d )
+
+function cleanup {
+	popd >& /dev/null
+	[ -d "$TMPDIR" ] && rm -fr "$TMPDIR"
+}
+
+function verify_kustomize {
+	if [ ! -z "$KUSTOMIZE" ]; then
+		return
+	fi
+	echo -n "kustomize not detected, downloading "
+	curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/kustomize/v${KUSTOMIZE_VERSION}/hack/install_kustomize.sh" | bash -s "$KUSTOMIZE_VERSION" "$TMPDIR"
+	if [ $? -ne 0 ]; then
+		echo "error downloading kustomize"
+		exit
+	fi
+	KUSTOMIZE="${TMPDIR}/kustomize"
+}
+
+function hive_repo_clone {
+	echo -n "Cloning hive repo into tmp for config generation"
+	CLONE_ERROR=$(git clone https://github.com/openshift/hive.git "$TMPDIR" 2>/dev/null )
+	if [ $? -ne 0 ]; then
+		echo ": error cloning the hive repo: ${CLONE_ERROR}"
+		exit
+	fi
+	echo ", done."
+}
+
+function hive_repo_hash_checkout {
+	git reset --hard $HIVE_IMAGE_COMMIT_HASH
+	if [ $? -ne 0 ] || [[ $( git rev-parse --short=${#HIVE_IMAGE_COMMIT_HASH} HEAD ) != ${HIVE_IMAGE_COMMIT_HASH} ]]; then
+		echo "error resetting the hive repo to the correct git hash '${HIVE_IMAGE_COMMIT_HASH}'"
+		exit
+	fi
+}
+
+function generate_hive_config {
+	# Create the hive operator install config using kustomize
+	mkdir -p overlays/deploy
+	cp overlays/template/kustomization.yaml overlays/deploy
+	pushd overlays/deploy >& /dev/null
+	$KUSTOMIZE edit set image registry.ci.openshift.org/openshift/hive-v4.0:hive=$HIVE_IMAGE
+	$KUSTOMIZE edit set namespace $HIVE_OPERATOR_NS
+	popd >& /dev/null
+
+	$KUSTOMIZE build overlays/deploy > hive-deployment.yaml
+	popd >& /dev/null
+
+	mv "$TMPDIR/hive-deployment.yaml" ./hack/hive-config/
+
+	if [ -d ./hack/hive-config/crds ]; then
+		rm -fr ./hack/hive-config/crds
+	fi
+	cp -R "$TMPDIR/config/crds" ./hack/hive-config/
+}
+
+set -e
+trap cleanup EXIT
+
+if [ ! -f go.mod ] || [ ! -d ".git" ]; then
+	echo "this script must by run from the repo root directory"
+	exit 1
+fi
+if [[ ! "$TMPDIR" || ! -d "$TMPDIR" ]]; then
+	echo "could not create temp working dir"
+	exit 1
+fi
+
+hive_repo_clone
+
+pushd $TMPDIR >& /dev/null
+hive_repo_hash_checkout
+
+verify_kustomize
+generate_hive_config
+
+echo -e "\nHive config generated."