Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make azure credentials optional in manager deployment #1445

Merged

Conversation

CecileRobertMichon
Copy link
Contributor

What type of PR is this?

What this PR does / why we need it: Following up on #1386 and #977, this makes the Azure credentials environment variables optional in the infrastructure components yaml spec by defaulting the values to "". When not setting the environment variables in the manager, the user will need to specify an AzureClusterIdentity for each workload cluster.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:

  • this should be merged after Multitenancy for managed clusters #1386
    /hold
  • this requires envsubst to be used to install CAPZ components (which is already required due to EXP feature flags)
  • how can we make the UX better for new users who don't set manager variables and thus have to create an AzureClusterIdentity on their cluster ?

Please confirm that if this PR changes any image versions, then that's the sole change this PR makes.

TODOs:

  • squashed commits
  • includes documentation
  • adds unit tests

Release note:

Make azure credentials optional in manager deployment

@k8s-ci-robot k8s-ci-robot added do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. release-note Denotes a PR that will be considered when it comes time to generate release notes. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Jun 14, 2021
@k8s-ci-robot k8s-ci-robot added area/provider/azure Issues or PRs related to azure provider sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jun 14, 2021
@CecileRobertMichon
Copy link
Contributor Author

/assign @nader-ziada @devigned

Copy link
Contributor

@devigned devigned left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

Yay! One step closer to no creds in the controller.

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 14, 2021
@nader-ziada
Copy link
Contributor

should we wait until the issues with private cluster/dns thing is resolved?

@CecileRobertMichon
Copy link
Contributor Author

should we wait until the issues with private cluster/dns thing is resolved?

I don't think that's necessarily a blocker since it can still be used with creds, although it would be nice to figure out that one before the release. Is there a tracking issue for the dns issue?

@CecileRobertMichon
Copy link
Contributor Author

/hold cancel
/assign @nader-ziada

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 30, 2021
@nader-ziada
Copy link
Contributor

I was hoping for #1360 to get merged in first, but I guess the order doesn't really matter

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: nader-ziada

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 1, 2021
@nader-ziada
Copy link
Contributor

/test pull-cluster-api-provider-azure-e2e

@k8s-ci-robot k8s-ci-robot merged commit 2ac653f into kubernetes-sigs:master Jul 5, 2021
@CecileRobertMichon CecileRobertMichon deleted the make-creds-optional branch February 17, 2023 23:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/provider/azure Issues or PRs related to azure provider cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants