From 51274dc931aec362940208f0651ed10e6363da4b Mon Sep 17 00:00:00 2001
From: Robert Vasek <robert.vasek@cern.ch>
Date: Fri, 6 Aug 2021 15:58:31 +0200
Subject: [PATCH] [cern] Add cert_manager_io_enabled and
 cert_manager_io_version labels

OS-14396
---
 .../kubernetes/fragments/write-heat-params-master.sh       | 1 +
 .../drivers/common/templates/kubernetes/helm/cern-chart.sh | 2 ++
 magnum/drivers/heat/k8s_fedora_template_def.py             | 3 ++-
 .../k8s_fedora_coreos_v1/templates/kubecluster.yaml        | 7 +++++++
 .../drivers/k8s_fedora_coreos_v1/templates/kubemaster.yaml | 7 +++++++
 5 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.sh b/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.sh
index 4f6e5ae07..1cf2a9ba6 100644
--- a/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.sh
+++ b/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.sh
@@ -77,6 +77,7 @@ DNS_SERVICE_IP="$DNS_SERVICE_IP"
 DNS_CLUSTER_DOMAIN="$DNS_CLUSTER_DOMAIN"
 CERT_MANAGER_API="$CERT_MANAGER_API"
 CA_KEY="$CA_KEY"
+CERT_MANAGER_IO_ENABLED="$CERT_MANAGER_IO_ENABLED"
 CALICO_TAG="$CALICO_TAG"
 CALICO_KUBE_CONTROLLERS_TAG="$CALICO_KUBE_CONTROLLERS_TAG"
 CALICO_IPV4POOL="$CALICO_IPV4POOL"
diff --git a/magnum/drivers/common/templates/kubernetes/helm/cern-chart.sh b/magnum/drivers/common/templates/kubernetes/helm/cern-chart.sh
index 0f958aca3..478f3a438 100644
--- a/magnum/drivers/common/templates/kubernetes/helm/cern-chart.sh
+++ b/magnum/drivers/common/templates/kubernetes/helm/cern-chart.sh
@@ -78,6 +78,8 @@ ${NVIDIA_GPU_VALUES}
       enabled: ${CINDER_CSI_ENABLED}
     openstack-manila-csi:
       enabled: ${MANILA_CSI_ENABLED}
+    cert-manager:
+      enabled: ${CERT_MANAGER_IO_ENABLED}
     base:
       enabled: ${CERN_ENABLED}
 EOF
diff --git a/magnum/drivers/heat/k8s_fedora_template_def.py b/magnum/drivers/heat/k8s_fedora_template_def.py
index bd88b78da..7afafec83 100644
--- a/magnum/drivers/heat/k8s_fedora_template_def.py
+++ b/magnum/drivers/heat/k8s_fedora_template_def.py
@@ -131,7 +131,8 @@ class K8sFedoraTemplateDefinition(k8s_template_def.K8sTemplateDefinition):
                       'nvidia_gpu_tag', 'cern_chart_enabled', 'cern_chart_version',
                       'oidc_issuer_url', 'oidc_username_claim', 'oidc_groups_claim',
                       'oidc_username_prefix', 'oidc_groups_prefix', 'oidc_client_id',
-                      'oidc_enabled', 'ignition_version', 'cern_chart_values']
+                      'oidc_enabled', 'ignition_version', 'cern_chart_values',
+                      'cert_manager_io_enabled']
 
         labels = self._get_relevant_labels(cluster, kwargs)
 
diff --git a/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml b/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml
index 80d9d9b14..df1149c21 100644
--- a/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml
+++ b/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml
@@ -561,6 +561,12 @@ parameters:
     default: ""
     hidden: true
 
+  cert_manager_io_enabled:
+    type: boolean
+    description: >
+      Indicates whether cert-manager.io plugin should be started.
+    default: false
+
   calico_tag:
     type: string
     description: tag of the calico containers used to provision the calico node
@@ -1287,6 +1293,7 @@ resources:
           availability_zone: {get_param: availability_zone}
           ca_key: {get_param: ca_key}
           cert_manager_api: {get_param: cert_manager_api}
+          cert_manager_io_enabled: {get_param: cert_manager_io_enabled}
           calico_tag: {get_param: calico_tag}
           calico_kube_controllers_tag: {get_param: calico_kube_controllers_tag}
           calico_ipv4pool: {get_param: calico_ipv4pool}
diff --git a/magnum/drivers/k8s_fedora_coreos_v1/templates/kubemaster.yaml b/magnum/drivers/k8s_fedora_coreos_v1/templates/kubemaster.yaml
index 587678ec1..a993eb8ba 100644
--- a/magnum/drivers/k8s_fedora_coreos_v1/templates/kubemaster.yaml
+++ b/magnum/drivers/k8s_fedora_coreos_v1/templates/kubemaster.yaml
@@ -371,6 +371,12 @@ parameters:
     type: string
     description: tag of the calico containers used to provision the calico node
 
+  cert_manager_io_enabled:
+    type: boolean
+    description: >
+      Indicates whether cert-manager.io plugin should be started.
+    default: false
+
   calico_kube_controllers_tag:
     type: string
     description: tag of the kube_controllers used to provision the calico node
@@ -946,6 +952,7 @@ resources:
                   "$DNS_CLUSTER_DOMAIN": {get_param: dns_cluster_domain}
                   "$CERT_MANAGER_API": {get_param: cert_manager_api}
                   "$CA_KEY": {get_param: ca_key}
+                  "$CERT_MANAGER_IO_ENABLED": {get_param: cert_manager_io_enabled}
                   "$CALICO_TAG": {get_param: calico_tag}
                   "$CALICO_KUBE_CONTROLLERS_TAG": {get_param: calico_kube_controllers_tag}
                   "$CALICO_IPV4POOL": {get_param: calico_ipv4pool}
-- 
GitLab