[patch] GitOps - add rhoai support to CLI

.secrets.baseline

@@ -349,6 +349,16 @@
         "verified_result": null
       }
     ],
+    "image/cli/mascli/functions/gitops_deprovision_rhoai": [
+      {
+        "hashed_secret": "b2817467154949a61f8e9ad31d1eeaf03221cbfa",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 188,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
     "image/cli/mascli/functions/gitops_dro": [
       {
         "hashed_secret": "b2817467154949a61f8e9ad31d1eeaf03221cbfa",

image/cli/mascli/functions/gitops

@@ -34,6 +34,7 @@ function gitops() {
   echo "  ${COLOR_YELLOW}mas gitops-efs-csi-driver${TEXT_RESET}                       Deploy AWS EFS CSI driver"
   echo "  ${COLOR_YELLOW}mas gitops-dro${TEXT_RESET}                                  Deploy IBM Data Reporter Operator"
   echo "  ${COLOR_YELLOW}mas gitops-odh${TEXT_RESET}                                  Deploy Open Data Hub for AI/ML workloads"
+  echo "  ${COLOR_YELLOW}mas gitops-rhoai${TEXT_RESET}                                Deploy Red Hat Openshift AI for AI/ML workloads"
   echo "  ${COLOR_YELLOW}mas gitops-nvidia-gpu${TEXT_RESET}                           Configure NVIDIA GPU operator for AI workloads"
   echo ""
   echo "${COLOR_CYAN}GitOps MAS Core:${TEXT_RESET}"
@@ -68,6 +69,7 @@ function gitops() {
   echo "  ${COLOR_YELLOW}mas gitops-deprovision-cp4d-service${TEXT_RESET}             Remove Cloud Pak for Data services"
   echo "  ${COLOR_YELLOW}mas gitops-deprovision-efs${TEXT_RESET}                      Remove AWS EFS configuration"
   echo "  ${COLOR_YELLOW}mas gitops-deprovision-odh${TEXT_RESET}                      Remove Open Data Hub"
+  echo "  ${COLOR_YELLOW}mas gitops-deprovision-rhoai${TEXT_RESET}                    Remove Red Hat Openshift AI"
   echo "  ${COLOR_YELLOW}mas gitops-deprovision-aiservice${TEXT_RESET}                Remove Maximo AI Service"
   echo "  ${COLOR_YELLOW}mas gitops-deprovision-aiservice-tenant${TEXT_RESET}         Remove AI Service tenant"
   echo "  ${COLOR_YELLOW}mas gitops-deprovision-cluster${TEXT_RESET}                  Remove cluster-level GitOps resources"

image/cli/mascli/functions/gitops_deprovision_rhoai

@@ -0,0 +1,306 @@
+#!/usr/bin/env bash
+
+function gitops_deprovision_rhoai_help() {
+  [[ -n "$1" ]] && echo_warning "$1"
+  reset_colors
+  cat << EOM
+
+
+Usage:
+  mas gitops_deprovision_rhoai [options]
+Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable.
+When no options are specified on the command line, interactive-mode will be enabled by default.
+
+GitOps Configuration:
+  -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET}         Directory for GitOps repository
+  -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET}          Account name that the cluster belongs to
+  -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET}          Cluster ID
+
+  -i, --aiservice-instance-id ${COLOR_YELLOW}AISERVICE_INSTANCE_ID${TEXT_RESET}                             AI Service instance ID  
+      --sm-aws-secret-region ${TEXT_RESET}SM_AWS_REGION${TEXT_RESET}                                         AWS Region
+      --sm-aws-access-key ${TEXT_RESET}SM_AWS_ACCESS_KEY${TEXT_RESET}                                        AWS Access key ID
+      --sm-aws-secret-key ${TEXT_RESET}SM_AWS_SECRET_ACCESS_KEY${TEXT_RESET}                                 AWS Secreat Access key ID
+
+
+Secrets Manager:
+      --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET}                                              Secrets Manager path
+      --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET}                            Secrets Manager key seperator string
+
+Target Cluster (Optional):
+      --cluster-url ${COLOR_YELLOW}CLUSTER_URL${TEXT_RESET}       Set to target a remote Kubernetes cluster (defaults to 'https://kubernetes.default.svc')
+
+
+Automatic GitHub Push (Optional):
+  -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET}        Enable automatic push to GitHub
+  -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET}        GitHub Hostname for your GitOps repository
+  -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET}          Github org for your GitOps repository
+  -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET}        Github repo for your GitOps repository
+  -S, --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET}             Git ssh key path
+  -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET}          Git branch to commit to of your GitOps repository
+  -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET}  Git commit message to use when committing to of your GitOps repository
+
+Other Commands:
+      -h, --help     Show this help message
+EOM
+  [[ -n "$1" ]] && exit 1 || exit 0
+}
+
+function gitops_deprovision_rhoai_noninteractive() {
+  GITOPS_WORKING_DIR=$PWD/working-dir  
+  SECRETS_KEY_SEPERATOR="/"
+  GIT_COMMIT_MSG="gitops-deprovision-rhoai commit"
+  export REGION_ID=${REGION_ID:-${SM_AWS_REGION}}
+  export CLUSTER_URL=${CLUSTER_URL:-"https://kubernetes.default.svc"}
+
+  while [[ $# -gt 0 ]]
+  do
+    key="$1"
+    shift
+    case $key in
+      # GitOps Configuration
+      -d|--dir)
+        export GITOPS_WORKING_DIR=$1 && shift
+        ;;
+      -a|--account-id)
+        export ACCOUNT_ID=$1 && shift
+        ;;
+      -c|--cluster-id)
+        export CLUSTER_ID=$1 && shift
+        ;;
+
+      # Target Cluster (Optional)
+      --cluster-url)
+        export CLUSTER_URL=$1 && shift
+        ;;
+      --secrets-key-seperator)
+        export SECRETS_KEY_SEPERATOR=$1 && shift
+        ;;
+      # AWS Secrets Manager Configuration
+      --sm-aws-secret-region)
+        export SM_AWS_REGION=$1
+        export REGION_ID=$1
+        shift
+        ;;
+      --sm-aws-access-key)
+        export SM_AWS_ACCESS_KEY_ID=$1 && shift
+        ;;
+      --sm-aws-secret-key)
+        export SM_AWS_SECRET_ACCESS_KEY=$1 && shift
+        ;;
+      --secrets-path)
+        export SECRETS_PATH=$1 && shift
+        ;;
+      --aiservice-instance-id)
+        export AISERVICE_INSTANCE_ID=$1 && shift
+        ;;
+      # Automatic GitHub Push
+      -P|--github-push)
+        export GITHUB_PUSH=true
+        ;;
+      -H|--github-host)
+        export GITHUB_HOST=$1 && shift
+        ;;
+      -O|--github-org)
+        export GITHUB_ORG=$1 && shift
+        ;;
+      -R|--github-repo)
+        export GITHUB_REPO=$1 && shift
+        ;;
+      -S|--github-ssh)
+        export GIT_SSH=$1 && shift
+        ;;
+      -B|--git-branch)
+        export GIT_BRANCH=$1 && shift
+        ;;
+      -M|--git-commit-msg)
+        export GIT_COMMIT_MSG=$1 && shift
+        ;;
+
+      # Other Commands
+      -h|--help)
+        gitops_deprovision_rhoai_help
+        ;;
+      *)
+        # unknown option
+        echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n"
+        gitops_deprovision_rhoai_help  "Usage Error: Unsupported option \"${key}\" "
+        exit 1
+        ;;
+      esac
+  done
+
+
+  [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_deprovision_rhoai_help "GITOPS_WORKING_DIR is not set"
+  [[ -z "$ACCOUNT_ID" ]] && gitops_deprovision_rhoai_help "ACCOUNT_ID is not set"
+  [[ -z "$CLUSTER_ID" ]] && gitops_deprovision_rhoai_help "CLUSTER_ID is not set"
+  [[ -z "$REGION_ID" && -z "$SM_AWS_REGION" ]] && gitops_deprovision_rhoai_help "REGION_ID or SM_AWS_REGION is not set"
+  [[ -z "$CLUSTER_URL" ]] && gitops_deprovision_rhoai_help "CLUSTER_URL is not set"
+
+
+  if [[ "$GITHUB_PUSH" == "true" ]]; then
+    [[ -z "$GITHUB_HOST" ]] && gitops_deprovision_rhoai_help "GITHUB_HOST is not set"
+    [[ -z "$GITHUB_ORG" ]] && gitops_deprovision_rhoai_help "GITHUB_ORG is not set"
+    [[ -z "$GITHUB_REPO" ]] && gitops_deprovision_rhoai_help "GITHUB_REPO is not set"
+    [[ -z "$GIT_BRANCH" ]] && gitops_deprovision_rhoai_help "GIT_BRANCH is not set"
+  fi
+
+  [[ -z "$AISERVICE_INSTANCE_ID" ]] && gitops_deprovision_rhoai_help "AISERVICE_INSTANCE_ID is not set. Please specify the AI Service instance ID using --aiservice_instance_id."
+}
+
+function gitops_deprovision_rhoai() {
+  # Take the first parameter off (it will be create-gitops)
+  shift
+  if [[ $# -gt 0 ]]; then
+    gitops_deprovision_rhoai_noninteractive "$@"
+  else
+    echo "Not supported yet"
+    exit 1
+    gitops_deprovision_rhoai_interactive
+  fi
+
+  # catch errors
+  set -o pipefail
+  trap 'echo "[ERROR] Error occurred at $BASH_SOURCE, line $LINENO, exited with $?"; exit 1' ERR
+
+  mkdir -p ${GITOPS_WORKING_DIR}
+  GITOPS_CLUSTER_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${CLUSTER_ID}/${AISERVICE_INSTANCE_ID}
+
+
+
+  echo
+  reset_colors
+  echo_h2 "Review Settings"
+
+  echo "${TEXT_DIM}"
+  echo_h2 "Target" 
+  echo_reset_dim "Account ID ..................... ${COLOR_MAGENTA}${ACCOUNT_ID}"
+  echo_reset_dim "Region ID ...................... ${COLOR_MAGENTA}${REGION_ID}"
+  echo_reset_dim "Cluster ID ..................... ${COLOR_MAGENTA}${CLUSTER_ID}"
+  echo_reset_dim "Cluster URL .................... ${COLOR_MAGENTA}${CLUSTER_URL}"
+
+  echo_reset_dim "Cluster Config Directory ....... ${COLOR_MAGENTA}${GITOPS_CLUSTER_DIR}"
+  reset_colors
+
+  echo "${TEXT_DIM}"
+  echo_h2 "AWS Secrets Manager" "    "
+  echo_reset_dim "Region ......................... ${COLOR_MAGENTA}${SM_AWS_REGION}"
+  echo_reset_dim "Secret Key ..................... ${COLOR_MAGENTA}${SM_AWS_ACCESS_KEY_ID:0:4}<snip>"
+  echo_reset_dim "Access Key ..................... ${COLOR_MAGENTA}${SM_AWS_SECRET_ACCESS_KEY:0:4}<snip>"
+  echo_reset_dim "Secrets Path ................... ${COLOR_MAGENTA}${SECRETS_PATH}"
+  reset_colors
+
+  echo "${TEXT_DIM}"
+  if [[ "$GITHUB_PUSH" == "true" ]]; then
+    echo_h2 "GitOps Target" "    "
+    echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled"
+    echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}"
+    echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}"
+    echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}"
+    echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}"
+    echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}"
+  else
+    echo_h2 "GitOps Target" "    "
+    echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled"
+    echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}"
+  fi
+  reset_colors
+
+  # echo all the variables of gitops envs
+  echo_reset_dim "AI Service Instance ID ................. ${COLOR_MAGENTA}${AISERVICE_INSTANCE_ID}" 
+
+  #secrets path in aws 
+
+  export SECRET_NAME_STORAGE_AUTH=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}s3
+  export SECRET_KEY_IMAGE_PULL_SECRET_B64=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}ibm_entitlement
+
+
+  echo -e "login aws"
+
+  AVP_TYPE=aws
+  sm_login
+
+
+  export OCP_SECRET_NAME=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}ocp_login
+  export OAUTH_ADMIN_USERNAME=$(sm_get_secret_value "$OCP_SECRET_NAME" "OAUTH_ADMIN_USERNAME")
+  export OAUTH_ADMIN_PWD=$(sm_get_secret_value "$OCP_SECRET_NAME" "OAUTH_ADMIN_PWD")
+  export OCP_DISABLE_TLS_VERIFY=$(sm_get_secret_value "$OCP_SECRET_NAME" "OCP_DISABLE_TLS_VERIFY")
+  echo "TLS verification is : $OCP_DISABLE_TLS_VERIFY"
+
+
+   echo "${TEXT_DIM}"
+   echo_h2 "Deleting rhoai related secrets"
+
+  deleting secreats from aws
+   echo -e "Deleting secreat $SECRET_NAME_STORAGE_AUTH"
+   sm_delete_secret $SECRET_NAME_STORAGE_AUTH
+   echo -e "Deleting image pull secreat $SECRET_KEY_IMAGE_PULL_SECRET_B64"
+   sm_delete_secret $SECRET_KEY_IMAGE_PULL_SECRET_B64
+
+
+   if [ -z $GIT_SSH ]; then
+    export GIT_SSH="false"
+  fi
+
+ #Clone github target repo
+ # ---------------------------------------------------------------------------
+  if [ "$GITHUB_PUSH" == "true" ]; then
+   echo
+   echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO"
+   clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH
+  fi
+
+
+  echo "Deleting: ${GITOPS_CLUSTER_DIR}/ibm-mas-rhoai-install.yaml"
+  rm -rf ${GITOPS_CLUSTER_DIR}/ibm-mas-rhoai-install.yaml
+
+  if [ "$GITHUB_PUSH" == "true" ]; then
+    echo
+    echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO"
+    save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH "${GITOPS_WORKING_DIR}/${GITHUB_REPO}" "${GIT_COMMIT_MSG}"
+    cd /tmp || { echo "Failed to cd to /tmp"; exit 1; }
+    remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO
+
+    echo "Sleeping for 15 minutes to allow ArgoCD to sync and apply changes..."
+    sleep 900
+  fi
+
+
+  echo "PWD before login: $(pwd)"
+  oc login $CLUSTER_URL -u $OAUTH_ADMIN_USERNAME -p $OAUTH_ADMIN_PWD --insecure-skip-tls-verify=$OCP_DISABLE_TLS_VERIFY
+
+  echo "Successfully logged in to OpenShift."
+
+  namespace="openshift-operators"
+  subs_to_check=("authorino-operator" "servicemeshoperator")
+
+  echo "Checking for Subscriptions in namespace '$namespace'..."
+
+  subscriptions_exist=false
+
+  # Initial check
+  for sub in "${subs_to_check[@]}"; do
+    if oc get subscription "$sub" -n "$namespace" &>/dev/null; then
+      echo "Subscription '$sub' is still present."
+      subscriptions_exist=true
+    else
+      echo "Subscription '$sub' is not present."
+    fi
+  done
+
+  # If any subscription is present, wait 5 minutes
+  if [ "$subscriptions_exist" = true ]; then
+    echo "subscription is present. Waiting 5 minutes before proceeding..."
+    sleep 300  # 5 minutes
+  fi
+
+
+  if [ "$subscriptions_exist" = false ]; then
+    echo "All subscriptions deleted. Proceeding to delete CSVs..."
+    oc delete $(oc get csv -n "$namespace" -o name | grep -E 'authorino-operator|servicemeshoperator') -n "$namespace" --wait=true --timeout=5m 2>/dev/null
+    echo "CSV cleanup completed."
+  else
+    echo "Subscriptions still present after waiting. Skipping CSV deletion."
+  fi
+
+
+  }

image/cli/mascli/functions/gitops_odh

@@ -106,6 +106,7 @@ function gitops_odh_noninteractive() {
 
 
 
+  export ODH_ACTION="${ODH_ACTION:-"install"}"
   export OPENSHIFT_NAMESPACE="${OPENSHIFT_NAMESPACE:-"openshift-operators"}"
   export ODH_PIPELINE_CHANNEL="${ODH_PIPELINE_CHANNEL:-"latest"}"
   export ODH_PIPELINE_INSTALLPLAN="${ODH_PIPELINE_INSTALLPLAN:-"manual"}"