From fd677790896d7126e14004f59e2286cf3e66fead Mon Sep 17 00:00:00 2001 From: Bryan Cox Date: Wed, 7 Aug 2024 10:49:01 -0400 Subject: [PATCH] Add Azure MSI Env Var for ARO HCP For ARO HCP, we need to be able to override the authentication type to be MSI. For more information please see openshift/enhancements#1659. --- bindata/cloud-network-config-controller/managed/controller.yaml | 2 ++ pkg/network/cloud_network.go | 1 + 2 files changed, 3 insertions(+) diff --git a/bindata/cloud-network-config-controller/managed/controller.yaml b/bindata/cloud-network-config-controller/managed/controller.yaml index 744fb3e094..e8654917c3 100644 --- a/bindata/cloud-network-config-controller/managed/controller.yaml +++ b/bindata/cloud-network-config-controller/managed/controller.yaml @@ -91,6 +91,8 @@ spec: value: "{{.KubernetesServicePort}}" - name: KUBERNETES_SERVICE_HOST value: "{{.KubernetesServiceHost}}" + - name: AZURE_MSI_AUTHENTICATION + value: "{{.AzureMSIAuthentication}}" containers: # hosted-cluster-token creates a token with a custom path(/var/run/secrets/hosted_cluster/token) # The token path is included in the kubeconfig used by cncc containers to talk to the hosted clusters API server diff --git a/pkg/network/cloud_network.go b/pkg/network/cloud_network.go index 2ade9a29af..35ad94f021 100644 --- a/pkg/network/cloud_network.go +++ b/pkg/network/cloud_network.go @@ -98,6 +98,7 @@ func renderCloudNetworkConfigController(conf *operv1.NetworkSpec, bootstrapResul data.Data["HTTP_PROXY"] = os.Getenv("MGMT_HTTP_PROXY") data.Data["HTTPS_PROXY"] = os.Getenv("MGMT_HTTPS_PROXY") data.Data["NO_PROXY"] = os.Getenv("MGMT_NO_PROXY") + data.Data["AzureMSIAuthentication"] = os.Getenv("AZURE_MSI_AUTHENTICATION") caOverride.ObjectMeta = metav1.ObjectMeta{ Namespace: hcpCfg.Namespace, Name: "cloud-network-config-controller-kube-cloud-config",