ci/helm: using provisioning code for azure

same as previous commit

Signed-off-by: Beraldo Leal <[email protected]>

Author: beraldoleal

.github/workflows/azure-e2e-test.yml

@@ -19,6 +19,11 @@ on:
       podvm-image-id:
         type: string
         description: prebuilt podvm image
+      install_method:
+        default: 'kustomize'
+        description: Installation method. Either kustomize or helm.
+        required: false
+        type: string
     secrets:
       AZURE_CLIENT_ID:
         required: true
@@ -32,6 +37,11 @@ on:
       podvm-image-id:
         type: string
         description: prebuilt podvm image
+      install_method:
+        default: 'kustomize'
+        description: Installation method. Either kustomize or helm.
+        required: false
+        type: string
 
 jobs:
   build-caa-container-image:
@@ -211,11 +221,24 @@ jobs:
         sudo apt-get install -y sipcalc
 
     - name: Install kustomize
+      if: ${{ inputs.install_method == 'kustomize' }}
       run: |
         command -v kustomize >/dev/null || \
         curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | \
           sudo bash -s /usr/local/bin
 
+    - name: Install Helm
+      if: ${{ inputs.install_method == 'helm' }}
+      run: |
+        HELM_VERSION="$(yq -e '.tools.helm.version' versions.yaml)"
+        HELM_CHECKSUM="$(yq -e '.tools.helm.sha256' versions.yaml)"
+        curl -fsSL -o helm.tar.gz "https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz"
+        echo "${HELM_CHECKSUM}  helm.tar.gz" | sha256sum --check --strict
+        tar -xzf helm.tar.gz
+        sudo mv linux-amd64/helm /usr/local/bin/helm
+        rm -rf helm.tar.gz linux-amd64
+        helm version
+
     - name: Restore the configuration created before
       uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
       with:
@@ -246,6 +269,48 @@ jobs:
         AZURE_SUBNET_ID="$subnet_id"
         EOF
 
+        # Export for helm values step
+        echo "AZURE_SUBNET_ID=$subnet_id" >> "$GITHUB_ENV"
+
+    - name: Create helm values file
+      if: ${{ inputs.install_method == 'helm' }}
+      env:
+        CAA_IMAGE: "${{ needs.build-caa-container-image.outputs.caa-image }}"
+        AZURE_IMAGE_ID: "${{ inputs.podvm-image-id }}"
+        AZURE_INSTANCE_SIZE: "${{ matrix.parameters.machine_type }}"
+        AZURE_SUBSCRIPTION_ID: "${{ secrets.AZURE_SUBSCRIPTION_ID }}"
+        AZURE_CLIENT_ID: "${{ secrets.AZURE_CLIENT_ID }}"
+      run: |
+        CAA_IMAGE_TAG="${CAA_IMAGE##*:}"
+        CAA_IMAGE_NAME="${CAA_IMAGE%:*}"
+
+        cat <<EOF > helm-values.yaml
+        image:
+          name: "${CAA_IMAGE_NAME}"
+          tag: "${CAA_IMAGE_TAG}"
+        providerConfigs:
+          azure:
+            AZURE_SUBSCRIPTION_ID: "${AZURE_SUBSCRIPTION_ID}"
+            AZURE_REGION: "${LOCATION}"
+            AZURE_RESOURCE_GROUP: "${RG_NAME}"
+            AZURE_IMAGE_ID: "${AZURE_IMAGE_ID}"
+            AZURE_INSTANCE_SIZE: "${AZURE_INSTANCE_SIZE}"
+            AZURE_SUBNET_ID: "${AZURE_SUBNET_ID}"
+        providerSecrets:
+          azure:
+            AZURE_CLIENT_ID: "${AZURE_CLIENT_ID}"
+        EOF
+
+        echo "HELM_VALUES_FILES=$PWD/install/charts/peerpods/providers/azure.yaml,$PWD/helm-values.yaml" >> "$GITHUB_ENV"
+
+        # For debugging (without secrets)
+        echo "::group::helm-values.yaml (structure only)"
+        echo "image.name: ${CAA_IMAGE_NAME}"
+        echo "image.tag: ${CAA_IMAGE_TAG}"
+        echo "providerConfigs.azure: (subscription, region, resource group, image, instance size, subnet)"
+        echo "providerSecrets.azure: (client id)"
+        echo "::endgroup::"
+
     - name: Checkout KBS Repository
       run: test/utils/checkout_kbs.sh
 
@@ -254,6 +319,7 @@ jobs:
       env:
         TEST_PROVISION: "no"
         DEPLOY_KBS: "yes"
+        INSTALL_METHOD: "${{ inputs.install_method }}"
         CUSTOM_PCCS_URL: "https://global.acccache.azure.net/sgx/certification/v4"
         CLUSTER_NAME: "${{ format(env.CLUSTER_NAME_TEMPLATE, matrix.parameters.id) }}"
       run: |

src/cloud-api-adaptor/test/provisioner/azure/provision_common.go

@@ -367,8 +367,18 @@ func getPropertiesImpl() map[string]string {
 }
 
 func (p *AzureCloudProvisioner) GetProvisionValues() map[string]interface{} {
-	// TODO: implement properly
-	return nil
+	// SubnetID is discovered from the AKS VNET during CreateCluster.
+	if AzureProps.SubnetID == "" {
+		return nil
+	}
+
+	return map[string]interface{}{
+		"providerConfigs": map[string]interface{}{
+			"azure": map[string]interface{}{
+				"AZURE_SUBNET_ID": AzureProps.SubnetID,
+			},
+		},
+	}
 }
 
 func (p *AzureCloudProvisioner) GetProperties(ctx context.Context, cfg *envconf.Config) map[string]string {

src/cloud-api-adaptor/test/provisioner/azure/provision_self_mgr.go

@@ -34,8 +34,18 @@ func (p *AzureSelfManagedClusterProvisioner) UploadPodvm(imagePath string, ctx c
 }
 
 func (p *AzureSelfManagedClusterProvisioner) GetProvisionValues() map[string]interface{} {
-	// TODO: implement properly
-	return nil
+	// SubnetID is discovered from the AKS VNET during CreateCluster.
+	if AzureProps.SubnetID == "" {
+		return nil
+	}
+
+	return map[string]interface{}{
+		"providerConfigs": map[string]interface{}{
+			"azure": map[string]interface{}{
+				"AZURE_SUBNET_ID": AzureProps.SubnetID,
+			},
+		},
+	}
 }
 
 func (p *AzureSelfManagedClusterProvisioner) GetProperties(ctx context.Context, cfg *envconf.Config) map[string]string {