From 125b7c8a4491cfe45e2b1f448c04f15b62116aff Mon Sep 17 00:00:00 2001
From: Ekaterina Kazakova <eromanova@mirantis.com>
Date: Wed, 18 Dec 2024 20:08:24 +0400
Subject: [PATCH] Add AKS ManagedCluster and Credential yamls

---
 Makefile                                   |  4 ++++
 config/dev/aks-credentials.yaml            | 25 ++++++++++++++++++++++
 config/dev/aks-managedcluster.yaml         | 18 ++++++++++++++++
 internal/webhook/managedcluster_webhook.go |  3 ++-
 4 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 config/dev/aks-credentials.yaml
 create mode 100644 config/dev/aks-managedcluster.yaml

diff --git a/Makefile b/Makefile
index 561d85d38..ac87bb210 100644
--- a/Makefile
+++ b/Makefile
@@ -348,6 +348,10 @@ dev-vsphere-creds: envsubst
 
 dev-eks-creds: dev-aws-creds
 
+.PHONY: dev-aks-creds
+dev-aks-creds: envsubst
+	@NAMESPACE=$(NAMESPACE) $(ENVSUBST) -no-unset -i config/dev/aks-credentials.yaml | $(KUBECTL) apply -f -
+
 .PHONY: dev-apply ## Apply the development environment by deploying the kind cluster, local registry and the HMC helm chart.
 dev-apply: kind-deploy registry-deploy dev-push dev-deploy dev-templates dev-release
 
diff --git a/config/dev/aks-credentials.yaml b/config/dev/aks-credentials.yaml
new file mode 100644
index 000000000..0632111c6
--- /dev/null
+++ b/config/dev/aks-credentials.yaml
@@ -0,0 +1,25 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: azure-aks-credential
+  namespace: ${NAMESPACE}
+stringData:
+  AZURE_CLIENT_ID: "${AZURE_CLIENT_ID}"
+  AZURE_CLIENT_SECRET: "${AZURE_CLIENT_SECRET}"
+  AZURE_SUBSCRIPTION_ID: "${AZURE_SUBSCRIPTION_ID}"
+  AZURE_TENANT_ID: "${AZURE_TENANT_ID}"
+type: Opaque
+---
+apiVersion: hmc.mirantis.com/v1alpha1
+kind: Credential
+metadata:
+  name: azure-aks-credential
+  namespace: ${NAMESPACE}
+spec:
+  description: Azure AKS credentials
+  identityRef:
+    apiVersion: v1
+    kind: Secret
+    name: azure-aks-credential
+    namespace: ${NAMESPACE}
diff --git a/config/dev/aks-managedcluster.yaml b/config/dev/aks-managedcluster.yaml
new file mode 100644
index 000000000..8ec09bdfc
--- /dev/null
+++ b/config/dev/aks-managedcluster.yaml
@@ -0,0 +1,18 @@
+apiVersion: hmc.mirantis.com/v1alpha1
+kind: ManagedCluster
+metadata:
+  name: azure-aks-dev
+  namespace: ${NAMESPACE}
+spec:
+  template: azure-aks-0-0-1
+  credential: azure-aks-credential
+  propagateCredentials: false
+  config:
+    location: "westus"
+    machinePools:
+      system:
+        count: 1
+        vmSize: Standard_A4_v2
+      user:
+        count: 1
+        vmSize: Standard_A4_v2
diff --git a/internal/webhook/managedcluster_webhook.go b/internal/webhook/managedcluster_webhook.go
index 71603351f..9b2021347 100644
--- a/internal/webhook/managedcluster_webhook.go
+++ b/internal/webhook/managedcluster_webhook.go
@@ -277,7 +277,8 @@ func isCredMatchTemplate(cred *hmcv1alpha1.Credential, template *hmcv1alpha1.Clu
 				return errMsg(provider)
 			}
 		case "infrastructure-azure":
-			if idtyKind != "AzureClusterIdentity" {
+			if idtyKind != "AzureClusterIdentity" &&
+				idtyKind != "Secret" {
 				return errMsg(provider)
 			}
 		case "infrastructure-vsphere":