support clc metric and update images

Makefile

@@ -27,16 +27,23 @@ ifeq ($(GOHOSTOS),darwin)
 	endif
 endif
 
+ImageCredentials?=""
 
 update:
 	hack/update.sh
 
 install-mce: ensure-helm
-	$(HELM) upgrade --install mce ./e2e/mce-chart
+	$(HELM) upgrade --install mce ./hack/mce-chart --set-file images.imageCredentials.dockerConfigJson=$(ImageCredentials)
 
 install-policy: ensure-helm
 	$(HELM) upgrade --install policy ./policy
 
+install-e2e-mce: ensure-helm
+	$(HELM) upgrade --install mce ./hack/mce-chart -f ./test/configuration/mce-values.yaml
+
+install-e2e-policy: ensure-helm
+	$(HELM) upgrade --install policy ./policy -f ./test/configuration/policy-values.yaml
+
 e2e-install:
 	hack/e2e-install.sh
 

README.md

@@ -9,19 +9,13 @@ The MCE operator is required to be installed on the Hub cluster.
 
 # Configure the MCE 
 
-1. Set the hub api server to the `spec.hubKubeAPIServerURL` in the `global` `klusterletConfig`, and then apply it.
-
-```
-kubectl apply -f ./configuration/klusterletconfig.yaml
-```
-
-2. Apply a `AddOnDeploymentConfig` for add-ons working in hosted mode.
+1. Apply a `AddOnDeploymentConfig` for add-ons working in hosted mode.
 
 ```
 kubectl apply -f ./configuration/addonhostedconfig.yaml
 ```
 
-3. Patch work-manager add-on to support hosted mode.
+2. Patch work-manager add-on to support hosted mode.
 
 ```
 kubectl patch clustermanagementaddon work-manager --type merge -p '{"spec":{"supportedConfigs":[{"defaultConfig":{"name":"addon-hosted-config","namespace":"multicluster-engine"},"group":"addon.open-cluster-management.io","resource":"addondeploymentconfigs"}]}}'

configuration/klusterletconfig.yaml

@@ -3,4 +3,4 @@ kind: KlusterletConfig
 metadata:
   name: global
 spec:
-  hubKubeAPIServerURL: "hub cluster api server url"
+  hubKubeAPIServerURL: "https://kubernetes.default.svc:443"

configuration/multiclusterengine.yaml

@@ -17,7 +17,7 @@ spec:
         name: hypershift-local-hosting
       - enabled: true
         name: hypershift
-      - enabled: false
+      - enabled: true
         name: cluster-lifecycle
       - enabled: false
         name: discovery

hack/e2e-install.sh

@@ -42,14 +42,7 @@ function waitForReady() {
 
 echo ""
 echo "#### Install MCE on Hub cluster ####"
-make ensure-helm
-
-# install released mce
-# helm install mce ./hack/mce-chart --set-file images.imageCredentials.dockerConfigJson=pullsecret.json
-
-# install upstream mce 
-$HELM install mce ./hack/mce-chart -f ./test/configuration/mce-values.yaml
-
+make install-e2e-mce
 
 echo ""
 echo "###### Wait until MCE pod is running ######"
@@ -62,13 +55,16 @@ waitForReady "kubectl get clustermanagers.operator.open-cluster-management.io  |
 echo ""
 echo "#### Configure MCE ####"
 
+# the crd should be installed by hypershift operator
+# install it manully because does not install hypershift operator in kind cluster
 echo ""
-echo "###### Wait until klusterletconfig CRD is installed ######"
-waitForReady "kubectl get crds | grep -c \"klusterletconfigs\"" 1
+echo "###### Apply hostedCluster CRD to make hypershift addon Available ######"
+kubectl create -f ./test/configuration/hostedclusters-crd.yaml
+
 
 echo ""
-echo "###### Create global klusterletconfig ######"
-kubectl apply -f ./test/configuration/klusterletconfig.yaml
+echo "###### klusterletconfig is for managed cluster ######"
+kubectl apply -f configuration/klusterletconfig.yaml
 
 echo ""
 echo "###### Wait unitl local-cluster is created ######"
@@ -90,9 +86,7 @@ kubectl apply -f ./configuration/workmanagercma.yaml
 
 echo ""
 echo "#### Install Policy addons #####"
-make ensure-helm
-$HELM install policy ./policy -f ./test/configuration/policy-values.yaml
-
+make install-e2e-policy
 
 echo ""
 echo "###### Enable policy addons for local-cluster ######"

hack/mce-chart/templates/deployment.yaml

@@ -95,8 +95,6 @@ spec:
           value: quay.io/stolostron/cluster-proxy-addon@sha256
         - name: OPERAND_IMAGE_CLUSTERCLAIMS_CONTROLLER
           value: quay.io/stolostron/clusterclaims-controller@sha256
-        - name: OPERAND_IMAGE_CLUSTERLIFECYCLE_STATE_METRICS
-          value: quay.io/stolostron/clusterlifecycle-state-metrics@sha256
         - name: OPERAND_IMAGE_CONSOLE_MCE
           value: quay.io/stolostron/console-mce@sha256
         - name: OPERAND_IMAGE_DISCOVERY_OPERATOR
@@ -116,7 +114,7 @@ spec:
         - name: OPERAND_IMAGE_HYPERSHIFT_ADDON_OPERATOR_CANARY_TEST
           value: quay.io/stolostron/hypershift-addon-operator-canary-test@sha256
         - name: OPERAND_IMAGE_HYPERSHIFT_OPERATOR
-          value: quay.io/stolostron/hypershift-operator@sha256
+          value: {{ .Values.images.overrides.hypershift_operator }}
         - name: OPERAND_IMAGE_IMAGE_BASED_INSTALL_OPERATOR
           value: quay.io/stolostron/image-based-install-operator@sha256
         - name: OPERAND_IMAGE_MANAGED_SERVICEACCOUNT
@@ -147,6 +145,8 @@ spec:
           value: {{ .Values.images.overrides.work }}
         - name: OPERAND_IMAGE_KUBE_RBAC_PROXY_MCE
           value: {{ .Values.images.overrides.kube_rbac_proxy_mce }}
+        - name: OPERAND_IMAGE_CLUSTERLIFECYCLE_STATE_METRICS
+          value: {{ .Values.images.overrides.clusterlifecycle_state_metrics }}
         - name: OPERATOR_VERSION
           value: {{ .Chart.AppVersion }}
         - name: OPERATOR_PACKAGE

hack/mce-chart/templates/multiclusterengine.yaml

@@ -17,7 +17,7 @@ spec:
         name: hypershift-local-hosting
       - enabled: true
         name: hypershift
-      - enabled: false
+      - enabled: true
         name: cluster-lifecycle
       - enabled: false
         name: discovery

hack/mce-chart/values.yaml

@@ -6,13 +6,14 @@ images:
     backplane_operator: "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:8c2f526398df56f92bfc62af8e42c3e373c236ab67e58e877cf9690fc480d46a"
     registration_operator: "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:8a37700e9848830dca9a3eebd4c8ca6abd7b04dc28ab5cefd743d00dd58be92a"
     hypershift_addon_operator: "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:af40c47a901c3c1851104427d3fd9db1f0cb6205e37917dc87af57facc90d75d"
+    hypershift_operator: "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:161292cbf4b81c928e6dc9162dc63b02b21c93bfa92b3272f437dc4ff5a02c3a"
     managedcluster_import_controller: "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:09a2f864c76373c9c6af4e8f7c2ffe4dffecc2637cf1647b7d2926419265e3f4"
     multicloud_manager: "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:a0873734a8e0d0b5092820d7ded0436c30fd572abdabb01159b53f0bb2e9d4a3"
     addon_manager: "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:25cdce9461a24748fc6631fa4394b813deabdb27d0c95956508d2a38c504a6a9"
     work: "registry.redhat.io/multicluster-engine/work-rhel9@sha256:1fecd5872ad4a0ce5ddab8a156a54315fc51508a4a18a80d901af7f9af294ec6"
     registration: "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:26ef4145f464f1c5cdb6ab42c119766669f7f08e46cbd4185bdbd3f4cd70bb54"
     placement: "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:737cf1d7dcdf8c32d96894eebd686caf35959232f3fd774b307cf1df8068d26c"
     kube_rbac_proxy_mce: "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:b1ada80f881131283a94d84cb37edc4b9725ccea9b66ebf8ccd6956cb515531a"
-
+    clusterlifecycle_state_metrics: "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf5bb514e4d8af5e38317c3727d4cd9f90c22b293fe3e2367f9f0e179e0ee0c7"
   imageCredentials:
     dockerConfigJson: ""

test/configuration/azure-config.json

@@ -0,0 +1,7 @@
+{
+    "tenantId": "abc",
+    "subscriptionId": "123",
+    "resourceGroup": "test",
+    "aadClientId": "clientid",
+    "aadClientSecret": "clientpassword"
+  }

test/configuration/external-dns.yaml

@@ -0,0 +1,86 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: external-dns
+  namespace: hypershift
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      name: external-dns
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: external-dns
+        hypershift.openshift.io/operator-component: external-dns
+        name: external-dns
+    spec:
+      containers:
+      - args:
+        - --source=service
+        - --source=openshift-route
+        - --domain-filter=myzone
+        - --provider=azure
+        - --registry=txt
+        - --txt-suffix=-external-dns
+        - --txt-owner-id=5461617c-6757-49cd-b5ba-deda35d941f5
+        - --label-filter=hypershift.openshift.io/route-visibility!=private
+        - --interval=1m
+        - --txt-cache-interval=1h
+        - --azure-config-file=/etc/provider/credentials
+        command:
+        - /external-dns
+        image: registry.redhat.io/edo/external-dns-rhel8@sha256:638fb6b5fc348f5cf52b9800d3d8e9f5315078fc9b1e57e800cb0a4a50f1b4b9
+        imagePullPolicy: IfNotPresent
+        livenessProbe:
+          failureThreshold: 5
+          httpGet:
+            path: /healthz
+            port: 7979
+            scheme: HTTP
+          initialDelaySeconds: 60
+          periodSeconds: 60
+          successThreshold: 1
+          timeoutSeconds: 5
+        name: external-dns
+        ports:
+        - containerPort: 7979
+          name: metrics
+          protocol: TCP
+        resources:
+          requests:
+            cpu: 5m
+            memory: 20Mi
+        securityContext:
+          privileged: false
+          readOnlyRootFilesystem: true
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+        volumeMounts:
+        - mountPath: /etc/provider
+          name: credentials
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+      - name: pull-secret
+      - name: open-cluster-management-image-pull-credentials
+      priorityClassName: hypershift-operator
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      serviceAccount: external-dns
+      serviceAccountName: external-dns
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - name: credentials
+        secret:
+          defaultMode: 420
+          secretName: hypershift-operator-external-dns-credentials
+