From 9adacc2dc4223929a44db0f59c2d8df0e9ab8b29 Mon Sep 17 00:00:00 2001
From: Liangquan Li <liangli@redhat.com>
Date: Mon, 26 Sep 2022 22:10:07 +0800
Subject: [PATCH] hypershift-chain: update install

---
 ...t-tests-private-release-4.11__amd64-nightly.yaml |  1 +
 ...t-tests-private-release-4.12__amd64-nightly.yaml |  1 +
 .../aws/create/hypershift-aws-create-chain.yaml     | 13 ++++---------
 ...aws-destroy-nested-management-cluster-chain.yaml |  5 +----
 .../aws/destroy/hypershift-aws-destroy-chain.yaml   |  6 +-----
 ...t-aws-setup-nested-management-cluster-chain.yaml | 10 ++--------
 .../install/hypershift-install-chain.yaml           | 10 +++-------
 7 files changed, 13 insertions(+), 33 deletions(-)

diff --git a/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.11__amd64-nightly.yaml b/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.11__amd64-nightly.yaml
index 4cd04a2d9606c..ee7dbaae3e338 100644
--- a/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.11__amd64-nightly.yaml
+++ b/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.11__amd64-nightly.yaml
@@ -105,6 +105,7 @@ tests:
     env:
       BASE_DOMAIN: qe.devcluster.openshift.com
       E2E_RUN_TAGS: '@aws-ipi and @network-openshiftsdn and not @fips'
+      HYPERSHIFT_BASE_DOMAIN: qe.devcluster.openshift.com
       TAG_VERSION: '@4.11'
       TEST_SCENARIOS: Hypershift
     post:
diff --git a/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.12__amd64-nightly.yaml b/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.12__amd64-nightly.yaml
index 633828c12d358..9fc85cd989bee 100644
--- a/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.12__amd64-nightly.yaml
+++ b/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.12__amd64-nightly.yaml
@@ -177,6 +177,7 @@ tests:
     env:
       BASE_DOMAIN: qe.devcluster.openshift.com
       E2E_RUN_TAGS: '@aws-ipi and @network-ovnkubernetes and not @fips'
+      HYPERSHIFT_BASE_DOMAIN: qe.devcluster.openshift.com
       TAG_VERSION: '@4.12'
       TEST_SCENARIOS: Hypershift
     post:
diff --git a/ci-operator/step-registry/hypershift/aws/create/hypershift-aws-create-chain.yaml b/ci-operator/step-registry/hypershift/aws/create/hypershift-aws-create-chain.yaml
index d4088872beac6..bf0998ad5d413 100644
--- a/ci-operator/step-registry/hypershift/aws/create/hypershift-aws-create-chain.yaml
+++ b/ci-operator/step-registry/hypershift/aws/create/hypershift-aws-create-chain.yaml
@@ -21,6 +21,8 @@ chain:
       documentation: "Extra args to pass to the create cluster aws command"
     commands: |-
       set -exuo pipefail
+      echo "extract secret/pull-secret"
+      oc extract secret/pull-secret -n openshift-config --to="$SHARED_DIR" --confirm
 
       # We don't have the value of HYPERSHIFT_RELEASE_LATEST when we set CONTROLPLANE_OPERATOR_IMAGE so we
       # have to use a hack like this.
@@ -35,8 +37,8 @@ chain:
         --instance-type=m5.xlarge \
         --base-domain ${HYPERSHIFT_BASE_DOMAIN} \
         --region ${HYPERSHIFT_AWS_REGION} \
-        --pull-secret=/etc/ci-pull-credentials/.dockerconfigjson \
-        --aws-creds /etc/hypershift-pool-aws-credentials/credentials \
+        --pull-secret "$SHARED_DIR/.dockerconfigjson" \
+        --aws-creds ${CLUSTER_PROFILE_DIR}/.awscred \
         --release-image ${RELEASE_IMAGE_LATEST} \
         --control-plane-operator-image=${CONTROLPLANE_OPERATOR_IMAGE:-} \
         --additional-tags="expirationDate=$(date -d '4 hours' --iso=minutes --utc)"
@@ -65,13 +67,6 @@ chain:
         cpu: 100m
         memory: 100Mi
     timeout: 30m0s
-    credentials:
-    - mount_path: /etc/hypershift-pool-aws-credentials
-      name: hypershift-pool-aws-credentials
-      namespace: test-credentials
-    - mount_path: /etc/ci-pull-credentials
-      name: ci-pull-credentials
-      namespace: test-credentials
     dependencies:
     - name: "release:latest"
       env: RELEASE_IMAGE_LATEST
diff --git a/ci-operator/step-registry/hypershift/aws/destroy-nested-management-cluster/hypershift-aws-destroy-nested-management-cluster-chain.yaml b/ci-operator/step-registry/hypershift/aws/destroy-nested-management-cluster/hypershift-aws-destroy-nested-management-cluster-chain.yaml
index 24bf027d877b6..d66dfb48e9857 100644
--- a/ci-operator/step-registry/hypershift/aws/destroy-nested-management-cluster/hypershift-aws-destroy-nested-management-cluster-chain.yaml
+++ b/ci-operator/step-registry/hypershift/aws/destroy-nested-management-cluster/hypershift-aws-destroy-nested-management-cluster-chain.yaml
@@ -33,15 +33,12 @@ chain:
       CLUSTER_NAME="$(echo -n $PROW_JOB_ID|sha256sum|cut -c-20)-mgmt"
       export KUBECONFIG=/etc/hypershift-kubeconfig/hypershift-ops-admin.kubeconfig
       bin/hypershift destroy cluster aws \
-      --aws-creds=/etc/hypershift-ci-jobs-awscreds/credentials  \
+      --aws-creds=${CLUSTER_PROFILE_DIR}/.awscred  \
       --name="${CLUSTER_NAME}" \
       --namespace="${HYPERSHIFT_NAMESPACE}" \
       --infra-id=${CLUSTER_NAME} \
       --base-domain=ci.hypershift.devcluster.openshift.com
     credentials:
-    - mount_path: /etc/hypershift-ci-jobs-awscreds
-      name: hypershift-ci-jobs-awscreds
-      namespace: test-credentials
     - mount_path: /etc/hypershift-kubeconfig
       name: hypershift-ci-1
       namespace: test-credentials
diff --git a/ci-operator/step-registry/hypershift/aws/destroy/hypershift-aws-destroy-chain.yaml b/ci-operator/step-registry/hypershift/aws/destroy/hypershift-aws-destroy-chain.yaml
index 6e82c825638a5..461ef3545994b 100644
--- a/ci-operator/step-registry/hypershift/aws/destroy/hypershift-aws-destroy-chain.yaml
+++ b/ci-operator/step-registry/hypershift/aws/destroy/hypershift-aws-destroy-chain.yaml
@@ -15,7 +15,7 @@ chain:
       CLUSTER_NAME="$(echo -n $PROW_JOB_ID|sha256sum|cut -c-20)"
       echo "$(date) Deleting HyperShift cluster ${CLUSTER_NAME}"
       bin/hypershift destroy cluster aws \
-        --aws-creds=/etc/hypershift-pool-aws-credentials/credentials  \
+        --aws-creds=${CLUSTER_PROFILE_DIR}/.awscred  \
         --name ${CLUSTER_NAME} \
         --region ${HYPERSHIFT_AWS_REGION} \
         --base-domain ${HYPERSHIFT_BASE_DOMAIN} \
@@ -31,7 +31,3 @@ chain:
         cpu: 100m
         memory: 100Mi
     timeout: 15m0s
-    credentials:
-    - mount_path: /etc/hypershift-pool-aws-credentials
-      name: hypershift-pool-aws-credentials
-      namespace: test-credentials
diff --git a/ci-operator/step-registry/hypershift/aws/setup-nested-management-cluster/hypershift-aws-setup-nested-management-cluster-chain.yaml b/ci-operator/step-registry/hypershift/aws/setup-nested-management-cluster/hypershift-aws-setup-nested-management-cluster-chain.yaml
index 6f6896a0cef3a..3a53136f8f576 100644
--- a/ci-operator/step-registry/hypershift/aws/setup-nested-management-cluster/hypershift-aws-setup-nested-management-cluster-chain.yaml
+++ b/ci-operator/step-registry/hypershift/aws/setup-nested-management-cluster/hypershift-aws-setup-nested-management-cluster-chain.yaml
@@ -18,8 +18,8 @@ chain:
       CLUSTER_NAME="$(echo -n $PROW_JOB_ID|sha256sum|cut -c-20)-mgmt"
       echo "Creating management cluster ${CLUSTER_NAME} with $((${HYPERSHIFT_NODE_COUNT} * 3)) nodes"
       bin/hypershift create cluster aws \
-        --pull-secret=/etc/ci-pull-credentials/.dockerconfigjson \
-        --aws-creds=/etc/hypershift-ci-jobs-awscreds/credentials \
+        --pull-secret "$SHARED_DIR/.dockerconfigjson" \
+        --aws-creds ${CLUSTER_PROFILE_DIR}/.awscred \
         --additional-tags="expirationDate=$(date -d '4 hours' --iso=minutes --utc)" \
         --name=${CLUSTER_NAME} \
         --region=us-east-1 \
@@ -47,12 +47,6 @@ chain:
       # Data for cluster bot.
       echo "https://$(oc -n openshift-console get routes console -o=jsonpath='{.spec.host}')" > "${SHARED_DIR}/console.url"
     credentials:
-    - mount_path: /etc/hypershift-ci-jobs-awscreds
-      name: hypershift-ci-jobs-awscreds
-      namespace: test-credentials
-    - mount_path: /etc/ci-pull-credentials
-      name: ci-pull-credentials
-      namespace: test-credentials
     - mount_path: /etc/hypershift-kubeconfig
       name: hypershift-ci-1
       namespace: test-credentials
diff --git a/ci-operator/step-registry/hypershift/install/hypershift-install-chain.yaml b/ci-operator/step-registry/hypershift/install/hypershift-install-chain.yaml
index c99a764cb3a6a..27513ba945a85 100644
--- a/ci-operator/step-registry/hypershift/install/hypershift-install-chain.yaml
+++ b/ci-operator/step-registry/hypershift/install/hypershift-install-chain.yaml
@@ -11,19 +11,15 @@ chain:
     - name: HYPERSHIFT_AWS_REGION
       default: "us-east-1"
       documentation: "The AWS region of the cluster."
-    commands: |-
+    commands: |-      
       bin/hypershift --version
       bin/hypershift install \
-        --oidc-storage-provider-s3-credentials=/etc/hypershift-pool-aws-credentials/credentials \
+        --oidc-storage-provider-s3-credentials=${CLUSTER_PROFILE_DIR}/.awscred \
         --oidc-storage-provider-s3-bucket-name=hypershift-ci-oidc \
         --oidc-storage-provider-s3-region=us-east-1 \
         --private-platform=AWS \
-        --aws-private-creds=/etc/hypershift-pool-aws-credentials/credentials \
+        --aws-private-creds=${CLUSTER_PROFILE_DIR}/.awscred \
         --aws-private-region=${HYPERSHIFT_AWS_REGION}
-    credentials:
-    - mount_path: /etc/hypershift-pool-aws-credentials
-      name: hypershift-pool-aws-credentials
-      namespace: test-credentials
     grace_period: 1m0s
     resources:
       requests: