From 5abe597932f09b56f708c36c241336efb9fe051e Mon Sep 17 00:00:00 2001
From: Liangquan Li <liangli@redhat.com>
Date: Tue, 27 Sep 2022 23:40:28 +0800
Subject: [PATCH] hypershift-chain: update install

---
 .../create/hypershift-aws-create-chain.yaml   | 17 ++++++++++++++---
 ...stroy-nested-management-cluster-chain.yaml | 19 +++++++++++++++++--
 .../destroy/hypershift-aws-destroy-chain.yaml | 19 ++++++++++++++++---
 ...setup-nested-management-cluster-chain.yaml | 10 +++++++---
 4 files changed, 54 insertions(+), 11 deletions(-)

diff --git a/ci-operator/step-registry/hypershift/aws/create/hypershift-aws-create-chain.yaml b/ci-operator/step-registry/hypershift/aws/create/hypershift-aws-create-chain.yaml
index d4088872beac6..cb8c9e212c24b 100644
--- a/ci-operator/step-registry/hypershift/aws/create/hypershift-aws-create-chain.yaml
+++ b/ci-operator/step-registry/hypershift/aws/create/hypershift-aws-create-chain.yaml
@@ -8,7 +8,7 @@ chain:
       default: "3"
       documentation: "The number nodes to automatically create and join to the cluster."
     - name: HYPERSHIFT_BASE_DOMAIN
-      default: "ci.hypershift.devcluster.openshift.com"
+      default: ""
       documentation: "The cluster's FQDN will be a subdomain of the base domain."
     - name: HYPERSHIFT_AWS_REGION
       default: "us-east-1"
@@ -19,8 +19,19 @@ chain:
     - name: EXTRA_ARGS
       default: ""
       documentation: "Extra args to pass to the create cluster aws command"
+    - name: HYPERSHIFT_GUEST_INFRA_OCP_ACCOUNT
+      default: "false"
+      documentation: "Whether to use the generic CI account or the HyperShift OSD account for the guest clusters infra. For the infra created for the clusters. E.g. For cluster-bot we use the generic CI account"
     commands: |-
       set -exuo pipefail
+      AWS_GUEST_INFRA_CREDENTIALS_FILE="/etc/hypershift-ci-jobs-awscreds/credentials"
+      DEFAULT_BASE_DOMAIN=ci.hypershift.devcluster.openshift.com
+      
+      if [[ $HYPERSHIFT_GUEST_INFRA_OCP_ACCOUNT == "true" ]]; then
+        AWS_GUEST_INFRA_CREDENTIALS_FILE="${CLUSTER_PROFILE_DIR}/.awscred"
+        DEFAULT_BASE_DOMAIN=origin-ci-int-aws.dev.rhcloud.com
+      fi
+      DOMAIN=${HYPERSHIFT_BASE_DOMAIN:-$DEFAULT_BASE_DOMAIN}
 
       # We don't have the value of HYPERSHIFT_RELEASE_LATEST when we set CONTROLPLANE_OPERATOR_IMAGE so we
       # have to use a hack like this.
@@ -33,10 +44,10 @@ chain:
         --name ${CLUSTER_NAME} \
         --node-pool-replicas ${HYPERSHIFT_NODE_COUNT} \
         --instance-type=m5.xlarge \
-        --base-domain ${HYPERSHIFT_BASE_DOMAIN} \
+        --base-domain ${DOMAIN} \
         --region ${HYPERSHIFT_AWS_REGION} \
         --pull-secret=/etc/ci-pull-credentials/.dockerconfigjson \
-        --aws-creds /etc/hypershift-pool-aws-credentials/credentials \
+        --aws-creds=${AWS_GUEST_INFRA_CREDENTIALS_FILE} \
         --release-image ${RELEASE_IMAGE_LATEST} \
         --control-plane-operator-image=${CONTROLPLANE_OPERATOR_IMAGE:-} \
         --additional-tags="expirationDate=$(date -d '4 hours' --iso=minutes --utc)"
diff --git a/ci-operator/step-registry/hypershift/aws/destroy-nested-management-cluster/hypershift-aws-destroy-nested-management-cluster-chain.yaml b/ci-operator/step-registry/hypershift/aws/destroy-nested-management-cluster/hypershift-aws-destroy-nested-management-cluster-chain.yaml
index 24bf027d877b6..9953aeb7b33d1 100644
--- a/ci-operator/step-registry/hypershift/aws/destroy-nested-management-cluster/hypershift-aws-destroy-nested-management-cluster-chain.yaml
+++ b/ci-operator/step-registry/hypershift/aws/destroy-nested-management-cluster/hypershift-aws-destroy-nested-management-cluster-chain.yaml
@@ -29,15 +29,30 @@ chain:
       - name: HYPERSHIFT_NAMESPACE
         default: "clusters"
         documentation: "The Namespace where to create the HostedCluster and NodePools"
+      - name: HYPERSHIFT_GUEST_INFRA_OCP_ACCOUNT
+        default: "false"
+        documentation: "Whether to use the generic CI account or the HyperShift OSD account for the guest clusters infra. For the infra created for the clusters. E.g. For cluster-bot we use the generic CI account"
+      - name: HYPERSHIFT_BASE_DOMAIN
+        default: ""
+        documentation: "The cluster's FQDN will be a subdomain of the base domain."
     commands: |-
+      AWS_GUEST_INFRA_CREDENTIALS_FILE="/etc/hypershift-ci-jobs-awscreds/credentials"
+      DEFAULT_BASE_DOMAIN=ci.hypershift.devcluster.openshift.com
+      
+      if [[ $HYPERSHIFT_GUEST_INFRA_OCP_ACCOUNT == "true" ]]; then
+        AWS_GUEST_INFRA_CREDENTIALS_FILE="${CLUSTER_PROFILE_DIR}/.awscred"
+        DEFAULT_BASE_DOMAIN=origin-ci-int-aws.dev.rhcloud.com
+      fi
+      DOMAIN=${HYPERSHIFT_BASE_DOMAIN:-$DEFAULT_BASE_DOMAIN}
+      
       CLUSTER_NAME="$(echo -n $PROW_JOB_ID|sha256sum|cut -c-20)-mgmt"
       export KUBECONFIG=/etc/hypershift-kubeconfig/hypershift-ops-admin.kubeconfig
       bin/hypershift destroy cluster aws \
-      --aws-creds=/etc/hypershift-ci-jobs-awscreds/credentials  \
+      --aws-creds=${AWS_GUEST_INFRA_CREDENTIALS_FILE}  \
       --name="${CLUSTER_NAME}" \
       --namespace="${HYPERSHIFT_NAMESPACE}" \
       --infra-id=${CLUSTER_NAME} \
-      --base-domain=ci.hypershift.devcluster.openshift.com
+      --base-domain=${DOMAIN}
     credentials:
     - mount_path: /etc/hypershift-ci-jobs-awscreds
       name: hypershift-ci-jobs-awscreds
diff --git a/ci-operator/step-registry/hypershift/aws/destroy/hypershift-aws-destroy-chain.yaml b/ci-operator/step-registry/hypershift/aws/destroy/hypershift-aws-destroy-chain.yaml
index 6e82c825638a5..4ccb14c0dec56 100644
--- a/ci-operator/step-registry/hypershift/aws/destroy/hypershift-aws-destroy-chain.yaml
+++ b/ci-operator/step-registry/hypershift/aws/destroy/hypershift-aws-destroy-chain.yaml
@@ -5,20 +5,33 @@ chain:
     cli: latest
     env:
     - name: HYPERSHIFT_BASE_DOMAIN
-      default: "origin-ci-int-aws.dev.rhcloud.com"
+      default: ""
       documentation: "The cluster's FQDN will be a subdomain of the base domain."
     - name: HYPERSHIFT_AWS_REGION
       default: "us-east-1"
       documentation: "The AWS region of the cluster."
+    - name: HYPERSHIFT_GUEST_INFRA_OCP_ACCOUNT
+      default: "false"
+      documentation: "Whether to use the generic CI account or the HyperShift OSD account for the guest clusters infra. For the infra created for the clusters. E.g. For cluster-bot we use the generic CI account"
     commands: |-
       set -exuo pipefail
+      
+      AWS_GUEST_INFRA_CREDENTIALS_FILE="/etc/hypershift-ci-jobs-awscreds/credentials"
+      DEFAULT_BASE_DOMAIN=ci.hypershift.devcluster.openshift.com
+      
+      if [[ $HYPERSHIFT_GUEST_INFRA_OCP_ACCOUNT == "true" ]]; then
+        AWS_GUEST_INFRA_CREDENTIALS_FILE="${CLUSTER_PROFILE_DIR}/.awscred"
+        DEFAULT_BASE_DOMAIN=origin-ci-int-aws.dev.rhcloud.com
+      fi
+      DOMAIN=${HYPERSHIFT_BASE_DOMAIN:-$DEFAULT_BASE_DOMAIN}
+      
       CLUSTER_NAME="$(echo -n $PROW_JOB_ID|sha256sum|cut -c-20)"
       echo "$(date) Deleting HyperShift cluster ${CLUSTER_NAME}"
       bin/hypershift destroy cluster aws \
-        --aws-creds=/etc/hypershift-pool-aws-credentials/credentials  \
+        --aws-creds=${AWS_GUEST_INFRA_CREDENTIALS_FILE}  \
         --name ${CLUSTER_NAME} \
         --region ${HYPERSHIFT_AWS_REGION} \
-        --base-domain ${HYPERSHIFT_BASE_DOMAIN} \
+        --base-domain ${DOMAIN} \
         --cluster-grace-period 40m
       echo "$(date) Finished deleting cluster"
     from_image:
diff --git a/ci-operator/step-registry/hypershift/aws/setup-nested-management-cluster/hypershift-aws-setup-nested-management-cluster-chain.yaml b/ci-operator/step-registry/hypershift/aws/setup-nested-management-cluster/hypershift-aws-setup-nested-management-cluster-chain.yaml
index a4bc2629d817a..90732bad9a0a7 100644
--- a/ci-operator/step-registry/hypershift/aws/setup-nested-management-cluster/hypershift-aws-setup-nested-management-cluster-chain.yaml
+++ b/ci-operator/step-registry/hypershift/aws/setup-nested-management-cluster/hypershift-aws-setup-nested-management-cluster-chain.yaml
@@ -16,14 +16,18 @@ chain:
     - name: HYPERSHIFT_GUEST_INFRA_OCP_ACCOUNT
       default: "false"
       documentation: "Whether to use the generic CI account or the HyperShift OSD account for the guest clusters infra. For the infra created for the clusters. E.g. For cluster-bot we use the generic CI account"
+    - name: HYPERSHIFT_BASE_DOMAIN
+      default: ""
+      documentation: "The cluster's FQDN will be a subdomain of the base domain."
     commands: |-
       AWS_GUEST_INFRA_CREDENTIALS_FILE="/etc/hypershift-ci-jobs-awscreds/credentials"
-      BASE_DOMAIN=ci.hypershift.devcluster.openshift.com
+      DEFAULT_BASE_DOMAIN=ci.hypershift.devcluster.openshift.com
       
       if [[ $HYPERSHIFT_GUEST_INFRA_OCP_ACCOUNT == "true" ]]; then
         AWS_GUEST_INFRA_CREDENTIALS_FILE="${CLUSTER_PROFILE_DIR}/.awscred"
-        BASE_DOMAIN=origin-ci-int-aws.dev.rhcloud.com
+        DEFAULT_BASE_DOMAIN=origin-ci-int-aws.dev.rhcloud.com
       fi
+      DOMAIN=${HYPERSHIFT_BASE_DOMAIN:-$DEFAULT_BASE_DOMAIN}
       
       export KUBECONFIG=/etc/hypershift-kubeconfig/hypershift-ops-admin.kubeconfig
       CLUSTER_NAME="$(echo -n $PROW_JOB_ID|sha256sum|cut -c-20)-mgmt"
@@ -35,7 +39,7 @@ chain:
         --name=${CLUSTER_NAME} \
         --region=us-east-1 \
         --infra-id=${CLUSTER_NAME} \
-        --base-domain=${BASE_DOMAIN} \
+        --base-domain=${DOMAIN} \
         --instance-type=m5.xlarge \
         --zones=${HYPERSHIFT_ZONES} \
         --service-cidr=172.29.0.0/16 \