From 48ae871287ac35a7e05d096533ebee3826b49371 Mon Sep 17 00:00:00 2001
From: Gerd Oberlechner <goberlec@redhat.com>
Date: Fri, 18 Oct 2024 14:55:46 +0200
Subject: [PATCH] consider the KV client ID env var

Signed-off-by: Gerd Oberlechner <goberlec@redhat.com>
---
 cmd/install/install_helm.go   | 42 +++++++++++++++++------------------
 cmd/install/install_render.go | 33 ++++++++++++++-------------
 cmd/install/render.go         | 38 +++++++++++++++++--------------
 3 files changed, 59 insertions(+), 54 deletions(-)

diff --git a/cmd/install/install_helm.go b/cmd/install/install_helm.go
index 58e75186ab6..f0cfdaf3b84 100644
--- a/cmd/install/install_helm.go
+++ b/cmd/install/install_helm.go
@@ -12,21 +12,22 @@ import (
 )
 
 var helmTemplateParams = TemplateParams{
-	Namespace:                ".Release.Namespace",
-	HyperShiftImage:          ".Values.image",
-	OIDCS3Name:               ".Values.oidc.s3.name",
-	OIDCS3Region:             ".Values.oidc.s3.region",
-	OIDCS3CredsSecret:        ".Values.oidc.s3.credsSecret",
-	OIDCS3CredsSecretKey:     ".Values.oidc.s3.credsSecretKey",
-	AWSPrivateRegion:         ".Values.aws.private.region",
-	AWSPrivateCredsSecret:    ".Values.aws.private.credsSecret",
-	AWSPrivateCredsSecretKey: ".Values.aws.private.credsSecretKey",
-	ExternalDNSCredsSecret:   ".Values.externaldns.credsSecret",
-	ExternalDNSDomainFilter:  ".Values.externaldns.domainFilter",
-	ExternalDNSTxtOwnerID:    ".Values.externaldns.txtOwnerId",
-	ExternalDNSImage:         ".Values.externaldns.image",
-	RegistryOverrides:        ".Values.registryOverrides",
-	TemplateNamespace:        false,
+	Namespace:                   ".Release.Namespace",
+	HyperShiftImage:             ".Values.image",
+	OIDCS3Name:                  ".Values.oidc.s3.name",
+	OIDCS3Region:                ".Values.oidc.s3.region",
+	OIDCS3CredsSecret:           ".Values.oidc.s3.credsSecret",
+	OIDCS3CredsSecretKey:        ".Values.oidc.s3.credsSecretKey",
+	AWSPrivateRegion:            ".Values.aws.private.region",
+	AWSPrivateCredsSecret:       ".Values.aws.private.credsSecret",
+	AWSPrivateCredsSecretKey:    ".Values.aws.private.credsSecretKey",
+	ExternalDNSCredsSecret:      ".Values.externaldns.credsSecret",
+	ExternalDNSDomainFilter:     ".Values.externaldns.domainFilter",
+	ExternalDNSTxtOwnerID:       ".Values.externaldns.txtOwnerId",
+	ExternalDNSImage:            ".Values.externaldns.image",
+	RegistryOverrides:           ".Values.registryOverrides",
+	AROHCPKeyVaultUsersClientID: ".Values.azure.keyVault.clientId",
+	TemplateNamespace:           false,
 	TemplateParamWrapper: func(name string) string {
 		return fmt.Sprintf("{{ %s }}", name)
 	},
@@ -90,6 +91,11 @@ func WriteValuesFile(dir string) error {
 	data := map[string]interface{}{
 		"image":             "",
 		"registryOverrides": "",
+		"azure": map[string]interface{}{
+			"keyVault": map[string]interface{}{
+				"clientId": "",
+			},
+		},
 		"oidc": map[string]interface{}{
 			"s3": map[string]interface{}{
 				"name":           "",
@@ -105,12 +111,6 @@ func WriteValuesFile(dir string) error {
 				"credsSecretKey": "",
 			},
 		},
-		"externaldns": map[string]interface{}{
-			"credsSecret":  "",
-			"domainFilter": "",
-			"txtOwnerId":   "",
-			"image":        "",
-		},
 	}
 	return writeYamlFile(fmt.Sprintf("%s/values.yaml", dir), data)
 }
diff --git a/cmd/install/install_render.go b/cmd/install/install_render.go
index a62ff32e515..ffa5292e255 100644
--- a/cmd/install/install_render.go
+++ b/cmd/install/install_render.go
@@ -28,22 +28,23 @@ var (
 )
 
 var openshiftTemplateParams = TemplateParams{
-	HyperShiftImage:            "OPERATOR_IMG",
-	Namespace:                  "NAMESPACE",
-	HypershiftOperatorReplicas: "OPERATOR_REPLICAS",
-	OIDCS3Name:                 "OIDC_S3_NAME",
-	OIDCS3Region:               "OIDC_S3_REGION",
-	OIDCS3CredsSecret:          "OIDC_S3_CREDS_SECRET",
-	OIDCS3CredsSecretKey:       "OIDC_S3_CREDS_SECRET_KEY",
-	AWSPrivateRegion:           "AWS_PRIVATE_REGION",
-	AWSPrivateCredsSecret:      "AWS_PRIVATE_CREDS_SECRET",
-	AWSPrivateCredsSecretKey:   "AWS_PRIVATE_CREDS_SECRET_KEY",
-	ExternalDNSCredsSecret:     "EXTERNAL_DNS_CREDS_SECRET",
-	ExternalDNSDomainFilter:    "EXTERNAL_DNS_DOMAIN_FILTER",
-	ExternalDNSTxtOwnerID:      "EXTERNAL_DNS_TXT_OWNER_ID",
-	ExternalDNSImage:           "EXTERNAL_DNS_IMAGE",
-	RegistryOverrides:          "REGISTRY_OVERRIDES",
-	TemplateNamespace:          true,
+	HyperShiftImage:             "OPERATOR_IMG",
+	Namespace:                   "NAMESPACE",
+	HypershiftOperatorReplicas:  "OPERATOR_REPLICAS",
+	OIDCS3Name:                  "OIDC_S3_NAME",
+	OIDCS3Region:                "OIDC_S3_REGION",
+	OIDCS3CredsSecret:           "OIDC_S3_CREDS_SECRET",
+	OIDCS3CredsSecretKey:        "OIDC_S3_CREDS_SECRET_KEY",
+	AWSPrivateRegion:            "AWS_PRIVATE_REGION",
+	AWSPrivateCredsSecret:       "AWS_PRIVATE_CREDS_SECRET",
+	AWSPrivateCredsSecretKey:    "AWS_PRIVATE_CREDS_SECRET_KEY",
+	ExternalDNSCredsSecret:      "EXTERNAL_DNS_CREDS_SECRET",
+	ExternalDNSDomainFilter:     "EXTERNAL_DNS_DOMAIN_FILTER",
+	ExternalDNSTxtOwnerID:       "EXTERNAL_DNS_TXT_OWNER_ID",
+	ExternalDNSImage:            "EXTERNAL_DNS_IMAGE",
+	RegistryOverrides:           "REGISTRY_OVERRIDES",
+	AROHCPKeyVaultUsersClientID: "AZURE_KEYVAULT_CLIENT_ID",
+	TemplateNamespace:           true,
 	TemplateParamWrapper: func(name string) string {
 		return fmt.Sprintf("${%s}", name)
 	},
diff --git a/cmd/install/render.go b/cmd/install/render.go
index ee7618447b1..e893a4fc85e 100644
--- a/cmd/install/render.go
+++ b/cmd/install/render.go
@@ -5,23 +5,24 @@ import (
 )
 
 type TemplateParams struct {
-	HyperShiftImage            string
-	Namespace                  string
-	HypershiftOperatorReplicas string
-	OIDCS3Name                 string
-	OIDCS3Region               string
-	OIDCS3CredsSecret          string
-	OIDCS3CredsSecretKey       string
-	AWSPrivateRegion           string
-	AWSPrivateCredsSecret      string
-	AWSPrivateCredsSecretKey   string
-	ExternalDNSCredsSecret     string
-	ExternalDNSDomainFilter    string
-	ExternalDNSTxtOwnerID      string
-	ExternalDNSImage           string
-	RegistryOverrides          string
-	TemplateNamespace          bool
-	TemplateParamWrapper       func(string) string
+	HyperShiftImage             string
+	Namespace                   string
+	HypershiftOperatorReplicas  string
+	OIDCS3Name                  string
+	OIDCS3Region                string
+	OIDCS3CredsSecret           string
+	OIDCS3CredsSecretKey        string
+	AWSPrivateRegion            string
+	AWSPrivateCredsSecret       string
+	AWSPrivateCredsSecretKey    string
+	ExternalDNSCredsSecret      string
+	ExternalDNSDomainFilter     string
+	ExternalDNSTxtOwnerID       string
+	ExternalDNSImage            string
+	RegistryOverrides           string
+	AROHCPKeyVaultUsersClientID string
+	TemplateNamespace           bool
+	TemplateParamWrapper        func(string) string
 }
 
 func hyperShiftOperatorTemplateManifest(opts *Options, templateParamConfig TemplateParams) ([]crclient.Object, []crclient.Object, error) {
@@ -61,6 +62,9 @@ func hyperShiftOperatorTemplateManifest(opts *Options, templateParamConfig Templ
 	// registry overrides
 	opts.RegistryOverrides = templateParamConfig.TemplateParamWrapper(templateParamConfig.RegistryOverrides)
 
+	// azure key vault client id
+	opts.AroHCPKeyVaultUsersClientID = templateParamConfig.TemplateParamWrapper(templateParamConfig.AROHCPKeyVaultUsersClientID)
+
 	// create manifests
 	opts.RenderNamespace = templateParamConfig.TemplateNamespace
 	crds, objects, err := hyperShiftOperatorManifests(*opts)