Corrections and multiple certificate copy.

Author: abutcher

config/crds/hive.openshift.io_clusterdeployments.yaml

@@ -443,8 +443,8 @@ spec:
                       type: string
                     credentialsSecretRef:
                       description: 'CredentialsSecretRef refers to a secret that contains
-                        the vSphere account access credentials: GOVC_HOST, GOVC_USERNAME,
-                        GOVC_PASSWORD fields.'
+                        the vSphere account access credentials: GOVC_USERNAME, GOVC_PASSWORD
+                        fields.'
                       properties:
                         name:
                           description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

contrib/pkg/createcluster/create.go

@@ -196,7 +196,7 @@ create-cluster CLUSTER_DEPLOYMENT_NAME --cloud=aws
 create-cluster CLUSTER_DEPLOYMENT_NAME --cloud=azure --azure-base-domain-resource-group-name=RESOURCE_GROUP_NAME
 create-cluster CLUSTER_DEPLOYMENT_NAME --cloud=gcp
 create-cluster CLUSTER_DEPLOYMENT_NAME --cloud=openstack --openstack-api-floating-ip=192.168.1.2 --openstack-cloud=mycloud
-create-cluster CLUSTER_DEPLOYMENT_NAME --cloud=vsphere --vsphere-vcenter=vcsa.vmware.devcluster.openshift.com --vsphere-datacenter=dc1 --vsphere-default-datastore=nvme-ds1 --vsphere-api-vip=192.168.1.2 --vsphere-ingress-vip=192.168.1.3 --vsphere-cluster=devel --vsphere-network="VM Network" --vsphere-ca-certs=/path/to/cert`,
+create-cluster CLUSTER_DEPLOYMENT_NAME --cloud=vsphere --vsphere-vcenter=vmware.devcluster.com --vsphere-datacenter=dc1 --vsphere-default-datastore=nvme-ds1 --vsphere-api-vip=192.168.1.2 --vsphere-ingress-vip=192.168.1.3 --vsphere-cluster=devel --vsphere-network="VM Network" --vsphere-ca-certs=/path/to/cert`,
 		Short: "Creates a new Hive cluster deployment",
 		Long:  fmt.Sprintf(longDesc, defaultSSHPublicKeyFile, defaultPullSecretFile),
 		Args:  cobra.ExactArgs(1),
@@ -573,7 +573,7 @@ func (o *Options) GenerateObjects() ([]runtime.Object, error) {
 			APIVIP:           o.VSphereAPIVIP,
 			IngressVIP:       o.VSphereIngressVIP,
 			Network:          vSphereNetwork,
-			CACert:           bytes.Join(caCerts[:], []byte("\n")),
+			CACert:           bytes.Join(caCerts, []byte("\n")),
 		}
 		builder.SkipMachinePoolGeneration = true
 		builder.CloudBuilder = vsphereProvider

contrib/pkg/deprovision/vsphere.go

@@ -7,10 +7,11 @@ import (
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
-	"github.com/openshift/hive/pkg/constants"
 	"github.com/openshift/installer/pkg/destroy/vsphere"
 	"github.com/openshift/installer/pkg/types"
 	typesvsphere "github.com/openshift/installer/pkg/types/vsphere"
+
+	"github.com/openshift/hive/pkg/constants"
 )
 
 // vSphereOptions is the set of options to deprovision an vSphere cluster
@@ -50,7 +51,11 @@ func NewDeprovisionvSphereCommand() *cobra.Command {
 // Complete finishes parsing arguments for the command
 func (o *vSphereOptions) Complete(cmd *cobra.Command, args []string) error {
 	o.infraID = args[0]
+	return nil
+}
 
+// Validate ensures that option values make sense
+func (o *vSphereOptions) Validate(cmd *cobra.Command) error {
 	if o.vCenter == "" {
 		o.vCenter = os.Getenv(constants.VSphereVCenterEnvVar)
 		if o.vCenter == "" {
@@ -65,12 +70,6 @@ func (o *vSphereOptions) Complete(cmd *cobra.Command, args []string) error {
 	if o.password == "" {
 		return fmt.Errorf("No %s env var set, cannot proceed", constants.VSpherePasswordEnvVar)
 	}
-
-	return nil
-}
-
-// Validate ensures that option values make sense
-func (o *vSphereOptions) Validate(cmd *cobra.Command) error {
 	return nil
 }
 

pkg/apis/hive/v1/clusterdeprovision_types.go

@@ -72,10 +72,10 @@ type OpenStackClusterDeprovision struct {
 // VSphereClusterDeprovision contains VMware vSphere-specific configuration for a ClusterDeprovision
 type VSphereClusterDeprovision struct {
 	// CredentialsSecretRef is the vSphere account credentials to use for deprovisioning the cluster
-	CredentialsSecretRef *corev1.LocalObjectReference `json:"credentialsSecretRef"`
+	CredentialsSecretRef corev1.LocalObjectReference `json:"credentialsSecretRef"`
 	// CertificatesSecretRef refers to a secret that contains the vSphere CA certificates
 	// necessary for communicating with the VCenter.
-	CertificatesSecretRef *corev1.LocalObjectReference `json:"certificatesSecretRef"`
+	CertificatesSecretRef corev1.LocalObjectReference `json:"certificatesSecretRef"`
 	// VCenter is the vSphere vCenter hostname.
 	VCenter string `json:"vCenter"`
 }

pkg/apis/hive/v1/validating-webhooks/clusterdeployment_validating_admission_hook.go

@@ -316,7 +316,7 @@ func (a *ClusterDeploymentValidatingAdmissionHook) validateCreate(admissionSpec
 			allErrs = append(allErrs, field.Required(vspherePath.Child("datacenter"), "must specify vSphere datacenter"))
 		}
 		if vsphere.DefaultDatastore == "" {
-			allErrs = append(allErrs, field.Required(vspherePath.Child("defaultDatastore"), "must specify Vvphere defaultDatastore"))
+			allErrs = append(allErrs, field.Required(vspherePath.Child("defaultDatastore"), "must specify vSphere defaultDatastore"))
 		}
 	}
 	if newObject.Spec.Platform.BareMetal != nil {

pkg/apis/hive/v1/vsphere/doc.go

@@ -1,8 +1,3 @@
-// Package vsphere contains vSphere-specific structures for installer
-// configuration and management.
+// Package vsphere contains contains API Schema definitions for vSphere clusters.
 // +k8s:deepcopy-gen=package,register
-// +k8s:conversion-gen=github.com/openshift/hive/pkg/apis/hive
 package vsphere
-
-// Name is name for the vsphere platform.
-const Name string = "vsphere"

pkg/apis/hive/v1/vsphere/platform.go

@@ -10,7 +10,7 @@ type Platform struct {
 	VCenter string `json:"vCenter"`
 
 	// CredentialsSecretRef refers to a secret that contains the vSphere account access
-	// credentials: GOVC_HOST, GOVC_USERNAME, GOVC_PASSWORD fields.
+	// credentials: GOVC_USERNAME, GOVC_PASSWORD fields.
 	CredentialsSecretRef corev1.LocalObjectReference `json:"credentialsSecretRef"`
 
 	// CertificatesSecretRef refers to a secret that contains the vSphere CA certificates

pkg/apis/hive/v1/zz_generated.deepcopy.go

@@ -1556,8 +1556,8 @@ func generateDeprovision(cd *hivev1.ClusterDeployment) (*hivev1.ClusterDeprovisi
 		}
 	case cd.Spec.Platform.VSphere != nil:
 		req.Spec.Platform.VSphere = &hivev1.VSphereClusterDeprovision{
-			CredentialsSecretRef:  &cd.Spec.Platform.VSphere.CredentialsSecretRef,
-			CertificatesSecretRef: &cd.Spec.Platform.VSphere.CertificatesSecretRef,
+			CredentialsSecretRef:  cd.Spec.Platform.VSphere.CredentialsSecretRef,
+			CertificatesSecretRef: cd.Spec.Platform.VSphere.CertificatesSecretRef,
 			VCenter:               cd.Spec.Platform.VSphere.VCenter,
 		}
 	default:

pkg/controller/clusterdeployment/clusterdeployment_controller.go

@@ -312,7 +312,7 @@ func InstallerPodSpec(
 	hiveArg := fmt.Sprintf("/usr/bin/hiveutil install-manager --work-dir /output --log-level debug %s %s", cd.Namespace, provisionName)
 	if cd.Spec.Platform.VSphere != nil {
 		// Add vsphere certificates to CA trust.
-		hiveArg = fmt.Sprintf("cp -v %s/.cacert /etc/pki/ca-trust/source/anchors/ && update-ca-trust && %s", vsphereCloudsDir, hiveArg)
+		hiveArg = fmt.Sprintf("cp -vr %s/. /etc/pki/ca-trust/source/anchors/ && update-ca-trust && %s", vsphereCloudsDir, hiveArg)
 	}
 
 	// This container just needs to copy the required install binaries to the shared emptyDir volume,
@@ -660,7 +660,7 @@ func completeVSphereDeprovisionJob(req *hivev1.ClusterDeprovision, job *batchv1.
 			ImagePullPolicy: images.GetHiveImagePullPolicy(),
 			Env:             env,
 			Command:         []string{"/bin/sh", "-c"},
-			Args:            []string{fmt.Sprintf("cp -v /vsphere/.cacert /etc/pki/ca-trust/source/anchors/ && update-ca-trust && /usr/bin/hiveutil deprovision vsphere --vsphere-vcenter %s --loglevel debug %s", req.Spec.Platform.VSphere.VCenter, req.Spec.InfraID)},
+			Args:            []string{fmt.Sprintf("cp -vr %s/. /etc/pki/ca-trust/source/anchors/ && update-ca-trust && /usr/bin/hiveutil deprovision vsphere --vsphere-vcenter %s --loglevel debug %s", vsphereCloudsDir, req.Spec.Platform.VSphere.VCenter, req.Spec.InfraID)},
 			VolumeMounts:    volumeMounts,
 		},
 	}