in frontend/pkg/frontend/ocm.go [245:323]
func withImmutableAttributes(clusterBuilder *arohcpv1alpha1.ClusterBuilder, hcpCluster *api.HCPOpenShiftCluster, subscriptionID, resourceGroupName, location, tenantID, identityURL string) *arohcpv1alpha1.ClusterBuilder {
clusterBuilder = clusterBuilder.
Name(hcpCluster.Name).
Flavour(cmv1.NewFlavour().
ID(csFlavourId)).
Region(cmv1.NewCloudRegion().
ID(location)).
CloudProvider(cmv1.NewCloudProvider().
ID(csCloudProvider)).
Product(cmv1.NewProduct().
ID(csProductId)).
Hypershift(arohcpv1alpha1.NewHypershift().
Enabled(csHypershifEnabled)).
MultiAZ(csMultiAzEnabled).
CCS(arohcpv1alpha1.NewCCS().Enabled(csCCSEnabled)).
Version(cmv1.NewVersion().
ID(hcpCluster.Properties.Version.ID).
ChannelGroup(hcpCluster.Properties.Version.ChannelGroup)).
Network(arohcpv1alpha1.NewNetwork().
Type(string(hcpCluster.Properties.Network.NetworkType)).
PodCIDR(hcpCluster.Properties.Network.PodCIDR).
ServiceCIDR(hcpCluster.Properties.Network.ServiceCIDR).
MachineCIDR(hcpCluster.Properties.Network.MachineCIDR).
HostPrefix(int(hcpCluster.Properties.Network.HostPrefix))).
API(arohcpv1alpha1.NewClusterAPI().
Listening(convertVisibilityToListening(hcpCluster.Properties.API.Visibility))).
Capabilities(convertClusterCapabilitiesToCSBuilder(hcpCluster.Properties.Capabilities))
azureBuilder := arohcpv1alpha1.NewAzure().
TenantID(tenantID).
SubscriptionID(subscriptionID).
ResourceGroupName(resourceGroupName).
ResourceName(hcpCluster.Name).
ManagedResourceGroupName(ensureManagedResourceGroupName(hcpCluster)).
SubnetResourceID(hcpCluster.Properties.Platform.SubnetID).
NodesOutboundConnectivity(arohcpv1alpha1.NewAzureNodesOutboundConnectivity().
OutboundType(convertOutboundTypeRPToCS(hcpCluster.Properties.Platform.OutboundType)))
// Cluster Service rejects an empty NetworkSecurityGroupResourceID string.
if hcpCluster.Properties.Platform.NetworkSecurityGroupID != "" {
azureBuilder = azureBuilder.
NetworkSecurityGroupResourceID(hcpCluster.Properties.Platform.NetworkSecurityGroupID)
}
// Only pass managed identity information if the x-ms-identity-url header is present.
if identityURL != "" {
controlPlaneOperators := make(map[string]*arohcpv1alpha1.AzureControlPlaneManagedIdentityBuilder)
for operatorName, identityResourceID := range hcpCluster.Properties.Platform.OperatorsAuthentication.UserAssignedIdentities.ControlPlaneOperators {
controlPlaneOperators[operatorName] = arohcpv1alpha1.NewAzureControlPlaneManagedIdentity().ResourceID(identityResourceID)
}
dataPlaneOperators := make(map[string]*arohcpv1alpha1.AzureDataPlaneManagedIdentityBuilder)
for operatorName, identityResourceID := range hcpCluster.Properties.Platform.OperatorsAuthentication.UserAssignedIdentities.DataPlaneOperators {
dataPlaneOperators[operatorName] = arohcpv1alpha1.NewAzureDataPlaneManagedIdentity().ResourceID(identityResourceID)
}
managedIdentitiesBuilder := arohcpv1alpha1.NewAzureOperatorsAuthenticationManagedIdentities().
ManagedIdentitiesDataPlaneIdentityUrl(identityURL).
ControlPlaneOperatorsManagedIdentities(controlPlaneOperators).
DataPlaneOperatorsManagedIdentities(dataPlaneOperators)
if hcpCluster.Properties.Platform.OperatorsAuthentication.UserAssignedIdentities.ServiceManagedIdentity != "" {
managedIdentitiesBuilder = managedIdentitiesBuilder.ServiceManagedIdentity(arohcpv1alpha1.NewAzureServiceManagedIdentity().
ResourceID(hcpCluster.Properties.Platform.OperatorsAuthentication.UserAssignedIdentities.ServiceManagedIdentity))
}
azureBuilder = azureBuilder.OperatorsAuthentication(
arohcpv1alpha1.NewAzureOperatorsAuthentication().ManagedIdentities(managedIdentitiesBuilder))
}
clusterBuilder = clusterBuilder.Azure(azureBuilder)
// Cluster Service rejects an empty DomainPrefix string.
if hcpCluster.Properties.DNS.BaseDomainPrefix != "" {
clusterBuilder = clusterBuilder.
DomainPrefix(hcpCluster.Properties.DNS.BaseDomainPrefix)
}
return clusterBuilder
}