Add hypershift-aws-template 0.0.1

Signed-off-by: Alex Misstear <[email protected]>

.github/workflows/release.yaml

@@ -0,0 +1,27 @@
+name: Release Charts
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  release:
+    permissions:
+      contents: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Configure git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "[email protected]"
+
+      - name: Run chart-releaser
+        uses: helm/[email protected]
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

README.md

@@ -3,4 +3,22 @@ Helm Charts for use with the
 [cluster-templates-operator](https://github.com/stolostron/cluster-templates-operator/).
 Refer to the Operator's documentation for more information.
 
-See [index.yaml](index.yaml) for available charts.
+To install a chart/create a cluster (and infra/iam):
+
+```shell
+helm install --wait --wait-for-jobs --timeout 20m my-cluster <chart-dir>
+```
+
+To uninstall a chart/destroy a cluster (and infra/iam):
+
+```shell
+helm uninstall --timeout 20m my-cluster
+```
+
+## Releases
+
+A GitHub Actions [workflow](.github/workflows/release.yaml) is used to automatically release new
+charts upon merge to the `main` branch.
+
+The chart repository is hosted with GitHub Pages and located at
+https://konflux-ci.dev/cluster-template-charts.

charts/hypershift-aws-template/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+name: hypershift-aws-template
+description: A Helm chart for provisioning a hypershift cluster with a single NodePool in AWS
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.0.1
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.0.1"

charts/hypershift-aws-template/templates/create-cluster-job.yaml

@@ -0,0 +1,53 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: create-cluster-{{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  template:
+    metadata:
+      name: create-cluster-{{ .Release.Name }}
+    spec:
+      serviceAccountName: {{ .Values.serviceAccount }}
+      restartPolicy: Never
+      containers:
+        - name: hypershift
+          image: quay.io/hypershift/hypershift-operator:{{ .Values.hypershiftImageTag }}
+          args:
+            - create
+            - cluster
+            - aws
+            - --name
+            - {{ .Release.Name }}
+            - --infra-id
+            - {{ .Release.Name | trunc -12 }}
+            - --secret-creds
+            - {{ .Values.secret }}
+            - --region
+            - {{ .Values.region }}
+            - --arch
+            {{- if hasPrefix "m6g." .Values.instanceType }}
+            - arm64
+            {{- else }}
+            - amd64
+            {{- end }}
+            - --instance-type
+            - {{ .Values.instanceType }}
+            - --node-pool-replicas
+            - "{{ .Values.nodePoolReplicas }}"
+            - --release-image
+            - quay.io/openshift-release-dev/ocp-release:{{ .Values.version }}-multi
+            - --control-plane-availability-policy
+            - SingleReplica
+            - --infra-availability-policy
+            - SingleReplica
+            - --annotations
+            - argocd.argoproj.io/tracking-id={{ .Release.Name }}:hypershift.openshift.io/HostedCluster:{{ .Release.Namespace }}/{{ .Release.Name }}
+            - --annotations
+            - argocd.argoproj.io/compare-options=IgnoreExtraneous
+            - --annotations
+            - argocd.argoproj.io/sync-options=Prune=false,Delete=false
+            - --timeout
+            - 20m
+            - --wait

charts/hypershift-aws-template/templates/destroy-cluster-job.yaml

@@ -0,0 +1,35 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: destroy-cluster-{{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    helm.sh/hook: post-delete
+    helm.sh/hook-delete-policy: hook-succeeded
+    argocd.argoproj.io/hook: PostDelete
+    argocd.argoproj.io/hook-delete-policy: HookSucceeded
+spec:
+  template:
+    metadata:
+      name: destroy-cluster-{{ .Release.Name }}
+    spec:
+      serviceAccountName: {{ .Values.serviceAccount }}
+      restartPolicy: Never
+      containers:
+        - name: hypershift
+          image: quay.io/hypershift/hypershift-operator:{{ .Values.hypershiftImageTag }}
+          args:
+            - destroy
+            - cluster
+            - aws
+            - --name
+            - {{ .Release.Name }}
+            - --infra-id
+            - {{ .Release.Name | trunc -12 }}
+            - --secret-creds
+            - {{ .Values.secret }}
+            - --region
+            - {{ .Values.region }}
+            - --base-domain
+            - {{ .Values.baseDomain }}

charts/hypershift-aws-template/values.schema.json

@@ -0,0 +1,54 @@
+{
+  "$schema": "http://json-schema.org/schema#",
+  "type": "object",
+  "required": [
+    "baseDomain",
+    "hypershiftImageTag",
+    "instanceType",
+    "nodePoolReplicas",
+    "region",
+    "secret",
+    "serviceAccount",
+    "version"
+  ],
+  "properties": {
+    "baseDomain": {
+      "description": "Base domain already configured in AWS Route53",
+      "type": "string"
+    },
+    "hypershiftImageTag": {
+      "description": "Container image tag for the hypershift CLI",
+      "type": "string"
+    },
+    "instanceType": {
+      "type": "string",
+      "description": "AWS EC2 instance type for worker nodes. Use m5.* for amd64 and m6g.* for arm64.",
+      "enum": [
+        "m5.large", "m5.xlarge", "m5.2xlarge",
+        "m6g.large", "m6g.xlarge", "m6g.2xlarge"
+      ]
+    },
+    "nodePoolReplicas": {
+      "type": "integer",
+      "description": "Size of the worker node pool",
+      "maximum": 3,
+      "minimum": 2
+    },
+    "region": {
+      "type": "string",
+      "description": "AWS region where the cluster will be provisioned"
+    },
+    "secret": {
+      "type": "string",
+      "description": "Name of the secret containing the credentials for hypershift (AWS account creds, OCP pull secret, SSH keypairs, and base domain)"
+    },
+    "serviceAccount": {
+      "type": "string",
+      "description": "Service account used for the workload"
+    },
+    "version": {
+      "type": "string",
+      "description": "OpenShift version"
+    }
+  }
+}

charts/hypershift-aws-template/values.yaml

@@ -0,0 +1,13 @@
+# Default values for hypershift-aws-template.
+
+hypershiftImageTag: latest
+
+instanceType: m5.large
+
+nodePoolReplicas: 2
+
+region: us-east-1
+
+secret: hypershift
+
+serviceAccount: cluster-provisioner