use ticketgen script with quota

Signed-off-by: Daniel Osypenko <[email protected]>

Author: DanielOsypenko

conf/README.md

@@ -349,6 +349,7 @@ higher priority).
       * `hosted_odf_registry` - registry for hosted ODF (default: quay.io/rhceph-dev/ocs-registry)
       * `hosted_odf_version` - version of ODF to be deployed on hosted clusters
       * `cp_availability_policy` - "HighlyAvailable" or "SingleReplica"; if not provided the default value is "SingleReplica"
+      * `storage_quota` - storage quota for the hosted cluster
 * `wait_timeout_for_healthy_osd_in_minutes` - timeout waiting for healthy OSDs before continuing upgrade (see https://bugzilla.redhat.com/show_bug.cgi?id=2276694 for more details)
 * `osd_maintenance_timeout` - is a duration in minutes that determines how long an entire failureDomain like region/zone/host will be held in noout
 * `odf_provider_mode_deployment` - True if you would like to enable provider mode deployment.

conf/examples/provider_mode_ibm_cloud_baremetal_kubevirt_clients.yaml

@@ -32,6 +32,7 @@ ENV_DATA:
       setup_storage_client: true # if true, the Storage Client will be created and verification will be performed
       nodepool_replicas: 3 # number of worker nodes created for Hosted cluster
       cp_availability_policy: "HighlyAvailable" # this field is optional, if not provided the default value is "SingleReplica"
+      storage_quota: 100  # int. 100 means "100Gi". this field is optional, if not provided client will have unlimited storage quota
     hcp415-bm3-f:
       hosted_cluster_path: "~/clusters/hcp416-bm3-f/openshift-cluster-dir" # path to store auth_path dir or cluster related files
       ocp_version:  "4.15.10" # this is an example, please provide the desired OCP version

ocs_ci/deployment/deployment.py

@@ -464,7 +464,7 @@ def do_deploy_mce(self):
         """
         if config.ENV_DATA["skip_ocs_deployment"]:
 
-            if config.DEPLOYMENT.get("deploy_mce"):
+            if config.ENV_DATA.get("deploy_mce"):
                 mce_installer = MCEInstaller()
                 mce_installer.deploy_mce()
 

ocs_ci/deployment/hosted_cluster.py

@@ -632,6 +632,11 @@ def __init__(self, name: str):
             constants.PROVIDER_MODE_STORAGE_CLIENT
         )
         self.storage_client_name = storage_client_data["metadata"]["name"]
+        self.storage_quota = (
+            config.ENV_DATA.get("clusters", {})
+            .get(self.name, {})
+            .get("storage_quota", None)
+        )
 
     @kubeconfig_exists_decorator
     def exec_oc_cmd(self, cmd, timeout=300, ignore_error=False, **kwargs):
@@ -976,7 +981,11 @@ def get_onboarding_key(self):
         )
 
         try:
-            token = generate_onboarding_token(private_key=decoded_key)
+            token = generate_onboarding_token(
+                private_key=decoded_key,
+                use_ticketgen_with_quota=True,
+                storage_quota=self.storage_quota,
+            )
         except Exception as e:
             logger.error(f"Error during onboarding token generation: {e}")
             token = ""

ocs_ci/deployment/hyperconverged.py

@@ -1,7 +1,7 @@
 import logging
 import semantic_version
 
-from ocs_ci.ocs.exceptions import HyperConvergedNotDeployedException
+from ocs_ci.ocs.exceptions import HyperConvergedNotDeployedException, CommandFailed
 from ocs_ci.ocs.ocp import OCP
 from ocs_ci.ocs import constants
 from ocs_ci.ocs.resources.deployment import Deployment
@@ -11,6 +11,7 @@
 from ocs_ci.ocs.version import get_ocp_version
 from ocs_ci.utility import templating
 from ocs_ci.ocs.resources.catalog_source import CatalogSource
+from ocs_ci.utility.retry import retry
 from ocs_ci.utility.utils import wait_custom_resource_defenition_available
 
 logger = logging.getLogger(__name__)
@@ -147,7 +148,10 @@ def create_hyperconverged_instance(self):
                 constants.HYPERCONVERGED_YAML
             )
             hyperconverged_instance_yaml = OCS(**hyperconverged_instance_yaml_file)
-            hyperconverged_instance_yaml.create()
+            retry(CommandFailed, tries=10, delay=60)(
+                hyperconverged_instance_yaml.create
+            )()
+
         self.hyperconverged.check_resource_existence(
             should_exist=True, resource_name=constants.HYPERCONVERGED_NAME
         )

ocs_ci/deployment/mce.py

@@ -239,14 +239,14 @@ def deploy_mce(self):
             qe_app_registry.icsp()
             qe_app_registry.catalog_source()
             self.create_mce_namespace()
+            self.create_multiclusterengine_operatorgroup()
             self.create_mce_subscription()
             if not wait_custom_resource_defenition_available(
                 constants.MULTICLUSTER_ENGINE_CRD
             ):
                 raise MultiClusterEngineNotDeployedException(
                     f"crd {constants.MULTICLUSTER_ENGINE_CRD} is unavailable"
                 )
-            self.create_multiclusterengine_operatorgroup()
 
         # check whether mce instance is created, if it is installed but mce don't pass validation we can not heal it in
         # script here, hence no sense for full validation of mce

ocs_ci/templates/mce-deployment/mce_subscription.yaml

@@ -3,9 +3,12 @@ kind: Subscription
 metadata:
   name: multicluster-engine
   namespace: multicluster-engine
+  labels:
+    operators.coreos.com/multicluster-engine.multicluster-engine: ""
 spec:
   channel: stable-2.8
   installPlanApproval: Automatic
   name: multicluster-engine
   source: qe-app-registry
   sourceNamespace: openshift-marketplace
+  startingCSV: multicluster-engine.v2.8.0

ocs_ci/utility/managedservice.py

@@ -1,6 +1,7 @@
 import logging
 import os
 import stat
+from pathlib import Path
 
 from tempfile import NamedTemporaryFile
 
@@ -12,7 +13,12 @@
 logger = logging.getLogger(__name__)
 
 
-def generate_onboarding_token(private_key: str = None):
+def generate_onboarding_token(
+    private_key: str = None,
+    use_ticketgen_with_quota: bool = False,
+    subject_role: str = None,
+    storage_quota: int = None,
+):
     """
     Generate Onboarding token for consumer cluster via following steps:
 
@@ -27,6 +33,9 @@ def generate_onboarding_token(private_key: str = None):
 
     Args:
         private_key (str): private key for Managed Service
+        use_ticketgen_with_quota (bool): If True, the ticketgen.sh script will be run with -q flag
+        subject_role (str): Role of the subject, this role has a default in ticketgen-with-quota.sh - ocs-client
+        storage_quota (int): Quota for the storage cluster
 
     Raises:
         CommandFailed: In case the script ticketgen.sh fails.
@@ -38,12 +47,31 @@ def generate_onboarding_token(private_key: str = None):
     """
     logger.debug("Generate onboarding token for ODF to ODF deployment")
     ticketgen_script_path = os.path.join(constants.DATA_DIR, "ticketgen.sh")
-    # download ticketgen.sh script
-    logger.debug("Download and prepare ticketgen.sh script")
-    download_file(
-        "https://raw.githubusercontent.com/red-hat-storage/ocs-operator/main/hack/ticketgen/ticketgen.sh",
-        ticketgen_script_path,
-    )
+
+    if not use_ticketgen_with_quota:
+        logger.debug("Download and prepare ticketgen.sh script")
+        download_file(
+            "https://raw.githubusercontent.com/red-hat-storage/ocs-operator/main/hack/ticketgen/ticketgen.sh",
+            ticketgen_script_path,
+        )
+        if not Path(ticketgen_script_path).exists():
+            raise FileNotFoundError(
+                f"Failed to download ticketgen.sh script to {ticketgen_script_path}"
+            )
+    else:
+        logger.info("using ticketgen.sh script with --quota flag")
+        script_path = (
+            Path(__file__).resolve().parents[2]
+            / "scripts"
+            / "bash"
+            / "ticketgen-with-quota.sh"
+        )
+        if not script_path.exists():
+            raise FileNotFoundError(
+                f"Failed to find ticketgen-with-quota.sh script in {script_path}"
+            )
+        ticketgen_script_path = str(script_path)
+
     # add execute permission to the ticketgen.sh script
     current_file_permissions = os.stat(ticketgen_script_path)
     os.chmod(
@@ -67,13 +95,34 @@ def generate_onboarding_token(private_key: str = None):
             '  private_key: "..."\n'
             '  public_key: "..."'
         )
+
+    script_cmd = f"{ticketgen_script_path}"
+
+    if use_ticketgen_with_quota:
+
+        from ocs_ci.ocs.ocp import OCP
+
+        sc_obj = OCP(
+            kind=constants.STORAGECLUSTER,
+            namespace=config.ENV_DATA["cluster_namespace"],
+        )
+        uid = sc_obj.get()["items"][0]["metadata"]["uid"]
+        script_cmd += f" -c {uid} "
+
+        if subject_role:
+            script_cmd += f" -r {subject_role}"
+        if storage_quota:
+            script_cmd += f" -q {storage_quota}"
+
     with NamedTemporaryFile(
         mode="w", prefix="private", suffix=".pem", delete=True
     ) as key_file:
         key_file.write(private_key)
         key_file.flush()
         logger.debug("Generate Onboarding token")
-        ticketgen_result = exec_cmd(f"{ticketgen_script_path} {key_file.name}")
+        script_cmd += f" {key_file.name}"
+        ticketgen_result = exec_cmd(script_cmd)
+
     ticketgen_output = ticketgen_result.stdout.decode()
     if ticketgen_result.stderr:
         raise CommandFailed(