MCE disconnected: adjust mce install step (#51286)

ci-operator/step-registry/hypershift/mce/install/disconnected/hypershift-mce-install-disconnected-commands.sh

@@ -11,42 +11,42 @@ scp "${SSHOPTS[@]}" "/etc/acm-d-mce-quay-pull-credentials/acm_d_mce_quay_pullsec
 scp "${SSHOPTS[@]}" "/etc/acm-d-mce-quay-pull-credentials/registry_quay.json" "root@${IP}:/home/registry_quay.json"
 scp "${SSHOPTS[@]}" "${CLUSTER_PROFILE_DIR}/pull-secret" "root@${IP}:/home/pull-secret"
 scp "${SSHOPTS[@]}" "/var/run/vault/mirror-registry/registry_brew.json" "root@${IP}:/home/registry_brew.json"
-echo "$MCE_INDEX_IMAGE" > /tmp/mce-index-image
-scp "${SSHOPTS[@]}" "/tmp/mce-index-image" "root@${IP}:/home/mce-index-image"
 
 # shellcheck disable=SC2087
-ssh "${SSHOPTS[@]}" "root@${IP}" bash - << EOF
+ssh "${SSHOPTS[@]}" "root@${IP}" bash -s -- "$MCE_VERSION" "$MCE_INDEX_IMAGE" << 'EOF' |& sed -e 's/.*auths\{0,1\}".*/*** PULL_SECRET ***/g'
+MCE_VERSION="${1}"
+MCE_INDEX_IMAGE="${2}"
+
 set -xeo pipefail
 
 echo "1. Get mirror registry"
-mirror_registry=\$(oc get imagecontentsourcepolicy -o json | jq -r '.items[].spec.repositoryDigestMirrors[0].mirrors[0]')
-mirror_registry=\${mirror_registry%%/*}
-if [[ \$mirror_registry == "" ]] ; then
+mirror_registry=$(oc get imagecontentsourcepolicy -o json | jq -r '.items[].spec.repositoryDigestMirrors[0].mirrors[0]')
+mirror_registry=${mirror_registry%%/*}
+if [[ $mirror_registry == "" ]] ; then
     echo "Warning: Can not find the mirror registry, abort !!!"
     exit 1
 fi
-echo "mirror registry is \${mirror_registry}"
+echo "mirror registry is ${mirror_registry}"
 
 echo "2: Set registry credentials"
 yum install -y skopeo
 oc -n openshift-config extract secret/pull-secret --to="/tmp" --confirm
 set +x
-mirror_token=\$(cat "/tmp/.dockerconfigjson" | jq -r --arg var1 "\${mirror_registry}" '.auths[\$var1]["auth"]'|base64 -d)
-skopeo login "\${mirror_registry}" -u "\${mirror_token%:*}" -p "\${mirror_token#*:}"
-BREW_USER=\$(cat "/home/registry_brew.json" | jq -r '.user')
-BREW_PASSWORD=\$(cat "/home/registry_brew.json" | jq -r '.password')
-skopeo login -u "\$BREW_USER" -p "\$BREW_PASSWORD" brew.registry.redhat.io
-ACM_D_QUAY_USER=\$(cat /home/acm_d_mce_quay_username)
-ACM_D_QUAY_PASSWORD=\$(cat /home/acm_d_mce_quay_pullsecret)
-skopeo login quay.io:443/acm-d -u "\${ACM_D_QUAY_USER}" -p "\${ACM_D_QUAY_PASSWORD}"
-REGISTRY_REDHAT_IO_USER=\$(cat /home/pull-secret | jq -r '.auths."registry.redhat.io".auth' | base64 -d | cut -d ':' -f 1)
-REGISTRY_REDHAT_IO_PASSWORD=\$(cat /home/pull-secret | jq -r '.auths."registry.redhat.io".auth' | base64 -d | cut -d ':' -f 2)
-skopeo login registry.redhat.io -u "\${REGISTRY_REDHAT_IO_USER}" -p "\${REGISTRY_REDHAT_IO_PASSWORD}"
+mirror_token=$(cat "/tmp/.dockerconfigjson" | jq -r --arg var1 "${mirror_registry}" '.auths[$var1]["auth"]'|base64 -d)
+skopeo login "${mirror_registry}" -u "${mirror_token%:*}" -p "${mirror_token#*:}"
+BREW_USER=$(cat "/home/registry_brew.json" | jq -r '.user')
+BREW_PASSWORD=$(cat "/home/registry_brew.json" | jq -r '.password')
+skopeo login -u "$BREW_USER" -p "$BREW_PASSWORD" brew.registry.redhat.io
+ACM_D_QUAY_USER=$(cat /home/acm_d_mce_quay_username)
+ACM_D_QUAY_PASSWORD=$(cat /home/acm_d_mce_quay_pullsecret)
+skopeo login quay.io:443/acm-d -u "${ACM_D_QUAY_USER}" -p "${ACM_D_QUAY_PASSWORD}"
+REGISTRY_REDHAT_IO_USER=$(cat /home/pull-secret | jq -r '.auths."registry.redhat.io".auth' | base64 -d | cut -d ':' -f 1)
+REGISTRY_REDHAT_IO_PASSWORD=$(cat /home/pull-secret | jq -r '.auths."registry.redhat.io".auth' | base64 -d | cut -d ':' -f 2)
+skopeo login registry.redhat.io -u "${REGISTRY_REDHAT_IO_USER}" -p "${REGISTRY_REDHAT_IO_PASSWORD}"
 set -x
 
-MCE_INDEX_IMAGE=\$(cat /home/mce-index-image)
-echo "3: skopeo copy docker://\${MCE_INDEX_IMAGE} oci:///home/mce-local-catalog --remove-signatures"
-skopeo copy "docker://\${MCE_INDEX_IMAGE}" "oci:///home/mce-local-catalog" --remove-signatures
+echo "3: skopeo copy docker://${MCE_INDEX_IMAGE} oci:///home/mce-local-catalog --remove-signatures"
+skopeo copy "docker://${MCE_INDEX_IMAGE}" "oci:///home/mce-local-catalog" --remove-signatures
 
 echo "4: get oc-mirror from stable clients"
 if [[ ! -f /home/oc-mirror ]]; then
@@ -55,10 +55,10 @@ if [[ ! -f /home/oc-mirror ]]; then
     # the oc-mirror lost rhel8 compatibility with OCP 4.15.3 release
     # choose the appropriate rhel8/rhel9 binary at runtime once available.
     # Now let's stick the the 4.14 binary as a temporary workaround
-    # CLIENTURL="\${MIRROR2URL}"/x86_64/clients/ocp/stable
-    CLIENTURL="\${MIRROR2URL}"/x86_64/clients/ocp/stable-4.14
+    # CLIENTURL="${MIRROR2URL}"/x86_64/clients/ocp/stable
+    CLIENTURL="${MIRROR2URL}"/x86_64/clients/ocp/stable-4.14
     ###
-    curl -s -k -L "\${CLIENTURL}/oc-mirror.tar.gz" -o om.tar.gz && tar -C /home -xzvf om.tar.gz && rm -f om.tar.gz
+    curl -s -k -L "${CLIENTURL}/oc-mirror.tar.gz" -o om.tar.gz && tar -C /home -xzvf om.tar.gz && rm -f om.tar.gz
     if ls /home/oc-mirror > /dev/null ; then
         chmod +x /home/oc-mirror
     else
@@ -68,8 +68,7 @@ if [[ ! -f /home/oc-mirror ]]; then
 fi
 /home/oc-mirror version
 
-echo "5. oc-mirror --config /home/imageset-config.yaml docker://\${mirror_registry} --oci-registries-config=/home/registry.conf --continue-on-error --skip-missing"
-catalog_image="acm-d/mce-custom-registry"
+echo "5. oc-mirror --config /home/imageset-config.yaml docker://${mirror_registry} --oci-registries-config=/home/registry.conf --continue-on-error --skip-missing"
 
 cat <<END |tee "/home/registry.conf"
 [[registry]]
@@ -120,16 +119,16 @@ apiVersion: mirror.openshift.io/v1alpha2
 mirror:
   operators:
   - catalog: "oci:///home/mce-local-catalog"
-    targetCatalog: \${catalog_image}
-    targetTag: "2.4"
+    targetCatalog: "acm-d/mce-custom-registry"
+    targetTag: "${MCE_VERSION}"
     packages:
     - name: multicluster-engine
 END
 
 pushd /home
-/home/oc-mirror --config "/home/imageset-config.yaml" docker://\${mirror_registry} --oci-registries-config="/home/registry.conf" --continue-on-error --skip-missing
-/home/oc-mirror --config "/home/imageset-config.yaml" docker://\${mirror_registry} --oci-registries-config="/home/registry.conf" --continue-on-error --skip-missing
-/home/oc-mirror --config "/home/imageset-config.yaml" docker://\${mirror_registry} --oci-registries-config="/home/registry.conf" --continue-on-error --skip-missing
+/home/oc-mirror --config "/home/imageset-config.yaml" docker://${mirror_registry} --oci-registries-config="/home/registry.conf" --continue-on-error --skip-missing
+/home/oc-mirror --config "/home/imageset-config.yaml" docker://${mirror_registry} --oci-registries-config="/home/registry.conf" --continue-on-error --skip-missing
+/home/oc-mirror --config "/home/imageset-config.yaml" docker://${mirror_registry} --oci-registries-config="/home/registry.conf" --continue-on-error --skip-missing
 popd
 
 echo "6. Create imageconentsourcepolicy and catalogsource"
@@ -141,16 +140,16 @@ metadata:
 spec:
   repositoryDigestMirrors:
   - mirrors:
-    - \${mirror_registry}/multicluster-engine
+    - ${mirror_registry}/multicluster-engine
     source: registry.redhat.io/rhacm2
   - mirrors:
-    - \${mirror_registry}/rh-osbs/multicluster-engine-mce-operator-bundle
+    - ${mirror_registry}/rh-osbs/multicluster-engine-mce-operator-bundle
     source: registry-proxy.engineering.redhat.com/rh-osbs/multicluster-engine-mce-operator-bundle
   - mirrors:
-    - \${mirror_registry}/rh-osbs/iib
+    - ${mirror_registry}/rh-osbs/iib
     source: registry-proxy.engineering.redhat.com/rh-osbs/iib
   - mirrors:
-    - \${mirror_registry}/multicluster-engine
+    - ${mirror_registry}/multicluster-engine
     source: registry.redhat.io/multicluster-engine
 END
 cat << END | oc apply -f -
@@ -160,7 +159,7 @@ metadata:
   name: cs-mce-custom-registry
   namespace: openshift-marketplace
 spec:
-  image: \${mirror_registry}/acm-d/mce-custom-registry:2.4
+  image: ${mirror_registry}/acm-d/mce-custom-registry:${MCE_VERSION}
   sourceType: grpc
 END
 echo "Waiting for the new ImageContentSourcePolicy to be updated on machines"
@@ -185,15 +184,15 @@ spec:
     - "multicluster-engine"
 END
 
-echo "* Applying SUBSCRIPTION_CHANNEL 2.4 to multiclusterengine-operator subscription"
+echo "* Applying SUBSCRIPTION_CHANNEL stable to multiclusterengine-operator subscription"
 oc apply -f - <<END
 apiVersion: operators.coreos.com/v1alpha1
 kind: Subscription
 metadata:
   name: multicluster-engine
   namespace: multicluster-engine
 spec:
-  channel: stable-2.4
+  channel: stable-${MCE_VERSION}
   installPlanApproval: Automatic
   name: multicluster-engine
   source: cs-mce-custom-registry
@@ -202,35 +201,35 @@ END
 
 CSVName=""
 for ((i=1; i<=60; i++)); do
-  output=\$(oc get sub multicluster-engine -n multicluster-engine -o jsonpath='{.status.currentCSV}' >> /dev/null && echo "exists" || echo "not found")
-  if [ "\$output" != "exists" ]; then
+  output=$(oc get sub multicluster-engine -n multicluster-engine -o jsonpath='{.status.currentCSV}' >> /dev/null && echo "exists" || echo "not found")
+  if [ "$output" != "exists" ]; then
     sleep 2
     continue
   fi
-  CSVName=\$(oc get sub -n multicluster-engine multicluster-engine -o jsonpath='{.status.currentCSV}')
-  if [ "\$CSVName" != "" ]; then
+  CSVName=$(oc get sub -n multicluster-engine multicluster-engine -o jsonpath='{.status.currentCSV}')
+  if [ "$CSVName" != "" ]; then
     break
   fi
   sleep 10
 done
 
 _apiReady=0
-echo "* Using CSV: \${CSVName}"
+echo "* Using CSV: ${CSVName}"
 for ((i=1; i<=20; i++)); do
   sleep 30
-  output=\$(oc get csv -n multicluster-engine \$CSVName -o jsonpath='{.status.phase}' >> /dev/null && echo "exists" || echo "not found")
-  if [ "\$output" != "exists" ]; then
+  output=$(oc get csv -n multicluster-engine $CSVName -o jsonpath='{.status.phase}' >> /dev/null && echo "exists" || echo "not found")
+  if [ "$output" != "exists" ]; then
     continue
   fi
-  phase=\$(oc get csv -n multicluster-engine \$CSVName -o jsonpath='{.status.phase}')
-  if [ "\$phase" == "Succeeded" ]; then
+  phase=$(oc get csv -n multicluster-engine $CSVName -o jsonpath='{.status.phase}')
+  if [ "$phase" == "Succeeded" ]; then
     _apiReady=1
     break
   fi
   echo "Waiting for CSV to be ready"
 done
 
-if [ \$_apiReady -eq 0 ]; then
+if [ $_apiReady -eq 0 ]; then
   echo "multiclusterengine subscription could not install in the allotted time."
   exit 1
 fi

ci-operator/step-registry/hypershift/mce/install/disconnected/hypershift-mce-install-disconnected-ref.yaml

@@ -8,6 +8,9 @@ ref:
   - name: MCE_INDEX_IMAGE
     default: "brew.registry.redhat.io/rh-osbs/iib:654348"
     documentation: "MCE Index Image, default: registry-proxy.engineering.redhat.com/rh-osbs/iib:654348"
+  - name: MCE_VERSION
+    default: "2.4"
+    documentation: "version of the mce.(2.4, 2.5, 2.6)"
   commands: hypershift-mce-install-disconnected-commands.sh
   resources:
     requests: