Uploaded image for project: 'OpenShift Installer'
  1. OpenShift Installer
  2. CORS-2039

[GCP] Skip creating firewall rules when networkProjectID is configured

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • None
    • None
    • Sprint 223

      User Story:

      As a user, I want to be able to:

      • Skip creating the firewall rules when installing into a Shared VPC, as defined by the networkProjectID variable being set to a non empty string.

      so that I can achieve

      • Creating an IPI cluster using a Shared VPC with insufficient permissions to create Firewall Rules in the Host Project.

      Acceptance Criteria:

      Description of criteria:

      • A new parameter is added to the install config to designate when to (skip) creat(ing) firewall rules.
      • The Terraform firewall rule resources are skipped (count=0) when this parameter is configured.

      (optional) Out of Scope:

      Handling the ingress firewall rules are out of scope of this story. Of note, the ingress controller will manage them if the associated service account has proper permissions; and it will fail gracefully if it does not. As a result, there isn't any further expectations for this in any card.

      Validating that preexisting firewall rules are sufficient to install a cluster are beyond the scope of this story.

      Engineering Details:

              rh-ee-bbarbach Brent Barbachem
              jstuever@redhat.com Jeremiah Stuever
              None
              None
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: