commit bccfe4b1ff20c708ce4d83aed84354e519f7406a
Author: Stanislav Egorov <segorov@mirantis.com>
Date:   Wed Sep 23 15:25:52 2020 -0700

    Use proxy settings from env vars
    
    For the labs behind the corporate proxy we need to define proxy settings as env vars.
    Inside Ironic pod there is init-bootstrap container which is using curl with external
    URLs. This change introduces the env vars for proxy in the ConfigMap mounted to all
    Ironic containers in the pod. Also Ephemeral Secret now has an option to use proxy.
    
    Relates-To: #355
    
    Change-Id: I4f1c61c8381d57e4ad8adc063434468fdfa0e959

diff --git a/manifests/function/airshipctl-catalogues/env-vars-template.yaml b/manifests/function/airshipctl-catalogues/env-vars-template.yaml
new file mode 100644
index 0000000..2a8bdf1
--- /dev/null
+++ b/manifests/function/airshipctl-catalogues/env-vars-template.yaml
@@ -0,0 +1,21 @@
+apiVersion: airshipit.org/v1alpha1
+kind: Templater
+metadata:
+  name: env-vars-template
+  labels:
+    airshipit.org/deploy-k8s: "false"
+template: |
+  ---
+  apiVersion: airshipit.org/v1alpha1
+  kind: VariableCatalogue
+  metadata:
+    labels:
+      airshipit.org/deploy-k8s: "false"
+    name: env-vars-catalogue
+  env:
+    HTTP_PROXY: '{{ env "HTTP_PROXY" }}'
+    HTTPS_PROXY: '{{ env "HTTPS_PROXY" }}'
+    http_proxy: '{{ env "http_proxy" }}'
+    https_proxy: '{{ env "https_proxy" }}'
+    NO_PROXY: '{{ env "NO_PROXY" }}'
+    no_proxy: '{{ env "no_proxy" }}'
diff --git a/manifests/function/airshipctl-catalogues/kustomization.yaml b/manifests/function/airshipctl-catalogues/kustomization.yaml
index d001d35..e695dd8 100644
--- a/manifests/function/airshipctl-catalogues/kustomization.yaml
+++ b/manifests/function/airshipctl-catalogues/kustomization.yaml
@@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - versions-airshipctl.yaml
+  - env-vars-template.yaml
diff --git a/manifests/function/baremetal-operator/ironic-vars.yaml b/manifests/function/baremetal-operator/ironic-vars.yaml
index 606fe11..af9b884 100644
--- a/manifests/function/baremetal-operator/ironic-vars.yaml
+++ b/manifests/function/baremetal-operator/ironic-vars.yaml
@@ -5,6 +5,12 @@ metadata:
   labels:
   name: ironic-vars
 data:
+  HTTP_PROXY: ""
+  HTTPS_PROXY: ""
+  http_proxy: ""
+  https_proxy: ""
+  NO_PROXY: ""
+  no_proxy: ""
   PROVISIONING_IP: "192.168.10.100"
   DHCP_RANGE: "192.168.10.200,192.168.10.250"
   PROVISIONING_INTERFACE: "pxe"
diff --git a/manifests/function/baremetal-operator/replacements/ironic-env-vars.yaml b/manifests/function/baremetal-operator/replacements/ironic-env-vars.yaml
new file mode 100644
index 0000000..594bc7f
--- /dev/null
+++ b/manifests/function/baremetal-operator/replacements/ironic-env-vars.yaml
@@ -0,0 +1,61 @@
+# These rules inject env vars into the baremetal-operator function.
+apiVersion: airshipit.org/v1alpha1
+kind: ReplacementTransformer
+metadata:
+  name: baremetal-operator-env-vars-replacements
+replacements:
+# Replace the proxy vars
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTP_PROXY
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.HTTP_PROXY"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTPS_PROXY
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.HTTPS_PROXY"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.http_proxy
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.http_proxy"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.https_proxy
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.https_proxy"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.NO_PROXY
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.NO_PROXY"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.no_proxy
+  target:
+    objref:
+      kind: ConfigMap
+      name: ironic-vars
+    fieldrefs: ["data.no_proxy"]
diff --git a/manifests/function/baremetal-operator/replacements/kustomization.yaml b/manifests/function/baremetal-operator/replacements/kustomization.yaml
index 1d43ee1..8eb4aed 100644
--- a/manifests/function/baremetal-operator/replacements/kustomization.yaml
+++ b/manifests/function/baremetal-operator/replacements/kustomization.yaml
@@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - versions.yaml
+  - ironic-env-vars.yaml
diff --git a/manifests/function/ephemeral/replacements/ephemeral-env-vars.yaml b/manifests/function/ephemeral/replacements/ephemeral-env-vars.yaml
new file mode 100644
index 0000000..83dcdc5
--- /dev/null
+++ b/manifests/function/ephemeral/replacements/ephemeral-env-vars.yaml
@@ -0,0 +1,34 @@
+# These rules inject env vars into the ephemeral function.
+apiVersion: airshipit.org/v1alpha1
+kind: ReplacementTransformer
+metadata:
+  name: ephemeral-env-vars-replacements
+replacements:
+# Replace the proxy vars
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTP_PROXY
+  target:
+    objref:
+      kind: Secret
+      name: ephemeral-bmc-secret
+    fieldrefs: ["stringData.userData%REPLACEMENT_HTTP_PROXY%"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTPS_PROXY
+  target:
+    objref:
+      kind: Secret
+      name: ephemeral-bmc-secret
+    fieldrefs: ["stringData.userData%REPLACEMENT_HTTPS_PROXY%"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.NO_PROXY
+  target:
+    objref:
+      kind: Secret
+      name: ephemeral-bmc-secret
+    fieldrefs: ["stringData.userData%REPLACEMENT_NO_PROXY%"]
diff --git a/manifests/function/ephemeral/replacements/kustomization.yaml b/manifests/function/ephemeral/replacements/kustomization.yaml
new file mode 100644
index 0000000..85d5459
--- /dev/null
+++ b/manifests/function/ephemeral/replacements/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ephemeral-env-vars.yaml
diff --git a/manifests/function/ephemeral/secret.yaml b/manifests/function/ephemeral/secret.yaml
index 5e670e6..389ec73 100644
--- a/manifests/function/ephemeral/secret.yaml
+++ b/manifests/function/ephemeral/secret.yaml
@@ -4,7 +4,7 @@ metadata:
   labels:
     airshipit.org/ephemeral-user-data: "true"
     airshipit.org/deploy-k8s: "false"
-  name: node1-bmc-secret
+  name: ephemeral-bmc-secret
 type: Opaque
 stringData:
   userData: |
@@ -28,6 +28,12 @@ stringData:
       EOF
     - sysctl --system
     - swapoff -a
+    - export HTTP_PROXY=REPLACEMENT_HTTP_PROXY
+    - export HTTPS_PROXY=REPLACEMENT_HTTPS_PROXY
+    - export http_proxy=${HTTP_PROXY}
+    - export https_proxy=${HTTPS_PROXY}
+    - export NO_PROXY=REPLACEMENT_NO_PROXY
+    - export no_proxy=${NO_PROXY}
     - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
     - curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
     - echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee -a /etc/apt/sources.list
@@ -40,9 +46,18 @@ stringData:
         containerd.io
     - apt install -y kubelet=1.18.6-00 kubeadm=1.18.6-00 kubectl=1.18.6-00
     - apt-mark hold docker-ce docker-ce-cli containerd.io kubelet kubeadm kubectl
+    - unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY
     - kubeadm init --config /tmp/kubeadm.yaml
     - mkdir -p /opt/metal3-dev-env/ironic/html/images
     write_files:
+    - path: /etc/systemd/system/docker.service.d/http-proxy.conf
+      permissions: '0644'
+      owner: root:root
+      content: |
+        [Service]
+        Environment="HTTP_PROXY=REPLACEMENT_HTTP_PROXY"
+        Environment="HTTPS_PROXY=REPLACEMENT_HTTPS_PROXY"
+        Environment="NO_PROXY=REPLACEMENT_NO_PROXY"
     - content: |
         apiVersion: v1
         clusters:
diff --git a/manifests/site/test-site/ephemeral/bootstrap/kustomization.yaml b/manifests/site/test-site/ephemeral/bootstrap/kustomization.yaml
index 1fee0e7..56617ff 100644
--- a/manifests/site/test-site/ephemeral/bootstrap/kustomization.yaml
+++ b/manifests/site/test-site/ephemeral/bootstrap/kustomization.yaml
@@ -2,9 +2,14 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - ../../../../type/gating
+  - ../../../../function/airshipctl-catalogues
 
 generators:
   - hostgenerator
+  - ../../../../function/airshipctl-catalogues
 
 patchesStrategicMerge:
   - baremetalhost.yaml
+
+transformers:
+  - ../../../../function/ephemeral/replacements
diff --git a/manifests/site/test-site/ephemeral/controlplane/kustomization.yaml b/manifests/site/test-site/ephemeral/controlplane/kustomization.yaml
index 8d764e5..cd2a306 100644
--- a/manifests/site/test-site/ephemeral/controlplane/kustomization.yaml
+++ b/manifests/site/test-site/ephemeral/controlplane/kustomization.yaml
@@ -6,7 +6,12 @@ resources:
   - nodes
   - ../../../../function/airshipctl-catalogues
   - ../../../../function/k8scontrol
+
 patchesStrategicMerge:
   - versions-catalogue-patch.yaml
+
+generators:
+  - ../../../../function/airshipctl-catalogues
+
 transformers:
   - ../../../../function/k8scontrol/replacements
diff --git a/manifests/site/test-site/ephemeral/initinfra/kustomization.yaml b/manifests/site/test-site/ephemeral/initinfra/kustomization.yaml
index 123b2ef..2c9283c 100644
--- a/manifests/site/test-site/ephemeral/initinfra/kustomization.yaml
+++ b/manifests/site/test-site/ephemeral/initinfra/kustomization.yaml
@@ -3,9 +3,15 @@ resources:
   - ../../../../function/clusterctl
   - ../../../../function/airshipctl-catalogues
   - ../../../../function/baremetal-operator
+
 patchesStrategicMerge:
   - patch_bmo_config.yaml
+
 commonLabels:
   airshipit.org/stage: initinfra
+
+generators:
+  - ../../../../function/airshipctl-catalogues
+
 transformers:
   - ../../../../function/baremetal-operator/replacements
diff --git a/manifests/site/test-site/target/controlplane/kustomization.yaml b/manifests/site/test-site/target/controlplane/kustomization.yaml
index b316d30..60dcec7 100644
--- a/manifests/site/test-site/target/controlplane/kustomization.yaml
+++ b/manifests/site/test-site/target/controlplane/kustomization.yaml
@@ -5,7 +5,12 @@ resources:
   # otherwise nodes will hang in 'registering' state for quite a long time
   - nodes
   - ../../../../function/k8scontrol
+
 patchesStrategicMerge:
   - control-machine-template-patch.yaml
+
 commonLabels:
   airshipit.org/stage: initinfra
+
+generators:
+  - ../../../../function/airshipctl-catalogues
diff --git a/manifests/site/test-site/target/initinfra/kustomization.yaml b/manifests/site/test-site/target/initinfra/kustomization.yaml
index 8c9838c..cffdac2 100644
--- a/manifests/site/test-site/target/initinfra/kustomization.yaml
+++ b/manifests/site/test-site/target/initinfra/kustomization.yaml
@@ -4,9 +4,15 @@ resources:
   - ../../../../function/airshipctl-catalogues
   - ../../../../function/baremetal-operator
   - ../../../../function/helm-operator
+
 patchesStrategicMerge:
   - patch_bmo_config.yaml
+
 commonLabels:
   airshipit.org/stage: initinfra
+
+generators:
+  - ../../../../function/airshipctl-catalogues
+
 transformers:
   - ../../../../function/baremetal-operator/replacements