# What to do to have ephemeral HAC in openshift-ci? 1. Get cicd account for public graphql app-interface endpoint (https://gitlab.cee.redhat.com/service/app-interface#querying-the-app-interface) 2. Get bot account that can manage ephemeral envs on c-rh-c-eph.8p0c.p1.openshiftapps.com cluster (or reuse this one? https://gitlab.cee.redhat.com/service/app-interface/-/blob/master/data/teams/insights/bots/ephemeral-bot.yml) 3. Add necessary secrets to openshift-ci vault (creds to graphql, creds of the bot) 4. Implement automation syncing https://gitlab.cee.redhat.com/insights-platform/frontend-configs/ somewhere publicly (on github) 5. Install and configure bonfire (ideally as mage target in e2e-tests) * In order to be able to run bonfire without VPN one need to export QONTRACT env variables: ``` export QONTRACT_PASSWORD=<PASSWORD> export QONTRACT_USERNAME=<USERNAME> export QONTRACT_BASE_URL="https://app-interface.devshift.net/graphql" ``` and then edit bonfire config like this ``` $ cat ~/.config/bonfire/config.yaml # Bonfire deployment configuration # Defines where to fetch the file that defines application configs appsFile: host: gitlab repo: insights-platform/cicd-common path: bonfire_configs/ephemeral_apps.yaml # (optional) define any apps locally. An app defined here with <name> will override config for app # <name> in above fetched config. apps: - name: insights-ephemeral components: - name: frontend-configs host: github repo: <FORK>/frontend-configs path: deploy/deploy.yaml ``` 6. With changes from step 5. it should be possible to run (again as mage target in e2e-tests): ``` $ export NAMESPACE=$(bonfire namespace reserve) $ bonfire deploy hac --frontends true --source=appsre --clowd-env env-${NAMESPACE} --namespace=$NAMESPACE ``` which should deploy HAC in ephemeral env 7. Following steps should be according to: https://docs.google.com/document/d/1gLgr0sB2NM2aKr4oBi2703Q_r-CYG15OmSphH3dCPb4/edit