[minor] support new AI Service tenant operator

instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml

@@ -1,3 +1,4 @@
+{{- if hasPrefix "9.1." .Values.aiservice_channel }}
 ---
 apiVersion: v1
 kind: Secret
@@ -8,4 +9,5 @@ metadata:
     argocd.argoproj.io/sync-wave: "141"
 type: Opaque
 data:
-  SLS_REGISTRATION_KEY: {{ .Values.slscfg_registration_key | default "" | toString | b64enc | quote }}
+  SLS_REGISTRATION_KEY: {{ .Values.slscfg_registration_key | default "" | toString | b64enc | quote }}
+{{- end}}

instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml

@@ -3,7 +3,11 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: "{{ .Values.tenantNamespace }}----sls-secret"
+  {{- if hasPrefix "9.1." .Values.aiservice_channel }}
   namespace: "{{ .Values.aiservice_namespace }}"
+  {{- else }}
+  namespace: "{{ .Values.tenantNamespace }}"
+  {{- end }}
   annotations:
     argocd.argoproj.io/sync-wave: "301"
   labels:

instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-tenant-operator-subscription.yaml

@@ -0,0 +1,30 @@
+{{- if (not (hasPrefix "9.1." .Values.aiservice_channel)) }}
+---
+apiVersion: operators.coreos.com/v1
+kind: OperatorGroup
+metadata:
+  name: "{{ .Values.tenantNamespace }}"
+  namespace: "{{ .Values.tenantNamespace }}"
+  annotations:
+    argocd.argoproj.io/sync-wave: "306"
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+spec:
+  targetNamespaces:
+    - "{{ .Values.tenantNamespace }}"
+
+---
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: ibm-aiservice-tenant
+  namespace: "{{ .Values.tenantNamespace }}"
+  annotations:
+    argocd.argoproj.io/sync-wave: "306"
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+spec:
+  channel: "{{ .Values.aiservice_channel }}"
+  installPlanApproval: Automatic
+  name: ibm-aiservice-tenant
+  source: "{{ .Values.mas_catalog_source }}"
+  sourceNamespace: openshift-marketplace
+{{- end }}

instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml

@@ -3,7 +3,11 @@ apiVersion: aiservice.ibm.com/v1
 kind: AIServiceTenant
 metadata:
   name: "{{ .Values.tenantNamespace }}"
+  {{- if hasPrefix "9.1." .Values.aiservice_channel }}
   namespace: "{{ .Values.aiservice_namespace }}"
+  {{- else }}
+  namespace: "{{ .Values.tenantNamespace }}"
+  {{- end }}
   annotations:
     argocd.argoproj.io/sync-wave: "307"
     ansible.sdk.operatorframework.io/verbosity: "{{ .Values.aiservice_operator_log_level }}"
@@ -43,4 +47,4 @@ spec:
       entitlement:
           type: "{{ .Values.tenant_entitlement_type }}"
           startDate: "{{ .Values.tenant_entitlement_start_date }}"
-          endDate: "{{ .Values.tenant_entitlement_end_date }}"
+          endDate: "{{ .Values.tenant_entitlement_end_date }}"

instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml

@@ -37,21 +37,32 @@ where multiple Jobs are created in our templates using a Helm loop. In those cas
 must be added to $_job_cleanup_group.By convention, we sha1sum this value to guarantee we never exceed the 63 char limit regardless of which discriminators
 are required here.*/}}
 {{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }}
+
+{{- $_namespace := .Values.tenantNamespace }}
+{{- if hasPrefix "9.1." .Values.aiservice_channel }}
+  {{- $_namespace = .Values.aiservice_namespace }}
+{{- end }}
+
+{{- $_name_suffix := "" }}
+{{- if hasPrefix "9.1." .Values.aiservice_channel }}
+  {{- $_name_suffix = printf "-%s" .Values.tenantNamespace }}
+{{- end }}
+
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: postsync-manage-aiservice-job-{{ .Values.tenantNamespace }}
-  namespace: "{{ .Values.aiservice_namespace }}"
+  name: "postsync-manage-aiservice-job{{ $_name_suffix }}"
+  namespace: "{{ $_namespace }}"
   annotations:
     argocd.argoproj.io/sync-wave: "309"
 
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: postsync-manage-aiservice-job-role-{{ .Values.tenantNamespace }}
-  namespace: "{{ .Values.aiservice_namespace }}"
+  name: "postsync-manage-aiservice-job-role{{ $_name_suffix }}"
+  namespace: "{{ $_namespace }}"
   annotations:
     argocd.argoproj.io/sync-wave: "310"
 rules:
@@ -62,24 +73,24 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: postsync-manage-aiservice-job-rolebinding-{{ .Values.tenantNamespace }}
-  namespace: "{{ .Values.aiservice_namespace }}"
+  name: "postsync-manage-aiservice-job-rolebinding{{ $_name_suffix }}"
+  namespace: "{{ $_namespace }}"
   annotations:
     argocd.argoproj.io/sync-wave: "311"
 subjects:
   - kind: ServiceAccount
-    name: postsync-manage-aiservice-job-{{ .Values.tenantNamespace }}
-    namespace: "{{ .Values.aiservice_namespace }}"
+    name: "postsync-manage-aiservice-job{{ $_name_suffix }}"
+    namespace: "{{ $_namespace }}"
 roleRef:
   kind: Role
-  name: postsync-manage-aiservice-job-role-{{ .Values.tenantNamespace }}
+  name: "postsync-manage-aiservice-job-role{{ $_name_suffix }}"
   apiGroup: rbac.authorization.k8s.io
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-  name: allow-postsync-manage-ai-tenant-job-{{ .Values.tenantNamespace }}
-  namespace: "{{ .Values.aiservice_namespace }}"
+  name: "allow-postsync-manage-ai-tenant-job{{ $_name_suffix }}"
+  namespace: "{{ $_namespace }}"
   annotations:
     argocd.argoproj.io/sync-wave: "312"
 spec:
@@ -95,7 +106,7 @@ apiVersion: batch/v1
 kind: Job
 metadata:
   name: {{ $_job_name }}
-  namespace: "{{ .Values.aiservice_namespace }}"
+  namespace: "{{ $_namespace }}"
   annotations:
     argocd.argoproj.io/sync-wave: "313"
     argocd.argoproj.io/hook: PostSync
@@ -106,6 +117,7 @@ metadata:
 {{ .Values.custom_labels | toYaml | indent 4 }}
 {{- end }}
 spec:
+  backoffLimit: 0
   template:
     metadata:
       labels:
@@ -114,7 +126,7 @@ spec:
 {{ .Values.custom_labels | toYaml | indent 8 }}
 {{- end }}
     spec:
-      serviceAccountName: postsync-manage-aiservice-job-{{ .Values.tenantNamespace }}
+      serviceAccountName: "postsync-manage-aiservice-job{{ $_name_suffix }}"
       restartPolicy: Never
       containers:
         - name: postsync-manage-aiservice-run
@@ -139,6 +151,8 @@ spec:
               value: "{{ .Values.aiservice_s3_secretkey }}"
             - name: AVP_TYPE
               value: "aws"
+            - name: TARGET_NAMESPACE
+              value: "{{ $_namespace }}"
           command:
             - /bin/sh
             - -c
@@ -157,7 +171,7 @@ spec:
               echo "Retrieve AIBroker API Key for tenant: ${AISERVICE_TENANT}"
               echo "================================================================================"
 
-              AISERVICE_APIKEY_SECRET=$(oc get secret ${AISERVICE_TENANT}----apikey-secret -n aiservice-${AISERVICE_INSTANCE_ID} -o jsonpath="{.data.AIBROKER_APIKEY}" | base64 --decode)
+              AISERVICE_APIKEY_SECRET=$(oc get secret ${AISERVICE_TENANT}----apikey-secret -n ${TARGET_NAMESPACE} -o jsonpath="{.data.AIBROKER_APIKEY}" | base64 --decode)
               if [ -z "$AISERVICE_APIKEY_SECRET" ]; then
                 echo "AISERVICE_APIKEY_SECRET is empty"
                 exit 1
@@ -182,11 +196,4 @@ spec:
               sm_update_secret "${SECRET_NAME_AISERVICE}" \
                 "{\"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\"}" \
                 "${TAGS}" || exit $?
-              exit 0
-      volumes:
-        - name: postsync-manage-aiservice-{{ .Values.tenantNamespace }}
-          secret:
-            secretName: postsync-manage-aiservice-{{ .Values.tenantNamespace }}
-            defaultMode: 420
-            optional: false
-    backoffLimit: 0
+              exit 0

root-applications/ibm-aiservice-instance-root/values.yaml

@@ -193,7 +193,7 @@ ibm_aiservice:
   mas_aiservice_storage_host: "true"
   mas_aiservice_storage_port: "true"
 
-  # SLS
+ # SLS
   mas_aiservice_sls_registration_key_secret: "sls-registration-key"
 
   mas_aiservice_db_host: "mas_aiservice_db_host"

root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml

@@ -25,7 +25,11 @@ spec:
   project: "{{ .Values.argo.projects.apps }}"
   destination:
     server: {{ .Values.cluster.url }}
-    namespace: "{{ .Values.ibm_aiservice_tenant.aiservice_namespace }}"
+    {{- if hasPrefix "9.1." .Values.ibm_aiservice_tenant.aiservice_channel }}
+    namespace: "{{ .Values.aiservice_namespace }}"
+    {{- else }}
+    namespace: "{{ .Values.tenantNamespace }}"
+    {{- end }}
   source:
     repoURL: "{{ .Values.source.repo_url }}"
     path: instance-applications/115-ibm-aiservice-tenant
@@ -35,12 +39,17 @@ spec:
       env:
         - name: {{ .Values.avp.values_varname }}
           value: |
+            mas_catalog_source: "{{ .Values.ibm_aiservice_tenant.mas_catalog_source }}"
+
             tenant_id: "{{ .Values.ibm_aiservice_tenant.tenant_id }}"
             aiservice_instance_id: "{{ .Values.ibm_aiservice_tenant.aiservice_instance_id }}"
             aiservice_namespace: "{{ .Values.ibm_aiservice_tenant.aiservice_namespace }}"
+            aiservice_channel: "{{ .Values.ibm_aiservice_tenant.aiservice_channel }}"
+
             account_id: "{{ .Values.account.id }}"
             region_id: "{{ .Values.region.id }}"
             cluster_id: "{{ .Values.cluster.id }}"
+
             # SAAS
             aiservice_saas_apikey: "{{ .Values.ibm_aiservice_tenant.aiservice_saas_apikey }}"
             mas_aiservice_saas: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_saas }}"

root-applications/ibm-aiservice-tenant-root/values.yaml

@@ -190,9 +190,6 @@ ibm_aiservice:
   mas_aiservice_storage_host: "true"
   mas_aiservice_storage_port: "true"
 
-  # SLS
-  mas_aiservice_sls_registration_key_secret: "sls-registration-key"
-
   mas_aiservice_db_host: "mas_aiservice_db_host"
   mas_aiservice_db_port: "mas_aiservice_db_port"
   mas_aiservice_db_secret_name: "mas_aiservice_db_secret_name"
@@ -300,7 +297,6 @@ ibm_aiservice_tenant:
   mas_aiservice_watsonxai_project_id: MAS_AISERVICE_WATSONXAI_PROJECT_ID 
 
   # SLS
-  #mas_aiservice_sls_registration_key_secret: "sls-registration-key"
   mas_aiservice_sls_subscription_id: "001"
 
   # S3