From 466ec5cd2e3b966ef15a604fccd914d06cdd909e Mon Sep 17 00:00:00 2001
From: tico88612 <17496418+tico88612@users.noreply.github.com>
Date: Sat, 13 Jul 2024 14:54:28 +0800
Subject: [PATCH] Feat: migrate external OCI CCM config check from OCI cloud
 provider

Signed-off-by: tico88612 <17496418+tico88612@users.noreply.github.com>
---
 .../oci/tasks/main.yml                        |  4 ++
 .../oci/tasks/oci-credential-check.yml        | 65 +++++++++++++++++++
 2 files changed, 69 insertions(+)
 create mode 100644 roles/kubernetes-apps/external_cloud_controller/oci/tasks/oci-credential-check.yml

diff --git a/roles/kubernetes-apps/external_cloud_controller/oci/tasks/main.yml b/roles/kubernetes-apps/external_cloud_controller/oci/tasks/main.yml
index 431404ae6a5..4f954596950 100644
--- a/roles/kubernetes-apps/external_cloud_controller/oci/tasks/main.yml
+++ b/roles/kubernetes-apps/external_cloud_controller/oci/tasks/main.yml
@@ -1,4 +1,8 @@
 ---
+- name: External OCI Cloud Controller Manager | Check OCI credentials
+  include_tasks: oci-credential-check.yml
+  tags: external-oci
+
 - name: External OCI Cloud Controller Manager | Get base64 cloud-config
   set_fact:
     external_oci_cloud_config_secret: "{{ lookup('template', 'external-oci-cloud-config.j2') | b64encode }}"
diff --git a/roles/kubernetes-apps/external_cloud_controller/oci/tasks/oci-credential-check.yml b/roles/kubernetes-apps/external_cloud_controller/oci/tasks/oci-credential-check.yml
new file mode 100644
index 00000000000..fd387d454cc
--- /dev/null
+++ b/roles/kubernetes-apps/external_cloud_controller/oci/tasks/oci-credential-check.yml
@@ -0,0 +1,65 @@
+---
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_auth_key"
+  fail:
+    msg: "external_oci_auth_key is missing"
+  when:
+    - not oci_use_instance_principals
+    - external_oci_auth_key is not defined or not external_oci_auth_key
+
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_auth_region"
+  fail:
+    msg: "external_oci_auth_region is missing"
+  when:
+    - not oci_use_instance_principals
+    - external_oci_auth_region is not defined or not external_oci_auth_region
+
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_auth_tenancy"
+  fail:
+    msg: "external_oci_auth_tenancy is missing"
+  when:
+    - not oci_use_instance_principals
+    - external_oci_auth_tenancy is not defined or not external_oci_auth_tenancy
+
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_auth_user"
+  fail:
+    msg: "external_oci_auth_user is missing"
+  when:
+    - not oci_use_instance_principals
+    - external_oci_auth_user is not defined or not external_oci_auth_user
+
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_auth_fingerprint"
+  fail:
+    msg: "external_oci_auth_fingerprint is missing"
+  when:
+    - not oci_use_instance_principals
+    - external_oci_auth_fingerprint is not defined or not external_oci_auth_fingerprint
+
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_compartment"
+  fail:
+    msg: "external_oci_compartment is missing. This is the compartment in which the cluster resides"
+  when:
+    - external_oci_compartment is not defined or not external_oci_compartment
+
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_vcn"
+  fail:
+    msg: "external_oci_vcn is missing. This is the Virtual Cloud Network in which the cluster resides"
+  when:
+    - external_oci_vcn is not defined or not external_oci_vcn
+
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_load_balancer_subnet1"
+  fail:
+    msg: "external_oci_load_balancer_subnet1 is missingg. This is the first subnet to which loadbalancers will be added"
+  when:
+    - external_oci_load_balancer_subnet1 is not defined or not external_oci_load_balancer_subnet1
+
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_load_balancer_subnet2"
+  fail:
+    msg: "external_oci_load_balancer_subnet2 is missing. Two subnets are required for load balancer high availability"
+  when:
+    - external_oci_load_balancer_subnet2 is not defined or not external_oci_load_balancer_subnet2
+
+- name: "External OCI Cloud Controller Manager | Credentials Check | external_oci_load_balancer_security_list_management_mode"
+  fail:
+    msg: "external_oci_load_balancer_security_list_management_mode is missing, or not defined correctly. Valid options are (All, Frontend, None)."
+  when:
+    - external_oci_load_balancer_security_list_management_mode is not defined or external_oci_load_balancer_security_list_management_mode not in ["All", "Frontend", "None"]