OCM-17876 | feat: IDMS support for ROSA-HCP

Author: davidleerh

cmd/create/cmd.go

@@ -29,6 +29,7 @@ import (
 	"github.com/openshift/rosa/cmd/create/externalauthprovider"
 	"github.com/openshift/rosa/cmd/create/iamserviceaccount"
 	"github.com/openshift/rosa/cmd/create/idp"
+	"github.com/openshift/rosa/cmd/create/imagemirror"
 	"github.com/openshift/rosa/cmd/create/kubeletconfig"
 	"github.com/openshift/rosa/cmd/create/machinepool"
 	"github.com/openshift/rosa/cmd/create/network"
@@ -71,6 +72,8 @@ func init() {
 	Cmd.AddCommand(autoscalerCommand)
 	kubeletConfig := kubeletconfig.NewCreateKubeletConfigCommand()
 	Cmd.AddCommand(kubeletConfig)
+	imageMirrorCommand := imagemirror.NewCreateImageMirrorCommand()
+	Cmd.AddCommand(imageMirrorCommand)
 	Cmd.AddCommand(externalauthprovider.Cmd)
 	Cmd.AddCommand(breakglasscredential.Cmd)
 	decisionCommand := decision.NewCreateDecisionCommand()

cmd/create/imagemirror/cmd.go

@@ -0,0 +1,127 @@
+/*
+Copyright (c) 2025 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package imagemirror
+
+import (
+	"context"
+	"fmt"
+
+	cmv1 "github.com/openshift-online/ocm-sdk-go/clustersmgmt/v1"
+	"github.com/spf13/cobra"
+
+	"github.com/openshift/rosa/pkg/arguments"
+	"github.com/openshift/rosa/pkg/ocm"
+	"github.com/openshift/rosa/pkg/rosa"
+)
+
+const (
+	use     = "image-mirror"
+	short   = "Create image mirror for a cluster"
+	long    = "Create an image mirror configuration for a Hosted Control Plane cluster. The image mirror ID will be auto-generated."
+	example = `  # Create an image mirror for cluster "mycluster"
+  rosa create image-mirror --cluster=mycluster \
+    --source=registry.example.com/team \
+    --mirrors=mirror.corp.com/team,backup.corp.com/team
+
+  # Create with a specific type (digest is default and only supported type)
+  rosa create image-mirror --cluster=mycluster \
+    --type=digest --source=docker.io/library \
+    --mirrors=internal-registry.company.com/dockerhub`
+)
+
+var (
+	aliases = []string{"image-mirrors"}
+)
+
+func NewCreateImageMirrorCommand() *cobra.Command {
+	options := NewCreateImageMirrorOptions()
+	cmd := &cobra.Command{
+		Use:     use,
+		Short:   short,
+		Long:    long,
+		Aliases: aliases,
+		Example: example,
+		Args:    cobra.NoArgs,
+		Run:     rosa.DefaultRunner(rosa.RuntimeWithOCM(), CreateImageMirrorRunner(options)),
+	}
+
+	flags := cmd.Flags()
+
+	flags.StringVar(
+		&options.Args().Type,
+		"type",
+		"digest",
+		"Type of image mirror (default: digest)",
+	)
+
+	flags.StringVar(
+		&options.Args().Source,
+		"source",
+		"",
+		"Source registry that will be mirrored (required)",
+	)
+
+	flags.StringSliceVar(
+		&options.Args().Mirrors,
+		"mirrors",
+		[]string{},
+		"List of mirror registries (comma-separated, required)",
+	)
+
+	_ = cmd.MarkFlagRequired("source")
+	_ = cmd.MarkFlagRequired("mirrors")
+
+	ocm.AddClusterFlag(cmd)
+	arguments.AddProfileFlag(cmd.Flags())
+	arguments.AddRegionFlag(cmd.Flags())
+	return cmd
+}
+
+func CreateImageMirrorRunner(options *CreateImageMirrorOptions) rosa.CommandRunner {
+	return func(_ context.Context, runtime *rosa.Runtime, cmd *cobra.Command, _ []string) error {
+		clusterKey := runtime.GetClusterKey()
+		args := options.Args()
+
+		cluster, err := runtime.OCMClient.GetCluster(clusterKey, runtime.Creator)
+		if err != nil {
+			return err
+		}
+		if cluster.State() != cmv1.ClusterStateReady {
+			return fmt.Errorf("Cluster '%s' is not ready. Image mirrors can only be created on ready clusters", clusterKey)
+		}
+
+		if !cluster.Hypershift().Enabled() {
+			return fmt.Errorf("Image mirrors are only supported on Hosted Control Plane clusters")
+		}
+
+		if len(args.Mirrors) == 0 {
+			return fmt.Errorf("At least one mirror registry must be specified")
+		}
+
+		createdMirror, err := runtime.OCMClient.CreateImageMirror(
+			cluster.ID(), args.Type, args.Source, args.Mirrors)
+		if err != nil {
+			return fmt.Errorf("Failed to create image mirror: %v", err)
+		}
+		runtime.Reporter.Infof("Image mirror with ID '%s' has been created on cluster '%s'",
+			createdMirror.ID(), clusterKey)
+		runtime.Reporter.Infof("Source: %s", createdMirror.Source())
+		runtime.Reporter.Infof("Mirrors: %v", createdMirror.Mirrors())
+
+		return nil
+	}
+}

cmd/create/imagemirror/cmd_test.go

@@ -0,0 +1,217 @@
+package imagemirror
+
+import (
+	"context"
+	"net/http"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	cmv1 "github.com/openshift-online/ocm-sdk-go/clustersmgmt/v1"
+	. "github.com/openshift-online/ocm-sdk-go/testing"
+
+	"github.com/openshift/rosa/pkg/test"
+)
+
+const (
+	clusterId = "24vf9iitg3p6tlml88iml6j6mu095mh8"
+)
+
+var _ = Describe("Create image mirror", func() {
+	Context("Create image mirror command", func() {
+		mockHCPClusterReady := test.MockCluster(func(c *cmv1.ClusterBuilder) {
+			c.AWS(cmv1.NewAWS().SubnetIDs("subnet-0b761d44d3d9a4663", "subnet-0f87f640e56934cbc"))
+			c.Region(cmv1.NewCloudRegion().ID("us-east-1"))
+			c.State(cmv1.ClusterStateReady)
+			c.Hypershift(cmv1.NewHypershift().Enabled(true))
+		})
+
+		mockClassicCluster := test.MockCluster(func(c *cmv1.ClusterBuilder) {
+			c.AWS(cmv1.NewAWS().SubnetIDs("subnet-0b761d44d3d9a4663", "subnet-0f87f640e56934cbc"))
+			c.Region(cmv1.NewCloudRegion().ID("us-east-1"))
+			c.State(cmv1.ClusterStateReady)
+			c.Hypershift(cmv1.NewHypershift().Enabled(false))
+		})
+
+		mockClusterNotReady := test.MockCluster(func(c *cmv1.ClusterBuilder) {
+			c.AWS(cmv1.NewAWS().SubnetIDs("subnet-0b761d44d3d9a4663", "subnet-0f87f640e56934cbc"))
+			c.Region(cmv1.NewCloudRegion().ID("us-east-1"))
+			c.State(cmv1.ClusterStateInstalling)
+			c.Hypershift(cmv1.NewHypershift().Enabled(true))
+		})
+
+		hcpClusterReady := test.FormatClusterList([]*cmv1.Cluster{mockHCPClusterReady})
+		classicClusterReady := test.FormatClusterList([]*cmv1.Cluster{mockClassicCluster})
+		clusterNotReady := test.FormatClusterList([]*cmv1.Cluster{mockClusterNotReady})
+
+		var t *test.TestingRuntime
+
+		BeforeEach(func() {
+			t = test.NewTestRuntime()
+		})
+
+		Context("Success scenarios", func() {
+			It("Creates image mirror successfully with all required parameters", func() {
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, hcpClusterReady))
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusCreated, formatCreatedImageMirror()))
+				options := NewCreateImageMirrorOptions()
+				options.Args().Source = "registry.redhat.io"
+				options.Args().Mirrors = []string{"mirror.example.com", "backup.example.com"}
+				runner := CreateImageMirrorRunner(options)
+				err := t.StdOutReader.Record()
+				Expect(err).ToNot(HaveOccurred())
+				cmd := NewCreateImageMirrorCommand()
+				err = cmd.Flag("cluster").Value.Set(clusterId)
+				Expect(err).ToNot(HaveOccurred())
+				err = runner(context.Background(), t.RosaRuntime, cmd, []string{})
+				Expect(err).ToNot(HaveOccurred())
+				stdout, err := t.StdOutReader.Read()
+				Expect(err).ToNot(HaveOccurred())
+				Expect(stdout).To(ContainSubstring("Image mirror with ID 'test-mirror-123' has been created on cluster"))
+				Expect(stdout).To(ContainSubstring("Source: registry.redhat.io"))
+				Expect(stdout).To(ContainSubstring("Mirrors: [mirror.example.com backup.example.com]"))
+			})
+
+			It("Creates image mirror with custom type", func() {
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, hcpClusterReady))
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusCreated, formatCreatedImageMirror()))
+				options := NewCreateImageMirrorOptions()
+				options.Args().Type = "digest"
+				options.Args().Source = "quay.io/openshift"
+				options.Args().Mirrors = []string{"internal.corp.com/openshift"}
+				runner := CreateImageMirrorRunner(options)
+				cmd := NewCreateImageMirrorCommand()
+				err := cmd.Flag("cluster").Value.Set(clusterId)
+				Expect(err).ToNot(HaveOccurred())
+				err = runner(context.Background(), t.RosaRuntime, cmd, []string{})
+				Expect(err).ToNot(HaveOccurred())
+			})
+
+			It("Creates image mirror with single mirror", func() {
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, hcpClusterReady))
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusCreated, formatCreatedImageMirror()))
+				options := NewCreateImageMirrorOptions()
+				options.Args().Source = "docker.io/library"
+				options.Args().Mirrors = []string{"mirror.company.com/dockerhub"}
+				runner := CreateImageMirrorRunner(options)
+				cmd := NewCreateImageMirrorCommand()
+				err := cmd.Flag("cluster").Value.Set(clusterId)
+				Expect(err).ToNot(HaveOccurred())
+				err = runner(context.Background(), t.RosaRuntime, cmd, []string{})
+				Expect(err).ToNot(HaveOccurred())
+			})
+		})
+
+		Context("Validation error scenarios", func() {
+			It("Returns error when cluster is not ready", func() {
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, clusterNotReady))
+				options := NewCreateImageMirrorOptions()
+				options.Args().Source = "registry.redhat.io"
+				options.Args().Mirrors = []string{"mirror.example.com"}
+				runner := CreateImageMirrorRunner(options)
+				cmd := NewCreateImageMirrorCommand()
+				err := cmd.Flag("cluster").Value.Set(clusterId)
+				Expect(err).ToNot(HaveOccurred())
+				err = runner(context.Background(), t.RosaRuntime, cmd, []string{})
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(ContainSubstring("is not ready. Image mirrors can only be created on ready clusters"))
+			})
+
+			It("Returns error when cluster is not Hosted Control Plane", func() {
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, classicClusterReady))
+				options := NewCreateImageMirrorOptions()
+				options.Args().Source = "registry.redhat.io"
+				options.Args().Mirrors = []string{"mirror.example.com"}
+				runner := CreateImageMirrorRunner(options)
+				cmd := NewCreateImageMirrorCommand()
+				err := cmd.Flag("cluster").Value.Set(clusterId)
+				Expect(err).ToNot(HaveOccurred())
+				err = runner(context.Background(), t.RosaRuntime, cmd, []string{})
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(ContainSubstring("Image mirrors are only supported on Hosted Control Plane clusters"))
+			})
+
+			It("Returns error when cluster fetch fails", func() {
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusNotFound, "{}"))
+				options := NewCreateImageMirrorOptions()
+				options.Args().Source = "registry.redhat.io"
+				options.Args().Mirrors = []string{"mirror.example.com"}
+				runner := CreateImageMirrorRunner(options)
+				cmd := NewCreateImageMirrorCommand()
+				err := cmd.Flag("cluster").Value.Set("nonexistent-cluster")
+				Expect(err).ToNot(HaveOccurred())
+				err = runner(context.Background(), t.RosaRuntime, cmd, []string{})
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(ContainSubstring("status is 404"))
+			})
+
+			It("Returns error when CreateImageMirror API call fails", func() {
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, hcpClusterReady))
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusInternalServerError, "{}"))
+				options := NewCreateImageMirrorOptions()
+				options.Args().Source = "registry.redhat.io"
+				options.Args().Mirrors = []string{"mirror.example.com"}
+				runner := CreateImageMirrorRunner(options)
+				cmd := NewCreateImageMirrorCommand()
+				err := cmd.Flag("cluster").Value.Set(clusterId)
+				Expect(err).ToNot(HaveOccurred())
+				err = runner(context.Background(), t.RosaRuntime, cmd, []string{})
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(ContainSubstring("Failed to create image mirror"))
+			})
+		})
+
+		Context("Runtime validation", func() {
+			It("Returns error when mirrors array is empty", func() {
+				// Test the runtime validation that checks if mirrors slice is empty
+				t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, hcpClusterReady))
+				options := NewCreateImageMirrorOptions()
+				options.Args().Source = "registry.redhat.io"
+				options.Args().Mirrors = []string{} // Empty array
+				runner := CreateImageMirrorRunner(options)
+				cmd := NewCreateImageMirrorCommand()
+				err := cmd.Flag("cluster").Value.Set(clusterId)
+				Expect(err).ToNot(HaveOccurred())
+				err = runner(context.Background(), t.RosaRuntime, cmd, []string{})
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(ContainSubstring("At least one mirror registry must be specified"))
+			})
+
+			It("Has default type as digest", func() {
+				cmd := NewCreateImageMirrorCommand()
+				typeFlag := cmd.Flag("type")
+				Expect(typeFlag.DefValue).To(Equal("digest"))
+			})
+		})
+
+		Context("Command structure", func() {
+			It("Has correct command properties", func() {
+				cmd := NewCreateImageMirrorCommand()
+				Expect(cmd.Use).To(Equal("image-mirror"))
+				Expect(cmd.Short).To(Equal("Create image mirror for a cluster"))
+				Expect(cmd.Aliases).To(ContainElement("image-mirrors"))
+				Expect(cmd.Args).ToNot(BeNil())
+			})
+
+			It("Has expected flags", func() {
+				cmd := NewCreateImageMirrorCommand()
+				flags := []string{"cluster", "type", "source", "mirrors", "profile", "region"}
+				for _, flagName := range flags {
+					flag := cmd.Flag(flagName)
+					Expect(flag).ToNot(BeNil(), "Flag %s should exist", flagName)
+				}
+			})
+		})
+	})
+})
+
+// formatCreatedImageMirror simulates the response from creating an image mirror
+func formatCreatedImageMirror() string {
+	imageMirror, err := cmv1.NewImageMirror().
+		ID("test-mirror-123").
+		Type("digest").
+		Source("registry.redhat.io").
+		Mirrors("mirror.example.com", "backup.example.com").
+		Build()
+	Expect(err).ToNot(HaveOccurred())
+	return test.FormatResource(imageMirror)
+}

cmd/create/imagemirror/imagemirror_suite_test.go

@@ -0,0 +1,13 @@
+package imagemirror
+
+import (
+	"testing"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+func TestImageMirror(t *testing.T) {
+	RegisterFailHandler(Fail)
+	RunSpecs(t, "Create ImageMirror suite")
+}