openshift · openshift-merge-bot · Apr 18, 2025 · Mar 17, 2025 · Apr 16, 2025 · Apr 15, 2025
diff --git a/pkg/asset/installconfig/azure/validation.go b/pkg/asset/installconfig/azure/validation.go
@@ -713,18 +713,15 @@ func validateResourceGroup(client API, fieldPath *field.Path, platform *aztypes.
 		allErrs = append(allErrs, field.Invalid(fieldPath.Child("resourceGroupName"), platform.ResourceGroupName, fmt.Sprintf("resource group has conflicting tags %s", strings.Join(conflictingTagKeys, ", "))))
 	}
 
-	// ARO provisions Azure resources before resolving the asset graph.
-	if !platform.IsARO() {
-		ids, err := client.ListResourceIDsByGroup(context.TODO(), platform.ResourceGroupName)
-		if err != nil {
-			return append(allErrs, field.InternalError(fieldPath.Child("resourceGroupName"), fmt.Errorf("failed to list resources in the resource group: %w", err)))
-		}
-		if l := len(ids); l > 0 {
-			if len(ids) > 2 {
-				ids = ids[:2]
-			}
-			allErrs = append(allErrs, field.Invalid(fieldPath.Child("resourceGroupName"), platform.ResourceGroupName, fmt.Sprintf("resource group must be empty but it has %d resources like %s ...", l, strings.Join(ids, ", "))))
+	ids, err := client.ListResourceIDsByGroup(context.TODO(), platform.ResourceGroupName)
+	if err != nil {
+		return append(allErrs, field.InternalError(fieldPath.Child("resourceGroupName"), fmt.Errorf("failed to list resources in the resource group: %w", err)))
+	}
+	if l := len(ids); l > 0 {
+		if len(ids) > 2 {
+			ids = ids[:2]
 		}
+		allErrs = append(allErrs, field.Invalid(fieldPath.Child("resourceGroupName"), platform.ResourceGroupName, fmt.Sprintf("resource group must be empty but it has %d resources like %s ...", l, strings.Join(ids, ", "))))
 	}
 	return allErrs
 }

diff --git a/pkg/asset/installconfig/azure/validation_test.go b/pkg/asset/installconfig/azure/validation_test.go
@@ -698,10 +698,7 @@ func Test_validateResourceGroup(t *testing.T) {
 		err:       `^\Qplatform.azure.resourceGroupName: Invalid value: "valid-resource-group-conf-tags": resource group has conflicting tags kubernetes.io_cluster.test-cluster-12345\E$`,
 	}, {
 		groupName: "valid-resource-group-with-resources",
-		// ARO provisions Azure resources before resolving the asset graph,
-		// so there will always be resources in its resource group.
-		wantSkip: (&azure.Platform{}).IsARO(),
-		err:      `^\Qplatform.azure.resourceGroupName: Invalid value: "valid-resource-group-with-resources": resource group must be empty but it has 3 resources like id1, id2 ...\E$`,
+		err:       `^\Qplatform.azure.resourceGroupName: Invalid value: "valid-resource-group-with-resources": resource group must be empty but it has 3 resources like id1, id2 ...\E$`,
 	}}
 
 	mockCtrl := gomock.NewController(t)

diff --git a/pkg/asset/installconfig/installconfig.go b/pkg/asset/installconfig/installconfig.go
@@ -180,11 +180,6 @@ func (a *InstallConfig) finish(ctx context.Context, filename string) error {
 // that have already been checked by validation.ValidateInstallConfig().
 func (a *InstallConfig) platformValidation(ctx context.Context) error {
 	if a.Config.Platform.Azure != nil {
-		if a.Config.Platform.Azure.IsARO() {
-			// ARO performs platform validation in the Resource Provider before
-			// the Installer is called
-			return nil
-		}
 		client, err := a.Azure.Client()
 		if err != nil {
 			return err

diff --git a/pkg/asset/manifests/cloudproviderconfig.go b/pkg/asset/manifests/cloudproviderconfig.go
@@ -152,7 +152,6 @@ func (cpc *CloudProviderConfig) Generate(ctx context.Context, dependencies asset
 			VirtualNetworkName:       vnet,
 			SubnetName:               subnet,
 			ResourceManagerEndpoint:  installConfig.Config.Azure.ARMEndpoint,
-			ARO:                      installConfig.Config.Azure.IsARO(),
 		}.JSON()
 		if err != nil {
 			return errors.Wrap(err, "could not create cloud provider config")

diff --git a/pkg/asset/manifests/openshift.go b/pkg/asset/manifests/openshift.go
@@ -280,37 +280,6 @@ func (o *Openshift) Generate(ctx context.Context, dependencies asset.Parents) er
 		assetData["99_baremetal-provisioning-config.yaml"] = applyTemplateData(baremetalConfig.Files()[0].Data, bmTemplateData)
 	}
 
-	if platform == azuretypes.Name && installConfig.Config.Azure.IsARO() && installConfig.Config.CredentialsMode != types.ManualCredentialsMode {
-		// config is used to created compatible secret to trigger azure cloud
-		// controller config merge behaviour
-		// https://github.com/openshift/origin/blob/90c050f5afb4c52ace82b15e126efe98fa798d88/vendor/k8s.io/legacy-cloud-providers/azure/azure_config.go#L83
-		session, err := installConfig.Azure.Session()
-		if err != nil {
-			return err
-		}
-		config := struct {
-			AADClientID     string `json:"aadClientId" yaml:"aadClientId"`
-			AADClientSecret string `json:"aadClientSecret" yaml:"aadClientSecret"`
-		}{
-			AADClientID:     session.Credentials.ClientID,
-			AADClientSecret: session.Credentials.ClientSecret,
-		}
-
-		b, err := yaml.Marshal(config)
-		if err != nil {
-			return err
-		}
-
-		azureCloudProviderSecret := &openshift.AzureCloudProviderSecret{}
-		dependencies.Get(azureCloudProviderSecret)
-		for _, f := range azureCloudProviderSecret.Files() {
-			name := strings.TrimSuffix(filepath.Base(f.Filename), ".template")
-			assetData[name] = applyTemplateData(f.Data, map[string]string{
-				"CloudConfig": string(b),
-			})
-		}
-	}
-
 	o.FileList = []*asset.File{}
 	for name, data := range assetData {
 		if len(data) == 0 {

diff --git a/pkg/types/azure/platform.go b/pkg/types/azure/platform.go
@@ -193,11 +193,6 @@ func (p *Platform) NetworkSecurityGroupName(infraID string) string {
 	return fmt.Sprintf("%s-nsg", infraID)
 }
 
-// IsARO returns true if ARO-only modifications are enabled
-func (p *Platform) IsARO() bool {
-	return aro
-}
-
 // GetStorageAccountName takes an infraID and generates a
 // storage account name, which can't be more than 24 characters.
 func GetStorageAccountName(infraID string) string {

diff --git a/pkg/types/azure/validation/platform.go b/pkg/types/azure/validation/platform.go
@@ -61,7 +61,7 @@ func ValidatePlatform(p *azure.Platform, publish types.PublishingStrategy, fldPa
 	if p.Region == "" {
 		allErrs = append(allErrs, field.Required(fldPath.Child("region"), "region should be set to one of the supported Azure regions"))
 	}
-	if !p.IsARO() && publish != types.InternalPublishingStrategy {
+	if publish != types.InternalPublishingStrategy {
 		if p.BaseDomainResourceGroupName == "" {
 			allErrs = append(allErrs, field.Required(fldPath.Child("baseDomainResourceGroupName"), "baseDomainResourceGroupName is the resource group name where the azure dns zone is deployed"))
 		}

diff --git a/pkg/types/azure/validation/platform_test.go b/pkg/types/azure/validation/platform_test.go
@@ -58,31 +58,13 @@ func TestValidatePlatform(t *testing.T) {
 		},
 		{
 			name: "invalid baseDomainResourceGroupName",
-			wantSkip: func(p *azure.Platform) bool {
-				// This test case doesn't apply to ARO
-				// so we want to skip it when run tests for ARO build
-				return p.IsARO()
-			},
 			platform: func() *azure.Platform {
 				p := validPlatform()
 				p.BaseDomainResourceGroupName = ""
 				return p
 			}(),
 			expected: `^test-path\.baseDomainResourceGroupName: Required value: baseDomainResourceGroupName is the resource group name where the azure dns zone is deployed$`,
 		},
-		{
-			name: "do not require baseDomainResourceGroupName on ARO",
-			wantSkip: func(p *azure.Platform) bool {
-				// This is a ARO-specific test case
-				// so want to skip when running non-ARO builds
-				return !p.IsARO()
-			},
-			platform: func() *azure.Platform {
-				p := validPlatform()
-				p.BaseDomainResourceGroupName = ""
-				return p
-			}(),
-		},
 		{
 			name:     "minimal",
 			platform: validPlatform(),