# Edge Clusterctl Pallet

Since this pallet contains GCP infra, split scheduling is recommended. Read the documentation on [Applying Pallet Packages](https://docs.edge-infra.dev/foundation/manifest-scheduling/pallets/developing-pkgs/applying/) to learn about split scheduling and its prerequisites. Also, getting/having access to a GCP development sandbox is required.

## Environment Setup

Create an .env file with the following variables:
```dotenv
# gke, sds, or generic. use "generic" for any K8s cluster that isn't GKE or 
# SDS.
export CLUSTER_PROVIDER=
# uuid is necessary for generating a cluster_hash, existing resources should
# have this in their annotations already but one can be created by using
# uuidgen
export CLUSTER_UUID=
# google cloud project id
export GCP_PROJECT_ID=
# defaults to us and east1-b, otherwise needs to be valid GCP value
export GCP_REGION=
export GCP_ZONE=
# set to same value as gcp project ID when developing within a single
# project.
export FOREMAN_GCP_PROJECT_ID=
# enables split scheduling
export INFRA=true
# name of the kubeconfig context to use to schedule infra objects; 
# default behavior is to apply all objects to the same K8s context
export INFRA_CONTEXT=
# target namespace for all applied infrastructure resources, including 
# dependencies; the namespace is created if it does not already exist.
export INFRA_NAMESPACE=
```

## Applying the Pallet

The `clusterctl` pallet requires the `edge-backend-launch-darkly-sdk-key` and `edge-backend-totp-secret` to exist on the cluster it is being applied to. Check out the [Create Secret Manager Secrets](https://docs.edge-infra.dev/edge/operations/bootstrapping/#create-secret-manager-secrets) section of the Bootstrapping docs for more information.

Tips for applying:
- The `key.json` can be created by going to the GCP console for your sandbox project, finding the IAM service account for kcc and adding a key in the `key` section of the service account
- If you are using a `kind` cluster, you can reset it with:
```
just hack/kind/reset
```
Then, run these commands on the non-infra cluster:
```shell
source .env

lift apply \
  --domain= \
  --env-folder-id= \
  config/pallets/edge/clusterctl
```

*Note:* Some IAM policy members may not have the permissions required to be configured correctly depending on where the infra for the pallet is applied. The `deployment` should still run even if this issue arises

> If an error similar to this is returned: `dry-run failed, error: failed to create typed patch object: .data.ENV_FOLDER_ID: expected string, got &value.valueUnstructured{Value:<your_id>}`, then wrap the env-folder-id value with double & single quotes (e.g. '"0123456789"') and apply the pallet again

## Rendering Parameters

Check the `clusterctl`'s IAM policy members in `config/pallets/edge/clusterctl/gcpinfra/manifests.yaml` for more context on where most of these rendering parameters are being used. All gcp id's were taken from the GCP console (click select a project -> click `ALL` tab -> expand the `preprod` folder -> explore this directory).

| Rendering Parameter | Description                                         | Example             |
|---------------------|-----------------------------------------------------|---------------------|
| domain              | domain id for the instance                          | edge-preprod.dev    |
| env-folder-id       | gcp folder id for the instance's environment folder | 869642396943 (dev0) |