[minor] Add support for various SLS configurations

python/src/mas/cli/cli.py

@@ -132,9 +132,10 @@ def __init__(self):
         # Initialize the dictionary that will hold the parameters we pass to a PipelineRun
         self.params = dict()
 
-        # These dicts will hold the additional-configs, pod-templates and manual certificates secrets
+        # These dicts will hold the additional-configs, pod-templates, sls license file and manual certificates secrets
         self.additionalConfigsSecret = None
         self.podTemplatesSecret = None
+        self.slsLicenseFileSecret = None
         self.certsSecret = None
 
         self._isSNO = None

python/src/mas/cli/install/app.py

@@ -29,6 +29,7 @@
 from ..gencfg import ConfigGeneratorMixin
 from .argBuilder import installArgBuilderMixin
 from .argParser import installArgParser
+from .argChecker import verifyArgs
 from .settings import InstallSettingsMixin
 from .summarizer import InstallSummarizerMixin
 from .params import requiredParams, optionalParams
@@ -40,11 +41,15 @@
     WorkspaceNameFormatValidator,
     TimeoutFormatValidator,
     StorageClassValidator,
-    OptimizerInstallPlanValidator
+    OptimizerInstallPlanValidator,
+    SLSConfigValidator,
+    SLSInstanceSelectionValidator,
+    NewNamespaceValidator
 )
 
 from mas.devops.ocp import createNamespace, getStorageClasses
 from mas.devops.mas import getCurrentCatalog, getDefaultStorageClasses
+from mas.devops.sls import listSLSInstances, verifySLSConnection, findSLSByNamespace
 from mas.devops.data import getCatalog
 from mas.devops.tekton import (
     installOpenShiftPipelines,
@@ -249,16 +254,102 @@ def configCatalog(self):
 
             self.setParam("mas_channel", releaseSelection)
 
+    @logMethodCall
+    def validateExternalSLSConnection(self) -> None:
+        self.verifySLSConnection = verifySLSConnection(self.getParam("sls_url"), self.slsCertsDirLocal + 'ca.crt')
+
+        if not self.noConfirm:
+            if not self.verifySLSConnection:
+                if not self.yesOrNo("Could not verify SLS connection, proceed anyway"):
+                    exit(1)
+
     @logMethodCall
     def configSLS(self) -> None:
         self.printH1("Configure Product License")
-        self.slsLicenseFileLocal = self.promptForFile("License file", mustExist=True, envVar="SLS_LICENSE_FILE_LOCAL")
+
+        self.slsLicenseFileLocal = None
+        self.slsCertsDirLocal = None
+        existingSLSInstances = listSLSInstances(self.dynamicClient)
+        numSLSInstances = len(existingSLSInstances)
+        description = [
+            "IBM Suite License Service (SLS) is the licensing enforcement for Maximo Application Suite.",
+            ""
+        ]
+
+        if self.showAdvancedOptions:
+            self.slsConfigOptions = []
+            self.slsInstanceOptions = []
+
+            description.insert(1, "Choose how to configure SLS:")
+            description.insert(2, "  - New: Deploy a new instance on the cluster.")
+            description.insert(3, "  - External: Point to an external instance outside of the cluster.")
+
+            self.slsConfigOptions.append("New")
+            self.slsConfigOptions.append("External")
+
+            if numSLSInstances > 0:
+                self.slsConfigOptions.insert(1, "Existing")
+                description.insert(3, "  - Existing: Select an existing instance on the cluster. This is useful for sharing SLS with multiple MAS instances.")
+
+            slsConfigCompleter = WordCompleter(self.slsConfigOptions)
+
+            self.printDescription(description)
+            slsConfigSelection = self.promptForString("Select SLS config option", completer=slsConfigCompleter, validator=SLSConfigValidator())
+
+            if slsConfigSelection == "New":
+                self.setParam("sls_action", "install")
+                defaultVal = "ibm-sls"
+                if numSLSInstances > 0:
+                    defaultVal = ""
+                self.promptForString("SLS namespace", "sls_namespace", default=defaultVal, validator=NewNamespaceValidator())
+                self.slsLicenseFileLocal = self.promptForFile("License file", mustExist=True, envVar="SLS_LICENSE_FILE_LOCAL")
+
+            if slsConfigSelection == "Existing":
+                self.setParam("sls_action", "gencfg")
+                print_formatted_text(HTML("<LightSlateGrey>Select an existing SLS instance from the list below:</LightSlateGrey>"))
+                for slsInstance in existingSLSInstances:
+                    print_formatted_text(HTML(f"- <u>{slsInstance['metadata']['namespace']}</u> | {slsInstance['metadata']['name']} | v{slsInstance['status']['versions']['reconciled']}"))
+                    self.slsInstanceOptions.append(slsInstance['metadata']['namespace'])
+                slsInstanceCompleter = WordCompleter(self.slsInstanceOptions)
+                print()
+                self.promptForString("Select SLS namespace", "sls_namespace", completer=slsInstanceCompleter, validator=SLSInstanceSelectionValidator())
+                if self.yesOrNo("Upload/Replace the license file"):
+                    self.slsLicenseFileLocal = self.promptForFile("License file", mustExist=True, envVar="SLS_LICENSE_FILE_LOCAL")
+                    self.setParam("sls_action", "install")
+
+            if slsConfigSelection == "External":
+                self.setParam("sls_action", "gencfg")
+                self.promptForString("SLS url", "sls_url")
+                self.promptForString("SLS registrationKey", "sls_registration_key")
+                self.slsCertsDirLocal = self.promptForDir("Enter the path containing the SLS certificate(s)", mustExist=True)
+                self.validateExternalSLSConnection()
+
+        else:
+            self.setParam("sls_action", "install")
+            sls_default_namespace = "ibm-sls"
+            self.setParam("sls_namespace", sls_default_namespace)
+
+            if numSLSInstances == 0:
+                description.insert(1, f"A new instance of SLS will be deployed on the cluster in the namespace '{sls_default_namespace}'.")
+                self.printDescription(description)
+                self.slsLicenseFileLocal = self.promptForFile("License file", mustExist=True, envVar="SLS_LICENSE_FILE_LOCAL")
+
+            if numSLSInstances > 0:
+                self.printDescription(description)
+                if findSLSByNamespace(sls_default_namespace, instances=existingSLSInstances):
+                    print_formatted_text(HTML(f"<MediumSeaGreen>SLS auto-detected: {sls_default_namespace}</MediumSeaGreen>"))
+                if self.yesOrNo("Upload/Replace the license file"):
+                    self.slsLicenseFileLocal = self.promptForFile("License file", mustExist=True, envVar="SLS_LICENSE_FILE_LOCAL")
+                else:
+                    self.setParam("sls_action", "gencfg")
+
+    @logMethodCall
+    def configDRO(self) -> None:
         self.promptForString("Contact e-mail address", "uds_contact_email")
         self.promptForString("Contact first name", "uds_contact_firstname")
         self.promptForString("Contact last name", "uds_contact_lastname")
 
         if self.showAdvancedOptions:
-            self.promptForString("IBM Suite License Services (SLS) Namespace", "sls_namespace", default="ibm-sls")
             self.promptForString("IBM Data Reporter Operator (DRO) Namespace", "dro_namespace", default="redhat-marketplace")
 
     @logMethodCall
@@ -730,6 +821,7 @@ def interactiveMode(self, simplified: bool, advanced: bool) -> None:
 
         # Licensing (SLS and DRO)
         self.configSLS()
+        self.configDRO()
         self.configICRCredentials()
 
         # MAS Core
@@ -896,10 +988,6 @@ def nonInteractiveMode(self) -> None:
                 if value is None:
                     self.fatalError(f"{key} must be set")
                 self.pipelineStorageClass = value
-            elif key == "license_file":
-                if value is None:
-                    self.fatalError(f"{key} must be set")
-                self.slsLicenseFileLocal = value
 
             elif key.startswith("approval_"):
                 if key not in self.approvals:
@@ -929,6 +1017,26 @@ def nonInteractiveMode(self) -> None:
                     self.setParam("mas_manual_cert_mgmt", False)
                     self.manualCertsDir = None
 
+            # SLS arguments
+            elif key == "sls_namespace":
+                if value is not None and value != "":
+                    self.setParam("sls_namespace", value)
+                    if findSLSByNamespace(value, dynClient= self.dynamicClient):
+                        self.setParam("sls_action", "gencfg")
+                    else:
+                        self.setParam("sls_action", "install")
+                else:
+                    self.setParam("sls_namespace", "ibm-sls")
+                    self.setParam("sls_action", "gencfg")
+            elif key == "license_file":
+                if value is not None and value != "":
+                    self.slsLicenseFileLocal = value
+                    self.setParam("sls_action", "install")
+            elif key == "sls_certificates":
+                if value is not None and value != "":
+                    self.slsCertsDirLocal = value
+                    self.setParam("sls_action", "gencfg")
+
             # Fail if there's any arguments we don't know how to handle
             else:
                 print(f"Unknown option: {key} {value}")
@@ -941,13 +1049,16 @@ def nonInteractiveMode(self) -> None:
         if not self.devMode:
             self.validateCatalogSource()
             self.licensePrompt()
+
+        self.validateExternalSLSConnection()
 
     @logMethodCall
     def install(self, argv):
         """
         Install MAS instance
         """
         args = installArgParser.parse_args(args=argv)
+        verifyArgs(installArgParser, args)
 
         # We use the presence of --mas-instance-id to determine whether
         # the CLI is being started in interactive mode or not
@@ -960,6 +1071,10 @@ def install(self, argv):
         self.devMode = args.dev_mode
         self.skipGrafanaInstall = args.skip_grafana_install
 
+        # Set image_pull_policy of the CLI in interactive mode
+        if args.image_pull_policy and args.image_pull_policy != "":
+            self.setParam("image_pull_policy", args.image_pull_policy)
+
         self.approvals = {}
 
         # Store all args
@@ -1007,13 +1122,10 @@ def install(self, argv):
         if self.deployCP4D:
             self.configCP4D()
 
-        # The entitlement file for SLS is mounted as a secret in /workspace/entitlement
-        entitlementFileBaseName = path.basename(self.slsLicenseFileLocal)
-        self.setParam("sls_entitlement_file", f"/workspace/entitlement/{entitlementFileBaseName}")
-
-        # Set up the secrets for additional configs, podtemplates and manual certificates
+        # Set up the secrets for additional configs, podtemplates, sls license file and manual certificates
         self.additionalConfigs()
         self.podTemplates()
+        self.slsLicenseFile()
         self.manualCertificates()
 
         # Show a summary of the installation configuration
@@ -1065,7 +1177,7 @@ def install(self, argv):
                 prepareInstallSecrets(
                     dynClient=self.dynamicClient,
                     instanceId=self.getParam("mas_instance_id"),
-                    slsLicenseFile=self.slsLicenseFileLocal,
+                    slsLicenseFile=self.slsLicenseFileSecret,
                     additionalConfigs=self.additionalConfigsSecret,
                     podTemplates=self.podTemplatesSecret,
                     certs=self.certsSecret

python/src/mas/cli/install/argBuilder.py

@@ -122,9 +122,15 @@ def buildCommand(self) -> str:
 
         # IBM Suite License Service
         # -----------------------------------------------------------------------------
-        command += f"  --license-file \"{self.slsLicenseFileLocal}\"{newline}"
-        if self.getParam("sls_namespace") != "ibm-sls":
+        if self.getParam("sls_namespace") and self.getParam("sls_namespace") != "ibm-sls":
             command += f"  --sls-namespace \"{self.getParam('sls_namespace')}\"{newline}"
+        if self.slsLicenseFileLocal:
+            command += f"  --license-file \"{self.slsLicenseFileLocal}\"{newline}"
+        # External SLS configuration
+        if self.getParam("sls_url"):
+            command += f"  --sls-url \"{self.getParam('sls_url')}\"{newline}"
+            command += f"  --sls-registration-key \"{self.getParam('sls_registration_key')}\"{newline}"
+            command += f"  --sls-certificates \"{self.slsCertsDirLocal}\"{newline}"
 
         # IBM Data Reporting Operator (DRO)
         # -----------------------------------------------------------------------------

python/src/mas/cli/install/argChecker.py

@@ -0,0 +1,27 @@
+# *****************************************************************************
+# Copyright (c) 2025 IBM Corporation and other Contributors.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+# *****************************************************************************
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+def verifyArgs(parser, args):
+    verifySLSArgs(parser, args)
+
+def verifySLSArgs(parser, args):
+    group_1 = [args.sls_namespace, args.license_file]
+    group_2 = [args.sls_url, args.sls_registration_key, args.sls_certificates]
+
+    if any(v is not None for v in group_1) and any(v is not None for v in group_2):
+        parser.error("Cannot combine [--sls-namespace, --license-file] with [--sls-url, --sls-registration-key, --sls-certificates].")
+
+    if not all(v is not None for v in group_2) and any(v is not None for v in group_2):
+        parser.error("When providing any of --sls-url, --sls-registration-key and --sls-certificates, all three are required.")

python/src/mas/cli/install/argParser.py

@@ -21,6 +21,11 @@ def isValidFile(parser, arg) -> str:
     else:
         return arg
 
+def isValidDir(parser, arg) -> str:
+    if not path.isdir(arg):
+        parser.error(f"Error: The directory {arg} does not exist")
+    else:
+        return arg
 
 installArgParser = argparse.ArgumentParser(
     prog="mas install",
@@ -260,8 +265,23 @@ def isValidFile(parser, arg) -> str:
 slsArgGroup.add_argument(
     "--sls-namespace",
     required=False,
-    help="Customize the SLS install namespace",
-    default="ibm-sls"
+    help="Set namespace for new SLS install or point to existing instance",
+)
+slsArgGroup.add_argument(
+    "--sls-url",
+    required=False,
+    help="Point to the external SLS URL",
+)
+slsArgGroup.add_argument(
+    "--sls-registration-key",
+    required=False,
+    help="Set the SLS RegistrationKey",
+)
+slsArgGroup.add_argument(
+    "--sls-certificates",
+    required=False,
+    help="Path to SLS certificates",
+    type=lambda x: isValidDir(installArgParser, x)
 )
 
 # IBM Data Reporting Operator (DRO)

python/src/mas/cli/install/params.py

@@ -59,7 +59,8 @@
     "mas_appws_components",
     "mas_domain",
     # SLS
-    "sls_namespace",
+    "sls_url",
+    "sls_registration_key",
     # DNS Providers
     # TODO: Add CloudFlare and Route53 support
     "dns_provider",