From 51889f351a1cfb2ace681cab50420c99a4f59194 Mon Sep 17 00:00:00 2001 From: Aleksei Sizov Date: Thu, 17 Oct 2024 21:16:25 -0500 Subject: [PATCH] [Squash me!] Addressed review comments --- api/v1alpha1/managedcluster_types.go | 2 -- .../controller/managedcluster_controller.go | 35 ++++++++----------- .../hmc.mirantis.com_managedclusters.yaml | 4 --- 3 files changed, 14 insertions(+), 27 deletions(-) diff --git a/api/v1alpha1/managedcluster_types.go b/api/v1alpha1/managedcluster_types.go index 7ccf2d77b..98a35fac5 100644 --- a/api/v1alpha1/managedcluster_types.go +++ b/api/v1alpha1/managedcluster_types.go @@ -96,8 +96,6 @@ type ManagedClusterStatus struct { Conditions []metav1.Condition `json:"conditions,omitempty"` // ObservedGeneration is the last observed generation. ObservedGeneration int64 `json:"observedGeneration,omitempty"` - // CCMSecretReconciled signify if CCM secret was reconciled on managed cluster - CCMSecretReconciled bool `json:"ccmSecretReconciled,omitempty"` } // +kubebuilder:object:root=true diff --git a/internal/controller/managedcluster_controller.go b/internal/controller/managedcluster_controller.go index f0a9f4770..1b2b2ac0d 100644 --- a/internal/controller/managedcluster_controller.go +++ b/internal/controller/managedcluster_controller.go @@ -380,8 +380,9 @@ func (r *ManagedClusterReconciler) Update(ctx context.Context, managedCluster *h return ctrl.Result{RequeueAfter: DefaultRequeueInterval}, nil } - if !managedCluster.Status.CCMSecretReconciled { - return r.reconcileCredentialPropagation(ctx, l, managedCluster) + result, err := r.reconcileCredentialPropagation(ctx, managedCluster) + if err != nil { + return result, err } return r.updateServices(ctx, managedCluster) @@ -705,16 +706,12 @@ func (r *ManagedClusterReconciler) machinesAvailable(ctx context.Context, namesp return len(itemsList.Items) != 0, nil } -func (r *ManagedClusterReconciler) reconcileCredentialPropagation(ctx context.Context, l logr.Logger, managedCluster *hmc.ManagedCluster) (ctrl.Result, error) { +func (r *ManagedClusterReconciler) reconcileCredentialPropagation(ctx context.Context, managedCluster *hmc.ManagedCluster) (ctrl.Result, error) { + l := ctrl.LoggerFrom(ctx) l.Info("Reconciling CCM credentials propagation") - var err error - defer func() { - err = errors.Join(err, r.updateStatus(ctx, managedCluster)) - }() providers, err := r.getInfraProviders(ctx, managedCluster.Namespace, managedCluster.Spec.Template) if err != nil { - managedCluster.Status.CCMSecretReconciled = false return ctrl.Result{}, fmt.Errorf("failed to get cluster providers for cluster %s/%s: %s", managedCluster.Namespace, managedCluster.Name, err) } @@ -724,13 +721,12 @@ func (r *ManagedClusterReconciler) reconcileCredentialPropagation(ctx context.Co Name: fmt.Sprintf("%s-kubeconfig", managedCluster.Name), Namespace: managedCluster.Namespace, }, kubeconfSecret); err != nil { - managedCluster.Status.CCMSecretReconciled = false return ctrl.Result{}, fmt.Errorf("failed to get kubeconfig secret for cluster %s/%s: %s", managedCluster.Namespace, managedCluster.Name, err) } for _, provider := range providers { - switch provider { + switch provider.Name { case "aws": l.Info("Skipping creds propagation for AWS") continue @@ -738,7 +734,6 @@ func (r *ManagedClusterReconciler) reconcileCredentialPropagation(ctx context.Co l.Info("Azure creds propagation start") err := r.propagateAzureSecrets(ctx, managedCluster, kubeconfSecret) if err != nil { - managedCluster.Status.CCMSecretReconciled = false errMsg := fmt.Sprintf("failed to create Azure CCM credentials: %s", err) apimeta.SetStatusCondition(managedCluster.GetConditions(), metav1.Condition{ Type: hmc.CredentialsPropagatedCondition, @@ -759,7 +754,6 @@ func (r *ManagedClusterReconciler) reconcileCredentialPropagation(ctx context.Co l.Info("vSphere creds propagation start") err := r.propagateVSphereSecrets(ctx, managedCluster, kubeconfSecret) if err != nil { - managedCluster.Status.CCMSecretReconciled = false errMsg := fmt.Sprintf("failed to create vSphere CCM credentials: %s", err) apimeta.SetStatusCondition(managedCluster.GetConditions(), metav1.Condition{ Type: hmc.CredentialsPropagatedCondition, @@ -777,7 +771,6 @@ func (r *ManagedClusterReconciler) reconcileCredentialPropagation(ctx context.Co }) continue default: - managedCluster.Status.CCMSecretReconciled = true errMsg := fmt.Sprintf("unsupported infrastructure provider %s", provider) apimeta.SetStatusCondition(managedCluster.GetConditions(), metav1.Condition{ Type: hmc.CredentialsPropagatedCondition, @@ -785,10 +778,9 @@ func (r *ManagedClusterReconciler) reconcileCredentialPropagation(ctx context.Co Reason: hmc.FailedReason, Message: errMsg, }) - return ctrl.Result{}, errors.New(errMsg) + continue } } - managedCluster.Status.CCMSecretReconciled = true l.Info("CCM credentials reconcile finished") return ctrl.Result{}, nil } @@ -860,7 +852,7 @@ func generateAzureCCMSecret(azureCluster *capz.AzureCluster, azureClIdty *capz.A "cloud-config": azureJSON, } - return makeSecret("azure-cloud-provider", "kube-system", secretData), nil + return makeSecret("azure-cloud-provider", metav1.NamespaceSystem, secretData), nil } func (r *ManagedClusterReconciler) propagateVSphereSecrets(ctx context.Context, managedCluster *hmc.ManagedCluster, kubeconfSecret *corev1.Secret) error { @@ -918,7 +910,6 @@ func (r *ManagedClusterReconciler) propagateVSphereSecrets(ctx context.Context, } func generateVSphereCCMConfigs(vCl *capv.VSphereCluster, vScrt *corev1.Secret, vMa *capv.VSphereMachine) (*corev1.Secret, *corev1.ConfigMap, error) { - ns := "kube-system" secretName := "vsphere-cloud-secret" secretData := map[string][]byte{ fmt.Sprintf("%s.username", vCl.Spec.Server): vScrt.Data["username"], @@ -929,7 +920,7 @@ func generateVSphereCCMConfigs(vCl *capv.VSphereCluster, vScrt *corev1.Secret, v "port": 443, "insecureFlag": true, "secretName": secretName, - "secretNamespace": ns, + "secretNamespace": metav1.NamespaceSystem, }, "vcenter": map[string]any{ vCl.Spec.Server: map[string]any{ @@ -944,15 +935,17 @@ func generateVSphereCCMConfigs(vCl *capv.VSphereCluster, vScrt *corev1.Secret, v "zone": "k8s-zone", }, } + ccmCfgYaml, err := yaml.Marshal(ccmCfg) if err != nil { return nil, nil, fmt.Errorf("failed to marshal CCM config: %s", err) } + cmData := map[string]string{ "vsphere.conf": string(ccmCfgYaml), } - return makeSecret(secretName, ns, secretData), - makeConfigMap("cloud-config", ns, cmData), + return makeSecret(secretName, metav1.NamespaceSystem, secretData), + makeConfigMap("cloud-config", metav1.NamespaceSystem, cmData), nil } @@ -993,7 +986,7 @@ datacenters = "{{ .Datacenter }}" "csi-vsphere.conf": buf.Bytes(), } - return makeSecret("vcenter-config-secret", "kube-system", secretData), nil + return makeSecret("vcenter-config-secret", metav1.NamespaceSystem, secretData), nil } func applyCCMConfigs(ctx context.Context, kubeconfSecret *corev1.Secret, objects ...client.Object) error { diff --git a/templates/provider/hmc/templates/crds/hmc.mirantis.com_managedclusters.yaml b/templates/provider/hmc/templates/crds/hmc.mirantis.com_managedclusters.yaml index 151c09d89..6c33ac0bb 100644 --- a/templates/provider/hmc/templates/crds/hmc.mirantis.com_managedclusters.yaml +++ b/templates/provider/hmc/templates/crds/hmc.mirantis.com_managedclusters.yaml @@ -131,10 +131,6 @@ spec: status: description: ManagedClusterStatus defines the observed state of ManagedCluster properties: - ccmSecretReconciled: - description: CCMSecretReconciled signify if CCM secret was reconciled - on managed cluster - type: boolean conditions: description: Conditions contains details for the current state of the ManagedCluster