fix: Filter out control plane endpoint from Nutanix node IPs (#881)

**What problem does this PR solve?**:

**Which issue(s) this PR fixes**:
Fixes #

**How Has This Been Tested?**:
<!--
Please describe the tests that you ran to verify your changes.
Provide output from the tests and any manual steps needed to replicate
the tests.
-->

**Special notes for your reviewer**:
<!--
Use this to provide any additional information to the reviewers.
This may include:
- Best way to review the PR.
- Where the author wants the most review attention on.
- etc.
-->

charts/cluster-api-runtime-extensions-nutanix/templates/ccm/nutanix/manifests/helm-addon-installation.yaml

@@ -15,6 +15,9 @@ data:
     {{ `{{- with .PrismCentralAdditionalTrustBundle }}` }}
     prismCentralAdditionalTrustBundle: {{ `{{ printf "%q" . }}` }}
     {{ `{{- end }}` }}
+    {{ `{{- with .ControlPlaneEndpointHost }}` }}
+    ignoredNodeIPs: [ {{ `{{ printf "%q" . }}` }} ]
+    {{ `{{- end }}` }}
 
     # The Secret containing the credentials will be created by the handler.
     createSecret: false

charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml

@@ -37,7 +37,7 @@ data:
     RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes-sigs.github.io/node-feature-discovery/charts{{ end }}
   nutanix-ccm: |
     ChartName: nutanix-cloud-provider
-    ChartVersion: 0.4.0
+    ChartVersion: 0.4.1
     RepositoryURL: {{ if .Values.selfHostedRegistry }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://nutanix.github.io/helm/{{ end }}
   nutanix-storage-csi: |
     ChartName: nutanix-csi-storage

hack/addons/mindthegap-helm-registry/repos.yaml

@@ -45,7 +45,7 @@ repositories:
     repoURL: https://nutanix.github.io/helm/
     charts:
       nutanix-cloud-provider:
-      - 0.4.0
+      - 0.4.1
   nutanix-csi-storage:
     repoURL: https://nutanix.github.io/helm-releases/
     charts:

make/addons.mk

@@ -18,7 +18,7 @@ export AWS_CCM_VERSION_128 := v1.28.6
 export AWS_CCM_VERSION_129 := v1.29.3
 export AWS_CCM_VERSION_130 := v1.30.1
 
-export NUTANIX_CCM_CHART_VERSION := 0.4.0
+export NUTANIX_CCM_CHART_VERSION := 0.4.1
 
 export KUBE_VIP_VERSION := v0.8.1
 

pkg/handlers/generic/lifecycle/ccm/nutanix/handler.go

@@ -149,6 +149,7 @@ func templateValuesFunc(
 			PrismCentralPort                  int32
 			PrismCentralInsecure              bool
 			PrismCentralAdditionalTrustBundle string
+			ControlPlaneEndpointHost          string
 		}
 
 		address, port, err := nutanixConfig.PrismCentralEndpoint.ParseURL()
@@ -160,6 +161,7 @@ func templateValuesFunc(
 			PrismCentralPort:                  port,
 			PrismCentralInsecure:              nutanixConfig.PrismCentralEndpoint.Insecure,
 			PrismCentralAdditionalTrustBundle: nutanixConfig.PrismCentralEndpoint.AdditionalTrustBundle,
+			ControlPlaneEndpointHost:          nutanixConfig.ControlPlaneEndpoint.Host,
 		}
 
 		var b bytes.Buffer

pkg/handlers/generic/lifecycle/ccm/nutanix/handler_test.go

@@ -31,6 +31,7 @@ prismCentralEndPoint: prism-central.nutanix.com
 prismCentralPort: 9440
 prismCentralInsecure: false
 prismCentralAdditionalTrustBundle: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVjekNDQTF1Z0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRUUZBRC4uQWtHQTFVRUJoTUNSMEl4CkV6QVJCZ05WQkFnVENsTnZiV1V0VTNSaGRHVXhGREFTQmdOVkJBb1RDMC4uMEVnVEhSa01UY3dOUVlEClZRUUxFeTVEYkdGemN5QXhJRkIxWW14cFl5QlFjbWx0WVhKNUlFTmxjbi4uWFJwYjI0Z1FYVjBhRzl5CmFYUjVNUlF3RWdZRFZRUURFd3RDWlhOMElFTkJJRXgwWkRBZUZ3MHdNRC4uVFV3TVRaYUZ3MHdNVEF5Ck1EUXhPVFV3TVRaYU1JR0hNUXN3Q1FZRFZRUUdFd0pIUWpFVE1CRUdBMS4uMjl0WlMxVGRHRjBaVEVVCk1CSUdBMVVFQ2hNTFFtVnpkQ0JEUVNCTWRHUXhOekExQmdOVkJBc1RMay4uREVnVUhWaWJHbGpJRkJ5CmFXMWhjbmtnUTJWeWRHbG1hV05oZEdsdmJpQkJkWFJvYjNKcGRIa3hGRC4uQU1UQzBKbGMzUWdRMEVnClRIUmtNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZy4uVHoybXI3U1ppQU1mUXl1CnZCak05T2lKalJhelhCWjFCalA1Q0UvV20vUnI1MDBQUksrTGg5eDVlSi4uL0FOQkUwc1RLMFpzREdNCmFrMm0xZzdvcnVJM2RZM1ZIcUl4RlR6MFRhMWQrTkFqd25MZTRuT2I3Ly4uazA1U2hoQnJKR0JLS3hiCjhuMTA0by81cDhIQXNaUGR6YkZNSXlOakp6Qk0ybzV5NUExM3dpTGl0RS4uZnlZa1F6YXhDdzBBd3psCmtWSGlJeUN1YUY0d2o1NzFwU3prdjZzdis0SURNYlQvWHBDbzhMNndUYS4uc2grZXRMRDZGdFRqWWJiCnJ2WjhSUU0xdGxLZG9NSGcycXhyYUFWKytITkJZbU5XczBkdUVkalViSi4uWEk5VHRuUzRvMUNrajdQCk9mbGppUUlEQVFBQm80SG5NSUhrTUIwR0ExVWREZ1FXQkJROHVyTUNSTC4uNUFrSXA5TkpISnc1VENCCnRBWURWUjBqQklHc01JR3BnQlE4dXJNQ1JMWVlNSFVLVTVBa0lwOU5KSC4uYVNCaWpDQmh6RUxNQWtHCkExVUVCaE1DUjBJeEV6QVJCZ05WQkFnVENsTnZiV1V0VTNSaGRHVXhGRC4uQW9UQzBKbGMzUWdRMEVnClRIUmtNVGN3TlFZRFZRUUxFeTVEYkdGemN5QXhJRkIxWW14cFl5QlFjbS4uRU5sY25ScFptbGpZWFJwCmIyNGdRWFYwYUc5eWFYUjVNUlF3RWdZRFZRUURFd3RDWlhOMElFTkJJRS4uREFNQmdOVkhSTUVCVEFECkFRSC9NQTBHQ1NxR1NJYjNEUUVCQkFVQUE0SUJBUUMxdVlCY3NTbmN3QS4uRENzUWVyNzcyQzJ1Y3BYCnhRVUUvQzBwV1dtNmdEa3dkNUQwRFNNREpScVYvd2VvWjR3QzZCNzNmNS4uYkxoR1lIYVhKZVNENktyClhjb093TGRTYUdtSllzbExLWkIzWklERXAwd1lUR2hndGViNkpGaVR0bi4uc2YyeGRyWWZQQ2lJQjdnCkJNQVY3R3pkYzRWc3BTNmxqckFoYmlpYXdkQmlRbFFtc0JlRno5SmtGNC4uYjNsOEJvR04rcU1hNTZZCkl0OHVuYTJnWTRsMk8vL29uODhyNUlXSmxtMUwwb0E4ZTRmUjJ5ckJIWC4uYWRzR2VGS2t5TnJ3R2kvCjd2UU1mWGRHc1JyWE5HUkduWCt2V0RaMy96V0kwam9EdENrTm5xRXBWbi4uSG9YCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0="
+ignoredNodeIPs: [ "1.2.3.4" ]
 
 # The Secret containing the credentials will be created by the handler.
 createSecret: false
@@ -40,6 +41,7 @@ secretName: nutanix-ccm-credentials`
 prismCentralEndPoint: prism-central.nutanix.com
 prismCentralPort: 9440
 prismCentralInsecure: true
+ignoredNodeIPs: [ "1.2.3.4" ]
 
 # The Secret containing the credentials will be created by the handler.
 createSecret: false
@@ -91,6 +93,9 @@ func Test_templateValues(t *testing.T) {
 						),
 						AdditionalTrustBundle: testCertBundle,
 					},
+					ControlPlaneEndpoint: v1alpha1.ControlPlaneEndpointSpec{
+						Host: "1.2.3.4",
+					},
 				},
 			},
 			in:       valuesTemplate,
@@ -118,6 +123,9 @@ func Test_templateValues(t *testing.T) {
 						),
 						Insecure: true,
 					},
+					ControlPlaneEndpoint: v1alpha1.ControlPlaneEndpointSpec{
+						Host: "1.2.3.4",
+					},
 				},
 			},
 			in:       valuesTemplate,