From 256f6317c69873d1880dc64c05dda03d1907e07e Mon Sep 17 00:00:00 2001 From: Gaurav Jaswal Date: Wed, 15 Jan 2025 16:34:48 -0500 Subject: [PATCH] Enhancing clusteradm to support awsirsa during init --- go.mod | 2 +- pkg/cmd/init/cmd.go | 6 +++--- pkg/cmd/init/exec.go | 8 ++++---- test/e2e/clusteradm/init_test.go | 12 +++--------- 4 files changed, 11 insertions(+), 17 deletions(-) diff --git a/go.mod b/go.mod index 6064822f..d01946f7 100644 --- a/go.mod +++ b/go.mod @@ -28,7 +28,7 @@ require ( k8s.io/klog/v2 v2.130.1 k8s.io/kubectl v0.31.1 k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 - open-cluster-management.io/api v0.15.1-0.20250109024121-1a5e25a78a43 + open-cluster-management.io/api v0.15.1-0.20250109155322-bda1321f2519 open-cluster-management.io/cluster-proxy v0.4.0 open-cluster-management.io/managed-serviceaccount v0.6.0 open-cluster-management.io/ocm v0.15.1-0.20250110031959-11896ccda197 diff --git a/pkg/cmd/init/cmd.go b/pkg/cmd/init/cmd.go index ac59bc4c..c2fddb3f 100644 --- a/pkg/cmd/init/cmd.go +++ b/pkg/cmd/init/cmd.go @@ -15,8 +15,8 @@ var example = ` # Init the hub %[1]s init -# Initialize the hub cluster with the type of authentication. Either or both of csr,awsirsa. Default csr. -%[1]s init --registration-auth aws-irsa --registration-auth csr +# Initialize the hub cluster with the type of authentication. Either or both of csr,awsirsa +%[1]s init --registration-auth awsirsa --registration-auth csr ` // NewCmd ... @@ -81,7 +81,7 @@ func NewCmd(clusteradmFlags *genericclioptionsclusteradm.ClusteradmFlags, stream _ = clusterManagerSet.SetAnnotation("singleton-name", "singletonSet", []string{}) o.Helm.AddFlags(singletonSet) cmd.Flags().AddFlagSet(singletonSet) - cmd.Flags().StringArrayVar(&o.registrationAuth, "registration-auth", []string{"csr"}, "The type of authentication to use for registering and authenticating with hub, this flag can be repeated to specify multiple authentication types.") + cmd.Flags().StringArrayVar(&o.registrationAuth, "registration-auth", []string{}, "The type of authentication to use for registering and authenticating with hub, this flag can be repeated to specify multiple authentication types.") return cmd } diff --git a/pkg/cmd/init/exec.go b/pkg/cmd/init/exec.go index 44ea757b..08222456 100644 --- a/pkg/cmd/init/exec.go +++ b/pkg/cmd/init/exec.go @@ -71,7 +71,7 @@ func (o *Options) complete(cmd *cobra.Command, args []string) (err error) { }, Tag: bundleVersion.OCM, } - registrationDrivers, err := generateAuthDrivers(o) + registrationDrivers, err := getRegistrationDrivers(o) if err != nil { return err } @@ -360,12 +360,12 @@ func (o *Options) deploySingletonControlplane(kubeClient kubernetes.Interface) e return nil } -func generateAuthDrivers(o *Options) ([]operatorv1.RegistrationDriverHub, error) { +func getRegistrationDrivers(o *Options) ([]operatorv1.RegistrationDriverHub, error) { registrationDrivers := []operatorv1.RegistrationDriverHub{} if slices.Contains(o.registrationAuth, "csr") { - registrationDrivers = append(registrationDrivers, operatorv1.RegistrationDriverHub{AuthType: "csr", HubClusterArn: ""}) + registrationDrivers = append(registrationDrivers, operatorv1.RegistrationDriverHub{AuthType: "csr"}) } - if slices.Contains(o.registrationAuth, "aws-irsa") { + if slices.Contains(o.registrationAuth, "awsirsa") { rawConfig, err := o.ClusteradmFlags.KubectlFactory.ToRawKubeConfigLoader().RawConfig() if err != nil { klog.Errorf("unable to load hub cluster kubeconfig: %v", err) diff --git a/test/e2e/clusteradm/init_test.go b/test/e2e/clusteradm/init_test.go index 90e02378..46dc81a0 100644 --- a/test/e2e/clusteradm/init_test.go +++ b/test/e2e/clusteradm/init_test.go @@ -33,35 +33,29 @@ var _ = ginkgo.Describe("test clusteradm with bootstrap token in singleton mode" cm, err := operatorClient.OperatorV1().ClusterManagers().Get(context.TODO(), "cluster-manager", metav1.GetOptions{}) gomega.Expect(err).NotTo(gomega.HaveOccurred()) gomega.Expect(len(cm.Spec.RegistrationConfiguration.FeatureGates)).Should(gomega.Equal(1)) - // Ensure that when nothing is passed in registration-auth flag, only csr driver is setup - gomega.Expect(len(cm.Spec.RegistrationConfiguration.RegistrationDrivers)).Should(gomega.Equal(1)) err = e2e.Clusteradm().Init( "--use-bootstrap-token", "--context", e2e.Cluster().Hub().Context(), "--bundle-version=latest", - "--registration-auth aws-irsa", + "--registration-auth awsirsa", ) gomega.Expect(err).NotTo(gomega.HaveOccurred(), "clusteradm init error") cm, err = operatorClient.OperatorV1().ClusterManagers().Get(context.TODO(), "cluster-manager", metav1.GetOptions{}) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - gomega.Expect(len(cm.Spec.RegistrationConfiguration.FeatureGates)).Should(gomega.Equal(1)) - // Ensure that when only awsirsa is passed as registration-auth both the values are set. + // Ensure that when only awsirsa is passed as registration-auth only awsirsa driver is available gomega.Expect(len(cm.Spec.RegistrationConfiguration.RegistrationDrivers)).Should(gomega.Equal(1)) err = e2e.Clusteradm().Init( "--use-bootstrap-token", "--context", e2e.Cluster().Hub().Context(), "--bundle-version=latest", - "--registration-auth aws-irsa", + "--registration-auth awsirsa", "--registration-auth csr", ) gomega.Expect(err).NotTo(gomega.HaveOccurred(), "clusteradm init error") cm, err = operatorClient.OperatorV1().ClusterManagers().Get(context.TODO(), "cluster-manager", metav1.GetOptions{}) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - gomega.Expect(len(cm.Spec.RegistrationConfiguration.FeatureGates)).Should(gomega.Equal(1)) // Ensure that awsirsa and csr is passed as registration-auth both the values are set. gomega.Expect(len(cm.Spec.RegistrationConfiguration.RegistrationDrivers)).Should(gomega.Equal(2))