Add the PRs that have not yet been merged

.gitignore

@@ -52,6 +52,9 @@ manager_pull_policy.yaml-e
 # junit files
 junit.*.xml
 
+# asdf
+.tool-versions
+
 .DS_Store
 
 # Tilt files.

CHANGELOG.md

@@ -0,0 +1,5 @@
+# Changelog
+
+## 1.6.0-0.1.0 (upcoming)
+
+* Add the PRs that have not yet been merged

Jenkinsfile

@@ -0,0 +1,19 @@
+@Library('libpipelines@master') _
+
+hose {
+    EMAIL = '[email protected]'
+    BUILDTOOL = 'make'
+    VERSIONING_TYPE = 'stratioVersion-3-3'
+    UPSTREAM_VERSION = '1.6.0'
+    DEPLOYONPRS = true
+    DEVTIMEOUT = 30
+    ANCHORE_POLICY = "production"
+    GRYPE_TEST = false
+
+    BUILDTOOL_MEMORY_REQUEST = "1024Mi"
+    BUILDTOOL_MEMORY_LIMIT = "4096Mi"
+
+    DEV = { config ->
+        doDocker(conf:config, dockerfile: 'Dockerfile', image:'cluster-api-provider-gcp')
+    }
+}

Makefile

@@ -601,3 +601,6 @@ verify-gen: generate
 	@if !(git diff --quiet HEAD); then \
 		echo "generated files are out of date, run make generate"; exit 1; \
 	fi
+
+change-version:
+	hack/custom/change-version.sh $(version)

VERSION

@@ -0,0 +1 @@
+0.1.0-SNAPSHOT

cloud/services/container/clusters/reconcile.go

@@ -268,6 +268,9 @@ func (s *Service) createCluster(ctx context.Context, log *logr.Logger) error {
 	if !s.scope.IsAutopilotCluster() {
 		cluster.NodePools = scope.ConvertToSdkNodePools(nodePools, machinePools, isRegional, cluster.Name)
 	}
+	if s.scope.GCPManagedControlPlane.Spec.NetworkPolicy != nil {
+		cluster.NetworkPolicy = convertToSdkNetworkPolicy(s.scope.GCPManagedControlPlane.Spec.NetworkPolicy)
+	}
 
 	createClusterRequest := &containerpb.CreateClusterRequest{
 		Cluster: cluster,
@@ -376,6 +379,20 @@ func convertToSdkMasterAuthorizedNetworksConfig(config *infrav1exp.MasterAuthori
 	}
 }
 
+// convertToSdkNetworkPolicy converts NetworkPolicy config to a value that is used by GCP SDK.
+func convertToSdkNetworkPolicy(networkPolicy *infrav1exp.NetworkPolicy) *containerpb.NetworkPolicy {
+	sdkNetworkPolicy := containerpb.NetworkPolicy{
+		Enabled: true,
+	}
+	switch networkPolicy.Provider {
+	case "calico":
+		sdkNetworkPolicy.Provider = containerpb.NetworkPolicy_CALICO
+	default:
+		sdkNetworkPolicy.Provider = containerpb.NetworkPolicy_PROVIDER_UNSPECIFIED
+	}
+	return &sdkNetworkPolicy
+}
+
 func (s *Service) checkDiffAndPrepareUpdate(existingCluster *containerpb.Cluster, log *logr.Logger) (bool, *containerpb.UpdateClusterRequest) {
 	log.V(4).Info("Checking diff and preparing update.")
 
@@ -400,7 +417,6 @@ func (s *Service) checkDiffAndPrepareUpdate(existingCluster *containerpb.Cluster
 			log.V(2).Info("Master version update required", "current", existingClusterMasterVersion, "desired", desiredMasterVersion)
 		}
 	}
-
 	// DesiredMasterAuthorizedNetworksConfig
 	// When desiredMasterAuthorizedNetworksConfig is nil, it means that the user wants to disable the feature.
 	desiredMasterAuthorizedNetworksConfig := convertToSdkMasterAuthorizedNetworksConfig(s.scope.GCPManagedControlPlane.Spec.MasterAuthorizedNetworksConfig)

cloud/services/container/nodepools/reconcile.go

@@ -430,12 +430,6 @@ func (s *Service) checkDiffAndPrepareUpdateAutoscaling(existingNodePool *contain
 
 func (s *Service) checkDiffAndPrepareUpdateSize(existingNodePool *containerpb.NodePool) (bool, *containerpb.SetNodePoolSizeRequest) {
 	needUpdate := false
-	desiredAutoscaling := infrav1exp.ConvertToSdkAutoscaling(s.scope.GCPManagedMachinePool.Spec.Scaling)
-
-	if desiredAutoscaling.Enabled {
-		// Do not update node pool size if autoscaling is enabled.
-		return false, nil
-	}
 
 	setNodePoolSizeRequest := containerpb.SetNodePoolSizeRequest{
 		Name: s.scope.NodePoolFullName(),

config/crd/bases/infrastructure.cluster.x-k8s.io_gcpmanagedcontrolplanes.yaml

@@ -126,6 +126,17 @@ spec:
                       Public IP addresses.
                     type: boolean
                 type: object
+              networkPolicy:
+                description: NetworkPolicy represents configuration options for NetworkPolicy
+                  feature of the GKE cluster. This feature is disabled if this field
+                  is not specified.
+                properties:
+                  provider:
+                    description: The selected network policy provider.
+                    enum:
+                    - calico
+                    type: string
+                type: object
               project:
                 description: Project is the name of the project to deploy the cluster
                   to.

exp/api/v1beta1/gcpmanagedcontrolplane_types.go

@@ -57,6 +57,10 @@ type GCPManagedControlPlaneSpec struct {
 	// This feature is disabled if this field is not specified.
 	// +optional
 	MasterAuthorizedNetworksConfig *MasterAuthorizedNetworksConfig `json:"master_authorized_networks_config,omitempty"`
+	// NetworkPolicy represents configuration options for NetworkPolicy feature of the GKE cluster.
+	// This feature is disabled if this field is not specified.
+	// +optional
+	NetworkPolicy *NetworkPolicy `json:"networkPolicy,omitempty"`
 }
 
 // GCPManagedControlPlaneStatus defines the observed state of GCPManagedControlPlane.
@@ -142,6 +146,14 @@ type MasterAuthorizedNetworksConfigCidrBlock struct {
 	CidrBlock string `json:"cidr_block,omitempty"`
 }
 
+// NetworkPolicy represents configuration options for NetworkPolicy feature of the GKE cluster.
+type NetworkPolicy struct {
+	// The selected network policy provider.
+	// +kubebuilder:validation:Enum=calico
+	// +optional
+	Provider string `json:"provider,omitempty"`
+}
+
 // GetConditions returns the control planes conditions.
 func (r *GCPManagedControlPlane) GetConditions() clusterv1.Conditions {
 	return r.Status.Conditions

exp/api/v1beta1/gcpmanagedcontrolplane_webhook.go

@@ -130,6 +130,13 @@ func (r *GCPManagedControlPlane) ValidateUpdate(oldRaw runtime.Object) (admissio
 		)
 	}
 
+	if !cmp.Equal(r.Spec.NetworkPolicy, old.Spec.NetworkPolicy) {
+		allErrs = append(allErrs,
+			field.Invalid(field.NewPath("spec", "NetworkPolicy"),
+				r.Spec.NetworkPolicy, "field is immutable"),
+		)
+	}
+
 	if len(allErrs) == 0 {
 		return nil, nil
 	}

exp/api/v1beta1/gcpmanagedmachinepool_webhook.go

@@ -161,9 +161,7 @@ func (r *GCPManagedMachinePool) validateImmutable(old *GCPManagedMachinePool) fi
 	appendErrorIfMutated(old.Spec.LocalSsdCount, r.Spec.LocalSsdCount, "localSsdCount", &allErrs)
 	appendErrorIfMutated(old.Spec.Management, r.Spec.Management, "management", &allErrs)
 	appendErrorIfMutated(old.Spec.MaxPodsPerNode, r.Spec.MaxPodsPerNode, "maxPodsPerNode", &allErrs)
-	appendErrorIfMutated(old.Spec.NodeNetwork.PodRangeName, r.Spec.NodeNetwork.PodRangeName, "podRangeName", &allErrs)
-	appendErrorIfMutated(old.Spec.NodeNetwork.CreatePodRange, r.Spec.NodeNetwork.CreatePodRange, "createPodRange", &allErrs)
-	appendErrorIfMutated(old.Spec.NodeNetwork.PodRangeCidrBlock, r.Spec.NodeNetwork.PodRangeCidrBlock, "podRangeCidrBlock", &allErrs)
+	appendErrorIfMutated(old.Spec.NodeNetwork, r.Spec.NodeNetwork, "nodeNetwork", &allErrs)
 	appendErrorIfMutated(old.Spec.NodeSecurity, r.Spec.NodeSecurity, "nodeSecurity", &allErrs)
 
 	return allErrs

hack/change-version.sh

@@ -0,0 +1,14 @@
+#!/bin/bash -e
+
+BASEDIR=`dirname $0`/../..
+
+cd $BASEDIR
+
+if [[ -z "$1" ]]; then
+	VERSION=$(cat $BASEDIR/VERSION)
+else
+	VERSION=$1
+fi
+
+echo "Modifying cluster-api-provider-gcp version to: $1"
+echo $VERSION > VERSION