-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Read VpcAssociationPolicy value in the model_build_servicenetwork #407
Changes from 1 commit
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change | ||
---|---|---|---|---|
|
@@ -4,8 +4,10 @@ import ( | |||
"context" | ||||
|
||||
corev1 "k8s.io/api/core/v1" | ||||
"sigs.k8s.io/controller-runtime/pkg/client" | ||||
gateway_api "sigs.k8s.io/gateway-api/apis/v1beta1" | ||||
|
||||
"github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" | ||||
"github.com/aws/aws-application-networking-k8s/pkg/config" | ||||
"github.com/aws/aws-application-networking-k8s/pkg/k8s" | ||||
"github.com/aws/aws-application-networking-k8s/pkg/model/core" | ||||
|
@@ -25,18 +27,23 @@ type ServiceNetworkModelBuilder interface { | |||
} | ||||
|
||||
type serviceNetworkModelBuilder struct { | ||||
client client.Client | ||||
defaultTags map[string]string | ||||
} | ||||
|
||||
func NewServiceNetworkModelBuilder() *serviceNetworkModelBuilder { | ||||
return &serviceNetworkModelBuilder{} | ||||
func NewServiceNetworkModelBuilder(client client.Client) *serviceNetworkModelBuilder { | ||||
return &serviceNetworkModelBuilder{client: client} | ||||
} | ||||
func (b *serviceNetworkModelBuilder) Build(ctx context.Context, gw *gateway_api.Gateway) (core.Stack, *latticemodel.ServiceNetwork, error) { | ||||
stack := core.NewDefaultStack(core.StackID(k8s.NamespacedName(gw))) | ||||
|
||||
vpcAssociationPolicy, err := GetAttachedPolicy(ctx, b.client, k8s.NamespacedName(gw), &v1alpha1.VpcAssociationPolicy{}) | ||||
if err != nil { | ||||
return nil, nil, err | ||||
} | ||||
task := &serviceNetworkModelBuildTask{ | ||||
gateway: gw, | ||||
stack: stack, | ||||
gateway: gw, | ||||
vpcAssociationPolicy: vpcAssociationPolicy, | ||||
stack: stack, | ||||
} | ||||
|
||||
if err := task.run(ctx); err != nil { | ||||
|
@@ -63,25 +70,33 @@ func (t *serviceNetworkModelBuildTask) buildModel(ctx context.Context) error { | |||
|
||||
func (t *serviceNetworkModelBuildTask) buildServiceNetwork(ctx context.Context) error { | ||||
spec := latticemodel.ServiceNetworkSpec{ | ||||
Name: t.gateway.Name, | ||||
Namespace: t.gateway.Namespace, | ||||
Account: config.AccountID, | ||||
AssociateToVPC: false, | ||||
Name: t.gateway.Name, | ||||
Namespace: t.gateway.Namespace, | ||||
Account: config.AccountID, | ||||
} | ||||
|
||||
// by default it is true | ||||
spec.AssociateToVPC = true | ||||
// default associateToVPC is true | ||||
associateToVPC := true | ||||
if len(t.gateway.ObjectMeta.Annotations) > 0 { | ||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I believe there's no need to check this here |
||||
if value, exist := t.gateway.Annotations[LatticeVPCAssociationAnnotation]; exist { | ||||
if value == "true" { | ||||
spec.AssociateToVPC = true | ||||
associateToVPC = true | ||||
} else { | ||||
spec.AssociateToVPC = false | ||||
associateToVPC = false | ||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. nit: can be |
||||
} | ||||
} | ||||
} | ||||
|
||||
if t.vpcAssociationPolicy != nil { | ||||
if t.vpcAssociationPolicy.Spec.AssociateWithVpc != nil { | ||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. did you set default value as true in the new CRD? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. No, In CRD, by default it's empty aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1/vpcassociationpolicy_types.go Line 58 in 5204483
In the controller for both old and new logic, by default it is true There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. have you considered setting default value via kubebuilder annotation? |
||||
associateToVPC = *t.vpcAssociationPolicy.Spec.AssociateWithVpc | ||||
} | ||||
|
||||
if t.vpcAssociationPolicy.Spec.SecurityGroupIds != nil { | ||||
spec.SecurityGroupIds = securityGroupIdsToStringPointersSlice(t.vpcAssociationPolicy.Spec.SecurityGroupIds) | ||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. you can use There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I found the |
||||
} | ||||
} | ||||
spec.AssociateToVPC = associateToVPC | ||||
defaultSN, err := config.GetClusterLocalGateway() | ||||
|
||||
if err == nil && defaultSN != t.gateway.Name { | ||||
|
@@ -101,9 +116,18 @@ func (t *serviceNetworkModelBuildTask) buildServiceNetwork(ctx context.Context) | |||
} | ||||
|
||||
type serviceNetworkModelBuildTask struct { | ||||
gateway *gateway_api.Gateway | ||||
|
||||
mesh *latticemodel.ServiceNetwork | ||||
gateway *gateway_api.Gateway | ||||
vpcAssociationPolicy *v1alpha1.VpcAssociationPolicy | ||||
mesh *latticemodel.ServiceNetwork | ||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. can you rename |
||||
|
||||
stack core.Stack | ||||
} | ||||
|
||||
func securityGroupIdsToStringPointersSlice(sgIds []v1alpha1.SecurityGroupId) []*string { | ||||
var ret []*string | ||||
for _, sgId := range sgIds { | ||||
sgIdStr := string(sgId) | ||||
ret = append(ret, &sgIdStr) | ||||
} | ||||
return ret | ||||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,11 +21,12 @@ type ServiceNetwork struct { | |
|
||
type ServiceNetworkSpec struct { | ||
// The name of the ServiceNetwork | ||
Name string `json:"name"` | ||
Namespace string `json:"namespace"` | ||
Account string `json:"account"` | ||
AssociateToVPC bool | ||
IsDeleted bool | ||
Name string `json:"name"` | ||
Namespace string `json:"namespace"` | ||
Account string `json:"account"` | ||
SecurityGroupIds []*string `json:"securityGroupIds"` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. aws vpc lattice go sdk use the |
||
AssociateToVPC bool | ||
IsDeleted bool | ||
} | ||
|
||
type ServiceNetworkStatus struct { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what happens if the policy is not found?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If policy not found, GetAttachedPolicy() retrun nil, nil, it will go ahead to execute the rest of logic. Unit test covered that
aws-application-networking-k8s/pkg/gateway/utils_test.go
Line 205 in 5204483