Consolidate CCMs under common interface

k0rdent · Jan 16, 2025 · 9bca0cf · 9bca0cf
1 parent 5be0f32
commit 9bca0cf
Show file tree

Hide file tree

Showing 15 changed files with 484 additions and 124 deletions.
diff --git a/api/v1alpha1/common.go b/api/v1alpha1/common.go
@@ -42,7 +42,7 @@ type (
 )
 
 const (
-	// Provider CAPA
+	// Provider AWS
 	ProviderAWSName = "cluster-api-provider-aws"
 	// Provider Azure
 	ProviderAzureName = "cluster-api-provider-azure"

diff --git a/api/v1alpha1/management_types.go b/api/v1alpha1/management_types.go
@@ -86,24 +86,17 @@ type Provider struct {
 	Name string `json:"name"`
 }
 
+func (p Provider) String() string {
+	return p.Name
+}
+
 func (in *Component) HelmValues() (values map[string]any, err error) {
 	if in.Config != nil {
 		err = yaml.Unmarshal(in.Config.Raw, &values)
 	}
 	return values, err
 }
 
-func GetDefaultProviders() []Provider {
-	return []Provider{
-		{Name: ProviderK0smotronName},
-		{Name: ProviderAWSName},
-		{Name: ProviderAzureName},
-		{Name: ProviderVSphereName},
-		{Name: ProviderOpenStackName},
-		{Name: ProviderSveltosName},
-	}
-}
-
 // Templates returns a list of provider templates explicitly defined in the Management object
 func (in *Management) Templates() []string {
 	templates := []string{}

diff --git a/go.mod b/go.mod
@@ -10,6 +10,7 @@ require (
 	github.com/fluxcd/pkg/apis/meta v1.9.0
 	github.com/fluxcd/pkg/runtime v0.52.0
 	github.com/fluxcd/source-controller/api v1.4.1
+	github.com/go-logr/logr v1.4.2
 	github.com/google/uuid v1.6.0
 	github.com/hashicorp/go-retryablehttp v0.7.7
 	github.com/onsi/ginkgo/v2 v2.22.2
@@ -85,7 +86,6 @@ require (
 	github.com/go-errors/errors v1.5.1 // indirect
 	github.com/go-gorp/gorp/v3 v3.1.0 // indirect
 	github.com/go-ldap/ldap/v3 v3.4.8 // indirect
-	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-logr/zapr v1.3.0 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect

diff --git a/internal/controller/clusterdeployment_controller.go b/internal/controller/clusterdeployment_controller.go
@@ -48,6 +48,7 @@ import (
 	kcm "github.com/K0rdent/kcm/api/v1alpha1"
 	"github.com/K0rdent/kcm/internal/credspropagation"
 	"github.com/K0rdent/kcm/internal/helm"
+	providersloader "github.com/K0rdent/kcm/internal/providers"
 	"github.com/K0rdent/kcm/internal/sveltos"
 	"github.com/K0rdent/kcm/internal/telemetry"
 	"github.com/K0rdent/kcm/internal/utils"
@@ -580,35 +581,16 @@ func (r *ClusterDeploymentReconciler) releaseCluster(ctx context.Context, namesp
 		return err
 	}
 
-	var (
-		gvkAWSCluster = schema.GroupVersionKind{
-			Group:   "infrastructure.cluster.x-k8s.io",
-			Version: "v1beta2",
-			Kind:    "AWSCluster",
-		}
-
-		gvkAzureCluster = schema.GroupVersionKind{
-			Group:   "infrastructure.cluster.x-k8s.io",
-			Version: "v1beta1",
-			Kind:    "AzureCluster",
-		}
-
-		gvkMachine = schema.GroupVersionKind{
-			Group:   "cluster.x-k8s.io",
-			Version: "v1beta1",
-			Kind:    "Machine",
-		}
-	)
-
-	providerGVKs := map[string]schema.GroupVersionKind{
-		"aws":   gvkAWSCluster,
-		"azure": gvkAzureCluster,
+	gvkMachine := schema.GroupVersionKind{
+		Group:   "cluster.x-k8s.io",
+		Version: "v1beta1",
+		Kind:    "Machine",
 	}
 
 	// Associate the provider with it's GVK
 	for _, provider := range providers {
-		gvk, ok := providerGVKs[provider]
-		if !ok {
+		gvk := providersloader.GetClusterGVK(provider)
+		if !gvk.Empty() {
 			continue
 		}
 
@@ -642,13 +624,12 @@ func (r *ClusterDeploymentReconciler) getInfraProvidersNames(ctx context.Context
 		return nil, err
 	}
 
-	const infraPrefix = "infrastructure-"
 	var (
 		ips     = make([]string, 0, len(template.Status.Providers))
-		lprefix = len(infraPrefix)
+		lprefix = len(providersloader.InfraPrefix)
 	)
 	for _, v := range template.Status.Providers {
-		if idx := strings.Index(v, infraPrefix); idx > -1 {
+		if idx := strings.Index(v, providersloader.InfraPrefix); idx > -1 {
 			ips = append(ips, v[idx+lprefix:])
 		}
 	}
@@ -725,73 +706,36 @@ func (r *ClusterDeploymentReconciler) reconcileCredentialPropagation(ctx context
 	}
 
 	for _, provider := range providers {
-		switch provider {
-		case "aws":
-			l.Info("Skipping creds propagation for AWS")
-		case "azure":
-			l.Info("Azure creds propagation start")
-			if err := credspropagation.PropagateAzureSecrets(ctx, propnCfg); err != nil {
-				errMsg := fmt.Sprintf("failed to create Azure CCM credentials: %s", err)
-				apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
-					Type:    kcm.CredentialsPropagatedCondition,
-					Status:  metav1.ConditionFalse,
-					Reason:  kcm.FailedReason,
-					Message: errMsg,
-				})
-
-				return errors.New(errMsg)
-			}
+		titleName := providersloader.GetProviderTitleName(provider)
 
+		f, ok := providersloader.CredentialPropagationFunc(provider)
+		if !ok || titleName == "" {
 			apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
 				Type:    kcm.CredentialsPropagatedCondition,
-				Status:  metav1.ConditionTrue,
-				Reason:  kcm.SucceededReason,
-				Message: "Azure CCM credentials created",
+				Status:  metav1.ConditionFalse,
+				Reason:  kcm.FailedReason,
+				Message: "unsupported infrastructure provider " + provider,
 			})
-		case "vsphere":
-			l.Info("vSphere creds propagation start")
-			if err := credspropagation.PropagateVSphereSecrets(ctx, propnCfg); err != nil {
-				errMsg := fmt.Sprintf("failed to create vSphere CCM credentials: %s", err)
-				apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
-					Type:    kcm.CredentialsPropagatedCondition,
-					Status:  metav1.ConditionFalse,
-					Reason:  kcm.FailedReason,
-					Message: errMsg,
-				})
-				return errors.New(errMsg)
-			}
 
+			continue
+		}
+
+		enabled, err := f(ctx, propnCfg, l)
+		if err != nil {
+			errMsg := fmt.Sprintf("failed to create %s CCM credentials: %s", titleName, err)
 			apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
 				Type:    kcm.CredentialsPropagatedCondition,
-				Status:  metav1.ConditionTrue,
-				Reason:  kcm.SucceededReason,
-				Message: "vSphere CCM credentials created",
+				Status:  metav1.ConditionFalse,
+				Reason:  kcm.FailedReason,
+				Message: errMsg,
 			})
-		case "openstack":
-			l.Info("OpenStack creds propagation start")
-			if err := credspropagation.PropagateOpenStackSecrets(ctx, propnCfg); err != nil {
-				errMsg := fmt.Sprintf("failed to create OpenStack CCM credentials: %s", err)
-				apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
-					Type:    kcm.CredentialsPropagatedCondition,
-					Status:  metav1.ConditionFalse,
-					Reason:  kcm.FailedReason,
-					Message: errMsg,
-				})
-				return errors.New(errMsg)
-			}
-
+			return errors.New(errMsg)
+		} else if enabled {
 			apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
 				Type:    kcm.CredentialsPropagatedCondition,
 				Status:  metav1.ConditionTrue,
 				Reason:  kcm.SucceededReason,
-				Message: "OpenStack CCM credentials created",
-			})
-		default:
-			apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
-				Type:    kcm.CredentialsPropagatedCondition,
-				Status:  metav1.ConditionFalse,
-				Reason:  kcm.FailedReason,
-				Message: "unsupported infrastructure provider " + provider,
+				Message: titleName + " CCM credentials created",
 			})
 		}
 	}

diff --git a/internal/controller/release_controller.go b/internal/controller/release_controller.go
@@ -47,6 +47,7 @@ import (
 	kcm "github.com/K0rdent/kcm/api/v1alpha1"
 	"github.com/K0rdent/kcm/internal/build"
 	"github.com/K0rdent/kcm/internal/helm"
+	"github.com/K0rdent/kcm/internal/providers"
 	"github.com/K0rdent/kcm/internal/utils"
 )
 
@@ -200,7 +201,7 @@ func (r *ReleaseReconciler) ensureManagement(ctx context.Context) error {
 	if err != nil {
 		return err
 	}
-	mgmtObj.Spec.Providers = kcm.GetDefaultProviders()
+	mgmtObj.Spec.Providers = providers.List()
 
 	getter := helm.NewMemoryRESTClientGetter(r.Config, r.RESTMapper())
 	actionConfig := new(action.Configuration)

diff --git a/internal/credspropagation/azure.go b/internal/credspropagation/azure.go
@@ -24,7 +24,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
-func PropagateAzureSecrets(ctx context.Context, cfg *PropagationCfg) error {
+func PropagateAzureProviderObjects(ctx context.Context, cfg *PropagationCfg) error {
 	azureCluster := &capz.AzureCluster{}
 	if err := cfg.Client.Get(ctx, client.ObjectKey{
 		Name:      cfg.ClusterDeployment.Name,

diff --git a/internal/credspropagation/openstack.go b/internal/credspropagation/openstack.go
@@ -60,8 +60,8 @@ type (
 	}
 )
 
-// PropagateOpenStackSecrets propagates OpenStack secrets
-func PropagateOpenStackSecrets(ctx context.Context, cfg *PropagationCfg) error {
+// PropagateOpenStackProviderObjects propagates OpenStack secrets
+func PropagateOpenStackProviderObjects(ctx context.Context, cfg *PropagationCfg) error {
 	if cfg == nil {
 		return errors.New("PropagationCfg is nil")
 	}

diff --git a/internal/credspropagation/vsphere.go b/internal/credspropagation/vsphere.go
@@ -30,7 +30,7 @@ import (
 	kcm "github.com/K0rdent/kcm/api/v1alpha1"
 )
 
-func PropagateVSphereSecrets(ctx context.Context, cfg *PropagationCfg) error {
+func PropagateVSphereProviderObjects(ctx context.Context, cfg *PropagationCfg) error {
 	vsphereCluster := &capv.VSphereCluster{}
 	if err := cfg.Client.Get(ctx, client.ObjectKey{
 		Name:      cfg.ClusterDeployment.Name,

diff --git a/internal/providers/aws.go b/internal/providers/aws.go
@@ -0,0 +1,67 @@
+// Copyright 2024
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package providers
+
+import (
+	"context"
+
+	"github.com/go-logr/logr"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+
+	"github.com/K0rdent/kcm/internal/credspropagation"
+)
+
+type ProviderAWS struct{}
+
+var _ ProviderModule = (*ProviderAWS)(nil)
+
+func init() {
+	Register(&ProviderAWS{})
+}
+
+func (*ProviderAWS) GetName() string {
+	return "aws"
+}
+
+func (*ProviderAWS) GetTitleName() string {
+	return "AWS"
+}
+
+func (*ProviderAWS) GetClusterGVK() schema.GroupVersionKind {
+	return schema.GroupVersionKind{
+		Group:   "infrastructure.cluster.x-k8s.io",
+		Version: "v1beta2",
+		Kind:    "AWSCluster",
+	}
+}
+
+func (*ProviderAWS) GetClusterIdentityKinds() []string {
+	return []string{"AWSClusterStaticIdentity", "AWSClusterRoleIdentity", "AWSClusterControllerIdentity"}
+}
+
+func (p *ProviderAWS) CredentialPropagationFunc() func(
+	_ context.Context,
+	_ *credspropagation.PropagationCfg,
+	l logr.Logger,
+) (enabled bool, err error) {
+	return func(
+		_ context.Context,
+		_ *credspropagation.PropagationCfg,
+		l logr.Logger,
+	) (enabled bool, err error) {
+		l.Info("Skipping creds propagation for " + p.GetTitleName())
+		return enabled, err
+	}
+}
diff --git a/internal/providers/azure.go b/internal/providers/azure.go
@@ -0,0 +1,64 @@
+// Copyright 2024
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package providers
+
+import (
+	"context"
+
+	"github.com/go-logr/logr"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+
+	"github.com/K0rdent/kcm/internal/credspropagation"
+)
+
+type ProviderAzure struct{}
+
+var _ ProviderModule = (*ProviderAzure)(nil)
+
+func init() {
+	Register(&ProviderAzure{})
+}
+
+func (*ProviderAzure) GetName() string {
+	return "azure"
+}
+
+func (*ProviderAzure) GetTitleName() string {
+	return "Azure"
+}
+
+func (*ProviderAzure) GetClusterGVK() schema.GroupVersionKind {
+	return schema.GroupVersionKind{}
+}
+
+func (*ProviderAzure) GetClusterIdentityKinds() []string {
+	return []string{"AzureClusterIdentity"}
+}
+
+func (p *ProviderAzure) CredentialPropagationFunc() func(
+	ctx context.Context,
+	cfg *credspropagation.PropagationCfg,
+	l logr.Logger,
+) (enabled bool, err error) {
+	return func(
+		ctx context.Context,
+		cfg *credspropagation.PropagationCfg,
+		l logr.Logger,
+	) (enabled bool, err error) {
+		l.Info(p.GetTitleName() + " creds propagation start")
+		enabled, err = true, credspropagation.PropagateAzureProviderObjects(ctx, cfg)
+		return enabled, err
+	}
+}