diff --git a/pkg/api/v1alpha1/cluster.go b/pkg/api/v1alpha1/cluster.go index ac4d4b3fc6fba..59468bf4943ce 100644 --- a/pkg/api/v1alpha1/cluster.go +++ b/pkg/api/v1alpha1/cluster.go @@ -496,10 +496,12 @@ func validateControlPlaneCertSANs(cfg *Cluster) error { } func validateControlPlaneAPIServerExtraArgs(clusterConfig *Cluster) error { - allowedFlags := map[string]string{"service-account-issuer": "", "service-account-jwks-uri": ""} - for k := range clusterConfig.Spec.ControlPlaneConfiguration.APIServerExtraArgs { - if _, ok := allowedFlags[k]; !ok { - return fmt.Errorf("invalid argument in ControlPlaneConfiguration.APIServerExtraArgs (service-account-issuer, service-account-jwks-uri): %v", k) + if !features.IsActive(features.ApiServerExtraArgsValidationDisabled()) { + allowedFlags := map[string]string{"service-account-issuer": "", "service-account-jwks-uri": ""} + for k := range clusterConfig.Spec.ControlPlaneConfiguration.APIServerExtraArgs { + if _, ok := allowedFlags[k]; !ok { + return fmt.Errorf("invalid argument in ControlPlaneConfiguration.APIServerExtraArgs (service-account-issuer, service-account-jwks-uri): %v", k) + } } } return nil diff --git a/pkg/features/features.go b/pkg/features/features.go index 62e936d074825..e12e6408bbc1f 100644 --- a/pkg/features/features.go +++ b/pkg/features/features.go @@ -2,11 +2,12 @@ package features // These are environment variables used as flags to enable/disable features. const ( - CloudStackKubeVipDisabledEnvVar = "CLOUDSTACK_KUBE_VIP_DISABLED" - CheckpointEnabledEnvVar = "CHECKPOINT_ENABLED" - UseNewWorkflowsEnvVar = "USE_NEW_WORKFLOWS" - UseControllerForCli = "USE_CONTROLLER_FOR_CLI" - VSphereInPlaceEnvVar = "VSPHERE_IN_PLACE_UPGRADE" + CloudStackKubeVipDisabledEnvVar = "CLOUDSTACK_KUBE_VIP_DISABLED" + CheckpointEnabledEnvVar = "CHECKPOINT_ENABLED" + UseNewWorkflowsEnvVar = "USE_NEW_WORKFLOWS" + UseControllerForCli = "USE_CONTROLLER_FOR_CLI" + VSphereInPlaceEnvVar = "VSPHERE_IN_PLACE_UPGRADE" + ApiServerExtraArgsValidationDisabledEnvVar = "APISERVER_EXTRA_ARGS_VALIDATION_DISABLED" ) func FeedGates(featureGates []string) { @@ -63,3 +64,11 @@ func VSphereInPlaceUpgradeEnabled() Feature { IsActive: globalFeatures.isActiveForEnvVar(VSphereInPlaceEnvVar), } } + +// ApiServerExtraArgsValidationDisabled is the feature flag for disabling the API server extra args validation. +func ApiServerExtraArgsValidationDisabled() Feature { + return Feature{ + Name: "Disable API server extra args validation", + IsActive: globalFeatures.isActiveForEnvVar(ApiServerExtraArgsValidationDisabledEnvVar), + } +} diff --git a/pkg/features/features_test.go b/pkg/features/features_test.go index 8e65b586af511..35a6cd46aa8c4 100644 --- a/pkg/features/features_test.go +++ b/pkg/features/features_test.go @@ -93,3 +93,11 @@ func TestVSphereInPlaceUpgradeEnabledFeatureFlag(t *testing.T) { g.Expect(os.Setenv(VSphereInPlaceEnvVar, "true")).To(Succeed()) g.Expect(IsActive(VSphereInPlaceUpgradeEnabled())).To(BeTrue()) } + +func TestApiServerExtraArgsValidationDisabledFeatureFlag(t *testing.T) { + g := NewWithT(t) + setupContext(t) + + g.Expect(os.Setenv(ApiServerExtraArgsValidationDisabledEnvVar, "true")).To(Succeed()) + g.Expect(IsActive(ApiServerExtraArgsValidationDisabled())).To(BeTrue()) +}