Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix iam kubeconfig generation in workload clusters #9048

Merged
merged 1 commit into from
Dec 6, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions pkg/clustermanager/cluster_manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -395,8 +395,8 @@
return nil
}

// GenerateIamAuthKubeconfig generates a kubeconfig for interacting with the cluster with aws-iam-authenticator client.
func (c *ClusterManager) GenerateIamAuthKubeconfig(ctx context.Context, management, workload *types.Cluster, spec *cluster.Spec) error {
// GenerateWorkloadAWSIAMKubeconfig generates a kubeconfig for interacting with the cluster with aws-iam-authenticator client.
func (c *ClusterManager) GenerateWorkloadAWSIAMKubeconfig(ctx context.Context, management, workload *types.Cluster, spec *cluster.Spec) error {

Check warning on line 399 in pkg/clustermanager/cluster_manager.go

View check run for this annotation

Codecov / codecov/patch

pkg/clustermanager/cluster_manager.go#L399

Added line #L399 was not covered by tests
return c.awsIamAuth.GenerateKubeconfig(ctx, management, workload, spec)
}

Expand Down Expand Up @@ -835,8 +835,8 @@
return nil
}

// GenerateAWSIAMKubeconfig generates a kubeconfig for interacting with the cluster with aws-iam-authenticator client.
func (c *ClusterManager) GenerateAWSIAMKubeconfig(ctx context.Context, cluster *types.Cluster) error {
// GenerateManagementAWSIAMKubeconfig generates a kubeconfig for interacting with the cluster with aws-iam-authenticator client.
func (c *ClusterManager) GenerateManagementAWSIAMKubeconfig(ctx context.Context, cluster *types.Cluster) error {

Check warning on line 839 in pkg/clustermanager/cluster_manager.go

View check run for this annotation

Codecov / codecov/patch

pkg/clustermanager/cluster_manager.go#L839

Added line #L839 was not covered by tests
return c.awsIamAuth.GenerateManagementAWSIAMKubeconfig(ctx, cluster)
}

Expand Down
9 changes: 8 additions & 1 deletion pkg/workflows/interfaces/interfaces.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,8 @@ type ClusterManager interface {
GetCurrentClusterSpec(ctx context.Context, cluster *types.Cluster, clusterName string) (*cluster.Spec, error)
Upgrade(ctx context.Context, cluster *types.Cluster, currentManagementComponents, newManagementComponents *cluster.ManagementComponents, newSpec *cluster.Spec) (*types.ChangeDiff, error)
CreateRegistryCredSecret(ctx context.Context, mgmt *types.Cluster) error
GenerateAWSIAMKubeconfig(ctx context.Context, cluster *types.Cluster) error
GenerateWorkloadAWSIAMKubeconfig(ctx context.Context, management, workload *types.Cluster, spec *cluster.Spec) error
GenerateManagementAWSIAMKubeconfig(ctx context.Context, cluster *types.Cluster) error
ResumeEKSAControllerReconcile(ctx context.Context, cluster *types.Cluster, clusterSpec *cluster.Spec, provider providers.Provider) error
AllowDeleteWhilePaused(ctx context.Context, cluster *types.Cluster, clusterSpec *cluster.Spec) error
}
Expand Down Expand Up @@ -107,3 +108,9 @@ type ClusterDeleter interface {
type ClusterMover interface {
Move(ctx context.Context, spec *cluster.Spec, srcClient, dstClient kubernetes.Client) error
}

// AwsIamAuth is responsible for managing iam kubeconfigs.
type AwsIamAuth interface {
GenerateKubeconfig(ctx context.Context, management, workload *types.Cluster, spec *cluster.Spec) error
GenerateManagementAWSIAMKubeconfig(ctx context.Context, cluster *types.Cluster) error
}
26 changes: 20 additions & 6 deletions pkg/workflows/interfaces/mocks/clients.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion pkg/workflows/management/create_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -908,7 +908,7 @@ func TestCreateWriteConfigAWSIAMFailure(t *testing.T) {
test.expectDatacenterConfig()
test.expectMachineConfigs()

test.clusterManager.EXPECT().GenerateAWSIAMKubeconfig(test.ctx, test.workloadCluster).Return(errors.New("test"))
test.clusterManager.EXPECT().GenerateManagementAWSIAMKubeconfig(test.ctx, test.workloadCluster).Return(errors.New("test"))

test.clusterManager.EXPECT().SaveLogsManagementCluster(
test.ctx, test.clusterSpec, test.bootstrapCluster,
Expand Down
2 changes: 1 addition & 1 deletion pkg/workflows/management/write_cluster_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ func (s *writeCreateClusterConfig) Run(ctx context.Context, commandContext *task

if commandContext.ClusterSpec.AWSIamConfig != nil {
logger.Info("Generating the aws iam kubeconfig file")
err = commandContext.ClusterManager.GenerateAWSIAMKubeconfig(ctx, commandContext.WorkloadCluster)
err = commandContext.ClusterManager.GenerateManagementAWSIAMKubeconfig(ctx, commandContext.WorkloadCluster)
if err != nil {
commandContext.SetError(err)
return &workflows.CollectDiagnosticsTask{}
Expand Down
4 changes: 2 additions & 2 deletions pkg/workflows/workload/create_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -176,8 +176,8 @@ func (c *createTestSetup) expectInstallGitOpsManager(err error) {
}

func (c *createTestSetup) expectAWSIAMAuthKubeconfig(err error) {
c.clusterManager.EXPECT().GenerateAWSIAMKubeconfig(
c.ctx, c.clusterSpec.ManagementCluster).Return(err)
c.clusterManager.EXPECT().GenerateWorkloadAWSIAMKubeconfig(
c.ctx, c.clusterSpec.ManagementCluster, c.workloadCluster, c.clusterSpec).Return(err)
}

func (c *createTestSetup) expectWrite() {
Expand Down
4 changes: 2 additions & 2 deletions pkg/workflows/workload/upgrade_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -136,8 +136,8 @@ func (c *upgradeTestSetup) expectWriteWorkloadClusterConfig(err error) {
}

func (c *upgradeTestSetup) expectWithoutAWSIAMAuthKubeconfig(err error) {
c.clusterManager.EXPECT().GenerateAWSIAMKubeconfig(
c.ctx, c.clusterSpec.ManagementCluster).Return(err).Times(0)
c.clusterManager.EXPECT().GenerateWorkloadAWSIAMKubeconfig(
c.ctx, c.clusterSpec.ManagementCluster, c.workloadCluster, c.clusterSpec).Return(err).Times(0)
}

func (c *upgradeTestSetup) expectDatacenterConfig() {
Expand Down
2 changes: 1 addition & 1 deletion pkg/workflows/workload/writeclusterconfig.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ func (s *writeClusterConfig) Run(ctx context.Context, commandContext *task.Comma
// Generate AWS IAM kubeconfig only for cluster creation step
if commandContext.CurrentClusterSpec == nil && commandContext.ClusterSpec.AWSIamConfig != nil {
logger.Info("Generating the aws iam kubeconfig file")
err = commandContext.ClusterManager.GenerateAWSIAMKubeconfig(ctx, commandContext.ManagementCluster)
err = commandContext.ClusterManager.GenerateWorkloadAWSIAMKubeconfig(ctx, commandContext.ManagementCluster, commandContext.WorkloadCluster, commandContext.ClusterSpec)
if err != nil {
commandContext.SetError(err)
logger.Error(err, "Generating the aws iam kubeconfig file")
Expand Down
Loading