Skip to content

Commit

Permalink
refactor aws iam in cli workflow (aws#9050)
Browse files Browse the repository at this point in the history
  • Loading branch information
tatlat authored Dec 7, 2024
1 parent a53494e commit 2d5791a
Show file tree
Hide file tree
Showing 25 changed files with 172 additions and 177 deletions.
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -560,14 +560,14 @@ mocks: ## Generate mocks
${MOCKGEN} -destination=pkg/providers/vsphere/setupuser/mocks/client.go -package=mocks "github.com/aws/eks-anywhere/pkg/providers/vsphere/setupuser" GovcClient
${MOCKGEN} -destination=pkg/govmomi/mocks/client.go -package=mocks "github.com/aws/eks-anywhere/pkg/govmomi" VSphereClient,VMOMIAuthorizationManager,VMOMIFinder,VMOMISessionBuilder,VMOMIFinderBuilder,VMOMIAuthorizationManagerBuilder
${MOCKGEN} -destination=pkg/filewriter/mocks/filewriter.go -package=mocks "github.com/aws/eks-anywhere/pkg/filewriter" FileWriter
${MOCKGEN} -destination=pkg/clustermanager/mocks/client_and_networking.go -package=mocks "github.com/aws/eks-anywhere/pkg/clustermanager" ClusterClient,AwsIamAuth,EKSAComponents,KubernetesClient,ClientFactory,ClusterApplier,CAPIClient
${MOCKGEN} -destination=pkg/clustermanager/mocks/client_and_networking.go -package=mocks "github.com/aws/eks-anywhere/pkg/clustermanager" ClusterClient,EKSAComponents,KubernetesClient,ClientFactory,ClusterApplier,CAPIClient
${MOCKGEN} -destination=pkg/gitops/flux/mocks/client.go -package=mocks "github.com/aws/eks-anywhere/pkg/gitops/flux" FluxClient,KubeClient,GitOpsFluxClient,GitClient,Templater
${MOCKGEN} -destination=pkg/task/mocks/task.go -package=mocks "github.com/aws/eks-anywhere/pkg/task" Task
${MOCKGEN} -destination=pkg/bootstrapper/mocks/client.go -package=mocks "github.com/aws/eks-anywhere/pkg/bootstrapper" KindClient,KubernetesClient
${MOCKGEN} -destination=pkg/bootstrapper/mocks/bootstrapper.go -package=mocks "github.com/aws/eks-anywhere/pkg/bootstrapper" ClusterClient
${MOCKGEN} -destination=pkg/git/providers/github/mocks/github.go -package=mocks "github.com/aws/eks-anywhere/pkg/git/providers/github" GithubClient
${MOCKGEN} -destination=pkg/git/mocks/git.go -package=mocks "github.com/aws/eks-anywhere/pkg/git" Client,ProviderClient
${MOCKGEN} -destination=pkg/workflows/interfaces/mocks/clients.go -package=mocks "github.com/aws/eks-anywhere/pkg/workflows/interfaces" Bootstrapper,ClusterManager,GitOpsManager,Validator,CAPIManager,EksdInstaller,EksdUpgrader,PackageManager,ClusterUpgrader,ClusterCreator,ClientFactory,EksaInstaller,ClusterDeleter,ClusterMover
${MOCKGEN} -destination=pkg/workflows/interfaces/mocks/clients.go -package=mocks "github.com/aws/eks-anywhere/pkg/workflows/interfaces" Bootstrapper,ClusterManager,GitOpsManager,Validator,CAPIManager,EksdInstaller,EksdUpgrader,PackageManager,ClusterUpgrader,ClusterCreator,ClientFactory,EksaInstaller,ClusterDeleter,ClusterMover,AwsIamAuth
${MOCKGEN} -destination=pkg/git/gogithub/mocks/client.go -package=mocks "github.com/aws/eks-anywhere/pkg/git/gogithub" Client
${MOCKGEN} -destination=pkg/git/gitclient/mocks/client.go -package=mocks "github.com/aws/eks-anywhere/pkg/git/gitclient" GoGit
${MOCKGEN} -destination=pkg/validations/mocks/docker.go -package=mocks "github.com/aws/eks-anywhere/pkg/validations" DockerExecutable
Expand Down
6 changes: 4 additions & 2 deletions cmd/eksctl-anywhere/cmd/createcluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -191,7 +191,8 @@ func (cc *createClusterOptions) createCluster(cmd *cobra.Command, _ []string) er
WithClusterApplier().
WithKubeconfigWriter(clusterSpec.Cluster).
WithClusterCreator(clusterSpec.Cluster).
WithClusterMover()
WithClusterMover().
WithAwsIamAuth(clusterSpec.Cluster)

if cc.timeoutOptions.noTimeouts {
factory.WithNoTimeouts()
Expand Down Expand Up @@ -258,12 +259,12 @@ func (cc *createClusterOptions) createCluster(cmd *cobra.Command, _ []string) er
deps.PackageManager,
deps.ClusterCreator,
deps.UnAuthKubectlClient,
deps.AwsIamAuth,
)
err = createWorkloadCluster.Run(ctx, clusterSpec, createValidations)

} else if clusterSpec.Cluster.IsSelfManaged() {
logger.V(1).Info("Using the eksa controller to create the management cluster")

createMgmtCluster := management.NewCreate(
deps.Bootstrapper,
deps.UnAuthKubeClient,
Expand All @@ -276,6 +277,7 @@ func (cc *createClusterOptions) createCluster(cmd *cobra.Command, _ []string) er
deps.ClusterCreator,
deps.EksaInstaller,
deps.ClusterMover,
deps.AwsIamAuth,
)

err = createMgmtCluster.Run(ctx, clusterSpec, createValidations)
Expand Down
5 changes: 4 additions & 1 deletion cmd/eksctl-anywhere/cmd/upgradecluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,8 @@ func (uc *upgradeClusterOptions) upgradeCluster(cmd *cobra.Command, args []strin
WithKubectl().
WithValidatorClients().
WithPackageManagerWithoutWait(clusterSpec, "", uc.managementKubeconfig).
WithUpgradeClusterDefaulter(upgradeCLIConfig)
WithUpgradeClusterDefaulter(upgradeCLIConfig).
WithAwsIamAuth(clusterSpec.Cluster)

if uc.timeoutOptions.noTimeouts {
factory.WithNoTimeouts()
Expand Down Expand Up @@ -214,6 +215,7 @@ func (uc *upgradeClusterOptions) upgradeCluster(cmd *cobra.Command, args []strin
deps.EksdInstaller,
deps.ClusterApplier,
deps.PackageManager,
deps.AwsIamAuth,
)

err = upgrade.Run(ctx, clusterSpec, managementCluster, upgradeValidations)
Expand All @@ -228,6 +230,7 @@ func (uc *upgradeClusterOptions) upgradeCluster(cmd *cobra.Command, args []strin
deps.ClusterApplier,
deps.EksdInstaller,
deps.PackageManager,
deps.AwsIamAuth,
)
err = upgradeWorkloadCluster.Run(ctx, workloadCluster, clusterSpec, upgradeValidations)
}
Expand Down
10 changes: 5 additions & 5 deletions pkg/awsiamauth/installer.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ func (i *Installer) InstallAWSIAMAuth(
return fmt.Errorf("applying aws-iam-authenticator manifest: %v", err)
}

if err = i.GenerateKubeconfig(ctx, management, workload, spec); err != nil {
if err = i.GenerateWorkloadKubeconfig(ctx, management, workload, spec); err != nil {
return err
}
return nil
Expand Down Expand Up @@ -118,8 +118,8 @@ func (i *Installer) generateInstallerKubeconfig(clusterSpec *cluster.Spec, serve
return i.templateBuilder.GenerateKubeconfig(clusterSpec, i.clusterID, serverURL, tlsCert)
}

// GenerateKubeconfig generates the AWS IAM auth kubeconfig.
func (i *Installer) GenerateKubeconfig(
// GenerateWorkloadKubeconfig generates the AWS IAM auth kubeconfig.
func (i *Installer) GenerateWorkloadKubeconfig(
ctx context.Context,
management, workload *types.Cluster,
spec *cluster.Spec,
Expand Down Expand Up @@ -160,8 +160,8 @@ func (i *Installer) GenerateKubeconfig(
return nil
}

// GenerateManagementAWSIAMKubeconfig generates the AWS IAM auth kubeconfig.
func (i *Installer) GenerateManagementAWSIAMKubeconfig(
// GenerateManagementKubeconfig generates the AWS IAM auth kubeconfig.
func (i *Installer) GenerateManagementKubeconfig(
ctx context.Context,
cluster *types.Cluster,
) error {
Expand Down
6 changes: 3 additions & 3 deletions pkg/awsiamauth/installer_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -355,7 +355,7 @@ func TestGenerateManagementAWSIAMKubeconfig(t *testing.T) {
installer := awsiamauth.NewInstaller(certs, clusterID, k8s, writer, kwriter)
kwriter.EXPECT().WriteKubeconfigContent(ctx, cluster.Name, secretValue, fileWriter)

err := installer.GenerateManagementAWSIAMKubeconfig(context.Background(), cluster)
err := installer.GenerateManagementKubeconfig(context.Background(), cluster)
if err != nil {
t.Fatal(err)
}
Expand All @@ -381,7 +381,7 @@ func TestGenerateManagementAWSIAMKubeconfigError(t *testing.T) {
kwriter := kubeconfigmocks.NewMockWriter(ctrl)
installer := awsiamauth.NewInstaller(certs, clusterID, k8s, writer, kwriter)

err := installer.GenerateManagementAWSIAMKubeconfig(context.Background(), cluster)
err := installer.GenerateManagementKubeconfig(context.Background(), cluster)
if err == nil {
t.Fatal(err)
}
Expand Down Expand Up @@ -410,7 +410,7 @@ func TestGenerateAWSIAMKubeconfigError(t *testing.T) {
installer := awsiamauth.NewInstaller(certs, clusterID, k8s, writer, kwriter)
kwriter.EXPECT().WriteKubeconfigContent(ctx, cluster.Name, secretValue, fileWriter).Return(errors.New("test"))

err := installer.GenerateManagementAWSIAMKubeconfig(context.Background(), cluster)
err := installer.GenerateManagementKubeconfig(context.Background(), cluster)
if err == nil {
t.Fatal(err)
}
Expand Down
22 changes: 1 addition & 21 deletions pkg/clustermanager/cluster_manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,6 @@ type ClusterManager struct {
retrier *retrier.Retrier
writer filewriter.FileWriter
diagnosticsFactory diagnostics.DiagnosticBundleFactory
awsIamAuth AwsIamAuth

machineMaxWait time.Duration
machineBackoff time.Duration
Expand Down Expand Up @@ -100,14 +99,6 @@ type CAPIClient interface {
GetWorkloadKubeconfig(ctx context.Context, clusterName string, cluster *types.Cluster) ([]byte, error)
}

type AwsIamAuth interface {
CreateAndInstallAWSIAMAuthCASecret(ctx context.Context, managementCluster *types.Cluster, workloadClusterName string) error
InstallAWSIAMAuth(ctx context.Context, management, workload *types.Cluster, spec *cluster.Spec) error
UpgradeAWSIAMAuth(ctx context.Context, cluster *types.Cluster, spec *cluster.Spec) error
GenerateKubeconfig(ctx context.Context, management, workload *types.Cluster, spec *cluster.Spec) error
GenerateManagementAWSIAMKubeconfig(ctx context.Context, cluster *types.Cluster) error
}

// EKSAComponents allows to manage the eks-a components installation in a cluster.
type EKSAComponents interface {
Install(ctx context.Context, log logr.Logger, cluster *types.Cluster, managementComponents *cluster.ManagementComponents, spec *cluster.Spec) error
Expand All @@ -122,7 +113,7 @@ func DefaultRetrier() *retrier.Retrier {
}

// New constructs a new ClusterManager.
func New(client ClientFactory, clusterClient ClusterClient, writer filewriter.FileWriter, diagnosticBundleFactory diagnostics.DiagnosticBundleFactory, awsIamAuth AwsIamAuth, eksaComponents EKSAComponents, opts ...ClusterManagerOpt) *ClusterManager {
func New(client ClientFactory, clusterClient ClusterClient, writer filewriter.FileWriter, diagnosticBundleFactory diagnostics.DiagnosticBundleFactory, eksaComponents EKSAComponents, opts ...ClusterManagerOpt) *ClusterManager {
c := &ClusterManager{
eksaComponents: eksaComponents,
ClientFactory: client,
Expand All @@ -133,7 +124,6 @@ func New(client ClientFactory, clusterClient ClusterClient, writer filewriter.Fi
machineMaxWait: DefaultMaxWaitPerMachine,
machineBackoff: machineBackoff,
machinesMinWait: defaultMachinesMinWait,
awsIamAuth: awsIamAuth,
controlPlaneWaitTimeout: DefaultControlPlaneWait,
controlPlaneWaitAfterMoveTimeout: DefaultControlPlaneWaitAfterMove,
externalEtcdWaitTimeout: DefaultEtcdWait,
Expand Down Expand Up @@ -395,11 +385,6 @@ func (c *ClusterManager) waitForDeployments(ctx context.Context, deploymentsByNa
return nil
}

// GenerateWorkloadAWSIAMKubeconfig generates a kubeconfig for interacting with the cluster with aws-iam-authenticator client.
func (c *ClusterManager) GenerateWorkloadAWSIAMKubeconfig(ctx context.Context, management, workload *types.Cluster, spec *cluster.Spec) error {
return c.awsIamAuth.GenerateKubeconfig(ctx, management, workload, spec)
}

func (c *ClusterManager) SaveLogsManagementCluster(ctx context.Context, spec *cluster.Spec, cluster *types.Cluster) error {
if cluster == nil {
return nil
Expand Down Expand Up @@ -835,11 +820,6 @@ func (c *ClusterManager) pauseReconcileForCluster(ctx context.Context, clusterCr
return nil
}

// GenerateManagementAWSIAMKubeconfig generates a kubeconfig for interacting with the cluster with aws-iam-authenticator client.
func (c *ClusterManager) GenerateManagementAWSIAMKubeconfig(ctx context.Context, cluster *types.Cluster) error {
return c.awsIamAuth.GenerateManagementAWSIAMKubeconfig(ctx, cluster)
}

func (c *ClusterManager) GetCurrentClusterSpec(ctx context.Context, clus *types.Cluster, clusterName string) (*cluster.Spec, error) {
eksaCluster, err := c.clusterClient.GetEksaCluster(ctx, clus, clusterName)
if err != nil {
Expand Down
4 changes: 1 addition & 3 deletions pkg/clustermanager/cluster_manager_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1024,7 +1024,6 @@ func newTest(t *testing.T, opts ...clustermanager.ClusterManagerOpt) *testSetup

type clusterManagerMocks struct {
writer *mockswriter.MockFileWriter
awsIamAuth *mocksmanager.MockAwsIamAuth
client *mocksmanager.MockClusterClient
provider *mocksprovider.MockProvider
diagnosticsBundle *mocksdiagnostics.MockDiagnosticBundle
Expand All @@ -1036,7 +1035,6 @@ func newClusterManager(t *testing.T, opts ...clustermanager.ClusterManagerOpt) (
mockCtrl := gomock.NewController(t)
m := &clusterManagerMocks{
writer: mockswriter.NewMockFileWriter(mockCtrl),
awsIamAuth: mocksmanager.NewMockAwsIamAuth(mockCtrl),
client: mocksmanager.NewMockClusterClient(mockCtrl),
provider: mocksprovider.NewMockProvider(mockCtrl),
diagnosticsFactory: mocksdiagnostics.NewMockDiagnosticBundleFactory(mockCtrl),
Expand Down Expand Up @@ -1068,7 +1066,7 @@ func newClusterManager(t *testing.T, opts ...clustermanager.ClusterManagerOpt) (
fakeClient := test.NewFakeKubeClient(dc, oc, b, r, ac, gc, er)
cf := mocksmanager.NewMockClientFactory(mockCtrl)
cf.EXPECT().BuildClientFromKubeconfig("").Return(fakeClient, nil).AnyTimes()
c := clustermanager.New(cf, m.client, m.writer, m.diagnosticsFactory, m.awsIamAuth, m.eksaComponents, opts...)
c := clustermanager.New(cf, m.client, m.writer, m.diagnosticsFactory, m.eksaComponents, opts...)

return c, m
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/clustermanager/cluster_manager_wb_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ func TestClusterManager_totalTimeoutForMachinesReadyWait(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := New(nil, nil, nil, nil, nil, nil, tt.opts...)
c := New(nil, nil, nil, nil, nil, tt.opts...)
g := NewWithT(t)
g.Expect(c.totalTimeoutForMachinesReadyWait(tt.replicas)).To(Equal(tt.want))
})
Expand Down
95 changes: 1 addition & 94 deletions pkg/clustermanager/mocks/client_and_networking.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 1 addition & 2 deletions pkg/dependencies/factory.go
Original file line number Diff line number Diff line change
Expand Up @@ -992,7 +992,7 @@ func (f *Factory) clusterManagerOpts(timeoutOpts *ClusterManagerTimeoutOptions)

// WithClusterManager builds a cluster manager based on the cluster config and timeout options.
func (f *Factory) WithClusterManager(clusterConfig *v1alpha1.Cluster, timeoutOpts *ClusterManagerTimeoutOptions) *Factory {
f.WithClusterctl().WithWriter().WithDiagnosticBundleFactory().WithAwsIamAuth(clusterConfig).WithFileReader().WithUnAuthKubeClient().WithKubernetesRetrierClient().WithEKSAInstaller()
f.WithClusterctl().WithWriter().WithDiagnosticBundleFactory().WithFileReader().WithUnAuthKubeClient().WithKubernetesRetrierClient().WithEKSAInstaller()

f.buildSteps = append(f.buildSteps, func(ctx context.Context) error {
if f.dependencies.ClusterManager != nil {
Expand All @@ -1009,7 +1009,6 @@ func (f *Factory) WithClusterManager(clusterConfig *v1alpha1.Cluster, timeoutOpt
client,
f.dependencies.Writer,
f.dependencies.DignosticCollectorFactory,
f.dependencies.AwsIamAuth,
f.dependencies.EksaInstaller,
f.clusterManagerOpts(timeoutOpts)...,
)
Expand Down
1 change: 1 addition & 0 deletions pkg/task/task.go
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ type CommandContext struct {
BackupClusterStateDir string
ForceCleanup bool
ClusterMover interfaces.ClusterMover
IamAuth interfaces.AwsIamAuth
}

func (c *CommandContext) SetError(err error) {
Expand Down
Loading

0 comments on commit 2d5791a

Please sign in to comment.