Skip to content

Commit

Permalink
rosacontrolplane: support a separate billing account
Browse files Browse the repository at this point in the history
Signed-off-by: Steve Kuznetsov <[email protected]>
  • Loading branch information
stevekuznetsov committed Feb 27, 2024
1 parent ddc3065 commit bf714d8
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,17 @@ spec:
items:
type: string
type: array
billingAccount:
description: BillingAccount is an optional AWS account to use for
billing the subscription fees for ROSA clusters. The cost of running
each ROSA cluster will be billed to the infrastructure account in
which the cluster is running.
type: string
x-kubernetes-validations:
- message: billingAccount is immutable
rule: self == oldSelf
- message: billingAccount must be a valid AWS account ID
rule: self.matches('^[0-9]{12}$')
controlPlaneEndpoint:
description: ControlPlaneEndpoint represents the endpoint used to
communicate with the control plane.
Expand Down
10 changes: 10 additions & 0 deletions controlplane/rosa/api/v1beta2/rosacontrolplane_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,16 @@ type RosaControlPlaneSpec struct { //nolint: maligned
SupportRoleARN *string `json:"supportRoleARN"`
WorkerRoleARN *string `json:"workerRoleARN"`

// +immutable
// +kubebuilder:validation:Optional
// +kubebuilder:validation:XValidation:rule="self == oldSelf", message="billingAccount is immutable"
// +kubebuilder:validation:XValidation:rule="self.matches('^[0-9]{12}$')", message="billingAccount must be a valid AWS account ID"

// BillingAccount is an optional AWS account to use for billing the subscription fees for ROSA clusters.
// The cost of running each ROSA cluster will be billed to the infrastructure account in which the cluster
// is running.
BillingAccount string `json:"billingAccount,omitempty"`

// CredentialsSecretRef references a secret with necessary credentials to connect to the OCM API.
// The secret should contain the following data keys:
// - ocmToken: eyJhbGciOiJIUzI1NiIsI....
Expand Down
11 changes: 9 additions & 2 deletions controlplane/rosa/controllers/rosacontrolplane_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,7 @@ func (r *ROSAControlPlaneReconciler) reconcileNormal(ctx context.Context, rosaSc
}

if validationMessage, validationError := validateControlPlaneSpec(ocmClient, rosaScope); validationError != nil {
return ctrl.Result{}, fmt.Errorf("validate ROSAControlPlane.spec: %w", err)
return ctrl.Result{}, fmt.Errorf("validate ROSAControlPlane.spec: %w", validationError)
} else if validationMessage != "" {
rosaScope.ControlPlane.Status.FailureMessage = ptr.To(validationMessage)
// dont' requeue because input is invalid and manual intervention is needed.
Expand Down Expand Up @@ -268,14 +268,21 @@ func (r *ROSAControlPlaneReconciler) reconcileNormal(ctx context.Context, rosaSc
rosaScope.Error(err, "rosacontrolplane.spec.machineCIDR invalid")
}

billingAccount := *rosaScope.Identity.Account
if rosaScope.ControlPlane.Spec.BillingAccount != "" {
billingAccount = rosaScope.ControlPlane.Spec.BillingAccount
}

spec := ocm.Spec{
DryRun: ptr.To(false),
Name: rosaScope.RosaClusterName(),
Region: *rosaScope.ControlPlane.Spec.Region,
MultiAZ: true,
Version: ocm.CreateVersionID(rosaScope.ControlPlane.Spec.Version, ocm.DefaultChannelGroup),
ChannelGroup: "stable",
Expiration: time.Now().Add(1 * time.Hour),
DisableWorkloadMonitoring: ptr.To(true),
DefaultIngress: ocm.NewDefaultIngressSpec(), // n.b. this is a no-op when it's set to the default value

SubnetIds: rosaScope.ControlPlane.Spec.Subnets,
AvailabilityZones: rosaScope.ControlPlane.Spec.AvailabilityZones,
Expand Down Expand Up @@ -332,7 +339,7 @@ func (r *ROSAControlPlaneReconciler) reconcileNormal(ctx context.Context, rosaSc
Hypershift: ocm.Hypershift{
Enabled: true,
},
BillingAccount: *rosaScope.Identity.Account,
BillingAccount: billingAccount,
AWSCreator: creator,
}

Expand Down

0 comments on commit bf714d8

Please sign in to comment.