Merge pull request #4059 from nawazkh/natgateways_to_aso

migrate natgateways to use aso

Makefile

@@ -158,7 +158,7 @@ WEBHOOK_ROOT ?= $(MANIFEST_ROOT)/webhook
 RBAC_ROOT ?= $(MANIFEST_ROOT)/rbac
 ASO_CRDS_PATH := $(MANIFEST_ROOT)/aso/crds.yaml
 ASO_VERSION := v2.3.0
-ASO_CRDS := resourcegroups.resources.azure.com
+ASO_CRDS := resourcegroups.resources.azure.com natgateways.network.azure.com
 
 # Allow overriding the imagePullPolicy
 PULL_POLICY ?= Always

azure/scope/cluster.go

@@ -25,6 +25,7 @@ import (
 	"strconv"
 	"strings"
 
+	asonetworkv1 "github.com/Azure/azure-service-operator/v2/api/network/v1api20220701"
 	asoresourcesv1 "github.com/Azure/azure-service-operator/v2/api/resources/v1api20200601"
 	"github.com/pkg/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -320,9 +321,9 @@ func (s *ClusterScope) RouteTableSpecs() []azure.ResourceSpecGetter {
 }
 
 // NatGatewaySpecs returns the node NAT gateway.
-func (s *ClusterScope) NatGatewaySpecs() []azure.ResourceSpecGetter {
+func (s *ClusterScope) NatGatewaySpecs() []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway] {
 	natGatewaySet := make(map[string]struct{})
-	var natGateways []azure.ResourceSpecGetter
+	var natGateways []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]
 
 	// We ignore the control plane NAT gateway, as we will always use a LB to enable egress on the control plane.
 	for _, subnet := range s.NodeSubnets() {
@@ -331,6 +332,7 @@ func (s *ClusterScope) NatGatewaySpecs() []azure.ResourceSpecGetter {
 				natGatewaySet[subnet.NatGateway.Name] = struct{}{} // empty struct to represent hash set
 				natGateways = append(natGateways, &natgateways.NatGatewaySpec{
 					Name:           subnet.NatGateway.Name,
+					Namespace:      s.Namespace(),
 					ResourceGroup:  s.ResourceGroup(),
 					SubscriptionID: s.SubscriptionID(),
 					Location:       s.Location(),
@@ -339,6 +341,8 @@ func (s *ClusterScope) NatGatewaySpecs() []azure.ResourceSpecGetter {
 						Name: subnet.NatGateway.NatGatewayIP.Name,
 					},
 					AdditionalTags: s.AdditionalTags(),
+					// We need to know if the VNet is managed to decide if this NAT Gateway was-managed or not.
+					IsVnetManaged: s.IsVnetManaged(),
 				})
 			}
 		}

azure/scope/cluster_test.go

@@ -23,6 +23,7 @@ import (
 	"strings"
 	"testing"
 
+	asonetworkv1 "github.com/Azure/azure-service-operator/v2/api/network/v1api20220701"
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/Azure/go-autorest/autorest/azure/auth"
 	"github.com/google/go-cmp/cmp"
@@ -44,15 +45,15 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 )
 
-func specToString(spec azure.ResourceSpecGetter) string {
+func specToString(spec any) string {
 	var sb strings.Builder
 	sb.WriteString("{ ")
 	sb.WriteString(fmt.Sprintf("%+v ", spec))
 	sb.WriteString("}")
 	return sb.String()
 }
 
-func specArrayToString(specs []azure.ResourceSpecGetter) string {
+func specArrayToString[T any](specs []T) string {
 	var sb strings.Builder
 	sb.WriteString("[\n")
 	for _, spec := range specs {
@@ -867,7 +868,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 	tests := []struct {
 		name         string
 		clusterScope ClusterScope
-		want         []azure.ResourceSpecGetter
+		want         []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]
 	}{
 		{
 			name: "returns nil if no subnets are specified",
@@ -929,7 +930,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 				},
 				cache: &ClusterCache{},
 			},
-			want: []azure.ResourceSpecGetter{
+			want: []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]{
 				&natgateways.NatGatewaySpec{
 					Name:           "fake-nat-gateway-1",
 					ResourceGroup:  "my-rg",
@@ -940,6 +941,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 						Name: "44.78.67.90",
 					},
 					AdditionalTags: make(infrav1.Tags),
+					IsVnetManaged:  true,
 				},
 			},
 		},
@@ -1007,7 +1009,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 				},
 				cache: &ClusterCache{},
 			},
-			want: []azure.ResourceSpecGetter{
+			want: []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]{
 				&natgateways.NatGatewaySpec{
 					Name:           "fake-nat-gateway-1",
 					ResourceGroup:  "my-rg",
@@ -1018,6 +1020,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 						Name: "44.78.67.90",
 					},
 					AdditionalTags: make(infrav1.Tags),
+					IsVnetManaged:  true,
 				},
 			},
 		},
@@ -1084,7 +1087,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 				},
 				cache: &ClusterCache{},
 			},
-			want: []azure.ResourceSpecGetter{
+			want: []azure.ASOResourceSpecGetter[*asonetworkv1.NatGateway]{
 				&natgateways.NatGatewaySpec{
 					Name:           "fake-nat-gateway-1",
 					ResourceGroup:  "my-rg",
@@ -1095,6 +1098,7 @@ func TestNatGatewaySpecs(t *testing.T) {
 						Name: "44.78.67.90",
 					},
 					AdditionalTags: make(infrav1.Tags),
+					IsVnetManaged:  true,
 				},
 			},
 		},
@@ -1111,6 +1115,78 @@ func TestNatGatewaySpecs(t *testing.T) {
 	}
 }
 
+func TestSetNatGatewayIDInSubnets(t *testing.T) {
+	tests := []struct {
+		name          string
+		clusterScope  ClusterScope
+		asoNatgateway *asonetworkv1.NatGateway
+	}{
+		{
+			name: "sets nat gateway id in the matching subnet",
+			clusterScope: ClusterScope{
+				Cluster: &clusterv1.Cluster{
+					ObjectMeta: metav1.ObjectMeta{
+						Name: "my-cluster",
+					},
+				},
+				AzureCluster: &infrav1.AzureCluster{
+					Spec: infrav1.AzureClusterSpec{
+						NetworkSpec: infrav1.NetworkSpec{
+							Subnets: infrav1.Subnets{
+								{
+									SubnetClassSpec: infrav1.SubnetClassSpec{
+										Name: "fake-subnet-1",
+									},
+									NatGateway: infrav1.NatGateway{
+										NatGatewayClassSpec: infrav1.NatGatewayClassSpec{
+											Name: "fake-nat-gateway-1",
+										},
+									},
+								},
+								{
+									SubnetClassSpec: infrav1.SubnetClassSpec{
+										Name: "fake-subnet-2",
+									},
+									NatGateway: infrav1.NatGateway{
+										NatGatewayClassSpec: infrav1.NatGatewayClassSpec{
+											Name: "fake-nat-gateway-2",
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+				cache: &ClusterCache{},
+			},
+			asoNatgateway: &asonetworkv1.NatGateway{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "fake-nat-gateway-1",
+				},
+				Status: asonetworkv1.NatGateway_STATUS{
+					Id: ptr.To("dummy-id-1"),
+				},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			g := NewWithT(t)
+			t.Parallel()
+			tt.clusterScope.SetNatGatewayIDInSubnets(tt.asoNatgateway.Name, *tt.asoNatgateway.Status.Id)
+			for _, subnet := range tt.clusterScope.AzureCluster.Spec.NetworkSpec.Subnets {
+				if subnet.NatGateway.Name == tt.asoNatgateway.Name {
+					g.Expect(subnet.NatGateway.ID).To(Equal(*tt.asoNatgateway.Status.Id))
+				} else {
+					g.Expect(subnet.NatGateway.ID).To(Equal(""))
+				}
+			}
+		})
+	}
+}
+
 func TestNSGSpecs(t *testing.T) {
 	tests := []struct {
 		name         string

azure/services/natgateways/mock_natgateways/doc.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2019 The Kubernetes Authors.
+Copyright 2023 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.