EKS reflector implementation

This adds support for validating that the configuration for EKS and AKS clusters is provided when the type is selected.
weaveworks · Dec 21, 2023 · df699dd · df699dd
1 parent 1cec06f
commit df699dd
Show file tree

Hide file tree

Showing 12 changed files with 727 additions and 268 deletions.
diff --git a/api/v1alpha1/automatedclusterdiscovery_types.go b/api/v1alpha1/automatedclusterdiscovery_types.go
@@ -21,30 +21,39 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
-// AKS defines the desired state of AKS
+// AKS configures how AKS clusters are reflected.
 type AKS struct {
 	// SubscriptionID is the Azure subscription ID
 	// +required
 	SubscriptionID string `json:"subscriptionID"`
 }
 
+// EKS configures how AKS clusters are reflected.
+type EKS struct {
+	// Region is the AWS region
+	// +required
+	Region string `json:"region"`
+}
+
 // AutomatedClusterDiscoverySpec defines the desired state of AutomatedClusterDiscovery
 type AutomatedClusterDiscoverySpec struct {
-	// Name is the name of the cluster
-	Name string `json:"name,omitempty"`
-
-	// Type is the provider type.
-	// +kubebuilder:validation:Enum=aks;capi
+	// Type is the provider type
+	// +kubebuilder:validation:Enum=aks;eks;capi
 	Type string `json:"type"`
 
 	// If DisableTags is true, labels will not be applied to the generated
 	// Clusters from the tags on the upstream Clusters.
 	// +optional
 	DisableTags bool `json:"disableTags"`
 
-	// AKS configures discovery of AKS clusters from Azure.
+	// AKS configures discovery of AKS clusters from Azure. Must be provided if
+	// the type is aks.
 	AKS *AKS `json:"aks,omitempty"`
 
+	// EKS configures discovery of EKS clusters from AWS. Must be provided if
+	// the type is eks.
+	EKS *EKS `json:"eks,omitempty"`
+
 	// The interval at which to run the discovery
 	// +required
 	Interval metav1.Duration `json:"interval"`

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/cmd/cluster-reflector-cli/main.go b/cmd/cluster-reflector-cli/main.go
@@ -4,6 +4,8 @@ import (
 	"fmt"
 
 	gitopsv1alpha1 "github.com/weaveworks/cluster-controller/api/v1alpha1"
+	"github.com/weaveworks/cluster-reflector-controller/pkg/providers"
+	"github.com/weaveworks/cluster-reflector-controller/pkg/providers/aws"
 	"github.com/weaveworks/cluster-reflector-controller/pkg/providers/azure"
 	"github.com/weaveworks/cluster-reflector-controller/pkg/sync"
 	corev1 "k8s.io/api/core/v1"
@@ -21,25 +23,67 @@ type GitopsClusterOutput struct {
 	Secret        *corev1.Secret
 }
 
-func main() {
-	var azureSubscriptionID string
-	var namespace string
-	var export bool
+type Params struct {
+	Provider            string
+	AWSRegion           string
+	AzureSubscriptionID string
+	Namespace           string
+	Export              bool
+}
+
+var params Params
 
+const authHelperMessage = `
+If you're using a credential_process in your ~/.aws/config, you'll need to set the AWS_SDK_LOAD_CONFIG environment variable:
+
+AWS_SDK_LOAD_CONFIG=1 cluster-reflector-cli reflect ...
+`
+
+func main() {
 	var reflectCmd = &cobra.Command{
 		Use:   "reflect",
-		Short: "Reflect AKS clusters",
+		Short: "Reflect AKS/EKS clusters",
 		RunE: func(cmd *cobra.Command, args []string) error {
-			azureProvider := azure.NewAzureProvider(azureSubscriptionID)
+			if params.Provider == "" {
+				return fmt.Errorf("provider must be set")
+			}
+
+			if params.Provider != "aws" && params.Provider != "azure" {
+				return fmt.Errorf("provider must be aws or azure")
+			}
 
-			clusters, err := azureProvider.ListClusters(cmd.Context())
-			if err != nil {
-				return fmt.Errorf("failed to list clusters: %w", err)
+			if params.Provider == "azure" && params.AzureSubscriptionID == "" {
+				return fmt.Errorf("azure-subscription-id must be set")
+			}
+
+			if params.Namespace == "default" {
+				fmt.Fprint(cmd.ErrOrStderr(), "WARNING: You are using the default namespace. This is not recommended.\n")
+			}
+
+			clusters := []*providers.ProviderCluster{}
+			var err error
+
+			if params.Provider == "aws" {
+				awsProvider := aws.NewAWSProvider(params.AWSRegion)
+
+				clusters, err = awsProvider.ListClusters(cmd.Context())
+				if err != nil {
+					return fmt.Errorf("failed to list clusters: %w\n%s", err, authHelperMessage)
+				}
+			}
+
+			if params.Provider == "azure" {
+				azureProvider := azure.NewAzureProvider(params.AzureSubscriptionID)
+
+				clusters, err = azureProvider.ListClusters(cmd.Context())
+				if err != nil {
+					return fmt.Errorf("failed to list clusters: %w", err)
+				}
 			}
 
 			var k8sClient client.Client
 
-			if !export {
+			if !params.Export {
 				k8sClient, err = CreateClient()
 				if err != nil {
 					return fmt.Errorf("failed to create client: %w", err)
@@ -53,14 +97,14 @@ func main() {
 
 			exports := []runtime.Object{}
 			for _, cluster := range clusters {
-				gc, gcs, err := sync.SyncCluster(cmd.Context(), k8sClient, namespace, cluster)
+				gc, gcs, err := sync.SyncCluster(cmd.Context(), k8sClient, params.Namespace, cluster)
 				if err != nil {
 					return fmt.Errorf("failed to sync cluster: %w", err)
 				}
 				exports = append(exports, gc, gcs)
 			}
 
-			if export {
+			if params.Export {
 				for _, obj := range exports {
 					clusterBytes, err := yaml.Marshal(obj)
 					if err != nil {
@@ -80,9 +124,13 @@ func main() {
 		},
 	}
 
-	reflectCmd.Flags().StringVar(&azureSubscriptionID, "azure-subscription-id", "", "Azure Subscription ID")
-	reflectCmd.Flags().StringVar(&namespace, "namespace", "default", "Namespace to create the GitopsCluster in")
-	reflectCmd.Flags().BoolVar(&export, "export", false, "Export resources to stdout")
+	reflectCmd.Flags().StringVar(&params.Provider, "provider", "", "Provider to use (aws or azure)")
+	reflectCmd.Flags().StringVar(&params.AWSRegion, "region", "us-west-2", "AWS Region")
+	reflectCmd.Flags().StringVar(&params.AzureSubscriptionID, "azure-subscription-id", "", "Azure Subscription ID")
+	reflectCmd.Flags().StringVar(&params.Namespace, "namespace", "default", "Namespace to create the GitopsCluster in")
+	reflectCmd.Flags().BoolVar(&params.Export, "export", false, "Export resources to stdout")
+
+	reflectCmd.MarkFlagRequired("provider")
 
 	var rootCmd = &cobra.Command{Use: "cluster-reflector-cli"}
 	rootCmd.AddCommand(reflectCmd)

diff --git a/config/crd/bases/clusters.weave.works_automatedclusterdiscoveries.yaml b/config/crd/bases/clusters.weave.works_automatedclusterdiscoveries.yaml
@@ -44,7 +44,8 @@ spec:
               AutomatedClusterDiscovery
             properties:
               aks:
-                description: AKS defines the desired state of AKS
+                description: AKS configures discovery of AKS clusters from Azure.
+                  Must be provided if the type is aks.
                 properties:
                   subscriptionID:
                     description: SubscriptionID is the Azure subscription ID
@@ -66,20 +67,28 @@ spec:
                 description: If DisableTags is true, labels will not be applied to
                   the generated Clusters from the tags on the upstream Clusters.
                 type: boolean
+              eks:
+                description: EKS configures discovery of EKS clusters from AWS. Must
+                  be provided if the type is eks.
+                properties:
+                  region:
+                    description: Region is the AWS region
+                    type: string
+                required:
+                - region
+                type: object
               interval:
                 description: The interval at which to run the discovery
                 type: string
-              name:
-                description: Name is the name of the cluster
-                type: string
               suspend:
                 description: Suspend tells the controller to suspend the reconciliation
                   of this AutomatedClusterDiscovery.
                 type: boolean
               type:
-                description: Type is the provider type.
+                description: Type is the provider type
                 enum:
                 - aks
+                - eks
                 - capi
                 type: string
             required:

diff --git a/go.mod b/go.mod
@@ -7,6 +7,7 @@ require (
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.1
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v4 v4.3.0
 	github.com/Azure/go-autorest/autorest v0.11.29
+	github.com/aws/aws-sdk-go v1.44.137
 	github.com/fluxcd/pkg/apis/meta v1.1.2
 	github.com/fluxcd/pkg/runtime v0.41.0
 	github.com/google/go-cmp v0.5.9
@@ -60,6 +61,7 @@ require (
 	github.com/hashicorp/go-retryablehttp v0.7.4 // indirect
 	github.com/imdario/mergo v0.3.13 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect

diff --git a/go.sum b/go.sum
@@ -33,6 +33,8 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
 github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
+github.com/aws/aws-sdk-go v1.44.137 h1:GH2bUPiW7/gHtB04NxQOSOrKqFNjLGKmqt5YaO+K1SE=
+github.com/aws/aws-sdk-go v1.44.137/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@@ -160,6 +162,10 @@ github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
+github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
+github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
+github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
+github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
@@ -294,6 +300,7 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
 golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
 golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
@@ -324,12 +331,14 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
 golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
 golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
@@ -339,6 +348,7 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=