From f750073af60a1301b4a2cd1405d9897e1ce7963a Mon Sep 17 00:00:00 2001 From: Dario Tranchitella Date: Wed, 7 May 2025 12:13:00 +0200 Subject: [PATCH] refactor!: k8s api server validation for kubelet preferred address type uniqueness (#812) * feat(api): relying on k8s list set for unique items Signed-off-by: Dario Tranchitella * feat(crd)!: relying on k8s list set for unique items Signed-off-by: Dario Tranchitella * chore(webhook): removing unused webhook for kubelet preferred address type Signed-off-by: Dario Tranchitella * docs(crd): kubelet preferred address type uniqueness Signed-off-by: Dario Tranchitella --------- Signed-off-by: Dario Tranchitella --- api/v1alpha1/tenantcontrolplane_types.go | 3 +- ...kamaji.clastix.io_tenantcontrolplanes.yaml | 3 +- cmd/manager/cmd.go | 1 - docs/content/reference/api.md | 2 +- .../webhook/handlers/tcp_kubeletaddresses.go | 53 ------------------- 5 files changed, 5 insertions(+), 57 deletions(-) delete mode 100644 internal/webhook/handlers/tcp_kubeletaddresses.go diff --git a/api/v1alpha1/tenantcontrolplane_types.go b/api/v1alpha1/tenantcontrolplane_types.go index 273ee15..b9bfa54 100644 --- a/api/v1alpha1/tenantcontrolplane_types.go +++ b/api/v1alpha1/tenantcontrolplane_types.go @@ -70,8 +70,9 @@ type KubeletSpec struct { // Default to Hostname, InternalIP, ExternalIP. //+kubebuilder:default={"Hostname","InternalIP","ExternalIP"} //+kubebuilder:validation:MinItems=1 + //+listType=set PreferredAddressTypes []KubeletPreferredAddressType `json:"preferredAddressTypes,omitempty"` - // CGroupFS defines the cgroup driver for Kubelet + // CGroupFS defines the cgroup driver for Kubelet // https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/configure-cgroup-driver/ CGroupFS CGroupDriver `json:"cgroupfs,omitempty"` } diff --git a/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml b/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml index b3d3b66..a9608c1 100644 --- a/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml +++ b/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml @@ -6535,7 +6535,7 @@ spec: properties: cgroupfs: description: |- - CGroupFS defines the cgroup driver for Kubelet + CGroupFS defines the cgroup driver for Kubelet https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/configure-cgroup-driver/ enum: - systemd @@ -6559,6 +6559,7 @@ spec: type: string minItems: 1 type: array + x-kubernetes-list-type: set type: object version: description: Kubernetes Version for the tenant control plane diff --git a/cmd/manager/cmd.go b/cmd/manager/cmd.go index 7f0c2d2..83613df 100644 --- a/cmd/manager/cmd.go +++ b/cmd/manager/cmd.go @@ -223,7 +223,6 @@ func NewCmd(scheme *runtime.Scheme) *cobra.Command { handlers.TenantControlPlaneCertSANs{}, handlers.TenantControlPlaneName{}, handlers.TenantControlPlaneVersion{}, - handlers.TenantControlPlaneKubeletAddresses{}, handlers.TenantControlPlaneDataStore{Client: mgr.GetClient()}, handlers.TenantControlPlaneDeployment{ Client: mgr.GetClient(), diff --git a/docs/content/reference/api.md b/docs/content/reference/api.md index c778130..a31da3a 100644 --- a/docs/content/reference/api.md +++ b/docs/content/reference/api.md @@ -13500,7 +13500,7 @@ Full reference available here: https://kubernetes.io/docs/reference/access-authn cgroupfs enum - CGroupFS defines the cgroup driver for Kubelet + CGroupFS defines the cgroup driver for Kubelet https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/configure-cgroup-driver/

Enum: systemd, cgroupfs
diff --git a/internal/webhook/handlers/tcp_kubeletaddresses.go b/internal/webhook/handlers/tcp_kubeletaddresses.go deleted file mode 100644 index a0f03a6..0000000 --- a/internal/webhook/handlers/tcp_kubeletaddresses.go +++ /dev/null @@ -1,53 +0,0 @@ -// Copyright 2022 Clastix Labs -// SPDX-License-Identifier: Apache-2.0 - -package handlers - -import ( - "context" - "fmt" - - "gomodules.xyz/jsonpatch/v2" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/util/sets" - "sigs.k8s.io/controller-runtime/pkg/webhook/admission" - - kamajiv1alpha1 "github.com/clastix/kamaji/api/v1alpha1" - "github.com/clastix/kamaji/internal/webhook/utils" -) - -type TenantControlPlaneKubeletAddresses struct{} - -func (t TenantControlPlaneKubeletAddresses) OnCreate(object runtime.Object) AdmissionResponse { - return func(context.Context, admission.Request) ([]jsonpatch.JsonPatchOperation, error) { - tcp := object.(*kamajiv1alpha1.TenantControlPlane) //nolint:forcetypeassert - - return nil, t.validatePreferredKubeletAddressTypes(tcp.Spec.Kubernetes.Kubelet.PreferredAddressTypes) - } -} - -func (t TenantControlPlaneKubeletAddresses) OnDelete(runtime.Object) AdmissionResponse { - return utils.NilOp() -} - -func (t TenantControlPlaneKubeletAddresses) OnUpdate(object runtime.Object, _ runtime.Object) AdmissionResponse { - return func(context.Context, admission.Request) ([]jsonpatch.JsonPatchOperation, error) { - tcp := object.(*kamajiv1alpha1.TenantControlPlane) //nolint:forcetypeassert - - return nil, t.validatePreferredKubeletAddressTypes(tcp.Spec.Kubernetes.Kubelet.PreferredAddressTypes) - } -} - -func (t TenantControlPlaneKubeletAddresses) validatePreferredKubeletAddressTypes(addressTypes []kamajiv1alpha1.KubeletPreferredAddressType) error { - s := sets.New[string]() - - for _, at := range addressTypes { - if s.Has(string(at)) { - return fmt.Errorf("preferred kubelet address types is stated multiple times: %s", at) - } - - s.Insert(string(at)) - } - - return nil -}