diff --git a/.github/workflows/go-presubmit.yml b/.github/workflows/go-presubmit.yml index 8bcf461f..e0d2a010 100644 --- a/.github/workflows/go-presubmit.yml +++ b/.github/workflows/go-presubmit.yml @@ -113,7 +113,7 @@ jobs: helm install \ -n open-cluster-management-addon --create-namespace \ cluster-proxy charts/cluster-proxy/ \ - --set tag=latest + --set tag=latest --set installByPlacement.placementName=default - name: Build&Run e2e test run: | kubectl wait --for=condition=ProxyServerDeployed=true managedproxyconfiguration cluster-proxy --timeout=60s diff --git a/Makefile b/Makefile index 6ae0f8e9..8dfe8a46 100644 --- a/Makefile +++ b/Makefile @@ -79,20 +79,6 @@ docker-push: ## Push docker image with the manager. ##@ Deployment -install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/crd | kubectl apply -f - - -uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/crd | kubectl delete -f - - -deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. - cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} - $(KUSTOMIZE) build config/default | kubectl apply -f - - -undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/default | kubectl delete -f - - - CONTROLLER_GEN = $(shell pwd)/bin/controller-gen controller-gen: ## Download controller-gen locally if necessary. $(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.14.0) diff --git a/charts/cluster-proxy/templates/addondeploymentconfig.yaml b/charts/cluster-proxy/templates/addondeploymentconfig.yaml new file mode 100644 index 00000000..744f08f8 --- /dev/null +++ b/charts/cluster-proxy/templates/addondeploymentconfig.yaml @@ -0,0 +1,7 @@ +apiVersion: addon.open-cluster-management.io/v1alpha1 +kind: AddOnDeploymentConfig +metadata: + name: cluster-proxy-agent-deploy-config + namespace: {{ .Release.Namespace }} +spec: + agentInstallNamespace: {{ .Values.spokeAddonNamespace }} diff --git a/charts/cluster-proxy/templates/clustermanagementaddon.yaml b/charts/cluster-proxy/templates/clustermanagementaddon.yaml index 0418fc3a..c049ca07 100644 --- a/charts/cluster-proxy/templates/clustermanagementaddon.yaml +++ b/charts/cluster-proxy/templates/clustermanagementaddon.yaml @@ -2,6 +2,8 @@ apiVersion: addon.open-cluster-management.io/v1alpha1 kind: ClusterManagementAddOn metadata: name: cluster-proxy + annotations: + "addon.open-cluster-management.io/lifecycle": "addon-manager" spec: addOnMeta: displayName: cluster-proxy @@ -13,3 +15,17 @@ spec: name: cluster-proxy - group: addon.open-cluster-management.io resource: addondeploymentconfigs + defaultConfig: + name: cluster-proxy-agent-deploy-config + namespace: {{ .Release.Namespace }} + {{- if .Values.installByPlacement.placementName }} + installStrategy: + type: Placements + placements: + - name: {{ .Values.installByPlacement.placementName }} + {{- if .Values.installByPlacement.placementNamespace }} + namespace: {{ .Values.installByPlacement.placementNamespace }} + {{- else }} + namespace: {{ .Release.Namespace }} + {{- end }} + {{- end }} diff --git a/charts/cluster-proxy/values.yaml b/charts/cluster-proxy/values.yaml index cf619840..3ca473c5 100644 --- a/charts/cluster-proxy/values.yaml +++ b/charts/cluster-proxy/values.yaml @@ -19,3 +19,7 @@ proxyServer: entrypointLoadBalancer: false entrypointAddress: "" port: 8091 + +installByPlacement: + placementName: "" + placementNamespace: "" diff --git a/cmd/addon-manager/main.go b/cmd/addon-manager/main.go index 7cfe1ab9..a24631f2 100644 --- a/cmd/addon-manager/main.go +++ b/cmd/addon-manager/main.go @@ -86,8 +86,7 @@ func main() { flag.StringVar(&config.AgentImageName, "agent-image-name", config.AgentImageName, "The name of the addon agent's image") - flag.StringVar(&config.AddonInstallNamespace, "agent-install-namespace", config.DefaultAddonInstallNamespace, - "The target namespace to install the addon agents.") + // This is deprecated. flag.BoolVar( &agentInstallAll, "agent-install-all", false, "Configure the install strategy of agent on managed clusters. "+ @@ -186,7 +185,6 @@ func main() { supportsV1CSR, mgr.GetClient(), nativeClient, - agentInstallAll, enableKubeApiProxy, addonClient, ) diff --git a/go.mod b/go.mod index 8d5aa423..e492263e 100644 --- a/go.mod +++ b/go.mod @@ -8,15 +8,15 @@ require ( github.com/openshift/library-go v0.0.0-20240304201338-a2ff756d8fc2 github.com/pkg/errors v0.9.1 github.com/stretchr/testify v1.9.0 - google.golang.org/grpc v1.62.0 + google.golang.org/grpc v1.62.1 k8s.io/api v0.29.2 k8s.io/apimachinery v0.29.2 k8s.io/client-go v0.29.2 k8s.io/klog/v2 v2.120.1 - k8s.io/utils v0.0.0-20240102154912-e7106e64919e - open-cluster-management.io/addon-framework v0.9.0 + k8s.io/utils v0.0.0-20240310230437-4693a0247e57 + open-cluster-management.io/addon-framework v0.9.2 open-cluster-management.io/api v0.13.0 - open-cluster-management.io/sdk-go v0.13.0 + open-cluster-management.io/sdk-go v0.13.1-0.20240416030555-aa744f426379 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 sigs.k8s.io/controller-runtime v0.17.2 ) @@ -45,7 +45,7 @@ require ( github.com/gobwas/glob v0.2.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect @@ -76,19 +76,19 @@ require ( github.com/xeipuuv/gojsonschema v1.2.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.26.0 // indirect - golang.org/x/crypto v0.18.0 // indirect + golang.org/x/crypto v0.19.0 // indirect golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 // indirect - golang.org/x/net v0.20.0 // indirect + golang.org/x/net v0.21.0 // indirect golang.org/x/oauth2 v0.16.0 // indirect - golang.org/x/sys v0.16.0 // indirect - golang.org/x/term v0.16.0 // indirect + golang.org/x/sys v0.17.0 // indirect + golang.org/x/term v0.17.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.17.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80 // indirect - google.golang.org/protobuf v1.32.0 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index cfd0d89b..81fa94b0 100644 --- a/go.sum +++ b/go.sum @@ -53,8 +53,8 @@ github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= @@ -171,8 +171,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= -golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= +golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc= golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -185,8 +185,8 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= -golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= +golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= +golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ= golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -202,13 +202,13 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= -golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE= -golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= +golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= @@ -235,12 +235,12 @@ google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAs google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80 h1:AjyfHzEPEFp/NpvfN5g+KDla3EMojjhRVZc1i7cj+oM= google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80/go.mod h1:PAREbraiVEVGVdTZsVWjSbbTtSyGbAgIIvni8a8CD5s= -google.golang.org/grpc v1.62.0 h1:HQKZ/fa1bXkX1oFOvSjmZEUL8wLSaZTjCcLAlmZRtdk= -google.golang.org/grpc v1.62.0/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= +google.golang.org/grpc v1.62.1 h1:B4n+nfKzOICUXMgyrNd19h/I9oH0L1pizfk1d4zSgTk= +google.golang.org/grpc v1.62.1/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= -google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= @@ -274,14 +274,14 @@ k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= -k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -open-cluster-management.io/addon-framework v0.9.0 h1:7QKLgfRns2BRLFigjIaWVTPCwG9feM+CNtZ22Yf2I20= -open-cluster-management.io/addon-framework v0.9.0/go.mod h1:OEIFCEXhZKO/Grv08CB0T+TGzS0bLshw4G9u7Vw8dw0= +k8s.io/utils v0.0.0-20240310230437-4693a0247e57 h1:gbqbevonBh57eILzModw6mrkbwM0gQBEuevE/AaBsHY= +k8s.io/utils v0.0.0-20240310230437-4693a0247e57/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +open-cluster-management.io/addon-framework v0.9.2 h1:oQnk6Y6433Fvi/MC8sWoy68lHzkqPsFLj7IEx07kFfU= +open-cluster-management.io/addon-framework v0.9.2/go.mod h1:LDkGLGTQh+sthF1qWlv87iMeAuRPsNEMK31O14kMneA= open-cluster-management.io/api v0.13.0 h1:dlcJEZlNlE0DmSDctK2s7iWKg9l+Tgb0V78Z040nMuk= open-cluster-management.io/api v0.13.0/go.mod h1:CuCPEzXDvOyxBB0H1d1eSeajbHqaeGEKq9c63vQc63w= -open-cluster-management.io/sdk-go v0.13.0 h1:ddMGsPUekQr9z03tVN6vF39Uf+WEKMtGU/xSd81HdoA= -open-cluster-management.io/sdk-go v0.13.0/go.mod h1:UnsjzYOrDTF9a8rHEXksoIAtAdO1o5CD5Jtaw6T5B9w= +open-cluster-management.io/sdk-go v0.13.1-0.20240416030555-aa744f426379 h1:8jXVHfgy+wgXq1mrWC1mTieoP77WsAAHNpzILMIzWB0= +open-cluster-management.io/sdk-go v0.13.1-0.20240416030555-aa744f426379/go.mod h1:w2OaxtCyegxeyFLU42UQ3oxUz01QdsBQkcHI17T/l48= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 h1:/U5vjBbQn3RChhv7P11uhYvCSm5G2GaIi5AIGBS6r4c= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0/go.mod h1:z7+wmGM2dfIiLRfrC6jb5kV2Mq/sK1ZP303cxzkV5Y4= sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeGOUvw0= diff --git a/pkg/config/agent.go b/pkg/config/agent.go index f04efd0a..c0850e5f 100644 --- a/pkg/config/agent.go +++ b/pkg/config/agent.go @@ -15,10 +15,6 @@ import ( // Can be override via "--agent-image-name" on the hub addon manager. var AgentImageName string -// AgentImageName is the installing namespace of the spoke addon agent. -// Can be override via "--agent-install-namespace" on the hub addon manager. -var AddonInstallNamespace = DefaultAddonInstallNamespace - const DefaultAddonInstallNamespace = "open-cluster-management-cluster-proxy" func GetParsedAgentImage(defaultAgentImageName string) (string, string, string, error) { diff --git a/pkg/proxyagent/agent/agent.go b/pkg/proxyagent/agent/agent.go index 29cd9a88..1a0ff014 100644 --- a/pkg/proxyagent/agent/agent.go +++ b/pkg/proxyagent/agent/agent.go @@ -54,7 +54,6 @@ func NewAgentAddon( v1CSRSupported bool, runtimeClient client.Client, nativeClient kubernetes.Interface, - agentInstallAll bool, enableKubeApiProxy bool, addonClient addonclient.Interface) (agent.AgentAddon, error) { caCertData, caKeyData, err := signer.CA().Config.GetPEMBytes() @@ -145,11 +144,10 @@ func NewAgentAddon( utils.NewAddOnDeploymentConfigGetter(addonClient), toAgentAddOnChartValues(caCertData), ), - ) - - if agentInstallAll { - agentFactory.WithInstallStrategy(agent.InstallAllStrategy(config.AddonInstallNamespace)) - } + ). + WithAgentInstallNamespace(utils.AgentInstallNamespaceFromDeploymentConfigFunc( + utils.NewAddOnDeploymentConfigGetter(addonClient), + )) return agentFactory.BuildHelmAgentAddon() } @@ -167,8 +165,8 @@ func GetClusterProxyValueFunc( managedProxyConfigurations := []string{} for _, configReference := range addon.Status.ConfigReferences { - if config.IsManagedProxyConfiguration(configReference.ConfigGroupResource) { - managedProxyConfigurations = append(managedProxyConfigurations, configReference.Name) + if config.IsManagedProxyConfiguration(configReference.ConfigGroupResource) && configReference.DesiredConfig != nil { + managedProxyConfigurations = append(managedProxyConfigurations, configReference.DesiredConfig.Name) } } @@ -276,9 +274,15 @@ func GetClusterProxyValueFunc( var aids []string // add default kube-apiserver agentIdentifiers + + // get agent namespace from addon status + namespace := config.DefaultAddonInstallNamespace + if len(addon.Status.Namespace) > 0 { + namespace = addon.Status.Namespace + } if enableKubeApiProxy { aids = append(aids, fmt.Sprintf("host=%s", cluster.Name)) - aids = append(aids, fmt.Sprintf("host=%s.%s", cluster.Name, config.AddonInstallNamespace)) + aids = append(aids, fmt.Sprintf("host=%s.%s", cluster.Name, namespace)) } // add servicesToExpose into aids for _, s := range servicesToExpose { diff --git a/pkg/proxyagent/agent/agent_test.go b/pkg/proxyagent/agent/agent_test.go index 9a1f134e..ac7bda46 100644 --- a/pkg/proxyagent/agent/agent_test.go +++ b/pkg/proxyagent/agent/agent_test.go @@ -35,7 +35,6 @@ import ( clusterv1 "open-cluster-management.io/api/cluster/v1" clusterv1beta2 "open-cluster-management.io/api/cluster/v1beta2" proxyv1alpha1 "open-cluster-management.io/cluster-proxy/pkg/apis/proxy/v1alpha1" - "open-cluster-management.io/cluster-proxy/pkg/config" "open-cluster-management.io/cluster-proxy/pkg/proxyserver/operator/authentication/selfsigned" "open-cluster-management.io/cluster-proxy/pkg/util" runtimeclient "sigs.k8s.io/controller-runtime/pkg/client" @@ -313,24 +312,20 @@ func TestRemoveDupAndSortservicesToExpose(t *testing.T) { func TestAgentAddonRegistrationOption(t *testing.T) { cases := []struct { - name string - signerName string - v1CSRSupported bool - agentInstallAll bool - cluster *clusterv1.ManagedCluster - addon *addonv1alpha1.ManagedClusterAddOn - expextedCSRConfigs int - expectedCSRApprove bool - expectedSignedCSR bool - expectedInstallNamespace string + name string + signerName string + v1CSRSupported bool + cluster *clusterv1.ManagedCluster + addon *addonv1alpha1.ManagedClusterAddOn + expextedCSRConfigs int + expectedCSRApprove bool + expectedSignedCSR bool }{ { - name: "install all", - agentInstallAll: true, - cluster: newCluster("cluster", false), - addon: newAddOn("addon", "cluster"), - expextedCSRConfigs: 1, - expectedInstallNamespace: config.AddonInstallNamespace, + name: "install all", + cluster: newCluster("cluster", false), + addon: newAddOn("addon", "cluster"), + expextedCSRConfigs: 1, }, { name: "csr v1 supported", @@ -366,7 +361,6 @@ func TestAgentAddonRegistrationOption(t *testing.T) { c.v1CSRSupported, nil, fakeKubeClient, - c.agentInstallAll, true, nil, ) @@ -394,10 +388,6 @@ func TestAgentAddonRegistrationOption(t *testing.T) { cert := options.Registration.CSRSign(newCSR(c.signerName)) assert.Equal(t, c.expectedSignedCSR, (len(cert) != 0)) - - if c.expectedInstallNamespace != "" { - assert.Equal(t, c.expectedInstallNamespace, options.InstallStrategy.InstallNamespace) - } }) } } @@ -757,13 +747,12 @@ func TestNewAgentAddon(t *testing.T) { c.v1CSRSupported, fakeRuntimeClient, fakeKubeClient, - false, c.enableKubeApiProxy, fakeAddonClient, ) assert.NoError(t, err) - manifests, err := agentAddOn.Manifests(c.cluster, c.addon) + manifests, err := agentAddOn.Manifests(c.cluster, c.addon.DeepCopy()) if c.expectedErrorMsg != "" { assert.ErrorContains(t, err, c.expectedErrorMsg) return @@ -878,8 +867,11 @@ func newManagedProxyConfigReference(name string) addonv1alpha1.ConfigReference { Group: "proxy.open-cluster-management.io", Resource: "managedproxyconfigurations", }, - ConfigReferent: addonv1alpha1.ConfigReferent{ - Name: name, + DesiredConfig: &addonv1alpha1.ConfigSpecHash{ + ConfigReferent: addonv1alpha1.ConfigReferent{ + Name: name, + }, + SpecHash: "dummy", }, } } @@ -894,6 +886,13 @@ func newAddOndDeploymentConfigReference(name, namespace string) addonv1alpha1.Co Name: name, Namespace: namespace, }, + DesiredConfig: &addonv1alpha1.ConfigSpecHash{ + ConfigReferent: addonv1alpha1.ConfigReferent{ + Name: name, + Namespace: namespace, + }, + SpecHash: "dummy", + }, } } diff --git a/test/e2e/certificate/certificate.go b/test/e2e/certificate/certificate.go index d012613b..e20ab017 100644 --- a/test/e2e/certificate/certificate.go +++ b/test/e2e/certificate/certificate.go @@ -4,6 +4,7 @@ import ( "context" "crypto/x509" "encoding/pem" + "fmt" "time" . "github.com/onsi/ginkgo/v2" @@ -11,7 +12,6 @@ import ( certificatesv1 "k8s.io/api/certificates/v1" corev1 "k8s.io/api/core/v1" - apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/kubernetes" @@ -32,17 +32,14 @@ var _ = Describe("Certificate rotation Test", It("Agent certificate's signer should be custom signer", func() { Eventually( - func() (bool, error) { + func() error { By("ManagedClusterAddon should be present firstly") addon := &addonapiv1alpha1.ManagedClusterAddOn{} if err := f.HubRuntimeClient().Get(context.TODO(), types.NamespacedName{ Namespace: f.TestClusterName(), Name: common.AddonName, }, addon); err != nil { - if apierrors.IsNotFound(err) { - return false, nil - } - return false, err + return err } By("A csr with custom signer should be issued") csrList := &certificatesv1.CertificateSigningRequestList{} @@ -50,8 +47,12 @@ var _ = Describe("Certificate rotation Test", addonapiv1alpha1.AddonLabelKey: common.AddonName, clusterapiv1.ClusterNameLabelKey: f.TestClusterName(), }) - Expect(err).NotTo(HaveOccurred()) - Expect(len(csrList.Items) >= 1).Should(BeTrue()) + if err != nil { + return err + } + if len(csrList.Items) == 0 { + return fmt.Errorf("no csr created") + } exists := false for _, csr := range csrList.Items { if csr.Spec.SignerName == agent.ProxyAgentSignerName { @@ -63,20 +64,17 @@ var _ = Describe("Certificate rotation Test", By("Agent secret should be created (after CSR approval)") agentSecret := &corev1.Secret{} err = f.HubRuntimeClient().Get(context.TODO(), types.NamespacedName{ - Namespace: addon.Spec.InstallNamespace, + Namespace: addon.Status.Namespace, Name: agent.AgentSecretName, }, agentSecret) if err != nil { - if apierrors.IsNotFound(err) { - return false, nil - } - return false, err + return err } - return true, nil + return nil }). WithTimeout(time.Minute). WithPolling(time.Second * 10). - Should(BeTrue()) + Should(Succeed()) }) It("Certificate SAN customizing should work", diff --git a/test/e2e/connect/connect.go b/test/e2e/connect/connect.go index e6fb173c..4047810b 100644 --- a/test/e2e/connect/connect.go +++ b/test/e2e/connect/connect.go @@ -18,7 +18,6 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" - clusterv1beta2 "open-cluster-management.io/api/cluster/v1beta2" proxyv1alpha1 "open-cluster-management.io/cluster-proxy/pkg/apis/proxy/v1alpha1" "open-cluster-management.io/cluster-proxy/pkg/util" @@ -52,10 +51,8 @@ var _ = Describe("Connectivity Test", func() { Expect(err).NotTo(HaveOccurred()) } - err = deployMCS(context.Background(), managedclusterset, f) - if err != nil && !apierrors.IsAlreadyExists(err) { - Expect(err).NotTo(HaveOccurred()) - } + err = f.DeployClusterSetAndBinding(context.Background(), managedclusterset, "default") + Expect(err).NotTo(HaveOccurred()) err = deployMPSR(context.Background(), serviceName, serviceName, serviceNamespace, managedclusterset, f) if err != nil && !apierrors.IsAlreadyExists(err) { @@ -249,14 +246,6 @@ func deployHelleWorldApplication(ctx context.Context, name, namespace string, e2 return nil } -func deployMCS(ctx context.Context, clusterset string, e2eframe framework.Framework) error { - return e2eframe.HubRuntimeClient().Create(ctx, &clusterv1beta2.ManagedClusterSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: clusterset, - }, - }) -} - func deployMPSR(ctx context.Context, name string, serviceName string, serviceNamespace string, managedclusterSet string, e2eframe framework.Framework) error { return e2eframe.HubRuntimeClient().Create(ctx, &proxyv1alpha1.ManagedProxyServiceResolver{ ObjectMeta: metav1.ObjectMeta{ diff --git a/test/e2e/framework/framework.go b/test/e2e/framework/framework.go index 4a90b639..e5cefc16 100644 --- a/test/e2e/framework/framework.go +++ b/test/e2e/framework/framework.go @@ -10,6 +10,8 @@ import ( "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" + clusterv1beta1 "open-cluster-management.io/api/cluster/v1beta1" + clusterv1beta2 "open-cluster-management.io/api/cluster/v1beta2" proxyv1alpha1 "open-cluster-management.io/cluster-proxy/pkg/apis/proxy/v1alpha1" "sigs.k8s.io/controller-runtime/pkg/client" @@ -26,6 +28,8 @@ type Framework interface { HubNativeClient() kubernetes.Interface HubRuntimeClient() client.Client + + DeployClusterSetAndBinding(ctx context.Context, clusterset, namespace string) error } var _ Framework = &framework{} @@ -67,6 +71,33 @@ func (f *framework) HubRuntimeClient() client.Client { return runtimeClient } +func (f *framework) DeployClusterSetAndBinding(ctx context.Context, clusterset, namespace string) error { + err := f.HubRuntimeClient().Create(ctx, &clusterv1beta2.ManagedClusterSet{ + ObjectMeta: metav1.ObjectMeta{ + Name: clusterset, + }, + }) + + if err != nil && !apierrors.IsAlreadyExists(err) { + return err + } + + err = f.HubRuntimeClient().Create(ctx, &clusterv1beta2.ManagedClusterSetBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: clusterset, + Namespace: namespace, + }, + Spec: clusterv1beta2.ManagedClusterSetBindingSpec{ + ClusterSet: clusterset, + }, + }) + if err != nil && !apierrors.IsAlreadyExists(err) { + return err + } + + return nil +} + func (f *framework) TestClusterName() string { return f.ctx.TestCluster } @@ -95,6 +126,26 @@ func (f *framework) BeforeEach() { Expect(c.Create(context.TODO(), proxyConfiguration)).NotTo(HaveOccurred()) } Expect(err).NotTo(HaveOccurred()) + + err = f.DeployClusterSetAndBinding(context.TODO(), "default", "open-cluster-management-addon") + Expect(err).NotTo(HaveOccurred()) + + // create a placement + placement := &clusterv1beta1.Placement{ + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + Namespace: "open-cluster-management-addon", + }, + Spec: clusterv1beta1.PlacementSpec{ + ClusterSets: []string{"default"}, + }, + } + + err = c.Create(context.TODO(), placement) + if apierrors.IsAlreadyExists(err) { + return + } + Expect(err).NotTo(HaveOccurred()) } func (f *framework) AfterEach() { diff --git a/test/e2e/framework/scheme.go b/test/e2e/framework/scheme.go index 3f4cd28e..244a6a0d 100644 --- a/test/e2e/framework/scheme.go +++ b/test/e2e/framework/scheme.go @@ -6,6 +6,7 @@ import ( k8sscheme "k8s.io/client-go/kubernetes/scheme" addonv1alpha1 "open-cluster-management.io/api/addon/v1alpha1" clusterv1 "open-cluster-management.io/api/cluster/v1" + clusterv1beta1 "open-cluster-management.io/api/cluster/v1beta1" clusterv1beta2 "open-cluster-management.io/api/cluster/v1beta2" proxyv1alpha1 "open-cluster-management.io/cluster-proxy/pkg/apis/proxy/v1alpha1" ) @@ -14,8 +15,9 @@ var scheme = runtime.NewScheme() func init() { utilruntime.Must(proxyv1alpha1.AddToScheme(scheme)) - utilruntime.Must(clusterv1.AddToScheme(scheme)) - utilruntime.Must(clusterv1beta2.AddToScheme(scheme)) - utilruntime.Must(addonv1alpha1.AddToScheme(scheme)) + utilruntime.Must(clusterv1.Install(scheme)) + utilruntime.Must(clusterv1beta2.Install(scheme)) + utilruntime.Must(clusterv1beta1.Install(scheme)) + utilruntime.Must(addonv1alpha1.Install(scheme)) utilruntime.Must(k8sscheme.AddToScheme(scheme)) } diff --git a/test/e2e/install/install.go b/test/e2e/install/install.go index aac1525a..2a5c6414 100644 --- a/test/e2e/install/install.go +++ b/test/e2e/install/install.go @@ -97,6 +97,7 @@ var _ = Describe("Basic install Test", NodeSelector: nodeSelector, Tolerations: tolerations, }, + AgentInstallNamespace: config.DefaultAddonInstallNamespace, }, }) }).WithTimeout(time.Minute).ShouldNot(HaveOccurred()) @@ -152,7 +153,7 @@ var _ = Describe("Basic install Test", Eventually(func() error { deploy := &appsv1.Deployment{} if err := c.Get(context.TODO(), types.NamespacedName{ - Namespace: config.AddonInstallNamespace, + Namespace: config.DefaultAddonInstallNamespace, Name: "cluster-proxy-proxy-agent", }, deploy); err != nil { return err @@ -216,7 +217,7 @@ var _ = Describe("Basic install Test", proxyAgentDeploy := &appsv1.Deployment{} err = c.Get(context.TODO(), types.NamespacedName{ - Namespace: config.AddonInstallNamespace, + Namespace: config.DefaultAddonInstallNamespace, Name: proxyConfiguration.Name + "-" + common.ComponentNameProxyAgent, }, proxyAgentDeploy) if err != nil { @@ -237,7 +238,7 @@ func waitAgentReady(proxyConfiguration *proxyv1alpha1.ManagedProxyConfiguration, Eventually( func() int { podList, err := client.CoreV1(). - Pods(config.AddonInstallNamespace). + Pods(config.DefaultAddonInstallNamespace). List(context.TODO(), metav1.ListOptions{ LabelSelector: common.LabelKeyComponentName + "=" + common.ComponentNameProxyAgent, })