Only use security groups and subnets if defined

Author: fiunchinho

Makefile.custom.mk

@@ -119,7 +119,7 @@ coverage-html: test-unit
 CONTROLLER_GEN = $(shell pwd)/bin/controller-gen
 .PHONY: controller-gen
 controller-gen: ## Download controller-gen locally if necessary.
-	$(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.5)
+	$(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.18.0)
 
 ENVTEST = $(shell pwd)/bin/setup-envtest
 .PHONY: envtest

config/crd/bases/infrastructure.cluster.x-k8s.io_karpentermachinepools.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
   labels:
     cluster.x-k8s.io/v1beta1: v1alpha1

controllers/karpentermachinepool_controller.go

@@ -427,54 +427,31 @@ func (r *KarpenterMachinePoolReconciler) createOrUpdateEC2NodeClass(ctx context.
 				},
 			},
 			"instanceProfile": karpenterMachinePool.Spec.IamInstanceProfile,
-			"securityGroupSelectorTerms": []map[string]interface{}{
+			"userData":        userData,
+		}
+
+		// Add security groups if specified
+		if karpenterMachinePool.Spec.EC2NodeClass != nil && len(karpenterMachinePool.Spec.EC2NodeClass.SecurityGroups) > 0 {
+			spec["securityGroupSelectorTerms"] = []map[string]interface{}{
 				{
 					"tags": map[string]string{
 						"Name": karpenterMachinePool.Spec.EC2NodeClass.SecurityGroups[0], // Using first security group for now
 					},
 				},
-			},
-			"subnetSelectorTerms": []map[string]interface{}{
+			}
+		}
+
+		// Add subnets if specified
+		if karpenterMachinePool.Spec.EC2NodeClass != nil && len(karpenterMachinePool.Spec.EC2NodeClass.Subnets) > 0 {
+			spec["subnetSelectorTerms"] = []map[string]interface{}{
 				{
 					"tags": map[string]string{
-						"Name": karpenterMachinePool.Spec.EC2NodeClass.Subnets[0], // Using first security group for now
+						"Name": karpenterMachinePool.Spec.EC2NodeClass.Subnets[0], // Using first subnet for now
 					},
 				},
-			},
-			"userData": userData,
+			}
 		}
 
-		// Add AMI ID if specified
-		// if karpenterMachinePool.Spec.EC2NodeClass != nil && karpenterMachinePool.Spec.EC2NodeClass.AMIID != nil {
-		// 	spec["amiSelectorTerms"] = []map[string]interface{}{
-		// 		{
-		// 			"id": *karpenterMachinePool.Spec.EC2NodeClass.AMIID,
-		// 		},
-		// 	}
-		// }
-
-		// Add security groups if specified
-		// if karpenterMachinePool.Spec.EC2NodeClass != nil && len(karpenterMachinePool.Spec.EC2NodeClass.SecurityGroups) > 0 {
-		// 	spec["securityGroupSelectorTerms"] = []map[string]interface{}{
-		// 		{
-		// 			"tags": map[string]string{
-		// 				"Name": karpenterMachinePool.Spec.EC2NodeClass.SecurityGroups[0], // Using first security group for now
-		// 			},
-		// 		},
-		// 	}
-		// }
-
-		// Add subnets if specified
-		// if karpenterMachinePool.Spec.EC2NodeClass != nil && len(karpenterMachinePool.Spec.EC2NodeClass.Subnets) > 0 {
-		// 	subnetSelectorTerms := []map[string]interface{}{}
-		// 	for _, subnet := range karpenterMachinePool.Spec.EC2NodeClass.Subnets {
-		// 		subnetSelectorTerms = append(subnetSelectorTerms, map[string]interface{}{
-		// 			"id": subnet,
-		// 		})
-		// 	}
-		// 	spec["subnetSelectorTerms"] = subnetSelectorTerms
-		// }
-
 		// Add tags if specified
 		if karpenterMachinePool.Spec.EC2NodeClass != nil && len(karpenterMachinePool.Spec.EC2NodeClass.Tags) > 0 {
 			spec["tags"] = karpenterMachinePool.Spec.EC2NodeClass.Tags

helm/aws-resolver-rules-operator/templates/infrastructure.cluster.x-k8s.io_karpentermachinepools.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
   labels:
     cluster.x-k8s.io/v1beta1: v1alpha1