Skip to content

Commit a1e3eb9

Browse files
vishu2498vishu2498
committed
Adding tags to OIDC providers
1 parent 9488cb5 commit a1e3eb9

File tree

2 files changed

+27
-0
lines changed

2 files changed

+27
-0
lines changed

pkg/cloud/converters/tags.go

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ import (
2222
"github.com/aws/aws-sdk-go/service/ec2"
2323
"github.com/aws/aws-sdk-go/service/elb"
2424
"github.com/aws/aws-sdk-go/service/elbv2"
25+
"github.com/aws/aws-sdk-go/service/iam"
2526
"github.com/aws/aws-sdk-go/service/secretsmanager"
2627
"github.com/aws/aws-sdk-go/service/ssm"
2728

@@ -152,6 +153,22 @@ func MapToSSMTags(src infrav1.Tags) []*ssm.Tag {
152153
return tags
153154
}
154155

156+
// MapToIAMTags converts a infrav1.Tags to a []*iam.Tag.
157+
func MapToIAMTags(src infrav1.Tags) []*iam.Tag {
158+
tags := make([]*iam.Tag, 0, len(src))
159+
160+
for k, v := range src {
161+
tag := &iam.Tag{
162+
Key: aws.String(k),
163+
Value: aws.String(v),
164+
}
165+
166+
tags = append(tags, tag)
167+
}
168+
169+
return tags
170+
}
171+
155172
// ASGTagsToMap converts a []*autoscaling.TagDescription into a infrav1.Tags.
156173
func ASGTagsToMap(src []*autoscaling.TagDescription) infrav1.Tags {
157174
tags := make(infrav1.Tags, len(src))

pkg/cloud/services/eks/oidc.go

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ import (
2323
"strings"
2424

2525
"github.com/aws/aws-sdk-go/service/eks"
26+
"github.com/aws/aws-sdk-go/service/iam"
2627
"github.com/pkg/errors"
2728
corev1 "k8s.io/api/core/v1"
2829
apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -32,6 +33,7 @@ import (
3233

3334
"sigs.k8s.io/cluster-api-provider-aws/v2/cmd/clusterawsadm/converters"
3435
iamv1 "sigs.k8s.io/cluster-api-provider-aws/v2/iam/api/v1beta1"
36+
tagConverter "sigs.k8s.io/cluster-api-provider-aws/v2/pkg/cloud/converters"
3537
"sigs.k8s.io/cluster-api/controllers/remote"
3638
)
3739

@@ -74,6 +76,14 @@ func (s *Service) reconcileOIDCProvider(cluster *eks.Cluster) error {
7476
if err := s.scope.PatchObject(); err != nil {
7577
return errors.Wrap(err, "failed to update control plane with OIDC provider ARN")
7678
}
79+
// tagging the OIDC provider with the same tags of cluster
80+
inputForTags := iam.TagOpenIDConnectProviderInput{
81+
OpenIDConnectProviderArn: &s.scope.ControlPlane.Status.OIDCProvider.ARN,
82+
Tags: tagConverter.MapToIAMTags(tagConverter.MapPtrToMap(cluster.Tags)),
83+
}
84+
if _, err := s.IAMClient.TagOpenIDConnectProvider(&inputForTags); err != nil {
85+
return errors.Wrap(err, "failed to tag OIDC provider")
86+
}
7787

7888
if err := s.reconcileTrustPolicy(); err != nil {
7989
return errors.Wrap(err, "failed to reconcile trust policy in workload cluster")

0 commit comments

Comments
 (0)