Rebase on AWS SDK v2

Signed-off-by: Danil Grigorev <[email protected]>

Author: Danil-Grigorev

config/crd/bases/controlplane.cluster.x-k8s.io_awsmanagedcontrolplanes.yaml

@@ -3108,6 +3108,7 @@ spec:
                         to "default" namespace.
                       type: string
                   required:
+                  - roleARN
                   - serviceAccountName
                   - serviceAccountNamespace
                   type: object

controlplane/eks/controllers/awsmanagedcontrolplane_controller_test.go

@@ -951,10 +951,10 @@ func mockedEKSCluster(ctx context.Context, g *WithT, eksRec *mock_eksiface.MockE
 	}).Return(&eks.ListAddonsOutput{}, nil)
 
 	eksRec.UpdateClusterConfig(ctx, gomock.AssignableToTypeOf(&eks.UpdateClusterConfigInput{})).After(waitUntilClusterActiveCall).Return(&eks.UpdateClusterConfigOutput{}, nil)
-	eksRec.ListPodIdentityAssociationsWqithContext(context.TODO(), gomock.Eq(&eks.ListPodIdentityAssociationsInput{
+	eksRec.ListPodIdentityAssociations(context.TODO(), gomock.Eq(&eks.ListPodIdentityAssociationsInput{
 		ClusterName: aws.String("test-cluster"),
 	})).Return(&eks.ListPodIdentityAssociationsOutput{
-		Associations: []*eks.PodIdentityAssociationSummary{},
+		Associations: []ekstypes.PodIdentityAssociationSummary{},
 	}, nil)
 
 	awsNodeRec.ReconcileCNI(gomock.Any()).Return(nil)

go.mod

@@ -8,12 +8,12 @@ require (
 	github.com/aws/amazon-vpc-cni-k8s v1.15.5
 	github.com/aws/aws-lambda-go v1.41.0
 	github.com/aws/aws-sdk-go v1.55.7
-	github.com/aws/aws-sdk-go-v2 v1.36.5
+	github.com/aws/aws-sdk-go-v2 v1.36.6
 	github.com/aws/aws-sdk-go-v2/config v1.27.11
 	github.com/aws/aws-sdk-go-v2/credentials v1.17.11
 	github.com/aws/aws-sdk-go-v2/service/autoscaling v1.52.4
 	github.com/aws/aws-sdk-go-v2/service/ec2 v1.159.0
-	github.com/aws/aws-sdk-go-v2/service/eks v1.64.0
+	github.com/aws/aws-sdk-go-v2/service/eks v1.66.2
 	github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.29.6
 	github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.45.2
 	github.com/aws/aws-sdk-go-v2/service/iam v1.32.0
@@ -86,8 +86,8 @@ require (
 	github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect
 	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.36 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.36 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.37 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.37 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.36 // indirect
 	github.com/aws/aws-sdk-go-v2/service/cloudformation v1.50.0 // indirect

go.sum

@@ -48,8 +48,8 @@ github.com/aws/aws-lambda-go v1.41.0 h1:l/5fyVb6Ud9uYd411xdHZzSf2n86TakxzpvIoz7l
 github.com/aws/aws-lambda-go v1.41.0/go.mod h1:jwFe2KmMsHmffA1X2R09hH6lFzJQxzI8qK17ewzbQMM=
 github.com/aws/aws-sdk-go v1.55.7 h1:UJrkFq7es5CShfBwlWAC8DA077vp8PyVbQd3lqLiztE=
 github.com/aws/aws-sdk-go v1.55.7/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU=
-github.com/aws/aws-sdk-go-v2 v1.36.5 h1:0OF9RiEMEdDdZEMqF9MRjevyxAQcf6gY+E7vwBILFj0=
-github.com/aws/aws-sdk-go-v2 v1.36.5/go.mod h1:EYrzvCCN9CMUTa5+6lf6MM4tq3Zjp8UhSGR/cBsjai0=
+github.com/aws/aws-sdk-go-v2 v1.36.6 h1:zJqGjVbRdTPojeCGWn5IR5pbJwSQSBh5RWFTQcEQGdU=
+github.com/aws/aws-sdk-go-v2 v1.36.6/go.mod h1:EYrzvCCN9CMUTa5+6lf6MM4tq3Zjp8UhSGR/cBsjai0=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 h1:x6xsQXGSmW6frevwDA+vi/wqhp1ct18mVXYN08/93to=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2/go.mod h1:lPprDr1e6cJdyYeGXnRaJoP4Md+cDBvi2eOj00BlGmg=
 github.com/aws/aws-sdk-go-v2/config v1.27.11 h1:f47rANd2LQEYHda2ddSCKYId18/8BhSRM4BULGmfgNA=
@@ -58,10 +58,10 @@ github.com/aws/aws-sdk-go-v2/credentials v1.17.11 h1:YuIB1dJNf1Re822rriUOTxopaHH
 github.com/aws/aws-sdk-go-v2/credentials v1.17.11/go.mod h1:AQtFPsDH9bI2O+71anW6EKL+NcD7LG3dpKGMV4SShgo=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1 h1:FVJ0r5XTHSmIHJV6KuDmdYhEpvlHpiSd38RQWhut5J4=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1/go.mod h1:zusuAeqezXzAB24LGuzuekqMAEgWkVYukBec3kr3jUg=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.36 h1:SsytQyTMHMDPspp+spo7XwXTP44aJZZAC7fBV2C5+5s=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.36/go.mod h1:Q1lnJArKRXkenyog6+Y+zr7WDpk4e6XlR6gs20bbeNo=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.36 h1:i2vNHQiXUvKhs3quBR6aqlgJaiaexz/aNvdCktW/kAM=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.36/go.mod h1:UdyGa7Q91id/sdyHPwth+043HhmP6yP9MBHgbZM0xo8=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.37 h1:osMWfm/sC/L4tvEdQ65Gri5ZZDCUpuYJZbTTDrsn4I0=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.37/go.mod h1:ZV2/1fbjOPr4G4v38G3Ww5TBT4+hmsK45s/rxu1fGy0=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.37 h1:v+X21AvTb2wZ+ycg1gx+orkB/9U6L7AOp93R7qYxsxM=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.37/go.mod h1:G0uM1kyssELxmJ2VZEfG0q2npObR3BAkF3c1VsfVnfs=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 h1:hT8rVHwugYE2lEfdFE0QWVo81lF7jMrYJVDWI+f+VxU=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0/go.mod h1:8tu/lYfQfFe6IGnaOdrpVgEL2IrrDOf6/m9RQum4NkY=
 github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.36 h1:GMYy2EOWfzdP3wfVAGXBNKY5vK4K8vMET4sYOYltmqs=
@@ -72,8 +72,8 @@ github.com/aws/aws-sdk-go-v2/service/cloudformation v1.50.0 h1:Ap5tOJfeAH1hO2UQc
 github.com/aws/aws-sdk-go-v2/service/cloudformation v1.50.0/go.mod h1:/v2KYdCW4BaHKayenaWEXOOdxItIwEA3oU0XzuQY3F0=
 github.com/aws/aws-sdk-go-v2/service/ec2 v1.159.0 h1:DmmVmiLPlcntOcjWMRwDPMNx/wi2kAVrf2ZmSN5gkAg=
 github.com/aws/aws-sdk-go-v2/service/ec2 v1.159.0/go.mod h1:xejKuuRDjz6z5OqyeLsz01MlOqqW7CqpAB4PabNvpu8=
-github.com/aws/aws-sdk-go-v2/service/eks v1.64.0 h1:EYeOThTRysemFtC6J6h6b7dNg3jN03QuO5cg92ojIQE=
-github.com/aws/aws-sdk-go-v2/service/eks v1.64.0/go.mod h1:v1xXy6ea0PHtWkjFUvAUh6B/5wv7UF909Nru0dOIJDk=
+github.com/aws/aws-sdk-go-v2/service/eks v1.66.2 h1:gDvxe1rFYhU9sfA/S8TePGE7gfC0vB9pCs6B4zbm5Ng=
+github.com/aws/aws-sdk-go-v2/service/eks v1.66.2/go.mod h1:lpcShMkoQ94JiSVoEF1yE2WP40IV02bbnaT6oYP7cQo=
 github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.29.6 h1:9grU/+HRwLXJV8XUjEPThJj/H+0oHkeNBFpSSfZekeg=
 github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.29.6/go.mod h1:N4fs285CsnBHlAkzBpQapefR/noggTyF09fWs72EzB4=
 github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.45.2 h1:vX70Z4lNSr7XsioU0uJq5yvxgI50sB66MvD+V/3buS4=

pkg/cloud/services/eks/mock_eksiface/eksapi_mock.go

@@ -20,7 +20,8 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/aws/aws-sdk-go/service/eks"
+	"github.com/aws/aws-sdk-go-v2/service/eks"
+	"github.com/aws/aws-sdk-go-v2/service/eks/types"
 
 	ekscontrolplanev1 "sigs.k8s.io/cluster-api-provider-aws/v2/controlplane/eks/api/v1beta2"
 	ekspodidentities "sigs.k8s.io/cluster-api-provider-aws/v2/pkg/eks/podidentities"
@@ -49,7 +50,7 @@ func (s *Service) reconcilePodIdentities(ctx context.Context) error {
 	existingAssociations := s.translateAWSToPodAssociation(currentAssociations)
 
 	s.scope.Debug("creating eks pod identity association plan", "cluster", eksClusterName)
-	podAssociationsPlan := ekspodidentities.NewPlan(eksClusterName, desiredAssociations, existingAssociations, s.EKSClient)
+	podAssociationsPlan := ekspodidentities.NewPlan(eksClusterName, desiredAssociations, existingAssociations, s.EKSV2Client.Client)
 	procedures, err := podAssociationsPlan.Create(ctx)
 	if err != nil {
 		s.scope.Error(err, "failed creating eks pod identity association plan")
@@ -69,14 +70,14 @@ func (s *Service) reconcilePodIdentities(ctx context.Context) error {
 	return nil
 }
 
-func (s *Service) listEksPodIdentities(ctx context.Context, eksClusterName string) ([]*eks.PodIdentityAssociationSummary, error) {
+func (s *Service) listEksPodIdentities(ctx context.Context, eksClusterName string) ([]types.PodIdentityAssociationSummary, error) {
 	s.Debug("getting list of associated eks pod identities")
 
 	input := &eks.ListPodIdentityAssociationsInput{
 		ClusterName: &eksClusterName,
 	}
 
-	output, err := s.EKSClient.ListPodIdentityAssociationsWithContext(ctx, input)
+	output, err := s.EKSClient.ListPodIdentityAssociations(ctx, input)
 	if err != nil {
 		return nil, fmt.Errorf("listing eks pod identity assocations: %w", err)
 	}
@@ -101,7 +102,7 @@ func (s *Service) translateAPIToPodAssociation(assocs []ekscontrolplanev1.PodIde
 	return converted
 }
 
-func (s *Service) translateAWSToPodAssociation(assocs []*eks.PodIdentityAssociationSummary) []ekspodidentities.EKSPodIdentityAssociation {
+func (s *Service) translateAWSToPodAssociation(assocs []types.PodIdentityAssociationSummary) []ekspodidentities.EKSPodIdentityAssociation {
 	converted := []ekspodidentities.EKSPodIdentityAssociation{}
 
 	for _, assoc := range assocs {

pkg/cloud/services/eks/pod_identity.go

@@ -62,6 +62,9 @@ type EKSAPI interface {
 	TagResource(ctx context.Context, params *eks.TagResourceInput, optFns ...func(*eks.Options)) (*eks.TagResourceOutput, error)
 	UntagResource(ctx context.Context, params *eks.UntagResourceInput, optFns ...func(*eks.Options)) (*eks.UntagResourceOutput, error)
 	DisassociateIdentityProviderConfig(ctx context.Context, params *eks.DisassociateIdentityProviderConfigInput, optFns ...func(*eks.Options)) (*eks.DisassociateIdentityProviderConfigOutput, error)
+	CreatePodIdentityAssociation(ctx context.Context, params *eks.CreatePodIdentityAssociationInput, optFns ...func(*eks.Options)) (*eks.CreatePodIdentityAssociationOutput, error)
+	ListPodIdentityAssociations(ctx context.Context, params *eks.ListPodIdentityAssociationsInput, optFns ...func(*eks.Options)) (*eks.ListPodIdentityAssociationsOutput, error)
+	DeletePodIdentityAssociation(ctx context.Context, params *eks.DeletePodIdentityAssociationInput, optFns ...func(*eks.Options)) (*eks.DeletePodIdentityAssociationOutput, error)
 
 	// Waiters for EKS Cluster
 	WaitUntilClusterActive(ctx context.Context, params *eks.DescribeClusterInput, maxWait time.Duration) error
@@ -89,7 +92,8 @@ type Service struct {
 	EC2Client ec2iface.EC2API
 	EKSClient EKSAPI
 	iam.IAMService
-	STSClient stsiface.STSAPI
+	STSClient   stsiface.STSAPI
+	EKSV2Client *EKSClient
 }
 
 // ServiceOpts defines the functional arguments for the service.
@@ -110,6 +114,9 @@ func NewService(controlPlaneScope *scope.ManagedControlPlaneScope, opts ...Servi
 		EKSClient: &EKSClient{
 			Client: scope.NewEKSClient(controlPlaneScope, controlPlaneScope, controlPlaneScope, controlPlaneScope.ControlPlane),
 		},
+		EKSV2Client: &EKSClient{
+			Client: scope.NewEKSClient(controlPlaneScope, controlPlaneScope, controlPlaneScope, controlPlaneScope.ControlPlane),
+		},
 		IAMService: iam.IAMService{
 			Wrapper:   &controlPlaneScope.Logger,
 			IAMClient: scope.NewIAMClient(controlPlaneScope, controlPlaneScope, controlPlaneScope, controlPlaneScope.ControlPlane),

pkg/cloud/services/eks/service.go

@@ -20,13 +20,19 @@ package podidentities
 import (
 	"context"
 
-	"github.com/aws/aws-sdk-go/service/eks/eksiface"
+	"github.com/aws/aws-sdk-go-v2/service/eks"
 
 	"sigs.k8s.io/cluster-api-provider-aws/v2/pkg/planner"
 )
 
+// EKSAPI defines the EKS API interface.
+type EKSAPI interface {
+	CreatePodIdentityAssociation(ctx context.Context, params *eks.CreatePodIdentityAssociationInput, optFns ...func(*eks.Options)) (*eks.CreatePodIdentityAssociationOutput, error)
+	DeletePodIdentityAssociation(ctx context.Context, params *eks.DeletePodIdentityAssociationInput, optFns ...func(*eks.Options)) (*eks.DeletePodIdentityAssociationOutput, error)
+}
+
 // NewPlan creates a new Plan to manage EKS pod identities.
-func NewPlan(clusterName string, desiredAssociations, currentAssociations []EKSPodIdentityAssociation, client eksiface.EKSAPI) planner.Plan {
+func NewPlan(clusterName string, desiredAssociations, currentAssociations []EKSPodIdentityAssociation, client EKSAPI) planner.Plan {
 	return &plan{
 		currentAssociations: currentAssociations,
 		desiredAssociations: desiredAssociations,
@@ -39,7 +45,7 @@ func NewPlan(clusterName string, desiredAssociations, currentAssociations []EKSP
 type plan struct {
 	currentAssociations []EKSPodIdentityAssociation
 	desiredAssociations []EKSPodIdentityAssociation
-	eksClient           eksiface.EKSAPI
+	eksClient           EKSAPI
 	clusterName         string
 }
 

pkg/eks/podidentities/plan.go

@@ -58,7 +58,7 @@ func TestEKSPodIdentityAssociationsPlan(t *testing.T) {
 			name: "no current and 1 desired",
 			expect: func(m *mock_eksiface.MockEKSAPIMockRecorder) {
 				m.
-					CreatePodIdentityAssociation(gomock.Eq(&eks.CreatePodIdentityAssociationInput{
+					CreatePodIdentityAssociation(gomock.Any(), gomock.Eq(&eks.CreatePodIdentityAssociationInput{
 						Namespace:      aws.String(namespace),
 						RoleArn:        aws.String(roleArn),
 						ServiceAccount: aws.String(serviceAccount),
@@ -112,7 +112,7 @@ func TestEKSPodIdentityAssociationsPlan(t *testing.T) {
 			name: "1 current and 0 desired",
 			expect: func(m *mock_eksiface.MockEKSAPIMockRecorder) {
 				m.
-					DeletePodIdentityAssociation(gomock.Eq(&eks.DeletePodIdentityAssociationInput{
+					DeletePodIdentityAssociation(gomock.Any(), gomock.Eq(&eks.DeletePodIdentityAssociationInput{
 						AssociationId: aws.String(associationID),
 						ClusterName:   aws.String(clusterName),
 					})).

pkg/eks/podidentities/plan_test.go

@@ -21,29 +21,28 @@ import (
 	"errors"
 	"fmt"
 
-	"github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/service/eks"
-	"github.com/aws/aws-sdk-go/service/eks/eksiface"
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/eks"
 )
 
 // errPodIdentityAssociationNotFound defines an error for when an eks pod identity is not found.
 var errPodIdentityAssociationNotFound = errors.New("eks pod identity association not found")
 
 // DeletePodIdentityAssociationProcedure is a procedure that will delete an EKS eks pod identity.
 type DeletePodIdentityAssociationProcedure struct {
-	eksClient             eksiface.EKSAPI
+	eksClient             EKSAPI
 	clusterName           string
 	existingAssociationID string
 }
 
 // Do implements the logic for the procedure.
-func (p *DeletePodIdentityAssociationProcedure) Do(_ context.Context) error {
+func (p *DeletePodIdentityAssociationProcedure) Do(ctx context.Context) error {
 	input := &eks.DeletePodIdentityAssociationInput{
 		AssociationId: aws.String(p.existingAssociationID),
 		ClusterName:   aws.String(p.clusterName),
 	}
 
-	if _, err := p.eksClient.DeletePodIdentityAssociation(input); err != nil {
+	if _, err := p.eksClient.DeletePodIdentityAssociation(ctx, input); err != nil {
 		return fmt.Errorf("deleting eks pod identity %s: %w", p.existingAssociationID, err)
 	}
 
@@ -57,13 +56,13 @@ func (p *DeletePodIdentityAssociationProcedure) Name() string {
 
 // CreatePodIdentityAssociationProcedure is a procedure that will create an EKS eks pod identity for a cluster.
 type CreatePodIdentityAssociationProcedure struct {
-	eksClient      eksiface.EKSAPI
+	eksClient      EKSAPI
 	clusterName    string
 	newAssociation *EKSPodIdentityAssociation
 }
 
 // Do implements the logic for the procedure.
-func (p *CreatePodIdentityAssociationProcedure) Do(_ context.Context) error {
+func (p *CreatePodIdentityAssociationProcedure) Do(ctx context.Context) error {
 	if p.newAssociation == nil {
 		return fmt.Errorf("getting desired eks pod identity for cluster %s: %w", p.clusterName, errPodIdentityAssociationNotFound)
 	}
@@ -75,7 +74,7 @@ func (p *CreatePodIdentityAssociationProcedure) Do(_ context.Context) error {
 		ServiceAccount: &p.newAssociation.ServiceAccountName,
 	}
 
-	_, err := p.eksClient.CreatePodIdentityAssociation(input)
+	_, err := p.eksClient.CreatePodIdentityAssociation(ctx, input)
 	if err != nil {
 		return fmt.Errorf("creating desired eks pod identity for cluster %s: %w", p.clusterName, err)
 	}