Merge pull request #5072 from richardcase/change_cni_labelname

k8s-ci-robot · web-flow · commit f97d23779ee1 · 2024-07-29T23:58:23.000-07:00
🌱 chore: change name of prevent deletion label
diff --git a/api/v1beta2/types.go b/api/v1beta2/types.go
@@ -24,6 +24,12 @@ import (
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
 )
 
+const (
+	// PreventDeletionLabel can be used in situations where preventing delation is allowed. The docs
+	// and the CRD will call this out where its allowed.
+	PreventDeletionLabel = "aws.cluster.x-k8s.io/prevent-deletion"
+)
+
 // AWSResourceReference is a reference to a specific AWS resource by ID or filters.
 // Only one of ID or Filters may be specified. Specifying more than one will result in
 // a validation error.
diff --git a/docs/book/src/topics/eks/pod-networking.md b/docs/book/src/topics/eks/pod-networking.md
@@ -97,7 +97,7 @@ spec:
   disableVPCCNI: true
 ```
 
-If you are replacing Amazon VPC CNI with your own helm managed instance, you will need to set `AWSManagedControlPlane.spec.disableVPCCNI` to `true` and add `"prevent-deletion": "true"` label on the Daemonset. This label is needed so `aws-node` daemonset is not reaped during CNI reconciliation.
+If you are replacing Amazon VPC CNI with your own helm managed instance, you will need to set `AWSManagedControlPlane.spec.disableVPCCNI` to `true` and add `"aws.cluster.x-k8s.io/prevent-deletion": "true"` label on the Daemonset. This label is needed so `aws-node` daemonset is not reaped during CNI reconciliation.
 
 The following example shows how to label your aws-node Daemonset.
 
@@ -114,7 +114,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/version: v1.15.1
     helm.sh/chart: aws-vpc-cni-1.15.1
-    prevent-deletion: true
+    aws.cluster.x-k8s.io/prevent-deletion: true
 ```
 
 > You cannot set **disableVPCCNI** to true if you are using the VPC CNI addon.
diff --git a/pkg/cloud/services/awsnode/cni.go b/pkg/cloud/services/awsnode/cni.go
@@ -273,12 +273,12 @@ func (s *Service) deleteResource(ctx context.Context, remoteClient client.Client
 		s.scope.Debug(fmt.Sprintf("resource %s was not found, no action", key))
 		return nil
 	}
-	// Don't delete if the `prevent-deletion` label exists. It could be there because CAPA added it (see below),
+	// Don't delete if the "PreventDeletionLabel" label exists. It could be there because CAPA added it (see below),
 	// or because it was added externally, for example if a custom version of AWS CNI was already installed.
 	// Either way, CAPA should not delete such a labelled CNI installation.
 	labels := obj.GetLabels()
-	if _, exists := labels["prevent-deletion"]; exists {
-		s.scope.Debug(fmt.Sprintf("resource %s has 'prevent-deletion' label, skipping deletion", key))
+	if _, exists := labels[infrav1.PreventDeletionLabel]; exists {
+		s.scope.Debug(fmt.Sprintf("resource %s has '%s' label, skipping deletion", key, infrav1.PreventDeletionLabel))
 		return nil
 	}
 	// Delete the resource
