Update FloatingIPPool to use v1beta1

Also make IdentityRef required, as it doesn't currently permit fallback
to cluster credentials.

Author: mdbooth

api/v1alpha1/openstackfloatingippool_types.go

@@ -22,11 +22,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
 
-	// We use v1alpha7 here rather than anything newer because as of writing
-	// it is the newest API version we should no longer be making breaking
-	// changes to. If we bump this we need to look carefully for resulting
-	// CRD changes in v1alpha1 to ensure they are compatible.
-	infrav1alpha7 "sigs.k8s.io/cluster-api-provider-openstack/api/v1alpha7"
+	infrav1 "sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1"
 )
 
 const (
@@ -62,16 +58,12 @@ type OpenStackFloatingIPPoolSpec struct {
 	MaxIPs *int `json:"maxIPs,omitempty"`
 
 	// IdentityRef is a reference to a identity to be used when reconciling this pool.
-	// +optional
-	IdentityRef *infrav1alpha7.OpenStackIdentityReference `json:"identityRef,omitempty"`
+	// +kubebuilder:validation:Required
+	IdentityRef infrav1.OpenStackIdentityReference `json:"identityRef"`
 
 	// FloatingIPNetwork is the external network to use for floating ips, if there's only one external network it will be used by default
 	// +optional
-	FloatingIPNetwork infrav1alpha7.NetworkFilter `json:"floatingIPNetwork"`
-
-	// The name of the cloud to use from the clouds secret
-	// +optional
-	CloudName string `json:"cloudName"`
+	FloatingIPNetwork infrav1.NetworkFilter `json:"floatingIPNetwork"`
 
 	// The stratergy to use for reclaiming floating ips when they are released from a machine
 	// +kubebuilder:validation:Optional
@@ -95,7 +87,7 @@ type OpenStackFloatingIPPoolStatus struct {
 
 	// floatingIPNetwork contains information about the network used for floating ips
 	// +optional
-	FloatingIPNetwork *infrav1alpha7.NetworkStatus `json:"floatingIPNetwork,omitempty"`
+	FloatingIPNetwork *infrav1.NetworkStatus `json:"floatingIPNetwork,omitempty"`
 
 	Conditions clusterv1.Conditions `json:"conditions,omitempty"`
 }

api/v1alpha1/zz_generated.deepcopy.go

@@ -41,9 +41,6 @@ spec:
             description: OpenStackFloatingIPPoolSpec defines the desired state of
               OpenStackFloatingIPPool.
             properties:
-              cloudName:
-                description: The name of the cloud to use from the clouds secret
-                type: string
               floatingIPNetwork:
                 description: FloatingIPNetwork is the external network to use for
                   floating ips, if there's only one external network it will be used
@@ -56,34 +53,77 @@ spec:
                   name:
                     type: string
                   notTags:
-                    type: string
+                    description: |-
+                      NotTags is a list of tags to filter by. If specified, resources which
+                      contain all of the given tags will be excluded from the result.
+                    items:
+                      description: |-
+                        NeutronTag represents a tag on a Neutron resource.
+                        It may not be empty and may not contain commas.
+                      minLength: 1
+                      pattern: ^[^,]+$
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: set
                   notTagsAny:
-                    type: string
-                  projectId:
+                    description: |-
+                      NotTagsAny is a list of tags to filter by. If specified, resources
+                      which contain any of the given tags will be excluded from the result.
+                    items:
+                      description: |-
+                        NeutronTag represents a tag on a Neutron resource.
+                        It may not be empty and may not contain commas.
+                      minLength: 1
+                      pattern: ^[^,]+$
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: set
+                  projectID:
                     type: string
                   tags:
-                    type: string
+                    description: |-
+                      Tags is a list of tags to filter by. If specified, the resource must
+                      have all of the tags specified to be included in the result.
+                    items:
+                      description: |-
+                        NeutronTag represents a tag on a Neutron resource.
+                        It may not be empty and may not contain commas.
+                      minLength: 1
+                      pattern: ^[^,]+$
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: set
                   tagsAny:
-                    type: string
+                    description: |-
+                      TagsAny is a list of tags to filter by. If specified, the resource
+                      must have at least one of the tags specified to be included in the
+                      result.
+                    items:
+                      description: |-
+                        NeutronTag represents a tag on a Neutron resource.
+                        It may not be empty and may not contain commas.
+                      minLength: 1
+                      pattern: ^[^,]+$
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: set
                 type: object
               identityRef:
                 description: IdentityRef is a reference to a identity to be used when
                   reconciling this pool.
                 properties:
-                  kind:
-                    description: |-
-                      Kind of the identity. Must be supported by the infrastructure
-                      provider and may be either cluster or namespace-scoped.
-                    minLength: 1
+                  cloudName:
+                    description: CloudName specifies the name of the entry in the
+                      clouds.yaml file to use.
                     type: string
                   name:
                     description: |-
-                      Name of the infrastructure identity to be used.
-                      Must be either a cluster-scoped resource, or namespaced-scoped
-                      resource the same namespace as the resource(s) being provisioned.
+                      Name is the name of a secret in the same namespace as the resource being provisioned.
+                      The secret must contain a key named `clouds.yaml` which contains an OpenStack clouds.yaml file.
+                      The secret may optionally contain a key named `cacert` containing a PEM-encoded CA certificate.
                     type: string
                 required:
-                - kind
+                - cloudName
                 - name
                 type: object
               maxIPs:
@@ -105,6 +145,8 @@ spec:
                 - Retain
                 - Delete
                 type: string
+            required:
+            - identityRef
             type: object
           status:
             description: OpenStackFloatingIPPoolStatus defines the observed state

config/crd/bases/infrastructure.cluster.x-k8s.io_openstackfloatingippools.yaml

@@ -41,11 +41,10 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/reconcile"
 
 	infrav1alpha1 "sigs.k8s.io/cluster-api-provider-openstack/api/v1alpha1"
-	infrav1alpha7 "sigs.k8s.io/cluster-api-provider-openstack/api/v1alpha7"
 	infrav1 "sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1"
 	"sigs.k8s.io/cluster-api-provider-openstack/pkg/cloud/services/networking"
 	"sigs.k8s.io/cluster-api-provider-openstack/pkg/scope"
-	filterconvert "sigs.k8s.io/cluster-api-provider-openstack/pkg/utils/filterconvert/v1alpha7"
+	"sigs.k8s.io/cluster-api-provider-openstack/pkg/utils/filterconvert"
 )
 
 const (
@@ -402,7 +401,7 @@ func (r *OpenStackFloatingIPPoolReconciler) reconcileFloatingIPNetwork(scope *sc
 	}
 
 	netListOpts := external.ListOptsExt{
-		ListOptsBuilder: filterconvert.NetworkFilterToListOpt(&pool.Spec.FloatingIPNetwork),
+		ListOptsBuilder: filterconvert.NetworkFilterToListOpts(&pool.Spec.FloatingIPNetwork),
 		External:        pointer.Bool(true),
 	}
 
@@ -414,7 +413,7 @@ func (r *OpenStackFloatingIPPoolReconciler) reconcileFloatingIPNetwork(scope *sc
 		return fmt.Errorf("found multiple networks, expects filter to match one (result: %v)", networkList)
 	}
 
-	pool.Status.FloatingIPNetwork = &infrav1alpha7.NetworkStatus{
+	pool.Status.FloatingIPNetwork = &infrav1.NetworkStatus{
 		ID:   networkList[0].ID,
 		Name: networkList[0].Name,
 		Tags: networkList[0].Tags,

controllers/openstackfloatingippool_controller.go

@@ -106,15 +106,9 @@ func (f *providerScopeFactory) NewClientScopeFromCluster(ctx context.Context, ct
 }
 
 func (f *providerScopeFactory) NewClientScopeFromFloatingIPPool(ctx context.Context, ctrlClient client.Client, openstackFloatingIPPool *v1alpha1.OpenStackFloatingIPPool, defaultCACert []byte, logger logr.Logger) (Scope, error) {
-	var cloud clientconfig.Cloud
-	var caCert []byte
-
-	if openstackFloatingIPPool.Spec.IdentityRef != nil {
-		var err error
-		cloud, caCert, err = getCloudFromSecret(ctx, ctrlClient, openstackFloatingIPPool.Namespace, openstackFloatingIPPool.Spec.IdentityRef.Name, openstackFloatingIPPool.Spec.CloudName)
-		if err != nil {
-			return nil, err
-		}
+	cloud, caCert, err := getCloudFromSecret(ctx, ctrlClient, openstackFloatingIPPool.Namespace, openstackFloatingIPPool.Spec.IdentityRef.Name, openstackFloatingIPPool.Spec.IdentityRef.CloudName)
+	if err != nil {
+		return nil, err
 	}
 
 	if caCert == nil {