Change User.PasswdFrom from *PasswdSource to PasswdSource + add omitzero, extend SSA patch helper to handle arrays

Author: sbueringer

.golangci-kal.yml

@@ -211,6 +211,10 @@ linters:
         - kubeapilinter
 
     # TODO: Excludes that should be removed once https://github.com/kubernetes-sigs/kube-api-linter/issues/132 will be fixed
+    - path: "api/.*"
+      text: "optionalfields: field (.*) is optional and (should have the omitempty tag|should be a pointer)"
+      linters:
+        - kubeapilinter
     - path: "api/ipam/v1beta2/ipaddressclaim_types.go"
       text: "optionalfields: field AddressRef is optional and has a valid zero value \\({}\\), but the validation is not complete \\(e.g. min properties/adding required fields\\). The field should be a pointer to allow the zero value to be set. If the zero value is not a valid use case, complete the validation and remove the pointer."
       linters:

api/bootstrap/kubeadm/v1beta1/conversion.go

@@ -620,6 +620,31 @@ func Convert_v1beta2_ClusterConfiguration_To_v1beta1_ClusterConfiguration(in *bo
 	return autoConvert_v1beta2_ClusterConfiguration_To_v1beta1_ClusterConfiguration(in, out, s)
 }
 
+func Convert_v1beta1_User_To_v1beta2_User(in *User, out *bootstrapv1.User, s apimachineryconversion.Scope) error {
+	if err := autoConvert_v1beta1_User_To_v1beta2_User(in, out, s); err != nil {
+		return err
+	}
+	if in.PasswdFrom != nil {
+		if err := Convert_v1beta1_PasswdSource_To_v1beta2_PasswdSource(in.PasswdFrom, &out.PasswdFrom, s); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func Convert_v1beta2_User_To_v1beta1_User(in *bootstrapv1.User, out *User, s apimachineryconversion.Scope) error {
+	if err := autoConvert_v1beta2_User_To_v1beta1_User(in, out, s); err != nil {
+		return err
+	}
+	if in.PasswdFrom.IsDefined() {
+		out.PasswdFrom = &PasswdSource{}
+		if err := Convert_v1beta2_PasswdSource_To_v1beta1_PasswdSource(&in.PasswdFrom, out.PasswdFrom, s); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 func dropEmptyStringsKubeadmConfigSpec(dst *KubeadmConfigSpec) {
 	for i, u := range dst.Users {
 		dropEmptyString(&u.Gecos)

api/bootstrap/kubeadm/v1beta1/conversion_test.go

@@ -154,6 +154,13 @@ func spokeKubeadmConfigSpec(in *KubeadmConfigSpec, c randfill.Continue) {
 	in.UseExperimentalRetryJoin = false
 
 	dropEmptyStringsKubeadmConfigSpec(in)
+
+	for i, user := range in.Users {
+		if user.PasswdFrom != nil && reflect.DeepEqual(user.PasswdFrom, &PasswdSource{}) {
+			user.PasswdFrom = nil
+		}
+		in.Users[i] = user
+	}
 }
 
 func spokeClusterConfiguration(in *ClusterConfiguration, c randfill.Continue) {

api/bootstrap/kubeadm/v1beta1/zz_generated.conversion.go

@@ -18,6 +18,7 @@ package v1beta2
 
 import (
 	"fmt"
+	"reflect"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/validation/field"
@@ -266,7 +267,7 @@ func (c *KubeadmConfigSpec) validateUsers(pathPrefix *field.Path) field.ErrorLis
 
 	for i := range c.Users {
 		user := c.Users[i]
-		if user.Passwd != "" && user.PasswdFrom != nil {
+		if user.Passwd != "" && user.PasswdFrom.IsDefined() {
 			allErrs = append(
 				allErrs,
 				field.Invalid(
@@ -279,7 +280,7 @@ func (c *KubeadmConfigSpec) validateUsers(pathPrefix *field.Path) field.ErrorLis
 		// n.b.: if we ever add types besides Secret as a PasswdFrom
 		// Source, we must add webhook validation here for one of the
 		// sources being non-nil.
-		if user.PasswdFrom != nil {
+		if user.PasswdFrom.IsDefined() {
 			if user.PasswdFrom.Secret.Name == "" {
 				allErrs = append(
 					allErrs,
@@ -680,6 +681,11 @@ type PasswdSource struct {
 	Secret SecretPasswdSource `json:"secret,omitempty,omitzero"`
 }
 
+// IsDefined returns true if the PasswdSource is defined.
+func (r *PasswdSource) IsDefined() bool {
+	return !reflect.DeepEqual(r, &PasswdSource{})
+}
+
 // SecretPasswdSource adapts a Secret into a PasswdSource.
 //
 // The contents of the target Secret's Data field will be presented
@@ -742,7 +748,7 @@ type User struct {
 
 	// passwdFrom is a referenced source of passwd to populate the passwd.
 	// +optional
-	PasswdFrom *PasswdSource `json:"passwdFrom,omitempty"`
+	PasswdFrom PasswdSource `json:"passwdFrom,omitempty,omitzero"`
 
 	// primaryGroup specifies the primary group for the user
 	// +optional

api/bootstrap/kubeadm/v1beta2/kubeadmconfig_types.go

@@ -255,6 +255,13 @@ func spokeKubeadmConfigSpec(in *bootstrapv1beta1.KubeadmConfigSpec, c randfill.C
 	in.UseExperimentalRetryJoin = false
 
 	dropEmptyStringsKubeadmConfigSpec(in)
+
+	for i, user := range in.Users {
+		if user.PasswdFrom != nil && reflect.DeepEqual(user.PasswdFrom, &bootstrapv1beta1.PasswdSource{}) {
+			user.PasswdFrom = nil
+		}
+		in.Users[i] = user
+	}
 }
 
 func spokeClusterConfiguration(in *bootstrapv1beta1.ClusterConfiguration, c randfill.Continue) {

api/bootstrap/kubeadm/v1beta2/zz_generated.deepcopy.go

@@ -1010,12 +1010,12 @@ func (r *KubeadmConfigReconciler) resolveUsers(ctx context.Context, cfg *bootstr
 
 	for i := range cfg.Spec.Users {
 		in := cfg.Spec.Users[i]
-		if in.PasswdFrom != nil {
+		if in.PasswdFrom.IsDefined() {
 			data, err := r.resolveSecretPasswordContent(ctx, cfg.Namespace, in)
 			if err != nil {
 				return nil, errors.Wrapf(err, "failed to resolve passwd source")
 			}
-			in.PasswdFrom = nil
+			in.PasswdFrom = bootstrapv1.PasswdSource{}
 			passwdContent := string(data)
 			in.Passwd = passwdContent
 		}

api/controlplane/kubeadm/v1beta1/conversion_test.go

@@ -2449,7 +2449,7 @@ func TestKubeadmConfigReconciler_ResolveUsers(t *testing.T) {
 					Users: []bootstrapv1.User{
 						{
 							Name: "foo",
-							PasswdFrom: &bootstrapv1.PasswdSource{
+							PasswdFrom: bootstrapv1.PasswdSource{
 								Secret: bootstrapv1.SecretPasswdSource{
 									Name: "source",
 									Key:  "key",
@@ -2477,7 +2477,7 @@ func TestKubeadmConfigReconciler_ResolveUsers(t *testing.T) {
 						},
 						{
 							Name: "bar",
-							PasswdFrom: &bootstrapv1.PasswdSource{
+							PasswdFrom: bootstrapv1.PasswdSource{
 								Secret: bootstrapv1.SecretPasswdSource{
 									Name: "source",
 									Key:  "key",
@@ -2518,7 +2518,7 @@ func TestKubeadmConfigReconciler_ResolveUsers(t *testing.T) {
 			// from secret still are.
 			passwdFrom := map[string]bool{}
 			for _, user := range tc.cfg.Spec.Users {
-				if user.PasswdFrom != nil {
+				if user.PasswdFrom.IsDefined() {
 					passwdFrom[user.Name] = true
 				}
 			}
@@ -2528,7 +2528,7 @@ func TestKubeadmConfigReconciler_ResolveUsers(t *testing.T) {
 			g.Expect(users).To(BeComparableTo(tc.expect))
 			for _, user := range tc.cfg.Spec.Users {
 				if passwdFrom[user.Name] {
-					g.Expect(user.PasswdFrom).NotTo(BeNil())
+					g.Expect(user.PasswdFrom.IsDefined()).To(BeTrue())
 					g.Expect(user.Passwd).To(BeEmpty())
 				}
 			}

bootstrap/kubeadm/internal/controllers/kubeadmconfig_controller.go

@@ -174,7 +174,7 @@ func TestKubeadmConfigValidate(t *testing.T) {
 				Spec: bootstrapv1.KubeadmConfigSpec{
 					Users: []bootstrapv1.User{
 						{
-							PasswdFrom: &bootstrapv1.PasswdSource{
+							PasswdFrom: bootstrapv1.PasswdSource{
 								Secret: bootstrapv1.SecretPasswdSource{
 									Name: "foo",
 									Key:  "bar",
@@ -194,8 +194,12 @@ func TestKubeadmConfigValidate(t *testing.T) {
 				Spec: bootstrapv1.KubeadmConfigSpec{
 					Users: []bootstrapv1.User{
 						{
-							PasswdFrom: &bootstrapv1.PasswdSource{},
-							Passwd:     "foo",
+							PasswdFrom: bootstrapv1.PasswdSource{
+								Secret: bootstrapv1.SecretPasswdSource{
+									Name: "secret",
+								},
+							},
+							Passwd: "foo",
 						},
 					},
 				},
@@ -211,7 +215,7 @@ func TestKubeadmConfigValidate(t *testing.T) {
 				Spec: bootstrapv1.KubeadmConfigSpec{
 					Users: []bootstrapv1.User{
 						{
-							PasswdFrom: &bootstrapv1.PasswdSource{
+							PasswdFrom: bootstrapv1.PasswdSource{
 								Secret: bootstrapv1.SecretPasswdSource{
 									Key: "bar",
 								},
@@ -232,7 +236,7 @@ func TestKubeadmConfigValidate(t *testing.T) {
 				Spec: bootstrapv1.KubeadmConfigSpec{
 					Users: []bootstrapv1.User{
 						{
-							PasswdFrom: &bootstrapv1.PasswdSource{
+							PasswdFrom: bootstrapv1.PasswdSource{
 								Secret: bootstrapv1.SecretPasswdSource{
 									Name: "foo",
 								},