made certSAN into a patch without variable at this time

deepakm-ntnx · deepakm-ntnx · commit a0371acbbd9a · 2024-01-26T11:10:30.000-08:00
diff --git a/templates/cluster-template-clusterclass.yaml b/templates/cluster-template-clusterclass.yaml
@@ -345,6 +345,14 @@ spec:
               sudo: ALL=(ALL) NOPASSWD:ALL
               sshAuthorizedKeys:
                 - '{{ .sshKey }}'
+      - op: add
+        path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer
+        valueFrom:
+          template: |
+            certSANs
+            - localhost
+            - 127.0.0.1
+            - 0.0.0.0
       selector:
         apiVersion: controlplane.cluster.x-k8s.io/v1beta1
         kind: KubeadmControlPlaneTemplate
@@ -604,10 +612,6 @@ spec:
       kubeadmConfigSpec:
         clusterConfiguration:
           apiServer:
-            certSANs:
-            - localhost
-            - 127.0.0.1
-            - 0.0.0.0
             extraArgs:
               cloud-provider: external
               tls-cipher-suites: ${TLS_CIPHER_SUITES=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256}
diff --git a/templates/clusterclass/clusterclass.yaml b/templates/clusterclass/clusterclass.yaml
@@ -99,6 +99,14 @@ spec:
               sudo: ALL=(ALL) NOPASSWD:ALL
               sshAuthorizedKeys:
                 - '{{ .sshKey }}'
+      - op: add
+        path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer
+        valueFrom:
+          template: |
+            certSANs
+            - localhost
+            - 127.0.0.1
+            - 0.0.0.0
     - selector:
         apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
         kind: KubeadmConfigTemplate
diff --git a/templates/clusterclass/kcpt.yaml b/templates/clusterclass/kcpt.yaml
@@ -8,10 +8,6 @@ spec:
       kubeadmConfigSpec:
         clusterConfiguration:
           apiServer:
-            certSANs:
-              - localhost
-              - 127.0.0.1
-              - 0.0.0.0
             extraArgs:
               cloud-provider: external
               tls-cipher-suites: ${TLS_CIPHER_SUITES=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256}
diff --git a/test/e2e/data/infrastructure-nutanix/v1beta1/clusterclass-e2e.yaml b/test/e2e/data/infrastructure-nutanix/v1beta1/clusterclass-e2e.yaml
@@ -345,6 +345,14 @@ spec:
               sudo: ALL=(ALL) NOPASSWD:ALL
               sshAuthorizedKeys:
                 - '{{ .sshKey }}'
+      - op: add
+        path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer
+        valueFrom:
+          template: |
+            certSANs
+            - localhost
+            - 127.0.0.1
+            - 0.0.0.0
       selector:
         apiVersion: controlplane.cluster.x-k8s.io/v1beta1
         kind: KubeadmControlPlaneTemplate
@@ -604,10 +612,6 @@ spec:
       kubeadmConfigSpec:
         clusterConfiguration:
           apiServer:
-            certSANs:
-            - localhost
-            - 127.0.0.1
-            - 0.0.0.0
             extraArgs:
               cloud-provider: external
               tls-cipher-suites: ${TLS_CIPHER_SUITES=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256}
