added variable for certSAN

Author: deepakm-ntnx

templates/cluster-template-clusterclass.yaml

@@ -349,10 +349,7 @@ spec:
         path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer
         valueFrom:
           template: |
-            certSANs:
-            - localhost
-            - 127.0.0.1
-            - 0.0.0.0
+            certSANs: [ {{ .apiServerSigningCertExtraCertSANs }} ]
       selector:
         apiVersion: controlplane.cluster.x-k8s.io/v1beta1
         kind: KubeadmControlPlaneTemplate
@@ -506,6 +503,13 @@ spec:
           port:
             type: integer
         type: object
+  - name: apiServerSigningCertExtraCertSANs
+    required: true
+    schema:
+      openAPIV3Schema:
+        description: Set extra Subject Alternative Names (SANs) for the API Server
+          signing certificate.
+        type: string
   - name: prismCentralEndpoint
     required: true
     schema:

templates/cluster-template-topology.yaml

@@ -52,6 +52,8 @@ spec:
         systemDiskSize: ${NUTANIX_SYSTEMDISK_SIZE=40Gi}
         vcpuSockets: ${NUTANIX_MACHINE_VCPU_SOCKET=2}
         vcpusPerSocket: ${NUTANIX_MACHINE_VCPU_PER_SOCKET=1}
+    - name: apiServerSigningCertExtraCertSANs
+      value: localhost, 127.0.0.1, 0.0.0.0
     version: ${KUBERNETES_VERSION}
     workers:
       machineDeployments:

templates/clusterclass/clusterclass.yaml

@@ -103,10 +103,7 @@ spec:
         path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer
         valueFrom:
           template: |
-            certSANs:
-            - localhost
-            - 127.0.0.1
-            - 0.0.0.0
+            certSANs: [ {{ .apiServerSigningCertExtraCertSANs }} ]
     - selector:
         apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
         kind: KubeadmConfigTemplate
@@ -254,6 +251,12 @@ spec:
           port:
             type: integer
         type: object
+  - name: apiServerSigningCertExtraCertSANs
+    required: true
+    schema:
+      openAPIV3Schema:
+        description: Set extra Subject Alternative Names (SANs) for the API Server signing certificate.
+        type: string
   - name: prismCentralEndpoint
     required: true
     schema:

templates/topology/cluster-with-topology.yaml

@@ -55,3 +55,5 @@ spec:
         imageName: "${NUTANIX_MACHINE_TEMPLATE_IMAGE_NAME}"
         clusterName: "${NUTANIX_PRISM_ELEMENT_CLUSTER_NAME}"
         subnetName: "${NUTANIX_SUBNET_NAME}"
+    - name: apiServerSigningCertExtraCertSANs
+      value: "localhost, 127.0.0.1, 0.0.0.0"

test/e2e/data/infrastructure-nutanix/v1beta1/clusterclass-e2e.yaml

@@ -349,10 +349,7 @@ spec:
         path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer
         valueFrom:
           template: |
-            certSANs:
-            - localhost
-            - 127.0.0.1
-            - 0.0.0.0
+            certSANs: [ {{ .apiServerSigningCertExtraCertSANs }} ]
       selector:
         apiVersion: controlplane.cluster.x-k8s.io/v1beta1
         kind: KubeadmControlPlaneTemplate
@@ -506,6 +503,13 @@ spec:
           port:
             type: integer
         type: object
+  - name: apiServerSigningCertExtraCertSANs
+    required: true
+    schema:
+      openAPIV3Schema:
+        description: Set extra Subject Alternative Names (SANs) for the API Server
+          signing certificate.
+        type: string
   - name: prismCentralEndpoint
     required: true
     schema: