feat: add additionalTags AWS handlers

Author: dkoshkin

docs/content/customization/aws/tags.md

@@ -0,0 +1,110 @@
++++
+title = "AWS Additional Tags"
++++
+
+The AWS additional tags customization allows the user to specify custom tags to be applied to AWS resources created by the cluster.
+The customization can be applied at the cluster level, control plane level, and worker node level.
+This customization will be available when the
+[provider-specific cluster configuration patch]({{< ref "..">}}) is included in the `ClusterClass`.
+
+## Example
+
+To specify additional tags for all AWS resources, use the following configuration:
+
+```yaml
+apiVersion: cluster.x-k8s.io/v1beta1
+kind: Cluster
+metadata:
+  name: <NAME>
+spec:
+  topology:
+    variables:
+      - name: clusterConfig
+        value:
+          aws:
+            additionalTags:
+              Environment: production
+              Team: platform
+              CostCenter: "12345"
+          controlPlane:
+            aws:
+              additionalTags:
+                NodeType: control-plane
+      - name: workerConfig
+        value:
+          aws:
+            additionalTags:
+              NodeType: worker
+              Workload: general
+```
+
+We can further customize individual MachineDeployments by using the overrides field with the following configuration:
+
+```yaml
+spec:
+  topology:
+    # ...
+    workers:
+      machineDeployments:
+        - class: default-worker
+          name: md-0
+          variables:
+            overrides:
+              - name: workerConfig
+                value:
+                  aws:
+                    additionalTags:
+                      NodeType: worker
+                      Workload: database
+                      Environment: production
+```
+
+## Tag Precedence
+
+When tags are specified at multiple levels, the following precedence applies (higher precedence overrides lower):
+
+1. **Worker level tags** and **Control plane level tags** (highest precedence)
+1. **Cluster level tags** (lowest precedence)
+
+This means that if the same tag key is specified at multiple levels, the worker and contorl-plane level values will take precedence over the cluster level values.
+
+## Applying this configuration will result in the following values being set
+
+- `AWSCluster`:
+
+  - ```yaml
+    spec:
+      template:
+        spec:
+          additionalTags:
+            Environment: production
+            Team: platform
+            CostCenter: "12345"
+    ```
+
+- control-plane `AWSMachineTemplate`:
+
+  - ```yaml
+    spec:
+      template:
+        spec:
+          additionalTags:
+            Environment: production
+            Team: platform
+            CostCenter: "12345"
+            NodeType: control-plane
+    ```
+
+- worker `AWSMachineTemplate`:
+
+  - ```yaml
+    spec:
+      template:
+        spec:
+          additionalTags:
+            Environment: production
+            Team: platform
+            CostCenter: "12345"
+            NodeType: worker
+            Workload: general
+    ```

pkg/handlers/aws/mutation/metapatch_handler.go

@@ -18,6 +18,7 @@ import (
 	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/pkg/handlers/aws/mutation/placementgroup"
 	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/pkg/handlers/aws/mutation/region"
 	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/pkg/handlers/aws/mutation/securitygroups"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/pkg/handlers/aws/mutation/tags"
 	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/pkg/handlers/aws/mutation/volumes"
 	genericmutation "github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/pkg/handlers/generic/mutation"
 )
@@ -26,9 +27,11 @@ import (
 func MetaPatchHandler(mgr manager.Manager) handlers.Named {
 	patchHandlers := []mutation.MetaMutator{
 		calico.NewPatch(),
+		tags.NewClusterPatch(),
 		region.NewPatch(),
 		network.NewPatch(),
 		controlplaneloadbalancer.NewPatch(),
+		tags.NewControlPlanePatch(),
 		identityref.NewPatch(),
 		iaminstanceprofile.NewControlPlanePatch(),
 		instancetype.NewControlPlanePatch(),
@@ -50,6 +53,7 @@ func MetaPatchHandler(mgr manager.Manager) handlers.Named {
 // MetaWorkerPatchHandler returns a meta patch handler for mutating CAPA workers.
 func MetaWorkerPatchHandler(mgr manager.Manager) handlers.Named {
 	patchHandlers := []mutation.MetaMutator{
+		tags.NewWorkerPatch(),
 		iaminstanceprofile.NewWorkerPatch(),
 		instancetype.NewWorkerPatch(),
 		ami.NewWorkerPatch(),

pkg/handlers/aws/mutation/tags/inject.go

@@ -0,0 +1,96 @@
+// Copyright 2025 Nutanix. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package tags
+
+import (
+	"context"
+
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
+	runtimehooksv1 "sigs.k8s.io/cluster-api/exp/runtime/hooks/api/v1alpha1"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	capav1 "github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/api/external/sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/handlers/mutation"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/patches"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/variables"
+)
+
+const (
+	// VariableName is the external patch variable name.
+	VariableName = "additionalTags"
+)
+
+type awsTagsPatchHandler struct {
+	metaVariableName  string
+	variableFieldPath []string
+	patchSelector     clusterv1.PatchSelector
+}
+
+func NewAWSTagsPatchHandler(
+	metaVariableName string,
+	variableFieldPath []string,
+	patchSelector clusterv1.PatchSelector,
+) *awsTagsPatchHandler {
+	return &awsTagsPatchHandler{
+		metaVariableName:  metaVariableName,
+		variableFieldPath: variableFieldPath,
+		patchSelector:     patchSelector,
+	}
+}
+
+func (h *awsTagsPatchHandler) Mutate(
+	ctx context.Context,
+	obj *unstructured.Unstructured,
+	vars map[string]apiextensionsv1.JSON,
+	holderRef runtimehooksv1.HolderReference,
+	_ client.ObjectKey,
+	_ mutation.ClusterGetter,
+) error {
+	log := ctrl.LoggerFrom(ctx).WithValues(
+		"holderRef", holderRef,
+	)
+
+	additionalTagsVar, err := variables.Get[capav1.Tags](
+		vars,
+		h.metaVariableName,
+		h.variableFieldPath...,
+	)
+	if err != nil {
+		if variables.IsNotFoundError(err) {
+			log.V(5).Info("AWS additionalTags variable not defined")
+			return nil
+		}
+		return err
+	}
+
+	log = log.WithValues(
+		"variableName",
+		h.metaVariableName,
+		"variableFieldPath",
+		h.variableFieldPath,
+		"variableValue",
+		additionalTagsVar,
+	)
+
+	return patches.MutateIfApplicable(
+		obj,
+		vars,
+		&holderRef,
+		h.patchSelector,
+		log,
+		func(obj *capav1.AWSMachineTemplate) error {
+			log.WithValues(
+				"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
+				"patchedObjectName", client.ObjectKeyFromObject(obj),
+			).Info("setting additionalTags in AWSMachineTemplate spec")
+
+			obj.Spec.Template.Spec.AdditionalTags = additionalTagsVar
+
+			return nil
+		},
+	)
+}

pkg/handlers/aws/mutation/tags/inject_cluster.go

@@ -0,0 +1,104 @@
+// Copyright 2025 Nutanix. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package tags
+
+import (
+	"context"
+
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
+	runtimehooksv1 "sigs.k8s.io/cluster-api/exp/runtime/hooks/api/v1alpha1"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	capav1 "github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/api/external/sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/api/v1alpha1"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/handlers/mutation"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/patches"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/patches/selectors"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/variables"
+)
+
+type awsTagsClusterPatchHandler struct {
+	metaVariableName  string
+	variableFieldPath []string
+	patchSelector     clusterv1.PatchSelector
+}
+
+func NewAWSTagsClusterPatchHandler(
+	metaVariableName string,
+	variableFieldPath []string,
+	patchSelector clusterv1.PatchSelector,
+) *awsTagsClusterPatchHandler {
+	return &awsTagsClusterPatchHandler{
+		metaVariableName:  metaVariableName,
+		variableFieldPath: variableFieldPath,
+		patchSelector:     patchSelector,
+	}
+}
+
+func (h *awsTagsClusterPatchHandler) Mutate(
+	ctx context.Context,
+	obj *unstructured.Unstructured,
+	vars map[string]apiextensionsv1.JSON,
+	holderRef runtimehooksv1.HolderReference,
+	_ client.ObjectKey,
+	_ mutation.ClusterGetter,
+) error {
+	log := ctrl.LoggerFrom(ctx).WithValues(
+		"holderRef", holderRef,
+	)
+
+	additionalTagsVar, err := variables.Get[capav1.Tags](
+		vars,
+		h.metaVariableName,
+		h.variableFieldPath...,
+	)
+	if err != nil {
+		if variables.IsNotFoundError(err) {
+			log.V(5).Info("AWS additionalTags variable for cluster not defined")
+			return nil
+		}
+		return err
+	}
+
+	log = log.WithValues(
+		"variableName",
+		h.metaVariableName,
+		"variableFieldPath",
+		h.variableFieldPath,
+		"variableValue",
+		additionalTagsVar,
+	)
+
+	return patches.MutateIfApplicable(
+		obj,
+		vars,
+		&holderRef,
+		h.patchSelector,
+		log,
+		func(obj *capav1.AWSClusterTemplate) error {
+			log.WithValues(
+				"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
+				"patchedObjectName", client.ObjectKeyFromObject(obj),
+			).Info("setting additionalTags in AWSClusterTemplate spec")
+
+			obj.Spec.Template.Spec.AdditionalTags = additionalTagsVar
+
+			return nil
+		},
+	)
+}
+
+func NewClusterPatch() *awsTagsClusterPatchHandler {
+	return NewAWSTagsClusterPatchHandler(
+		v1alpha1.ClusterConfigVariableName,
+		[]string{
+			v1alpha1.AWSVariableName,
+			VariableName,
+		},
+		selectors.InfrastructureCluster(capav1.GroupVersion.Version, "AWSClusterTemplate"),
+	)
+}