fixup! refactor: Use CAAPH templating rather than custom temlating

jimmidyson · jimmidyson · commit 9fe0052e64de · 2025-09-04T12:09:05.000+01:00
Use the ControlPlane reference in the CAAPH template and check the annotation for skip kube proxy on the referenced control plane object. As per https://cluster-api.sigs.k8s.io/reference/api/metadata-propagation\#cluster-topology the skip proxy annotation will be propagated to the annotations on the referenced control plane so is safe to check. CAAPH adds the referenced control plane to the variables referencable in the Helm values template.
diff --git a/charts/cluster-api-runtime-extensions-nutanix/addons/cni/cilium/values-template.yaml b/charts/cluster-api-runtime-extensions-nutanix/addons/cni/cilium/values-template.yaml
@@ -33,7 +33,11 @@ socketLB:
 envoy:
   image:
     useDigest: false
-{{- if .EnableKubeProxyReplacement }}
-kubeProxyReplacement: true
 k8sServiceHost: auto
+{{- with .ControlPlane }}
+{{- range $key, $val := .metadata.annotations }}
+{{- if eq $key "controlplane.cluster.x-k8s.io/skip-kube-proxy" }}
+kubeProxyReplacement: true{{ break }}
+{{- end }}
+{{- end }}
 {{- end }}
diff --git a/common/pkg/capi/utils/anootations.go b/common/pkg/capi/utils/anootations.go
diff --git a/hack/addons/kustomize/cilium/kustomization.yaml.tmpl b/hack/addons/kustomize/cilium/kustomization.yaml.tmpl
@@ -19,6 +19,7 @@ helmCharts:
   skipTests: true
   namespace: kube-system
   kubeVersion: ${E2E_KUBERNETES_VERSION}
+  # This values file will be created by the update-cilium-manifests.sh script when generating the CRS manifests.
   valuesFile: helm-values.yaml
   # The CRS manifests are generated from the Cilium Helm chart using Kustomize. The Cilium
   # Helm chart uses a Helm hook to generate TLS certificates for Hubble. As the
diff --git a/hack/addons/update-cilium-manifests.sh b/hack/addons/update-cilium-manifests.sh
@@ -24,7 +24,10 @@ mkdir -p "${ASSETS_DIR}/cilium"
 envsubst -no-unset <"${KUSTOMIZE_BASE_DIR}/kustomization.yaml.tmpl" >"${ASSETS_DIR}/kustomization.yaml"
 
 cat <<EOF >"${ASSETS_DIR}/gomplate-context.yaml"
-EnableKubeProxyReplacement: true
+ControlPlane:
+  metadata:
+    annotations:
+      controlplane.cluster.x-k8s.io/skip-kube-proxy: ""
 EOF
 gomplate -f "${GIT_REPO_ROOT}/charts/cluster-api-runtime-extensions-nutanix/addons/cni/cilium/values-template.yaml" \
   --context .="${ASSETS_DIR}/gomplate-context.yaml" \
diff --git a/hack/tools/fetch-images/main.go b/hack/tools/fetch-images/main.go
@@ -266,10 +266,16 @@ func getValuesFileForChartIfNeeded(chartName, carenChartDirectory string) (strin
 		}
 
 		type input struct {
-			EnableKubeProxyReplacement bool
+			ControlPlane map[string]interface{}
 		}
 		templateInput := input{
-			EnableKubeProxyReplacement: true,
+			ControlPlane: map[string]interface{}{
+				"metadata": map[string]interface{}{
+					"annotations": map[string]interface{}{
+						"controlplane.cluster.x-k8s.io/skip-kube-proxy": "",
+					},
+				},
+			},
 		}
 
 		err = template.Must(template.New(defaultHelmAddonFilename).ParseFiles(f)).Execute(tempFile, &templateInput)
diff --git a/pkg/handlers/generic/lifecycle/cni/cilium/handler.go b/pkg/handlers/generic/lifecycle/cni/cilium/handler.go
@@ -221,8 +221,7 @@ func (c *CiliumCNI) apply(
 			),
 			c.client,
 			helmChart,
-		).
-			WithValueTemplater(templateValues)
+		)
 	case "":
 		resp.SetStatus(runtimehooksv1.ResponseStatusFailure)
 		resp.SetMessage("strategy not specified for Cilium CNI addon")
diff --git a/pkg/handlers/generic/lifecycle/cni/cilium/template.go b/pkg/handlers/generic/lifecycle/cni/cilium/template.go
diff --git a/pkg/handlers/generic/mutation/kubeproxymode/inject.go b/pkg/handlers/generic/mutation/kubeproxymode/inject.go
@@ -24,7 +24,6 @@ import (
 	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/patches"
 	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/patches/selectors"
 	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/clustertopology/variables"
-	capiutils "github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/common/pkg/capi/utils"
 )
 
 const (
@@ -88,6 +87,11 @@ func (h *kubeProxyMode) Mutate(
 		return fmt.Errorf("failed to get cluster for kube proxy mode mutation: %w", err)
 	}
 
+	isSkipProxy := false
+	if cluster.Spec.Topology != nil {
+		_, isSkipProxy = cluster.Spec.Topology.ControlPlane.Metadata.Annotations[controlplanev1.SkipKubeProxyAnnotation]
+	}
+
 	kubeProxyMode, err := variables.Get[v1alpha1.KubeProxyMode](
 		vars,
 		h.variableName,
@@ -106,8 +110,6 @@ func (h *kubeProxyMode) Mutate(
 		kubeProxyMode,
 	)
 
-	isSkipProxy := capiutils.SkipKubeProxy(cluster)
-
 	if kubeProxyMode == "" && !isSkipProxy {
 		log.V(5).Info("kube proxy mode is not set or skipped, skipping mutation")
 		return nil

Original file line number	Diff line number	Diff line change
`@@ -266,10 +266,16 @@ func getValuesFileForChartIfNeeded(chartName, carenChartDirectory string) (strin`
`266`	`266`	`}`
`267`	`267`
`268`	`268`	`type input struct {`
`269`		`- EnableKubeProxyReplacement bool`
	`269`	`+ ControlPlane map[string]interface{}`
`270`	`270`	`}`
`271`	`271`	`templateInput := input{`
`272`		`- EnableKubeProxyReplacement: true,`
	`272`	`+ ControlPlane: map[string]interface{}{`
	`273`	`+ "metadata": map[string]interface{}{`
	`274`	`+ "annotations": map[string]interface{}{`
	`275`	`+ "controlplane.cluster.x-k8s.io/skip-kube-proxy": "",`
	`276`	`+ },`
	`277`	`+ },`
	`278`	`+ },`
`273`	`279`	`}`
`274`	`280`
`275`	`281`	`err = template.Must(template.New(defaultHelmAddonFilename).ParseFiles(f)).Execute(tempFile, &templateInput)`