Skip to content

Commit c03744d

Browse files
CrystalChunCrystalChun
authored
MGMT-16709: Add ignition headers to Agent CR (#97)
* MGMT-16709: Pull new assisted-service APIs for ignition headers https://issues.redhat.com/browse/MGMT-16709 * MGMT-16709: Update Agent CR with ignition headers https://issues.redhat.com/browse/MGMT-16709
1 parent a5792ff commit c03744d

File tree

285 files changed

+7558
-4466
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

285 files changed

+7558
-4466
lines changed

controllers/agentmachine_controller.go

Lines changed: 25 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -136,15 +136,15 @@ func (r *AgentMachineReconciler) Reconcile(ctx context.Context, req ctrl.Request
136136
return ctrl.Result{}, r.updateStatus(ctx, log, agentMachine, err)
137137
}
138138

139-
machineConfigPool, ignitionTokenSecretRef, err := r.processBootstrapDataSecret(ctx, log, machine)
139+
machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders, err := r.processBootstrapDataSecret(ctx, log, machine)
140140
if err != nil {
141141
return ctrl.Result{}, err
142142
}
143143

144144
// If the AgentMachine doesn't have an agent, find one and set the agentRef
145145
if agentMachine.Status.AgentRef == nil {
146146
var foundAgent *aiv1beta1.Agent
147-
foundAgent, err = r.findAgent(ctx, log, agentMachine, agentCluster.Status.ClusterDeploymentRef, machineConfigPool, ignitionTokenSecretRef)
147+
foundAgent, err = r.findAgent(ctx, log, agentMachine, agentCluster.Status.ClusterDeploymentRef, machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders)
148148
if foundAgent == nil || err != nil {
149149
return ctrl.Result{}, r.updateStatus(ctx, log, agentMachine, err)
150150
}
@@ -257,6 +257,7 @@ func (r *AgentMachineReconciler) handleDeletionHook(ctx context.Context, log log
257257
delete(agent.ObjectMeta.Annotations, AgentMachineRefNamespace)
258258
agent.Spec.MachineConfigPool = ""
259259
agent.Spec.IgnitionEndpointTokenReference = nil
260+
agent.Spec.IgnitionEndpointHTTPHeaders = nil
260261
agent.Spec.ClusterDeploymentName = nil
261262
if err := r.Update(ctx, agent); err != nil {
262263
log.WithError(err).Error("failed to remove the Agent's ClusterDeployment ref")
@@ -307,7 +308,7 @@ func (r *AgentMachineReconciler) getAgentCluster(ctx context.Context, log logrus
307308

308309
func (r *AgentMachineReconciler) findAgent(ctx context.Context, log logrus.FieldLogger, agentMachine *capiproviderv1.AgentMachine,
309310
clusterDeploymentRef capiproviderv1.ClusterDeploymentReference, machineConfigPool string,
310-
ignitionTokenSecretRef *aiv1beta1.IgnitionEndpointTokenReference) (*aiv1beta1.Agent, error) {
311+
ignitionTokenSecretRef *aiv1beta1.IgnitionEndpointTokenReference, ignitionEndpointHTTPHeaders map[string]string) (*aiv1beta1.Agent, error) {
311312

312313
foundAgent, err := r.findAgentWithAgentMachineLabel(ctx, log, agentMachine)
313314
if err != nil {
@@ -343,7 +344,7 @@ func (r *AgentMachineReconciler) findAgent(ctx context.Context, log logrus.Field
343344
if isValidAgent(&agents.Items[i]) {
344345
foundAgent = &agents.Items[i]
345346
log.Infof("Found agent to associate with AgentMachine: %s/%s", foundAgent.Namespace, foundAgent.Name)
346-
err = r.updateFoundAgent(ctx, log, agentMachine, foundAgent, clusterDeploymentRef, machineConfigPool, ignitionTokenSecretRef)
347+
err = r.updateFoundAgent(ctx, log, agentMachine, foundAgent, clusterDeploymentRef, machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders)
347348
if err != nil {
348349
// If we failed to update the agent then it might have already been taken, try the others
349350
log.WithError(err).Infof("failed to update found agent, trying other agents")
@@ -412,7 +413,7 @@ func (r *AgentMachineReconciler) updateAgentMachineWithFoundAgent(ctx context.Co
412413
func (r *AgentMachineReconciler) updateFoundAgent(ctx context.Context, log logrus.FieldLogger,
413414
agentMachine *capiproviderv1.AgentMachine, agent *aiv1beta1.Agent,
414415
clusterDeploymentRef capiproviderv1.ClusterDeploymentReference, machineConfigPool string,
415-
ignitionTokenSecretRef *aiv1beta1.IgnitionEndpointTokenReference) error {
416+
ignitionTokenSecretRef *aiv1beta1.IgnitionEndpointTokenReference, ignitionEndpointHTTPHeaders map[string]string) error {
416417

417418
log.Infof("Updating Agent %s/%s to be referenced by AgentMachine", agent.Namespace, agent.Name)
418419
if agent.ObjectMeta.Labels == nil {
@@ -426,6 +427,7 @@ func (r *AgentMachineReconciler) updateFoundAgent(ctx context.Context, log logru
426427
agent.Spec.ClusterDeploymentName = &aiv1beta1.ClusterReference{Namespace: clusterDeploymentRef.Namespace, Name: clusterDeploymentRef.Name}
427428
agent.Spec.MachineConfigPool = machineConfigPool
428429
agent.Spec.IgnitionEndpointTokenReference = ignitionTokenSecretRef
430+
agent.Spec.IgnitionEndpointHTTPHeaders = ignitionEndpointHTTPHeaders
429431

430432
if err := r.AgentClient.Update(ctx, agent); err != nil {
431433
log.WithError(err).Errorf("failed to update found Agent %s", agent.Name)
@@ -435,22 +437,23 @@ func (r *AgentMachineReconciler) updateFoundAgent(ctx context.Context, log logru
435437
}
436438

437439
func (r *AgentMachineReconciler) processBootstrapDataSecret(ctx context.Context, log logrus.FieldLogger,
438-
machine *clusterv1.Machine) (string, *aiv1beta1.IgnitionEndpointTokenReference, error) {
440+
machine *clusterv1.Machine) (string, *aiv1beta1.IgnitionEndpointTokenReference, map[string]string, error) {
439441

440442
machineConfigPool := ""
441443
var ignitionTokenSecretRef *aiv1beta1.IgnitionEndpointTokenReference
444+
ignitionEndpointHTTPHeaders := make(map[string]string)
442445

443446
if machine.Spec.Bootstrap.DataSecretName == nil {
444447
log.Info("No data secret, continuing")
445-
return machineConfigPool, ignitionTokenSecretRef, nil
448+
return machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders, nil
446449
}
447450

448451
// For now we assume that if we have bootstrap data then it is an ignition config containing the ignition source and token.
449452
bootstrapDataSecret := &corev1.Secret{}
450453
bootstrapDataSecretRef := types.NamespacedName{Namespace: machine.Namespace, Name: *machine.Spec.Bootstrap.DataSecretName}
451454
if err := r.Get(ctx, bootstrapDataSecretRef, bootstrapDataSecret); err != nil {
452455
log.WithError(err).Errorf("Failed to get user-data secret %s", *machine.Spec.Bootstrap.DataSecretName)
453-
return machineConfigPool, ignitionTokenSecretRef, err
456+
return machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders, err
454457
}
455458
if err := ensureSecretLabel(ctx, r.AgentClient, bootstrapDataSecret); err != nil {
456459
log.WithError(err).Warnf("Failed to label secret %s/%s for backup", bootstrapDataSecret.Name, bootstrapDataSecret.Namespace)
@@ -459,28 +462,30 @@ func (r *AgentMachineReconciler) processBootstrapDataSecret(ctx context.Context,
459462
ignitionConfig := &ignitionapi.Config{}
460463
if err := json.Unmarshal(bootstrapDataSecret.Data["value"], ignitionConfig); err != nil {
461464
log.WithError(err).Errorf("Failed to unmarshal user-data secret %s", *machine.Spec.Bootstrap.DataSecretName)
462-
return machineConfigPool, ignitionTokenSecretRef, err
465+
return machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders, err
463466
}
464467

465468
if len(ignitionConfig.Ignition.Config.Merge) != 1 {
466469
log.Errorf("expected one ignition source in secret %s but found %d", *machine.Spec.Bootstrap.DataSecretName, len(ignitionConfig.Ignition.Config.Merge))
467-
return machineConfigPool, ignitionTokenSecretRef, errors.New("did not find one ignition source as expected")
470+
return machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders, errors.New("did not find one ignition source as expected")
468471
}
469472

470473
ignitionSource := ignitionConfig.Ignition.Config.Merge[0]
471474
machineConfigPool = (*ignitionSource.Source)[strings.LastIndex((*ignitionSource.Source), "/")+1:]
472475

473476
token := ""
474477
for _, header := range ignitionSource.HTTPHeaders {
475-
if header.Name != "Authorization" {
476-
continue
477-
}
478-
expectedPrefix := "Bearer "
479-
if !strings.HasPrefix(*header.Value, expectedPrefix) {
480-
log.Errorf("did not find expected prefix for bearer token in user-data secret %s", *machine.Spec.Bootstrap.DataSecretName)
481-
return machineConfigPool, ignitionTokenSecretRef, errors.New("did not find expected prefix for bearer token")
478+
if header.Name == "Authorization" {
479+
expectedPrefix := "Bearer "
480+
if !strings.HasPrefix(*header.Value, expectedPrefix) {
481+
log.Errorf("did not find expected prefix for bearer token in user-data secret %s", *machine.Spec.Bootstrap.DataSecretName)
482+
return machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders, errors.New("did not find expected prefix for bearer token")
483+
}
484+
token = (*header.Value)[len(expectedPrefix):]
485+
} else {
486+
ignitionEndpointHTTPHeaders[header.Name] = *header.Value
482487
}
483-
token = (*header.Value)[len(expectedPrefix):]
488+
484489
}
485490

486491
ignitionTokenSecretName := fmt.Sprintf("agent-%s", *machine.Spec.Bootstrap.DataSecretName)
@@ -505,10 +510,10 @@ func (r *AgentMachineReconciler) processBootstrapDataSecret(ctx context.Context,
505510
}
506511
if err != nil {
507512
log.WithError(err).Error("Failed to create ignitionTokenSecret")
508-
return machineConfigPool, ignitionTokenSecretRef, err
513+
return machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders, err
509514
}
510515

511-
return machineConfigPool, ignitionTokenSecretRef, nil
516+
return machineConfigPool, ignitionTokenSecretRef, ignitionEndpointHTTPHeaders, nil
512517
}
513518

514519
func isValidAgent(agent *aiv1beta1.Agent) bool {

controllers/agentmachine_controller_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -410,7 +410,7 @@ var _ = Describe("agentmachine reconcile", func() {
410410

411411
clusterDepRef := capiproviderv1.ClusterDeploymentReference{Namespace: testNamespace, Name: "my-cd"}
412412
log := amr.Log.WithFields(logrus.Fields{"agent_machine": "agentMachine-1", "agent_machine_namespace": testNamespace})
413-
Expect(amr.updateFoundAgent(ctx, log, agentMachine, agent, clusterDepRef, "", nil)).To(BeNil())
413+
Expect(amr.updateFoundAgent(ctx, log, agentMachine, agent, clusterDepRef, "", nil, nil)).To(BeNil())
414414

415415
result, err := amr.Reconcile(ctx, agentMachineRequest)
416416
Expect(err).To(BeNil())

go.mod

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -8,17 +8,17 @@ go 1.18
88
// github.com/go-logr/logr on v0.4.x
99
// k8s.io/klog/v2 on v2.10.x
1010
require (
11-
github.com/coreos/ignition/v2 v2.9.0
11+
github.com/coreos/ignition/v2 v2.14.0
1212
github.com/go-openapi/swag v0.22.4
1313
github.com/golang/mock v1.6.0
1414
github.com/onsi/ginkgo v1.16.5
1515
github.com/onsi/gomega v1.27.10
1616
github.com/openshift/cluster-api-provider-agent/api v0.0.0-20230918065757-81658c4ddf2f
17-
github.com/openshift/custom-resource-status v1.1.1
17+
github.com/openshift/custom-resource-status v1.1.2
1818
github.com/openshift/hive/apis v0.0.0-20220222213051-def9088fdb5a
1919
github.com/pkg/errors v0.9.1
2020
github.com/sirupsen/logrus v1.9.0
21-
github.com/thoas/go-funk v0.8.0
21+
github.com/thoas/go-funk v0.9.2
2222
k8s.io/api v0.28.2
2323
k8s.io/apimachinery v0.28.2
2424
k8s.io/client-go v0.28.2
@@ -28,19 +28,19 @@ require (
2828
)
2929

3030
require (
31-
github.com/openshift/assisted-service/api v0.0.0-20220811161334-09c4cb098e96
31+
github.com/openshift/assisted-service/api v0.0.0
3232
github.com/openshift/assisted-service/models v0.0.0
3333
)
3434

3535
require (
36-
github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect
36+
github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
3737
github.com/beorn7/perks v1.0.1 // indirect
3838
github.com/blang/semver v3.5.1+incompatible // indirect
3939
github.com/blang/semver/v4 v4.0.0 // indirect
4040
github.com/cespare/xxhash/v2 v2.2.0 // indirect
4141
github.com/coreos/go-semver v0.3.1 // indirect
4242
github.com/coreos/go-systemd/v22 v22.5.0 // indirect
43-
github.com/coreos/vcontext v0.0.0-20201120045928-b0e13dab675c // indirect
43+
github.com/coreos/vcontext v0.0.0-20211021162308-f1dbbca7bef4 // indirect
4444
github.com/davecgh/go-spew v1.1.1 // indirect
4545
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
4646
github.com/evanphx/json-patch v5.7.0+incompatible // indirect
@@ -49,14 +49,13 @@ require (
4949
github.com/go-logr/logr v1.2.4 // indirect
5050
github.com/go-logr/zapr v1.2.4 // indirect
5151
github.com/go-openapi/analysis v0.21.2 // indirect
52-
github.com/go-openapi/errors v0.20.2 // indirect
52+
github.com/go-openapi/errors v0.20.3 // indirect
5353
github.com/go-openapi/jsonpointer v0.20.0 // indirect
5454
github.com/go-openapi/jsonreference v0.20.2 // indirect
5555
github.com/go-openapi/loads v0.21.1 // indirect
56-
github.com/go-openapi/spec v0.20.4 // indirect
57-
github.com/go-openapi/strfmt v0.21.2 // indirect
58-
github.com/go-openapi/validate v0.21.0 // indirect
59-
github.com/go-stack/stack v1.8.0 // indirect
56+
github.com/go-openapi/spec v0.20.7 // indirect
57+
github.com/go-openapi/strfmt v0.21.3 // indirect
58+
github.com/go-openapi/validate v0.22.0 // indirect
6059
github.com/gobuffalo/flect v1.0.2 // indirect
6160
github.com/gogo/protobuf v1.3.2 // indirect
6261
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
@@ -79,20 +78,21 @@ require (
7978
github.com/nxadm/tail v1.4.8 // indirect
8079
github.com/oklog/ulid v1.3.1 // indirect
8180
github.com/openshift/api v0.0.0-20230915112357-693d4b64813c // indirect
81+
github.com/openshift/assisted-service v1.0.10-0.20230830164851-6573b5d7021d // indirect
8282
github.com/prometheus/client_golang v1.16.0 // indirect
8383
github.com/prometheus/client_model v0.4.0 // indirect
8484
github.com/prometheus/common v0.44.0 // indirect
8585
github.com/prometheus/procfs v0.11.1 // indirect
86-
github.com/spf13/pflag v1.0.5 // indirect
86+
github.com/spf13/pflag v1.0.6-0.20210604193023-d5e0c0615ace // indirect
8787
github.com/vincent-petithory/dataurl v1.0.0 // indirect
88-
go.mongodb.org/mongo-driver v1.7.5 // indirect
88+
go.mongodb.org/mongo-driver v1.10.0 // indirect
8989
go.uber.org/multierr v1.11.0 // indirect
9090
go.uber.org/zap v1.25.0 // indirect
9191
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
92-
golang.org/x/net v0.15.0 // indirect
92+
golang.org/x/net v0.17.0 // indirect
9393
golang.org/x/oauth2 v0.12.0 // indirect
94-
golang.org/x/sys v0.12.0 // indirect
95-
golang.org/x/term v0.12.0 // indirect
94+
golang.org/x/sys v0.13.0 // indirect
95+
golang.org/x/term v0.13.0 // indirect
9696
golang.org/x/text v0.13.0 // indirect
9797
golang.org/x/time v0.3.0 // indirect
9898
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
@@ -102,7 +102,7 @@ require (
102102
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
103103
gopkg.in/yaml.v2 v2.4.0 // indirect
104104
gopkg.in/yaml.v3 v3.0.1 // indirect
105-
gorm.io/gorm v1.23.1 // indirect
105+
gorm.io/gorm v1.24.5 // indirect
106106
k8s.io/apiextensions-apiserver v0.28.2 // indirect
107107
k8s.io/component-base v0.28.2 // indirect
108108
k8s.io/klog/v2 v2.100.1 // indirect
@@ -113,7 +113,7 @@ require (
113113
)
114114

115115
replace (
116-
github.com/openshift/assisted-service/api => github.com/openshift/assisted-service/api v0.0.0-20220811161334-09c4cb098e96
117-
github.com/openshift/assisted-service/models => github.com/openshift/assisted-service/models v0.0.0-20220811161334-09c4cb098e96
116+
github.com/openshift/assisted-service/api => github.com/openshift/assisted-service/api v0.0.0-20240207192840-bc922bad5830
117+
github.com/openshift/assisted-service/models => github.com/openshift/assisted-service/models v0.0.0-20240207192840-bc922bad5830
118118
github.com/openshift/cluster-api-provider-agent/api => ./api
119119
)

0 commit comments

Comments
 (0)