From 9e50bbd5b2c8148d2aab683257724f60d22c7045 Mon Sep 17 00:00:00 2001 From: Jiayi Wang Date: Thu, 5 Jan 2023 14:56:09 -0500 Subject: [PATCH 22/34] Make bottlerocket admin, control, custom bootstrap container images updatable in webhook --- .../v1beta1/kubeadm_control_plane_webhook.go | 6 +++ .../kubeadm_control_plane_webhook_test.go | 54 +++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_webhook.go b/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_webhook.go index 1d0d4abfd..d25eb0c95 100644 --- a/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_webhook.go +++ b/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_webhook.go @@ -141,6 +141,9 @@ func (in *KubeadmControlPlane) ValidateUpdate(old runtime.Object) error { allowedPaths := [][]string{ {"metadata", "*"}, {spec, kubeadmConfigSpec, clusterConfiguration, "bottlerocketBootstrap", "*"}, + {spec, kubeadmConfigSpec, clusterConfiguration, "bottlerocketAdmin", "*"}, + {spec, kubeadmConfigSpec, clusterConfiguration, "bottlerocketControl", "*"}, + {spec, kubeadmConfigSpec, clusterConfiguration, "bottlerocketCustomBootstrapContainers"}, {spec, kubeadmConfigSpec, clusterConfiguration, "pause", "*"}, {spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "imageRepository"}, {spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "imageTag"}, @@ -166,6 +169,9 @@ func (in *KubeadmControlPlane) ValidateUpdate(old runtime.Object) error { {spec, kubeadmConfigSpec, joinConfiguration, skipPhases}, {spec, kubeadmConfigSpec, joinConfiguration, "bottlerocketBootstrap", "*"}, {spec, kubeadmConfigSpec, joinConfiguration, "pause", "*"}, + {spec, kubeadmConfigSpec, joinConfiguration, "bottlerocketAdmin", "*"}, + {spec, kubeadmConfigSpec, joinConfiguration, "bottlerocketControl", "*"}, + {spec, kubeadmConfigSpec, joinConfiguration, "bottlerocketCustomBootstrapContainers"}, {spec, kubeadmConfigSpec, preKubeadmCommands}, {spec, kubeadmConfigSpec, postKubeadmCommands}, {spec, kubeadmConfigSpec, files}, diff --git a/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_webhook_test.go b/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_webhook_test.go index 86c02c2e5..38caa9e1e 100644 --- a/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_webhook_test.go +++ b/controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_webhook_test.go @@ -659,6 +659,24 @@ func TestKubeadmControlPlaneValidateUpdate(t *testing.T) { validUpdateJoinConfBRBootstrapImage := before.DeepCopy() validUpdateJoinConfBRBootstrapImage.Spec.KubeadmConfigSpec.JoinConfiguration.BottlerocketBootstrap = bootstrapv1.BottlerocketBootstrap{ImageMeta: bootstrapv1.ImageMeta{ImageTag: "v1.1.0+new"}} + validUpdateClusterConfBRAdminImage := before.DeepCopy() + validUpdateClusterConfBRAdminImage.Spec.KubeadmConfigSpec.ClusterConfiguration.BottlerocketAdmin = bootstrapv1.BottlerocketAdmin{ImageMeta: bootstrapv1.ImageMeta{ImageTag: "v1.1.0+new"}} + + validUpdateClusterConfBRControlImage := before.DeepCopy() + validUpdateClusterConfBRControlImage.Spec.KubeadmConfigSpec.ClusterConfiguration.BottlerocketControl = bootstrapv1.BottlerocketControl{ImageMeta: bootstrapv1.ImageMeta{ImageTag: "v1.1.0+new"}} + + validUpdateClusterConfBRCustomBootstrapContainers := before.DeepCopy() + validUpdateClusterConfBRCustomBootstrapContainers.Spec.KubeadmConfigSpec.ClusterConfiguration.BottlerocketCustomBootstrapContainers = []bootstrapv1.BottlerocketBootstrapContainer{{ImageMeta: bootstrapv1.ImageMeta{ImageTag: "v1.1.0+new"}}} + + validUpdateJoinConfBRAdminImage := before.DeepCopy() + validUpdateJoinConfBRAdminImage.Spec.KubeadmConfigSpec.JoinConfiguration.BottlerocketAdmin = bootstrapv1.BottlerocketAdmin{ImageMeta: bootstrapv1.ImageMeta{ImageTag: "v1.1.0+new"}} + + validUpdateJoinConfBRControlImage := before.DeepCopy() + validUpdateJoinConfBRControlImage.Spec.KubeadmConfigSpec.JoinConfiguration.BottlerocketControl = bootstrapv1.BottlerocketControl{ImageMeta: bootstrapv1.ImageMeta{ImageTag: "v1.1.0+new"}} + + validUpdateJoinConfBRCustomBootstrapContainers := before.DeepCopy() + validUpdateJoinConfBRCustomBootstrapContainers.Spec.KubeadmConfigSpec.JoinConfiguration.BottlerocketCustomBootstrapContainers = []bootstrapv1.BottlerocketBootstrapContainer{{ImageMeta: bootstrapv1.ImageMeta{ImageTag: "v1.1.0+new"}}} + updateInitConfigurationSkipPhases := before.DeepCopy() updateInitConfigurationSkipPhases.Spec.KubeadmConfigSpec.InitConfiguration.SkipPhases = []string{"addon/kube-proxy"} @@ -1038,6 +1056,24 @@ func TestKubeadmControlPlaneValidateUpdate(t *testing.T) { before: before, kcp: validUpdateClusterConfBRBootstrapImage, }, + { + name: "should allow changes to cluster configuration bottlerocket admin image", + expectErr: false, + before: before, + kcp: validUpdateClusterConfBRAdminImage, + }, + { + name: "should allow changes to cluster configuration bottlerocket control image", + expectErr: false, + before: before, + kcp: validUpdateClusterConfBRControlImage, + }, + { + name: "should allow changes to cluster configuration bottlerocket custom bootstrap containers", + expectErr: false, + before: before, + kcp: validUpdateClusterConfBRCustomBootstrapContainers, + }, { name: "should allow changes to join configuration pause image", expectErr: false, @@ -1050,6 +1086,24 @@ func TestKubeadmControlPlaneValidateUpdate(t *testing.T) { before: before, kcp: validUpdateJoinConfBRBootstrapImage, }, + { + name: "should allow changes to join configuration bottlerocket admin image", + expectErr: false, + before: before, + kcp: validUpdateJoinConfBRAdminImage, + }, + { + name: "should allow changes to join configuration bottlerocket control image", + expectErr: false, + before: before, + kcp: validUpdateJoinConfBRControlImage, + }, + { + name: "should allow changes to join configuration bottlerocket custom bootstrap containers", + expectErr: false, + before: before, + kcp: validUpdateJoinConfBRCustomBootstrapContainers, + }, } for _, tt := range tests { -- 2.40.0