wip: adding clusterclass support for aws managed control plane

Signed-off-by: Richard Case <[email protected]>

Author: richardcase

api/v1beta2/awsmanagedclustertemplate_types.go

@@ -0,0 +1,53 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// AWSManagedClusterTemplateSpec defines the desired state of AWSManagedClusterTemplate
+type AWSManagedClusterTemplateSpec struct {
+	Template AWSManagedClusterTemplateResource `json:"template"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:resource:path=awsmanagedclustertemplates,scope=Namespaced,categories=cluster-api,shortName=awsmct
+// +kubebuilder:storageversion
+
+// AWSManagedClusterTemplate is the Schema for the AWSManagedClusterTemplate.
+type AWSManagedClusterTemplate struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec AWSManagedClusterTemplateSpec `json:"spec,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// AWSManagedClusterTemplateList contains a list of AWSManagedClusterTemplates.
+type AWSManagedClusterTemplateList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []AWSManagedClusterTemplate `json:"items"`
+}
+
+// AWSManagedClusterTemplateResource describes the data needed to create an AWSManagedCluster from a template.
+type AWSManagedClusterTemplateResource struct {
+	Spec AWSManagedClusterTemplateResourceSpec `json:"spec"`
+}
+
+func init() {
+	SchemeBuilder.Register(&AWSManagedClusterTemplate{}, &AWSManagedClusterTemplateList{})
+}

api/v1beta2/types_template.go

@@ -0,0 +1,17 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+// AWSManagedClusterTemplateResourceSpec specifies the AWS managed cluster template resource.
+type AWSManagedClusterTemplateResourceSpec struct{}

api/v1beta2/zz_generated.deepcopy.go

@@ -423,7 +423,9 @@ func newAMCP(name string) *ekscontrolplanev1.AWSManagedControlPlane {
 			Namespace: "default",
 		},
 		Spec: ekscontrolplanev1.AWSManagedControlPlaneSpec{
-			EKSClusterName: generatedName,
+			AWSManagedControlPlaneClassSpec: ekscontrolplanev1.AWSManagedControlPlaneClassSpec{
+				EKSClusterName: generatedName,
+			},
 		},
 	}
 }

bootstrap/eks/controllers/eksconfig_controller_reconciler_test.go

@@ -1707,11 +1707,14 @@ spec:
                 description: Bastion contains options to configure the bastion host.
                 properties:
                   allowedCIDRBlocks:
+                    allOf:
+                    - items:
+                        type: string
+                    - items:
+                        type: string
                     description: AllowedCIDRBlocks is a list of CIDR blocks allowed
                       to access the bastion host. They are set as ingress rules for
                       the Bastion host's Security Group (defaults to 0.0.0.0/0).
-                    items:
-                      type: string
                     type: array
                   ami:
                     description: AMI will use the specified AMI to boot the bastion.
@@ -1782,10 +1785,13 @@ spec:
                       publicly accessible
                     type: boolean
                   publicCIDRs:
+                    allOf:
+                    - items:
+                        type: string
+                    - items:
+                        type: string
                     description: PublicCIDRs specifies which blocks can access the
                       public endpoint
-                    items:
-                      type: string
                     type: array
                 type: object
               iamAuthenticatorConfig:
@@ -2302,18 +2308,23 @@ spec:
                 description: The AWS Region the cluster lives in.
                 type: string
               roleAdditionalPolicies:
+                allOf:
+                - items:
+                    type: string
+                - items:
+                    type: string
                 description: RoleAdditionalPolicies allows you to attach additional
                   polices to the control plane role. You must enable the EKSAllowAddRoles
                   feature flag to incorporate these into the created role.
-                items:
-                  type: string
                 type: array
               roleName:
+                allOf:
+                - minLength: 2
+                - minLength: 2
                 description: RoleName specifies the name of IAM role that gives EKS
                   permission to make API calls. If the role is pre-existing we will
                   treat it as unmanaged and not delete it on deletion. If the EKSEnableIAM
                   feature flag is true and no name is supplied then a role is created.
-                minLength: 2
                 type: string
               secondaryCidrBlock:
                 description: SecondaryCidrBlock is the additional CIDR range to use