Support VPC security group for PowerVS clusters

Author: dharaneeshvrd

api/v1beta1/zz_generated.conversion.go

@@ -85,6 +85,11 @@ const (
 	// NetworkReconciliationFailedReason used when an error occurs during network reconciliation.
 	NetworkReconciliationFailedReason = "NetworkReconciliationFailed"
 
+	// VPCSecurityGroupReadyCondition reports on the successful reconciliation of a VPC.
+	VPCSecurityGroupReadyCondition capiv1beta1.ConditionType = "VPCSecurityGroupReady"
+	// VPCSecurityGroupReconciliationFailedReason used when an error occurs during VPC reconciliation.
+	VPCSecurityGroupReconciliationFailedReason = "VPCSecurityGroupReconciliationFailed"
+
 	// VPCReadyCondition reports on the successful reconciliation of a VPC.
 	VPCReadyCondition capiv1beta1.ConditionType = "VPCReady"
 	// VPCReconciliationFailedReason used when an error occurs during VPC reconciliation.

api/v1beta2/conditions_consts.go

@@ -103,6 +103,10 @@ type IBMPowerVSClusterSpec struct {
 	// +optional
 	VPCSubnets []Subnet `json:"vpcSubnets,omitempty"`
 
+	// securityGroups to attach it to the VPC resource
+	// +optional
+	VPCSecurityGroups []SecurityGroup `json:"vpcSecurityGroups,omitempty"`
+
 	// transitGateway contains information about IBM Cloud TransitGateway
 	// IBM Cloud TransitGateway helps in establishing network connectivity between IBM Cloud Power VS and VPC infrastructure
 	// more information about TransitGateway can be found here https://www.ibm.com/products/transit-gateway.
@@ -200,6 +204,9 @@ type IBMPowerVSClusterStatus struct {
 	// vpcSubnet is reference to IBM Cloud VPC subnet.
 	VPCSubnet map[string]ResourceReference `json:"vpcSubnet,omitempty"`
 
+	// vpcSecurityGroups is reference to IBM Cloud VPC security group.
+	VPCSecurityGroups map[string]VPCSecurityGroupStatus `json:"vpcSecurityGroups,omitempty"`
+
 	// transitGateway is reference to IBM Cloud TransitGateway.
 	TransitGateway *ResourceReference `json:"transitGateway,omitempty"`
 

api/v1beta2/ibmpowervscluster_types.go

@@ -93,6 +93,17 @@ type AdditionalListenerSpec struct {
 	Port int64 `json:"port"`
 }
 
+// VPCSecurityGroupStatus defines a vpc security group resource status with its id and respective rule's ids.
+type VPCSecurityGroupStatus struct {
+	// id represents the id of the resource.
+	ID *string `json:"id,omitempty"`
+	// rules contains the id of rules created under the security group
+	RuleIDs []*string `json:"rules,omitempty"`
+	// +kubebuilder:default=false
+	// controllerCreated indicates whether the resource is created by the controller.
+	ControllerCreated *bool `json:"controllerCreated,omitempty"`
+}
+
 // VPCLoadBalancerStatus defines the status VPC load balancer.
 type VPCLoadBalancerStatus struct {
 	// id of VPC load balancer.