diff --git a/api/v1alpha5/conversion.go b/api/v1alpha5/conversion.go
index 14302a23ea..39901bfd2e 100644
--- a/api/v1alpha5/conversion.go
+++ b/api/v1alpha5/conversion.go
@@ -215,6 +215,9 @@ func Convert_v1beta1_OpenStackClusterSpec_To_v1alpha5_OpenStackClusterSpec(in *i
out.AllowAllInClusterTraffic = in.ManagedSecurityGroups.AllowAllInClusterTraffic
}
+ out.CloudName = in.IdentityRef.CloudName
+ out.IdentityRef = &OpenStackIdentityReference{Name: in.IdentityRef.Name}
+
return nil
}
@@ -258,6 +261,11 @@ func Convert_v1alpha5_OpenStackClusterSpec_To_v1beta1_OpenStackClusterSpec(in *O
}
}
+ out.IdentityRef.CloudName = in.CloudName
+ if in.IdentityRef != nil {
+ out.IdentityRef.Name = in.IdentityRef.Name
+ }
+
return nil
}
@@ -321,6 +329,16 @@ func Convert_v1alpha5_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(in *O
}
out.Image = imageFilter
+ if in.IdentityRef != nil {
+ out.IdentityRef = &infrav1.OpenStackIdentityReference{Name: in.IdentityRef.Name}
+ }
+ if in.CloudName != "" {
+ if out.IdentityRef == nil {
+ out.IdentityRef = &infrav1.OpenStackIdentityReference{}
+ }
+ out.IdentityRef.CloudName = in.CloudName
+ }
+
return nil
}
@@ -606,6 +624,11 @@ func Convert_v1beta1_OpenStackMachineSpec_To_v1alpha5_OpenStackMachineSpec(in *i
out.ImageUUID = in.Image.ID
}
+ if in.IdentityRef != nil {
+ out.IdentityRef = &OpenStackIdentityReference{Name: in.IdentityRef.Name}
+ out.CloudName = in.IdentityRef.CloudName
+ }
+
return nil
}
@@ -690,3 +713,8 @@ func Convert_v1alpha5_SecurityGroup_To_v1beta1_SecurityGroupStatus(in *SecurityG
func Convert_v1alpha5_OpenStackIdentityReference_To_v1beta1_OpenStackIdentityReference(in *OpenStackIdentityReference, out *infrav1.OpenStackIdentityReference, s conversion.Scope) error {
return autoConvert_v1alpha5_OpenStackIdentityReference_To_v1beta1_OpenStackIdentityReference(in, out, s)
}
+
+func Convert_v1beta1_OpenStackIdentityReference_To_v1alpha5_OpenStackIdentityReference(in *infrav1.OpenStackIdentityReference, out *OpenStackIdentityReference, _ conversion.Scope) error {
+ out.Name = in.Name
+ return nil
+}
diff --git a/api/v1alpha5/conversion_test.go b/api/v1alpha5/conversion_test.go
index 6e0ab71e74..3aa5f57d43 100644
--- a/api/v1alpha5/conversion_test.go
+++ b/api/v1alpha5/conversion_test.go
@@ -46,10 +46,12 @@ func TestConvertFrom(t *testing.T) {
Spec: infrav1.OpenStackClusterSpec{},
},
want: &OpenStackCluster{
- Spec: OpenStackClusterSpec{},
+ Spec: OpenStackClusterSpec{
+ IdentityRef: &OpenStackIdentityReference{},
+ },
ObjectMeta: metav1.ObjectMeta{
Annotations: map[string]string{
- "cluster.x-k8s.io/conversion-data": "{\"spec\":{\"apiServerLoadBalancer\":{},\"cloudName\":\"\",\"controlPlaneEndpoint\":{\"host\":\"\",\"port\":0},\"disableAPIServerFloatingIP\":false,\"disableExternalNetwork\":false,\"externalNetwork\":{},\"managedSecurityGroups\":null,\"network\":{}},\"status\":{\"ready\":false}}",
+ "cluster.x-k8s.io/conversion-data": "{\"spec\":{\"apiServerLoadBalancer\":{},\"controlPlaneEndpoint\":{\"host\":\"\",\"port\":0},\"disableAPIServerFloatingIP\":false,\"disableExternalNetwork\":false,\"externalNetwork\":{},\"identityRef\":{\"cloudName\":\"\",\"name\":\"\"},\"managedSecurityGroups\":null,\"network\":{}},\"status\":{\"ready\":false}}",
},
},
},
@@ -61,10 +63,16 @@ func TestConvertFrom(t *testing.T) {
Spec: infrav1.OpenStackClusterTemplateSpec{},
},
want: &OpenStackClusterTemplate{
- Spec: OpenStackClusterTemplateSpec{},
+ Spec: OpenStackClusterTemplateSpec{
+ Template: OpenStackClusterTemplateResource{
+ Spec: OpenStackClusterSpec{
+ IdentityRef: &OpenStackIdentityReference{},
+ },
+ },
+ },
ObjectMeta: metav1.ObjectMeta{
Annotations: map[string]string{
- "cluster.x-k8s.io/conversion-data": "{\"spec\":{\"template\":{\"spec\":{\"apiServerLoadBalancer\":{},\"cloudName\":\"\",\"controlPlaneEndpoint\":{\"host\":\"\",\"port\":0},\"disableAPIServerFloatingIP\":false,\"disableExternalNetwork\":false,\"externalNetwork\":{},\"managedSecurityGroups\":null,\"network\":{}}}}}",
+ "cluster.x-k8s.io/conversion-data": "{\"spec\":{\"template\":{\"spec\":{\"apiServerLoadBalancer\":{},\"controlPlaneEndpoint\":{\"host\":\"\",\"port\":0},\"disableAPIServerFloatingIP\":false,\"disableExternalNetwork\":false,\"externalNetwork\":{},\"identityRef\":{\"cloudName\":\"\",\"name\":\"\"},\"managedSecurityGroups\":null,\"network\":{}}}}}",
},
},
},
@@ -79,7 +87,7 @@ func TestConvertFrom(t *testing.T) {
Spec: OpenStackMachineSpec{},
ObjectMeta: metav1.ObjectMeta{
Annotations: map[string]string{
- "cluster.x-k8s.io/conversion-data": "{\"spec\":{\"cloudName\":\"\",\"flavor\":\"\",\"image\":{}},\"status\":{\"dependentResources\":{},\"ready\":false,\"referencedResources\":{}}}",
+ "cluster.x-k8s.io/conversion-data": "{\"spec\":{\"flavor\":\"\",\"image\":{}},\"status\":{\"dependentResources\":{},\"ready\":false,\"referencedResources\":{}}}",
},
},
},
@@ -94,7 +102,7 @@ func TestConvertFrom(t *testing.T) {
Spec: OpenStackMachineTemplateSpec{},
ObjectMeta: metav1.ObjectMeta{
Annotations: map[string]string{
- "cluster.x-k8s.io/conversion-data": "{\"spec\":{\"template\":{\"spec\":{\"cloudName\":\"\",\"flavor\":\"\",\"image\":{}}}}}",
+ "cluster.x-k8s.io/conversion-data": "{\"spec\":{\"template\":{\"spec\":{\"flavor\":\"\",\"image\":{}}}}}",
},
},
},
diff --git a/api/v1alpha5/zz_generated.conversion.go b/api/v1alpha5/zz_generated.conversion.go
index b3f06aaa61..c6d7dc4e49 100644
--- a/api/v1alpha5/zz_generated.conversion.go
+++ b/api/v1alpha5/zz_generated.conversion.go
@@ -151,11 +151,6 @@ func RegisterConversions(s *runtime.Scheme) error {
}); err != nil {
return err
}
- if err := s.AddGeneratedConversionFunc((*v1beta1.OpenStackIdentityReference)(nil), (*OpenStackIdentityReference)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1beta1_OpenStackIdentityReference_To_v1alpha5_OpenStackIdentityReference(a.(*v1beta1.OpenStackIdentityReference), b.(*OpenStackIdentityReference), scope)
- }); err != nil {
- return err
- }
if err := s.AddGeneratedConversionFunc((*OpenStackMachine)(nil), (*v1beta1.OpenStackMachine)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1alpha5_OpenStackMachine_To_v1beta1_OpenStackMachine(a.(*OpenStackMachine), b.(*v1beta1.OpenStackMachine), scope)
}); err != nil {
@@ -371,6 +366,11 @@ func RegisterConversions(s *runtime.Scheme) error {
}); err != nil {
return err
}
+ if err := s.AddConversionFunc((*v1beta1.OpenStackIdentityReference)(nil), (*OpenStackIdentityReference)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1beta1_OpenStackIdentityReference_To_v1alpha5_OpenStackIdentityReference(a.(*v1beta1.OpenStackIdentityReference), b.(*OpenStackIdentityReference), scope)
+ }); err != nil {
+ return err
+ }
if err := s.AddConversionFunc((*v1beta1.OpenStackMachineSpec)(nil), (*OpenStackMachineSpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1beta1_OpenStackMachineSpec_To_v1alpha5_OpenStackMachineSpec(a.(*v1beta1.OpenStackMachineSpec), b.(*OpenStackMachineSpec), scope)
}); err != nil {
@@ -654,7 +654,7 @@ func Convert_v1beta1_OpenStackClusterList_To_v1alpha5_OpenStackClusterList(in *v
}
func autoConvert_v1alpha5_OpenStackClusterSpec_To_v1beta1_OpenStackClusterSpec(in *OpenStackClusterSpec, out *v1beta1.OpenStackClusterSpec, s conversion.Scope) error {
- out.CloudName = in.CloudName
+ // WARNING: in.CloudName requires manual conversion: does not exist in peer-type
// WARNING: in.NodeCIDR requires manual conversion: does not exist in peer-type
if err := Convert_v1alpha5_NetworkFilter_To_v1beta1_NetworkFilter(&in.Network, &out.Network, s); err != nil {
return err
@@ -695,20 +695,11 @@ func autoConvert_v1alpha5_OpenStackClusterSpec_To_v1beta1_OpenStackClusterSpec(i
} else {
out.Bastion = nil
}
- if in.IdentityRef != nil {
- in, out := &in.IdentityRef, &out.IdentityRef
- *out = new(v1beta1.OpenStackIdentityReference)
- if err := Convert_v1alpha5_OpenStackIdentityReference_To_v1beta1_OpenStackIdentityReference(*in, *out, s); err != nil {
- return err
- }
- } else {
- out.IdentityRef = nil
- }
+ // WARNING: in.IdentityRef requires manual conversion: inconvertible types (*sigs.k8s.io/cluster-api-provider-openstack/api/v1alpha5.OpenStackIdentityReference vs sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.OpenStackIdentityReference)
return nil
}
func autoConvert_v1beta1_OpenStackClusterSpec_To_v1alpha5_OpenStackClusterSpec(in *v1beta1.OpenStackClusterSpec, out *OpenStackClusterSpec, s conversion.Scope) error {
- out.CloudName = in.CloudName
// WARNING: in.ManagedSubnets requires manual conversion: does not exist in peer-type
// WARNING: in.Router requires manual conversion: does not exist in peer-type
if err := Convert_v1beta1_NetworkFilter_To_v1alpha5_NetworkFilter(&in.Network, &out.Network, s); err != nil {
@@ -751,15 +742,7 @@ func autoConvert_v1beta1_OpenStackClusterSpec_To_v1alpha5_OpenStackClusterSpec(i
} else {
out.Bastion = nil
}
- if in.IdentityRef != nil {
- in, out := &in.IdentityRef, &out.IdentityRef
- *out = new(OpenStackIdentityReference)
- if err := Convert_v1beta1_OpenStackIdentityReference_To_v1alpha5_OpenStackIdentityReference(*in, *out, s); err != nil {
- return err
- }
- } else {
- out.IdentityRef = nil
- }
+ // WARNING: in.IdentityRef requires manual conversion: inconvertible types (sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.OpenStackIdentityReference vs *sigs.k8s.io/cluster-api-provider-openstack/api/v1alpha5.OpenStackIdentityReference)
return nil
}
@@ -1013,14 +996,10 @@ func autoConvert_v1alpha5_OpenStackIdentityReference_To_v1beta1_OpenStackIdentit
func autoConvert_v1beta1_OpenStackIdentityReference_To_v1alpha5_OpenStackIdentityReference(in *v1beta1.OpenStackIdentityReference, out *OpenStackIdentityReference, s conversion.Scope) error {
out.Name = in.Name
+ // WARNING: in.CloudName requires manual conversion: does not exist in peer-type
return nil
}
-// Convert_v1beta1_OpenStackIdentityReference_To_v1alpha5_OpenStackIdentityReference is an autogenerated conversion function.
-func Convert_v1beta1_OpenStackIdentityReference_To_v1alpha5_OpenStackIdentityReference(in *v1beta1.OpenStackIdentityReference, out *OpenStackIdentityReference, s conversion.Scope) error {
- return autoConvert_v1beta1_OpenStackIdentityReference_To_v1alpha5_OpenStackIdentityReference(in, out, s)
-}
-
func autoConvert_v1alpha5_OpenStackMachine_To_v1beta1_OpenStackMachine(in *OpenStackMachine, out *v1beta1.OpenStackMachine, s conversion.Scope) error {
out.ObjectMeta = in.ObjectMeta
if err := Convert_v1alpha5_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(&in.Spec, &out.Spec, s); err != nil {
@@ -1098,7 +1077,7 @@ func Convert_v1beta1_OpenStackMachineList_To_v1alpha5_OpenStackMachineList(in *v
func autoConvert_v1alpha5_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(in *OpenStackMachineSpec, out *v1beta1.OpenStackMachineSpec, s conversion.Scope) error {
out.ProviderID = (*string)(unsafe.Pointer(in.ProviderID))
out.InstanceID = (*string)(unsafe.Pointer(in.InstanceID))
- out.CloudName = in.CloudName
+ // WARNING: in.CloudName requires manual conversion: does not exist in peer-type
out.Flavor = in.Flavor
// WARNING: in.Image requires manual conversion: inconvertible types (string vs sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.ImageFilter)
// WARNING: in.ImageUUID requires manual conversion: does not exist in peer-type
@@ -1149,7 +1128,6 @@ func autoConvert_v1alpha5_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(i
func autoConvert_v1beta1_OpenStackMachineSpec_To_v1alpha5_OpenStackMachineSpec(in *v1beta1.OpenStackMachineSpec, out *OpenStackMachineSpec, s conversion.Scope) error {
out.ProviderID = (*string)(unsafe.Pointer(in.ProviderID))
out.InstanceID = (*string)(unsafe.Pointer(in.InstanceID))
- out.CloudName = in.CloudName
out.Flavor = in.Flavor
// WARNING: in.Image requires manual conversion: inconvertible types (sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.ImageFilter vs string)
out.SSHKeyName = in.SSHKeyName
diff --git a/api/v1alpha6/conversion.go b/api/v1alpha6/conversion.go
index 13a7c8f98d..5526561dbe 100644
--- a/api/v1alpha6/conversion.go
+++ b/api/v1alpha6/conversion.go
@@ -529,6 +529,16 @@ func Convert_v1alpha6_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(in *O
out.ServerMetadata = serverMetadata
}
+ if in.IdentityRef != nil {
+ out.IdentityRef = &infrav1.OpenStackIdentityReference{Name: in.IdentityRef.Name}
+ }
+ if in.CloudName != "" {
+ if out.IdentityRef == nil {
+ out.IdentityRef = &infrav1.OpenStackIdentityReference{}
+ }
+ out.IdentityRef.CloudName = in.CloudName
+ }
+
return nil
}
@@ -624,6 +634,9 @@ func Convert_v1beta1_OpenStackClusterSpec_To_v1alpha6_OpenStackClusterSpec(in *i
out.AllowAllInClusterTraffic = in.ManagedSecurityGroups.AllowAllInClusterTraffic
}
+ out.CloudName = in.IdentityRef.CloudName
+ out.IdentityRef = &OpenStackIdentityReference{Name: in.IdentityRef.Name}
+
return nil
}
@@ -667,6 +680,11 @@ func Convert_v1alpha6_OpenStackClusterSpec_To_v1beta1_OpenStackClusterSpec(in *O
}
}
+ out.IdentityRef.CloudName = in.CloudName
+ if in.IdentityRef != nil {
+ out.IdentityRef.Name = in.IdentityRef.Name
+ }
+
return nil
}
@@ -973,6 +991,11 @@ func Convert_v1beta1_OpenStackMachineSpec_To_v1alpha6_OpenStackMachineSpec(in *i
out.ServerMetadata = serverMetadata
}
+ if in.IdentityRef != nil {
+ out.IdentityRef = &OpenStackIdentityReference{Name: in.IdentityRef.Name}
+ out.CloudName = in.IdentityRef.CloudName
+ }
+
return nil
}
@@ -1069,3 +1092,8 @@ func Convert_v1alpha6_SecurityGroup_To_v1beta1_SecurityGroupStatus(in *SecurityG
func Convert_v1alpha6_OpenStackIdentityReference_To_v1beta1_OpenStackIdentityReference(in *OpenStackIdentityReference, out *infrav1.OpenStackIdentityReference, s apiconversion.Scope) error {
return autoConvert_v1alpha6_OpenStackIdentityReference_To_v1beta1_OpenStackIdentityReference(in, out, s)
}
+
+func Convert_v1beta1_OpenStackIdentityReference_To_v1alpha6_OpenStackIdentityReference(in *infrav1.OpenStackIdentityReference, out *OpenStackIdentityReference, _ apiconversion.Scope) error {
+ out.Name = in.Name
+ return nil
+}
diff --git a/api/v1alpha6/zz_generated.conversion.go b/api/v1alpha6/zz_generated.conversion.go
index 489889727b..f27f605f86 100644
--- a/api/v1alpha6/zz_generated.conversion.go
+++ b/api/v1alpha6/zz_generated.conversion.go
@@ -160,11 +160,6 @@ func RegisterConversions(s *runtime.Scheme) error {
}); err != nil {
return err
}
- if err := s.AddGeneratedConversionFunc((*v1beta1.OpenStackIdentityReference)(nil), (*OpenStackIdentityReference)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1beta1_OpenStackIdentityReference_To_v1alpha6_OpenStackIdentityReference(a.(*v1beta1.OpenStackIdentityReference), b.(*OpenStackIdentityReference), scope)
- }); err != nil {
- return err
- }
if err := s.AddGeneratedConversionFunc((*OpenStackMachine)(nil), (*v1beta1.OpenStackMachine)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1alpha6_OpenStackMachine_To_v1beta1_OpenStackMachine(a.(*OpenStackMachine), b.(*v1beta1.OpenStackMachine), scope)
}); err != nil {
@@ -380,6 +375,11 @@ func RegisterConversions(s *runtime.Scheme) error {
}); err != nil {
return err
}
+ if err := s.AddConversionFunc((*v1beta1.OpenStackIdentityReference)(nil), (*OpenStackIdentityReference)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1beta1_OpenStackIdentityReference_To_v1alpha6_OpenStackIdentityReference(a.(*v1beta1.OpenStackIdentityReference), b.(*OpenStackIdentityReference), scope)
+ }); err != nil {
+ return err
+ }
if err := s.AddConversionFunc((*v1beta1.OpenStackMachineSpec)(nil), (*OpenStackMachineSpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1beta1_OpenStackMachineSpec_To_v1alpha6_OpenStackMachineSpec(a.(*v1beta1.OpenStackMachineSpec), b.(*OpenStackMachineSpec), scope)
}); err != nil {
@@ -680,7 +680,7 @@ func Convert_v1beta1_OpenStackClusterList_To_v1alpha6_OpenStackClusterList(in *v
}
func autoConvert_v1alpha6_OpenStackClusterSpec_To_v1beta1_OpenStackClusterSpec(in *OpenStackClusterSpec, out *v1beta1.OpenStackClusterSpec, s conversion.Scope) error {
- out.CloudName = in.CloudName
+ // WARNING: in.CloudName requires manual conversion: does not exist in peer-type
// WARNING: in.NodeCIDR requires manual conversion: does not exist in peer-type
if err := Convert_v1alpha6_NetworkFilter_To_v1beta1_NetworkFilter(&in.Network, &out.Network, s); err != nil {
return err
@@ -722,20 +722,11 @@ func autoConvert_v1alpha6_OpenStackClusterSpec_To_v1beta1_OpenStackClusterSpec(i
} else {
out.Bastion = nil
}
- if in.IdentityRef != nil {
- in, out := &in.IdentityRef, &out.IdentityRef
- *out = new(v1beta1.OpenStackIdentityReference)
- if err := Convert_v1alpha6_OpenStackIdentityReference_To_v1beta1_OpenStackIdentityReference(*in, *out, s); err != nil {
- return err
- }
- } else {
- out.IdentityRef = nil
- }
+ // WARNING: in.IdentityRef requires manual conversion: inconvertible types (*sigs.k8s.io/cluster-api-provider-openstack/api/v1alpha6.OpenStackIdentityReference vs sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.OpenStackIdentityReference)
return nil
}
func autoConvert_v1beta1_OpenStackClusterSpec_To_v1alpha6_OpenStackClusterSpec(in *v1beta1.OpenStackClusterSpec, out *OpenStackClusterSpec, s conversion.Scope) error {
- out.CloudName = in.CloudName
// WARNING: in.ManagedSubnets requires manual conversion: does not exist in peer-type
// WARNING: in.Router requires manual conversion: does not exist in peer-type
if err := Convert_v1beta1_NetworkFilter_To_v1alpha6_NetworkFilter(&in.Network, &out.Network, s); err != nil {
@@ -778,15 +769,7 @@ func autoConvert_v1beta1_OpenStackClusterSpec_To_v1alpha6_OpenStackClusterSpec(i
} else {
out.Bastion = nil
}
- if in.IdentityRef != nil {
- in, out := &in.IdentityRef, &out.IdentityRef
- *out = new(OpenStackIdentityReference)
- if err := Convert_v1beta1_OpenStackIdentityReference_To_v1alpha6_OpenStackIdentityReference(*in, *out, s); err != nil {
- return err
- }
- } else {
- out.IdentityRef = nil
- }
+ // WARNING: in.IdentityRef requires manual conversion: inconvertible types (sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.OpenStackIdentityReference vs *sigs.k8s.io/cluster-api-provider-openstack/api/v1alpha6.OpenStackIdentityReference)
return nil
}
@@ -1040,14 +1023,10 @@ func autoConvert_v1alpha6_OpenStackIdentityReference_To_v1beta1_OpenStackIdentit
func autoConvert_v1beta1_OpenStackIdentityReference_To_v1alpha6_OpenStackIdentityReference(in *v1beta1.OpenStackIdentityReference, out *OpenStackIdentityReference, s conversion.Scope) error {
out.Name = in.Name
+ // WARNING: in.CloudName requires manual conversion: does not exist in peer-type
return nil
}
-// Convert_v1beta1_OpenStackIdentityReference_To_v1alpha6_OpenStackIdentityReference is an autogenerated conversion function.
-func Convert_v1beta1_OpenStackIdentityReference_To_v1alpha6_OpenStackIdentityReference(in *v1beta1.OpenStackIdentityReference, out *OpenStackIdentityReference, s conversion.Scope) error {
- return autoConvert_v1beta1_OpenStackIdentityReference_To_v1alpha6_OpenStackIdentityReference(in, out, s)
-}
-
func autoConvert_v1alpha6_OpenStackMachine_To_v1beta1_OpenStackMachine(in *OpenStackMachine, out *v1beta1.OpenStackMachine, s conversion.Scope) error {
out.ObjectMeta = in.ObjectMeta
if err := Convert_v1alpha6_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(&in.Spec, &out.Spec, s); err != nil {
@@ -1125,7 +1104,7 @@ func Convert_v1beta1_OpenStackMachineList_To_v1alpha6_OpenStackMachineList(in *v
func autoConvert_v1alpha6_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(in *OpenStackMachineSpec, out *v1beta1.OpenStackMachineSpec, s conversion.Scope) error {
out.ProviderID = (*string)(unsafe.Pointer(in.ProviderID))
out.InstanceID = (*string)(unsafe.Pointer(in.InstanceID))
- out.CloudName = in.CloudName
+ // WARNING: in.CloudName requires manual conversion: does not exist in peer-type
out.Flavor = in.Flavor
// WARNING: in.Image requires manual conversion: inconvertible types (string vs sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.ImageFilter)
// WARNING: in.ImageUUID requires manual conversion: does not exist in peer-type
@@ -1176,7 +1155,6 @@ func autoConvert_v1alpha6_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(i
func autoConvert_v1beta1_OpenStackMachineSpec_To_v1alpha6_OpenStackMachineSpec(in *v1beta1.OpenStackMachineSpec, out *OpenStackMachineSpec, s conversion.Scope) error {
out.ProviderID = (*string)(unsafe.Pointer(in.ProviderID))
out.InstanceID = (*string)(unsafe.Pointer(in.InstanceID))
- out.CloudName = in.CloudName
out.Flavor = in.Flavor
// WARNING: in.Image requires manual conversion: inconvertible types (sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.ImageFilter vs string)
out.SSHKeyName = in.SSHKeyName
diff --git a/api/v1alpha7/conversion.go b/api/v1alpha7/conversion.go
index 6c3523a862..ff38380bf4 100644
--- a/api/v1alpha7/conversion.go
+++ b/api/v1alpha7/conversion.go
@@ -550,6 +550,10 @@ func Convert_v1beta1_OpenStackMachineSpec_To_v1alpha7_OpenStackMachineSpec(in *i
out.ServerMetadata = serverMetadata
}
+ if in.IdentityRef != nil {
+ out.CloudName = in.IdentityRef.CloudName
+ }
+
return nil
}
@@ -591,6 +595,13 @@ func Convert_v1alpha7_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(in *O
out.ServerMetadata = serverMetadata
}
+ if in.CloudName != "" {
+ if out.IdentityRef == nil {
+ out.IdentityRef = &infrav1.OpenStackIdentityReference{}
+ }
+ out.IdentityRef.CloudName = in.CloudName
+ }
+
return nil
}
@@ -674,6 +685,11 @@ func Convert_v1alpha7_OpenStackClusterSpec_To_v1beta1_OpenStackClusterSpec(in *O
}
}
+ out.IdentityRef.CloudName = in.CloudName
+ if in.IdentityRef != nil {
+ out.IdentityRef.Name = in.IdentityRef.Name
+ }
+
return nil
}
@@ -703,6 +719,9 @@ func Convert_v1beta1_OpenStackClusterSpec_To_v1alpha7_OpenStackClusterSpec(in *i
out.AllowAllInClusterTraffic = in.ManagedSecurityGroups.AllowAllInClusterTraffic
}
+ out.CloudName = in.IdentityRef.CloudName
+ out.IdentityRef = &OpenStackIdentityReference{Name: in.IdentityRef.Name}
+
return nil
}
@@ -815,3 +834,8 @@ func Convert_v1beta1_PortOpts_To_v1alpha7_PortOpts(in *infrav1.PortOpts, out *Po
return nil
}
+
+func Convert_v1beta1_OpenStackIdentityReference_To_v1alpha7_OpenStackIdentityReference(in *infrav1.OpenStackIdentityReference, out *OpenStackIdentityReference, _ apiconversion.Scope) error {
+ out.Name = in.Name
+ return nil
+}
diff --git a/api/v1alpha7/zz_generated.conversion.go b/api/v1alpha7/zz_generated.conversion.go
index e99f7f7557..69cbeb55f3 100644
--- a/api/v1alpha7/zz_generated.conversion.go
+++ b/api/v1alpha7/zz_generated.conversion.go
@@ -231,11 +231,6 @@ func RegisterConversions(s *runtime.Scheme) error {
}); err != nil {
return err
}
- if err := s.AddGeneratedConversionFunc((*v1beta1.OpenStackIdentityReference)(nil), (*OpenStackIdentityReference)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1beta1_OpenStackIdentityReference_To_v1alpha7_OpenStackIdentityReference(a.(*v1beta1.OpenStackIdentityReference), b.(*OpenStackIdentityReference), scope)
- }); err != nil {
- return err
- }
if err := s.AddGeneratedConversionFunc((*OpenStackMachine)(nil), (*v1beta1.OpenStackMachine)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1alpha7_OpenStackMachine_To_v1beta1_OpenStackMachine(a.(*OpenStackMachine), b.(*v1beta1.OpenStackMachine), scope)
}); err != nil {
@@ -421,6 +416,11 @@ func RegisterConversions(s *runtime.Scheme) error {
}); err != nil {
return err
}
+ if err := s.AddConversionFunc((*v1beta1.OpenStackIdentityReference)(nil), (*OpenStackIdentityReference)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1beta1_OpenStackIdentityReference_To_v1alpha7_OpenStackIdentityReference(a.(*v1beta1.OpenStackIdentityReference), b.(*OpenStackIdentityReference), scope)
+ }); err != nil {
+ return err
+ }
if err := s.AddConversionFunc((*v1beta1.OpenStackMachineSpec)(nil), (*OpenStackMachineSpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1beta1_OpenStackMachineSpec_To_v1alpha7_OpenStackMachineSpec(a.(*v1beta1.OpenStackMachineSpec), b.(*OpenStackMachineSpec), scope)
}); err != nil {
@@ -885,7 +885,7 @@ func Convert_v1beta1_OpenStackClusterList_To_v1alpha7_OpenStackClusterList(in *v
}
func autoConvert_v1alpha7_OpenStackClusterSpec_To_v1beta1_OpenStackClusterSpec(in *OpenStackClusterSpec, out *v1beta1.OpenStackClusterSpec, s conversion.Scope) error {
- out.CloudName = in.CloudName
+ // WARNING: in.CloudName requires manual conversion: does not exist in peer-type
// WARNING: in.NodeCIDR requires manual conversion: does not exist in peer-type
out.Router = (*v1beta1.RouterFilter)(unsafe.Pointer(in.Router))
if err := Convert_v1alpha7_NetworkFilter_To_v1beta1_NetworkFilter(&in.Network, &out.Network, s); err != nil {
@@ -919,20 +919,11 @@ func autoConvert_v1alpha7_OpenStackClusterSpec_To_v1beta1_OpenStackClusterSpec(i
} else {
out.Bastion = nil
}
- if in.IdentityRef != nil {
- in, out := &in.IdentityRef, &out.IdentityRef
- *out = new(v1beta1.OpenStackIdentityReference)
- if err := Convert_v1alpha7_OpenStackIdentityReference_To_v1beta1_OpenStackIdentityReference(*in, *out, s); err != nil {
- return err
- }
- } else {
- out.IdentityRef = nil
- }
+ // WARNING: in.IdentityRef requires manual conversion: inconvertible types (*sigs.k8s.io/cluster-api-provider-openstack/api/v1alpha7.OpenStackIdentityReference vs sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.OpenStackIdentityReference)
return nil
}
func autoConvert_v1beta1_OpenStackClusterSpec_To_v1alpha7_OpenStackClusterSpec(in *v1beta1.OpenStackClusterSpec, out *OpenStackClusterSpec, s conversion.Scope) error {
- out.CloudName = in.CloudName
// WARNING: in.ManagedSubnets requires manual conversion: does not exist in peer-type
out.Router = (*RouterFilter)(unsafe.Pointer(in.Router))
if err := Convert_v1beta1_NetworkFilter_To_v1alpha7_NetworkFilter(&in.Network, &out.Network, s); err != nil {
@@ -965,15 +956,7 @@ func autoConvert_v1beta1_OpenStackClusterSpec_To_v1alpha7_OpenStackClusterSpec(i
} else {
out.Bastion = nil
}
- if in.IdentityRef != nil {
- in, out := &in.IdentityRef, &out.IdentityRef
- *out = new(OpenStackIdentityReference)
- if err := Convert_v1beta1_OpenStackIdentityReference_To_v1alpha7_OpenStackIdentityReference(*in, *out, s); err != nil {
- return err
- }
- } else {
- out.IdentityRef = nil
- }
+ // WARNING: in.IdentityRef requires manual conversion: inconvertible types (sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.OpenStackIdentityReference vs *sigs.k8s.io/cluster-api-provider-openstack/api/v1alpha7.OpenStackIdentityReference)
return nil
}
@@ -1202,14 +1185,10 @@ func autoConvert_v1alpha7_OpenStackIdentityReference_To_v1beta1_OpenStackIdentit
func autoConvert_v1beta1_OpenStackIdentityReference_To_v1alpha7_OpenStackIdentityReference(in *v1beta1.OpenStackIdentityReference, out *OpenStackIdentityReference, s conversion.Scope) error {
out.Name = in.Name
+ // WARNING: in.CloudName requires manual conversion: does not exist in peer-type
return nil
}
-// Convert_v1beta1_OpenStackIdentityReference_To_v1alpha7_OpenStackIdentityReference is an autogenerated conversion function.
-func Convert_v1beta1_OpenStackIdentityReference_To_v1alpha7_OpenStackIdentityReference(in *v1beta1.OpenStackIdentityReference, out *OpenStackIdentityReference, s conversion.Scope) error {
- return autoConvert_v1beta1_OpenStackIdentityReference_To_v1alpha7_OpenStackIdentityReference(in, out, s)
-}
-
func autoConvert_v1alpha7_OpenStackMachine_To_v1beta1_OpenStackMachine(in *OpenStackMachine, out *v1beta1.OpenStackMachine, s conversion.Scope) error {
out.ObjectMeta = in.ObjectMeta
if err := Convert_v1alpha7_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(&in.Spec, &out.Spec, s); err != nil {
@@ -1287,7 +1266,7 @@ func Convert_v1beta1_OpenStackMachineList_To_v1alpha7_OpenStackMachineList(in *v
func autoConvert_v1alpha7_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(in *OpenStackMachineSpec, out *v1beta1.OpenStackMachineSpec, s conversion.Scope) error {
out.ProviderID = (*string)(unsafe.Pointer(in.ProviderID))
out.InstanceID = (*string)(unsafe.Pointer(in.InstanceID))
- out.CloudName = in.CloudName
+ // WARNING: in.CloudName requires manual conversion: does not exist in peer-type
out.Flavor = in.Flavor
// WARNING: in.Image requires manual conversion: inconvertible types (string vs sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.ImageFilter)
// WARNING: in.ImageUUID requires manual conversion: does not exist in peer-type
@@ -1327,7 +1306,6 @@ func autoConvert_v1alpha7_OpenStackMachineSpec_To_v1beta1_OpenStackMachineSpec(i
func autoConvert_v1beta1_OpenStackMachineSpec_To_v1alpha7_OpenStackMachineSpec(in *v1beta1.OpenStackMachineSpec, out *OpenStackMachineSpec, s conversion.Scope) error {
out.ProviderID = (*string)(unsafe.Pointer(in.ProviderID))
out.InstanceID = (*string)(unsafe.Pointer(in.InstanceID))
- out.CloudName = in.CloudName
out.Flavor = in.Flavor
// WARNING: in.Image requires manual conversion: inconvertible types (sigs.k8s.io/cluster-api-provider-openstack/api/v1beta1.ImageFilter vs string)
out.SSHKeyName = in.SSHKeyName
diff --git a/api/v1beta1/identity_types.go b/api/v1beta1/identity_types.go
index ff68fceae6..d54ed749e4 100644
--- a/api/v1beta1/identity_types.go
+++ b/api/v1beta1/identity_types.go
@@ -19,8 +19,13 @@ package v1beta1
// OpenStackIdentityReference is a reference to an infrastructure
// provider identity to be used to provision cluster resources.
type OpenStackIdentityReference struct {
- // Name of the infrastructure identity to be used.
- // Must be either a cluster-scoped resource, or namespaced-scoped
- // resource the same namespace as the resource(s) being provisioned.
+ // Name is the name of a secret in the same namespace as the resource being provisioned.
+ // The secret must contain a key named `clouds.yaml` which contains an OpenStack clouds.yaml file.
+ // The secret may optionally contain a key named `cacert` containing a PEM-encoded CA certificate.
+ // +kubebuilder:validation:Required
Name string `json:"name"`
+
+ // CloudName specifies the name of the entry in the clouds.yaml file to use.
+ // +kubebuilder:validation:Required
+ CloudName string `json:"cloudName"`
}
diff --git a/api/v1beta1/openstackcluster_types.go b/api/v1beta1/openstackcluster_types.go
index ff24c04f5b..d5cda0ec1a 100644
--- a/api/v1beta1/openstackcluster_types.go
+++ b/api/v1beta1/openstackcluster_types.go
@@ -30,10 +30,6 @@ const (
// OpenStackClusterSpec defines the desired state of OpenStackCluster.
type OpenStackClusterSpec struct {
- // The name of the cloud to use from the clouds secret
- // +optional
- CloudName string `json:"cloudName"`
-
// ManagedSubnets describe OpenStack Subnets to be created. Cluster actuator will create a network,
// subnets with the defined CIDR, and a router connected to these subnets. Currently only one IPv4
// subnet is supported. If you leave this empty, no network will be created.
@@ -157,9 +153,11 @@ type OpenStackClusterSpec struct {
//+optional
Bastion *Bastion `json:"bastion,omitempty"`
- // IdentityRef is a reference to a identity to be used when reconciling this cluster
- // +optional
- IdentityRef *OpenStackIdentityReference `json:"identityRef,omitempty"`
+ // IdentityRef is a reference to a secret holding OpenStack credentials
+ // to be used when reconciling this cluster. It is also to reconcile
+ // machines unless overridden in the machine spec.
+ // +kubebuilder:validation:Required
+ IdentityRef OpenStackIdentityReference `json:"identityRef"`
}
// OpenStackClusterStatus defines the observed state of OpenStackCluster.
diff --git a/api/v1beta1/openstackcluster_webhook.go b/api/v1beta1/openstackcluster_webhook.go
index 68d4c6593e..97781ea2c6 100644
--- a/api/v1beta1/openstackcluster_webhook.go
+++ b/api/v1beta1/openstackcluster_webhook.go
@@ -81,24 +81,9 @@ func (r *OpenStackCluster) ValidateUpdate(oldRaw runtime.Object) (admission.Warn
return nil, apierrors.NewBadRequest(fmt.Sprintf("expected an OpenStackCluster but got a %T", oldRaw))
}
- // Allow changes to Spec.IdentityRef.Name.
- if old.Spec.IdentityRef != nil && r.Spec.IdentityRef != nil {
- old.Spec.IdentityRef.Name = ""
- r.Spec.IdentityRef.Name = ""
- }
-
- // Allow changes to Spec.IdentityRef if it was unset.
- if old.Spec.IdentityRef == nil && r.Spec.IdentityRef != nil {
- old.Spec.IdentityRef = &OpenStackIdentityReference{}
- r.Spec.IdentityRef = &OpenStackIdentityReference{}
- }
-
- if old.Spec.IdentityRef != nil && r.Spec.IdentityRef == nil {
- allErrs = append(allErrs,
- field.Invalid(field.NewPath("spec", "identityRef"),
- r.Spec.IdentityRef, "field cannot be set to nil"),
- )
- }
+ // Allow changes to Spec.IdentityRef
+ old.Spec.IdentityRef = OpenStackIdentityReference{}
+ r.Spec.IdentityRef = OpenStackIdentityReference{}
// Allow change only for the first time.
if old.Spec.ControlPlaneEndpoint.Host == "" {
diff --git a/api/v1beta1/openstackcluster_webhook_test.go b/api/v1beta1/openstackcluster_webhook_test.go
index 27984302e8..4a0213dd90 100644
--- a/api/v1beta1/openstackcluster_webhook_test.go
+++ b/api/v1beta1/openstackcluster_webhook_test.go
@@ -36,66 +36,54 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Changing OpenStackCluster.Spec.IdentityRef.Name is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
- IdentityRef: &OpenStackIdentityReference{
- Name: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
},
},
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
- IdentityRef: &OpenStackIdentityReference{
- Name: "foobarbaz",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobarbaz",
+ CloudName: "foobar",
},
},
},
wantErr: false,
},
{
- name: "OpenStackCluster.Spec.IdentityRef can be changed if it was unset",
+ name: "Changing OpenStackCluster.Spec.IdentityRef.CloudName is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
},
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
- IdentityRef: &OpenStackIdentityReference{
- Name: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobarbaz",
},
},
},
wantErr: false,
},
- {
- name: "OpenStackCluster.Spec.IdentityRef must not be removed",
- oldTemplate: &OpenStackCluster{
- Spec: OpenStackClusterSpec{
- CloudName: "foobar",
- IdentityRef: &OpenStackIdentityReference{
- Name: "foobar",
- },
- },
- },
- newTemplate: &OpenStackCluster{
- Spec: OpenStackClusterSpec{
- CloudName: "foobar",
- },
- },
- wantErr: true,
- },
{
name: "Changing OpenStackCluster.Spec.Bastion is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
Bastion: &Bastion{
Instance: OpenStackMachineSpec{
- CloudName: "foobar",
- Image: ImageFilter{Name: "foobar"},
- Flavor: "minimal",
+ Image: ImageFilter{Name: "foobar"},
+ Flavor: "minimal",
},
Enabled: true,
},
@@ -108,12 +96,14 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
Bastion: &Bastion{
Instance: OpenStackMachineSpec{
- CloudName: "foobarbaz",
- Image: ImageFilter{Name: "foobarbaz"},
- Flavor: "medium",
+ Image: ImageFilter{Name: "foobarbaz"},
+ Flavor: "medium",
},
Enabled: true,
},
@@ -125,7 +115,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Changing security group rules on the OpenStackCluster.Spec.ManagedSecurityGroups.AllNodesSecurityGroupRules is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
ManagedSecurityGroups: &ManagedSecurityGroups{
AllNodesSecurityGroupRules: []SecurityGroupRuleSpec{
{
@@ -142,7 +135,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
ManagedSecurityGroups: &ManagedSecurityGroups{
AllNodesSecurityGroupRules: []SecurityGroupRuleSpec{
{
@@ -163,7 +159,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Changing CIDRs on the OpenStackCluster.Spec.APIServerLoadBalancer.AllowedCIDRs is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
APIServerLoadBalancer: APIServerLoadBalancer{
Enabled: true,
AllowedCIDRs: []string{
@@ -175,7 +174,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
APIServerLoadBalancer: APIServerLoadBalancer{
Enabled: true,
AllowedCIDRs: []string{
@@ -192,12 +194,18 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Adding OpenStackCluster.Spec.ControlPlaneAvailabilityZones is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
},
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
ControlPlaneAvailabilityZones: []string{
"alice",
"bob",
@@ -210,7 +218,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Modifying OpenStackCluster.Spec.ControlPlaneAvailabilityZones is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
ControlPlaneAvailabilityZones: []string{
"alice",
"bob",
@@ -219,7 +230,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
ControlPlaneAvailabilityZones: []string{
"alice",
"bob",
@@ -233,7 +247,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Removing OpenStackCluster.Spec.ControlPlaneAvailabilityZones is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
ControlPlaneAvailabilityZones: []string{
"alice",
"bob",
@@ -242,7 +259,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
},
},
wantErr: false,
@@ -251,12 +271,18 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Modifying OpenstackCluster.Spec.ControlPlaneOmitAvailabilityZone is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
},
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
ControlPlaneOmitAvailabilityZone: true,
},
},
@@ -266,11 +292,19 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Changing OpenStackCluster.Spec.APIServerFixedIP is allowed when API Server Floating IP is disabled",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
DisableAPIServerFloatingIP: true,
},
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
DisableAPIServerFloatingIP: true,
APIServerFixedIP: "20.1.56.1",
},
@@ -281,11 +315,19 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Changing OpenStackCluster.Spec.APIServerFixedIP is not allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
DisableAPIServerFloatingIP: false,
},
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
DisableAPIServerFloatingIP: false,
APIServerFixedIP: "20.1.56.1",
},
@@ -297,6 +339,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Changing OpenStackCluster.Spec.APIServerPort is allowed when API Server Floating IP is disabled",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
DisableAPIServerFloatingIP: true,
},
},
@@ -312,11 +358,19 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Changing OpenStackCluster.Spec.APIServerPort is not allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
DisableAPIServerFloatingIP: false,
},
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
DisableAPIServerFloatingIP: false,
APIServerPort: 8443,
},
@@ -327,6 +381,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Changing OpenStackCluster.Spec.APIServerFloatingIP is allowed when it matches the current api server loadbalancer IP",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
APIServerFloatingIP: "",
},
Status: OpenStackClusterStatus{
@@ -337,6 +395,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
APIServerFloatingIP: "1.2.3.4",
},
Status: OpenStackClusterStatus{
@@ -351,6 +413,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Changing OpenStackCluster.Spec.APIServerFloatingIP is not allowed when it doesn't matches the current api server loadbalancer IP",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
APIServerFloatingIP: "",
},
Status: OpenStackClusterStatus{
@@ -361,6 +427,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
},
newTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
APIServerFloatingIP: "5.6.7.8",
},
Status: OpenStackClusterStatus{
@@ -375,6 +445,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Removing OpenStackCluster.Spec.Bastion when it is enabled is not allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
Bastion: &Bastion{
Enabled: true,
Instance: OpenStackMachineSpec{
@@ -385,7 +459,12 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
},
},
newTemplate: &OpenStackCluster{
- Spec: OpenStackClusterSpec{},
+ Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
+ },
},
wantErr: true,
},
@@ -393,6 +472,10 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
name: "Removing OpenStackCluster.Spec.Bastion when it is disabled is allowed",
oldTemplate: &OpenStackCluster{
Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
Bastion: &Bastion{
Enabled: false,
Instance: OpenStackMachineSpec{
@@ -403,7 +486,12 @@ func TestOpenStackCluster_ValidateUpdate(t *testing.T) {
},
},
newTemplate: &OpenStackCluster{
- Spec: OpenStackClusterSpec{},
+ Spec: OpenStackClusterSpec{
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
+ },
},
wantErr: false,
},
@@ -434,9 +522,9 @@ func TestOpenStackCluster_ValidateCreate(t *testing.T) {
name: "OpenStackCluster.Spec.IdentityRef with correct spec on create",
template: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
- IdentityRef: &OpenStackIdentityReference{
- Name: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
},
},
},
@@ -446,7 +534,10 @@ func TestOpenStackCluster_ValidateCreate(t *testing.T) {
name: "OpenStackCluster.Spec.ManagedSecurityGroups.AllNodesSecurityGroupRules with correct spec on create",
template: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
ManagedSecurityGroups: &ManagedSecurityGroups{
AllNodesSecurityGroupRules: []SecurityGroupRuleSpec{
{
@@ -466,7 +557,10 @@ func TestOpenStackCluster_ValidateCreate(t *testing.T) {
name: "OpenStackCluster.Spec.ManagedSecurityGroups.AllNodesSecurityGroupRules with mutually exclusive fields on create",
template: &OpenStackCluster{
Spec: OpenStackClusterSpec{
- CloudName: "foobar",
+ IdentityRef: OpenStackIdentityReference{
+ Name: "foobar",
+ CloudName: "foobar",
+ },
ManagedSecurityGroups: &ManagedSecurityGroups{
AllNodesSecurityGroupRules: []SecurityGroupRuleSpec{
{
diff --git a/api/v1beta1/openstackmachine_types.go b/api/v1beta1/openstackmachine_types.go
index c3f5ea367b..9e36fa9dd8 100644
--- a/api/v1beta1/openstackmachine_types.go
+++ b/api/v1beta1/openstackmachine_types.go
@@ -38,10 +38,6 @@ type OpenStackMachineSpec struct {
// InstanceID is the OpenStack instance ID for this machine.
InstanceID *string `json:"instanceID,omitempty"`
- // The name of the cloud to use from the clouds secret
- // +optional
- CloudName string `json:"cloudName"`
-
// The flavor reference for the flavor for your server instance.
Flavor string `json:"flavor"`
@@ -88,7 +84,9 @@ type OpenStackMachineSpec struct {
// +optional
ServerGroup *ServerGroupFilter `json:"serverGroup,omitempty"`
- // IdentityRef is a reference to a identity to be used when reconciling this cluster
+ // IdentityRef is a reference to a secret holding OpenStack credentials
+ // to be used when reconciling this machine. If not specified, the
+ // credentials specified in the cluster will be used.
// +optional
IdentityRef *OpenStackIdentityReference `json:"identityRef,omitempty"`
}
diff --git a/api/v1beta1/openstackmachine_webhook.go b/api/v1beta1/openstackmachine_webhook.go
index 221dc0c673..93c91c5ffa 100644
--- a/api/v1beta1/openstackmachine_webhook.go
+++ b/api/v1beta1/openstackmachine_webhook.go
@@ -98,6 +98,10 @@ func (r *OpenStackMachine) ValidateUpdate(old runtime.Object) (admission.Warning
delete(newOpenStackMachineSpec, "instanceID")
}
+ // allow changes to identifyRef
+ delete(oldOpenStackMachineSpec, "identityRef")
+ delete(newOpenStackMachineSpec, "identityRef")
+
if !reflect.DeepEqual(oldOpenStackMachineSpec, newOpenStackMachineSpec) {
allErrs = append(allErrs, field.Forbidden(field.NewPath("spec"), "cannot be modified"))
}
diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
index 4a1265d991..b66e1869c8 100644
--- a/api/v1beta1/zz_generated.deepcopy.go
+++ b/api/v1beta1/zz_generated.deepcopy.go
@@ -490,11 +490,7 @@ func (in *OpenStackClusterSpec) DeepCopyInto(out *OpenStackClusterSpec) {
*out = new(Bastion)
(*in).DeepCopyInto(*out)
}
- if in.IdentityRef != nil {
- in, out := &in.IdentityRef, &out.IdentityRef
- *out = new(OpenStackIdentityReference)
- **out = **in
- }
+ out.IdentityRef = in.IdentityRef
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenStackClusterSpec.
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclusters.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclusters.yaml
index a6b962ee77..195071619b 100644
--- a/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclusters.yaml
+++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclusters.yaml
@@ -4975,10 +4975,6 @@ spec:
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
configDrive:
description: Config Drive support
type: boolean
@@ -4987,16 +4983,23 @@ spec:
server instance.
type: string
identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
+ description: |-
+ IdentityRef is a reference to a secret holding OpenStack credentials
+ to be used when reconciling this machine. If not specified, the
+ credentials specified in the cluster will be used.
properties:
+ cloudName:
+ description: CloudName specifies the name of the entry
+ in the clouds.yaml file to use.
+ type: string
name:
description: |-
- Name of the infrastructure identity to be used.
- Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being provisioned.
+ Name is the name of a secret in the same namespace as the resource being provisioned.
+ The secret must contain a key named `clouds.yaml` which contains an OpenStack clouds.yaml file.
+ The secret may optionally contain a key named `cacert` containing a PEM-encoded CA certificate.
type: string
required:
+ - cloudName
- name
type: object
image:
@@ -5345,9 +5348,6 @@ spec:
- flavor
type: object
type: object
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
controlPlaneAvailabilityZones:
description: ControlPlaneAvailabilityZones is the az to deploy control
plane to
@@ -5467,16 +5467,23 @@ spec:
type: object
type: array
identityRef:
- description: IdentityRef is a reference to a identity to be used when
- reconciling this cluster
+ description: |-
+ IdentityRef is a reference to a secret holding OpenStack credentials
+ to be used when reconciling this cluster. It is also to reconcile
+ machines unless overridden in the machine spec.
properties:
+ cloudName:
+ description: CloudName specifies the name of the entry in the
+ clouds.yaml file to use.
+ type: string
name:
description: |-
- Name of the infrastructure identity to be used.
- Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being provisioned.
+ Name is the name of a secret in the same namespace as the resource being provisioned.
+ The secret must contain a key named `clouds.yaml` which contains an OpenStack clouds.yaml file.
+ The secret may optionally contain a key named `cacert` containing a PEM-encoded CA certificate.
type: string
required:
+ - cloudName
- name
type: object
managedSecurityGroups:
@@ -5711,6 +5718,8 @@ spec:
type: string
type: array
x-kubernetes-list-type: set
+ required:
+ - identityRef
type: object
status:
description: OpenStackClusterStatus defines the observed state of OpenStackCluster.
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclustertemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclustertemplates.yaml
index 09775b2e75..ff668645be 100644
--- a/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclustertemplates.yaml
+++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackclustertemplates.yaml
@@ -2400,10 +2400,6 @@ spec:
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
- cloudName:
- description: The name of the cloud to use from the
- clouds secret
- type: string
configDrive:
description: Config Drive support
type: boolean
@@ -2412,16 +2408,23 @@ spec:
your server instance.
type: string
identityRef:
- description: IdentityRef is a reference to a identity
- to be used when reconciling this cluster
+ description: |-
+ IdentityRef is a reference to a secret holding OpenStack credentials
+ to be used when reconciling this machine. If not specified, the
+ credentials specified in the cluster will be used.
properties:
+ cloudName:
+ description: CloudName specifies the name of the
+ entry in the clouds.yaml file to use.
+ type: string
name:
description: |-
- Name of the infrastructure identity to be used.
- Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being provisioned.
+ Name is the name of a secret in the same namespace as the resource being provisioned.
+ The secret must contain a key named `clouds.yaml` which contains an OpenStack clouds.yaml file.
+ The secret may optionally contain a key named `cacert` containing a PEM-encoded CA certificate.
type: string
required:
+ - cloudName
- name
type: object
image:
@@ -2777,10 +2780,6 @@ spec:
- flavor
type: object
type: object
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
controlPlaneAvailabilityZones:
description: ControlPlaneAvailabilityZones is the az to deploy
control plane to
@@ -2900,16 +2899,23 @@ spec:
type: object
type: array
identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
+ description: |-
+ IdentityRef is a reference to a secret holding OpenStack credentials
+ to be used when reconciling this cluster. It is also to reconcile
+ machines unless overridden in the machine spec.
properties:
+ cloudName:
+ description: CloudName specifies the name of the entry
+ in the clouds.yaml file to use.
+ type: string
name:
description: |-
- Name of the infrastructure identity to be used.
- Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being provisioned.
+ Name is the name of a secret in the same namespace as the resource being provisioned.
+ The secret must contain a key named `clouds.yaml` which contains an OpenStack clouds.yaml file.
+ The secret may optionally contain a key named `cacert` containing a PEM-encoded CA certificate.
type: string
required:
+ - cloudName
- name
type: object
managedSecurityGroups:
@@ -3146,6 +3152,8 @@ spec:
type: string
type: array
x-kubernetes-list-type: set
+ required:
+ - identityRef
type: object
required:
- spec
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachines.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachines.yaml
index 0270d47c6c..7fbeee04e3 100644
--- a/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachines.yaml
+++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachines.yaml
@@ -1778,9 +1778,6 @@ spec:
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
configDrive:
description: Config Drive support
type: boolean
@@ -1788,16 +1785,23 @@ spec:
description: The flavor reference for the flavor for your server instance.
type: string
identityRef:
- description: IdentityRef is a reference to a identity to be used when
- reconciling this cluster
+ description: |-
+ IdentityRef is a reference to a secret holding OpenStack credentials
+ to be used when reconciling this machine. If not specified, the
+ credentials specified in the cluster will be used.
properties:
+ cloudName:
+ description: CloudName specifies the name of the entry in the
+ clouds.yaml file to use.
+ type: string
name:
description: |-
- Name of the infrastructure identity to be used.
- Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being provisioned.
+ Name is the name of a secret in the same namespace as the resource being provisioned.
+ The secret must contain a key named `clouds.yaml` which contains an OpenStack clouds.yaml file.
+ The secret may optionally contain a key named `cacert` containing a PEM-encoded CA certificate.
type: string
required:
+ - cloudName
- name
type: object
image:
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachinetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachinetemplates.yaml
index d3d7f9d9fc..ca42ad199f 100644
--- a/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachinetemplates.yaml
+++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_openstackmachinetemplates.yaml
@@ -1450,10 +1450,6 @@ spec:
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
configDrive:
description: Config Drive support
type: boolean
@@ -1462,16 +1458,23 @@ spec:
server instance.
type: string
identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
+ description: |-
+ IdentityRef is a reference to a secret holding OpenStack credentials
+ to be used when reconciling this machine. If not specified, the
+ credentials specified in the cluster will be used.
properties:
+ cloudName:
+ description: CloudName specifies the name of the entry
+ in the clouds.yaml file to use.
+ type: string
name:
description: |-
- Name of the infrastructure identity to be used.
- Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being provisioned.
+ Name is the name of a secret in the same namespace as the resource being provisioned.
+ The secret must contain a key named `clouds.yaml` which contains an OpenStack clouds.yaml file.
+ The secret may optionally contain a key named `cacert` containing a PEM-encoded CA certificate.
type: string
required:
+ - cloudName
- name
type: object
image:
diff --git a/controllers/openstackmachine_controller_test.go b/controllers/openstackmachine_controller_test.go
index a541795528..a03120ce5e 100644
--- a/controllers/openstackmachine_controller_test.go
+++ b/controllers/openstackmachine_controller_test.go
@@ -82,7 +82,6 @@ func getDefaultOpenStackMachine() *infrav1.OpenStackMachine {
// InstanceID is set by the controller
// FloatingIP is only used by the cluster controller for the Bastion
// TODO: Test Networks, Ports, Subnet, and Trunk separately
- CloudName: "test-cloud",
Flavor: flavorName,
Image: infrav1.ImageFilter{ID: imageUUID},
SSHKeyName: sshKeyName,
diff --git a/docs/book/src/api/v1beta1/api.md b/docs/book/src/api/v1beta1/api.md
index ac6b13a425..48c293c608 100644
--- a/docs/book/src/api/v1beta1/api.md
+++ b/docs/book/src/api/v1beta1/api.md
@@ -69,18 +69,6 @@ OpenStackClusterSpec
-cloudName
-
-string
-
- |
-
-(Optional)
- The name of the cloud to use from the clouds secret
- |
-
-
-
managedSubnets
@@ -387,8 +375,9 @@ OpenStackIdentityReference
|
-(Optional)
- IdentityRef is a reference to a identity to be used when reconciling this cluster
+IdentityRef is a reference to a secret holding OpenStack credentials
+to be used when reconciling this cluster. It is also to reconcile
+machines unless overridden in the machine spec.
|
@@ -559,18 +548,6 @@ string
-cloudName
-
-string
-
- |
-
-(Optional)
- The name of the cloud to use from the clouds secret
- |
-
-
-
flavor
string
@@ -731,7 +708,9 @@ OpenStackIdentityReference
|
(Optional)
- IdentityRef is a reference to a identity to be used when reconciling this cluster
+IdentityRef is a reference to a secret holding OpenStack credentials
+to be used when reconciling this machine. If not specified, the
+credentials specified in the cluster will be used.
|
@@ -1897,18 +1876,6 @@ NetworkStatus
-cloudName
-
-string
-
- |
-
-(Optional)
- The name of the cloud to use from the clouds secret
- |
-
-
-
managedSubnets
@@ -2215,8 +2182,9 @@ OpenStackIdentityReference
|
-(Optional)
- IdentityRef is a reference to a identity to be used when reconciling this cluster
+IdentityRef is a reference to a secret holding OpenStack credentials
+to be used when reconciling this cluster. It is also to reconcile
+machines unless overridden in the machine spec.
|
@@ -2453,18 +2421,6 @@ OpenStackClusterSpec
-cloudName
-
-string
-
- |
-
-(Optional)
- The name of the cloud to use from the clouds secret
- |
-
-
-
managedSubnets
@@ -2771,8 +2727,9 @@ OpenStackIdentityReference
|
-(Optional)
- IdentityRef is a reference to a identity to be used when reconciling this cluster
+IdentityRef is a reference to a secret holding OpenStack credentials
+to be used when reconciling this cluster. It is also to reconcile
+machines unless overridden in the machine spec.
|
@@ -2838,9 +2795,20 @@ string
- Name of the infrastructure identity to be used.
-Must be either a cluster-scoped resource, or namespaced-scoped
-resource the same namespace as the resource(s) being provisioned.
+Name is the name of a secret in the same namespace as the resource being provisioned.
+The secret must contain a key named clouds.yaml which contains an OpenStack clouds.yaml file.
+The secret may optionally contain a key named cacert containing a PEM-encoded CA certificate.
+ |
+
+
+
+cloudName
+
+string
+
+ |
+
+ CloudName specifies the name of the entry in the clouds.yaml file to use.
|
@@ -2888,18 +2856,6 @@ string
-cloudName
-
-string
-
- |
-
-(Optional)
- The name of the cloud to use from the clouds secret
- |
-
-
-
flavor
string
@@ -3060,7 +3016,9 @@ OpenStackIdentityReference
|
(Optional)
- IdentityRef is a reference to a identity to be used when reconciling this cluster
+IdentityRef is a reference to a secret holding OpenStack credentials
+to be used when reconciling this machine. If not specified, the
+credentials specified in the cluster will be used.
|
@@ -3251,18 +3209,6 @@ string
-cloudName
-
-string
-
- |
-
-(Optional)
- The name of the cloud to use from the clouds secret
- |
-
-
-
flavor
string
@@ -3423,7 +3369,9 @@ OpenStackIdentityReference
|
(Optional)
- IdentityRef is a reference to a identity to be used when reconciling this cluster
+IdentityRef is a reference to a secret holding OpenStack credentials
+to be used when reconciling this machine. If not specified, the
+credentials specified in the cluster will be used.
|
diff --git a/docs/book/src/topics/crd-changes/v1alpha7-to-v1beta1.md b/docs/book/src/topics/crd-changes/v1alpha7-to-v1beta1.md
index 6028c9de31..3087e41929 100644
--- a/docs/book/src/topics/crd-changes/v1alpha7-to-v1beta1.md
+++ b/docs/book/src/topics/crd-changes/v1alpha7-to-v1beta1.md
@@ -5,12 +5,16 @@
- [v1alpha7 compared to v1beta1](#v1alpha7-compared-to-v1beta1)
- [Migration](#migration)
- [API Changes](#api-changes)
- - [`OpenStackMachine`](#openstackmachine)
+ - [Changes to `identityRef` in both `OpenStackMachine` and `OpenStackCluster`](#changes-to-identityref-in-both-openstackmachine-and-openstackcluster)
- [Removal of machine identityRef.kind](#removal-of-machine-identityrefkind)
+ - [Addition of cloudName](#addition-of-cloudname)
+ - [`OpenStackMachine`](#openstackmachine)
+ - [Removal of cloudName](#removal-of-cloudname)
- [Change to serverGroupID](#change-to-servergroupid)
- [Changes to ports](#changes-to-ports)
- [`OpenStackCluster`](#openstackcluster)
- - [Removal of cluster identityRef.kind](#removal-of-cluster-identityrefkind)
+ - [Removal of cloudName](#removal-of-cloudname-1)
+ - [identityRef is now required](#identityref-is-now-required)
- [Change to externalNetworkID](#change-to-externalnetworkid)
- [Change to image](#change-to-image)
- [Removal of imageUUID](#removal-of-imageuuid)
@@ -36,11 +40,21 @@ All users are encouraged to migrate their usage of the CAPO CRDs from older vers
This only documents backwards incompatible changes. Fields that were added to v1beta1 are not listed here.
-### `OpenStackMachine`
+### Changes to `identityRef` in both `OpenStackMachine` and `OpenStackCluster`
#### Removal of machine identityRef.kind
-The `identityRef.Kind` field has been removed. It was used to specify the kind of the identity provider to use but was actually ignored.
+The `identityRef.Kind` field has been removed. It was used to specify the kind of the identity provider to use but was actually ignored. The referenced resource must always be a Secret.
+
+#### Addition of cloudName
+
+The `cloudName` field has been removed from both `OpenStackMachine` and `OpenStackCluster` and added to `identityRef`. It is now a required field when `identityRef` is specified.
+
+### `OpenStackMachine`
+
+#### Removal of cloudName
+
+This has moved to `identityRef.cloudName`.
#### Change to serverGroupID
@@ -83,9 +97,15 @@ Setting either of the following fields explicitly to the empty string would prev
### `OpenStackCluster`
-#### Removal of cluster identityRef.kind
+#### Removal of cloudName
+
+This has moved to `identityRef.cloudName`.
+
+#### identityRef is now required
+
+The API server would previously accept an `OpenStackCluster` without an `identityRef`, although the controller would generate an error. In v1beta1 the API server will no longer accept an `OpenStackCluster` without an `identityRef`.
-The `identityRef.Kind` field has been removed. It was used to specify the kind of the identity provider to use but was actually ignored.
+Note that this is in contrast `identityRef` in `OpenStackMachine`, which remains optional: `OpenStackMachine` will default to the credentials in `OpenStackCluster` if not specified.
#### Change to externalNetworkID
diff --git a/kustomize/v1beta1/default/cluster-template.yaml b/kustomize/v1beta1/default/cluster-template.yaml
index f626c0328f..52ab6c2f88 100644
--- a/kustomize/v1beta1/default/cluster-template.yaml
+++ b/kustomize/v1beta1/default/cluster-template.yaml
@@ -22,9 +22,9 @@ kind: OpenStackCluster
metadata:
name: ${CLUSTER_NAME}
spec:
- cloudName: ${OPENSTACK_CLOUD}
identityRef:
name: ${CLUSTER_NAME}-cloud-config
+ cloudName: ${OPENSTACK_CLOUD}
apiServerLoadBalancer:
enabled: true
managedSubnets:
@@ -99,9 +99,6 @@ spec:
image:
name: ${OPENSTACK_IMAGE_NAME}
sshKeyName: ${OPENSTACK_SSH_KEY_NAME}
- cloudName: ${OPENSTACK_CLOUD}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: MachineDeployment
@@ -134,9 +131,6 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
flavor: ${OPENSTACK_NODE_MACHINE_FLAVOR}
image:
name: ${OPENSTACK_IMAGE_NAME}
diff --git a/pkg/scope/provider.go b/pkg/scope/provider.go
index cda179d2e6..d20cee5bc2 100644
--- a/pkg/scope/provider.go
+++ b/pkg/scope/provider.go
@@ -57,18 +57,20 @@ func (f *providerScopeFactory) NewClientScopeFromMachine(ctx context.Context, ct
var cloud clientconfig.Cloud
var caCert []byte
+ var identityRef *infrav1.OpenStackIdentityReference
+ var namespace string
if openStackMachine.Spec.IdentityRef != nil {
- var err error
- cloud, caCert, err = getCloudFromSecret(ctx, ctrlClient, openStackMachine.Namespace, openStackMachine.Spec.IdentityRef.Name, openStackMachine.Spec.CloudName)
- if err != nil {
- return nil, err
- }
- } else if openStackCluster.Spec.IdentityRef != nil {
- var err error
- cloud, caCert, err = getCloudFromSecret(ctx, ctrlClient, openStackCluster.Namespace, openStackCluster.Spec.IdentityRef.Name, openStackCluster.Spec.CloudName)
- if err != nil {
- return nil, err
- }
+ identityRef = openStackMachine.Spec.IdentityRef
+ namespace = openStackMachine.Namespace
+ } else {
+ identityRef = &openStackCluster.Spec.IdentityRef
+ namespace = openStackCluster.Namespace
+ }
+
+ var err error
+ cloud, caCert, err = getCloudFromSecret(ctx, ctrlClient, namespace, identityRef.Name, identityRef.CloudName)
+ if err != nil {
+ return nil, err
}
if caCert == nil {
@@ -86,12 +88,10 @@ func (f *providerScopeFactory) NewClientScopeFromCluster(ctx context.Context, ct
var cloud clientconfig.Cloud
var caCert []byte
- if openStackCluster.Spec.IdentityRef != nil {
- var err error
- cloud, caCert, err = getCloudFromSecret(ctx, ctrlClient, openStackCluster.Namespace, openStackCluster.Spec.IdentityRef.Name, openStackCluster.Spec.CloudName)
- if err != nil {
- return nil, err
- }
+ var err error
+ cloud, caCert, err = getCloudFromSecret(ctx, ctrlClient, openStackCluster.Namespace, openStackCluster.Spec.IdentityRef.Name, openStackCluster.Spec.IdentityRef.CloudName)
+ if err != nil {
+ return nil, err
}
if caCert == nil {
diff --git a/templates/cluster-template-flatcar-sysext.yaml b/templates/cluster-template-flatcar-sysext.yaml
index 809f386085..360ff1c005 100644
--- a/templates/cluster-template-flatcar-sysext.yaml
+++ b/templates/cluster-template-flatcar-sysext.yaml
@@ -224,10 +224,10 @@ kind: OpenStackCluster
metadata:
name: ${CLUSTER_NAME}
spec:
- cloudName: ${OPENSTACK_CLOUD}
externalNetwork:
id: ${OPENSTACK_EXTERNAL_NETWORK_ID}
identityRef:
+ cloudName: ${OPENSTACK_CLOUD}
name: ${CLUSTER_NAME}-cloud-config
managedSecurityGroups:
allNodesSecurityGroupRules:
@@ -261,10 +261,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD}
flavor: ${OPENSTACK_CONTROL_PLANE_MACHINE_FLAVOR}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
image:
name: ${FLATCAR_IMAGE_NAME}
sshKeyName: ${OPENSTACK_SSH_KEY_NAME}
@@ -276,10 +273,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD}
flavor: ${OPENSTACK_NODE_MACHINE_FLAVOR}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
image:
name: ${FLATCAR_IMAGE_NAME}
sshKeyName: ${OPENSTACK_SSH_KEY_NAME}
diff --git a/templates/cluster-template-flatcar.yaml b/templates/cluster-template-flatcar.yaml
index a0db85b493..691a98daee 100644
--- a/templates/cluster-template-flatcar.yaml
+++ b/templates/cluster-template-flatcar.yaml
@@ -148,10 +148,10 @@ kind: OpenStackCluster
metadata:
name: ${CLUSTER_NAME}
spec:
- cloudName: ${OPENSTACK_CLOUD}
externalNetwork:
id: ${OPENSTACK_EXTERNAL_NETWORK_ID}
identityRef:
+ cloudName: ${OPENSTACK_CLOUD}
name: ${CLUSTER_NAME}-cloud-config
managedSecurityGroups:
allNodesSecurityGroupRules:
@@ -185,10 +185,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD}
flavor: ${OPENSTACK_CONTROL_PLANE_MACHINE_FLAVOR}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
image:
name: ${OPENSTACK_FLATCAR_IMAGE_NAME}
sshKeyName: ${OPENSTACK_SSH_KEY_NAME}
@@ -200,10 +197,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD}
flavor: ${OPENSTACK_NODE_MACHINE_FLAVOR}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
image:
name: ${OPENSTACK_FLATCAR_IMAGE_NAME}
sshKeyName: ${OPENSTACK_SSH_KEY_NAME}
diff --git a/templates/cluster-template-without-lb.yaml b/templates/cluster-template-without-lb.yaml
index cc560e5571..35acfdbdf1 100644
--- a/templates/cluster-template-without-lb.yaml
+++ b/templates/cluster-template-without-lb.yaml
@@ -105,10 +105,10 @@ kind: OpenStackCluster
metadata:
name: ${CLUSTER_NAME}
spec:
- cloudName: ${OPENSTACK_CLOUD}
externalNetwork:
id: ${OPENSTACK_EXTERNAL_NETWORK_ID}
identityRef:
+ cloudName: ${OPENSTACK_CLOUD}
name: ${CLUSTER_NAME}-cloud-config
managedSecurityGroups:
allNodesSecurityGroupRules:
@@ -142,10 +142,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD}
flavor: ${OPENSTACK_CONTROL_PLANE_MACHINE_FLAVOR}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
image:
name: ${OPENSTACK_IMAGE_NAME}
sshKeyName: ${OPENSTACK_SSH_KEY_NAME}
@@ -157,10 +154,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD}
flavor: ${OPENSTACK_NODE_MACHINE_FLAVOR}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
image:
name: ${OPENSTACK_IMAGE_NAME}
sshKeyName: ${OPENSTACK_SSH_KEY_NAME}
diff --git a/templates/cluster-template.yaml b/templates/cluster-template.yaml
index b8cb9db972..bc8c8aab8c 100644
--- a/templates/cluster-template.yaml
+++ b/templates/cluster-template.yaml
@@ -107,10 +107,10 @@ metadata:
spec:
apiServerLoadBalancer:
enabled: true
- cloudName: ${OPENSTACK_CLOUD}
externalNetwork:
id: ${OPENSTACK_EXTERNAL_NETWORK_ID}
identityRef:
+ cloudName: ${OPENSTACK_CLOUD}
name: ${CLUSTER_NAME}-cloud-config
managedSecurityGroups:
allNodesSecurityGroupRules:
@@ -144,10 +144,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD}
flavor: ${OPENSTACK_CONTROL_PLANE_MACHINE_FLAVOR}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
image:
name: ${OPENSTACK_IMAGE_NAME}
sshKeyName: ${OPENSTACK_SSH_KEY_NAME}
@@ -159,10 +156,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD}
flavor: ${OPENSTACK_NODE_MACHINE_FLAVOR}
- identityRef:
- name: ${CLUSTER_NAME}-cloud-config
image:
name: ${OPENSTACK_IMAGE_NAME}
sshKeyName: ${OPENSTACK_SSH_KEY_NAME}
diff --git a/templates/clusterclass-dev-test.yaml b/templates/clusterclass-dev-test.yaml
index c329fd5831..2cd3a38531 100644
--- a/templates/clusterclass-dev-test.yaml
+++ b/templates/clusterclass-dev-test.yaml
@@ -117,9 +117,9 @@ spec:
spec:
apiServerLoadBalancer:
enabled: true
- cloudName: ${OPENSTACK_CLOUD:=capo-e2e}
identityRef:
name: dev-test-cloud-config
+ cloudName: ${OPENSTACK_CLOUD:=capo-e2e}
managedSecurityGroups:
allNodesSecurityGroupRules:
- description: Created by cluster-api-provider-openstack - BGP (calico)
@@ -152,10 +152,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD:=capo-e2e}
flavor: ${OPENSTACK_CONTROL_PLANE_MACHINE_FLAVOR:=m1.medium}
- identityRef:
- name: dev-test-cloud-config
image:
name: overridden-by-patch
sshKeyName: ${OPENSTACK_SSH_KEY_NAME:=""}
@@ -167,10 +164,7 @@ metadata:
spec:
template:
spec:
- cloudName: ${OPENSTACK_CLOUD:=capo-e2e}
flavor: ${OPENSTACK_NODE_MACHINE_FLAVOR:=m1.small}
- identityRef:
- name: dev-test-cloud-config
image:
name: overridden-by-patch
sshKeyName: ${OPENSTACK_SSH_KEY_NAME:=""}
diff --git a/test/e2e/suites/e2e/e2e_test.go b/test/e2e/suites/e2e/e2e_test.go
index 4443c500dd..c184f96011 100644
--- a/test/e2e/suites/e2e/e2e_test.go
+++ b/test/e2e/suites/e2e/e2e_test.go
@@ -864,9 +864,9 @@ func makeOpenStackMachineTemplate(namespace, clusterName, name string) *infrav1.
Name: e2eCtx.E2EConfig.GetVariable(shared.OpenStackImageName),
},
SSHKeyName: shared.DefaultSSHKeyPairName,
- CloudName: e2eCtx.E2EConfig.GetVariable(shared.OpenStackCloud),
IdentityRef: &infrav1.OpenStackIdentityReference{
- Name: fmt.Sprintf("%s-cloud-config", clusterName),
+ Name: fmt.Sprintf("%s-cloud-config", clusterName),
+ CloudName: e2eCtx.E2EConfig.GetVariable(shared.OpenStackCloud),
},
},
},
@@ -888,9 +888,9 @@ func makeOpenStackMachineTemplateWithPortOptions(namespace, clusterName, name st
Name: e2eCtx.E2EConfig.GetVariable(shared.OpenStackImageName),
},
SSHKeyName: shared.DefaultSSHKeyPairName,
- CloudName: e2eCtx.E2EConfig.GetVariable(shared.OpenStackCloud),
IdentityRef: &infrav1.OpenStackIdentityReference{
- Name: fmt.Sprintf("%s-cloud-config", clusterName),
+ Name: fmt.Sprintf("%s-cloud-config", clusterName),
+ CloudName: e2eCtx.E2EConfig.GetVariable(shared.OpenStackCloud),
},
Ports: *portOpts,
Tags: machineTags,