fix: schema validation to support only one image registry

Author: supershal

api/v1alpha1/clusterconfig_types.go

@@ -332,6 +332,8 @@ func (ImageRegistry) VariableSchema() clusterv1.VariableSchema {
 	}
 }
 
+var maxSupportedImageRegistries int64 = 1
+
 type ImageRegistries []ImageRegistry
 
 func (ImageRegistries) VariableSchema() clusterv1.VariableSchema {
@@ -341,6 +343,7 @@ func (ImageRegistries) VariableSchema() clusterv1.VariableSchema {
 			Description: "Configuration for image registries.",
 			Type:        "array",
 			Items:       &resourceSchema,
+			MaxItems:    &maxSupportedImageRegistries,
 		},
 	}
 }

pkg/handlers/generic/mutation/imageregistries/credentials/inject.go

@@ -82,132 +82,129 @@ func (h *imageRegistriesPatchHandler) Mutate(
 		return nil
 	}
 
-	// TODO: Add support for multiple registries.
-	if len(imageRegistries) > 1 {
-		return fmt.Errorf("multiple Image Registry are not supported at this time. "+
-			"Provide a single registry entry for %s variable", imageregistries.VariableName)
-	}
-
-	imageRegistry := imageRegistries[0]
-
-	log = log.WithValues(
-		"variableName",
-		h.variableName,
-		"variableFieldPath",
-		h.variableFieldPath,
-		"variableValue",
-		imageRegistry,
-	)
+	// TODO: Support for multiple registries is constrained with variable schema of ImageRegistries.
+	// currently only one registry is supported. Implement support for multiple registries in
+	// DynamicCredentialProviderConfig
+	for _, imageRegistry := range imageRegistries {
+		log = log.WithValues(
+			"variableName",
+			h.variableName,
+			"variableFieldPath",
+			h.variableFieldPath,
+			"variableValue",
+			imageRegistry,
+		)
 
-	if err := patches.MutateIfApplicable(
-		obj, vars, &holderRef, selectors.ControlPlane(), log,
-		func(obj *controlplanev1.KubeadmControlPlaneTemplate) error {
-			registryWithOptionalCredentials, generateErr := registryWithOptionalCredentialsFromImageRegistryCredentials(
-				ctx, h.client, imageRegistry, obj,
-			)
-			if generateErr != nil {
-				return generateErr
-			}
-			files, commands, generateErr := generateFilesAndCommands(
-				registryWithOptionalCredentials,
-				obj.GetName())
-			if generateErr != nil {
-				return generateErr
-			}
-
-			log.WithValues(
-				"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
-				"patchedObjectName", ctrlclient.ObjectKeyFromObject(obj),
-			).Info("adding files to control plane kubeadm config spec")
-			obj.Spec.Template.Spec.KubeadmConfigSpec.Files = append(
-				obj.Spec.Template.Spec.KubeadmConfigSpec.Files,
-				files...,
-			)
-
-			log.WithValues(
-				"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
-				"patchedObjectName", ctrlclient.ObjectKeyFromObject(obj),
-			).Info("adding PreKubeadmCommands to control plane kubeadm config spec")
-			obj.Spec.Template.Spec.KubeadmConfigSpec.PreKubeadmCommands = append(
-				obj.Spec.Template.Spec.KubeadmConfigSpec.PreKubeadmCommands,
-				commands...,
-			)
-
-			generateErr = createSecretIfNeeded(ctx, h.client, registryWithOptionalCredentials, obj, clusterKey)
-			if generateErr != nil {
-				return generateErr
-			}
-
-			initConfiguration := obj.Spec.Template.Spec.KubeadmConfigSpec.InitConfiguration
-			if initConfiguration == nil {
-				initConfiguration = &bootstrapv1.InitConfiguration{}
-			}
-			obj.Spec.Template.Spec.KubeadmConfigSpec.InitConfiguration = initConfiguration
-			if initConfiguration.NodeRegistration.KubeletExtraArgs == nil {
-				initConfiguration.NodeRegistration.KubeletExtraArgs = map[string]string{}
-			}
-			addImageCredentialProviderArgs(initConfiguration.NodeRegistration.KubeletExtraArgs)
-
-			joinConfiguration := obj.Spec.Template.Spec.KubeadmConfigSpec.JoinConfiguration
-			if joinConfiguration == nil {
-				joinConfiguration = &bootstrapv1.JoinConfiguration{}
-			}
-			obj.Spec.Template.Spec.KubeadmConfigSpec.JoinConfiguration = joinConfiguration
-			if joinConfiguration.NodeRegistration.KubeletExtraArgs == nil {
-				joinConfiguration.NodeRegistration.KubeletExtraArgs = map[string]string{}
-			}
-			addImageCredentialProviderArgs(joinConfiguration.NodeRegistration.KubeletExtraArgs)
-			return nil
-		}); err != nil {
-		return err
-	}
+		if err := patches.MutateIfApplicable(
+			obj, vars, &holderRef, selectors.ControlPlane(), log,
+			func(obj *controlplanev1.KubeadmControlPlaneTemplate) error {
+				registryWithOptionalCredentials, generateErr := registryWithOptionalCredentialsFromImageRegistryCredentials(
+					ctx, h.client, imageRegistry, obj,
+				)
+				if generateErr != nil {
+					return generateErr
+				}
+				files, commands, generateErr := generateFilesAndCommands(
+					registryWithOptionalCredentials,
+					obj.GetName())
+				if generateErr != nil {
+					return generateErr
+				}
+
+				log.WithValues(
+					"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
+					"patchedObjectName", ctrlclient.ObjectKeyFromObject(obj),
+				).Info("adding files to control plane kubeadm config spec")
+				obj.Spec.Template.Spec.KubeadmConfigSpec.Files = append(
+					obj.Spec.Template.Spec.KubeadmConfigSpec.Files,
+					files...,
+				)
+
+				log.WithValues(
+					"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
+					"patchedObjectName", ctrlclient.ObjectKeyFromObject(obj),
+				).Info("adding PreKubeadmCommands to control plane kubeadm config spec")
+				obj.Spec.Template.Spec.KubeadmConfigSpec.PreKubeadmCommands = append(
+					obj.Spec.Template.Spec.KubeadmConfigSpec.PreKubeadmCommands,
+					commands...,
+				)
+
+				generateErr = createSecretIfNeeded(ctx, h.client, registryWithOptionalCredentials, obj, clusterKey)
+				if generateErr != nil {
+					return generateErr
+				}
+
+				initConfiguration := obj.Spec.Template.Spec.KubeadmConfigSpec.InitConfiguration
+				if initConfiguration == nil {
+					initConfiguration = &bootstrapv1.InitConfiguration{}
+				}
+				obj.Spec.Template.Spec.KubeadmConfigSpec.InitConfiguration = initConfiguration
+				if initConfiguration.NodeRegistration.KubeletExtraArgs == nil {
+					initConfiguration.NodeRegistration.KubeletExtraArgs = map[string]string{}
+				}
+				addImageCredentialProviderArgs(initConfiguration.NodeRegistration.KubeletExtraArgs)
+
+				joinConfiguration := obj.Spec.Template.Spec.KubeadmConfigSpec.JoinConfiguration
+				if joinConfiguration == nil {
+					joinConfiguration = &bootstrapv1.JoinConfiguration{}
+				}
+				obj.Spec.Template.Spec.KubeadmConfigSpec.JoinConfiguration = joinConfiguration
+				if joinConfiguration.NodeRegistration.KubeletExtraArgs == nil {
+					joinConfiguration.NodeRegistration.KubeletExtraArgs = map[string]string{}
+				}
+				addImageCredentialProviderArgs(joinConfiguration.NodeRegistration.KubeletExtraArgs)
+				return nil
+			}); err != nil {
+			return err
+		}
 
-	if err := patches.MutateIfApplicable(
-		obj, vars, &holderRef, selectors.WorkersKubeadmConfigTemplateSelector(), log,
-		func(obj *bootstrapv1.KubeadmConfigTemplate) error {
-			registryWithOptionalCredentials, generateErr := registryWithOptionalCredentialsFromImageRegistryCredentials(
-				ctx, h.client, imageRegistry, obj,
-			)
-			if generateErr != nil {
-				return generateErr
-			}
-			files, commands, generateErr := generateFilesAndCommands(
-				registryWithOptionalCredentials,
-				obj.GetName())
-			if generateErr != nil {
-				return generateErr
-			}
-
-			log.WithValues(
-				"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
-				"patchedObjectName", ctrlclient.ObjectKeyFromObject(obj),
-			).Info("adding files to worker node kubeadm config template")
-			obj.Spec.Template.Spec.Files = append(obj.Spec.Template.Spec.Files, files...)
-
-			log.WithValues(
-				"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
-				"patchedObjectName", ctrlclient.ObjectKeyFromObject(obj),
-			).Info("adding PreKubeadmCommands to worker node kubeadm config template")
-			obj.Spec.Template.Spec.PreKubeadmCommands = append(obj.Spec.Template.Spec.PreKubeadmCommands, commands...)
-
-			generateErr = createSecretIfNeeded(ctx, h.client, registryWithOptionalCredentials, obj, clusterKey)
-			if generateErr != nil {
-				return generateErr
-			}
-
-			joinConfiguration := obj.Spec.Template.Spec.JoinConfiguration
-			if joinConfiguration == nil {
-				joinConfiguration = &bootstrapv1.JoinConfiguration{}
-			}
-			obj.Spec.Template.Spec.JoinConfiguration = joinConfiguration
-			if joinConfiguration.NodeRegistration.KubeletExtraArgs == nil {
-				joinConfiguration.NodeRegistration.KubeletExtraArgs = map[string]string{}
-			}
-			addImageCredentialProviderArgs(joinConfiguration.NodeRegistration.KubeletExtraArgs)
-
-			return nil
-		}); err != nil {
-		return err
+		if err := patches.MutateIfApplicable(
+			obj, vars, &holderRef, selectors.WorkersKubeadmConfigTemplateSelector(), log,
+			func(obj *bootstrapv1.KubeadmConfigTemplate) error {
+				registryWithOptionalCredentials, generateErr := registryWithOptionalCredentialsFromImageRegistryCredentials(
+					ctx, h.client, imageRegistry, obj,
+				)
+				if generateErr != nil {
+					return generateErr
+				}
+				files, commands, generateErr := generateFilesAndCommands(
+					registryWithOptionalCredentials,
+					obj.GetName())
+				if generateErr != nil {
+					return generateErr
+				}
+
+				log.WithValues(
+					"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
+					"patchedObjectName", ctrlclient.ObjectKeyFromObject(obj),
+				).Info("adding files to worker node kubeadm config template")
+				obj.Spec.Template.Spec.Files = append(obj.Spec.Template.Spec.Files, files...)
+
+				log.WithValues(
+					"patchedObjectKind", obj.GetObjectKind().GroupVersionKind().String(),
+					"patchedObjectName", ctrlclient.ObjectKeyFromObject(obj),
+				).Info("adding PreKubeadmCommands to worker node kubeadm config template")
+				obj.Spec.Template.Spec.PreKubeadmCommands = append(obj.Spec.Template.Spec.PreKubeadmCommands, commands...)
+
+				generateErr = createSecretIfNeeded(ctx, h.client, registryWithOptionalCredentials, obj, clusterKey)
+				if generateErr != nil {
+					return generateErr
+				}
+
+				joinConfiguration := obj.Spec.Template.Spec.JoinConfiguration
+				if joinConfiguration == nil {
+					joinConfiguration = &bootstrapv1.JoinConfiguration{}
+				}
+				obj.Spec.Template.Spec.JoinConfiguration = joinConfiguration
+				if joinConfiguration.NodeRegistration.KubeletExtraArgs == nil {
+					joinConfiguration.NodeRegistration.KubeletExtraArgs = map[string]string{}
+				}
+				addImageCredentialProviderArgs(joinConfiguration.NodeRegistration.KubeletExtraArgs)
+
+				return nil
+			}); err != nil {
+			return err
+		}
 	}
 
 	return nil

pkg/handlers/generic/mutation/imageregistries/credentials/variables_test.go

@@ -46,6 +46,20 @@ func TestVariableValidation(t *testing.T) {
 				},
 			},
 		},
+		capitest.VariableTestDef{
+			Name: "support for only single image registry",
+			Vals: v1alpha1.GenericClusterConfig{
+				ImageRegistries: []v1alpha1.ImageRegistry{
+					{
+						URL: "http://first-image-registry.example.com",
+					},
+					{
+						URL: "http://second-image-registry.example.com",
+					},
+				},
+			},
+			ExpectError: true,
+		},
 		capitest.VariableTestDef{
 			Name: "invalid registry URL",
 			Vals: v1alpha1.GenericClusterConfig{