Updating api for klusterlet to accomodate awsirsa registration (#339)

Signed-off-by: Erica <[email protected]>
open-cluster-management-io · Aug 30, 2024 · a19871c · a19871c
1 parent bd6f222
commit a19871c
Show file tree

Hide file tree

Showing 5 changed files with 121 additions and 0 deletions.
diff --git a/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml
@@ -185,6 +185,24 @@ spec:
                   type: integer
                   format: int32
                   default: 50
+                registrationDriver:
+                  description: This provides driver details required to register with hub
+                  type: object
+                  properties:
+                    authType:
+                      description: Type of the authentication used by managedcluster to register as well as pull work from hub. Possible values are csr and awsirsa.
+                      type: string
+                      default: csr
+                      enum:
+                        - csr
+                        - awsirsa
+                    awsIrsa:
+                      description: 'Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account. This is required only when the authType is awsirsa.'
+                      type: object
+                      properties:
+                        hubClusterArn:
+                          description: 'The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet. Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1.'
+                          type: string
             registrationImagePullSpec:
               description: RegistrationImagePullSpec represents the desired image configuration of registration agent. quay.io/open-cluster-management.io/registration:latest will be used if unspecified.
               type: string

diff --git a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml
@@ -289,6 +289,31 @@ spec:
                       If it is set empty, use the default value: 50
                     format: int32
                     type: integer
+                  registrationDriver:
+                    description: This provides driver details required to register
+                      with hub
+                    properties:
+                      authType:
+                        default: csr
+                        description: Type of the authentication used by managedcluster
+                          to register as well as pull work from hub. Possible values
+                          are csr and awsirsa.
+                        enum:
+                        - csr
+                        - awsirsa
+                        type: string
+                      awsIrsa:
+                        description: |-
+                          Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account.
+                          This is required only when the authType is awsirsa.
+                        properties:
+                          hubClusterArn:
+                            description: |-
+                              The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet.
+                              Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1.
+                            type: string
+                        type: object
+                    type: object
                 type: object
               registrationImagePullSpec:
                 description: |-

diff --git a/operator/v1/types_klusterlet.go b/operator/v1/types_klusterlet.go
@@ -172,6 +172,28 @@ type RegistrationConfiguration struct {
 	// But if the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared.
 	// +optional
 	BootstrapKubeConfigs BootstrapKubeConfigs `json:"bootstrapKubeConfigs,omitempty"`
+
+	// This provides driver details required to register with hub
+	// +optional
+	RegistrationDriver RegistrationDriver `json:"registrationDriver,omitempty"`
+}
+
+type RegistrationDriver struct {
+	// Type of the authentication used by managedcluster to register as well as pull work from hub. Possible values are csr and awsirsa.
+	// +kubebuilder:default:=csr
+	// +kubebuilder:validation:Enum=csr;awsirsa
+	AuthType string `json:"authType"`
+
+	// Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account.
+	// This is required only when the authType is awsirsa.
+	AwsIrsa *AwsIrsa `json:"awsIrsa,omitempty"`
+}
+
+type AwsIrsa struct {
+	// The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet.
+	// Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1.
+	// +required
+	HubClusterArn string `json:"hubClusterArn"`
 }
 
 type TypeBootstrapKubeConfigs string

diff --git a/operator/v1/zz_generated.deepcopy.go b/operator/v1/zz_generated.deepcopy.go
diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go