diff --git a/go.mod b/go.mod index 302cb7e3..46ebec90 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/gardener/machine-controller-manager-provider-gcp go 1.15 require ( - github.com/gardener/machine-controller-manager v0.35.0 + github.com/gardener/machine-controller-manager v0.36.0 github.com/golang/protobuf v1.3.2 // indirect github.com/onsi/ginkgo v1.12.0 github.com/onsi/gomega v1.9.0 diff --git a/go.sum b/go.sum index 586314c0..b63d3feb 100644 --- a/go.sum +++ b/go.sum @@ -25,7 +25,7 @@ github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbt github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20180828111155-cad214d7d71f/go.mod h1:T9M45xf79ahXVelWoOBmH0y4aC1t5kXO5BxwyakgIGA= -github.com/aws/aws-sdk-go v1.13.54/go.mod h1:ZRmQr0FajVIyZ4ZzBYKG5P3ZqPz9IHG41ZoMu1ADI3k= +github.com/aws/aws-sdk-go v1.23.13/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= @@ -51,10 +51,9 @@ github.com/evanphx/json-patch v4.2.0+incompatible h1:fUDGZCv/7iAN7u0puUVhvKCcsR6 github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/gardener/machine-controller-manager v0.35.0 h1:0kMJrMPsK8oohxDfE6Uc2dlJ2YZTSK70QZiVIyuGS2k= -github.com/gardener/machine-controller-manager v0.35.0/go.mod h1:jxxE+mGgXwg4iPlCHTG4GtUfK2CcHA6yYoIIowoxOZU= +github.com/gardener/machine-controller-manager v0.36.0 h1:bGtmkz0si1zzRSUCR8+Fpku+oTim66iJeTp01os1Pz4= +github.com/gardener/machine-controller-manager v0.36.0/go.mod h1:Be9VDEXC8fF62inu5kyq5pnzmBmaJOczDMYFQdhGDWk= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-ini/ini v1.36.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= @@ -99,7 +98,6 @@ github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEo github.com/gophercloud/gophercloud v0.6.1-0.20191122030953-d8ac278c1c9d/go.mod h1:ozGNgr9KYOVATV5jsgHl/ceCDXGuguqOZAzoQ/2vcNM= github.com/gophercloud/gophercloud v0.7.0/go.mod h1:gmC5oQqMDOMO1t1gq5DquX/yAU808e/4mzjjDA76+Ss= github.com/gophercloud/utils v0.0.0-20200204043447-9864b6f1f12f/go.mod h1:ehWUbLQJPqS0Ep+CxeD559hsm9pthPXadJNKwZkp43w= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v0.0.0-20190222133341-cfaf5686ec79/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= @@ -113,7 +111,7 @@ github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/imdario/mergo v0.3.5 h1:JboBksRwiiAJWvIYJVo46AfV+IAIKZpfrSzVKj42R4Q= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= @@ -121,7 +119,6 @@ github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/u github.com/json-iterator/go v1.1.9 h1:9yzud/Ht36ygwatGx56VwCZtlI/2AD15T1X2sjSuGns= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -181,8 +178,6 @@ github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.3/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= @@ -280,7 +275,6 @@ golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -315,7 +309,6 @@ gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/ini.v1 v1.42.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= diff --git a/pkg/gcp/machine_controller_test.go b/pkg/gcp/machine_controller_test.go index c58d5304..787a1d99 100644 --- a/pkg/gcp/machine_controller_test.go +++ b/pkg/gcp/machine_controller_test.go @@ -729,8 +729,9 @@ var _ = Describe("#MachineController", func() { Expect(err).ToNot(HaveOccurred()) Expect(data.action.machineRequest.MachineClass.ProviderSpec).To(Equal(data.expect.machineClass.ProviderSpec)) Expect(data.action.machineRequest.MachineClass.Provider).To(Equal(ProviderGCP)) + Expect(data.action.machineRequest.MachineClass.SecretRef).To(Equal(data.expect.machineClass.SecretRef)) + Expect(data.action.machineRequest.MachineClass.CredentialsSecretRef).To(Equal(data.expect.machineClass.CredentialsSecretRef)) } - }, Entry("With valid migration request", &data{ @@ -785,6 +786,10 @@ var _ = Describe("#MachineController", func() { Name: "test-secret", Namespace: TestNamaspace, }, + CredentialsSecretRef: &corev1.SecretReference{ + Name: "test-credential", + Namespace: TestNamaspace, + }, ServiceAccounts: []v1alpha1.GCPServiceAccount{ { Email: "mcmDummy@dummy.com", @@ -828,6 +833,10 @@ var _ = Describe("#MachineController", func() { Name: "test-secret", Namespace: TestNamaspace, }, + CredentialsSecretRef: &corev1.SecretReference{ + Name: "test-credential", + Namespace: TestNamaspace, + }, Provider: ProviderGCP, }, }, diff --git a/pkg/gcp/migrate.go b/pkg/gcp/migrate.go index 449bb04f..04194911 100644 --- a/pkg/gcp/migrate.go +++ b/pkg/gcp/migrate.go @@ -112,6 +112,7 @@ func fillUpMachineClass(gcpMachineClass *v1alpha1.GCPMachineClass, machineClass Raw: providerSpecMarshal, } machineClass.SecretRef = gcpMachineClass.Spec.SecretRef + machineClass.CredentialsSecretRef = gcpMachineClass.Spec.CredentialsSecretRef machineClass.Provider = ProviderGCP return nil diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/types.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/types.go index 83c64579..fb0e5d3e 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/types.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/types.go @@ -649,22 +649,23 @@ type OpenStackMachineClassList struct { // OpenStackMachineClassSpec is the specification of a OpenStackMachineClass. type OpenStackMachineClassSpec struct { - ImageID string - ImageName string - Region string - AvailabilityZone string - FlavorName string - KeyName string - SecurityGroups []string - Tags map[string]string - NetworkID string - Networks []OpenStackNetwork - SubnetID *string - SecretRef *corev1.SecretReference - PodNetworkCidr string - RootDiskSize int // in GB - UseConfigDrive *bool - ServerGroupID *string + ImageID string + ImageName string + Region string + AvailabilityZone string + FlavorName string + KeyName string + SecurityGroups []string + Tags map[string]string + NetworkID string + Networks []OpenStackNetwork + SubnetID *string + SecretRef *corev1.SecretReference + CredentialsSecretRef *corev1.SecretReference + PodNetworkCidr string + RootDiskSize int // in GB + UseConfigDrive *bool + ServerGroupID *string } type OpenStackNetwork struct { @@ -700,18 +701,19 @@ type AWSMachineClassList struct { // AWSMachineClassSpec is the specification of a AWSMachineClass. type AWSMachineClassSpec struct { - AMI string - Region string - BlockDevices []AWSBlockDeviceMappingSpec - EbsOptimized bool - IAM AWSIAMProfileSpec - MachineType string - KeyName string - Monitoring bool - NetworkInterfaces []AWSNetworkInterfaceSpec - Tags map[string]string - SpotPrice *string - SecretRef *corev1.SecretReference + AMI string + Region string + BlockDevices []AWSBlockDeviceMappingSpec + EbsOptimized bool + IAM AWSIAMProfileSpec + MachineType string + KeyName string + Monitoring bool + NetworkInterfaces []AWSNetworkInterfaceSpec + Tags map[string]string + SpotPrice *string + SecretRef *corev1.SecretReference + CredentialsSecretRef *corev1.SecretReference // TODO add more here } @@ -863,12 +865,13 @@ type AzureMachineClassList struct { // AzureMachineClassSpec is the specification of a AzureMachineClass. type AzureMachineClassSpec struct { - Location string - Tags map[string]string - Properties AzureVirtualMachineProperties - ResourceGroup string - SubnetInfo AzureSubnetInfo - SecretRef *corev1.SecretReference + Location string + Tags map[string]string + Properties AzureVirtualMachineProperties + ResourceGroup string + SubnetInfo AzureSubnetInfo + SecretRef *corev1.SecretReference + CredentialsSecretRef *corev1.SecretReference } // AzureVirtualMachineProperties is describes the properties of a Virtual Machine. @@ -1029,20 +1032,21 @@ type GCPMachineClassList struct { // GCPMachineClassSpec is the specification of a GCPMachineClass. type GCPMachineClassSpec struct { - CanIpForward bool - DeletionProtection bool - Description *string - Disks []*GCPDisk - Labels map[string]string - MachineType string - Metadata []*GCPMetadata - NetworkInterfaces []*GCPNetworkInterface - Scheduling GCPScheduling - SecretRef *corev1.SecretReference - ServiceAccounts []GCPServiceAccount - Tags []string - Region string - Zone string + CanIpForward bool + DeletionProtection bool + Description *string + Disks []*GCPDisk + Labels map[string]string + MachineType string + Metadata []*GCPMetadata + NetworkInterfaces []*GCPNetworkInterface + Scheduling GCPScheduling + SecretRef *corev1.SecretReference + CredentialsSecretRef *corev1.SecretReference + ServiceAccounts []GCPServiceAccount + Tags []string + Region string + Zone string } // GCPDisk describes disks for GCP. @@ -1127,6 +1131,7 @@ type AlicloudMachineClassSpec struct { Tags map[string]string KeyPairName string SecretRef *corev1.SecretReference + CredentialsSecretRef *corev1.SecretReference } // AlicloudSystemDisk describes SystemDisk for Alicloud. @@ -1181,7 +1186,8 @@ type PacketMachineClassSpec struct { SSHKeys []string UserData string - SecretRef *corev1.SecretReference + SecretRef *corev1.SecretReference + CredentialsSecretRef *corev1.SecretReference // TODO add more here } @@ -1200,8 +1206,11 @@ type MachineClass struct { metav1.ObjectMeta // Provider-specific configuration to use during node creation. ProviderSpec runtime.RawExtension - // SecretRef stores the necessary secrets such as credetials or userdata. + // SecretRef stores the necessary secrets such as credentials or userdata. SecretRef *corev1.SecretReference + // CredentialsSecretRef can optionally store the credentials (in this case the SecretRef does not need to store them). + // This might be useful if multiple machine classes with the same credentials but different user-datas are used. + CredentialsSecretRef *corev1.SecretReference // Provider is the combination of name and location of cloud-specific drivers. // eg. awsdriver//127.0.0.1:8080 Provider string diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/alicoud_machineclass_types.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/alicoud_machineclass_types.go index d35df504..a1b787d4 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/alicoud_machineclass_types.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/alicoud_machineclass_types.go @@ -28,6 +28,13 @@ const ( AlicloudAccessKeyID string = "alicloudAccessKeyID" // AlicloudAccessKeySecret is a constant for a key name that is part of the Alibaba cloud credentials. AlicloudAccessKeySecret string = "alicloudAccessKeySecret" + + // AlicloudAlternativeAccessKeyID is a constant for a key name of a secret containing the Alibaba cloud + // credentials (access key id). + AlicloudAlternativeAccessKeyID = "accessKeyID" + // AlicloudAlternativeAccessKeySecret is a constant for a key name of a secret containing the Alibaba cloud + // credentials (access key secret). + AlicloudAlternativeAccessKeySecret = "accessKeySecret" ) // +genclient @@ -84,6 +91,7 @@ type AlicloudMachineClassSpec struct { Tags map[string]string `json:"tags,omitempty"` KeyPairName string `json:"keyPairName"` SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + CredentialsSecretRef *corev1.SecretReference `json:"credentialsSecretRef,omitempty"` } type AlicloudDataDisk struct { diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/aws_machineclass_types.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/aws_machineclass_types.go index 81f3d417..9e4e54b6 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/aws_machineclass_types.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/aws_machineclass_types.go @@ -28,6 +28,13 @@ const ( AWSAccessKeyID string = "providerAccessKeyId" // AWSSecretAccessKey is a constant for a key name that is part of the AWS cloud credentials. AWSSecretAccessKey string = "providerSecretAccessKey" + + // AWSAlternativeAccessKeyID is a constant for a key name of a secret containing the AWS credentials (access key + // id). + AWSAlternativeAccessKeyID = "accessKeyID" + // AWSAlternativeAccessKeySecret is a constant for a key name of a secret containing the AWS credentials (access key + // secret). + AWSAlternativeSecretAccessKey = "secretAccessKey" ) // +genclient @@ -67,18 +74,19 @@ type AWSMachineClassList struct { // AWSMachineClassSpec is the specification of a AWSMachineClass. type AWSMachineClassSpec struct { - AMI string `json:"ami,omitempty"` - Region string `json:"region,omitempty"` - BlockDevices []AWSBlockDeviceMappingSpec `json:"blockDevices,omitempty"` - EbsOptimized bool `json:"ebsOptimized,omitempty"` - IAM AWSIAMProfileSpec `json:"iam,omitempty"` - MachineType string `json:"machineType,omitempty"` - KeyName string `json:"keyName,omitempty"` - Monitoring bool `json:"monitoring,omitempty"` - NetworkInterfaces []AWSNetworkInterfaceSpec `json:"networkInterfaces,omitempty"` - Tags map[string]string `json:"tags,omitempty"` - SpotPrice *string `json:"spotPrice,omitempty"` - SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + AMI string `json:"ami,omitempty"` + Region string `json:"region,omitempty"` + BlockDevices []AWSBlockDeviceMappingSpec `json:"blockDevices,omitempty"` + EbsOptimized bool `json:"ebsOptimized,omitempty"` + IAM AWSIAMProfileSpec `json:"iam,omitempty"` + MachineType string `json:"machineType,omitempty"` + KeyName string `json:"keyName,omitempty"` + Monitoring bool `json:"monitoring,omitempty"` + NetworkInterfaces []AWSNetworkInterfaceSpec `json:"networkInterfaces,omitempty"` + Tags map[string]string `json:"tags,omitempty"` + SpotPrice *string `json:"spotPrice,omitempty"` + SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + CredentialsSecretRef *corev1.SecretReference `json:"credentialsSecretRef,omitempty"` // TODO add more here } diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/azure_machineclass_types.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/azure_machineclass_types.go index 9f0a815b..690b89db 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/azure_machineclass_types.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/azure_machineclass_types.go @@ -32,6 +32,17 @@ const ( AzureSubscriptionID string = "azureSubscriptionId" // AzureTenantID is a constant for a key name that is part of the Azure cloud credentials. AzureTenantID string = "azureTenantId" + + // AzureAlternativeClientID is a constant for a key name of a secret containing the Azure credentials (client id). + AzureAlternativeClientID = "clientID" + // AzureAlternativeClientSecret is a constant for a key name of a secret containing the Azure credentials (client + // secret). + AzureAlternativeClientSecret = "clientSecret" + // AzureAlternativeSubscriptionID is a constant for a key name of a secret containing the Azure credentials + // (subscription id). + AzureAlternativeSubscriptionID = "subscriptionID" + // AzureAlternativeTenantID is a constant for a key name of a secret containing the Azure credentials (tenant id). + AzureAlternativeTenantID = "tenantID" ) // +genclient @@ -70,12 +81,13 @@ type AzureMachineClassList struct { // AzureMachineClassSpec is the specification of a AzureMachineClass. type AzureMachineClassSpec struct { - Location string `json:"location,omitempty"` - Tags map[string]string `json:"tags,omitempty"` - Properties AzureVirtualMachineProperties `json:"properties,omitempty"` - ResourceGroup string `json:"resourceGroup,omitempty"` - SubnetInfo AzureSubnetInfo `json:"subnetInfo,omitempty"` - SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + Location string `json:"location,omitempty"` + Tags map[string]string `json:"tags,omitempty"` + Properties AzureVirtualMachineProperties `json:"properties,omitempty"` + ResourceGroup string `json:"resourceGroup,omitempty"` + SubnetInfo AzureSubnetInfo `json:"subnetInfo,omitempty"` + SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + CredentialsSecretRef *corev1.SecretReference `json:"credentialsSecretRef,omitempty"` } // AzureVirtualMachineProperties is describes the properties of a Virtual Machine. diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/gcp_machineclass_types.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/gcp_machineclass_types.go index cca36f79..780f6156 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/gcp_machineclass_types.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/gcp_machineclass_types.go @@ -26,6 +26,10 @@ import ( const ( // GCPServiceAccountJSON is a constant for a key name that is part of the GCP cloud credentials. GCPServiceAccountJSON string = "serviceAccountJSON" + + // GCPAlternativeServiceAccountJSON is a constant for a key name of a secret containing the GCP credentials (service + // account json). + GCPAlternativeServiceAccountJSON = "serviceaccount.json" ) // +genclient @@ -64,20 +68,21 @@ type GCPMachineClassList struct { // GCPMachineClassSpec is the specification of a GCPMachineClass. type GCPMachineClassSpec struct { - CanIpForward bool `json:"canIpForward"` - DeletionProtection bool `json:"deletionProtection"` - Description *string `json:"description,omitempty"` - Disks []*GCPDisk `json:"disks,omitempty"` - Labels map[string]string `json:"labels,omitempty"` - MachineType string `json:"machineType"` - Metadata []*GCPMetadata `json:"metadata,omitempty"` - NetworkInterfaces []*GCPNetworkInterface `json:"networkInterfaces,omitempty"` - Scheduling GCPScheduling `json:"scheduling"` - SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` - ServiceAccounts []GCPServiceAccount `json:"serviceAccounts"` - Tags []string `json:"tags,omitempty"` - Region string `json:"region"` - Zone string `json:"zone"` + CanIpForward bool `json:"canIpForward"` + DeletionProtection bool `json:"deletionProtection"` + Description *string `json:"description,omitempty"` + Disks []*GCPDisk `json:"disks,omitempty"` + Labels map[string]string `json:"labels,omitempty"` + MachineType string `json:"machineType"` + Metadata []*GCPMetadata `json:"metadata,omitempty"` + NetworkInterfaces []*GCPNetworkInterface `json:"networkInterfaces,omitempty"` + Scheduling GCPScheduling `json:"scheduling"` + SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + CredentialsSecretRef *corev1.SecretReference `json:"credentialsSecretRef,omitempty"` + ServiceAccounts []GCPServiceAccount `json:"serviceAccounts"` + Tags []string `json:"tags,omitempty"` + Region string `json:"region"` + Zone string `json:"zone"` } // GCPDisk describes disks for GCP. diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/machineclass_types.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/machineclass_types.go index b26f0d2f..905835ad 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/machineclass_types.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/machineclass_types.go @@ -39,8 +39,11 @@ type MachineClass struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Provider-specific configuration to use during node creation. ProviderSpec runtime.RawExtension `json:"providerSpec"` - // SecretRef stores the necessary secrets such as credetials or userdata. + // SecretRef stores the necessary secrets such as credentials or userdata. SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + // CredentialsSecretRef can optionally store the credentials (in this case the SecretRef does not need to store them). + // This might be useful if multiple machine classes with the same credentials but different user-datas are used. + CredentialsSecretRef *corev1.SecretReference `json:"credentialsSecretRef,omitempty"` // Provider is the combination of name and location of cloud-specific drivers. Provider string `json:"provider,omitempty"` } diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/openstack_machineclass_types.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/openstack_machineclass_types.go index 9d2c00be..97e729e5 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/openstack_machineclass_types.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/openstack_machineclass_types.go @@ -88,22 +88,23 @@ type OpenStackMachineClassList struct { // OpenStackMachineClassSpec is the specification of a OpenStackMachineClass. type OpenStackMachineClassSpec struct { - ImageID string `json:"imageID"` - ImageName string `json:"imageName"` - Region string `json:"region"` - AvailabilityZone string `json:"availabilityZone"` - FlavorName string `json:"flavorName"` - KeyName string `json:"keyName"` - SecurityGroups []string `json:"securityGroups"` - Tags map[string]string `json:"tags,omitempty"` - NetworkID string `json:"networkID"` - Networks []OpenStackNetwork `json:"networks,omitempty"` - SubnetID *string `json:"subnetID,omitempty"` - SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` - PodNetworkCidr string `json:"podNetworkCidr"` - RootDiskSize int `json:"rootDiskSize,omitempty"` // in GB - UseConfigDrive *bool `json:"useConfigDrive,omitempty"` - ServerGroupID *string `json:"serverGroupID,omitempty"` + ImageID string `json:"imageID"` + ImageName string `json:"imageName"` + Region string `json:"region"` + AvailabilityZone string `json:"availabilityZone"` + FlavorName string `json:"flavorName"` + KeyName string `json:"keyName"` + SecurityGroups []string `json:"securityGroups"` + Tags map[string]string `json:"tags,omitempty"` + NetworkID string `json:"networkID"` + Networks []OpenStackNetwork `json:"networks,omitempty"` + SubnetID *string `json:"subnetID,omitempty"` + SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + CredentialsSecretRef *corev1.SecretReference `json:"credentialsSecretRef,omitempty"` + PodNetworkCidr string `json:"podNetworkCidr"` + RootDiskSize int `json:"rootDiskSize,omitempty"` // in GB + UseConfigDrive *bool `json:"useConfigDrive,omitempty"` + ServerGroupID *string `json:"serverGroupID,omitempty"` } type OpenStackNetwork struct { diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/packet_machineclass_types.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/packet_machineclass_types.go index bc313b67..82d1aad2 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/packet_machineclass_types.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/packet_machineclass_types.go @@ -71,5 +71,6 @@ type PacketMachineClassSpec struct { SSHKeys []string `json:"sshKeys,omitempty"` UserData string `json:"userdata,omitempty"` - SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + SecretRef *corev1.SecretReference `json:"secretRef,omitempty"` + CredentialsSecretRef *corev1.SecretReference `json:"credentialsSecretRef,omitempty"` } diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/zz_generated.conversion.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/zz_generated.conversion.go index 6ac65d7a..5d209710 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/zz_generated.conversion.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/zz_generated.conversion.go @@ -918,6 +918,7 @@ func autoConvert_v1alpha1_AWSMachineClassSpec_To_machine_AWSMachineClassSpec(in out.Tags = *(*map[string]string)(unsafe.Pointer(&in.Tags)) out.SpotPrice = (*string)(unsafe.Pointer(in.SpotPrice)) out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) return nil } @@ -941,6 +942,7 @@ func autoConvert_machine_AWSMachineClassSpec_To_v1alpha1_AWSMachineClassSpec(in out.Tags = *(*map[string]string)(unsafe.Pointer(&in.Tags)) out.SpotPrice = (*string)(unsafe.Pointer(in.SpotPrice)) out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) return nil } @@ -1104,6 +1106,7 @@ func autoConvert_v1alpha1_AlicloudMachineClassSpec_To_machine_AlicloudMachineCla out.Tags = *(*map[string]string)(unsafe.Pointer(&in.Tags)) out.KeyPairName = in.KeyPairName out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) return nil } @@ -1141,6 +1144,7 @@ func autoConvert_machine_AlicloudMachineClassSpec_To_v1alpha1_AlicloudMachineCla out.Tags = *(*map[string]string)(unsafe.Pointer(&in.Tags)) out.KeyPairName = in.KeyPairName out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) return nil } @@ -1326,6 +1330,7 @@ func autoConvert_v1alpha1_AzureMachineClassSpec_To_machine_AzureMachineClassSpec return err } out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) return nil } @@ -1345,6 +1350,7 @@ func autoConvert_machine_AzureMachineClassSpec_To_v1alpha1_AzureMachineClassSpec return err } out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) return nil } @@ -1842,6 +1848,7 @@ func autoConvert_v1alpha1_GCPMachineClassSpec_To_machine_GCPMachineClassSpec(in return err } out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) out.ServiceAccounts = *(*[]machine.GCPServiceAccount)(unsafe.Pointer(&in.ServiceAccounts)) out.Tags = *(*[]string)(unsafe.Pointer(&in.Tags)) out.Region = in.Region @@ -1867,6 +1874,7 @@ func autoConvert_machine_GCPMachineClassSpec_To_v1alpha1_GCPMachineClassSpec(in return err } out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) out.ServiceAccounts = *(*[]GCPServiceAccount)(unsafe.Pointer(&in.ServiceAccounts)) out.Tags = *(*[]string)(unsafe.Pointer(&in.Tags)) out.Region = in.Region @@ -2033,6 +2041,7 @@ func autoConvert_v1alpha1_MachineClass_To_machine_MachineClass(in *MachineClass, out.ObjectMeta = in.ObjectMeta out.ProviderSpec = in.ProviderSpec out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) out.Provider = in.Provider return nil } @@ -2046,6 +2055,7 @@ func autoConvert_machine_MachineClass_To_v1alpha1_MachineClass(in *machine.Machi out.ObjectMeta = in.ObjectMeta out.ProviderSpec = in.ProviderSpec out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) out.Provider = in.Provider return nil } @@ -2678,6 +2688,7 @@ func autoConvert_v1alpha1_OpenStackMachineClassSpec_To_machine_OpenStackMachineC out.Networks = *(*[]machine.OpenStackNetwork)(unsafe.Pointer(&in.Networks)) out.SubnetID = (*string)(unsafe.Pointer(in.SubnetID)) out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) out.PodNetworkCidr = in.PodNetworkCidr out.RootDiskSize = in.RootDiskSize out.UseConfigDrive = (*bool)(unsafe.Pointer(in.UseConfigDrive)) @@ -2703,6 +2714,7 @@ func autoConvert_machine_OpenStackMachineClassSpec_To_v1alpha1_OpenStackMachineC out.Networks = *(*[]OpenStackNetwork)(unsafe.Pointer(&in.Networks)) out.SubnetID = (*string)(unsafe.Pointer(in.SubnetID)) out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) out.PodNetworkCidr = in.PodNetworkCidr out.RootDiskSize = in.RootDiskSize out.UseConfigDrive = (*bool)(unsafe.Pointer(in.UseConfigDrive)) @@ -2797,6 +2809,7 @@ func autoConvert_v1alpha1_PacketMachineClassSpec_To_machine_PacketMachineClassSp out.SSHKeys = *(*[]string)(unsafe.Pointer(&in.SSHKeys)) out.UserData = in.UserData out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) return nil } @@ -2815,6 +2828,7 @@ func autoConvert_machine_PacketMachineClassSpec_To_v1alpha1_PacketMachineClassSp out.SSHKeys = *(*[]string)(unsafe.Pointer(&in.SSHKeys)) out.UserData = in.UserData out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef)) + out.CredentialsSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.CredentialsSecretRef)) return nil } diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/zz_generated.deepcopy.go index 7e5cd2dc..1a4f9eee 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1/zz_generated.deepcopy.go @@ -186,6 +186,11 @@ func (in *AWSMachineClassSpec) DeepCopyInto(out *AWSMachineClassSpec) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } @@ -353,6 +358,11 @@ func (in *AlicloudMachineClassSpec) DeepCopyInto(out *AlicloudMachineClassSpec) *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } @@ -534,6 +544,11 @@ func (in *AzureMachineClassSpec) DeepCopyInto(out *AzureMachineClassSpec) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } @@ -982,6 +997,11 @@ func (in *GCPMachineClassSpec) DeepCopyInto(out *GCPMachineClassSpec) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } if in.ServiceAccounts != nil { in, out := &in.ServiceAccounts, &out.ServiceAccounts *out = make([]GCPServiceAccount, len(*in)) @@ -1137,6 +1157,11 @@ func (in *MachineClass) DeepCopyInto(out *MachineClass) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } @@ -1769,6 +1794,11 @@ func (in *OpenStackMachineClassSpec) DeepCopyInto(out *OpenStackMachineClassSpec *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } if in.UseConfigDrive != nil { in, out := &in.UseConfigDrive, &out.UseConfigDrive *out = new(bool) @@ -1891,6 +1921,11 @@ func (in *PacketMachineClassSpec) DeepCopyInto(out *PacketMachineClassSpec) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/zz_generated.deepcopy.go b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/zz_generated.deepcopy.go index 6cce959a..b475c974 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/zz_generated.deepcopy.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/apis/machine/zz_generated.deepcopy.go @@ -186,6 +186,11 @@ func (in *AWSMachineClassSpec) DeepCopyInto(out *AWSMachineClassSpec) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } @@ -353,6 +358,11 @@ func (in *AlicloudMachineClassSpec) DeepCopyInto(out *AlicloudMachineClassSpec) *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } @@ -534,6 +544,11 @@ func (in *AzureMachineClassSpec) DeepCopyInto(out *AzureMachineClassSpec) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } @@ -982,6 +997,11 @@ func (in *GCPMachineClassSpec) DeepCopyInto(out *GCPMachineClassSpec) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } if in.ServiceAccounts != nil { in, out := &in.ServiceAccounts, &out.ServiceAccounts *out = make([]GCPServiceAccount, len(*in)) @@ -1137,6 +1157,11 @@ func (in *MachineClass) DeepCopyInto(out *MachineClass) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } @@ -1862,6 +1887,11 @@ func (in *OpenStackMachineClassSpec) DeepCopyInto(out *OpenStackMachineClassSpec *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } if in.UseConfigDrive != nil { in, out := &in.UseConfigDrive, &out.UseConfigDrive *out = new(bool) @@ -1984,6 +2014,11 @@ func (in *PacketMachineClassSpec) DeepCopyInto(out *PacketMachineClassSpec) { *out = new(v1.SecretReference) **out = **in } + if in.CredentialsSecretRef != nil { + in, out := &in.CredentialsSecretRef, &out.CredentialsSecretRef + *out = new(v1.SecretReference) + **out = **in + } return } diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine.go b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine.go index 92318027..14ac58de 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine.go @@ -134,7 +134,7 @@ func (c *controller) reconcileClusterMachine(machine *v1alpha1.Machine) (machine return machineutils.LongRetry, err } - machineClass, secret, retry, err := c.ValidateMachineClass(&machine.Spec.Class) + machineClass, secretData, retry, err := c.ValidateMachineClass(&machine.Spec.Class) if err != nil { klog.Error(err) return retry, err @@ -145,7 +145,7 @@ func (c *controller) reconcileClusterMachine(machine *v1alpha1.Machine) (machine return c.triggerDeletionFlow(&driver.DeleteMachineRequest{ Machine: machine, MachineClass: machineClass, - Secret: secret, + Secret: &corev1.Secret{Data: secretData}, }) } @@ -161,12 +161,11 @@ func (c *controller) reconcileClusterMachine(machine *v1alpha1.Machine) (machine return retry, err } } - if machine.Spec.ProviderID == "" || machine.Status.CurrentStatus.Phase == "" || machine.Status.Node == "" { return c.triggerCreationFlow(&driver.CreateMachineRequest{ Machine: machine, MachineClass: machineClass, - Secret: secret, + Secret: &corev1.Secret{Data: secretData}, }) } diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine_safety.go b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine_safety.go index 2e9637e8..d71a20f0 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine_safety.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine_safety.go @@ -170,10 +170,7 @@ func (c *controller) checkMachineClasses() (machineutils.RetryPeriod, error) { } for _, machineClass := range MachineClasses { - retry, err := c.checkMachineClass( - machineClass, - machineClass.SecretRef, - ) + retry, err := c.checkMachineClass(machineClass) if err != nil { return retry, err } @@ -183,20 +180,18 @@ func (c *controller) checkMachineClasses() (machineutils.RetryPeriod, error) { } // checkMachineClass checks a particular machineClass for orphan instances -func (c *controller) checkMachineClass( - machineClass *v1alpha1.MachineClass, - secretRef *corev1.SecretReference) (machineutils.RetryPeriod, error) { - - // Get secret - secret, err := c.getSecret(secretRef, machineClass.Name) - if err != nil || secret == nil { - klog.Errorf("SafetyController: Secret reference not found for MachineClass: %q", machineClass.Name) +func (c *controller) checkMachineClass(machineClass *v1alpha1.MachineClass) (machineutils.RetryPeriod, error) { + + // Get secret data + secretData, err := c.getSecretData(machineClass.Name, machineClass.SecretRef, machineClass.CredentialsSecretRef) + if err != nil { + klog.Errorf("SafetyController: Secret Data could not be computed for MachineClass: %q", machineClass.Name) return machineutils.LongRetry, err } listMachineResponse, err := c.driver.ListMachines(context.TODO(), &driver.ListMachinesRequest{ MachineClass: machineClass, - Secret: secret, + Secret: &corev1.Secret{Data: secretData}, }) if err != nil { klog.Errorf("SafetyController: Failed to LIST VMs at provider. Error: %s", err) @@ -242,7 +237,7 @@ func (c *controller) checkMachineClass( _, err := c.driver.DeleteMachine(context.TODO(), &driver.DeleteMachineRequest{ Machine: machine, MachineClass: machineClass, - Secret: secret, + Secret: &corev1.Secret{Data: secretData}, }) if err != nil { klog.Errorf("SafetyController: Error while trying to DELETE VM on CP - %s. Shall retry in next safety controller sync.", err) diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine_util.go b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine_util.go index 6efa84c8..e1b46db6 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine_util.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/machine_util.go @@ -40,6 +40,7 @@ import ( "github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/status" "github.com/gardener/machine-controller-manager/pkg/util/provider/machineutils" utilstrings "github.com/gardener/machine-controller-manager/pkg/util/strings" + utiltime "github.com/gardener/machine-controller-manager/pkg/util/time" corev1 "k8s.io/api/core/v1" v1 "k8s.io/api/core/v1" @@ -92,10 +93,9 @@ func UpdateMachineWithRetries(machineClient v1alpha1client.MachineInterface, mac */ // ValidateMachineClass validates the machine class. -func (c *controller) ValidateMachineClass(classSpec *v1alpha1.ClassSpec) (*v1alpha1.MachineClass, *v1.Secret, machineutils.RetryPeriod, error) { +func (c *controller) ValidateMachineClass(classSpec *v1alpha1.ClassSpec) (*v1alpha1.MachineClass, map[string][]byte, machineutils.RetryPeriod, error) { var ( machineClass *v1alpha1.MachineClass - secretRef *v1.Secret err error retry = machineutils.LongRetry ) @@ -117,16 +117,38 @@ func (c *controller) ValidateMachineClass(classSpec *v1alpha1.ClassSpec) (*v1alp return nil, nil, retry, err } - secretRef, err = c.getSecret(machineClass.SecretRef, machineClass.Name) + secretData, err := c.getSecretData(machineClass.Name, machineClass.SecretRef, machineClass.CredentialsSecretRef) if err != nil { - klog.Errorf("Secret not found for %q", machineClass.SecretRef.Name) + klog.V(2).Infof("Could not compute secret data: %+v", err) return nil, nil, retry, err } - return machineClass, secretRef, retry, nil + return machineClass, secretData, retry, nil } -// getSecret retrives the kubernetes secret if found +func (c *controller) getSecretData(machineClassName string, secretRefs ...*v1.SecretReference) (map[string][]byte, error) { + var secretData map[string][]byte + + for _, secretRef := range secretRefs { + if secretRef == nil { + continue + } + + secretRef, err := c.getSecret(secretRef, machineClassName) + if err != nil { + klog.V(2).Infof("Secret reference %s/%s not found", secretRef.Namespace, secretRef.Name) + return nil, err + } + + if secretRef != nil { + secretData = mergeDataMaps(secretData, secretRef.Data) + } + } + + return secretData, nil +} + +// getSecret retrieves the kubernetes secret if found func (c *controller) getSecret(ref *v1.SecretReference, MachineClassName string) (*v1.Secret, error) { if ref == nil { // If no secretRef, return nil @@ -160,6 +182,18 @@ func nodeConditionsHaveChanged(machineConditions []v1.NodeCondition, nodeConditi return false } +func mergeDataMaps(in map[string][]byte, maps ...map[string][]byte) map[string][]byte { + out := make(map[string][]byte) + + for _, m := range append([]map[string][]byte{in}, maps...) { + for k, v := range m { + out[k] = v + } + } + + return out +} + // syncMachineNodeTemplate syncs nodeTemplates between machine and corresponding node-object. // It ensures, that any nodeTemplate element available on Machine should be available on node-object. // Although there could be more elements already available on node-object which will not be touched. @@ -912,9 +946,7 @@ func (c *controller) drainNode(deleteMachineRequest *driver.DeleteMachineRequest if skipDrain { state = v1alpha1.MachineStateProcessing } else { - // Timeout value obtained by subtracting last operation with expected time out period - timeOut := metav1.Now().Add(-timeOutDuration).Sub(machine.Status.CurrentStatus.LastUpdateTime.Time) - timeOutOccurred = timeOut > 0 + timeOutOccurred = utiltime.HasTimeOutOccurred(*machine.DeletionTimestamp, timeOutDuration) if forceDeleteLabelPresent || timeOutOccurred { // To perform forceful machine drain/delete either one of the below conditions must be satified diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/migrate_machineclass.go b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/migrate_machineclass.go index faadb155..0f5b7984 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/migrate_machineclass.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/migrate_machineclass.go @@ -5,17 +5,17 @@ import ( "context" "fmt" - "github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1" - "github.com/gardener/machine-controller-manager/pkg/util/provider/driver" - "github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/codes" - "github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/status" - "github.com/gardener/machine-controller-manager/pkg/util/provider/machineutils" - v1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/klog" + + "github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1" + "github.com/gardener/machine-controller-manager/pkg/util/provider/driver" + "github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/codes" + "github.com/gardener/machine-controller-manager/pkg/util/provider/machinecodes/status" + "github.com/gardener/machine-controller-manager/pkg/util/provider/machineutils" ) const ( @@ -110,7 +110,7 @@ func (c *controller) createMachineClass(providerSpecificMachineClass interface{} } } else if err != nil { - // Anyother kind of error while fetching the machineClass object + // Another kind of error while fetching the machineClass object return machineutils.ShortRetry, err } @@ -387,7 +387,7 @@ func (c *controller) addMigratedAnnotationForProviderMachineClass(classSpec *v1a } // TryMachineClassMigration tries to migrate the provider-specific machine class to the generic machine-class. -func (c *controller) TryMachineClassMigration(classSpec *v1alpha1.ClassSpec) (*v1alpha1.MachineClass, *v1.Secret, machineutils.RetryPeriod, error) { +func (c *controller) TryMachineClassMigration(classSpec *v1alpha1.ClassSpec) (*v1alpha1.MachineClass, map[string][]byte, machineutils.RetryPeriod, error) { var ( err error providerSpecificMachineClass interface{} diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/secret.go b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/secret.go index a9426783..3d2831d8 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/secret.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/secret.go @@ -22,10 +22,12 @@ import ( "github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1" corev1 "k8s.io/api/core/v1" + apiequality "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" "k8s.io/klog" ) @@ -159,12 +161,32 @@ func (c *controller) enqueueSecretAfter(obj interface{}, after time.Duration) { c.secretQueue.AddAfter(key, after) } +func enqueueSecretForReferences(queue workqueue.RateLimitingInterface, secretRefs ...*corev1.SecretReference) { + for _, secretRef := range secretRefs { + if secretRef != nil { + queue.Add(secretRef.Namespace + "/" + secretRef.Name) + } + } +} + +func enqueueSecretForReferenceIfChanged(queue workqueue.RateLimitingInterface, oldSecretRef, newSecretRef *corev1.SecretReference) { + if !apiequality.Semantic.DeepEqual(oldSecretRef, newSecretRef) { + if oldSecretRef != nil { + queue.Add(oldSecretRef.Namespace + "/" + oldSecretRef.Name) + } + if newSecretRef != nil { + queue.Add(newSecretRef.Namespace + "/" + newSecretRef.Name) + } + } +} + func (c *controller) machineClassToSecretAdd(obj interface{}) { machineClass, ok := obj.(*v1alpha1.MachineClass) if !ok || machineClass == nil || machineClass.SecretRef == nil { return } - c.secretQueue.Add(machineClass.SecretRef.Namespace + "/" + machineClass.SecretRef.Name) + + enqueueSecretForReferences(c.secretQueue, machineClass.SecretRef, machineClass.CredentialsSecretRef) } func (c *controller) machineClassToSecretUpdate(oldObj interface{}, newObj interface{}) { @@ -177,11 +199,8 @@ func (c *controller) machineClassToSecretUpdate(oldObj interface{}, newObj inter return } - if oldMachineClass.SecretRef.Name != newMachineClass.SecretRef.Name || - oldMachineClass.SecretRef.Namespace != newMachineClass.SecretRef.Namespace { - c.secretQueue.Add(oldMachineClass.SecretRef.Namespace + "/" + oldMachineClass.SecretRef.Name) - c.secretQueue.Add(newMachineClass.SecretRef.Namespace + "/" + newMachineClass.SecretRef.Name) - } + enqueueSecretForReferenceIfChanged(c.secretQueue, oldMachineClass.SecretRef, newMachineClass.SecretRef) + enqueueSecretForReferenceIfChanged(c.secretQueue, oldMachineClass.CredentialsSecretRef, newMachineClass.CredentialsSecretRef) } func (c *controller) machineClassToSecretDelete(obj interface{}) { diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/secret_util.go b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/secret_util.go index 7e8a3f91..77913541 100644 --- a/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/secret_util.go +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/util/provider/machinecontroller/secret_util.go @@ -47,7 +47,8 @@ func (c *controller) findMachineClassForSecret(name string) ([]*v1alpha1.Machine } var filtered []*v1alpha1.MachineClass for _, machineClass := range machineClasses { - if machineClass.SecretRef != nil && machineClass.SecretRef.Name == name { + if (machineClass.SecretRef != nil && machineClass.SecretRef.Name == name) || + (machineClass.CredentialsSecretRef != nil && machineClass.CredentialsSecretRef.Name == name) { filtered = append(filtered, machineClass) } } diff --git a/vendor/github.com/gardener/machine-controller-manager/pkg/util/time/time.go b/vendor/github.com/gardener/machine-controller-manager/pkg/util/time/time.go new file mode 100644 index 00000000..21a5fe7f --- /dev/null +++ b/vendor/github.com/gardener/machine-controller-manager/pkg/util/time/time.go @@ -0,0 +1,31 @@ +/* +Copyright (c) 2020 SAP SE or an SAP affiliate company. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package time is used to provide the core functionalities of machine-controller-manager +package time + +import ( + "time" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// HasTimeOutOccurred returns true, when time.Now() is more than time + period +func HasTimeOutOccurred(timeStamp metav1.Time, period time.Duration) bool { + // Timeout value obtained by subtracting last operation with expected time out period + timeOut := metav1.Now().Add(-period).Sub(timeStamp.Time) + return timeOut > 0 +} diff --git a/vendor/modules.txt b/vendor/modules.txt index dd80bf1b..d5abfabc 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -6,7 +6,7 @@ github.com/beorn7/perks/quantile github.com/davecgh/go-spew/spew # github.com/evanphx/json-patch v4.2.0+incompatible github.com/evanphx/json-patch -# github.com/gardener/machine-controller-manager v0.35.0 +# github.com/gardener/machine-controller-manager v0.36.0 ## explicit github.com/gardener/machine-controller-manager/pkg/apis/machine github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1 @@ -44,6 +44,7 @@ github.com/gardener/machine-controller-manager/pkg/util/provider/options github.com/gardener/machine-controller-manager/pkg/util/reflector/prometheus github.com/gardener/machine-controller-manager/pkg/util/strings github.com/gardener/machine-controller-manager/pkg/util/taints +github.com/gardener/machine-controller-manager/pkg/util/time github.com/gardener/machine-controller-manager/pkg/util/workqueue/prometheus # github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d github.com/gogo/protobuf/proto