Change features flags from boolean to structures (#342)

Signed-off-by: Artiom Diomin <kron82@gmail.com>
kubermatic · Apr 9, 2019 · 0516ca2 · 0516ca2
1 parent b5f8329
commit 0516ca2
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 15 deletions.
diff --git a/config.yaml.dist b/config.yaml.dist
@@ -19,20 +19,20 @@
 name: my-demo-cluster
 
 versions:
-  kubernetes: '1.14.0'
+  kubernetes: "1.14.1"
 
 network:
   # the subnet used for pods (flannel);
   # leave it empty for default: 10.244.0.0/16
-  pod_subnet: ''
+  pod_subnet: ""
 
   # the subnet used for services;
   # leave it empty for default: 10.96.0.0/12
-  service_subnet: ''
+  service_subnet: ""
 
   # a nodePort range to reserve for services;
   # leave it empty for default: 30000-32767
-  node_port_range: ''
+  node_port_range: ""
 
 provider:
   # Supported cloud provider names:
@@ -42,27 +42,29 @@ provider:
   # * none
   # * openstack
   # * vsphere
-  name: ''
-  
+  name: ""
+
   # Set kubelet flag --cloud-provider=external, to be used with external
   # Cloud Controller Managers (CCM).
   external: false
 
   # Path to file that will be uploaded and used as custom --cloud-config file.
-  cloud_config: ''
+  cloud_config: ""
 
 features:
   # Enables PodSecurityPolicy admission plugin in API server, as well as creates
   # default `privileged` PodSecurityPolicy, plus RBAC rules to authorize
   # `kube-system` namespace pods to `use` it.
-  enable_pod_security_policy: false
+  pod_security_policy:
+    enable: false
 
   # Enables dynamic audit logs.
   # After enablig this, operator should create auditregistration.k8s.io/v1alpha1
   # AuditSink object.
   # More info: https://kubernetes.io/docs/tasks/debug-application-cluster/audit/#dynamic-backend
-  enable_dynamic_audit_log: false
-
+  dynamic_audit_log:
+    enable: false
+
 # The list of nodes can be overwritten by providing Terraform output.
 # You are strongly encouraged to provide an odd number of nodes and
 # have at least three of them.

diff --git a/pkg/config/cluster.go b/pkg/config/cluster.go
@@ -335,8 +335,18 @@ func (m *WorkerConfig) Validate() error {
 
 // Features switches
 type Features struct {
-	EnablePodSecurityPolicy bool `json:"enable_pod_security_policy"`
-	EnableDynamicAuditLog   bool `json:"enable_dynamic_audit_log"`
+	PodSecurityPolicy PodSecurityPolicy `json:"pod_security_policy"`
+	DynamicAuditLog   DynamicAuditLog   `json:"dynamic_audit_log"`
+}
+
+// PodSecurityPolicy feature flag
+type PodSecurityPolicy struct {
+	Enable bool `json:"enable"`
+}
+
+// DynamicAuditLog feature flag
+type DynamicAuditLog struct {
+	Enable bool `json:"enable"`
 }
 
 // MachineControllerConfig controls

diff --git a/pkg/features/activate.go b/pkg/features/activate.go
@@ -27,7 +27,7 @@ import (
 // Activate configured features.
 // Installing CRDs, creating policies and so on
 func Activate(ctx *util.Context) error {
-	if err := installKubeSystemPSP(ctx.Cluster.Features.EnablePodSecurityPolicy, ctx); err != nil {
+	if err := installKubeSystemPSP(ctx.Cluster.Features.PodSecurityPolicy.Enable, ctx); err != nil {
 		return errors.Wrap(err, "failed to install PodSecurityPolicy")
 	}
 
@@ -37,6 +37,6 @@ func Activate(ctx *util.Context) error {
 // UpdateKubeadmClusterConfiguration update additional config options in the kubeadm's
 // v1beta1.ClusterConfiguration according to enabled features
 func UpdateKubeadmClusterConfiguration(featuresCfg config.Features, clusterConfig *kubeadmv1beta1.ClusterConfiguration) {
-	activateKubeadmPSP(featuresCfg.EnablePodSecurityPolicy, clusterConfig)
-	activateKubeadmDynamicAuditLogs(featuresCfg.EnableDynamicAuditLog, clusterConfig)
+	activateKubeadmPSP(featuresCfg.PodSecurityPolicy.Enable, clusterConfig)
+	activateKubeadmDynamicAuditLogs(featuresCfg.DynamicAuditLog.Enable, clusterConfig)
 }