From cfcfb45480c3cd1f93a10d1772b4ceb828e7da44 Mon Sep 17 00:00:00 2001
From: shenwei <shenwei@cmss.chinamobile.com>
Date: Wed, 12 Jun 2024 16:41:20 +0800
Subject: [PATCH] Determine whether initcontainer is needed through IPAConfig
 options

Signed-off-by: shenwei <shenwei@cmss.chinamobile.com>
---
 api/v1alpha1/ironic_types.go   | 17 +++++++++---
 api/v1alpha1/ironic_webhook.go |  4 +--
 pkg/ironic/containers.go       | 48 ++++++++++++++++++----------------
 3 files changed, 41 insertions(+), 28 deletions(-)

diff --git a/api/v1alpha1/ironic_types.go b/api/v1alpha1/ironic_types.go
index 9447140..5d2e36a 100644
--- a/api/v1alpha1/ironic_types.go
+++ b/api/v1alpha1/ironic_types.go
@@ -124,7 +124,8 @@ type Networking struct {
 	MACAddresses []string `json:"macAddresses,omitempty"`
 }
 
-type Images struct {
+type IPAConfig struct {
+	IPAEnabled bool `json:"ipaEnabled"`
 	// AgentBranch is the branch of IPA to download. The main branch is used by default.
 	// +optional
 	AgentBranch string `json:"agentBranch,omitempty"`
@@ -133,6 +134,13 @@ type Images struct {
 	// The default value should be good for most users.
 	// +optional
 	AgentDownloadURL string `json:"agentDownloadURL,omitempty"`
+	// RamdiskDownloader is the image to be used at pod initialization to download the IPA ramdisk.
+	// +kubebuilder:default=quay.io/metal3-io/ironic-ipa-downloader
+	// +optional
+	RamdiskDownloader string `json:"ramdiskDownloader,omitempty"`
+}
+
+type Images struct {
 
 	// Ironic is the Ironic image (including httpd).
 	// +kubebuilder:default=quay.io/metal3-io/ironic
@@ -140,10 +148,11 @@ type Images struct {
 	// +optional
 	Ironic string `json:"ironic,omitempty"`
 
-	// RamdiskDownloader is the image to be used at pod initialization to download the IPA ramdisk.
-	// +kubebuilder:default=quay.io/metal3-io/ironic-ipa-downloader
+	// IPA is a service written in python that runs within a ramdisk.
+	// It provides remote access for Ironic to perform various operations on the managed server.
+	// It also sends information about the server to Ironic.
 	// +optional
-	RamdiskDownloader string `json:"ramdiskDownloader,omitempty"`
+	IPAConfig IPAConfig `json:"IPAConfig,omitempty"`
 }
 
 // IronicSpec defines the desired state of Ironic
diff --git a/api/v1alpha1/ironic_webhook.go b/api/v1alpha1/ironic_webhook.go
index 1142eef..66f1a01 100644
--- a/api/v1alpha1/ironic_webhook.go
+++ b/api/v1alpha1/ironic_webhook.go
@@ -203,8 +203,8 @@ func validateIronic(ironic *IronicSpec, old *IronicSpec) error {
 		}
 	}
 
-	if ironic.Images.AgentDownloadURL != "" {
-		if _, err := url.Parse(ironic.Images.AgentDownloadURL); err != nil {
+	if ironic.Images.IPAConfig.IPAEnabled && ironic.Images.IPAConfig.AgentDownloadURL != "" {
+		if _, err := url.Parse(ironic.Images.IPAConfig.AgentDownloadURL); err != nil {
 			return fmt.Errorf("images.agentDownloadURL is not a valid URL: %w", err)
 		}
 	}
diff --git a/pkg/ironic/containers.go b/pkg/ironic/containers.go
index 0ff51e6..58b643a 100644
--- a/pkg/ironic/containers.go
+++ b/pkg/ironic/containers.go
@@ -417,32 +417,12 @@ func newIronicPodTemplate(ironic *metal3api.Ironic, db *metal3api.IronicDatabase
 		htpasswd = apiSecret.Name
 	}
 
-	var ipaDownloaderVars []corev1.EnvVar
-	ipaDownloaderVars = appendStringEnv(ipaDownloaderVars,
-		"IPA_BASEURI", ironic.Spec.Images.AgentDownloadURL)
-	ipaDownloaderVars = appendStringEnv(ipaDownloaderVars,
-		"IPA_BRANCH", ironic.Spec.Images.AgentBranch)
-
 	volumes, mounts := buildIronicVolumesAndMounts(ironic, db)
 	sharedVolumeMount := mounts[0]
-	initContainers := []corev1.Container{
-		{
-			Name:         "ipa-downloader",
-			Image:        ironic.Spec.Images.RamdiskDownloader,
-			Env:          ipaDownloaderVars,
-			VolumeMounts: []corev1.VolumeMount{sharedVolumeMount},
-			SecurityContext: &corev1.SecurityContext{
-				RunAsUser:  ptr.To(ironicUser),
-				RunAsGroup: ptr.To(ironicGroup),
-				Capabilities: &corev1.Capabilities{
-					Drop: []corev1.Capability{"ALL"},
-				},
-			},
-		},
-	}
 
-	ironicPorts, httpdPorts := buildIronicHttpdPorts(ironic)
+	initContainers := newInitContainers(ironic, sharedVolumeMount)
 
+	ironicPorts, httpdPorts := buildIronicHttpdPorts(ironic)
 	ironicHandler := newURLProbeHandler(ironic, ironic.Spec.TLSRef.Name != "", int(ironic.Spec.Networking.APIPort), "/v1")
 	httpdHandler := newURLProbeHandler(ironic, false, int(ironic.Spec.Networking.ImageServerPort), "/images")
 
@@ -519,3 +499,27 @@ func newIronicPodTemplate(ironic *metal3api.Ironic, db *metal3api.IronicDatabase
 		},
 	}, nil
 }
+
+func newInitContainers(ironic *metal3api.Ironic, sharedVolumeMount corev1.VolumeMount) []corev1.Container {
+	var ipaDownloaderVars []corev1.EnvVar
+	ipaDownloaderVars = appendStringEnv(ipaDownloaderVars, "IPA_BASEURI", ironic.Spec.Images.IPAConfig.AgentDownloadURL)
+	ipaDownloaderVars = appendStringEnv(ipaDownloaderVars, "IPA_BRANCH", ironic.Spec.Images.IPAConfig.AgentBranch)
+	if ironic.Spec.Images.IPAConfig.IPAEnabled {
+		return []corev1.Container{
+			{
+				Name:         "ipa-downloader",
+				Image:        ironic.Spec.Images.IPAConfig.RamdiskDownloader,
+				Env:          ipaDownloaderVars,
+				VolumeMounts: []corev1.VolumeMount{sharedVolumeMount},
+				SecurityContext: &corev1.SecurityContext{
+					RunAsUser:  ptr.To(ironicUser),
+					RunAsGroup: ptr.To(ironicGroup),
+					Capabilities: &corev1.Capabilities{
+						Drop: []corev1.Capability{"ALL"},
+					},
+				},
+			},
+		}
+	}
+	return nil
+}