Use cacert from rancher and use serverl-url from rancher

chart/templates/deployment.yaml

@@ -41,10 +41,6 @@ spec:
         - {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
         - --default-registry
         - {{ .Values.global.cattle.systemDefaultRegistry | quote }}
-        - --rancher-server-url
-        - {{ .Values.global.cattle.url | quote }}
-        - --ca-cert
-        - {{ .Values.global.cattle.ca_cert | quote }}
       serviceAccountName: elemental-operator
       {{- with .Values.tolerations }}
       tolerations:

chart/templates/rbac.yaml

@@ -3,6 +3,14 @@ kind: ClusterRole
 metadata:
   name: elemental-operator
 rules:
+- apiGroups:
+    - management.cattle.io
+  resources:
+    - 'settings'
+  verbs:
+    - 'get'
+    - 'watch'
+    - 'list'
 - apiGroups:
   - ""
   resources:

chart/values.yaml

@@ -13,8 +13,6 @@ noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
 global:
   cattle:
     systemDefaultRegistry: ""
-    url: ""
-    ca_cert: ""
 
 # default sync interval for upgrade channel
 sync_interval: "60m"

cmd/operator/operator/root.go

@@ -30,14 +30,12 @@ import (
 )
 
 type rootConfig struct {
-	Debug            bool
-	SyncInterval     time.Duration
-	Namespace        string
-	DefaultRegistry  string
-	RancherServerURL string
-	CACert           string
-	OperatorImage    string
-	SyncNamespaces   []string
+	Debug           bool
+	SyncInterval    time.Duration
+	Namespace       string
+	DefaultRegistry string
+	OperatorImage   string
+	SyncNamespaces  []string
 }
 
 func NewOperatorCommand() *cobra.Command {
@@ -55,9 +53,6 @@ func NewOperatorCommand() *cobra.Command {
 	}
 
 	viper.AutomaticEnv()
-	cmd.PersistentFlags().StringVar(&config.RancherServerURL, "rancher-server-url", "", "URL used to build registration url")
-	_ = viper.BindPFlag("rancher-server-url", cmd.PersistentFlags().Lookup("rancher-server-url"))
-	_ = cobra.MarkFlagRequired(cmd.PersistentFlags(), "rancher-server-url")
 
 	cmd.PersistentFlags().StringVar(&config.Namespace, "namespace", "", "namespace to run the operator on")
 	_ = viper.BindPFlag("namespace", cmd.PersistentFlags().Lookup("namespace"))
@@ -73,9 +68,6 @@ func NewOperatorCommand() *cobra.Command {
 	cmd.PersistentFlags().StringVar(&config.DefaultRegistry, "default-registry", "", "default registry to prepend to os images")
 	_ = viper.BindPFlag("default-registry", cmd.PersistentFlags().Lookup("default-registry"))
 
-	cmd.PersistentFlags().StringVar(&config.CACert, "ca-cert", "", "Rancher URL CA certificate")
-	_ = viper.BindPFlag("ca-cert", cmd.PersistentFlags().Lookup("ca-cert"))
-
 	cmd.PersistentFlags().DurationVar(&config.SyncInterval, "sync-interval", 60*time.Minute, "how often to check for new os versions")
 	_ = viper.BindPFlag("sync-interval", cmd.PersistentFlags().Lookup("sync-interval"))
 
@@ -98,8 +90,6 @@ func operatorRun(config *rootConfig) {
 	if err := operator.Run(ctx,
 		operator.WithRequeuer(requeuer),
 		operator.WithNamespace(config.Namespace),
-		operator.WithServerURL(config.RancherServerURL),
-		operator.WithCACert(config.CACert),
 		operator.WithDefaultRegistry(config.DefaultRegistry),
 		operator.WithServices(syncer.UpgradeChannelSync(config.SyncInterval, requeuer, config.OperatorImage, false, config.SyncNamespaces...)),
 	); err != nil {

go.mod

@@ -43,6 +43,7 @@ require (
 	github.com/rancher-sandbox/go-tpm v0.0.0-20220512105546-a8efc2a6448e
 	github.com/rancher/fleet/pkg/apis v0.0.0-20220318160658-4dc66c946ca2
 	github.com/rancher/lasso v0.0.0-20210709145333-6c6cd7fd6607
+	github.com/rancher/rancher/pkg/apis v0.0.0-20211013185633-a636bda2a00e // indirect
 	github.com/rancher/steve v0.0.0-20220503004032-53511a06ff37
 	github.com/rancher/system-agent v0.2.8
 	github.com/rancher/system-upgrade-controller/pkg/apis v0.0.0-20220321230925-79da9f058209
@@ -62,9 +63,13 @@ require (
 	sigs.k8s.io/controller-runtime v0.11.1
 )
 
-require github.com/pin/tftp v2.1.0+incompatible // indirect
-
 require (
+	github.com/pin/tftp v2.1.0+incompatible // indirect
+	github.com/rancher/aks-operator v1.0.2 // indirect
+	github.com/rancher/eks-operator v1.1.1 // indirect
+	github.com/rancher/gke-operator v1.1.1 // indirect
+	github.com/rancher/norman v0.0.0-20210608202517-59b3523c3133 // indirect
+	github.com/rancher/rke v1.3.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blang/semver v3.5.1+incompatible // indirect
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect

pkg/clients/clients.go

@@ -26,6 +26,8 @@ import (
 	elmcontrollers "github.com/rancher/elemental-operator/pkg/generated/controllers/elemental.cattle.io/v1beta1"
 	"github.com/rancher/elemental-operator/pkg/generated/controllers/fleet.cattle.io"
 	fleetcontrollers "github.com/rancher/elemental-operator/pkg/generated/controllers/fleet.cattle.io/v1alpha1"
+	"github.com/rancher/elemental-operator/pkg/generated/controllers/management.cattle.io"
+	ranchercontrollers "github.com/rancher/elemental-operator/pkg/generated/controllers/management.cattle.io/v3"
 	"github.com/rancher/wrangler/pkg/clients"
 	"github.com/rancher/wrangler/pkg/generic"
 	"github.com/sirupsen/logrus"
@@ -45,6 +47,7 @@ type Clients struct {
 	Fleet     fleetcontrollers.Interface
 	Elemental elmcontrollers.Interface
 	Events    corev1Typed.EventInterface
+	Rancher   ranchercontrollers.Interface
 	CAPI      capi.Interface
 }
 
@@ -79,6 +82,7 @@ func NewFromConfig(restConfig *rest.Config) (*Clients, error) {
 		Fleet:     fleet.NewFactoryFromConfigWithOptionsOrDie(restConfig, opts).Fleet().V1alpha1(),
 		Elemental: elemental.NewFactoryFromConfigWithOptionsOrDie(restConfig, opts).Elemental().V1beta1(),
 		CAPI:      capicontrollers.NewFactoryFromConfigWithOptionsOrDie(restConfig, opts).Cluster().V1beta1(),
+		Rancher:   management.NewFactoryFromConfigWithOptionsOrDie(restConfig, opts).Management().V3(),
 	}, nil
 }
 

pkg/codegen/main.go

@@ -20,6 +20,7 @@ import (
 	"os"
 
 	fleet "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1"
+	v3 "github.com/rancher/rancher/pkg/apis/management.cattle.io/v3"
 	controllergen "github.com/rancher/wrangler/pkg/controller-gen"
 	"github.com/rancher/wrangler/pkg/controller-gen/args"
 	capi "sigs.k8s.io/cluster-api/api/v1beta1"
@@ -48,6 +49,11 @@ func main() {
 					capi.Machine{},
 				},
 			},
+			"management.cattle.io": {
+				Types: []interface{}{
+					v3.Setting{},
+				},
+			},
 		},
 	})
 }

pkg/controllers/registration/registration.go

@@ -18,11 +18,14 @@ package registration
 
 import (
 	"context"
+	"fmt"
 
 	elm "github.com/rancher/elemental-operator/pkg/apis/elemental.cattle.io/v1beta1"
 	"github.com/rancher/elemental-operator/pkg/clients"
 	elmcontrollers "github.com/rancher/elemental-operator/pkg/generated/controllers/elemental.cattle.io/v1beta1"
+	ranchercontrollers "github.com/rancher/elemental-operator/pkg/generated/controllers/management.cattle.io/v3"
 	"github.com/rancher/wrangler/pkg/randomtoken"
+	"github.com/sirupsen/logrus"
 	corev1 "k8s.io/api/core/v1"
 	rbacv1 "k8s.io/api/rbac/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -33,18 +36,18 @@ import (
 var controllerName = "machine-registration"
 
 type handler struct {
-	ctx       context.Context
-	Recorder  record.EventRecorder
-	clients   *clients.Clients
-	serverURL string
+	ctx          context.Context
+	Recorder     record.EventRecorder
+	clients      *clients.Clients
+	settingCache ranchercontrollers.SettingCache
 }
 
-func Register(ctx context.Context, clients *clients.Clients, serverURL string) {
+func Register(ctx context.Context, clients *clients.Clients) {
 	h := handler{
-		ctx:       ctx,
-		clients:   clients,
-		serverURL: serverURL,
-		Recorder:  clients.EventRecorder(controllerName),
+		ctx:          ctx,
+		clients:      clients,
+		Recorder:     clients.EventRecorder(controllerName),
+		settingCache: clients.Rancher.Setting().Cache(),
 	}
 	elmcontrollers.RegisterMachineRegistrationStatusHandler(ctx, clients.Elemental.MachineRegistration(), "Ready", controllerName, h.OnChange)
 	h.clients.Elemental.MachineRegistration().OnRemove(ctx, controllerName, h.OnRemove)
@@ -53,6 +56,11 @@ func Register(ctx context.Context, clients *clients.Clients, serverURL string) {
 func (h *handler) OnChange(obj *elm.MachineRegistration, status elm.MachineRegistrationStatus) (elm.MachineRegistrationStatus, error) {
 	var err error
 
+	serverURL, err := h.getRancherServerURL()
+	if err != nil {
+		return status, err
+	}
+
 	if status.RegistrationToken == "" {
 		status.RegistrationToken, err = randomtoken.Generate()
 		if err != nil {
@@ -61,7 +69,7 @@ func (h *handler) OnChange(obj *elm.MachineRegistration, status elm.MachineRegis
 		}
 	}
 
-	status.RegistrationURL = h.serverURL + "/elemental/registration/" + status.RegistrationToken
+	status.RegistrationURL = fmt.Sprintf("%s/elemental/registration/%s", serverURL, status.RegistrationToken)
 
 	_, err = h.clients.RBAC.Role().Create(&rbacv1.Role{
 		ObjectMeta: metav1.ObjectMeta{
@@ -72,7 +80,12 @@ func (h *handler) OnChange(obj *elm.MachineRegistration, status elm.MachineRegis
 			APIGroups: []string{""},
 			Verbs:     []string{"get", "watch", "list", "update", "patch"},
 			Resources: []string{"secrets"},
-		}},
+		}, {
+			APIGroups: []string{"management.cattle.io"},
+			Verbs:     []string{"get", "watch", "list"},
+			Resources: []string{"settings"},
+		},
+		},
 	})
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return status, err
@@ -133,3 +146,16 @@ func (h *handler) OnRemove(_ string, obj *elm.MachineRegistration) (*elm.Machine
 
 	return nil, nil
 }
+
+func (h *handler) getRancherServerURL() (string, error) {
+	setting, err := h.settingCache.Get("server-url")
+	if err != nil {
+		logrus.Errorf("Error getting server-url setting: %s", err.Error())
+		return "", err
+	}
+	if setting.Value == "" {
+		logrus.Error("server-url is not set")
+		return "", fmt.Errorf("server-url is not set")
+	}
+	return setting.Value, nil
+}