diff --git a/apis/v1alpha1/ack-generate-metadata.yaml b/apis/v1alpha1/ack-generate-metadata.yaml index 7562f0a..dba43a1 100755 --- a/apis/v1alpha1/ack-generate-metadata.yaml +++ b/apis/v1alpha1/ack-generate-metadata.yaml @@ -1,8 +1,8 @@ ack_generate_info: - build_date: "2024-07-19T22:52:15Z" - build_hash: f0a0f42d507c550c2b063a192b3b43e4522bdd9c + build_date: "2024-08-06T02:45:29Z" + build_hash: 587b90dc860e91ee9a763e9e3bc4d3f1b2fbddb7 go_version: go1.22.5 - version: v0.35.0 + version: v0.36.0 api_directory_checksum: 3dac0a046021e0a9f5828ed93eb269ab4d4420a0 api_version: v1alpha1 aws_sdk_go_version: v1.50.0 diff --git a/config/controller/kustomization.yaml b/config/controller/kustomization.yaml index 6c33f4a..6f569d4 100644 --- a/config/controller/kustomization.yaml +++ b/config/controller/kustomization.yaml @@ -6,4 +6,4 @@ kind: Kustomization images: - name: controller newName: public.ecr.aws/aws-controllers-k8s/efs-controller - newTag: 0.0.8 + newTag: 0.0.9 diff --git a/config/crd/bases/efs.services.k8s.aws_accesspoints.yaml b/config/crd/bases/efs.services.k8s.aws_accesspoints.yaml index 6d4619f..c766e8d 100644 --- a/config/crd/bases/efs.services.k8s.aws_accesspoints.yaml +++ b/config/crd/bases/efs.services.k8s.aws_accesspoints.yaml @@ -81,6 +81,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object posixUser: diff --git a/config/crd/bases/efs.services.k8s.aws_filesystems.yaml b/config/crd/bases/efs.services.k8s.aws_filesystems.yaml index 923c538..2a21242 100644 --- a/config/crd/bases/efs.services.k8s.aws_filesystems.yaml +++ b/config/crd/bases/efs.services.k8s.aws_filesystems.yaml @@ -161,6 +161,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object lifecyclePolicies: diff --git a/config/crd/bases/efs.services.k8s.aws_mounttargets.yaml b/config/crd/bases/efs.services.k8s.aws_mounttargets.yaml index 142c890..75111ee 100644 --- a/config/crd/bases/efs.services.k8s.aws_mounttargets.yaml +++ b/config/crd/bases/efs.services.k8s.aws_mounttargets.yaml @@ -90,6 +90,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object ipAddress: @@ -110,6 +112,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object type: array @@ -138,6 +142,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object type: object diff --git a/go.mod b/go.mod index 717ed0e..b3751d5 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ toolchain go1.22.5 require ( github.com/aws-controllers-k8s/ec2-controller v1.2.2 github.com/aws-controllers-k8s/kms-controller v1.0.9 - github.com/aws-controllers-k8s/runtime v0.35.0 + github.com/aws-controllers-k8s/runtime v0.36.0 github.com/aws/aws-sdk-go v1.49.24 github.com/go-logr/logr v1.4.1 github.com/spf13/pflag v1.0.5 diff --git a/go.sum b/go.sum index 7e42a56..ef701ab 100644 --- a/go.sum +++ b/go.sum @@ -2,8 +2,8 @@ github.com/aws-controllers-k8s/ec2-controller v1.2.2 h1:ek/cGd76XTWQXe6185nxrmEm github.com/aws-controllers-k8s/ec2-controller v1.2.2/go.mod h1:4e2L1aHo1fk3ihVTRmnhA6VJ2NSSoYPEf1GZNYYPwLw= github.com/aws-controllers-k8s/kms-controller v1.0.9 h1:GZHSnuZBoWp9r6RaJ3siyDn5BRhDuaZJXtdBKeAiLSw= github.com/aws-controllers-k8s/kms-controller v1.0.9/go.mod h1:Pnz0d5sly7dUgmYMDJWSRIKASOujJFi/b8N2q1qCLqU= -github.com/aws-controllers-k8s/runtime v0.35.0 h1:kLRLFOAcaFJRv/aEiWtb0qhlxFpwvmx6shCWNc1Tuas= -github.com/aws-controllers-k8s/runtime v0.35.0/go.mod h1:gI2pWb20UGLP2SnHf1a1VzTd7iVVy+/I9VAzT0Y+Dew= +github.com/aws-controllers-k8s/runtime v0.36.0 h1:XEMVGfUwsT9QMShihuCLHlape+daJWyYtXj45s/iJiU= +github.com/aws-controllers-k8s/runtime v0.36.0/go.mod h1:gI2pWb20UGLP2SnHf1a1VzTd7iVVy+/I9VAzT0Y+Dew= github.com/aws/aws-sdk-go v1.49.24 h1:2ekq9ZvaoB2aRbTDfARzgVGUBB9N8XD2QYhFmTBlp+c= github.com/aws/aws-sdk-go v1.49.24/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 6c031f0..68f1c71 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: efs-chart description: A Helm chart for the ACK service controller for Amazon Elastic File System (EFS) -version: 0.0.8 -appVersion: 0.0.8 +version: 0.0.9 +appVersion: 0.0.9 home: https://github.com/aws-controllers-k8s/efs-controller icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/helm/crds/efs.services.k8s.aws_accesspoints.yaml b/helm/crds/efs.services.k8s.aws_accesspoints.yaml index 6d4619f..c766e8d 100644 --- a/helm/crds/efs.services.k8s.aws_accesspoints.yaml +++ b/helm/crds/efs.services.k8s.aws_accesspoints.yaml @@ -81,6 +81,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object posixUser: diff --git a/helm/crds/efs.services.k8s.aws_filesystems.yaml b/helm/crds/efs.services.k8s.aws_filesystems.yaml index 25a0623..1738640 100644 --- a/helm/crds/efs.services.k8s.aws_filesystems.yaml +++ b/helm/crds/efs.services.k8s.aws_filesystems.yaml @@ -161,6 +161,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object lifecyclePolicies: diff --git a/helm/crds/efs.services.k8s.aws_mounttargets.yaml b/helm/crds/efs.services.k8s.aws_mounttargets.yaml index 142c890..75111ee 100644 --- a/helm/crds/efs.services.k8s.aws_mounttargets.yaml +++ b/helm/crds/efs.services.k8s.aws_mounttargets.yaml @@ -90,6 +90,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object ipAddress: @@ -110,6 +112,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object type: array @@ -138,6 +142,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object type: object diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index 720d710..854114c 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,5 +1,5 @@ {{ .Chart.Name }} has been installed. -This chart deploys "public.ecr.aws/aws-controllers-k8s/efs-controller:0.0.8". +This chart deploys "public.ecr.aws/aws-controllers-k8s/efs-controller:0.0.9". Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index f47877b..952d24e 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -219,4 +219,13 @@ rules: - get - patch - update -{{- end }} \ No newline at end of file +{{- end }} + +{{/* Convert k/v map to string like: "key1=value1,key2=value2,..." */}} +{{- define "ack-efs-controller.feature-gates" -}} +{{- $list := list -}} +{{- range $k, $v := .Values.featureGates -}} +{{- $list = append $list (printf "%s=%s" $k ( $v | toString)) -}} +{{- end -}} +{{ join "," $list }} +{{- end -}} diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index 83d603b..37c8514 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -79,6 +79,10 @@ spec: {{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} - --reconcile-resource-max-concurrent-syncs - "$(RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }})" +{{- end }} +{{- if .Values.featureGates}} + - --feature-gates + - "$(FEATURE_GATES)" {{- end }} image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -122,6 +126,10 @@ spec: {{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} - name: RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }} value: {{ $key }}={{ $value }} +{{- end }} +{{- if .Values.featureGates}} + - name: FEATURE_GATES + value: {{ include "ack-efs-controller.feature-gates" . }} {{- end }} {{- if .Values.aws.credentials.secretName }} - name: AWS_SHARED_CREDENTIALS_FILE diff --git a/helm/values.schema.json b/helm/values.schema.json index 742163e..7ccb485 100644 --- a/helm/values.schema.json +++ b/helm/values.schema.json @@ -268,6 +268,13 @@ "type": "object" } }, + "featureGates": { + "description": "Feature gates settings", + "type": "object", + "additionalProperties": { + "type": "boolean" + } + }, "required": [ "image", "deployment", diff --git a/helm/values.yaml b/helm/values.yaml index e5e991c..1992e76 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,7 @@ image: repository: public.ecr.aws/aws-controllers-k8s/efs-controller - tag: 0.0.8 + tag: 0.0.9 pullPolicy: IfNotPresent pullSecrets: [] @@ -153,3 +153,10 @@ leaderElection: # will attempt to use the namespace of the service account mounted to the Controller # pod. namespace: "" + +# Configuration for feature gates. These are optional controller features that +# can be individually enabled ("true") or disabled ("false") by adding key/value +# pairs below. +featureGates: {} + # featureGate1: true + # featureGate2: false diff --git a/pkg/resource/access_point/references.go b/pkg/resource/access_point/references.go index 94f0bcd..20413d5 100644 --- a/pkg/resource/access_point/references.go +++ b/pkg/resource/access_point/references.go @@ -56,12 +56,11 @@ func (rm *resourceManager) ResolveReferences( apiReader client.Reader, res acktypes.AWSResource, ) (acktypes.AWSResource, bool, error) { - namespace := res.MetaObject().GetNamespace() ko := rm.concreteResource(res).ko resourceHasReferences := false err := validateReferenceFields(ko) - if fieldHasReferences, err := rm.resolveReferenceForFileSystemID(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForFileSystemID(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences @@ -90,7 +89,6 @@ func validateReferenceFields(ko *svcapitypes.AccessPoint) error { func (rm *resourceManager) resolveReferenceForFileSystemID( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.AccessPoint, ) (hasReferences bool, err error) { if ko.Spec.FileSystemRef != nil && ko.Spec.FileSystemRef.From != nil { @@ -99,6 +97,10 @@ func (rm *resourceManager) resolveReferenceForFileSystemID( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: FileSystemRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &svcapitypes.FileSystem{} if err := getReferencedResourceState_FileSystem(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err diff --git a/pkg/resource/file_system/references.go b/pkg/resource/file_system/references.go index 9afaafc..e918b85 100644 --- a/pkg/resource/file_system/references.go +++ b/pkg/resource/file_system/references.go @@ -60,12 +60,11 @@ func (rm *resourceManager) ResolveReferences( apiReader client.Reader, res acktypes.AWSResource, ) (acktypes.AWSResource, bool, error) { - namespace := res.MetaObject().GetNamespace() ko := rm.concreteResource(res).ko resourceHasReferences := false err := validateReferenceFields(ko) - if fieldHasReferences, err := rm.resolveReferenceForKMSKeyID(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForKMSKeyID(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences @@ -91,7 +90,6 @@ func validateReferenceFields(ko *svcapitypes.FileSystem) error { func (rm *resourceManager) resolveReferenceForKMSKeyID( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.FileSystem, ) (hasReferences bool, err error) { if ko.Spec.KMSKeyRef != nil && ko.Spec.KMSKeyRef.From != nil { @@ -100,6 +98,10 @@ func (rm *resourceManager) resolveReferenceForKMSKeyID( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: KMSKeyRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &kmsapitypes.Key{} if err := getReferencedResourceState_Key(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err diff --git a/pkg/resource/mount_target/references.go b/pkg/resource/mount_target/references.go index 4e47634..928a102 100644 --- a/pkg/resource/mount_target/references.go +++ b/pkg/resource/mount_target/references.go @@ -71,24 +71,23 @@ func (rm *resourceManager) ResolveReferences( apiReader client.Reader, res acktypes.AWSResource, ) (acktypes.AWSResource, bool, error) { - namespace := res.MetaObject().GetNamespace() ko := rm.concreteResource(res).ko resourceHasReferences := false err := validateReferenceFields(ko) - if fieldHasReferences, err := rm.resolveReferenceForFileSystemID(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForFileSystemID(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences } - if fieldHasReferences, err := rm.resolveReferenceForSecurityGroups(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForSecurityGroups(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences } - if fieldHasReferences, err := rm.resolveReferenceForSubnetID(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForSubnetID(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences @@ -128,7 +127,6 @@ func validateReferenceFields(ko *svcapitypes.MountTarget) error { func (rm *resourceManager) resolveReferenceForFileSystemID( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.MountTarget, ) (hasReferences bool, err error) { if ko.Spec.FileSystemRef != nil && ko.Spec.FileSystemRef.From != nil { @@ -137,6 +135,10 @@ func (rm *resourceManager) resolveReferenceForFileSystemID( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: FileSystemRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &svcapitypes.FileSystem{} if err := getReferencedResourceState_FileSystem(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err @@ -205,7 +207,6 @@ func getReferencedResourceState_FileSystem( func (rm *resourceManager) resolveReferenceForSecurityGroups( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.MountTarget, ) (hasReferences bool, err error) { for _, f0iter := range ko.Spec.SecurityGroupRefs { @@ -215,6 +216,10 @@ func (rm *resourceManager) resolveReferenceForSecurityGroups( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: SecurityGroupRefs") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &ec2apitypes.SecurityGroup{} if err := getReferencedResourceState_SecurityGroup(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err @@ -287,7 +292,6 @@ func getReferencedResourceState_SecurityGroup( func (rm *resourceManager) resolveReferenceForSubnetID( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.MountTarget, ) (hasReferences bool, err error) { if ko.Spec.SubnetRef != nil && ko.Spec.SubnetRef.From != nil { @@ -296,6 +300,10 @@ func (rm *resourceManager) resolveReferenceForSubnetID( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: SubnetRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &ec2apitypes.Subnet{} if err := getReferencedResourceState_Subnet(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err