k0rdent · s3rj1k · Dec 11, 2024
@@ -27,16 +27,17 @@ COPY go.sum go.sum
 RUN go mod download
 
 # Copy the go source
-COPY cmd/main.go cmd/main.go
+COPY cmd/app.go cmd/app.go
 COPY api/ api/
 COPY internal/ internal/
+COPY pkg/ pkg/
 
 # Build
 # the GOARCH has not a default value to allow the binary be built according to the host where the command
 # was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
 # the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
 # by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
-RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -ldflags="${LD_FLAGS}" -a -o manager cmd/main.go
+RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -ldflags="${LD_FLAGS}" -a -o manager cmd/app.go
 
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details

@@ -181,11 +181,11 @@ LD_FLAGS += -X github.com/K0rdent/kcm/internal/telemetry.segmentToken=$(SEGMENT_
 
 .PHONY: build
 build: generate-all ## Build manager binary.
-	go build -ldflags="${LD_FLAGS}" -o bin/manager cmd/main.go
+	go build -ldflags="${LD_FLAGS}" -o bin/manager cmd/app.go
 
 .PHONY: run
 run: generate-all ## Run a controller from your host.
-	go run ./cmd/main.go
+	go run ./cmd/app.go
 
 # If you wish to build the manager image targeting other platforms you can use the --platform flag.
 # (i.e. docker build --platform linux/arm64). However, you must enable docker buildKit for it.

@@ -42,14 +42,6 @@ type (
 )
 
 const (
-	// Provider CAPA
-	ProviderAWSName = "cluster-api-provider-aws"
-	// Provider Azure
-	ProviderAzureName = "cluster-api-provider-azure"
-	// Provider vSphere
-	ProviderVSphereName = "cluster-api-provider-vsphere"
-	// Provider OpenStack
-	ProviderOpenStackName = "cluster-api-provider-openstack"
 	// Provider K0smotron
 	ProviderK0smotronName = "k0smotron"
 	// Provider Sveltos

@@ -86,24 +86,17 @@ type Provider struct {
 	Name string `json:"name"`
 }
 
+func (p Provider) String() string {
+	return p.Name
+}
+
 func (in *Component) HelmValues() (values map[string]any, err error) {
 	if in.Config != nil {
 		err = yaml.Unmarshal(in.Config.Raw, &values)
 	}
 	return values, err
 }
 
-func GetDefaultProviders() []Provider {
-	return []Provider{
-		{Name: ProviderK0smotronName},
-		{Name: ProviderAWSName},
-		{Name: ProviderAzureName},
-		{Name: ProviderVSphereName},
-		{Name: ProviderOpenStackName},
-		{Name: ProviderSveltosName},
-	}
-}
-
 // Templates returns a list of provider templates explicitly defined in the Management object
 func (in *Management) Templates() []string {
 	templates := []string{}

@@ -0,0 +1,30 @@
+// Copyright 2024
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"os"
+
+	"github.com/K0rdent/kcm/pkg/manager"
+	_ "github.com/K0rdent/kcm/pkg/providers/azure"
+	_ "github.com/K0rdent/kcm/pkg/providers/openstack"
+	_ "github.com/K0rdent/kcm/pkg/providers/vsphere"
+)
+
+func main() {
+	if err := manager.Main(); err != nil {
+		os.Exit(1)
+	}
+}
@@ -10,6 +10,7 @@ require (
 	github.com/fluxcd/pkg/apis/meta v1.9.0
 	github.com/fluxcd/pkg/runtime v0.50.1
 	github.com/fluxcd/source-controller/api v1.4.1
+	github.com/go-logr/logr v1.4.2
 	github.com/google/uuid v1.6.0
 	github.com/hashicorp/go-retryablehttp v0.7.7
 	github.com/onsi/ginkgo/v2 v2.22.2
@@ -85,7 +86,6 @@ require (
 	github.com/go-errors/errors v1.5.1 // indirect
 	github.com/go-gorp/gorp/v3 v3.1.0 // indirect
 	github.com/go-ldap/ldap/v3 v3.4.8 // indirect
-	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-logr/zapr v1.3.0 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect

@@ -48,12 +48,13 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/predicate"
 
 	hmc "github.com/K0rdent/kcm/api/v1alpha1"
-	"github.com/K0rdent/kcm/internal/credspropagation"
 	"github.com/K0rdent/kcm/internal/helm"
 	"github.com/K0rdent/kcm/internal/sveltos"
 	"github.com/K0rdent/kcm/internal/telemetry"
 	"github.com/K0rdent/kcm/internal/utils"
 	"github.com/K0rdent/kcm/internal/utils/status"
+	"github.com/K0rdent/kcm/pkg/credspropagation"
+	providersloader "github.com/K0rdent/kcm/pkg/providers"
 )
 
 const (
@@ -572,35 +573,16 @@ func (r *ClusterDeploymentReconciler) releaseCluster(ctx context.Context, namesp
 		return err
 	}
 
-	var (
-		gvkAWSCluster = schema.GroupVersionKind{
-			Group:   "infrastructure.cluster.x-k8s.io",
-			Version: "v1beta2",
-			Kind:    "AWSCluster",
-		}
-
-		gvkAzureCluster = schema.GroupVersionKind{
-			Group:   "infrastructure.cluster.x-k8s.io",
-			Version: "v1beta1",
-			Kind:    "AzureCluster",
-		}
-
-		gvkMachine = schema.GroupVersionKind{
-			Group:   "cluster.x-k8s.io",
-			Version: "v1beta1",
-			Kind:    "Machine",
-		}
-	)
-
-	providerGVKs := map[string]schema.GroupVersionKind{
-		"aws":   gvkAWSCluster,
-		"azure": gvkAzureCluster,
+	gvkMachine := schema.GroupVersionKind{
+		Group:   "cluster.x-k8s.io",
+		Version: "v1beta1",
+		Kind:    "Machine",
 	}
 
 	// Associate the provider with it's GVK
 	for _, provider := range providers {
-		gvk, ok := providerGVKs[provider]
-		if !ok {
+		gvk := providersloader.GetClusterGVK(provider)
+		if !gvk.Empty() {
 			continue
 		}
 
@@ -634,13 +616,12 @@ func (r *ClusterDeploymentReconciler) getInfraProvidersNames(ctx context.Context
 		return nil, err
 	}
 
-	const infraPrefix = "infrastructure-"
 	var (
 		ips     = make([]string, 0, len(template.Status.Providers))
-		lprefix = len(infraPrefix)
+		lprefix = len(providersloader.InfraPrefix)
 	)
 	for _, v := range template.Status.Providers {
-		if idx := strings.Index(v, infraPrefix); idx > -1 {
+		if idx := strings.Index(v, providersloader.InfraPrefix); idx > -1 {
 			ips = append(ips, v[idx+lprefix:])
 		}
 	}
@@ -717,73 +698,36 @@ func (r *ClusterDeploymentReconciler) reconcileCredentialPropagation(ctx context
 	}
 
 	for _, provider := range providers {
-		switch provider {
-		case "aws":
-			l.Info("Skipping creds propagation for AWS")
-		case "azure":
-			l.Info("Azure creds propagation start")
-			if err := credspropagation.PropagateAzureSecrets(ctx, propnCfg); err != nil {
-				errMsg := fmt.Sprintf("failed to create Azure CCM credentials: %s", err)
-				apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
-					Type:    hmc.CredentialsPropagatedCondition,
-					Status:  metav1.ConditionFalse,
-					Reason:  hmc.FailedReason,
-					Message: errMsg,
-				})
-
-				return errors.New(errMsg)
-			}
+		titleName := providersloader.GetProviderTitleName(provider)
 
+		f, ok := providersloader.CredentialPropagationFunc(provider)
+		if !ok || titleName == "" {
 			apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
 				Type:    hmc.CredentialsPropagatedCondition,
-				Status:  metav1.ConditionTrue,
-				Reason:  hmc.SucceededReason,
-				Message: "Azure CCM credentials created",
+				Status:  metav1.ConditionFalse,
+				Reason:  hmc.FailedReason,
+				Message: "unsupported infrastructure provider " + provider,
 			})
-		case "vsphere":
-			l.Info("vSphere creds propagation start")
-			if err := credspropagation.PropagateVSphereSecrets(ctx, propnCfg); err != nil {
-				errMsg := fmt.Sprintf("failed to create vSphere CCM credentials: %s", err)
-				apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
-					Type:    hmc.CredentialsPropagatedCondition,
-					Status:  metav1.ConditionFalse,
-					Reason:  hmc.FailedReason,
-					Message: errMsg,
-				})
-				return errors.New(errMsg)
-			}
 
+			continue
+		}
+
+		enabled, err := f(ctx, propnCfg, l)
+		if err != nil {
+			errMsg := fmt.Sprintf("failed to create %s CCM credentials: %s", titleName, err)
 			apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
 				Type:    hmc.CredentialsPropagatedCondition,
-				Status:  metav1.ConditionTrue,
-				Reason:  hmc.SucceededReason,
-				Message: "vSphere CCM credentials created",
+				Status:  metav1.ConditionFalse,
+				Reason:  hmc.FailedReason,
+				Message: errMsg,
 			})
-		case "openstack":
-			l.Info("OpenStack creds propagation start")
-			if err := credspropagation.PropagateOpenStackSecrets(ctx, propnCfg); err != nil {
-				errMsg := fmt.Sprintf("failed to create OpenStack CCM credentials: %s", err)
-				apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
-					Type:    hmc.CredentialsPropagatedCondition,
-					Status:  metav1.ConditionFalse,
-					Reason:  hmc.FailedReason,
-					Message: errMsg,
-				})
-				return errors.New(errMsg)
-			}
-
+			return errors.New(errMsg)
+		} else if enabled {
 			apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
 				Type:    hmc.CredentialsPropagatedCondition,
 				Status:  metav1.ConditionTrue,
 				Reason:  hmc.SucceededReason,
-				Message: "OpenStack CCM credentials created",
-			})
-		default:
-			apimeta.SetStatusCondition(clusterDeployment.GetConditions(), metav1.Condition{
-				Type:    hmc.CredentialsPropagatedCondition,
-				Status:  metav1.ConditionFalse,
-				Reason:  hmc.FailedReason,
-				Message: "unsupported infrastructure provider " + provider,
+				Message: titleName + " CCM credentials created",
 			})
 		}
 	}

@@ -48,6 +48,7 @@ import (
 	"github.com/K0rdent/kcm/internal/build"
 	"github.com/K0rdent/kcm/internal/helm"
 	"github.com/K0rdent/kcm/internal/utils"
+	"github.com/K0rdent/kcm/pkg/providers"
 )
 
 // ReleaseReconciler reconciles a Template object
@@ -200,7 +201,7 @@ func (r *ReleaseReconciler) ensureManagement(ctx context.Context) error {
 	if err != nil {
 		return err
 	}
-	mgmtObj.Spec.Providers = hmc.GetDefaultProviders()
+	mgmtObj.Spec.Providers = providers.List()
 
 	getter := helm.NewMemoryRESTClientGetter(r.Config, r.RESTMapper())
 	actionConfig := new(action.Configuration)

@@ -31,6 +31,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 
 	hmcv1alpha1 "github.com/K0rdent/kcm/api/v1alpha1"
+	providersloader "github.com/K0rdent/kcm/pkg/providers"
 )
 
 type ClusterDeploymentValidator struct {
@@ -239,7 +240,7 @@ func (v *ClusterDeploymentValidator) validateCredential(ctx context.Context, clu
 
 	hasInfra := false
 	for _, v := range template.Status.Providers {
-		if strings.HasPrefix(v, "infrastructure-") {
+		if strings.HasPrefix(v, providersloader.InfraPrefix) {
 			hasInfra = true
 			break
 		}
@@ -269,30 +270,25 @@ func isCredMatchTemplate(cred *hmcv1alpha1.Credential, template *hmcv1alpha1.Clu
 	}
 
 	for _, provider := range template.Status.Providers {
-		switch provider {
-		case "infrastructure-aws":
-			if idtyKind != "AWSClusterStaticIdentity" &&
-				idtyKind != "AWSClusterRoleIdentity" &&
-				idtyKind != "AWSClusterControllerIdentity" {
-				return errMsg(provider)
-			}
-		case "infrastructure-azure":
-			if idtyKind != "AzureClusterIdentity" &&
-				idtyKind != "Secret" {
-				return errMsg(provider)
-			}
-		case "infrastructure-vsphere":
-			if idtyKind != "VSphereClusterIdentity" {
-				return errMsg(provider)
-			}
-		case "infrastructure-openstack", "infrastructure-internal":
+		if provider == providersloader.InfraPrefix+"internal" {
 			if idtyKind != "Secret" {
 				return errMsg(provider)
 			}
-		default:
-			if strings.HasPrefix(provider, "infrastructure-") {
+
+			continue
+		}
+
+		idtys, found := providersloader.GetClusterIdentityKind(provider)
+		if !found {
+			if strings.HasPrefix(provider, providersloader.InfraPrefix) {
 				return fmt.Errorf("unsupported infrastructure provider %s", provider)
 			}
+
+			continue
+		}
+
+		if !slices.Contains(idtys, idtyKind) {
+			return errMsg(provider)
 		}
 	}