feat: support CAPI v1alpha4

This PR will add all of the changes necessary for supporting CAPI v1alpha4 resources.

Signed-off-by: Gerard de Leeuw <[email protected]>
Signed-off-by: Artem Chernyshev <[email protected]>

Dockerfile

@@ -59,7 +59,7 @@ ARG TAG
 RUN cd config/manager \
   && kustomize edit set image controller=${REGISTRY_AND_USERNAME}/${NAME}:${TAG} \
   && cd - \
-  && kustomize build config >/control-plane-components.yaml \
+  && kustomize build config/default >/control-plane-components.yaml \
   && cp config/metadata/metadata.yaml /metadata.yaml
 
 FROM scratch AS release

config/crd/kustomization.yaml

@@ -1,5 +1,10 @@
+# This kustomization.yaml is not intended to be run by itself,
+# since it depends on service name and namespace that are out of this kustomize package.
+# It should be run by config/default
 commonLabels:
   cluster.x-k8s.io/v1alpha3: v1alpha3
+  cluster.x-k8s.io/v1alpha4: v1alpha3
+
 # This kustomization.yaml is not intended to be run by itself,
 # since it depends on service name and namespace that are out of this kustomize package.
 # It should be run by config/default

config/default/kustomization.yaml

@@ -1,8 +1,52 @@
 namespace: cacppt-system
 
+namePrefix: cacppt-
+
+# Labels to add to all resources and selectors.
+commonLabels:
+  cluster.x-k8s.io/provider: "control-plane-talos"
+
 resources:
   - namespace.yaml
 
 bases:
-- ../rbac
-- ../manager
+  - ../crd
+  - ../certmanager
+  - ../webhook
+  - ../rbac
+  - ../manager
+
+patchesStrategicMerge:
+  - manager_webhook_patch.yaml
+#  - webhookcainjection_patch.yaml
+
+vars:
+  - name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
+    objref:
+      kind: Certificate
+      group: cert-manager.io
+      version: v1alpha2
+      name: serving-cert # this name should match the one in certificate.yaml
+    fieldref:
+      fieldpath: metadata.namespace
+  - name: CERTIFICATE_NAME
+    objref:
+      kind: Certificate
+      group: cert-manager.io
+      version: v1alpha2
+      name: serving-cert # this name should match the one in certificate.yaml
+  - name: SERVICE_NAMESPACE # namespace of the service
+    objref:
+      kind: Service
+      version: v1
+      name: webhook-service
+    fieldref:
+      fieldpath: metadata.namespace
+  - name: SERVICE_NAME
+    objref:
+      kind: Service
+      version: v1
+      name: webhook-service
+
+configurations:
+  - kustomizeconfig.yaml

config/default/kustomizeconfig.yaml

@@ -0,0 +1,4 @@
+# This configuration is for teaching kustomize how to update name ref and var substitution
+varReference:
+  - kind: Deployment
+    path: spec/template/spec/volumes/secret/secretName

config/webhook/manager_webhook_patch.yaml → config/default/manager_webhook_patch.yaml

@@ -8,9 +8,6 @@ spec:
     spec:
       containers:
         - name: manager
-          args:
-            - "--metrics-addr=127.0.0.1:8080"
-            - "--webhook-port=9443"
           ports:
             - containerPort: 9443
               name: webhook-server

config/manager/manager.yaml

@@ -19,7 +19,7 @@ spec:
         - command:
             - /manager
           args:
-            - --metrics-addr=127.0.0.1:8080
+            - --metrics-bind-addr=127.0.0.1:8080
             - --enable-leader-election
           image: controller:latest
           imagePullPolicy: Always

config/metadata/metadata.yaml

@@ -7,3 +7,6 @@ releaseSeries:
 - major: 0
   minor: 2
   contract: v1alpha3
+- major: 0
+  minor: 3
+  contract: v1alpha4

config/rbac/auth_proxy_client_clusterrole.yaml

@@ -1,4 +1,4 @@
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: metrics-reader

config/rbac/leader_election_role.yaml

@@ -4,29 +4,41 @@ kind: Role
 metadata:
   name: leader-election-role
 rules:
-- apiGroups:
-  - ""
-  resources:
-  - configmaps
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - ""
-  resources:
-  - configmaps/status
-  verbs:
-  - get
-  - update
-  - patch
-- apiGroups:
-  - ""
-  resources:
-  - events
-  verbs:
-  - create
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - patch
+      - delete
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps/status
+    verbs:
+      - get
+      - update
+      - patch
+  - apiGroups:
+      - ""
+    resources:
+      - events
+    verbs:
+      - create
+  - apiGroups:
+      - "coordination.k8s.io"
+    resources:
+      - leases
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - patch
+      - delete

config/webhook/kustomization.yaml

@@ -3,40 +3,6 @@ namespace: capi-webhook-system
 resources:
   - manifests.yaml
   - service.yaml
-  - ../certmanager
-  - ../manager
 
 configurations:
   - kustomizeconfig.yaml
-
-patchesStrategicMerge:
-  - manager_webhook_patch.yaml
-#  - webhookcainjection_patch.yaml
-
-vars:
-  - name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
-    objref:
-      kind: Certificate
-      group: cert-manager.io
-      version: v1alpha2
-      name: serving-cert # this name should match the one in certificate.yaml
-    fieldref:
-      fieldpath: metadata.namespace
-  - name: CERTIFICATE_NAME
-    objref:
-      kind: Certificate
-      group: cert-manager.io
-      version: v1alpha2
-      name: serving-cert # this name should match the one in certificate.yaml
-  - name: SERVICE_NAMESPACE # namespace of the service
-    objref:
-      kind: Service
-      version: v1
-      name: webhook-service
-    fieldref:
-      fieldpath: metadata.namespace
-  - name: SERVICE_NAME
-    objref:
-      kind: Service
-      version: v1
-      name: webhook-service

config/webhook/kustomizeconfig.yaml

@@ -23,5 +23,3 @@ namespace:
 
 varReference:
   - path: metadata/annotations
-  - kind: Deployment
-    path: spec/template/spec/volumes/secret/secretName

controllers/configs.go

@@ -16,7 +16,7 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
-	capiv1 "sigs.k8s.io/cluster-api/api/v1alpha3"
+	capiv1 "sigs.k8s.io/cluster-api/api/v1alpha4"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -65,7 +65,7 @@ func (r *TalosControlPlaneReconciler) talosconfigForMachines(ctx context.Context
 		}
 
 		// grab all addresses as endpoints
-		node, err := clientset.CoreV1().Nodes().Get(machine.Status.NodeRef.Name, metav1.GetOptions{})
+		node, err := clientset.CoreV1().Nodes().Get(ctx, machine.Status.NodeRef.Name, metav1.GetOptions{})
 		if err != nil {
 			return nil, err
 		}

controllers/etcd.go

@@ -11,7 +11,7 @@ import (
 
 	"github.com/talos-systems/talos/pkg/machinery/api/machine"
 	talosclient "github.com/talos-systems/talos/pkg/machinery/client"
-	capiv1 "sigs.k8s.io/cluster-api/api/v1alpha3"
+	capiv1 "sigs.k8s.io/cluster-api/api/v1alpha4"
 	"sigs.k8s.io/cluster-api/util"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )