✨ Add extra root volume options

[johnharris85]

Signed-off-by: John Harris joharris@vmware.com

What this PR does / why we need it:
Allows users to specify additional options for a machine's root volume.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #1403

Notes:

• If a user wants to specify a KMS key, they need to ensure the relevant user / role has use permissions on the key. Should this be documented somewhere? (if so, where?)
• If EncryptionKey is set, we set Encrypted to true (even if it was omitted / set to false). Thought this was a reasonable assumption, but open to changes there (error if key set but encrypted missing / false).

[k8s-ci-robot]

Hi @johnharris85. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ncdc]

/ok-to-test
/assign

[ncdc]

Generally LGTM.

/approve

/assign @vincepri

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: johnharris85, ncdc

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [ncdc]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[johnharris85]

/retest

[johnharris85]

@vincepri pointed out on Slack this should have some restore logic built in to make sure we don't miss these fields from annotations. Will add that and address Andy's comments later today.

[vincepri]

Sounds good! Holding the PR until we have those in place

/hold

[johnharris85]

Addressed most of @vincepri comments (except the size question) and rebased.

[vincepri]

@johnharris85 Regarding #1498, I think the only thing I'd add is a kubebuilder validation tag that checks that Size is greater than 0, and remove all the checks where we do .Size != 0.

This makes sure that when a user sets the rootVolume struct, the size field should never be zero, if the struct is not-nil.

[johnharris85]

This func is basically identical to the one above (to get the root device name), just returning a different attribute. Thoughts on adjusting the above one (which is only used once) to return size and name to save an AWS call?

[detiber]

+1 to consolidating the calls. This can also be handled as a followup.

[vincepri]

/lgtm

@ncdc over to you to un-hold

[johnharris85]

Discussion w/ @vincepri on Slack around how to handle the size wrt defaults / validation -> https://app.slack.com/client/T09NY5SBT/CD6U2V71N/thread/CD6U2V71N-1580776492.150700.

Addressed all comments I think but left a couple questions in for feedback, can squash when ready.

[johnharris85]

Failure looks like generation out of date, but make verify succeeds on my machine...? (and make generate doesn't generate any changes?) Am I missing something?

[ncdc]

@johnharris85 try to rebase on top of master

[vincepri]

api/v1alpha3/awsmachine_webhook_test.go:27: File is not `gofmt`-ed with `-s` (gofmt)
		name       string
api/v1alpha2/awsmachine_conversion_test.go:154: File is not `gofmt`-ed with `-s` (gofmt)
}

@johnharris85 seems linting errors now

[randomvariable]

Should probably queue this one after #1525 so we get the object fuzzer, and then this will then need rebasing I think.

[johnharris85]

OK rebased now #1525 landed. Fuzzer found a couple bugs which I also fixed.

• AWSClusterStatus conversion funcs were using the auto conversions for Instance, changed to using the manual ones (with the additional volume options)
• AWSCluster conversion func needed to restore the bastion if present (from annotation)

[randomvariable]

/unhold
as we have the restore logic in place.

[randomvariable]

Should merge cleanly via 3-way, but merge after #1535

[ncdc]

@johnharris85 could you please rebase & resolve conflicts - thanks!

[detiber]

/lgtm