From f8899d27cdf14d17894906a2df523650210db57c Mon Sep 17 00:00:00 2001 From: Tyler Gillson Date: Thu, 14 Aug 2025 07:44:27 -0700 Subject: [PATCH 1/5] feat: allow spoke kubeconfig edits Signed-off-by: Tyler Gillson --- fleetconfig-controller/api/v1alpha1/validation.go | 11 ++++++++++- fleetconfig-controller/internal/controller/spoke.go | 4 ++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/fleetconfig-controller/api/v1alpha1/validation.go b/fleetconfig-controller/api/v1alpha1/validation.go index 4c05ea11..4947ceb5 100644 --- a/fleetconfig-controller/api/v1alpha1/validation.go +++ b/fleetconfig-controller/api/v1alpha1/validation.go @@ -23,8 +23,11 @@ import ( // - spec.addOnConfig // - spec.registrationAuth.* // - spec.hub.clusterManager.source.* -// - spec.spokes[*].klusterlet.source.* // - spec.spokes[*].addOns +// - spec.spokes[*].klusterlet.annotations +// - spec.spokes[*].klusterlet.source.* +// - spec.spokes[*].klusterlet.values +// - spec.spokes[*].kubeconfig func allowFleetConfigUpdate(newObject *FleetConfig, oldObject *FleetConfig) error { // Hub check @@ -57,8 +60,14 @@ func allowFleetConfigUpdate(newObject *FleetConfig, oldObject *FleetConfig) erro if oldSpoke, exists := oldSpokes[newSpoke.Name]; exists { oldSpokeCopy := oldSpoke newSpokeCopy := newSpoke + oldSpokeCopy.Klusterlet.Annotations = nil + newSpokeCopy.Klusterlet.Annotations = nil oldSpokeCopy.Klusterlet.Source = (OCMSource{}) newSpokeCopy.Klusterlet.Source = (OCMSource{}) + oldSpokeCopy.Klusterlet.Values = nil + newSpokeCopy.Klusterlet.Values = nil + oldSpokeCopy.Kubeconfig = Kubeconfig{} + newSpokeCopy.Kubeconfig = Kubeconfig{} newSpokeCopy.AddOns = []AddOn{} oldSpokeCopy.AddOns = []AddOn{} diff --git a/fleetconfig-controller/internal/controller/spoke.go b/fleetconfig-controller/internal/controller/spoke.go index 1bad63e1..93f9cdaf 100644 --- a/fleetconfig-controller/internal/controller/spoke.go +++ b/fleetconfig-controller/internal/controller/spoke.go @@ -6,7 +6,6 @@ import ( "errors" "fmt" "os/exec" - "reflect" "regexp" "slices" "strings" @@ -54,13 +53,14 @@ func handleSpokes(ctx context.Context, kClient client.Client, fc *v1alpha1.Fleet joinedSpokes := make([]v1alpha1.JoinedSpoke, 0) for _, js := range fc.Status.JoinedSpokes { if !slices.ContainsFunc(fc.Spec.Spokes, func(spoke v1alpha1.Spoke) bool { - return spoke.Name == js.Name && reflect.DeepEqual(spoke.Kubeconfig, js.Kubeconfig) + return spoke.Name == js.Name }) { err = deregisterSpoke(ctx, kClient, hubKubeconfig, fc, &js) if err != nil { fc.SetConditions(true, v1alpha1.NewCondition( err.Error(), js.UnjoinType(), metav1.ConditionFalse, metav1.ConditionTrue, )) + // if deregistration fails, retain the joined spoke in the status joinedSpokes = append(joinedSpokes, js) continue } From e06bd0e11b7e53032067cf698dfb55b5f7043cf4 Mon Sep 17 00:00:00 2001 From: Tyler Gillson Date: Thu, 14 Aug 2025 07:45:02 -0700 Subject: [PATCH 2/5] fix: ensure webhook svc endpoints in debug mode Signed-off-by: Tyler Gillson --- fleetconfig-controller/config/devspace/manager.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fleetconfig-controller/config/devspace/manager.yaml b/fleetconfig-controller/config/devspace/manager.yaml index d3b64ebf..4852e273 100644 --- a/fleetconfig-controller/config/devspace/manager.yaml +++ b/fleetconfig-controller/config/devspace/manager.yaml @@ -6,12 +6,12 @@ spec: replicas: 1 selector: matchLabels: - app.kubernetes.io/instance: fleetconfig-controller-local + app.kubernetes.io/instance: fleetconfig-controller app.kubernetes.io/name: fleetconfig-controller template: metadata: labels: - app.kubernetes.io/instance: fleetconfig-controller-local + app.kubernetes.io/instance: fleetconfig-controller app.kubernetes.io/name: fleetconfig-controller spec: serviceAccountName: fleetconfig-controller-manager From 61b2c6f0e8ac3bc691f2b39f0922360e58bf0f56 Mon Sep 17 00:00:00 2001 From: Tyler Gillson Date: Thu, 14 Aug 2025 07:45:17 -0700 Subject: [PATCH 3/5] chore: clarify kubeconfig key error message Signed-off-by: Tyler Gillson --- fleetconfig-controller/internal/kube/kube.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fleetconfig-controller/internal/kube/kube.go b/fleetconfig-controller/internal/kube/kube.go index be68ddbb..cffa70de 100644 --- a/fleetconfig-controller/internal/kube/kube.go +++ b/fleetconfig-controller/internal/kube/kube.go @@ -110,7 +110,7 @@ func KubeconfigFromSecret(ctx context.Context, kClient client.Client, kubeconfig } raw, ok := secret.Data[kubeconfigKey] if !ok { - return nil, fmt.Errorf("failed to get kubeconfig for ref %s/%s using key %s", secretRef.Namespace, secretRef.Name, kubeconfigKey) + return nil, fmt.Errorf("kubeconfig key '%s' not found in %s/%s secret", kubeconfigKey, secretRef.Namespace, secretRef.Name) } return raw, nil From a83ca7a80178beb7660a2b2a23f74a3de557907e Mon Sep 17 00:00:00 2001 From: Tyler Gillson Date: Thu, 14 Aug 2025 07:47:47 -0700 Subject: [PATCH 4/5] chore: revert extra diff Signed-off-by: Tyler Gillson --- fleetconfig-controller/api/v1alpha1/validation.go | 6 ------ 1 file changed, 6 deletions(-) diff --git a/fleetconfig-controller/api/v1alpha1/validation.go b/fleetconfig-controller/api/v1alpha1/validation.go index 4947ceb5..ee43b275 100644 --- a/fleetconfig-controller/api/v1alpha1/validation.go +++ b/fleetconfig-controller/api/v1alpha1/validation.go @@ -24,9 +24,7 @@ import ( // - spec.registrationAuth.* // - spec.hub.clusterManager.source.* // - spec.spokes[*].addOns -// - spec.spokes[*].klusterlet.annotations // - spec.spokes[*].klusterlet.source.* -// - spec.spokes[*].klusterlet.values // - spec.spokes[*].kubeconfig func allowFleetConfigUpdate(newObject *FleetConfig, oldObject *FleetConfig) error { @@ -60,12 +58,8 @@ func allowFleetConfigUpdate(newObject *FleetConfig, oldObject *FleetConfig) erro if oldSpoke, exists := oldSpokes[newSpoke.Name]; exists { oldSpokeCopy := oldSpoke newSpokeCopy := newSpoke - oldSpokeCopy.Klusterlet.Annotations = nil - newSpokeCopy.Klusterlet.Annotations = nil oldSpokeCopy.Klusterlet.Source = (OCMSource{}) newSpokeCopy.Klusterlet.Source = (OCMSource{}) - oldSpokeCopy.Klusterlet.Values = nil - newSpokeCopy.Klusterlet.Values = nil oldSpokeCopy.Kubeconfig = Kubeconfig{} newSpokeCopy.Kubeconfig = Kubeconfig{} newSpokeCopy.AddOns = []AddOn{} From 9d8f9bff59e4ca92ca9391b987db61eebae8ec22 Mon Sep 17 00:00:00 2001 From: Tyler Gillson Date: Thu, 14 Aug 2025 08:59:13 -0700 Subject: [PATCH 5/5] chore: fix whitespace from merge Signed-off-by: Tyler Gillson --- fleetconfig-controller/api/v1alpha1/validation.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fleetconfig-controller/api/v1alpha1/validation.go b/fleetconfig-controller/api/v1alpha1/validation.go index 4eb6b345..da75f57c 100644 --- a/fleetconfig-controller/api/v1alpha1/validation.go +++ b/fleetconfig-controller/api/v1alpha1/validation.go @@ -66,7 +66,7 @@ func allowFleetConfigUpdate(newObject *FleetConfig, oldObject *FleetConfig) erro newSpokeCopy.Klusterlet.Source = (OCMSource{}) oldSpokeCopy.Klusterlet.Values = nil newSpokeCopy.Klusterlet.Values = nil - oldSpokeCopy.Kubeconfig = Kubeconfig{} + oldSpokeCopy.Kubeconfig = Kubeconfig{} newSpokeCopy.Kubeconfig = Kubeconfig{} newSpokeCopy.AddOns = []AddOn{} oldSpokeCopy.AddOns = []AddOn{}