Merge pull request #1788 from deads2k/featuregate-by-cluster-profile

specify Featuregates by cluster profile
openshift · Mar 11, 2024 · e3b1aac · e3b1aac
2 parents 5f93ef6 + 68c8c83
commit e3b1aac
Show file tree

Hide file tree

Showing 15 changed files with 1,557 additions and 937 deletions.
diff --git a/config/v1/feature_gates.go b/config/v1/feature_gates.go
diff --git a/config/v1/feature_gates_test.go b/config/v1/feature_gates_test.go
diff --git a/config/v1/types_feature.go b/config/v1/types_feature.go
@@ -1,8 +1,6 @@
 package v1
 
 import (
-	"fmt"
-
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -52,6 +50,9 @@ var (
 
 	// TopologyManager enables ToplogyManager support. Upgrades are enabled with this feature.
 	LatencySensitive FeatureSet = "LatencySensitive"
+
+	// AllFixedFeatureSets are the featuresets that have known featuregates.  Custom doesn't for instance.  LatencySensitive is dead
+	AllFixedFeatureSets = []FeatureSet{Default, TechPreviewNoUpgrade}
 )
 
 type FeatureGateSpec struct {
@@ -148,179 +149,3 @@ type FeatureGateEnabledDisabled struct {
 	Enabled  []FeatureGateDescription
 	Disabled []FeatureGateDescription
 }
-
-// FeatureSets Contains a map of Feature names to Enabled/Disabled Feature.
-//
-// NOTE: The caller needs to make sure to check for the existence of the value
-// using golang's existence field. A possible scenario is an upgrade where new
-// FeatureSets are added and a controller has not been upgraded with a newer
-// version of this file. In this upgrade scenario the map could return nil.
-//
-// example:
-//
-//	if featureSet, ok := FeatureSets["SomeNewFeature"]; ok { }
-//
-// If you put an item in either of these lists, put your area and name on it so we can find owners.
-var FeatureSets = map[FeatureSet]*FeatureGateEnabledDisabled{
-	Default: defaultFeatures,
-	CustomNoUpgrade: {
-		Enabled: []FeatureGateDescription{},
-		Disabled: []FeatureGateDescription{
-			disableKubeletCloudCredentialProviders, // We do not currently ship the correct config to use the external credentials provider.
-		},
-	},
-	TechPreviewNoUpgrade: newDefaultFeatures().
-		with(validatingAdmissionPolicy).
-		with(csiDriverSharedResource).
-		with(nodeSwap).
-		with(machineAPIProviderOpenStack).
-		with(insightsConfigAPI).
-		with(dynamicResourceAllocation).
-		with(gateGatewayAPI).
-		with(maxUnavailableStatefulSet).
-		without(eventedPleg).
-		with(sigstoreImageVerification).
-		with(gcpLabelsTags).
-		with(gcpClusterHostedDNS).
-		with(vSphereStaticIPs).
-		with(routeExternalCertificate).
-		with(automatedEtcdBackup).
-		without(machineAPIOperatorDisableMachineHealthCheckController).
-		with(adminNetworkPolicy).
-		with(dnsNameResolver).
-		with(machineConfigNodes).
-		with(metricsServer).
-		with(installAlternateInfrastructureAWS).
-		without(clusterAPIInstall).
-		with(mixedCPUsAllocation).
-		with(managedBootImages).
-		without(disableKubeletCloudCredentialProviders).
-		with(onClusterBuild).
-		with(signatureStores).
-		with(pinnedImages).
-		with(upgradeStatus).
-		with(translateStreamCloseWebsocketRequests).
-		with(volumeGroupSnapshot).
-		with(externalOIDC).
-		with(example).
-		with(hardwareSpeed).
-		with(platformOperators).
-		with(externalRouteCertificate).
-		with(bareMetalLoadBalancer).
-		with(insightsOnDemandDataGather).
-		with(alertingRules).
-		toFeatures(defaultFeatures),
-	LatencySensitive: newDefaultFeatures().
-		toFeatures(defaultFeatures),
-}
-
-var defaultFeatures = &FeatureGateEnabledDisabled{
-	Enabled: []FeatureGateDescription{
-		openShiftPodSecurityAdmission,
-		alibabaPlatform, // This is a bug, it should be TechPreviewNoUpgrade. This must be downgraded before 4.14 is shipped.
-		azureWorkloadIdentity,
-		cloudDualStackNodeIPs,
-		externalCloudProvider,
-		externalCloudProviderAzure,
-		externalCloudProviderGCP,
-		externalCloudProviderExternal,
-		privateHostedZoneAWS,
-		buildCSIVolumes,
-		kmsv1,
-		vSphereControlPlaneMachineset,
-		sdnLiveMigration,
-	},
-	Disabled: []FeatureGateDescription{
-		disableKubeletCloudCredentialProviders, // We do not currently ship the correct config to use the external credentials provider.
-	},
-}
-
-type featureSetBuilder struct {
-	forceOn  []FeatureGateDescription
-	forceOff []FeatureGateDescription
-}
-
-func newDefaultFeatures() *featureSetBuilder {
-	return &featureSetBuilder{}
-}
-
-func (f *featureSetBuilder) with(forceOn FeatureGateDescription) *featureSetBuilder {
-	for _, curr := range f.forceOn {
-		if curr.FeatureGateAttributes.Name == forceOn.FeatureGateAttributes.Name {
-			panic(fmt.Errorf("coding error: %q enabled twice", forceOn.FeatureGateAttributes.Name))
-		}
-	}
-	f.forceOn = append(f.forceOn, forceOn)
-	return f
-}
-
-func (f *featureSetBuilder) without(forceOff FeatureGateDescription) *featureSetBuilder {
-	for _, curr := range f.forceOff {
-		if curr.FeatureGateAttributes.Name == forceOff.FeatureGateAttributes.Name {
-			panic(fmt.Errorf("coding error: %q disabled twice", forceOff.FeatureGateAttributes.Name))
-		}
-	}
-	f.forceOff = append(f.forceOff, forceOff)
-	return f
-}
-
-func (f *featureSetBuilder) isForcedOff(needle FeatureGateDescription) bool {
-	for _, forcedOff := range f.forceOff {
-		if needle.FeatureGateAttributes.Name == forcedOff.FeatureGateAttributes.Name {
-			return true
-		}
-	}
-	return false
-}
-
-func (f *featureSetBuilder) isForcedOn(needle FeatureGateDescription) bool {
-	for _, forceOn := range f.forceOn {
-		if needle.FeatureGateAttributes.Name == forceOn.FeatureGateAttributes.Name {
-			return true
-		}
-	}
-	return false
-}
-
-func (f *featureSetBuilder) toFeatures(defaultFeatures *FeatureGateEnabledDisabled) *FeatureGateEnabledDisabled {
-	finalOn := []FeatureGateDescription{}
-	finalOff := []FeatureGateDescription{}
-
-	// only add the default enabled features if they haven't been explicitly set off
-	for _, defaultOn := range defaultFeatures.Enabled {
-		if !f.isForcedOff(defaultOn) {
-			finalOn = append(finalOn, defaultOn)
-		}
-	}
-	for _, currOn := range f.forceOn {
-		if f.isForcedOff(currOn) {
-			panic("coding error, you can't have features both on and off")
-		}
-		found := false
-		for _, alreadyOn := range finalOn {
-			if alreadyOn.FeatureGateAttributes.Name == currOn.FeatureGateAttributes.Name {
-				found = true
-			}
-		}
-		if found {
-			continue
-		}
-
-		finalOn = append(finalOn, currOn)
-	}
-
-	// only add the default disabled features if they haven't been explicitly set on
-	for _, defaultOff := range defaultFeatures.Disabled {
-		if !f.isForcedOn(defaultOff) {
-			finalOff = append(finalOff, defaultOff)
-		}
-	}
-	for _, currOff := range f.forceOff {
-		finalOff = append(finalOff, currOff)
-	}
-
-	return &FeatureGateEnabledDisabled{
-		Enabled:  finalOn,
-		Disabled: finalOff,
-	}
-}
diff --git a/config/v1/types_features_test.go b/config/v1/types_features_test.go