Render featuregate using config operator in ignition server init cont…

…ainer
openshift · May 24, 2023 · 9add569 · 9add569
1 parent fb98a80
commit 9add569
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 45 deletions.
diff --git a/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go b/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go
@@ -902,7 +902,7 @@ func (r *HostedControlPlaneReconciler) reconcile(ctx context.Context, hostedCont
 		createOrUpdate,
 		releaseImageProvider.Version(),
 		releaseImageProvider.GetImage(util.CPOImageName),
-		releaseImageProvider.GetImage("cli"),
+		releaseImageProvider.GetImage("cluster-config-operator"),
 		hostedControlPlane,
 		r.DefaultIngressDomain,
 		// The healthz handler was added before the CPO started to manage the ignition server, and it's the same binary,

diff --git a/control-plane-operator/controllers/hostedcontrolplane/ignitionserver/ignitionserver.go b/control-plane-operator/controllers/hostedcontrolplane/ignitionserver/ignitionserver.go
@@ -1,15 +1,16 @@
 package ignitionserver
 
 import (
+	"bytes"
 	"context"
 	"fmt"
 	"net"
 	"strings"
 
 	configv1 "github.com/openshift/api/config/v1"
 	routev1 "github.com/openshift/api/route/v1"
+	"github.com/openshift/hypershift/api"
 	hyperv1 "github.com/openshift/hypershift/api/v1beta1"
-	"github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/manifests"
 	"github.com/openshift/hypershift/hypershift-operator/controllers/manifests/controlplaneoperator"
 	"github.com/openshift/hypershift/hypershift-operator/controllers/manifests/ignitionserver"
 	"github.com/openshift/hypershift/support/certs"
@@ -34,7 +35,7 @@ func ReconcileIgnitionServer(ctx context.Context,
 	createOrUpdate upsert.CreateOrUpdateFN,
 	releaseVersion string,
 	utilitiesImage string,
-	cliImage string,
+	configOperatorImage string,
 	hcp *hyperv1.HostedControlPlane,
 	defaultIngressDomain string,
 	hasHealthzHandler bool,
@@ -257,10 +258,24 @@ func ReconcileIgnitionServer(ctx context.Context,
 	}
 
 	// Use the default FeatureSet unless otherwise specified.
-	guestFeatureSet := configv1.Default
-	if hcp.Spec.Configuration != nil && hcp.Spec.Configuration.FeatureGate != nil && hcp.Spec.Configuration.FeatureGate.FeatureSet != "" {
-		guestFeatureSet = hcp.Spec.Configuration.FeatureGate.FeatureSet
+	featureGate := &configv1.FeatureGate{
+		TypeMeta: metav1.TypeMeta{
+			Kind:       "FeatureGate",
+			APIVersion: configv1.GroupVersion.String(),
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: "cluster",
+		},
 	}
+	if hcp.Spec.Configuration != nil && hcp.Spec.Configuration.FeatureGate != nil {
+		featureGate.Spec = *hcp.Spec.Configuration.FeatureGate
+	}
+
+	featureGateBuffer := &bytes.Buffer{}
+	if err := api.YamlSerializer.Encode(featureGate, featureGateBuffer); err != nil {
+		return fmt.Errorf("failed to encode feature gates: %w", err)
+	}
+	featureGateYAML := featureGateBuffer.String()
 
 	// Reconcile deployment
 	ignitionServerDeployment := ignitionserver.Deployment(controlPlaneNamespace)
@@ -305,16 +320,6 @@ func ReconcileIgnitionServer(ctx context.Context,
 								EmptyDir: &corev1.EmptyDirVolumeSource{},
 							},
 						},
-						{
-							Name: "guest-kubeconfig",
-							VolumeSource: corev1.VolumeSource{
-								Secret: &corev1.SecretVolumeSource{
-									// Mount the kubeconfig for the guest cluster to fetch the FeatureGate.
-									SecretName:  manifests.KASServiceKubeconfigSecret("").Name,
-									DefaultMode: utilpointer.Int32(0640),
-								},
-							},
-						},
 						{
 							Name: "shared",
 							VolumeSource: corev1.VolumeSource{
@@ -325,20 +330,14 @@ func ReconcileIgnitionServer(ctx context.Context,
 					InitContainers: []corev1.Container{
 						{
 							Name:            "fetch-feature-gate",
-							Image:           cliImage,
+							Image:           configOperatorImage,
 							ImagePullPolicy: corev1.PullIfNotPresent,
-							Env: []corev1.EnvVar{
-								{
-									Name:  "KUBECONFIG",
-									Value: fmt.Sprintf("/var/secrets/guest-kubeconfig/%s", hcp.Status.KubeConfig.Key),
-								},
-							},
 							Command: []string{
 								"/bin/bash",
 							},
 							Args: []string{
 								"-c",
-								fetchFeatureGateScript(guestFeatureSet, releaseVersion),
+								invokeFeatureGateRenderScript("/shared", releaseVersion, string(featureGateYAML)),
 							},
 							Resources: corev1.ResourceRequirements{
 								Requests: corev1.ResourceList{
@@ -347,10 +346,6 @@ func ReconcileIgnitionServer(ctx context.Context,
 								},
 							},
 							VolumeMounts: []corev1.VolumeMount{
-								{
-									Name:      "guest-kubeconfig",
-									MountPath: "/var/secrets/guest-kubeconfig",
-								},
 								{
 									Name:      "shared",
 									MountPath: "/shared",
@@ -535,21 +530,24 @@ func convertRegistryOverridesToCommandLineFlag(registryOverrides map[string]stri
 	return "="
 }
 
-func fetchFeatureGateScript(featureSet configv1.FeatureSet, payloadVersion string) string {
-	var script = `#!/bin/sh
-if [[ $(oc get featuregate cluster -o json | jq -r .spec.featureSet) != "%s" ]]; then
-	echo "FeatureGate has not been updated with current feature set yet."
-	sleep 1
-	exit 1
-fi
+func invokeFeatureGateRenderScript(workDir, payloadVersion, featureGateYAML string) string {
+	var script = `#!/bin/bash
+set -e
+cd /tmp
+mkdir input output manifests
 
-if [[ ! -z $(oc get featuregate cluster -o json | jq '.status.featureGates[] | select(.version == "%s")') ]]; then
-	echo "FeatureGate has not rendered current payload version yet."
-	sleep 1
-	exit 1
-fi
+touch /tmp/manifests/99_feature-gate.yaml
+cat <<EOF >/tmp/manifests/99_feature-gate.yaml
+%[3]s
+EOF
 
-oc get featuregate cluster -o yaml > /shared/99_feature-gate.yaml
+/usr/bin/cluster-config-operator render \
+   --config-output-file config \
+   --asset-input-dir /tmp/input \
+   --asset-output-dir /tmp/output \
+   --rendered-manifest-files=/tmp/manifests \
+   --payload-version=%[2]s
+cp /tmp/manifests/99_feature-gate.yaml %[1]s/99_feature-gate.yaml
 `
-	return fmt.Sprintf(script, featureSet, payloadVersion)
+	return fmt.Sprintf(script, workDir, payloadVersion, featureGateYAML)
 }
diff --git a/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go b/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go
@@ -1495,12 +1495,12 @@ func (r *HostedClusterReconciler) reconcile(ctx context.Context, req ctrl.Reques
 		return ctrl.Result{}, fmt.Errorf("failed to reconcile control plane operator: %w", err)
 	}
 
-	cliImage, releaseVersion, err := func() (string, string, error) {
+	configOperatorImage, releaseVersion, err := func() (string, string, error) {
 		releaseInfo, err := r.ReleaseProvider.Lookup(ctx, hcluster.Spec.Release.Image, pullSecretBytes)
 		if err != nil {
 			return "", "", fmt.Errorf("failed to lookup release image: %w", err)
 		}
-		return releaseInfo.ComponentImages()["cli"], releaseInfo.Version(), nil
+		return releaseInfo.ComponentImages()["cluster-config-operator"], releaseInfo.Version(), nil
 	}()
 	if err != nil {
 		return ctrl.Result{}, fmt.Errorf("failed to get cli image: %w", err)
@@ -1513,7 +1513,7 @@ func (r *HostedClusterReconciler) reconcile(ctx context.Context, req ctrl.Reques
 			createOrUpdate,
 			releaseVersion,
 			utilitiesImage,
-			cliImage,
+			configOperatorImage,
 			hcp,
 			defaultIngressDomain,
 			ignitionServerHasHealthzHandler,