From b73a03e366936bb18c05649892760519c120b90b Mon Sep 17 00:00:00 2001 From: Francisco Augusto Date: Fri, 23 Jun 2023 11:58:07 +0200 Subject: [PATCH] Rollback custom resource group --- .../create/actions/createworker/azure.go | 18 +++++------------- .../actions/createworker/createworker.go | 2 +- .../createworker/templates/azure.aks.tmpl | 4 ++-- .../actions/createworker/templates/azure.tmpl | 2 +- pkg/commons/cluster.go | 3 +-- 5 files changed, 10 insertions(+), 19 deletions(-) diff --git a/pkg/cluster/internal/create/actions/createworker/azure.go b/pkg/cluster/internal/create/actions/createworker/azure.go index bf973938b7..c73b948705 100644 --- a/pkg/cluster/internal/create/actions/createworker/azure.go +++ b/pkg/cluster/internal/create/actions/createworker/azure.go @@ -138,9 +138,7 @@ func installCloudProvider(n nodes.Node, descriptorFile commons.DescriptorFile, k return nil } -func assignUserIdentity(d commons.DescriptorFile, s map[string]string) error { - var cluster string - +func assignUserIdentity(i string, c string, r string, s map[string]string) error { creds, err := azidentity.NewClientSecretCredential(s["TenantID"], s["ClientID"], s["ClientSecret"], nil) if err != nil { return err @@ -153,26 +151,20 @@ func assignUserIdentity(d commons.DescriptorFile, s map[string]string) error { } managedClustersClient := containerserviceClientFactory.NewManagedClustersClient() - if d.ControlPlane.Azure.ResourceGroup != "" { - cluster = d.ControlPlane.Azure.ResourceGroup - } else { - cluster = d.ClusterID - } - pollerResp, err := managedClustersClient.BeginCreateOrUpdate( - ctx, cluster, cluster, + ctx, c, c, armcontainerservice.ManagedCluster{ - Location: to.Ptr(d.Region), + Location: to.Ptr(r), Identity: &armcontainerservice.ManagedClusterIdentity{ Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned), UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{ - d.Security.NodesIdentity: {}, + i: {}, }, }, Properties: &armcontainerservice.ManagedClusterProperties{ IdentityProfile: map[string]*armcontainerservice.UserAssignedIdentity{ "kubeletidentity": { - ResourceID: to.Ptr(d.Security.NodesIdentity), + ResourceID: to.Ptr(i), }, }, }, diff --git a/pkg/cluster/internal/create/actions/createworker/createworker.go b/pkg/cluster/internal/create/actions/createworker/createworker.go index 1d8bc9b46b..6d6bb1ac4d 100644 --- a/pkg/cluster/internal/create/actions/createworker/createworker.go +++ b/pkg/cluster/internal/create/actions/createworker/createworker.go @@ -368,7 +368,7 @@ func (a *action) Execute(ctx *actions.ActionContext) error { if provider.capxProvider == "azure" && descriptorFile.ControlPlane.Managed && descriptorFile.Security.NodesIdentity != "" { // Update AKS cluster with the user kubelet identity until the provider supports it - err := assignUserIdentity(*descriptorFile, credentialsMap) + err := assignUserIdentity(descriptorFile.Security.NodesIdentity, descriptorFile.ClusterID, descriptorFile.Region, credentialsMap) if err != nil { return errors.Wrap(err, "failed to assign user identity to the workload Cluster") } diff --git a/pkg/cluster/internal/create/actions/createworker/templates/azure.aks.tmpl b/pkg/cluster/internal/create/actions/createworker/templates/azure.aks.tmpl index ad9e829cf7..3831c2a0bc 100644 --- a/pkg/cluster/internal/create/actions/createworker/templates/azure.aks.tmpl +++ b/pkg/cluster/internal/create/actions/createworker/templates/azure.aks.tmpl @@ -36,8 +36,8 @@ spec: location: "{{ .Descriptor.Region }}" sku: tier: "{{ .Descriptor.ControlPlane.Azure.Tier }}" - resourceGroupName: {{ if ne .Descriptor.ControlPlane.Azure.ResourceGroup "" }}{{ .Descriptor.ControlPlane.Azure.ResourceGroup }}{{ else }}{{ .Descriptor.ClusterID }}{{- end }} - nodeResourceGroupName: {{ if ne .Descriptor.ControlPlane.Azure.ResourceGroup "" }}{{ .Descriptor.ControlPlane.Azure.ResourceGroup }}{{ else }}{{ .Descriptor.ClusterID }}{{- end }}-nodes + resourceGroupName: {{ .Descriptor.ClusterID }} + nodeResourceGroupName: {{ .Descriptor.ClusterID }}-nodes networkPolicy: calico sshPublicKey: \"\" subscriptionID: "{{ .Credentials.SubscriptionID }}" diff --git a/pkg/cluster/internal/create/actions/createworker/templates/azure.tmpl b/pkg/cluster/internal/create/actions/createworker/templates/azure.tmpl index c7a6ee7492..b16221f230 100644 --- a/pkg/cluster/internal/create/actions/createworker/templates/azure.tmpl +++ b/pkg/cluster/internal/create/actions/createworker/templates/azure.tmpl @@ -46,7 +46,7 @@ spec: - name: node-subnet role: node {{- end }} - resourceGroup: {{ if ne .Descriptor.ControlPlane.Azure.ResourceGroup "" }}{{ .Descriptor.ControlPlane.Azure.ResourceGroup }}{{ else }}{{ .Descriptor.ClusterID }}{{- end }} + resourceGroup: {{ .Descriptor.ClusterID }} subscriptionID: {{ .Credentials.SubscriptionID }} --- apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 diff --git a/pkg/commons/cluster.go b/pkg/commons/cluster.go index 4ac7d619aa..787d0ef933 100644 --- a/pkg/commons/cluster.go +++ b/pkg/commons/cluster.go @@ -120,8 +120,7 @@ type AWSCP struct { } type AzureCP struct { - ResourceGroup string `yaml:"resource_group"` - Tier string `yaml:"tier" validate:"oneof='Free' 'Paid'"` + Tier string `yaml:"tier" validate:"oneof='Free' 'Paid'"` } type WorkerNodes []struct {