diff --git a/go.mod b/go.mod index 4bd6133e..d6cb4a20 100644 --- a/go.mod +++ b/go.mod @@ -28,10 +28,10 @@ require ( k8s.io/klog/v2 v2.130.1 k8s.io/kubectl v0.31.1 k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 - open-cluster-management.io/api v0.15.1-0.20250109024121-1a5e25a78a43 + open-cluster-management.io/api v0.15.1-0.20250116010516-3a595d6a4e40 open-cluster-management.io/cluster-proxy v0.4.0 open-cluster-management.io/managed-serviceaccount v0.6.0 - open-cluster-management.io/ocm v0.15.1-0.20250116085531-34275ef1eac8 + open-cluster-management.io/ocm v0.15.1-0.20250120013556-eeb4ab31d5ab open-cluster-management.io/sdk-go v0.15.1-0.20241125015855-1536c3970f8f sigs.k8s.io/apiserver-network-proxy v0.29.0 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3 diff --git a/go.sum b/go.sum index a9d0f0fb..f2bf2464 100644 --- a/go.sum +++ b/go.sum @@ -557,14 +557,14 @@ k8s.io/kubectl v0.31.1 h1:ih4JQJHxsEggFqDJEHSOdJ69ZxZftgeZvYo7M/cpp24= k8s.io/kubectl v0.31.1/go.mod h1:aNuQoR43W6MLAtXQ/Bu4GDmoHlbhHKuyD49lmTC8eJM= k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 h1:MDF6h2H/h4tbzmtIKTuctcwZmY0tY9mD9fNT47QO6HI= k8s.io/utils v0.0.0-20240921022957-49e7df575cb6/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -open-cluster-management.io/api v0.15.1-0.20250109024121-1a5e25a78a43 h1:9kgKRQQHMGNM1t+J+OrmF7hgZmND9kRwyRVnHIULzqw= -open-cluster-management.io/api v0.15.1-0.20250109024121-1a5e25a78a43/go.mod h1:9erZEWEn4bEqh0nIX2wA7f/s3KCuFycQdBrPrRzi0QM= +open-cluster-management.io/api v0.15.1-0.20250116010516-3a595d6a4e40 h1:LckTHZ68rcy3hDFu6wa7BVOJ9wbWItJLZXmi0bpMyh8= +open-cluster-management.io/api v0.15.1-0.20250116010516-3a595d6a4e40/go.mod h1:9erZEWEn4bEqh0nIX2wA7f/s3KCuFycQdBrPrRzi0QM= open-cluster-management.io/cluster-proxy v0.4.0 h1:rm0UDaDWe3/P3xLzwqdHtqNksKwSzsic02MkrEe6BnM= open-cluster-management.io/cluster-proxy v0.4.0/go.mod h1:gTvfDHAhGezhdg4BD3ECBn6jbg2Y5PbHhV2ceW5nrB0= open-cluster-management.io/managed-serviceaccount v0.6.0 h1:qIi5T9WQJBuoGqnYGIktXbtqfQoiN2H9XU2P/6lAQiw= open-cluster-management.io/managed-serviceaccount v0.6.0/go.mod h1:G4LUTbZiyrB8c0+rqi/xnDmGlsg7Rdr4T7MPLCWhyQI= -open-cluster-management.io/ocm v0.15.1-0.20250116085531-34275ef1eac8 h1:IDjk8EeKajwqezVM1eDNYPHyaJx4V0N/sZoSAVhIUJk= -open-cluster-management.io/ocm v0.15.1-0.20250116085531-34275ef1eac8/go.mod h1:daPkqFxkVqKb4O8UTX+7jCyEcJWarGOG7uDie9rFfck= +open-cluster-management.io/ocm v0.15.1-0.20250120013556-eeb4ab31d5ab h1:DY4DSDQUEoVQ6fCda7nSYetJRhvkyoiHPLyMppL/a8w= +open-cluster-management.io/ocm v0.15.1-0.20250120013556-eeb4ab31d5ab/go.mod h1:Mfg6rf0CylcnY5y8zJB99ClbMUMpAAUa22Rv+3ct5Lg= open-cluster-management.io/sdk-go v0.15.1-0.20241125015855-1536c3970f8f h1:zeC7QrFNarfK2zY6jGtd+mX+yDrQQmnH/J8A7n5Nh38= open-cluster-management.io/sdk-go v0.15.1-0.20241125015855-1536c3970f8f/go.mod h1:fi5WBsbC5K3txKb8eRLuP0Sim/Oqz/PHX18skAEyjiA= oras.land/oras-go v1.2.5 h1:XpYuAwAb0DfQsunIyMfeET92emK8km3W4yEzZvUbsTo= diff --git a/pkg/cmd/init/cmd.go b/pkg/cmd/init/cmd.go index cce10e70..a421b5b1 100644 --- a/pkg/cmd/init/cmd.go +++ b/pkg/cmd/init/cmd.go @@ -14,6 +14,9 @@ import ( var example = ` # Init the hub %[1]s init + +# Initialize the hub cluster with the type of authentication. Either or both of csr,awsirsa +%[1]s init --registration-auth awsirsa --registration-auth csr --hubClusterArn arn:aws:eks:us-west-2:123456789012:cluster/hub-cluster1 ` // NewCmd ... @@ -78,6 +81,10 @@ func NewCmd(clusteradmFlags *genericclioptionsclusteradm.ClusteradmFlags, stream _ = clusterManagerSet.SetAnnotation("singleton-name", "singletonSet", []string{}) o.Helm.AddFlags(singletonSet) cmd.Flags().AddFlagSet(singletonSet) + cmd.Flags().StringArrayVar(&o.registrationAuth, "registration-auth", []string{}, + "The type of authentication to use for registering and authenticating with hub. Only csr and awsirsa are accepted as valid inputs. This flag can be repeated to specify multiple authentication types.") + cmd.Flags().StringVar(&o.hubClusterArn, "hub-cluster-arn", "", + "The hubCluster ARN to be passed if awsirsa is one of the registrationAuths and the cluster name in EKS kubeconfig doesn't contain hubClusterArn") return cmd } diff --git a/pkg/cmd/init/exec.go b/pkg/cmd/init/exec.go index 1040c47f..94c96341 100644 --- a/pkg/cmd/init/exec.go +++ b/pkg/cmd/init/exec.go @@ -4,6 +4,7 @@ package init import ( "context" "fmt" + "k8s.io/apimachinery/pkg/util/sets" "os" "time" @@ -70,10 +71,15 @@ func (o *Options) complete(cmd *cobra.Command, args []string) (err error) { }, Tag: bundleVersion.OCM, } + registrationDrivers, err := getRegistrationDrivers(o) + if err != nil { + return err + } o.clusterManagerChartConfig.ClusterManager = chart.ClusterManagerConfig{ RegistrationConfiguration: operatorv1.RegistrationHubConfiguration{ FeatureGates: genericclioptionsclusteradm.ConvertToFeatureGateAPI( genericclioptionsclusteradm.HubMutableFeatureGate, ocmfeature.DefaultHubRegistrationFeatureGates), + RegistrationDrivers: registrationDrivers, }, WorkConfiguration: operatorv1.WorkConfiguration{ FeatureGates: genericclioptionsclusteradm.ConvertToFeatureGateAPI( @@ -144,6 +150,13 @@ func (o *Options) validate() error { return fmt.Errorf("registry should not be empty") } + validRegistrationDriver := sets.New[string]("csr", "awsirsa") + for _, driver := range o.registrationAuth { + if !validRegistrationDriver.Has(driver) { + return fmt.Errorf("only csr and awsirsa are valid drivers") + } + } + // If --wait is set, some information during initialize process will print to output, the output would not keep // machine readable, so this behavior should be disabled if o.wait && o.output != "text" { @@ -353,3 +366,40 @@ func (o *Options) deploySingletonControlplane(kubeClient kubernetes.Interface) e } return nil } + +func getRegistrationDrivers(o *Options) ([]operatorv1.RegistrationDriverHub, error) { + registrationDrivers := []operatorv1.RegistrationDriverHub{} + var registrationDriver operatorv1.RegistrationDriverHub + + for _, driver := range o.registrationAuth { + if driver == "csr" { + registrationDriver = operatorv1.RegistrationDriverHub{AuthType: driver} + } else if driver == "awsirsa" { + hubClusterArn, err := getHubClusterArn(o) + if err != nil { + return registrationDrivers, err + } + registrationDriver = operatorv1.RegistrationDriverHub{AuthType: driver, HubClusterArn: hubClusterArn} + } + registrationDrivers = append(registrationDrivers, registrationDriver) + } + + return registrationDrivers, nil +} + +func getHubClusterArn(o *Options) (string, error) { + hubClusterArn := o.hubClusterArn + if hubClusterArn == "" { + rawConfig, err := o.ClusteradmFlags.KubectlFactory.ToRawKubeConfigLoader().RawConfig() + if err != nil { + klog.Errorf("unable to load hub cluster kubeconfig: %v", err) + return "", err + } + hubClusterArn = rawConfig.Contexts[rawConfig.CurrentContext].Cluster + if hubClusterArn == "" { + klog.Errorf("hubClusterArn has empty value in kubeconfig") + return "", fmt.Errorf("unable to retrieve hubClusterArn from kubeconfig") + } + } + return hubClusterArn, nil +} diff --git a/pkg/cmd/init/options.go b/pkg/cmd/init/options.go index 6a98770f..99c99a08 100644 --- a/pkg/cmd/init/options.go +++ b/pkg/cmd/init/options.go @@ -50,6 +50,12 @@ type Options struct { output string Streams genericiooptions.IOStreams + + // The type of authentication to use for initializing the hub cluster + registrationAuth []string + // The optional ARN to pass if awsirsa is one of the registrationAuths + // and the cluster name in EKS kubeconfig doesn't contain hubClusterArn + hubClusterArn string } func newOptions(clusteradmFlags *genericclioptionsclusteradm.ClusteradmFlags, streams genericiooptions.IOStreams) *Options { diff --git a/test/e2e/clusteradm/init_test.go b/test/e2e/clusteradm/init_test.go index a1890707..d1630664 100644 --- a/test/e2e/clusteradm/init_test.go +++ b/test/e2e/clusteradm/init_test.go @@ -34,6 +34,41 @@ var _ = ginkgo.Describe("test clusteradm with bootstrap token in singleton mode" gomega.Expect(err).NotTo(gomega.HaveOccurred()) gomega.Expect(len(cm.Spec.RegistrationConfiguration.FeatureGates)).Should(gomega.Equal(1)) + // TODO: E2e test is not recognizing the newly added flags. Uncomment below test once the problem is fixed. + //err = e2e.Clusteradm().Init( + // "--use-bootstrap-token", + // "--context", e2e.Cluster().Hub().Context(), + // "--bundle-version=latest", + // "--registration-auth awsirsa", + // "--hub-cluster-arn arn:aws:eks:us-west-2:123456789012:cluster/hub-cluster1", + //) + //gomega.Expect(err).NotTo(gomega.HaveOccurred(), "clusteradm init error") + // + //cm, err = operatorClient.OperatorV1().ClusterManagers().Get(context.TODO(), "cluster-manager", metav1.GetOptions{}) + //gomega.Expect(err).NotTo(gomega.HaveOccurred()) + //// Ensure that when only awsirsa is passed as registration-auth only awsirsa driver is available + //gomega.Expect(len(cm.Spec.RegistrationConfiguration.RegistrationDrivers)).Should(gomega.Equal(1)) + //gomega.Expect(cm.Spec.RegistrationConfiguration.RegistrationDrivers[0].AuthType).Should(gomega.Equal("awsirsa")) + // + //err = e2e.Clusteradm().Init( + // "--use-bootstrap-token", + // "--context", e2e.Cluster().Hub().Context(), + // "--bundle-version=latest", + // "--registration-auth awsirsa", + // "--registration-auth csr", + // "--hub-cluster-arn arn:aws:eks:us-west-2:123456789012:cluster/hub-cluster1", + //) + //gomega.Expect(err).NotTo(gomega.HaveOccurred(), "clusteradm init error") + // + //cm, err = operatorClient.OperatorV1().ClusterManagers().Get(context.TODO(), "cluster-manager", metav1.GetOptions{}) + //gomega.Expect(err).NotTo(gomega.HaveOccurred()) + //// Ensure that awsirsa and csr is passed as registration-auth both the values are set. + //gomega.Expect(len(cm.Spec.RegistrationConfiguration.RegistrationDrivers)).Should(gomega.Equal(2)) + //gomega.Expect(cm.Spec.RegistrationConfiguration.RegistrationDrivers[0].AuthType).Should(gomega.Equal("csr")) + //gomega.Expect(cm.Spec.RegistrationConfiguration.RegistrationDrivers[1].AuthType).Should(gomega.Equal("awsirsa")) + //gomega.Expect(cm.Spec.RegistrationConfiguration.RegistrationDrivers[1].HubClusterArn). + // Should(gomega.Equal("arn:aws:eks:us-west-2:123456789012:cluster/hub-cluster1")) + err = e2e.Clusteradm().Init( "--use-bootstrap-token", "--context", e2e.Cluster().Hub().Context(), diff --git a/vendor/modules.txt b/vendor/modules.txt index 642687d1..1ebdb184 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1239,7 +1239,7 @@ k8s.io/utils/pointer k8s.io/utils/ptr k8s.io/utils/strings/slices k8s.io/utils/trace -# open-cluster-management.io/api v0.15.1-0.20250109024121-1a5e25a78a43 +# open-cluster-management.io/api v0.15.1-0.20250116010516-3a595d6a4e40 ## explicit; go 1.22.0 open-cluster-management.io/api/addon/v1alpha1 open-cluster-management.io/api/client/addon/clientset/versioned @@ -1282,7 +1282,7 @@ open-cluster-management.io/managed-serviceaccount/pkg/generated/clientset/versio open-cluster-management.io/managed-serviceaccount/pkg/generated/clientset/versioned/scheme open-cluster-management.io/managed-serviceaccount/pkg/generated/clientset/versioned/typed/authentication/v1alpha1 open-cluster-management.io/managed-serviceaccount/pkg/generated/clientset/versioned/typed/authentication/v1beta1 -# open-cluster-management.io/ocm v0.15.1-0.20250116085531-34275ef1eac8 +# open-cluster-management.io/ocm v0.15.1-0.20250120013556-eeb4ab31d5ab ## explicit; go 1.22.5 open-cluster-management.io/ocm/deploy/cluster-manager/chart open-cluster-management.io/ocm/deploy/klusterlet/chart diff --git a/vendor/open-cluster-management.io/api/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml b/vendor/open-cluster-management.io/api/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml index 8e92beeb..c4e3864f 100644 --- a/vendor/open-cluster-management.io/api/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml +++ b/vendor/open-cluster-management.io/api/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml @@ -255,6 +255,31 @@ spec: - feature type: object type: array + registrationDrivers: + description: |- + RegistrationDrivers represent the list of hub registration drivers that contain information used by hub to initialize the hub cluster + A RegistrationDriverHub contains details of authentication type and the hub cluster ARN + items: + properties: + authType: + default: csr + description: Type of the authentication used by hub to initialize + the Hub cluster. Possible values are csr and awsirsa. + enum: + - csr + - awsirsa + type: string + hubClusterArn: + description: |- + This represents the hub cluster ARN + Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1 + pattern: ^arn:aws:eks:([a-zA-Z0-9-]+):(\d{12}):cluster/([a-zA-Z0-9-]+)$ + type: string + type: object + type: array + x-kubernetes-list-map-keys: + - authType + x-kubernetes-list-type: map type: object registrationImagePullSpec: default: quay.io/open-cluster-management/registration diff --git a/vendor/open-cluster-management.io/api/operator/v1/types_clustermanager.go b/vendor/open-cluster-management.io/api/operator/v1/types_clustermanager.go index 373f87f1..d9d058e6 100644 --- a/vendor/open-cluster-management.io/api/operator/v1/types_clustermanager.go +++ b/vendor/open-cluster-management.io/api/operator/v1/types_clustermanager.go @@ -108,6 +108,28 @@ type RegistrationHubConfiguration struct { // he can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false. // +optional FeatureGates []FeatureGate `json:"featureGates,omitempty"` + + // RegistrationDrivers represent the list of hub registration drivers that contain information used by hub to initialize the hub cluster + // A RegistrationDriverHub contains details of authentication type and the hub cluster ARN + // +optional + // +listType=map + // +listMapKey=authType + RegistrationDrivers []RegistrationDriverHub `json:"registrationDrivers,omitempty"` +} + +type RegistrationDriverHub struct { + + // Type of the authentication used by hub to initialize the Hub cluster. Possible values are csr and awsirsa. + // +required + // +kubebuilder:default:=csr + // +kubebuilder:validation:Enum=csr;awsirsa + AuthType string `json:"authType,omitempty"` + + // This represents the hub cluster ARN + // Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1 + // +optional + // +kubebuilder:validation:Pattern=`^arn:aws:eks:([a-zA-Z0-9-]+):(\d{12}):cluster/([a-zA-Z0-9-]+)$` + HubClusterArn string `json:"hubClusterArn,omitempty"` } type WorkConfiguration struct { diff --git a/vendor/open-cluster-management.io/api/operator/v1/zz_generated.deepcopy.go b/vendor/open-cluster-management.io/api/operator/v1/zz_generated.deepcopy.go index 64a618ba..96eef484 100644 --- a/vendor/open-cluster-management.io/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/open-cluster-management.io/api/operator/v1/zz_generated.deepcopy.go @@ -557,6 +557,22 @@ func (in *RegistrationDriver) DeepCopy() *RegistrationDriver { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RegistrationDriverHub) DeepCopyInto(out *RegistrationDriverHub) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegistrationDriverHub. +func (in *RegistrationDriverHub) DeepCopy() *RegistrationDriverHub { + if in == nil { + return nil + } + out := new(RegistrationDriverHub) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RegistrationHubConfiguration) DeepCopyInto(out *RegistrationHubConfiguration) { *out = *in @@ -570,6 +586,11 @@ func (in *RegistrationHubConfiguration) DeepCopyInto(out *RegistrationHubConfigu *out = make([]FeatureGate, len(*in)) copy(*out, *in) } + if in.RegistrationDrivers != nil { + in, out := &in.RegistrationDrivers, &out.RegistrationDrivers + *out = make([]RegistrationDriverHub, len(*in)) + copy(*out, *in) + } return } diff --git a/vendor/open-cluster-management.io/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/open-cluster-management.io/api/operator/v1/zz_generated.swagger_doc_generated.go index 5d63b919..7342a410 100644 --- a/vendor/open-cluster-management.io/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/open-cluster-management.io/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -122,9 +122,19 @@ func (NodePlacement) SwaggerDoc() map[string]string { return map_NodePlacement } +var map_RegistrationDriverHub = map[string]string{ + "authType": "Type of the authentication used by hub to initialize the Hub cluster. Possible values are csr and awsirsa.", + "hubClusterArn": "This represents the hub cluster ARN Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1", +} + +func (RegistrationDriverHub) SwaggerDoc() map[string]string { + return map_RegistrationDriverHub +} + var map_RegistrationHubConfiguration = map[string]string{ - "autoApproveUsers": "AutoApproveUser represents a list of users that can auto approve CSR and accept client. If the credential of the bootstrap-hub-kubeconfig matches to the users, the cluster created by the bootstrap-hub-kubeconfig will be auto-registered into the hub cluster. This takes effect only when ManagedClusterAutoApproval feature gate is enabled.", - "featureGates": "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator will discard it\n 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false,\n \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false.", + "autoApproveUsers": "AutoApproveUser represents a list of users that can auto approve CSR and accept client. If the credential of the bootstrap-hub-kubeconfig matches to the users, the cluster created by the bootstrap-hub-kubeconfig will be auto-registered into the hub cluster. This takes effect only when ManagedClusterAutoApproval feature gate is enabled.", + "featureGates": "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator will discard it\n 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false,\n \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false.", + "registrationDrivers": "RegistrationDrivers represent the list of hub registration drivers that contain information used by hub to initialize the hub cluster A RegistrationDriverHub contains details of authentication type and the hub cluster ARN", } func (RegistrationHubConfiguration) SwaggerDoc() map[string]string { diff --git a/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/crds/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml b/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/crds/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml index 8e92beeb..c4e3864f 100644 --- a/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/crds/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml +++ b/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/crds/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml @@ -255,6 +255,31 @@ spec: - feature type: object type: array + registrationDrivers: + description: |- + RegistrationDrivers represent the list of hub registration drivers that contain information used by hub to initialize the hub cluster + A RegistrationDriverHub contains details of authentication type and the hub cluster ARN + items: + properties: + authType: + default: csr + description: Type of the authentication used by hub to initialize + the Hub cluster. Possible values are csr and awsirsa. + enum: + - csr + - awsirsa + type: string + hubClusterArn: + description: |- + This represents the hub cluster ARN + Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1 + pattern: ^arn:aws:eks:([a-zA-Z0-9-]+):(\d{12}):cluster/([a-zA-Z0-9-]+)$ + type: string + type: object + type: array + x-kubernetes-list-map-keys: + - authType + x-kubernetes-list-type: map type: object registrationImagePullSpec: default: quay.io/open-cluster-management/registration diff --git a/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/templates/cluster_manager.yaml b/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/templates/cluster_manager.yaml index 14172e71..ecee98da 100644 --- a/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/templates/cluster_manager.yaml +++ b/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/templates/cluster_manager.yaml @@ -29,6 +29,10 @@ spec: featureGates: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.clusterManager.registrationConfiguration.registrationDrivers }} + registrationDrivers: + {{- toYaml . | nindent 6 }} + {{- end }} {{- with .Values.clusterManager.workConfiguration }} workConfiguration: {{- toYaml . | nindent 4 }} diff --git a/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/values.yaml b/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/values.yaml index 7d5ac754..bf1b4c65 100644 --- a/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/values.yaml +++ b/vendor/open-cluster-management.io/ocm/deploy/cluster-manager/chart/cluster-manager/values.yaml @@ -95,6 +95,8 @@ clusterManager: featureGates: - feature: DefaultClusterSet mode: Enable + registrationDrivers: + - authType: csr workConfiguration: workDriver: kube addOnManagerConfiguration: {}