set configured condition in mca

Signed-off-by: haoqing0110 <qhao@redhat.com>

deploy/cluster-manager/olm-catalog/latest/manifests/cluster-manager.clusterserviceversion.yaml

@@ -59,7 +59,7 @@ metadata:
     categories: Integration & Delivery,OpenShift Optional
     certified: "false"
     containerImage: quay.io/open-cluster-management/registration-operator:latest
-    createdAt: "2024-07-14T00:10:06Z"
+    createdAt: "2024-09-30T01:52:57Z"
     description: Manages the installation and upgrade of the ClusterManager.
     operators.operatorframework.io/builder: operator-sdk-v1.32.0
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3

deploy/klusterlet/chart/klusterlet/crds/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml

@@ -289,6 +289,39 @@ spec:
                       If it is set empty, use the default value: 50
                     format: int32
                     type: integer
+                  registrationDriver:
+                    description: This provides driver details required to register
+                      with hub
+                    properties:
+                      authType:
+                        default: csr
+                        description: Type of the authentication used by managedcluster
+                          to register as well as pull work from hub. Possible values
+                          are csr and awsirsa.
+                        enum:
+                        - csr
+                        - awsirsa
+                        type: string
+                      awsIrsa:
+                        description: |-
+                          Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account.
+                          This is required only when the authType is awsirsa.
+                        properties:
+                          hubClusterArn:
+                            description: |-
+                              The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet.
+                              Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1.
+                            minLength: 1
+                            type: string
+                          managedClusterArn:
+                            description: |-
+                              The arn of the managed cluster (ie: an EKS cluster). This will be required to generate the md5hash which will be used as a suffix to create IAM role on hub
+                              as well as used by kluslerlet-agent, to assume role suffixed with the md5hash, on startup.
+                              Example - arn:eks:us-west-2:12345678910:cluster/managed-cluster1.
+                            minLength: 1
+                            type: string
+                        type: object
+                    type: object
                 type: object
               registrationImagePullSpec:
                 description: |-

deploy/klusterlet/config/crds/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml

@@ -289,6 +289,39 @@ spec:
                       If it is set empty, use the default value: 50
                     format: int32
                     type: integer
+                  registrationDriver:
+                    description: This provides driver details required to register
+                      with hub
+                    properties:
+                      authType:
+                        default: csr
+                        description: Type of the authentication used by managedcluster
+                          to register as well as pull work from hub. Possible values
+                          are csr and awsirsa.
+                        enum:
+                        - csr
+                        - awsirsa
+                        type: string
+                      awsIrsa:
+                        description: |-
+                          Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account.
+                          This is required only when the authType is awsirsa.
+                        properties:
+                          hubClusterArn:
+                            description: |-
+                              The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet.
+                              Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1.
+                            minLength: 1
+                            type: string
+                          managedClusterArn:
+                            description: |-
+                              The arn of the managed cluster (ie: an EKS cluster). This will be required to generate the md5hash which will be used as a suffix to create IAM role on hub
+                              as well as used by kluslerlet-agent, to assume role suffixed with the md5hash, on startup.
+                              Example - arn:eks:us-west-2:12345678910:cluster/managed-cluster1.
+                            minLength: 1
+                            type: string
+                        type: object
+                    type: object
                 type: object
               registrationImagePullSpec:
                 description: |-

deploy/klusterlet/olm-catalog/latest/manifests/klusterlet.clusterserviceversion.yaml

@@ -31,7 +31,7 @@ metadata:
     categories: Integration & Delivery,OpenShift Optional
     certified: "false"
     containerImage: quay.io/open-cluster-management/registration-operator:latest
-    createdAt: "2024-07-14T00:10:07Z"
+    createdAt: "2024-09-30T01:52:57Z"
     description: Manages the installation and upgrade of the Klusterlet.
     operators.operatorframework.io/builder: operator-sdk-v1.32.0
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3

deploy/klusterlet/olm-catalog/latest/manifests/operator.open-cluster-management.io_klusterlets.yaml

@@ -289,6 +289,39 @@ spec:
                       If it is set empty, use the default value: 50
                     format: int32
                     type: integer
+                  registrationDriver:
+                    description: This provides driver details required to register
+                      with hub
+                    properties:
+                      authType:
+                        default: csr
+                        description: Type of the authentication used by managedcluster
+                          to register as well as pull work from hub. Possible values
+                          are csr and awsirsa.
+                        enum:
+                        - csr
+                        - awsirsa
+                        type: string
+                      awsIrsa:
+                        description: |-
+                          Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account.
+                          This is required only when the authType is awsirsa.
+                        properties:
+                          hubClusterArn:
+                            description: |-
+                              The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet.
+                              Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1.
+                            minLength: 1
+                            type: string
+                          managedClusterArn:
+                            description: |-
+                              The arn of the managed cluster (ie: an EKS cluster). This will be required to generate the md5hash which will be used as a suffix to create IAM role on hub
+                              as well as used by kluslerlet-agent, to assume role suffixed with the md5hash, on startup.
+                              Example - arn:eks:us-west-2:12345678910:cluster/managed-cluster1.
+                            minLength: 1
+                            type: string
+                        type: object
+                    type: object
                 type: object
               registrationImagePullSpec:
                 description: |-

go.mod

@@ -33,7 +33,7 @@ require (
 	k8s.io/kube-aggregator v0.30.3
 	k8s.io/utils v0.0.0-20240310230437-4693a0247e57
 	open-cluster-management.io/addon-framework v0.10.1-0.20240703130731-ba7fd000a03a
-	open-cluster-management.io/api v0.14.1-0.20240627145512-bd6f2229b53c
+	open-cluster-management.io/api v0.14.1-0.20240929023505-ab092a65ab63
 	open-cluster-management.io/sdk-go v0.14.1-0.20240918072645-225dcf1b6866
 	sigs.k8s.io/controller-runtime v0.18.5
 	sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96

go.sum

@@ -441,8 +441,8 @@ k8s.io/utils v0.0.0-20240310230437-4693a0247e57 h1:gbqbevonBh57eILzModw6mrkbwM0g
 k8s.io/utils v0.0.0-20240310230437-4693a0247e57/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 open-cluster-management.io/addon-framework v0.10.1-0.20240703130731-ba7fd000a03a h1:La1cYE3xkPFS2OJnsPQbkkahKE7yabuPcIISRfb4qsg=
 open-cluster-management.io/addon-framework v0.10.1-0.20240703130731-ba7fd000a03a/go.mod h1:C1VETu/CIQKYfMiVAgNzPEUHjCpL9P1Z/KsGhHa4kl4=
-open-cluster-management.io/api v0.14.1-0.20240627145512-bd6f2229b53c h1:gYfgkX/U6fv2d3Ly8D6N1GM9zokORupLSgCxx791zZw=
-open-cluster-management.io/api v0.14.1-0.20240627145512-bd6f2229b53c/go.mod h1:9erZEWEn4bEqh0nIX2wA7f/s3KCuFycQdBrPrRzi0QM=
+open-cluster-management.io/api v0.14.1-0.20240929023505-ab092a65ab63 h1:UV1OCtyt0EH/mgsdsvyxOPg9xva5pHjhGgAa0+gLpUM=
+open-cluster-management.io/api v0.14.1-0.20240929023505-ab092a65ab63/go.mod h1:9erZEWEn4bEqh0nIX2wA7f/s3KCuFycQdBrPrRzi0QM=
 open-cluster-management.io/sdk-go v0.14.1-0.20240918072645-225dcf1b6866 h1:nxYrSsYwl9Mq8DuaJ0K98PCpuGsai+AvXbggMfZDCGI=
 open-cluster-management.io/sdk-go v0.14.1-0.20240918072645-225dcf1b6866/go.mod h1:jCyXPY900UK1n4xwUBWSz27s7lcXN/fhIDF6xu3jIHw=
 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 h1:/U5vjBbQn3RChhv7P11uhYvCSm5G2GaIi5AIGBS6r4c=

pkg/addon/controllers/addonconfiguration/addon_configuration_reconciler.go

@@ -3,7 +3,10 @@ package addonconfiguration
 import (
 	"context"
 
+	"k8s.io/apimachinery/pkg/api/meta"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
+	"k8s.io/apimachinery/pkg/util/sets"
 
 	addonv1alpha1 "open-cluster-management.io/api/addon/v1alpha1"
 	addonv1alpha1client "open-cluster-management.io/api/client/addon/clientset/versioned"
@@ -19,13 +22,48 @@ type managedClusterAddonConfigurationReconciler struct {
 func (d *managedClusterAddonConfigurationReconciler) reconcile(
 	ctx context.Context, cma *addonv1alpha1.ClusterManagementAddOn, graph *configurationGraph) (*addonv1alpha1.ClusterManagementAddOn, reconcileState, error) {
 	var errs []error
+	configured := sets.Set[string]{}
 
+	// Update mca config references and configured condition to true for addons to rollout.
 	for _, addon := range graph.getAddonsToUpdate() {
-		mca := d.mergeAddonConfig(addon.mca, addon.desiredConfigs)
-		patcher := patcher.NewPatcher[
-			*addonv1alpha1.ManagedClusterAddOn, addonv1alpha1.ManagedClusterAddOnSpec, addonv1alpha1.ManagedClusterAddOnStatus](
-			d.addonClient.AddonV1alpha1().ManagedClusterAddOns(mca.Namespace))
-		_, err := patcher.PatchStatus(ctx, mca, mca.Status, addon.mca.Status)
+		// update mca config references in status
+		newAddon := d.mergeAddonConfig(addon.mca, addon.desiredConfigs)
+		// update mca configured condition to true
+		d.setCondition(newAddon, metav1.ConditionTrue, "ConfigurationsConfigured", "Configurations configured")
+
+		err := d.patchAddonStatus(ctx, newAddon, addon.mca)
+		if err != nil {
+			errs = append(errs, err)
+		}
+
+		configured.Insert(addon.mca.Namespace)
+	}
+
+	// Update mca configured condition to false for addons with rollout status ToApply.
+	for _, addon := range graph.getAddonsToApply() {
+		if configured.Has(addon.mca.Namespace) {
+			continue
+		}
+		newAddon := addon.mca.DeepCopy()
+		d.setCondition(newAddon, metav1.ConditionFalse, "ConfigurationsNotConfigured", "Configurations updated and not configured yet")
+
+		err := d.patchAddonStatus(ctx, newAddon, addon.mca)
+		if err != nil {
+			errs = append(errs, err)
+		}
+	}
+
+	// Update mca configured condition to true for addons with rollout status Succeeded.
+	// Including:
+	// 1. Addons without configurations, the rollout status is set to success in func setRolloutStatus(),
+	// should set condition to true.
+	// 2. Addons with configurations and already rollout successfully. In upgrade scenario, when the
+	// addon configurations do not change while addon components upgrade, should set condition to true.
+	for _, addon := range graph.getAddonsSucceeded() {
+		newAddon := addon.mca.DeepCopy()
+		d.setCondition(newAddon, metav1.ConditionTrue, "ConfigurationsConfigured", "Configurations configured")
+
+		err := d.patchAddonStatus(ctx, newAddon, addon.mca)
 		if err != nil {
 			errs = append(errs, err)
 		}
@@ -88,3 +126,25 @@ func (d *managedClusterAddonConfigurationReconciler) mergeAddonConfig(
 	mcaCopy.Status.ConfigReferences = configRefs
 	return mcaCopy
 }
+
+// setCondition updates the configured condition for the addon
+func (d *managedClusterAddonConfigurationReconciler) setCondition(
+	addon *addonv1alpha1.ManagedClusterAddOn, status metav1.ConditionStatus, reason, message string) {
+	meta.SetStatusCondition(&addon.Status.Conditions, metav1.Condition{
+		Type:    addonv1alpha1.ManagedClusterAddOnConditionConfigured,
+		Status:  status,
+		Reason:  reason,
+		Message: message,
+	})
+}
+
+// patchAddonStatus patches the status of the addon
+func (d *managedClusterAddonConfigurationReconciler) patchAddonStatus(
+	ctx context.Context, newaddon *addonv1alpha1.ManagedClusterAddOn, oldaddon *addonv1alpha1.ManagedClusterAddOn) error {
+	patcher := patcher.NewPatcher[
+		*addonv1alpha1.ManagedClusterAddOn, addonv1alpha1.ManagedClusterAddOnSpec, addonv1alpha1.ManagedClusterAddOnStatus](
+		d.addonClient.AddonV1alpha1().ManagedClusterAddOns(newaddon.Namespace))
+
+	_, err := patcher.PatchStatus(ctx, newaddon, newaddon.Status, oldaddon.Status)
+	return err
+}