Skip to content

Commit

Permalink
Deploy lakom based on deployseedresources flag
Browse files Browse the repository at this point in the history
  • Loading branch information
rrhubenov committed Aug 20, 2024
1 parent de14489 commit 9049aa8
Show file tree
Hide file tree
Showing 5 changed files with 27 additions and 4 deletions.
11 changes: 11 additions & 0 deletions hack/api-reference/config.md
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,17 @@ bool
<p>AllowInsecureRegistries allows Lakom to use HTTP for communication with the registries</p>
</td>
</tr>
<tr>
<td>
<code>deploySeedResources</code></br>
<em>
bool
</em>
</td>
<td>
<p>DeploySeedResources instruct the lakom-controller whether it should deploy lakom to the seed cluster.</p>
</td>
</tr>
</tbody>
</table>
<h3 id="lakom.extensions.config.gardener.cloud/v1alpha1.DebugConfig">DebugConfig
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/config/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@ type Configuration struct {
// AllowInsecureRegistries sets the lakom webhook to allow HTTP communication with OCI registries.
// It first tries HTTPS and then falls back to HTTP.
AllowInsecureRegistries bool
// DeploySeedResources instruct the lakom-controller whether it should deploy lakom to the seed cluster.
DeploySeedResources bool
}

// DebugConfig contains debug configurations for the controller.
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/config/v1alpha1/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@ type Configuration struct {
AllowUntrustedImages bool `json:"allowUntrustedImages"`
// AllowInsecureRegistries allows Lakom to use HTTP for communication with the registries
AllowInsecureRegistries bool `json:"allowInsecureRegistries"`
// DeploySeedResources instruct the lakom-controller whether it should deploy lakom to the seed cluster.
DeploySeedResources bool `json:"deploySeedResources"`
}

// DebugConfig contains debug configurations for the controller.
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/config/v1alpha1/zz_generated.conversion.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 10 additions & 4 deletions pkg/controller/seed/reconciler.go
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,16 @@ func (kcr *kubeSystemReconciler) reconcile(ctx context.Context, logger logr.Logg
const (
kubeSystemNamespaceName = metav1.NamespaceSystem
)
var (
ownerNamespace = kcr.serviceConfig.SeedBootstrap.OwnerNamespace
)

if !kcr.serviceConfig.DeploySeedResources {
if err := managedresources.DeleteForSeed(ctx, kcr.client, ownerNamespace, constants.ManagedResourceNamesSeed); err != nil {
return err
}
return nil
}

secretsConfig := ConfigsFor(kubeSystemNamespaceName)
secretsManager, err := secretsmanager.New(ctx, logger.WithName("seed-secretsmanager"), clock.RealClock{}, kcr.client, kubeSystemNamespaceName, ManagerIdentity, secretsmanager.Config{CASecretAutoRotation: true})
Expand Down Expand Up @@ -122,10 +132,6 @@ func (kcr *kubeSystemReconciler) reconcile(ctx context.Context, logger logr.Logg
return err
}

var (
ownerNamespace = kcr.serviceConfig.SeedBootstrap.OwnerNamespace
)

if err := managedresources.CreateForSeed(ctx, kcr.client, ownerNamespace, constants.ManagedResourceNamesSeed, false, resources); err != nil {
return err
}
Expand Down

0 comments on commit 9049aa8

Please sign in to comment.