-
Notifications
You must be signed in to change notification settings - Fork 583
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Additional ingress rules for control plane #4228
Additional ingress rules for control plane #4228
Conversation
/test pull-cluster-api-provider-aws-e2e |
Unknown CLA label state. Rechecking for CLA labels. Send feedback to sig-contributor-experience at kubernetes/community. /check-cla |
fccb789
to
5fc5683
Compare
/test pull-cluster-api-provider-aws-e2e |
@alexander-demicev - the MD remediation test failure isn't related to this change, its generally failing. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @alexander-demicev 🙇 This is looking good to me. A couple of very minor points:
- Might be nice to add coverage of this to the e2e tests
- Do you think it would be worth adding something to the docs?
- Could you squash the commits?
/test ? |
@richardcase: The following commands are available to trigger required jobs:
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Also, just checking the EKS side as there is some shared code here: /test pull-cluster-api-provider-aws-e2e-eks |
/test pull-cluster-api-provider-aws-e2e-eks |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CI test are failing, but it looks good to me
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Few nits, overall looks good
/test pull-cluster-api-provider-aws-e2e |
5fc5683
to
b0a32da
Compare
/test pull-cluster-api-provider-aws-e2e |
please take a look again, I addressed all comments and a added note to the docs |
/test pull-cluster-api-provider-aws-e2e-eks |
@alexander-demicev - it would be good to have an e2e test to cover this new feature. We could do it as part of this PR or as a follow-up. wdyt? Would you be able to squash your commits? Apart from that i think this is ready to go, great work 👍 |
b0a32da
to
51b74be
Compare
@richardcase done |
Lets do the e2e as follow-up /lgtm |
api/v1beta2/network_types.go
Outdated
Protocol SecurityGroupProtocol `json:"protocol"` | ||
FromPort int64 `json:"fromPort"` | ||
ToPort int64 `json:"toPort"` | ||
// Description is a description of the ingress rule. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// Description is a description of the ingress rule. | |
// Description provides extended information about the ingress rule. |
@@ -519,6 +519,20 @@ func (s *Service) getSecurityGroupIngressRules(role infrav1.SecurityGroupRole) ( | |||
if s.scope.Bastion().Enabled { | |||
rules = append(rules, s.defaultSSHIngressRule(s.scope.SecurityGroups()[infrav1.SecurityGroupBastion].ID)) | |||
} | |||
if s.scope.ControlPlaneLoadBalancer() != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please add this field in any of the existing E2E tests manifest? It would be good to test this in E2E CI to be always sure that this feature works fine.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nvm, we can take it as a follow up. I just saw @richardcase 's comment 🙂
overall LGTM.
/lgtm |
51b74be
to
88d7502
Compare
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Ankitasw The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/lgtm |
What type of PR is this?
/kind feature
What this PR does / why we need it:
This PR introduces the ability to specify additional ingress rules for the control plane.
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes #392
Special notes for your reviewer:
Checklist:
Release note: