From 51b21173b60cd8c1f181be2c8648c52e7651c381 Mon Sep 17 00:00:00 2001 From: Jose Armesto Date: Wed, 23 Feb 2022 10:03:32 +0100 Subject: [PATCH] Don't default RoleAssignmentName on machine templates --- api/v1beta1/azuremachine_webhook_test.go | 12 +++++++++ api/v1beta1/azuremachinetemplate_webhook.go | 26 +++++++++++++++---- .../azuremachinetemplate_webhook_test.go | 5 ++++ 3 files changed, 38 insertions(+), 5 deletions(-) diff --git a/api/v1beta1/azuremachine_webhook_test.go b/api/v1beta1/azuremachine_webhook_test.go index 4571ab3cff6..a278ec92b45 100644 --- a/api/v1beta1/azuremachine_webhook_test.go +++ b/api/v1beta1/azuremachine_webhook_test.go @@ -613,3 +613,15 @@ func createMachineWithOsDiskCacheType(cacheType string) *AzureMachine { machine.Spec.OSDisk.CachingType = cacheType return machine } + +func createMachineWithRoleAssignmentName() *AzureMachine { + machine := &AzureMachine{ + Spec: AzureMachineSpec{ + SSHPublicKey: validSSHPublicKey, + OSDisk: validOSDisk, + Identity: VMIdentitySystemAssigned, + RoleAssignmentName: "c6e3443d-bc11-4335-8819-ab6637b10586", + }, + } + return machine +} diff --git a/api/v1beta1/azuremachinetemplate_webhook.go b/api/v1beta1/azuremachinetemplate_webhook.go index 42b4bfff74f..9d874050032 100644 --- a/api/v1beta1/azuremachinetemplate_webhook.go +++ b/api/v1beta1/azuremachinetemplate_webhook.go @@ -27,7 +27,10 @@ import ( ) // AzureMachineTemplateImmutableMsg ... -const AzureMachineTemplateImmutableMsg = "AzureMachineTemplate spec.template.spec field is immutable. Please create new resource instead. ref doc: https://cluster-api.sigs.k8s.io/tasks/change-machine-template.html" +const ( + AzureMachineTemplateImmutableMsg = "AzureMachineTemplate spec.template.spec field is immutable. Please create new resource instead. ref doc: https://cluster-api.sigs.k8s.io/tasks/change-machine-template.html" + AzureMachineTemplateRoleAssignmentNameMsg = "AzureMachineTemplate spec.template.spec.roleAssignmentName field can't be set" +) // SetupWebhookWithManager sets up and registers the webhook with the manager. func (r *AzureMachineTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error { @@ -46,10 +49,19 @@ var _ webhook.Validator = &AzureMachineTemplate{} func (r *AzureMachineTemplate) ValidateCreate() error { spec := r.Spec.Template.Spec - if allErrs := ValidateAzureMachineSpec(spec); len(allErrs) > 0 { - return apierrors.NewInvalid(GroupVersion.WithKind("AzureMachineTemplate").GroupKind(), r.Name, allErrs) + allErrs := ValidateAzureMachineSpec(spec) + + if r.Spec.Template.Spec.RoleAssignmentName != "" { + allErrs = append(allErrs, + field.Invalid(field.NewPath("AzureMachineTemplate", "spec", "template", "spec", "roleAssignmentName"), r, AzureMachineTemplateRoleAssignmentNameMsg), + ) } - return nil + + if len(allErrs) == 0 { + return nil + } + + return apierrors.NewInvalid(GroupVersion.WithKind("AzureMachineTemplate").GroupKind(), r.Name, allErrs) } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type. @@ -92,5 +104,9 @@ func (r *AzureMachineTemplate) ValidateDelete() error { // Default implements webhookutil.defaulter so a webhook will be registered for the type. func (r *AzureMachineTemplate) Default() { - r.Spec.Template.Spec.SetDefaults() + if err := r.Spec.Template.Spec.SetDefaultSSHPublicKey(); err != nil { + ctrl.Log.WithName("SetDefault").Error(err, "SetDefaultSSHPublicKey failed") + } + r.Spec.Template.Spec.SetDefaultCachingType() + r.Spec.Template.Spec.SetDataDisksDefaults() } diff --git a/api/v1beta1/azuremachinetemplate_webhook_test.go b/api/v1beta1/azuremachinetemplate_webhook_test.go index 79229c76826..45912e44955 100644 --- a/api/v1beta1/azuremachinetemplate_webhook_test.go +++ b/api/v1beta1/azuremachinetemplate_webhook_test.go @@ -124,6 +124,11 @@ func TestAzureMachineTemplate_ValidateCreate(t *testing.T) { ), wantErr: true, }, + { + name: "azuremachinetemplate with RoleAssignmentName", + machineTemplate: createAzureMachineTemplateFromMachine(createMachineWithRoleAssignmentName()), + wantErr: true, + }, } for _, test := range tests {