kubernetes-sigs · k8s-ci-robot · Nov 29, 2023 · Oct 13, 2023
diff --git a/Makefile b/Makefile
@@ -158,7 +158,7 @@ WEBHOOK_ROOT ?= $(MANIFEST_ROOT)/webhook
 RBAC_ROOT ?= $(MANIFEST_ROOT)/rbac
 ASO_CRDS_PATH := $(MANIFEST_ROOT)/aso/crds.yaml
 ASO_VERSION := v2.4.0
-ASO_CRDS := resourcegroups.resources.azure.com natgateways.network.azure.com managedclusters.containerservice.azure.com managedclustersagentpools.containerservice.azure.com
+ASO_CRDS := resourcegroups.resources.azure.com natgateways.network.azure.com managedclusters.containerservice.azure.com managedclustersagentpools.containerservice.azure.com bastionhosts.network.azure.com
 
 # Allow overriding the imagePullPolicy
 PULL_POLICY ?= Always

diff --git a/azure/scope/cluster.go b/azure/scope/cluster.go
@@ -544,13 +544,14 @@ func (s *ClusterScope) AzureBastion() *infrav1.AzureBastion {
 }
 
 // AzureBastionSpec returns the bastion spec.
-func (s *ClusterScope) AzureBastionSpec() azure.ResourceSpecGetter {
+func (s *ClusterScope) AzureBastionSpec() azure.ASOResourceSpecGetter[*asonetworkv1.BastionHost] {
 	if s.IsAzureBastionEnabled() {
 		subnetID := azure.SubnetID(s.SubscriptionID(), s.ResourceGroup(), s.Vnet().Name, s.AzureBastion().Subnet.Name)
 		publicIPID := azure.PublicIPID(s.SubscriptionID(), s.ResourceGroup(), s.AzureBastion().PublicIP.Name)
 
 		return &bastionhosts.AzureBastionSpec{
 			Name:            s.AzureBastion().Name,
+			Namespace:       s.Namespace(),
 			ResourceGroup:   s.ResourceGroup(),
 			Location:        s.Location(),
 			ClusterName:     s.ClusterName(),

diff --git a/azure/scope/cluster_test.go b/azure/scope/cluster_test.go
@@ -1607,7 +1607,7 @@ func TestAzureBastionSpec(t *testing.T) {
 	tests := []struct {
 		name         string
 		clusterScope ClusterScope
-		want         azure.ResourceSpecGetter
+		want         azure.ASOResourceSpecGetter[*asonetworkv1.BastionHost]
 	}{
 		{
 			name: "returns nil if no subnets are specified",

diff --git a/azure/services/bastionhosts/bastionhosts.go b/azure/services/bastionhosts/bastionhosts.go
@@ -17,88 +17,28 @@
 package bastionhosts
 
 import (
-	"context"
-
-	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4"
+	asonetworkv1 "github.com/Azure/azure-service-operator/v2/api/network/v1api20220701"
 	infrav1 "sigs.k8s.io/cluster-api-provider-azure/api/v1beta1"
 	"sigs.k8s.io/cluster-api-provider-azure/azure"
-	"sigs.k8s.io/cluster-api-provider-azure/azure/services/async"
-	"sigs.k8s.io/cluster-api-provider-azure/util/reconciler"
-	"sigs.k8s.io/cluster-api-provider-azure/util/tele"
+	"sigs.k8s.io/cluster-api-provider-azure/azure/services/aso"
 )
 
 const serviceName = "bastionhosts"
 
 // BastionScope defines the scope interface for a bastion host service.
 type BastionScope interface {
 	azure.ClusterScoper
-	azure.AsyncStatusUpdater
-	AzureBastionSpec() azure.ResourceSpecGetter
-}
-
-// Service provides operations on Azure resources.
-type Service struct {
-	Scope BastionScope
-	async.Reconciler
+	aso.Scope
+	AzureBastionSpec() azure.ASOResourceSpecGetter[*asonetworkv1.BastionHost]
 }
 
 // New creates a new service.
-func New(scope BastionScope) (*Service, error) {
-	client, err := newClient(scope)
-	if err != nil {
-		return nil, err
-	}
-	return &Service{
-		Scope: scope,
-		Reconciler: async.New[armnetwork.BastionHostsClientCreateOrUpdateResponse,
-			armnetwork.BastionHostsClientDeleteResponse](scope, client, client),
-	}, nil
-}
-
-// Name returns the service name.
-func (s *Service) Name() string {
-	return serviceName
-}
-
-// Reconcile idempotently creates or updates a bastion host.
-func (s *Service) Reconcile(ctx context.Context) error {
-	ctx, _, done := tele.StartSpanWithLogger(ctx, "bastionhosts.Service.Reconcile")
-	defer done()
-
-	ctx, cancel := context.WithTimeout(ctx, reconciler.DefaultAzureServiceReconcileTimeout)
-	defer cancel()
-
-	var resultingErr error
-	if bastionSpec := s.Scope.AzureBastionSpec(); bastionSpec != nil {
-		_, resultingErr = s.CreateOrUpdateResource(ctx, bastionSpec, serviceName)
-	} else {
-		return nil
+func New(scope BastionScope) *aso.Service[*asonetworkv1.BastionHost, BastionScope] {
+	svc := aso.NewService[*asonetworkv1.BastionHost, BastionScope](serviceName, scope)
+	spec := scope.AzureBastionSpec()
+	if spec != nil {
+		svc.Specs = []azure.ASOResourceSpecGetter[*asonetworkv1.BastionHost]{spec}
 	}
-
-	s.Scope.UpdatePutStatus(infrav1.BastionHostReadyCondition, serviceName, resultingErr)
-	return resultingErr
-}
-
-// Delete deletes the bastion host with the provided scope.
-func (s *Service) Delete(ctx context.Context) error {
-	ctx, _, done := tele.StartSpanWithLogger(ctx, "bastionhosts.Service.Delete")
-	defer done()
-
-	ctx, cancel := context.WithTimeout(ctx, reconciler.DefaultAzureServiceReconcileTimeout)
-	defer cancel()
-
-	var resultingErr error
-	if bastionSpec := s.Scope.AzureBastionSpec(); bastionSpec != nil {
-		resultingErr = s.DeleteResource(ctx, bastionSpec, serviceName)
-	} else {
-		return nil
-	}
-
-	s.Scope.UpdateDeleteStatus(infrav1.BastionHostReadyCondition, serviceName, resultingErr)
-	return resultingErr
-}
-
-// IsManaged returns always returns true as CAPZ does not support BYO bastion.
-func (s *Service) IsManaged(ctx context.Context) (bool, error) {
-	return true, nil
+	svc.ConditionType = infrav1.BastionHostReadyCondition
+	return svc
 }
diff --git a/azure/services/bastionhosts/bastionhosts_test.go b/azure/services/bastionhosts/bastionhosts_test.go