🌱 Align v1beta3 types to latest changes in Kubernetes

bootstrap/kubeadm/api/v1alpha4/kubeadm_types.go

@@ -133,9 +133,11 @@ type ControlPlaneComponent struct {
 	// ExtraArgs is an extra set of flags to pass to the control plane component.
 	// TODO: This is temporary and ideally we would like to switch all components to
 	// use ComponentConfig + ConfigMaps.
+	// +optional
 	ExtraArgs map[string]string `json:"extraArgs,omitempty"`
 
 	// ExtraVolumes is an extra set of host volumes, mounted to the control plane component.
+	// +optional
 	ExtraVolumes []HostPathMount `json:"extraVolumes,omitempty"`
 }
 
@@ -144,9 +146,11 @@ type APIServer struct {
 	ControlPlaneComponent `json:",inline"`
 
 	// CertSANs sets extra Subject Alternative Names for the API Server signing cert.
+	// +optional
 	CertSANs []string `json:"certSANs,omitempty"`
 
 	// TimeoutForControlPlane controls the timeout that we use for API server to appear
+	// +optional
 	TimeoutForControlPlane *metav1.Duration `json:"timeoutForControlPlane,omitempty"`
 }
 
@@ -161,10 +165,12 @@ type DNS struct {
 type ImageMeta struct {
 	// ImageRepository sets the container registry to pull images from.
 	// if not set, the ImageRepository defined in ClusterConfiguration will be used instead.
+	// +optional
 	ImageRepository string `json:"imageRepository,omitempty"`
 
 	// ImageTag allows to specify a tag for the image.
 	// In case this value is set, kubeadm does not change automatically the version of the above components during upgrades.
+	// +optional
 	ImageTag string `json:"imageTag,omitempty"`
 
 	//TODO: evaluate if we need also a ImageName based on user feedbacks
@@ -174,6 +180,8 @@ type ImageMeta struct {
 
 // ClusterStatus contains the cluster status. The ClusterStatus will be stored in the kubeadm-config
 // ConfigMap in the cluster, and then updated by kubeadm when additional control plane instance joins or leaves the cluster.
+// Deprecated: ClusterStatus has been removed from kubeadm v1beta3 API; This type is preserved only to support
+// conversion to older versions of the kubeadm API.
 type ClusterStatus struct {
 	metav1.TypeMeta `json:",inline"`
 
@@ -185,11 +193,13 @@ type ClusterStatus struct {
 // APIEndpoint struct contains elements of API server instance deployed on a node.
 type APIEndpoint struct {
 	// AdvertiseAddress sets the IP address for the API server to advertise.
-	AdvertiseAddress string `json:"advertiseAddress"`
+	// +optional
+	AdvertiseAddress string `json:"advertiseAddress,omitempty"`
 
 	// BindPort sets the secure port for the API Server to bind to.
 	// Defaults to 6443.
-	BindPort int32 `json:"bindPort"`
+	// +optional
+	BindPort int32 `json:"bindPort,omitempty"`
 }
 
 // NodeRegistrationOptions holds fields that relate to registering a new control-plane or node to the cluster, either via "kubeadm init" or "kubeadm join".
@@ -208,7 +218,6 @@ type NodeRegistrationOptions struct {
 	// Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process
 	// it will be defaulted to []v1.Taint{'node-role.kubernetes.io/master=""'}. If you don't want to taint your control-plane node, set this field to an
 	// empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.
-	// +optional
 	Taints []corev1.Taint `json:"taints,omitempty"`
 
 	// KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file
@@ -242,18 +251,23 @@ type BootstrapToken struct {
 	Token *BootstrapTokenString `json:"token"`
 	// Description sets a human-friendly message why this token exists and what it's used
 	// for, so other administrators can know its purpose.
+	// +optional
 	Description string `json:"description,omitempty"`
 	// TTL defines the time to live for this token. Defaults to 24h.
 	// Expires and TTL are mutually exclusive.
+	// +optional
 	TTL *metav1.Duration `json:"ttl,omitempty"`
 	// Expires specifies the timestamp when this token expires. Defaults to being set
 	// dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive.
+	// +optional
 	Expires *metav1.Time `json:"expires,omitempty"`
 	// Usages describes the ways in which this token can be used. Can by default be used
 	// for establishing bidirectional trust, but that can be changed here.
+	// +optional
 	Usages []string `json:"usages,omitempty"`
 	// Groups specifies the extra groups that this token will authenticate as when/if
 	// used for authentication
+	// +optional
 	Groups []string `json:"groups,omitempty"`
 }
 
@@ -262,10 +276,12 @@ type Etcd struct {
 
 	// Local provides configuration knobs for configuring the local etcd instance
 	// Local and External are mutually exclusive
+	// +optional
 	Local *LocalEtcd `json:"local,omitempty"`
 
 	// External describes how to connect to an external etcd cluster
 	// Local and External are mutually exclusive
+	// +optional
 	External *ExternalEtcd `json:"external,omitempty"`
 }
 
@@ -281,11 +297,14 @@ type LocalEtcd struct {
 
 	// ExtraArgs are extra arguments provided to the etcd binary
 	// when run inside a static pod.
+	// +optional
 	ExtraArgs map[string]string `json:"extraArgs,omitempty"`
 
 	// ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert.
+	// +optional
 	ServerCertSANs []string `json:"serverCertSANs,omitempty"`
 	// PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert.
+	// +optional
 	PeerCertSANs []string `json:"peerCertSANs,omitempty"`
 }
 
@@ -341,27 +360,30 @@ type JoinConfiguration struct {
 // JoinControlPlane contains elements describing an additional control plane instance to be deployed on the joining node.
 type JoinControlPlane struct {
 	// LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node.
+	// +optional
 	LocalAPIEndpoint APIEndpoint `json:"localAPIEndpoint,omitempty"`
 }
 
 // Discovery specifies the options for the kubelet to use during the TLS Bootstrap process.
 type Discovery struct {
 	// BootstrapToken is used to set the options for bootstrap token based discovery
 	// BootstrapToken and File are mutually exclusive
+	// +optional
 	BootstrapToken *BootstrapTokenDiscovery `json:"bootstrapToken,omitempty"`
 
 	// File is used to specify a file or URL to a kubeconfig file from which to load cluster information
 	// BootstrapToken and File are mutually exclusive
+	// +optional
 	File *FileDiscovery `json:"file,omitempty"`
 
 	// TLSBootstrapToken is a token used for TLS bootstrapping.
 	// If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden.
 	// If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information
 	// +optional
-	// TODO: revisit when there is defaulting from k/k
 	TLSBootstrapToken string `json:"tlsBootstrapToken,omitempty"`
 
 	// Timeout modifies the discovery timeout
+	// +optional
 	Timeout *metav1.Duration `json:"timeout,omitempty"`
 }
 
@@ -372,6 +394,7 @@ type BootstrapTokenDiscovery struct {
 	Token string `json:"token"`
 
 	// APIServerEndpoint is an IP or domain name to the API server from which info will be fetched.
+	// +optional
 	APIServerEndpoint string `json:"apiServerEndpoint,omitempty"`
 
 	// CACertHashes specifies a set of public key pins to verify
@@ -382,12 +405,14 @@ type BootstrapTokenDiscovery struct {
 	// SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded
 	// ASN.1. These hashes can be calculated using, for example, OpenSSL:
 	// openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex
+	// +optional
 	CACertHashes []string `json:"caCertHashes,omitempty"`
 
 	// UnsafeSkipCAVerification allows token-based discovery
 	// without CA verification via CACertHashes. This can weaken
 	// the security of kubeadm since other nodes can impersonate the control-plane.
-	UnsafeSkipCAVerification bool `json:"unsafeSkipCAVerification"`
+	// +optional
+	UnsafeSkipCAVerification bool `json:"unsafeSkipCAVerification,omitempty"`
 }
 
 // FileDiscovery is used to specify a file or URL to a kubeconfig file from which to load cluster information.
@@ -407,8 +432,10 @@ type HostPathMount struct {
 	// MountPath is the path inside the pod where hostPath will be mounted.
 	MountPath string `json:"mountPath"`
 	// ReadOnly controls write access to the volume
+	// +optional
 	ReadOnly bool `json:"readOnly,omitempty"`
 	// PathType is the type of the HostPath.
+	// +optional
 	PathType corev1.HostPathType `json:"pathType,omitempty"`
 }
 

bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigs.yaml

@@ -1559,9 +1559,6 @@ spec:
                           to bind to. Defaults to 6443.
                         format: int32
                         type: integer
-                    required:
-                    - advertiseAddress
-                    - bindPort
                     type: object
                   nodeRegistration:
                     description: NodeRegistration holds fields that relate to registering
@@ -1665,9 +1662,6 @@ spec:
                               Server to bind to. Defaults to 6443.
                             format: int32
                             type: integer
-                        required:
-                        - advertiseAddress
-                        - bindPort
                         type: object
                     type: object
                   discovery:
@@ -1711,7 +1705,6 @@ spec:
                             type: boolean
                         required:
                         - token
-                        - unsafeSkipCAVerification
                         type: object
                       file:
                         description: File is used to specify a file or URL to a kubeconfig
@@ -1730,12 +1723,11 @@ spec:
                         description: Timeout modifies the discovery timeout
                         type: string
                       tlsBootstrapToken:
-                        description: 'TLSBootstrapToken is a token used for TLS bootstrapping.
+                        description: TLSBootstrapToken is a token used for TLS bootstrapping.
                           If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token,
                           but can be overridden. If .File is set, this field **must
                           be set** in case the KubeConfigFile does not contain any
-                          other authentication information TODO: revisit when there
-                          is defaulting from k/k'
+                          other authentication information
                         type: string
                     type: object
                   kind:

bootstrap/kubeadm/config/crd/bases/bootstrap.cluster.x-k8s.io_kubeadmconfigtemplates.yaml

@@ -1586,9 +1586,6 @@ spec:
                                   API Server to bind to. Defaults to 6443.
                                 format: int32
                                 type: integer
-                            required:
-                            - advertiseAddress
-                            - bindPort
                             type: object
                           nodeRegistration:
                             description: NodeRegistration holds fields that relate
@@ -1698,9 +1695,6 @@ spec:
                                       the API Server to bind to. Defaults to 6443.
                                     format: int32
                                     type: integer
-                                required:
-                                - advertiseAddress
-                                - bindPort
                                 type: object
                             type: object
                           discovery:
@@ -1747,7 +1741,6 @@ spec:
                                     type: boolean
                                 required:
                                 - token
-                                - unsafeSkipCAVerification
                                 type: object
                               file:
                                 description: File is used to specify a file or URL
@@ -1767,13 +1760,12 @@ spec:
                                 description: Timeout modifies the discovery timeout
                                 type: string
                               tlsBootstrapToken:
-                                description: 'TLSBootstrapToken is a token used for
+                                description: TLSBootstrapToken is a token used for
                                   TLS bootstrapping. If .BootstrapToken is set, this
                                   field is defaulted to .BootstrapToken.Token, but
                                   can be overridden. If .File is set, this field **must
                                   be set** in case the KubeConfigFile does not contain
-                                  any other authentication information TODO: revisit
-                                  when there is defaulting from k/k'
+                                  any other authentication information
                                 type: string
                             type: object
                           kind:

bootstrap/kubeadm/types/v1beta3/conversion.go

@@ -59,10 +59,15 @@ func (dst *JoinConfiguration) ConvertFrom(srcRaw conversion.Hub) error {
 }
 
 func Convert_v1beta3_InitConfiguration_To_v1alpha4_InitConfiguration(in *InitConfiguration, out *bootstrapv1.InitConfiguration, s apimachineryconversion.Scope) error {
-	// InitConfiguration.CertificateKey exists in v1beta3 types but not in bootstrapv1.InitConfiguration (Cluster API does not uses automatic copy certs). Ignoring when converting.
+	// InitConfiguration.CertificateKey and SkipPhases exists in v1beta3 types but not in bootstrapv1.InitConfiguration (Cluster API does not uses automatic copy certs or does not support SkipPhases for now)). Ignoring when converting.
 	return autoConvert_v1beta3_InitConfiguration_To_v1alpha4_InitConfiguration(in, out, s)
 }
 
+func Convert_v1beta3_JoinConfiguration_To_v1alpha4_JoinConfiguration(in *JoinConfiguration, out *bootstrapv1.JoinConfiguration, s apimachineryconversion.Scope) error {
+	// JoinConfiguration.SkipPhases exists in v1beta3 types but not in bootstrapv1.JoinConfiguration (Cluster API does not support SkipPhases for now). Ignoring when converting.
+	return autoConvert_v1beta3_JoinConfiguration_To_v1alpha4_JoinConfiguration(in, out, s)
+}
+
 func Convert_v1beta3_NodeRegistrationOptions_To_v1alpha4_NodeRegistrationOptions(in *NodeRegistrationOptions, out *bootstrapv1.NodeRegistrationOptions, s apimachineryconversion.Scope) error {
 	// NodeRegistrationOptions.IgnorePreflightErrors exists in v1beta3 types but not in bootstrapv1.NodeRegistrationOptions (Cluster API does not support it for now). Ignoring when converting.
 	return autoConvert_v1beta3_NodeRegistrationOptions_To_v1alpha4_NodeRegistrationOptions(in, out, s)

bootstrap/kubeadm/types/v1beta3/conversion_test.go

@@ -65,6 +65,7 @@ func fuzzFuncs(_ runtimeserializer.CodecFactory) []interface{} {
 	return []interface{}{
 		nodeRegistrationOptionsFuzzer,
 		initConfigurationFuzzer,
+		joinConfigurationFuzzer,
 		joinControlPlanesFuzzer,
 	}
 }
@@ -88,4 +89,14 @@ func initConfigurationFuzzer(obj *InitConfiguration, c fuzz.Continue) {
 
 	// InitConfiguration.CertificateKey does not exists in v1alpha4, so setting it to empty string in order to avoid v1beta3 --> v1alpha4 --> v1beta3 round trip errors.
 	obj.CertificateKey = ""
+
+	// InitConfiguration.SkipPhases does not exists in v1alpha4, so setting it to empty string in order to avoid v1beta3 --> v1alpha4 --> v1beta3 round trip errors.
+	obj.SkipPhases = nil
+}
+
+func joinConfigurationFuzzer(obj *JoinConfiguration, c fuzz.Continue) {
+	c.Fuzz(obj)
+
+	// JoinConfiguration.SkipPhases does not exists in v1alpha4, so setting it to empty string in order to avoid v1beta3 --> v1alpha4 --> v1beta3 round trip errors.
+	obj.SkipPhases = nil
 }