Skip to content

Commit 04681c3

Browse files
barbacbdbarbacbd
committed
CORS-3842: Add API Updates for GCP Custom API Endpoints
** Add the Tech preview and No upgrade tags for the new feature GCP API Custom Endpoints. ** Add the ServiceEndpoint Structure that includes the api name and endpoint. ** Add the Service Endpoints to the GCP Spec and Status structs.
1 parent 52377f0 commit 04681c3

File tree

31 files changed

+6869
-5
lines changed

31 files changed

+6869
-5
lines changed

config/v1/tests/infrastructures.config.openshift.io/GCPCustomAPIEndpoints.yaml

+220
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,220 @@
1+
apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this
2+
name: "Infrastructure"
3+
crdName: infrastructures.config.openshift.io
4+
featureGates:
5+
- GCPCustomAPIEndpoints
6+
tests:
7+
onCreate:
8+
- name: Should be able to create a minimal Infrastructure
9+
initial: |
10+
apiVersion: config.openshift.io/v1
11+
kind: Infrastructure
12+
spec: {} # No spec is required for a Infrastructure
13+
expected: |
14+
apiVersion: config.openshift.io/v1
15+
kind: Infrastructure
16+
spec: {}
17+
onUpdate:
18+
- name: Basic Service Endpoint
19+
initial: |
20+
apiVersion: config.openshift.io/v1
21+
kind: Infrastructure
22+
spec:
23+
platformSpec:
24+
type: GCP
25+
gcp:
26+
serviceEndpoints:
27+
- {name: "Compute", url: "https://compute-myendpoint1.p.googleapis.com"}
28+
updated: |
29+
apiVersion: config.openshift.io/v1
30+
kind: Infrastructure
31+
spec:
32+
platformSpec:
33+
type: GCP
34+
gcp:
35+
serviceEndpoints:
36+
- {name: "Compute", url: "https://compute-myendpoint1.p.googleapis.com"}
37+
status:
38+
controlPlaneTopology: HighlyAvailable
39+
cpuPartitioning: None
40+
infrastructureTopology: HighlyAvailable
41+
platform: GCP
42+
platformStatus:
43+
type: GCP
44+
gcp:
45+
cloudLoadBalancerConfig:
46+
dnsType: PlatformDefault
47+
serviceEndpoints:
48+
- {name: "Compute", url: "https://compute-myendpoint1.p.googleapis.com"}
49+
expected: |
50+
apiVersion: config.openshift.io/v1
51+
kind: Infrastructure
52+
spec:
53+
platformSpec:
54+
type: GCP
55+
gcp:
56+
serviceEndpoints:
57+
- {name: "Compute", url: "https://compute-myendpoint1.p.googleapis.com"}
58+
status:
59+
controlPlaneTopology: HighlyAvailable
60+
cpuPartitioning: None
61+
infrastructureTopology: HighlyAvailable
62+
platform: GCP
63+
platformStatus:
64+
type: GCP
65+
gcp:
66+
cloudLoadBalancerConfig:
67+
dnsType: PlatformDefault
68+
serviceEndpoints:
69+
- {name: "Compute", url: "https://compute-myendpoint1.p.googleapis.com"}
70+
- name: Service Endpoint Same Name
71+
initial: |
72+
apiVersion: config.openshift.io/v1
73+
kind: Infrastructure
74+
spec:
75+
platformSpec:
76+
type: GCP
77+
gcp: {}
78+
updated: |
79+
apiVersion: config.openshift.io/v1
80+
kind: Infrastructure
81+
spec:
82+
platformSpec:
83+
type: GCP
84+
gcp:
85+
serviceEndpoints:
86+
- {name: "Compute", url: "https://compute-myendpoint1.p.googleapis.com"}
87+
- {name: "Compute", url: "https://compute-myendpoint2.p.googleapis.com"}
88+
status:
89+
controlPlaneTopology: HighlyAvailable
90+
cpuPartitioning: None
91+
infrastructureTopology: HighlyAvailable
92+
platform: GCP
93+
platformStatus:
94+
type: GCP
95+
gcp:
96+
cloudLoadBalancerConfig:
97+
dnsType: PlatformDefault
98+
serviceEndpoints:
99+
- {name: "Compute", url: "https://compute-myendpoint1.p.googleapis.com"}
100+
expectedError: "spec.platformSpec.gcp.serviceEndpoints: Invalid value: \"array\": only 1 endpoint override is permitted for a GCP service"
101+
- name: Service Endpoint Empty URL
102+
initial: |
103+
apiVersion: config.openshift.io/v1
104+
kind: Infrastructure
105+
spec:
106+
platformSpec:
107+
type: GCP
108+
gcp: {}
109+
updated: |
110+
apiVersion: config.openshift.io/v1
111+
kind: Infrastructure
112+
spec:
113+
platformSpec:
114+
type: GCP
115+
gcp:
116+
serviceEndpoints:
117+
- {name: "Compute", url: ""}
118+
status:
119+
controlPlaneTopology: HighlyAvailable
120+
cpuPartitioning: None
121+
infrastructureTopology: HighlyAvailable
122+
platform: GCP
123+
platformStatus:
124+
type: GCP
125+
gcp:
126+
cloudLoadBalancerConfig:
127+
dnsType: PlatformDefault
128+
serviceEndpoints:
129+
- {name: "Compute", url: ""}
130+
expectedError: "spec.platformSpec.gcp.serviceEndpoints[0].url: Invalid value: \"string\": must be a valid URL"
131+
- name: Service Endpoint HTTP URL
132+
initial: |
133+
apiVersion: config.openshift.io/v1
134+
kind: Infrastructure
135+
spec:
136+
platformSpec:
137+
type: GCP
138+
gcp: {}
139+
updated: |
140+
apiVersion: config.openshift.io/v1
141+
kind: Infrastructure
142+
spec:
143+
platformSpec:
144+
type: GCP
145+
gcp:
146+
serviceEndpoints:
147+
- {name: "Compute", url: "http://compute-myendpoint1.p.googleapis.com"}
148+
status:
149+
controlPlaneTopology: HighlyAvailable
150+
cpuPartitioning: None
151+
infrastructureTopology: HighlyAvailable
152+
platform: GCP
153+
platformStatus:
154+
type: GCP
155+
gcp:
156+
cloudLoadBalancerConfig:
157+
dnsType: PlatformDefault
158+
serviceEndpoints:
159+
- {name: "Compute", url: "http://compute-myendpoint1.p.googleapis.com"}
160+
expectedError: "spec.platformSpec.gcp.serviceEndpoints[0].url: Invalid value: \"string\": scheme must be https"
161+
- name: Service Endpoint URL Too Long
162+
initial: |
163+
apiVersion: config.openshift.io/v1
164+
kind: Infrastructure
165+
spec:
166+
platformSpec:
167+
type: GCP
168+
gcp: {}
169+
updated: |
170+
apiVersion: config.openshift.io/v1
171+
kind: Infrastructure
172+
spec:
173+
platformSpec:
174+
type: GCP
175+
gcp:
176+
serviceEndpoints:
177+
- {name: "Compute", url: "https://compute-myendpoint1-where-the-url-name-length-is-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-wayyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy-too-long.p.googleapis.com"}
178+
status:
179+
controlPlaneTopology: HighlyAvailable
180+
cpuPartitioning: None
181+
infrastructureTopology: HighlyAvailable
182+
platform: GCP
183+
platformStatus:
184+
type: GCP
185+
gcp:
186+
cloudLoadBalancerConfig:
187+
dnsType: PlatformDefault
188+
serviceEndpoints:
189+
- {name: "Compute", url: "https://compute-myendpoint1-where-the-url-name-length-is-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-way-wayyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy-too-long.p.googleapis.com"}
190+
expectedError: "spec.platformSpec.gcp.serviceEndpoints[0].url: Too long: may not be longer than 253, <nil>: Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation"
191+
- name: ServiceEndpointBadName
192+
initial: |
193+
apiVersion: config.openshift.io/v1
194+
kind: Infrastructure
195+
spec:
196+
platformSpec:
197+
type: GCP
198+
gcp: {}
199+
updated: |
200+
apiVersion: config.openshift.io/v1
201+
kind: Infrastructure
202+
spec:
203+
platformSpec:
204+
type: GCP
205+
gcp:
206+
serviceEndpoints:
207+
- {name: "UnknownService", url: "https://compute-myendpoint1.p.googleapis.com"}
208+
status:
209+
controlPlaneTopology: HighlyAvailable
210+
cpuPartitioning: None
211+
infrastructureTopology: HighlyAvailable
212+
platform: GCP
213+
platformStatus:
214+
type: GCP
215+
gcp:
216+
cloudLoadBalancerConfig:
217+
dnsType: PlatformDefault
218+
serviceEndpoints:
219+
- {name: "UnknownService", url: "https://compute-myendpoint1.p.googleapis.com"}
220+
expectedError: "[spec.platformSpec.gcp.serviceEndpoints[0].name: Unsupported value: \"UnknownService\": supported values: \"Compute\", \"Container\", \"CloudResourceManager\", \"DNS\", \"File\", \"IAM\", \"ServiceUsage\", \"Storage\", \"TagManager\", <nil>: Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation"

config/v1/types_infrastructure.go

+86-1
Original file line numberDiff line numberDiff line change
@@ -620,9 +620,83 @@ const (
620620
AzureStackCloud AzureCloudEnvironment = "AzureStackCloud"
621621
)
622622

623+
// GCPServiceEndpointName is the name of the GCP Service Endpoint.
624+
// +kubebuilder:validation:Enum=Compute;Container;CloudResourceManager;DNS;File;IAM;ServiceUsage;Storage;TagManager
625+
type GCPServiceEndpointName string
626+
627+
const (
628+
// GCPServiceEndpointNameCompute is the name used for the GCP Compute Service endpoint.
629+
GCPServiceEndpointNameCompute GCPServiceEndpointName = "Compute"
630+
631+
// GCPServiceEndpointNameContainer is the name used for the GCP Container Service endpoint.
632+
GCPServiceEndpointNameContainer GCPServiceEndpointName = "Container"
633+
634+
// GCPServiceEndpointNameCloudResource is the name used for the GCP Resource Manager Service endpoint.
635+
GCPServiceEndpointNameCloudResource GCPServiceEndpointName = "CloudResourceManager"
636+
637+
// GCPServiceEndpointNameDNS is the name used for the GCP DNS Service endpoint.
638+
GCPServiceEndpointNameDNS GCPServiceEndpointName = "DNS"
639+
640+
// GCPServiceEndpointNameFile is the name used for the GCP File Service endpoint.
641+
GCPServiceEndpointNameFile GCPServiceEndpointName = "File"
642+
643+
// GCPServiceEndpointNameIAM is the name used for the GCP IAM Service endpoint.
644+
GCPServiceEndpointNameIAM GCPServiceEndpointName = "IAM"
645+
646+
// GCPServiceEndpointNameServiceUsage is the name used for the GCP Service Usage Service endpoint.
647+
GCPServiceEndpointNameServiceUsage GCPServiceEndpointName = "ServiceUsage"
648+
649+
// GCPServiceEndpointNameStorage is the name used for the GCP Storage Service endpoint.
650+
GCPServiceEndpointNameStorage GCPServiceEndpointName = "Storage"
651+
652+
// GCPServiceEndpointNameTagManager is the name used for the GCP Tag Manager Service endpoint.
653+
GCPServiceEndpointNameTagManager GCPServiceEndpointName = "TagManager"
654+
)
655+
656+
// GCPServiceEndpoint store the configuration of a custom url to
657+
// override existing defaults of GCP Services.
658+
type GCPServiceEndpoint struct {
659+
// name is the name of the GCP service whose endpoint is being overridden.
660+
// This must be provided and cannot be empty.
661+
//
662+
// Allowed values are Compute, Container, CloudResourceManager, DNS, File, IAM, ServiceUsage,
663+
// Storage, and TagManager.
664+
//
665+
// As an example, when setting the name to Compute all requests made by the caller to the GCP Compute
666+
// Service will be directed to the endpoint specified in the url field.
667+
//
668+
// +required
669+
Name GCPServiceEndpointName `json:"name"`
670+
671+
// url is a fully qualified URI that overrides the default endpoint for a client using the GCP service specified
672+
// in the name field.
673+
// url is required, must use the scheme https, must not be more than 253 characters in length,
674+
// and must be a valid URL according to Go's net/url package (https://pkg.go.dev/net/url#URL)
675+
//
676+
// An example of a valid endpoint that overrides the Compute Service: "https://compute-myendpoint1.p.googleapis.com"
677+
//
678+
// +required
679+
// +kubebuilder:validation:MaxLength=253
680+
// +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL"
681+
// +kubebuilder:validation:XValidation:rule="isURL(self) ? (url(self).getScheme() == \"https\") : true",message="scheme must be https"
682+
URL string `json:"url"`
683+
}
684+
623685
// GCPPlatformSpec holds the desired state of the Google Cloud Platform infrastructure provider.
624686
// This only includes fields that can be modified in the cluster.
625-
type GCPPlatformSpec struct{}
687+
type GCPPlatformSpec struct {
688+
// serviceEndpoints specifies endpoints that override the default endpoints
689+
// used when creating clients to interact with GCP services.
690+
// serviceEndpoints is optional.
691+
// Only 1 endpoint override is permitted for each GCP service.
692+
// The maximum number of endpoint overrides allowed is 9.
693+
// +listType=atomic
694+
// +kubebuilder:validation:MaxItems=9
695+
// +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x.name == y.name))",message="only 1 endpoint override is permitted for a GCP service"
696+
// +optional
697+
// +openshift:enable:FeatureGate=GCPCustomAPIEndpoints
698+
ServiceEndpoints []GCPServiceEndpoint `json:"serviceEndpoints,omitempty"`
699+
}
626700

627701
// GCPPlatformStatus holds the current status of the Google Cloud Platform infrastructure provider.
628702
// +openshift:validation:FeatureGateAwareXValidation:featureGate=GCPLabelsTags,rule="!has(oldSelf.resourceLabels) && !has(self.resourceLabels) || has(oldSelf.resourceLabels) && has(self.resourceLabels)",message="resourceLabels may only be configured during installation"
@@ -675,6 +749,17 @@ type GCPPlatformStatus struct {
675749
// +optional
676750
// +nullable
677751
CloudLoadBalancerConfig *CloudLoadBalancerConfig `json:"cloudLoadBalancerConfig,omitempty"`
752+
753+
// serviceEndpoints list contains custom endpoints which will override default
754+
// service endpoint of GCP Services.
755+
// ServiceEndpoints is optional, when provided there must be only one
756+
// ServiceEndpoint for a service. The maximum number of service endpoints is 9.
757+
// +listType=atomic
758+
// +kubebuilder:validation:MaxItems=9
759+
// +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x.name == y.name))",message="only 1 endpoint override is permitted for a GCP service"
760+
// +optional
761+
// +openshift:enable:FeatureGate=GCPCustomAPIEndpoints
762+
ServiceEndpoints []GCPServiceEndpoint `json:"serviceEndpoints,omitempty"`
678763
}
679764

680765
// GCPResourceLabel is a label to apply to GCP resources created for the cluster.

0 commit comments

Comments
 (0)