Add support for API Server sidecar containers

Signed-off-by: Joe Nathan Abellard <contact@jabellard.com>

operator/pkg/apis/operator/v1alpha1/type.go

@@ -353,6 +353,12 @@ type KarmadaAPIServer struct {
 	// More info: https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/
 	// +optional
 	FeatureGates map[string]bool `json:"featureGates,omitempty"`
+
+	// SidecarContainers specifies a list of sidecar containers to be deployed
+	// within the Karmada API server pod.
+	// This enables users to integrate auxiliary services such as KMS plugins for configuring encryption at rest.
+	// +optional
+	SidecarContainers []corev1.Container `json:"sidecarContainers,omitempty"`
 }
 
 // KarmadaAggregatedAPIServer holds settings to karmada-aggregated-apiserver component of the karmada.

operator/pkg/apis/operator/v1alpha1/zz_generated.deepcopy.go

@@ -341,6 +341,13 @@ func (in *KarmadaAPIServer) DeepCopyInto(out *KarmadaAPIServer) {
 			(*out)[key] = val
 		}
 	}
+	if in.SidecarContainers != nil {
+		in, out := &in.SidecarContainers, &out.SidecarContainers
+		*out = make([]v1.Container, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }
 

operator/pkg/controlplane/apiserver/apiserver.go

@@ -81,7 +81,7 @@ func installKarmadaAPIServer(client clientset.Interface, cfg *operatorv1alpha1.K
 	patcher.NewPatcher().WithAnnotations(cfg.Annotations).WithLabels(cfg.Labels).
 		WithPriorityClassName(cfg.CommonSettings.PriorityClassName).
 		WithExtraArgs(cfg.ExtraArgs).WithExtraVolumeMounts(cfg.ExtraVolumeMounts).
-		WithExtraVolumes(cfg.ExtraVolumes).WithResources(cfg.Resources).ForDeployment(apiserverDeployment)
+		WithExtraVolumes(cfg.ExtraVolumes).WithSidecarContainers(cfg.SidecarContainers).WithResources(cfg.Resources).ForDeployment(apiserverDeployment)
 
 	if err := apiclient.CreateOrUpdateDeployment(client, apiserverDeployment); err != nil {
 		return fmt.Errorf("error when creating deployment for %s, err: %w", apiserverDeployment.Name, err)

operator/pkg/util/patcher/pather.go

@@ -41,6 +41,7 @@ type Patcher struct {
 	extraArgs         map[string]string
 	extraVolumes      []corev1.Volume
 	extraVolumeMounts []corev1.VolumeMount
+	sidecarContainers []corev1.Container
 	featureGates      map[string]bool
 	volume            *operatorv1alpha1.VolumeData
 	resources         corev1.ResourceRequirements
@@ -87,6 +88,12 @@ func (p *Patcher) WithExtraVolumeMounts(extraVolumeMounts []corev1.VolumeMount)
 	return p
 }
 
+// WithSidecarContainers sets sidecar containers for the patcher.
+func (p *Patcher) WithSidecarContainers(sidecarContainers []corev1.Container) *Patcher {
+	p.sidecarContainers = sidecarContainers
+	return p
+}
+
 // WithFeatureGates sets featureGates to the patcher.
 func (p *Patcher) WithFeatureGates(featureGates map[string]bool) *Patcher {
 	p.featureGates = featureGates
@@ -144,6 +151,7 @@ func (p *Patcher) ForDeployment(deployment *appsv1.Deployment) {
 		command = append(command, buildArgumentListFromMap(argsMap, overrideArgs)...)
 		deployment.Spec.Template.Spec.Containers[0].Command = command
 	}
+	deployment.Spec.Template.Spec.Containers = append(deployment.Spec.Template.Spec.Containers, p.sidecarContainers...)
 	// Add extra volumes and volume mounts
 	// First container in the pod is expected to contain the Karmada component
 	deployment.Spec.Template.Spec.Volumes = append(deployment.Spec.Template.Spec.Volumes, p.extraVolumes...)