cert-manager: Add option to set feature gates

2024-05-05 07:34:10 +03:00 · 2024-05-05 07:34:10 +03:00 · 28bc42e6a1
parent 7851837b4a
commit 28bc42e6a1
10 changed files with 43 additions and 0 deletions
--- a/k8s/crds/kops.k8s.io_clusters.yaml
+++ b/k8s/crds/kops.k8s.io_clusters.yaml
@ -302,6 +302,12 @@ spec:
                      Enabled enables the cert manager.
                      Default: false
                    type: boolean
+                  featureGates:
+                    additionalProperties:
+                      type: boolean
+                    description: FeatureGates is a list of experimental features that
+                      can be enabled or disabled.
+                    type: object
                  hostedZoneIDs:
                    description: HostedZoneIDs is a list of route53 hostedzone IDs
                      that cert-manager will be allowed to do dns-01 validation for
--- a/pkg/apis/kops/componentconfig.go
+++ b/pkg/apis/kops/componentconfig.go
@ -1142,6 +1142,9 @@ type CertManagerConfig struct {

 	// HostedZoneIDs is a list of route53 hostedzone IDs that cert-manager will be allowed to do dns-01 validation for
 	HostedZoneIDs []string `json:"hostedZoneIDs,omitempty"`
+
+	// FeatureGates is a list of experimental features that can be enabled or disabled.
+	FeatureGates map[string]bool `json:"featureGates,omitempty"`
 }

 // LoadBalancerControllerSpec determines the AWS LB controller configuration.
--- a/pkg/apis/kops/v1alpha2/componentconfig.go
+++ b/pkg/apis/kops/v1alpha2/componentconfig.go
@ -1205,6 +1205,9 @@ type CertManagerConfig struct {

 	// HostedZoneIDs is a list of route53 hostedzone IDs that cert-manager will be allowed to do dns-01 validation for
 	HostedZoneIDs []string `json:"hostedZoneIDs,omitempty"`
+
+	// FeatureGates is a list of experimental features that can be enabled or disabled.
+	FeatureGates map[string]bool `json:"featureGates,omitempty"`
 }

 // LoadBalancerControllerSpec determines the AWS LB controller configuration.
--- a/pkg/apis/kops/v1alpha2/zz_generated.conversion.go
+++ b/pkg/apis/kops/v1alpha2/zz_generated.conversion.go
@ -1904,6 +1904,7 @@ func autoConvert_v1alpha2_CertManagerConfig_To_kops_CertManagerConfig(in *CertMa
 	out.DefaultIssuer = in.DefaultIssuer
 	out.Nameservers = in.Nameservers
 	out.HostedZoneIDs = in.HostedZoneIDs
+	out.FeatureGates = in.FeatureGates
 	return nil
 }

@ -1919,6 +1920,7 @@ func autoConvert_kops_CertManagerConfig_To_v1alpha2_CertManagerConfig(in *kops.C
 	out.DefaultIssuer = in.DefaultIssuer
 	out.Nameservers = in.Nameservers
 	out.HostedZoneIDs = in.HostedZoneIDs
+	out.FeatureGates = in.FeatureGates
 	return nil
 }

--- a/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go
+++ b/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go
@ -507,6 +507,13 @@ func (in *CertManagerConfig) DeepCopyInto(out *CertManagerConfig) {
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
+	if in.FeatureGates != nil {
+		in, out := &in.FeatureGates, &out.FeatureGates
+		*out = make(map[string]bool, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 	return
 }

--- a/pkg/apis/kops/v1alpha3/componentconfig.go
+++ b/pkg/apis/kops/v1alpha3/componentconfig.go
@ -1134,6 +1134,9 @@ type CertManagerConfig struct {

 	// HostedZoneIDs is a list of route53 hostedzone IDs that cert-manager will be allowed to do dns-01 validation for
 	HostedZoneIDs []string `json:"hostedZoneIDs,omitempty"`
+
+	// FeatureGates is a list of experimental features that can be enabled or disabled.
+	FeatureGates map[string]bool `json:"featureGates,omitempty"`
 }

 // LoadBalancerControllerSpec determines the AWS LB controller configuration.
--- a/pkg/apis/kops/v1alpha3/zz_generated.conversion.go
+++ b/pkg/apis/kops/v1alpha3/zz_generated.conversion.go
@ -2086,6 +2086,7 @@ func autoConvert_v1alpha3_CertManagerConfig_To_kops_CertManagerConfig(in *CertMa
 	out.DefaultIssuer = in.DefaultIssuer
 	out.Nameservers = in.Nameservers
 	out.HostedZoneIDs = in.HostedZoneIDs
+	out.FeatureGates = in.FeatureGates
 	return nil
 }

@ -2101,6 +2102,7 @@ func autoConvert_kops_CertManagerConfig_To_v1alpha3_CertManagerConfig(in *kops.C
 	out.DefaultIssuer = in.DefaultIssuer
 	out.Nameservers = in.Nameservers
 	out.HostedZoneIDs = in.HostedZoneIDs
+	out.FeatureGates = in.FeatureGates
 	return nil
 }

--- a/pkg/apis/kops/v1alpha3/zz_generated.deepcopy.go
+++ b/pkg/apis/kops/v1alpha3/zz_generated.deepcopy.go
@ -568,6 +568,13 @@ func (in *CertManagerConfig) DeepCopyInto(out *CertManagerConfig) {
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
+	if in.FeatureGates != nil {
+		in, out := &in.FeatureGates, &out.FeatureGates
+		*out = make(map[string]bool, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 	return
 }

--- a/pkg/apis/kops/zz_generated.deepcopy.go
+++ b/pkg/apis/kops/zz_generated.deepcopy.go
@ -567,6 +567,13 @@ func (in *CertManagerConfig) DeepCopyInto(out *CertManagerConfig) {
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
+	if in.FeatureGates != nil {
+		in, out := &in.FeatureGates, &out.FeatureGates
+		*out = make(map[string]bool, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 	return
 }

--- a/upup/models/cloudup/resources/addons/certmanager.io/k8s-1.16.yaml.template
+++ b/upup/models/cloudup/resources/addons/certmanager.io/k8s-1.16.yaml.template
@ -5440,6 +5440,9 @@ spec:
          - --default-issuer-kind=ClusterIssuer
          - --default-issuer-group=cert-manager.io
          {{ end }}
+          {{ range $key, $value := .CertManager.FeatureGates }}
+          - --feature-gates={{ $key }}={{ $value }}
+          {{ end }}
          ports:
          - containerPort: 9402
            name: http-metrics