Integrate Microk8s bootstrap v0.6.10

.github/workflows/cla-check.yml

@@ -9,4 +9,4 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check if CLA signed
-        uses: canonical/has-signed-canonical-cla@1.1.6
+        uses: canonical/has-signed-canonical-cla@v1

.github/workflows/go.yml

@@ -15,7 +15,7 @@ jobs:
       - name: Install Go
         uses: actions/setup-go@v2
         with:
-          go-version: "1.19"
+          go-version: "1.21"
 
       - name: go fmt
         run: make fmt
@@ -37,7 +37,7 @@ jobs:
       - name: Install Go
         uses: actions/setup-go@v2
         with:
-          go-version: "1.19"
+          go-version: "1.21"
 
       - name: Run tests
         run: make test
@@ -53,7 +53,7 @@ jobs:
       - name: Install Go
         uses: actions/setup-go@v2
         with:
-          go-version: "1.19"
+          go-version: "1.21"
 
       - name: Try build
         run: make

Makefile

@@ -122,7 +122,7 @@ docker-push-manifest: ## Push the fat manifest docker image.
 
 .PHONY: lint
 lint: golangci-lint ## Lint the codebase
-	$(GOLANGCI_LINT) run -v --go=1.19 --timeout 3m0s
+	$(GOLANGCI_LINT) run -v --go=1.21 --timeout 3m0s
 
 ##@ Deployment
 
@@ -150,7 +150,7 @@ undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/confi
 GOLANGCI_LINT = $(shell pwd)/bin/golangci-lint
 .PHONY: golangci-lint
 golangci-lint: ## Download golangci-lint locally if necessary.
-	$(call go-get-tool,$(GOLANGCI_LINT),github.com/golangci/golangci-lint/cmd/golangci-lint@v1.50.1)
+	$(call go-get-tool,$(GOLANGCI_LINT),github.com/golangci/golangci-lint/cmd/golangci-lint@v1.57.2)
 
 CONTROLLER_GEN = $(shell pwd)/bin/controller-gen
 .PHONY: controller-gen

apis/v1beta1/microk8sconfig_types.go

@@ -81,6 +81,15 @@ type InitConfiguration struct {
 	// +kubebuilder:default:=stable
 	RiskLevel string `json:"riskLevel,omitempty"`
 
+	// Whether or not to use the default CNI
+	// +optional
+	DisableDefaultCNI bool `json:"disableDefaultCNI,omitempty"`
+
+	// The snap store proxy domain's scheme, e.g. "http" or "https" without "://"
+	// Defaults to "http".
+	// +optional
+	SnapstoreProxyScheme string `json:"snapstoreProxyScheme,omitempty"`
+
 	// The snap store proxy domain
 	// +optional
 	SnapstoreProxyDomain string `json:"snapstoreProxyDomain,omitempty"`

bootstrap-components.yaml

@@ -97,6 +97,9 @@ spec:
                     - classic
                     - strict
                     type: string
+                  disableDefaultCNI:
+                    description: Whether or not to use the default CNI
+                    type: boolean
                   extraKubeletArgs:
                     description: ExtraKubeletArgs is a list of extra arguments to
                       add to the kubelet.
@@ -187,6 +190,10 @@ spec:
                   snapstoreProxyId:
                     description: The snap store proxy ID
                     type: string
+                  snapstoreProxyScheme:
+                    description: The snap store proxy domain's scheme, e.g. "http"
+                      or "https" without "://" Defaults to "http".
+                    type: string
                 type: object
             type: object
           status:
@@ -369,6 +376,9 @@ spec:
                             - classic
                             - strict
                             type: string
+                          disableDefaultCNI:
+                            description: Whether or not to use the default CNI
+                            type: boolean
                           extraKubeletArgs:
                             description: ExtraKubeletArgs is a list of extra arguments
                               to add to the kubelet.
@@ -462,6 +472,10 @@ spec:
                           snapstoreProxyId:
                             description: The snap store proxy ID
                             type: string
+                          snapstoreProxyScheme:
+                            description: The snap store proxy domain's scheme, e.g.
+                              "http" or "https" without "://" Defaults to "http".
+                            type: string
                         type: object
                     type: object
                 type: object

config/crd/bases/bootstrap.cluster.x-k8s.io_microk8sconfigs.yaml

@@ -87,6 +87,9 @@ spec:
                     - classic
                     - strict
                     type: string
+                  disableDefaultCNI:
+                    description: Whether or not to use the default CNI
+                    type: boolean
                   extraKubeletArgs:
                     description: ExtraKubeletArgs is a list of extra arguments to
                       add to the kubelet.
@@ -177,6 +180,10 @@ spec:
                   snapstoreProxyId:
                     description: The snap store proxy ID
                     type: string
+                  snapstoreProxyScheme:
+                    description: The snap store proxy domain's scheme, e.g. "http"
+                      or "https" without "://" Defaults to "http".
+                    type: string
                 type: object
             type: object
           status:

config/crd/bases/bootstrap.cluster.x-k8s.io_microk8sconfigtemplates.yaml

@@ -95,6 +95,9 @@ spec:
                             - classic
                             - strict
                             type: string
+                          disableDefaultCNI:
+                            description: Whether or not to use the default CNI
+                            type: boolean
                           extraKubeletArgs:
                             description: ExtraKubeletArgs is a list of extra arguments
                               to add to the kubelet.
@@ -188,6 +191,10 @@ spec:
                           snapstoreProxyId:
                             description: The snap store proxy ID
                             type: string
+                          snapstoreProxyScheme:
+                            description: The snap store proxy domain's scheme, e.g.
+                              "http" or "https" without "://" Defaults to "http".
+                            type: string
                         type: object
                     type: object
                 type: object

controllers/cloudinit/cloudinit_common_test.go

@@ -78,9 +78,9 @@ func TestCloudConfigInput(t *testing.T) {
 								g.Expect(err).NotTo(HaveOccurred())
 
 								if confinement == "classic" {
-									g.Expect(c.RunCommands).To(ContainElement(fmt.Sprintf(`/capi-scripts/00-install-microk8s.sh "--channel 1.25/%s --classic"`, risk)))
+									g.Expect(c.RunCommands).To(ContainElement(fmt.Sprintf(`/capi-scripts/00-install-microk8s.sh "--channel 1.25/%s --classic" false`, risk)))
 								} else {
-									g.Expect(c.RunCommands).To(ContainElement(fmt.Sprintf(`/capi-scripts/00-install-microk8s.sh "--channel 1.25-strict/%s"`, risk)))
+									g.Expect(c.RunCommands).To(ContainElement(fmt.Sprintf(`/capi-scripts/00-install-microk8s.sh "--channel 1.25-strict/%s" false`, risk)))
 								}
 
 								_, err = cloudinit.GenerateCloudConfig(c)
@@ -93,6 +93,48 @@ func TestCloudConfigInput(t *testing.T) {
 		}
 	})
 
+	t.Run("DisableDefaultCNI", func(t *testing.T) {
+		for _, tc := range []struct {
+			name            string
+			makeCloudConfig func() (*cloudinit.CloudConfig, error)
+		}{
+			{
+				name: "ControlPlaneJoin",
+				makeCloudConfig: func() (*cloudinit.CloudConfig, error) {
+					return cloudinit.NewJoinControlPlane(&cloudinit.ControlPlaneJoinInput{
+						KubernetesVersion: "v1.25.0",
+						Confinement:       "classic",
+						Token:             strings.Repeat("a", 32),
+						TokenTTL:          100,
+						DisableDefaultCNI: true,
+					})
+				},
+			},
+			{
+				name: "ControlPlaneInit",
+				makeCloudConfig: func() (*cloudinit.CloudConfig, error) {
+					return cloudinit.NewInitControlPlane(&cloudinit.ControlPlaneInitInput{
+						KubernetesVersion: "v1.25.0",
+						Confinement:       "classic",
+						Token:             strings.Repeat("a", 32),
+						TokenTTL:          100,
+						DisableDefaultCNI: true,
+					})
+				},
+			},
+		} {
+			t.Run(tc.name, func(t *testing.T) {
+				g := NewWithT(t)
+				c, err := tc.makeCloudConfig()
+				g.Expect(err).NotTo(HaveOccurred())
+
+				g.Expect(c.RunCommands).To(ContainElement(`/capi-scripts/00-install-microk8s.sh "--channel 1.25 --classic" true`))
+				_, err = cloudinit.GenerateCloudConfig(c)
+				g.Expect(err).NotTo(HaveOccurred())
+			})
+		}
+	})
+
 	t.Run("ExtraWriteFiles", func(t *testing.T) {
 		files := []v1beta1.CloudInitWriteFile{{
 			Content:     "contents",
@@ -228,38 +270,41 @@ func TestCloudConfigInput(t *testing.T) {
 	t.Run("SnapstoreProxy", func(t *testing.T) {
 		for _, tc := range []struct {
 			name            string
-			makeCloudConfig func() (*cloudinit.CloudConfig, error)
+			makeCloudConfig func(scheme string) (*cloudinit.CloudConfig, error)
 		}{
 			{
 				name: "ControlPlaneInit",
-				makeCloudConfig: func() (*cloudinit.CloudConfig, error) {
+				makeCloudConfig: func(scheme string) (*cloudinit.CloudConfig, error) {
 					return cloudinit.NewInitControlPlane(&cloudinit.ControlPlaneInitInput{
 						KubernetesVersion:    "v1.25.0",
 						Token:                strings.Repeat("a", 32),
 						TokenTTL:             100,
+						SnapstoreProxyScheme: scheme,
 						SnapstoreProxyDomain: "snapstore.domain.com",
 						SnapstoreProxyId:     "ID123456789",
 					})
 				},
 			},
 			{
 				name: "ControlPlaneJoin",
-				makeCloudConfig: func() (*cloudinit.CloudConfig, error) {
+				makeCloudConfig: func(scheme string) (*cloudinit.CloudConfig, error) {
 					return cloudinit.NewJoinControlPlane(&cloudinit.ControlPlaneJoinInput{
 						KubernetesVersion:    "v1.25.0",
 						Token:                strings.Repeat("a", 32),
 						TokenTTL:             100,
+						SnapstoreProxyScheme: scheme,
 						SnapstoreProxyDomain: "snapstore.domain.com",
 						SnapstoreProxyId:     "ID123456789",
 					})
 				},
 			},
 			{
 				name: "Worker",
-				makeCloudConfig: func() (*cloudinit.CloudConfig, error) {
+				makeCloudConfig: func(scheme string) (*cloudinit.CloudConfig, error) {
 					return cloudinit.NewJoinWorker(&cloudinit.WorkerInput{
 						KubernetesVersion:    "v1.25.0",
 						Token:                strings.Repeat("a", 32),
+						SnapstoreProxyScheme: scheme,
 						SnapstoreProxyDomain: "snapstore.domain.com",
 						SnapstoreProxyId:     "ID123456789",
 					})
@@ -268,10 +313,22 @@ func TestCloudConfigInput(t *testing.T) {
 		} {
 			t.Run(tc.name, func(t *testing.T) {
 				g := NewWithT(t)
-				c, err := tc.makeCloudConfig()
-				g.Expect(err).NotTo(HaveOccurred())
 
-				g.Expect(c.RunCommands).To(ContainElement(`/capi-scripts/00-configure-snapstore-proxy.sh "snapstore.domain.com" "ID123456789"`))
+				for _, withScheme := range []string{"", "http", "https"} {
+					t.Run(fmt.Sprintf("withScheme=%q", withScheme), func(t *testing.T) {
+						c, err := tc.makeCloudConfig(withScheme)
+						g.Expect(err).NotTo(HaveOccurred())
+
+						// if scheme is unspecified, default to http
+						var expectedScheme string
+						if withScheme == "" {
+							expectedScheme = "http"
+						} else {
+							expectedScheme = withScheme
+						}
+						g.Expect(c.RunCommands).To(ContainElement(fmt.Sprintf(`/capi-scripts/00-configure-snapstore-proxy.sh %q "snapstore.domain.com" "ID123456789"`, expectedScheme)))
+					})
+				}
 			})
 		}
 	})

controllers/cloudinit/controlplane_init.go

@@ -57,6 +57,10 @@ type ControlPlaneInitInput struct {
 	Confinement string
 	// RiskLevel specifies the risk level (strict, candidate, beta, edge) for the snap channels.
 	RiskLevel string
+	// DisableDefaultCNI specifies whether to disable the default CNI plugin.
+	DisableDefaultCNI bool
+	// SnapstoreProxyScheme specifies the scheme (e.g. http or https) of the domain. Defaults to "http".
+	SnapstoreProxyScheme string
 	// SnapstoreProxyDomain specifies the domain of the snapstore proxy if one is to be used.
 	SnapstoreProxyDomain string
 	// SnapstoreProxyId specifies the snapstore proxy ID if one is to be used.
@@ -86,6 +90,10 @@ func NewInitControlPlane(input *ControlPlaneInitInput) (*CloudConfig, error) {
 		return nil, fmt.Errorf("join token TTL %q is not a positive number", input.TokenTTL)
 	}
 
+	if input.SnapstoreProxyScheme == "" {
+		input.SnapstoreProxyScheme = "http"
+	}
+
 	// figure out endpoint type
 	endpointType := "DNS"
 	if net.ParseIP(input.ControlPlaneEndpoint) != nil {
@@ -139,9 +147,9 @@ func NewInitControlPlane(input *ControlPlaneInitInput) (*CloudConfig, error) {
 	cloudConfig.RunCommands = append(cloudConfig.RunCommands, input.PreRunCommands...)
 	cloudConfig.RunCommands = append(cloudConfig.RunCommands,
 		fmt.Sprintf("%s %q %q", scriptPath(snapstoreHTTPProxyScript), input.SnapstoreHTTPProxy, input.SnapstoreHTTPSProxy),
-		fmt.Sprintf("%s %q %q", scriptPath(snapstoreProxyScript), input.SnapstoreProxyDomain, input.SnapstoreProxyId),
+		fmt.Sprintf("%s %q %q %q", scriptPath(snapstoreProxyScript), input.SnapstoreProxyScheme, input.SnapstoreProxyDomain, input.SnapstoreProxyId),
 		scriptPath(disableHostServicesScript),
-		fmt.Sprintf("%s %q", scriptPath(installMicroK8sScript), installArgs),
+		fmt.Sprintf("%s %q %v", scriptPath(installMicroK8sScript), installArgs, input.DisableDefaultCNI),
 		fmt.Sprintf("%s %q %q %q", scriptPath(configureContainerdProxyScript), input.ContainerdHTTPProxy, input.ContainerdHTTPSProxy, input.ContainerdNoProxy),
 		scriptPath(configureKubeletScript),
 		scriptPath(waitAPIServerScript),

controllers/cloudinit/controlplane_init_test.go

@@ -38,16 +38,17 @@ func TestControlPlaneInit(t *testing.T) {
 			IPinIP:               true,
 			Token:                strings.Repeat("a", 32),
 			TokenTTL:             10000,
+			DisableDefaultCNI:    true,
 			Confinement:          "classic",
 		})
 		g.Expect(err).NotTo(HaveOccurred())
 
 		g.Expect(cloudConfig.RunCommands).To(Equal([]string{
 			`set -x`,
 			`/capi-scripts/00-configure-snapstore-http-proxy.sh "" ""`,
-			`/capi-scripts/00-configure-snapstore-proxy.sh "" ""`,
+			`/capi-scripts/00-configure-snapstore-proxy.sh "http" "" ""`,
 			`/capi-scripts/00-disable-host-services.sh`,
-			`/capi-scripts/00-install-microk8s.sh "--channel 1.25 --classic"`,
+			`/capi-scripts/00-install-microk8s.sh "--channel 1.25 --classic" true`,
 			`/capi-scripts/10-configure-containerd-proxy.sh "" "" ""`,
 			`/capi-scripts/10-configure-kubelet.sh`,
 			`/capi-scripts/50-wait-apiserver.sh`,

controllers/cloudinit/controlplane_join.go

@@ -53,6 +53,10 @@ type ControlPlaneJoinInput struct {
 	Confinement string
 	// RiskLevel specifies the risk level (strict, candidate, beta, edge) for the snap channels.
 	RiskLevel string
+	// DisableDefaultCNI specifies whether to use the default CNI plugin.
+	DisableDefaultCNI bool
+	// SnapstoreProxyScheme specifies the scheme (e.g. http or https) of the domain. Defaults to "http".
+	SnapstoreProxyScheme string
 	// SnapstoreProxyDomain specifies the domain of the snapstore proxy if one is to be used.
 	SnapstoreProxyDomain string
 	// SnapstoreProxyId specifies the snapstore proxy ID if one is to be used.
@@ -100,6 +104,10 @@ func NewJoinControlPlane(input *ControlPlaneJoinInput) (*CloudConfig, error) {
 	}
 	installArgs := createInstallArgs(input.Confinement, input.RiskLevel, kubernetesVersion)
 
+	if input.SnapstoreProxyScheme == "" {
+		input.SnapstoreProxyScheme = "http"
+	}
+
 	cloudConfig := NewBaseCloudConfig()
 	cloudConfig.WriteFiles = append(cloudConfig.WriteFiles, input.ExtraWriteFiles...)
 	if args := input.ExtraKubeletArgs; len(args) > 0 {
@@ -121,9 +129,9 @@ func NewJoinControlPlane(input *ControlPlaneJoinInput) (*CloudConfig, error) {
 	cloudConfig.RunCommands = append(cloudConfig.RunCommands, input.PreRunCommands...)
 	cloudConfig.RunCommands = append(cloudConfig.RunCommands,
 		fmt.Sprintf("%s %q %q", scriptPath(snapstoreHTTPProxyScript), input.SnapstoreHTTPProxy, input.SnapstoreHTTPSProxy),
-		fmt.Sprintf("%s %q %q", scriptPath(snapstoreProxyScript), input.SnapstoreProxyDomain, input.SnapstoreProxyId),
+		fmt.Sprintf("%s %q %q %q", scriptPath(snapstoreProxyScript), input.SnapstoreProxyScheme, input.SnapstoreProxyDomain, input.SnapstoreProxyId),
 		scriptPath(disableHostServicesScript),
-		fmt.Sprintf("%s %q", scriptPath(installMicroK8sScript), installArgs),
+		fmt.Sprintf("%s %q %v", scriptPath(installMicroK8sScript), installArgs, input.DisableDefaultCNI),
 		fmt.Sprintf("%s %q %q %q", scriptPath(configureContainerdProxyScript), input.ContainerdHTTPProxy, input.ContainerdHTTPSProxy, input.ContainerdNoProxy),
 		scriptPath(configureKubeletScript),
 		scriptPath(waitAPIServerScript),

controllers/cloudinit/controlplane_join_test.go

@@ -34,6 +34,7 @@ func TestControlPlaneJoin(t *testing.T) {
 			ClusterAgentPort:     "30000",
 			DqlitePort:           "2379",
 			IPinIP:               true,
+			DisableDefaultCNI:    true,
 			Token:                strings.Repeat("a", 32),
 			TokenTTL:             10000,
 			JoinNodeIPs:          []string{"10.0.3.39", "10.0.3.40", "10.0.3.41"},
@@ -43,9 +44,9 @@ func TestControlPlaneJoin(t *testing.T) {
 		g.Expect(cloudConfig.RunCommands).To(Equal([]string{
 			`set -x`,
 			`/capi-scripts/00-configure-snapstore-http-proxy.sh "" ""`,
-			`/capi-scripts/00-configure-snapstore-proxy.sh "" ""`,
+			`/capi-scripts/00-configure-snapstore-proxy.sh "http" "" ""`,
 			`/capi-scripts/00-disable-host-services.sh`,
-			`/capi-scripts/00-install-microk8s.sh "--channel 1.25 --classic"`,
+			`/capi-scripts/00-install-microk8s.sh "--channel 1.25 --classic" true`,
 			`/capi-scripts/10-configure-containerd-proxy.sh "" "" ""`,
 			`/capi-scripts/10-configure-kubelet.sh`,
 			`/capi-scripts/50-wait-apiserver.sh`,