feat: add cloud provider resources and role #449
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
utkuozdemir
force-pushed
the
cloud-provider-groundwork
branch
from
ca50e88
to
6f2eaec
Compare
utkuozdemir
changed the title
utkuozdemir
force-pushed
the
cloud-provider-groundwork
branch
3 times, most recently
from
5c7aaee
to
3fc6dbe
Compare
utkuozdemir
force-pushed
the
cloud-provider-groundwork
branch
2 times, most recently
from
9753e33
to
85869eb
Compare
utkuozdemir
changed the title
utkuozdemir
commented
Jul 15, 2024
Comment on lines
+261
to
+298
| func (st *State) filterEvents(ctx context.Context, cloudProviderID string, eventCh chan<- state.Event) chan state.Event { | ||
| innerEventCh := make(chan state.Event) | ||
|
|
||
| panichandler.Go(func() { | ||
| defer close(eventCh) | ||
|
|
||
| for { | ||
| select { | ||
| case <-ctx.Done(): | ||
| return | ||
|
|
||
| case event, ok := <-innerEventCh: | ||
| if !ok { | ||
| return | ||
| } | ||
|
|
||
| if event.Type == state.Bootstrapped || event.Type == state.Errored { | ||
| channel.SendWithContext(ctx, eventCh, event) | ||
|
|
||
| continue | ||
| } | ||
|
|
||
| if event.Resource != nil { | ||
| resCloudProviderID, cpOk := event.Resource.Metadata().Labels().Get(omni.LabelCloudProviderID) | ||
| if !cpOk || cloudProviderID != resCloudProviderID { | ||
| continue // discard | ||
| } | ||
| } | ||
|
|
||
| channel.SendWithContext(ctx, eventCh, event) | ||
| } | ||
| } | ||
| }, st.logger) | ||
|
|
||
| return innerEventCh | ||
| } |
There was a problem hiding this comment.
@smira I am not sure if I got this filtering logic right, pls have a look :)
utkuozdemir
force-pushed
the
cloud-provider-groundwork
branch
3 times, most recently
from
37b0505
to
5552da1
Compare
Unix4ever
reviewed
Jul 19, 2024
Unix4ever
reviewed
Jul 19, 2024
Unix4ever
approved these changes
Jul 22, 2024
|
/m |
utkuozdemir
force-pushed
the
cloud-provider-groundwork
branch
from
5552da1
to
4b6686b
Compare
Unix4ever
force-pushed
the
cloud-provider-groundwork
branch
from
4b6686b
to
5d1c3af
Compare
|
/m |
Unix4ever
force-pushed
the
cloud-provider-groundwork
branch
from
5d1c3af
to
611e298
Compare
Add the new resources for the cloud provider feature: `CloudConfigs`, `MachineRequests` and `MachineRequestStatuses`. Add a new role, `CloudProvider` with access to the resources a cloud provider plugin requires. Introduce the concept of "cloud provider service accounts" which are a special type of service accounts in the format `cloud-provider:<id>`. They must have the `CloudProvider` role and their id is matched against the label `omni.sidero.dev/cloud-provider-id` label on the `MachineRequest*` type resources. Signed-off-by: Utku Ozdemir <[email protected]>
utkuozdemir
force-pushed
the
cloud-provider-groundwork
branch
from
611e298
to
4ec7a43
Compare
|
/m |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add the new resources for the cloud provider feature:
CloudConfigs,MachineRequestsandMachineRequestStatuses.Add a new role,
CloudProviderwith access to the resources a cloud provider plugin requires.Introduce the concept of "cloud provider service accounts" which are a special type of service accounts in the format
cloud-provider:<id>. They must have theCloudProviderrole and their id is matched against the labelomni.sidero.dev/cloud-provider-idlabel on theMachineRequest*type resources.