Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EKS-Addons support for pod identity associations #7807

Merged
merged 35 commits into from
Jun 3, 2024
Merged

EKS-Addons support for pod identity associations #7807

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
5782494
add new addon fields required for pod identity support
TiberiuGC Apr 25, 2024
1d5b861
ammend create addon command to create roles for pod identity associat…
TiberiuGC Apr 29, 2024
cc94cf1
ammend delete addon command to delete roles for pod identity associat…
TiberiuGC Apr 30, 2024
a645a6e
small tweaks
TiberiuGC Apr 30, 2024
3c535ef
Support updating podIdentityAssociations for addons
cPu1 Apr 29, 2024
4be08c8
Show addon.podIdentityAssociations in `get addon`
cPu1 Apr 29, 2024
e079911
Disallow updating podidentityassociations owned by addons
cPu1 Apr 29, 2024
1e69cf0
Show pod identities in `get addons`, use a pointer for addon.podIdent…
cPu1 May 6, 2024
961bd52
Update mocks
cPu1 May 6, 2024
07d83f1
Fix deleting the specified addon instead of all addons
cPu1 May 6, 2024
bfb0a8b
Disallow deletion of addon pod identities in `delete podidentityassoc…
cPu1 May 6, 2024
77f841d
Show ownerARN in `get podidentityassociations`
cPu1 May 6, 2024
aeac061
Fix `create cluster` when iam.podIdentityAssociations is unset
cPu1 May 6, 2024
b9eea35
Delete IAM resources when addon.podIdentityAssociations is []
cPu1 May 7, 2024
1b0c2ca
take into account that not all EKS addons will support pod IDs at launch
TiberiuGC May 9, 2024
7e32105
add validations
TiberiuGC May 9, 2024
cca112c
Migrate EKS addons to pod identity using the Addons API
cPu1 May 9, 2024
8b9c4db
add unit tests and update generated files
TiberiuGC May 12, 2024
5a58bc4
Migrate: ignore pod identity associations that already exist
cPu1 May 10, 2024
0afd1ac
add docs && tweak validation
TiberiuGC May 14, 2024
3c4d4ee
Delete old IRSA stack in `update addon`
cPu1 May 15, 2024
d5b6778
Add integration test for addon.podIdentityAssociations
cPu1 May 22, 2024
8a36b28
add integration tests for creating and deleting addons && bugfixes ar…
TiberiuGC May 27, 2024
4bb1a7d
update describe addon config command to return pod identity config
TiberiuGC May 27, 2024
c63f625
add auto-create-pod-identity-associations CLI flag
TiberiuGC May 27, 2024
80ecc7b
update unit tests
TiberiuGC May 27, 2024
befc6a9
update list of minimum IAM permissions
TiberiuGC May 28, 2024
d970920
tech debt - unskip tests from PI suite
TiberiuGC May 28, 2024
55004c1
fix addons integration test
TiberiuGC May 29, 2024
dda4a32
Allow updating addons with recommended IAM policies, disallow setting…
cPu1 May 30, 2024
5a96c5e
Add more validation
cPu1 Jun 3, 2024
6a73694
Rename fields to addonsConfig.autoApplyPodIdentityAssociations and ad…
cPu1 Jun 3, 2024
bb87f30
Update AWS SDK
cPu1 Jun 3, 2024
e64db43
use service level endpoint resolver instead of global endpoint resolv…
TiberiuGC Jun 3, 2024
b71d96e
Update link to docs
cPu1 Jun 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 29 additions & 0 deletions .mockery.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,3 +48,32 @@ packages:
config:
dir: "{{.InterfaceDir}}/mocks"
outpkg: mocks

github.com/weaveworks/eksctl/pkg/actions/addon:
interfaces:
IAMRoleCreator:
config:
dir: "{{.InterfaceDir}}/mocks"
outpkg: mocks

IAMRoleUpdater:
config:
dir: "{{.InterfaceDir}}/mocks"
outpkg: mocks

PodIdentityIAMUpdater:
config:
dir: "{{.InterfaceDir}}/mocks"
outpkg: mocks

github.com/weaveworks/eksctl/pkg/actions/podidentityassociation:
interfaces:
StackDeleter:
config:
with-expecter: true
dir: "{{.InterfaceDir}}/mocks"
outpkg: mocks
RoleMigrator:
config:
dir: "{{.InterfaceDir}}/mocks"
outpkg: mocks
8 changes: 4 additions & 4 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ require (
github.com/Masterminds/semver/v3 v3.2.1
github.com/aws/amazon-ec2-instance-selector/v2 v2.4.2-0.20230601180523-74e721cb8c1e
github.com/aws/aws-sdk-go v1.51.16
github.com/aws/aws-sdk-go-v2 v1.26.1
github.com/aws/aws-sdk-go-v2 v1.27.1
github.com/aws/aws-sdk-go-v2/config v1.27.11
github.com/aws/aws-sdk-go-v2/credentials v1.17.11
github.com/aws/aws-sdk-go-v2/service/autoscaling v1.40.5
Expand All @@ -20,7 +20,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.35.1
github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider v1.36.3
github.com/aws/aws-sdk-go-v2/service/ec2 v1.156.0
github.com/aws/aws-sdk-go-v2/service/eks v1.42.1
github.com/aws/aws-sdk-go-v2/service/eks v1.43.0
github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.24.4
github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.30.5
github.com/aws/aws-sdk-go-v2/service/iam v1.32.0
Expand Down Expand Up @@ -127,8 +127,8 @@ require (
github.com/atotto/clipboard v0.1.4 // indirect
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.8 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.8 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.2 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.7 // indirect
Expand Down
16 changes: 8 additions & 8 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -716,8 +716,8 @@ github.com/aws/amazon-ec2-instance-selector/v2 v2.4.2-0.20230601180523-74e721cb8
github.com/aws/aws-sdk-go v1.51.16 h1:vnWKK8KjbftEkuPX8bRj3WHsLy1uhotn0eXptpvrxJI=
github.com/aws/aws-sdk-go v1.51.16/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
github.com/aws/aws-sdk-go-v2 v1.16.15/go.mod h1:SwiyXi/1zTUZ6KIAmLK5V5ll8SiURNUYOqTerZPaF9k=
github.com/aws/aws-sdk-go-v2 v1.26.1 h1:5554eUqIYVWpU0YmeeYZ0wU64H2VLBs8TlhRB2L+EkA=
github.com/aws/aws-sdk-go-v2 v1.26.1/go.mod h1:ffIFB97e2yNsv4aTSGkqtHnppsIJzw7G7BReUZ3jCXM=
github.com/aws/aws-sdk-go-v2 v1.27.1 h1:xypCL2owhog46iFxBKKpBcw+bPTX/RJzwNj8uSilENw=
github.com/aws/aws-sdk-go-v2 v1.27.1/go.mod h1:ffIFB97e2yNsv4aTSGkqtHnppsIJzw7G7BReUZ3jCXM=
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 h1:x6xsQXGSmW6frevwDA+vi/wqhp1ct18mVXYN08/93to=
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2/go.mod h1:lPprDr1e6cJdyYeGXnRaJoP4Md+cDBvi2eOj00BlGmg=
github.com/aws/aws-sdk-go-v2/config v1.27.11 h1:f47rANd2LQEYHda2ddSCKYId18/8BhSRM4BULGmfgNA=
Expand All @@ -727,11 +727,11 @@ github.com/aws/aws-sdk-go-v2/credentials v1.17.11/go.mod h1:AQtFPsDH9bI2O+71anW6
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1 h1:FVJ0r5XTHSmIHJV6KuDmdYhEpvlHpiSd38RQWhut5J4=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1/go.mod h1:zusuAeqezXzAB24LGuzuekqMAEgWkVYukBec3kr3jUg=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.22/go.mod h1:/vNv5Al0bpiF8YdX2Ov6Xy05VTiXsql94yUqJMYaj0w=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5 h1:aw39xVGeRWlWx9EzGVnhOR4yOjQDHPQ6o6NmBlscyQg=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.5/go.mod h1:FSaRudD0dXiMPK2UjknVwwTYyZMRsHv3TtkabsZih5I=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.8 h1:RnLB7p6aaFMRfyQkD6ckxR7myCC9SABIqSz4czYUUbU=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.8/go.mod h1:XH7dQJd+56wEbP1I4e4Duo+QhSMxNArE8VP7NuUOTeM=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.16/go.mod h1:62dsXI0BqTIGomDl8Hpm33dv0OntGaVblri3ZRParVQ=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5 h1:PG1F3OD1szkuQPzDw3CIQsRIrtTlUC3lP84taWzHlq0=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.5/go.mod h1:jU1li6RFryMz+so64PpKtudI+QzbKoIEivqdf6LNpOc=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.8 h1:jzApk2f58L9yW9q1GEab3BMMFWUkkiZhyrRUtbwUbKU=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.8/go.mod h1:WqO+FftfO3tGePUtQxPXM6iODVfqMwsVMgTbG/ZXIdQ=
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 h1:hT8rVHwugYE2lEfdFE0QWVo81lF7jMrYJVDWI+f+VxU=
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0/go.mod h1:8tu/lYfQfFe6IGnaOdrpVgEL2IrrDOf6/m9RQum4NkY=
github.com/aws/aws-sdk-go-v2/service/autoscaling v1.40.5 h1:vhdJymxlWS2qftzLiuCjSswjXBRLGfzo/BEE9LDveBA=
Expand All @@ -746,8 +746,8 @@ github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider v1.36.3 h1:JNWpkjIm
github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider v1.36.3/go.mod h1:TiLZ2/+WAEyG2PnuAYj/un46UJ7qBf5BWWTAKgaHP8I=
github.com/aws/aws-sdk-go-v2/service/ec2 v1.156.0 h1:TFK9GeUINErClL2+A+GLYhjiChVdaXCgIUiCsS/UQrE=
github.com/aws/aws-sdk-go-v2/service/ec2 v1.156.0/go.mod h1:xejKuuRDjz6z5OqyeLsz01MlOqqW7CqpAB4PabNvpu8=
github.com/aws/aws-sdk-go-v2/service/eks v1.42.1 h1:q7MWjPP0uCmUvuGDFCvkbqRkqfH+Bq6di9RTd64S0YM=
github.com/aws/aws-sdk-go-v2/service/eks v1.42.1/go.mod h1:UhKBrO0Ezz8iIg02a6u4irGKBKh0gTz3fF8LNdD2vDI=
github.com/aws/aws-sdk-go-v2/service/eks v1.43.0 h1:TRgA51vdnrXiZpCab7pQT0bF52rX5idH0/fzrIVnQS0=
github.com/aws/aws-sdk-go-v2/service/eks v1.43.0/go.mod h1:875ZmajQCZ9N7HeR1DE25nTSaalkqGYzQa+BxLattlQ=
github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.24.4 h1:V5YvSMQwZklktzYeOOhYdptx7rP650XP3RnxwNu1UEQ=
github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.24.4/go.mod h1:aYygRYqRxmLGrxRxAisgNarwo4x8bcJG14rh4r57VqE=
github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.30.5 h1:/x2u/TOx+n17U+gz98TOw1HKJom0EOqrhL4SjrHr0cQ=
Expand Down
Loading