mjudeikis · November 20, 2019 12:33
diff --git a/gistfile1.txt b/gistfile1.txt
 diff --git a/pkg/apis/hive/v1alpha1/validating-webhooks/clusterdeployment_validating_admission_hook.go b/pkg/apis/hive/v1alpha1/validating-webhooks/clusterdeployment_validating_admission_hook.go
 index 0c2b03a8..00fcaef8 100644
 --- a/pkg/apis/hive/v1alpha1/validating-webhooks/clusterdeployment_validating_admission_hook.go
 +++ b/pkg/apis/hive/v1alpha1/validating-webhooks/clusterdeployment_validating_admission_hook.go
 @@ -268,6 +268,7 @@ func (a *ClusterDeploymentValidatingAdmissionHook) validateCreate(admissionSpec
 	}
 	if newObject.Spec.Platform.GCP != nil {
 		numberOfPlatforms++
 +		canManageDNS = true
 		if newObject.Spec.PlatformSecrets.GCP == nil {
 			allErrs = append(allErrs, field.Required(platformSecretsPath.Child("gcp"), "must specify secrets for GCP access"))
 		}
 diff --git a/pkg/controller/clusterdeployment/clusterdeployment_controller.go b/pkg/controller/clusterdeployment/clusterdeployment_controller.go
 index dc9bbb7a..b655ad85 100644
 --- a/pkg/controller/clusterdeployment/clusterdeployment_controller.go
 +++ b/pkg/controller/clusterdeployment/clusterdeployment_controller.go
 @@ -1254,13 +1254,14 @@ func (r *ReconcileClusterDeployment) setDNSDelayMetric(cd *hivev1.ClusterDeploym
 
 func (r *ReconcileClusterDeployment) ensureManagedDNSZone(cd *hivev1.ClusterDeployment, cdLog log.FieldLogger) (*hivev1.DNSZone, error) {
 	// for now we only support AWS
 -	if cd.Spec.AWS == nil || cd.Spec.PlatformSecrets.AWS == nil {
 -		cdLog.Error("cluster deployment platform is not AWS, cannot manage DNS zone")
 -		if err := r.setDNSNotReadyCondition(cd, false, "Managed DNS is only supported on AWS", cdLog); err != nil {
 +	if (cd.Spec.AWS == nil || cd.Spec.PlatformSecrets.AWS == nil) &&
 +		(cd.Spec.GCP == nil || cd.Spec.PlatformSecrets.GCP == nil) {
 +		cdLog.Error("cluster deployment platform is not AWS, GCP, cannot manage DNS zone")
 +		if err := r.setDNSNotReadyCondition(cd, false, "Managed DNS is only supported on AWS and GCP", cdLog); err != nil {
 			cdLog.WithError(err).Log(controllerutils.LogLevel(err), "could not update DNSNotReadyCondition")
 			return nil, err
 		}
 -		return nil, errors.New("only AWS managed DNS is supported")
 +		return nil, errors.New("only AWS and GCP managed DNS is supported")
 	}
 	dnsZone := &hivev1.DNSZone{}
 	dnsZoneNamespacedName := types.NamespacedName{Namespace: cd.Namespace, Name: controllerutils.DNSZoneName(cd.Name)}
 @@ -1312,15 +1313,26 @@ func (r *ReconcileClusterDeployment) createManagedDNSZone(cd *hivev1.ClusterDepl
 		Spec: hivev1.DNSZoneSpec{
 			Zone:               cd.Spec.BaseDomain,
 			LinkToParentDomain: true,
 -			AWS: &hivev1.AWSDNSZoneSpec{
 -				AccountSecret: cd.Spec.PlatformSecrets.AWS.Credentials,
 -				Region:        cd.Spec.AWS.Region,
 -			},
 		},
 	}
 
 -	for k, v := range cd.Spec.AWS.UserTags {
 -		dnsZone.Spec.AWS.AdditionalTags = append(dnsZone.Spec.AWS.AdditionalTags, hivev1.AWSResourceTag{Key: k, Value: v})
 +	if cd.Spec.PlatformSecrets.AWS != nil {
 +		dnsZone.Spec.AWS = &hivev1.AWSDNSZoneSpec{
 +			AccountSecret: cd.Spec.PlatformSecrets.AWS.Credentials,
 +			Region:        cd.Spec.AWS.Region,
 +		}
 +	}
 +
 +	if cd.Spec.PlatformSecrets.GCP != nil {
 +		dnsZone.Spec.GCP = &hivev1.GCPDNSZoneSpec{
 +			CredentialsSecretRef: cd.Spec.PlatformSecrets.GCP.Credentials,
 +		}
 +	}
 +
 +	if cd.Spec.AWS != nil {
 +		for k, v := range cd.Spec.AWS.UserTags {
 +			dnsZone.Spec.AWS.AdditionalTags = append(dnsZone.Spec.AWS.AdditionalTags, hivev1.AWSResourceTag{Key: k, Value: v})
 +		}
 	}
 
 	if err := controllerutil.SetControllerReference(cd, dnsZone, r.scheme); err != nil {
 diff --git a/pkg/controller/dnsendpoint/nameserver/gcp.go b/pkg/controller/dnsendpoint/nameserver/gcp.go
 index 62aa6dd3..ee0367be 100644
 --- a/pkg/controller/dnsendpoint/nameserver/gcp.go
 +++ b/pkg/controller/dnsendpoint/nameserver/gcp.go
 @@ -199,9 +199,14 @@ func (q *gcpQuery) deleteNameServers(gcpClient gcpclient.Client, managedZone str
 }
 
 func (q *gcpQuery) resourceRecordSet(domain string, values sets.String) *dns.ResourceRecordSet {
 +	dottedList := []string{}
 +	for _, r := range values.List() {
 +		dottedList = append(dottedList, controllerutils.Dotted(r))
 +	}
 	return &dns.ResourceRecordSet{
 +		Kind:    "dns#resourceRecordSet",
 		Name:    controllerutils.Dotted(domain),
 -		Rrdatas: values.List(),
 +		Rrdatas: dottedList,
 		Ttl:     int64(60),
 		Type:    "NS",
 	}
	diff --git a/pkg/apis/hive/v1alpha1/validating-webhooks/clusterdeployment_validating_admission_hook.go b/pkg/apis/hive/v1alpha1/validating-webhooks/clusterdeployment_validating_admission_hook.go
	index 0c2b03a8..00fcaef8 100644
	--- a/pkg/apis/hive/v1alpha1/validating-webhooks/clusterdeployment_validating_admission_hook.go
	+++ b/pkg/apis/hive/v1alpha1/validating-webhooks/clusterdeployment_validating_admission_hook.go
	@@ -268,6 +268,7 @@ func (a *ClusterDeploymentValidatingAdmissionHook) validateCreate(admissionSpec
	}
	if newObject.Spec.Platform.GCP != nil {
	numberOfPlatforms++
	+ canManageDNS = true
	if newObject.Spec.PlatformSecrets.GCP == nil {
	allErrs = append(allErrs, field.Required(platformSecretsPath.Child("gcp"), "must specify secrets for GCP access"))
	}
	diff --git a/pkg/controller/clusterdeployment/clusterdeployment_controller.go b/pkg/controller/clusterdeployment/clusterdeployment_controller.go
	index dc9bbb7a..b655ad85 100644
	--- a/pkg/controller/clusterdeployment/clusterdeployment_controller.go
	+++ b/pkg/controller/clusterdeployment/clusterdeployment_controller.go
	@@ -1254,13 +1254,14 @@ func (r ReconcileClusterDeployment) setDNSDelayMetric(cd hivev1.ClusterDeploym

	func (r ReconcileClusterDeployment) ensureManagedDNSZone(cd hivev1.ClusterDeployment, cdLog log.FieldLogger) (*hivev1.DNSZone, error) {
	// for now we only support AWS
	- if cd.Spec.AWS == nil \|\| cd.Spec.PlatformSecrets.AWS == nil {
	- cdLog.Error("cluster deployment platform is not AWS, cannot manage DNS zone")
	- if err := r.setDNSNotReadyCondition(cd, false, "Managed DNS is only supported on AWS", cdLog); err != nil {
	+ if (cd.Spec.AWS == nil \|\| cd.Spec.PlatformSecrets.AWS == nil) &&
	+ (cd.Spec.GCP == nil \|\| cd.Spec.PlatformSecrets.GCP == nil) {
	+ cdLog.Error("cluster deployment platform is not AWS, GCP, cannot manage DNS zone")
	+ if err := r.setDNSNotReadyCondition(cd, false, "Managed DNS is only supported on AWS and GCP", cdLog); err != nil {
	cdLog.WithError(err).Log(controllerutils.LogLevel(err), "could not update DNSNotReadyCondition")
	return nil, err
	}
	- return nil, errors.New("only AWS managed DNS is supported")
	+ return nil, errors.New("only AWS and GCP managed DNS is supported")
	}
	dnsZone := &hivev1.DNSZone{}
	dnsZoneNamespacedName := types.NamespacedName{Namespace: cd.Namespace, Name: controllerutils.DNSZoneName(cd.Name)}
	@@ -1312,15 +1313,26 @@ func (r ReconcileClusterDeployment) createManagedDNSZone(cd hivev1.ClusterDepl
	Spec: hivev1.DNSZoneSpec{
	Zone: cd.Spec.BaseDomain,
	LinkToParentDomain: true,
	- AWS: &hivev1.AWSDNSZoneSpec{
	- AccountSecret: cd.Spec.PlatformSecrets.AWS.Credentials,
	- Region: cd.Spec.AWS.Region,
	- },
	},
	}

	- for k, v := range cd.Spec.AWS.UserTags {
	- dnsZone.Spec.AWS.AdditionalTags = append(dnsZone.Spec.AWS.AdditionalTags, hivev1.AWSResourceTag{Key: k, Value: v})
	+ if cd.Spec.PlatformSecrets.AWS != nil {
	+ dnsZone.Spec.AWS = &hivev1.AWSDNSZoneSpec{
	+ AccountSecret: cd.Spec.PlatformSecrets.AWS.Credentials,
	+ Region: cd.Spec.AWS.Region,
	+ }
	+ }
	+
	+ if cd.Spec.PlatformSecrets.GCP != nil {
	+ dnsZone.Spec.GCP = &hivev1.GCPDNSZoneSpec{
	+ CredentialsSecretRef: cd.Spec.PlatformSecrets.GCP.Credentials,
	+ }
	+ }
	+
	+ if cd.Spec.AWS != nil {
	+ for k, v := range cd.Spec.AWS.UserTags {
	+ dnsZone.Spec.AWS.AdditionalTags = append(dnsZone.Spec.AWS.AdditionalTags, hivev1.AWSResourceTag{Key: k, Value: v})
	+ }
	}

	if err := controllerutil.SetControllerReference(cd, dnsZone, r.scheme); err != nil {
	diff --git a/pkg/controller/dnsendpoint/nameserver/gcp.go b/pkg/controller/dnsendpoint/nameserver/gcp.go
	index 62aa6dd3..ee0367be 100644
	--- a/pkg/controller/dnsendpoint/nameserver/gcp.go
	+++ b/pkg/controller/dnsendpoint/nameserver/gcp.go
	@@ -199,9 +199,14 @@ func (q *gcpQuery) deleteNameServers(gcpClient gcpclient.Client, managedZone str
	}

	func (q gcpQuery) resourceRecordSet(domain string, values sets.String) dns.ResourceRecordSet {
	+ dottedList := []string{}
	+ for _, r := range values.List() {
	+ dottedList = append(dottedList, controllerutils.Dotted(r))
	+ }
	return &dns.ResourceRecordSet{
	+ Kind: "dns#resourceRecordSet",
	Name: controllerutils.Dotted(domain),
	- Rrdatas: values.List(),
	+ Rrdatas: dottedList,
	Ttl: int64(60),
	Type: "NS",
	}