tags: initial implementation of tags

nicolehanjing · nicolehanjing · commit 253ca085538d · 2020-12-11T15:00:19.000-08:00
diff --git a/go.mod b/go.mod
@@ -17,4 +17,5 @@ require (
 	k8s.io/klog/v2 v2.4.0
 	k8s.io/legacy-cloud-providers v0.20.0
 	k8s.io/utils v0.0.0-20201110183641-67b214c5f920
+	sigs.k8s.io/yaml v1.2.0
 )
diff --git a/pkg/providers/v2/cloud.go b/pkg/providers/v2/cloud.go
@@ -19,6 +19,7 @@ limitations under the License.
 package v2
 
 import (
+	"errors"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -31,8 +32,10 @@ import (
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/ec2"
 
+	"k8s.io/apimachinery/pkg/util/validation/field"
 	cloudprovider "k8s.io/cloud-provider"
 	"k8s.io/cloud-provider-aws/pkg/apis/config/v1alpha1"
+	"k8s.io/klog/v2"
 	"sigs.k8s.io/yaml"
 )
 
@@ -43,7 +46,12 @@ func init() {
 			return nil, fmt.Errorf("failed to read AWS cloud provider config file: %v", err)
 		}
 
-		return newCloud(*cfg)
+		errs := validateAWSCloudConfig(cfg)
+		if len(errs) > 0 {
+			return nil, fmt.Errorf("failed to validate AWS cloud config: %v", errs.ToAggregate())
+		}
+
+		return newCloud(cfg)
 	})
 }
 
@@ -61,7 +69,7 @@ type cloud struct {
 	region    string
 	ec2       EC2
 	metadata  EC2Metadata
-	tagging   awsTagging
+	tags      awsTagging
 }
 
 // EC2 is an interface defining only the methods we call from the AWS EC2 SDK.
@@ -79,7 +87,7 @@ type EC2Metadata interface {
 
 func readAWSCloudConfig(config io.Reader) (*v1alpha1.AWSCloudConfig, error) {
 	if config == nil {
-		return nil, fmt.Errorf("no AWS cloud provider config file given")
+		return nil, errors.New("no AWS cloud provider config file given")
 	}
 
 	// read the config file
@@ -94,13 +102,35 @@ func readAWSCloudConfig(config io.Reader) (*v1alpha1.AWSCloudConfig, error) {
 		// we got an error where the decode wasn't related to a missing type
 		return nil, err
 	}
-	if cfg.Kind != "AWSCloudConfig" {
-		return nil, fmt.Errorf("invalid cloud configuration object %q", cfg.Kind)
-	}
 
 	return &cfg, nil
 }
 
+// validateAWSCloudConfig validates AWSCloudConfig
+// clusterName is required
+func validateAWSCloudConfig(config *v1alpha1.AWSCloudConfig) field.ErrorList {
+	allErrs := field.ErrorList{}
+
+	if config.Kind != "AWSCloudConfig" {
+		allErrs = append(allErrs, field.Invalid(field.NewPath("Kind"), "invalid Kind for cloud config: %q", config.Kind))
+	}
+
+	if config.APIVersion != "config.aws.io/v1alpha1" {
+		allErrs = append(allErrs, field.Invalid(field.NewPath("APIVersion"), "invalid APIVersion for cloud config: %q", config.APIVersion))
+	}
+
+	fieldPath := field.NewPath("Config")
+	if config.Config == (v1alpha1.AWSConfig{}) {
+		allErrs = append(allErrs, field.Required(fieldPath, "Config is required, should not be empty"))
+	}
+
+	if len(config.Config.ClusterName) == 0 {
+		allErrs = append(allErrs, field.Required(fieldPath.Child("ClusterName"), "cluster name cannot be empty"))
+	}
+
+	return allErrs
+}
+
 func getAvailabilityZone(metadata EC2Metadata) (string, error) {
 	return metadata.GetMetadata("placement/availability-zone")
 }
@@ -122,7 +152,7 @@ func azToRegion(az string) (string, error) {
 }
 
 // newCloud creates a new instance of AWSCloud.
-func newCloud(cfg v1alpha1.AWSCloudConfig) (cloudprovider.Interface, error) {
+func newCloud(cfg *v1alpha1.AWSCloudConfig) (cloudprovider.Interface, error) {
 	sess, err := session.NewSession(&aws.Config{})
 	if err != nil {
 		return nil, fmt.Errorf("unable to initialize AWS session: %v", err)
@@ -152,11 +182,6 @@ func newCloud(cfg v1alpha1.AWSCloudConfig) (cloudprovider.Interface, error) {
 		return nil, err
 	}
 
-	instances, err := newInstances(az, creds)
-	if err != nil {
-		return nil, err
-	}
-
 	ec2Sess, err := session.NewSession(&aws.Config{
 		Region:      aws.String(region),
 		Credentials: creds,
@@ -170,21 +195,29 @@ func newCloud(cfg v1alpha1.AWSCloudConfig) (cloudprovider.Interface, error) {
 		return nil, fmt.Errorf("error creating AWS ec2 client: %q", err)
 	}
 
-	awsCloud := &cloud{
-		creds:     creds,
-		instances: instances,
-		region:    region,
-		metadata:  metadataClient,
-		ec2:       ec2Service,
-	}
-
+	var tags awsTagging
 	if cfg.Config.ClusterName != "" {
-		if err := awsCloud.tagging.init(cfg.Config.ClusterName); err != nil {
+		tags, err = newAWSTags(cfg.Config.ClusterName)
+		if err != nil {
 			return nil, err
 		}
+	} else {
+		klog.Warning("misconfigured cluster: no clusterName")
 	}
 
-	return awsCloud, nil
+	instances, err := newInstances(az, creds, tags)
+	if err != nil {
+		return nil, err
+	}
+
+	return &cloud{
+		creds:     creds,
+		instances: instances,
+		region:    region,
+		metadata:  metadataClient,
+		ec2:       ec2Service,
+		tags:      tags,
+	}, nil
 }
 
 // Initialize passes a Kubernetes clientBuilder interface to the cloud provider
@@ -223,7 +256,7 @@ func (c *cloud) Routes() (cloudprovider.Routes, bool) {
 
 // HasClusterID returns true if the cluster has a clusterID
 func (c *cloud) HasClusterID() bool {
-	return len(c.tagging.clusterName()) > 0
+	return len(c.tags.clusterName()) > 0
 }
 
 // InstancesV2 is an implementation for instances and should only be implemented by external cloud providers.
diff --git a/pkg/providers/v2/cloud_test.go b/pkg/providers/v2/cloud_test.go
@@ -19,9 +19,14 @@ limitations under the License.
 package v2
 
 import (
+	"bytes"
+	"reflect"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/cloud-provider-aws/pkg/apis/config/v1alpha1"
 )
 
 func TestAzToRegion(t *testing.T) {
@@ -44,3 +49,174 @@ func TestAzToRegion(t *testing.T) {
 		assert.Equal(t, testCase.region, ret)
 	}
 }
+
+func TestReadAWSCloudConfig(t *testing.T) {
+	testcases := []struct {
+		name       string
+		configData string
+		config     *v1alpha1.AWSCloudConfig
+		expectErr  bool
+	}{
+		{
+			name: "config with valid cluster name",
+			configData: `---
+kind: AWSCloudConfig
+apiVersion: config.aws.io/v1alpha1
+config:
+    clusterName: test
+    `,
+			config: &v1alpha1.AWSCloudConfig{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "AWSCloudConfig",
+					APIVersion: "config.aws.io/v1alpha1",
+				},
+				Config: v1alpha1.AWSConfig{
+					ClusterName: "test",
+				},
+			},
+		},
+		{
+			name: "config with empty cluster name",
+			configData: `---
+kind: AWSCloudConfig
+apiVersion: config.aws.io/v1alpha1
+config:
+    clusterName: ""
+    `,
+			config: &v1alpha1.AWSCloudConfig{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "AWSCloudConfig",
+					APIVersion: "config.aws.io/v1alpha1",
+				},
+				Config: v1alpha1.AWSConfig{
+					ClusterName: "",
+				},
+			},
+		},
+		{
+			name: "config with only kind and apiVersion",
+			configData: `---
+kind: AWSCloudConfig
+apiVersion: config.aws.io/v1alpha1
+    `,
+			config: &v1alpha1.AWSCloudConfig{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "AWSCloudConfig",
+					APIVersion: "config.aws.io/v1alpha1",
+				},
+				Config: v1alpha1.AWSConfig{
+					ClusterName: "",
+				},
+			},
+		},
+		{
+			name: "config with wrong Kind",
+			configData: `---
+kind: WrongCloudConfig
+apiVersion: config.aws.io/v1alpha1
+config:
+    clusterName: test
+	`,
+			config:    nil,
+			expectErr: true,
+		},
+		{
+			name: "config with wrong apiversion",
+			configData: `---
+kind: AWSCloudConfig
+apiVersion: wrong.aws.io/v1alpha1
+config:
+    clusterName: test
+	`,
+			config:    nil,
+			expectErr: true,
+		},
+	}
+
+	for _, testcase := range testcases {
+		t.Run(testcase.name, func(t *testing.T) {
+			buffer := bytes.NewBufferString(testcase.configData)
+			cloudConfig, err := readAWSCloudConfig(buffer)
+			if err != nil && !testcase.expectErr {
+				t.Fatal(err)
+			}
+
+			if err == nil && testcase.expectErr {
+				t.Error("expected error but got none")
+			}
+
+			if !reflect.DeepEqual(cloudConfig, testcase.config) {
+				t.Logf("actual cloud config: %#v", cloudConfig)
+				t.Logf("expected cloud config: %#v", testcase.config)
+				t.Error("AWS cloud config did not match")
+			}
+		})
+	}
+}
+
+func TestValidateAWSCloudConfig(t *testing.T) {
+	testcases := []struct {
+		name      string
+		config    *v1alpha1.AWSCloudConfig
+		expectErr bool
+	}{
+		{
+			name: "valid config",
+			config: &v1alpha1.AWSCloudConfig{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "AWSCloudConfig",
+					APIVersion: "config.aws.io/v1alpha1",
+				},
+				Config: v1alpha1.AWSConfig{
+					ClusterName: "test",
+				},
+			},
+		},
+		{
+			name: "empty cluster name",
+			config: &v1alpha1.AWSCloudConfig{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "AWSCloudConfig",
+					APIVersion: "config.aws.io/v1alpha1",
+				},
+				Config: v1alpha1.AWSConfig{
+					ClusterName: "",
+				},
+			},
+			expectErr: true,
+		},
+		{
+			name: "empty config",
+			config: &v1alpha1.AWSCloudConfig{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "AWSCloudConfig",
+					APIVersion: "config.aws.io/v1alpha1",
+				},
+				Config: v1alpha1.AWSConfig{},
+			},
+			expectErr: true,
+		},
+		{
+			name: "invalid config",
+			config: &v1alpha1.AWSCloudConfig{
+				TypeMeta: metav1.TypeMeta{
+					Kind:       "AWSCloudConfig",
+					APIVersion: "config.aws.io/v1alpha1",
+				},
+			},
+			expectErr: true,
+		},
+	}
+
+	for _, testcase := range testcases {
+		t.Run(testcase.name, func(t *testing.T) {
+			errs := validateAWSCloudConfig(testcase.config)
+
+			if testcase.expectErr && len(errs) == 0 {
+				t.Errorf("expected error but got none")
+			} else if !testcase.expectErr && len(errs) > 0 {
+				t.Errorf("expected no error but received errors: %v", errs.ToAggregate())
+			}
+		})
+	}
+}
diff --git a/pkg/providers/v2/instances.go b/pkg/providers/v2/instances.go
@@ -34,7 +34,7 @@ import (
 )
 
 // newInstances returns an implementation of cloudprovider.InstancesV2
-func newInstances(az string, creds *credentials.Credentials) (cloudprovider.InstancesV2, error) {
+func newInstances(az string, creds *credentials.Credentials, tags awsTagging) (cloudprovider.InstancesV2, error) {
 	region, err := azToRegion(az)
 	if err != nil {
 		return nil, err
@@ -56,6 +56,7 @@ func newInstances(az string, creds *credentials.Credentials) (cloudprovider.Inst
 		availabilityZone: az,
 		ec2:              ec2Service,
 		region:           region,
+		tags:             tags,
 	}, nil
 }
 
@@ -64,6 +65,7 @@ type instances struct {
 	availabilityZone string
 	ec2              EC2
 	region           string
+	tags             awsTagging
 }
 
 // InstanceExists indicates whether a given node exists according to the cloud provider
@@ -155,6 +157,13 @@ func (i *instances) getInstance(ctx context.Context, node *v1.Node) (*ec2.Instan
 		klog.V(4).Infof("looking for node by provider ID %v", node.Spec.ProviderID)
 	}
 
+	// TODO: add additional tags from users
+	tags := i.tags.buildTags(map[string]string{}, ResourceLifecycleOwned)
+	for tagKey, tagValue := range tags {
+		request.Filters = append(request.Filters,
+			newEc2Filter("tag:"+tagKey, tagValue))
+	}
+
 	instances := []*ec2.Instance{}
 	var nextToken *string
 	for {
diff --git a/pkg/providers/v2/tags.go b/pkg/providers/v2/tags.go
diff --git a/pkg/providers/v2/tags_test.go b/pkg/providers/v2/tags_test.go

Original file line number	Diff line number	Diff line change
`@@ -17,4 +17,5 @@ require (`
`17`	`17`	`k8s.io/klog/v2 v2.4.0`
`18`	`18`	`k8s.io/legacy-cloud-providers v0.20.0`
`19`	`19`	`k8s.io/utils v0.0.0-20201110183641-67b214c5f920`
	`20`	`+ sigs.k8s.io/yaml v1.2.0`
`20`	`21`	`)`