Watch infrastructure and update AWS tags

Signed-off-by: chiragkyal <[email protected]>

pkg/operator/controller/ingress/controller.go

@@ -49,6 +49,8 @@ import (
 
 const (
 	controllerName = "ingress_controller"
+	// the name of the 'cluster' infrastructure object
+	clusterInfrastructureName = "cluster"
 )
 
 // TODO: consider moving these to openshift/api
@@ -134,6 +136,12 @@ func New(mgr manager.Manager, config Config) (controller.Controller, error) {
 	if err := c.Watch(source.Kind[client.Object](operatorCache, &configv1.Proxy{}, handler.EnqueueRequestsFromMapFunc(reconciler.ingressConfigToIngressController))); err != nil {
 		return nil, err
 	}
+	// Watch for changes to infrastructure config to update user defined tags
+	if err := c.Watch(source.Kind[client.Object](operatorCache, &configv1.Infrastructure{}, handler.EnqueueRequestsFromMapFunc(reconciler.ingressConfigToIngressController),
+		predicate.NewPredicateFuncs(hasName(clusterInfrastructureName)),
+	)); err != nil {
+		return nil, err
+	}
 	return c, nil
 }
 
@@ -187,6 +195,13 @@ func enqueueRequestForOwningIngressController(namespace string) handler.EventHan
 		})
 }
 
+// hasName returns a predicate which checks whether an object has the given name.
+func hasName(name string) func(o client.Object) bool {
+	return func(o client.Object) bool {
+		return o.GetName() == name
+	}
+}
+
 // Config holds all the things necessary for the controller to run.
 type Config struct {
 	Namespace                                 string

pkg/operator/controller/ingress/load_balancer_service.go

@@ -254,6 +254,8 @@ var (
 			//
 			// https://cloud.ibm.com/docs/containers?topic=containers-vpc-lbaas
 			iksLBEnableFeaturesAnnotation,
+			// awsLBAdditionalResourceTags annotation is populated by user tags present in `platform.AWS.ResourceTags`
+			awsLBAdditionalResourceTags,
 		)
 
 		// Azure and GCP support switching between internal and external
@@ -280,6 +282,7 @@ var (
 // Always returns the current LB service if one exists (whether it already
 // existed or was created during the course of the function).
 func (r *reconciler) ensureLoadBalancerService(ci *operatorv1.IngressController, deploymentRef metav1.OwnerReference, platformStatus *configv1.PlatformStatus) (bool, *corev1.Service, error) {
+	log.Info("@chirag: Starting ensureLoadBalancerService()")
 	wantLBS, desiredLBService, err := desiredLoadBalancerService(ci, deploymentRef, platformStatus, r.config.IngressControllerLBSubnetsAWSEnabled, r.config.IngressControllerEIPAllocationsAWSEnabled)
 	if err != nil {
 		return false, nil, err
@@ -347,6 +350,7 @@ func isServiceOwnedByIngressController(service *corev1.Service, ic *operatorv1.I
 // desired if the high availability type is Cloud. An LB service will declare an
 // owner reference to the given deployment.
 func desiredLoadBalancerService(ci *operatorv1.IngressController, deploymentRef metav1.OwnerReference, platform *configv1.PlatformStatus, subnetsAWSEnabled bool, eipAllocationsAWSEnabled bool) (bool, *corev1.Service, error) {
+	log.Info("@chirag: Starting desiredLoadBalancerService()")
 	if ci.Status.EndpointPublishingStrategy.Type != operatorv1.LoadBalancerServiceStrategyType {
 		return false, nil, nil
 	}
@@ -446,6 +450,7 @@ func desiredLoadBalancerService(ci *operatorv1.IngressController, deploymentRef
 			}
 
 			if platform.AWS != nil && len(platform.AWS.ResourceTags) > 0 {
+				log.Info("@chirag: platform.AWS.ResourceTags", "tags", platform.AWS.ResourceTags)
 				var additionalTags []string
 				for _, userTag := range platform.AWS.ResourceTags {
 					if len(userTag.Key) > 0 {
@@ -454,6 +459,7 @@ func desiredLoadBalancerService(ci *operatorv1.IngressController, deploymentRef
 				}
 				if len(additionalTags) > 0 {
 					service.Annotations[awsLBAdditionalResourceTags] = strings.Join(additionalTags, ",")
+					log.Info("@chirag: service.Annotations", "tags", service.Annotations[awsLBAdditionalResourceTags])
 				}
 			}
 
@@ -751,9 +757,10 @@ func IsServiceInternal(service *corev1.Service) bool {
 	return false
 }
 
-// loadBalancerServiceTagsModified verifies that none of the managedAnnotations have been changed and also the AWS tags annotation
+// loadBalancerServiceTagsModified verifies that none of the managedAnnotations except awsLBAdditionalResourceTags have been changed
 func loadBalancerServiceTagsModified(current, expected *corev1.Service) (bool, *corev1.Service) {
-	ignoredAnnotations := managedLoadBalancerServiceAnnotations.Union(sets.NewString(awsLBAdditionalResourceTags))
+	ignoredAnnotations := managedLoadBalancerServiceAnnotations.Clone()
+	ignoredAnnotations.Delete(awsLBAdditionalResourceTags)
 	return loadBalancerServiceAnnotationsChanged(current, expected, ignoredAnnotations)
 }
 

pkg/operator/controller/ingress/load_balancer_service_test.go

@@ -1141,7 +1141,7 @@ func Test_loadBalancerServiceChanged(t *testing.T) {
 			mutate: func(svc *corev1.Service) {
 				svc.Annotations["service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags"] = "Key3=Value3,Key4=Value4"
 			},
-			expect: false,
+			expect: true,
 		},
 		{
 			description: "if the service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout annotation changes",

pkg/operator/controller/ingress/status_test.go

@@ -3026,7 +3026,7 @@ func Test_computeIngressUpgradeableCondition(t *testing.T) {
 			mutate: func(svc *corev1.Service) {
 				svc.Annotations[awsLBAdditionalResourceTags] = "Key2=Value2"
 			},
-			expect: false,
+			expect: true,
 		},
 		{
 			description: "if the service.beta.kubernetes.io/load-balancer-source-ranges is set",