Merge pull request #89 from carbonin/add-acm-rbac

openshift-merge-bot[bot] · web-flow · commit 8379cb11b417 · 2025-03-07T09:08:55.000Z
MGMT-20105: Add rbac for managedclustersets/join
diff --git a/controlplane-components.yaml b/controlplane-components.yaml
@@ -17,7 +17,7 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.14.0
   labels:
-    cluster.x-k8s.io/v1beta1: v1alpha1
+    cluster.x-k8s.io/v1beta1: v1alpha2
   name: openshiftassistedcontrolplanes.controlplane.cluster.x-k8s.io
 spec:
   group: controlplane.cluster.x-k8s.io
@@ -70,10 +70,10 @@ spec:
       name: Age
       type: date
     - description: OpenShift version associated with this control plane
-      jsonPath: .spec.version
-      name: Version
+      jsonPath: .spec.distributionVersion
+      name: Distribution Version
       type: string
-    name: v1alpha1
+    name: v1alpha2
     schema:
       openAPIV3Schema:
         description: OpenshiftAssistedControlPlane is the Schema for the openshiftassistedcontrolplane
@@ -221,16 +221,17 @@ spec:
                         type: string
                     type: object
                     x-kubernetes-map-type: atomic
-                  releaseImage:
-                    type: string
                   sshAuthorizedKey:
                     description: SSHAuthorizedKey ssh key for accessing the cluster
                       nodes after reboot
                     type: string
                 required:
                 - baseDomain
-                - releaseImage
                 type: object
+              distributionVersion:
+                description: DistributionVersion describes the targeted OpenShift
+                  version
+                type: string
               machineTemplate:
                 properties:
                   infrastructureRef:
@@ -418,6 +419,19 @@ spec:
                         type: object
                     type: object
                     x-kubernetes-map-type: atomic
+                  nodeRegistration:
+                    description: NodeRegistrationOption holds fields related to registering
+                      nodes to the cluster
+                    properties:
+                      kubeletExtraLabels:
+                        description: KubeletExtraLabels passes extra labels to kubelet.
+                        items:
+                          type: string
+                        type: array
+                      name:
+                        description: Defaults to the hostname of the node if not provided.
+                        type: string
+                    type: object
                   osImageVersion:
                     description: |-
                       OSImageVersion is the version of OS image to use when generating the InfraEnv.
@@ -463,11 +477,9 @@ spec:
               replicas:
                 format: int32
                 type: integer
-              version:
-                type: string
             required:
+            - distributionVersion
             - machineTemplate
-            - version
             type: object
           status:
             description: OpenshiftAssistedControlPlaneStatus defines the observed
@@ -563,6 +575,11 @@ spec:
                   - type
                   type: object
                 type: array
+              distributionVersion:
+                description: |-
+                  DistributionVersion represents the current OpenShift version installed on the
+                  control plane machines in the cluster.
+                type: string
               failureMessage:
                 description: |-
                   ErrorMessage indicates that there is a terminal problem reconciling the
@@ -731,6 +748,12 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - cluster.open-cluster-management.io
+  resources:
+  - managedclustersets/join
+  verbs:
+  - create
 - apiGroups:
   - cluster.x-k8s.io
   resources:
diff --git a/controlplane/config/rbac/role.yaml b/controlplane/config/rbac/role.yaml
@@ -39,6 +39,12 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - cluster.open-cluster-management.io
+  resources:
+  - managedclustersets/join
+  verbs:
+  - create
 - apiGroups:
   - cluster.x-k8s.io
   resources:
diff --git a/controlplane/internal/controller/openshiftassistedcontrolplane_controller.go b/controlplane/internal/controller/openshiftassistedcontrolplane_controller.go
@@ -94,6 +94,7 @@ var minVersion = semver.MustParse(minOpenShiftVersion)
 // +kubebuilder:rbac:groups=controlplane.cluster.x-k8s.io,resources=openshiftassistedcontrolplanes/finalizers,verbs=update
 // +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=machines;machines/status,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=machinepools,verbs=list
+// +kubebuilder:rbac:groups=cluster.open-cluster-management.io,resources=managedclustersets/join,verbs=create
 // +kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update;delete
 // +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch;create;update;patch;delete
 
