HOSTEDCP-1960: Add KubeAPIExteralName api

This new API changes the value of the Kubeconfig External URL to points to your desired one

Signed-off-by: Juan Manuel Parrilla Madrid <jparrill@redhat.com>

Author: jparrill

Diff for: api/hypershift/v1beta1/hosted_controlplane.go

@@ -115,6 +115,10 @@ type HostedControlPlaneSpec struct {
 	// +optional
 	KubeConfig *KubeconfigSecretRef `json:"kubeconfig,omitempty"`
 
+	// KubeAPICustomKubeconfig is a group that encompasses an additional KAS server address and the customKubeconfig generated for the kube-apiserver.
+	// +optional
+	KubeAPICustomKubeconfig *KubeAPICustomKubeconfig `json:"kubeAPICustomKubeconfig,omitempty"`
+
 	// Services defines metadata about how control plane services are published
 	// in the management cluster.
 	// +kubebuilder:validation:MaxItems=6
@@ -202,6 +206,26 @@ type HostedControlPlaneSpec struct {
 	Labels map[string]string `json:"labels,omitempty"`
 }
 
+// KubeAPICustomKubeconfig is a group that englobes an additional KAS server address and the customKubeconfig generated for the kube-apiserver.
+// +optional
+type KubeAPICustomKubeconfig struct {
+	// CustomKubeConfig specifies the name and key for the External Custom kubeconfig secret.
+	// When set, it triggers the generation of a secret with the specified name containing a kubeconfig within the `HostedCluster` namespace.
+	// This kubeconfig will also be referenced in the `HostedCluster.status` as `customKubeconfig`.
+	// If removed during day-2 operations, all related secrets and status references will also be deleted.
+	// +optional
+	CustomKubeConfig *KubeconfigSecretRef `json:"customkubeconfig,omitempty"`
+
+	// kubeApiCustomName specifies the external name for the Kube API Server service.
+	// This is used to configure the Kube API Server service to use a different name, so
+	// the DNS should be configured to resolve the external name to the Kube API Server service.
+	// +kubebuilder:validation:XValidation:rule=`self == "" || self.matches('^(?:(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,}|[a-zA-Z0-9-]+)$')`,message="kubeApiCustomName must be a valid URL name (e.g., api.example.com)"
+	// +kubebuilder:validation:MaxLength=253
+	// +kubebuilder:example: "api.example.com"
+	// +optional
+	KubeAPICustomName string `json:"kubeAPICustomName,omitempty"`
+}
+
 // availabilityPolicy specifies a high level availability policy for components.
 // +kubebuilder:validation:Enum=HighlyAvailable;SingleReplica
 type AvailabilityPolicy string
@@ -300,6 +324,12 @@ type HostedControlPlaneStatus struct {
 	// for this control plane.
 	KubeConfig *KubeconfigSecretRef `json:"kubeConfig,omitempty"`
 
+	// CustomKubeConfig specifies the name and key for the External Custom kubeconfig secret.
+	// This field is optional and only allowed if kubeApiExternalName is not empty. When set, they result in the generation of a secret with the given name containing a Kubeconfig within the hostedCluster namespace and a referenced by the hostedCluster.status object.
+	//  When removed day 2 the secret will be deleted and the kubeconfig will be removed from the hostedCluster.status object.
+	// +optional
+	CustomKubeConfig *KubeconfigSecretRef `json:"customkubeconfig,omitempty"`
+
 	// KubeadminPassword is a reference to the secret containing the initial kubeadmin password
 	// for the guest cluster.
 	// +optional

Diff for: api/hypershift/v1beta1/hostedcluster_types.go

@@ -432,6 +432,15 @@ type HostedClusterSpec struct {
 	// +required
 	Platform PlatformSpec `json:"platform"`
 
+	// kubeApiCustomName specifies the external name for the Kube API Server service.
+	// This is used to configure the Kube API Server service to use a different name, so
+	// the DNS should be configured to resolve the external name to the Kube API Server service.
+	// +kubebuilder:validation:XValidation:rule=`self == "" || self.matches('^(?:(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,}|[a-zA-Z0-9-]+)$')`,message="kubeApiCustomName must be a valid URL name (e.g., api.example.com)"
+	// +kubebuilder:validation:MaxLength=253
+	// +kubebuilder:example: "api.example.com"
+	// +optional
+	KubeAPICustomName string `json:"kubeAPICustomName,omitempty"`
+
 	// controllerAvailabilityPolicy specifies the availability policy applied to critical control plane components like the Kube API Server.
 	// Possible values are HighlyAvailable and SingleReplica. The default value is HighlyAvailable.
 	// +optional
@@ -1423,6 +1432,13 @@ type HostedClusterStatus struct {
 	// +optional
 	KubeConfig *corev1.LocalObjectReference `json:"kubeconfig,omitempty"`
 
+	// CustomKubeConfig specifies the name and key for the External Custom kubeconfig secret.
+	// When set, it triggers the generation of a secret with the specified name containing a kubeconfig within the `HostedCluster` namespace.
+	// This kubeconfig will also be referenced in the `HostedCluster.status` as `customKubeconfig`.
+	// If removed during day-2 operations, all related secrets and status references will also be deleted.
+	// +optional
+	CustomKubeConfig *corev1.LocalObjectReference `json:"customKubeConfig,omitempty"`
+
 	// KubeadminPassword is a reference to the secret that contains the initial
 	// kubeadmin user password for the guest cluster.
 	// +optional

Diff for: api/hypershift/v1beta1/zz_generated.deepcopy.go

@@ -2358,6 +2358,16 @@ spec:
                   rule: self == oldSelf
                 - message: issuerURL must be a valid absolute URL
                   rule: isURL(self)
+              kubeAPICustomName:
+                description: |-
+                  kubeApiCustomName specifies the external name for the Kube API Server service.
+                  This is used to configure the Kube API Server service to use a different name, so
+                  the DNS should be configured to resolve the external name to the Kube API Server service.
+                maxLength: 253
+                type: string
+                x-kubernetes-validations:
+                - message: kubeApiCustomName must be a valid URL name (e.g., api.example.com)
+                  rule: self == "" || self.matches('^(?:(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,}|[a-zA-Z0-9-]+)$')
               networking:
                 default:
                   clusterNetwork:
@@ -4181,6 +4191,24 @@ spec:
                 - host
                 - port
                 type: object
+              customKubeConfig:
+                description: |-
+                  CustomKubeConfig specifies the name and key for the External Custom kubeconfig secret.
+                  When set, it triggers the generation of a secret with the specified name containing a kubeconfig within the `HostedCluster` namespace.
+                  This kubeconfig will also be referenced in the `HostedCluster.status` as `customKubeconfig`.
+                  If removed during day-2 operations, all related secrets and status references will also be deleted.
+                properties:
+                  name:
+                    default: ""
+                    description: |-
+                      Name of the referent.
+                      This field is effectively required, but due to backwards compatibility is
+                      allowed to be empty. Instances of this type with an empty value here are
+                      almost certainly wrong.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
               ignitionEndpoint:
                 description: |-
                   IgnitionEndpoint is the endpoint injected in the ign config userdata.

Diff for: api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml

@@ -2354,6 +2354,16 @@ spec:
                   rule: self == oldSelf
                 - message: issuerURL must be a valid absolute URL
                   rule: isURL(self)
+              kubeAPICustomName:
+                description: |-
+                  kubeApiCustomName specifies the external name for the Kube API Server service.
+                  This is used to configure the Kube API Server service to use a different name, so
+                  the DNS should be configured to resolve the external name to the Kube API Server service.
+                maxLength: 253
+                type: string
+                x-kubernetes-validations:
+                - message: kubeApiCustomName must be a valid URL name (e.g., api.example.com)
+                  rule: self == "" || self.matches('^(?:(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,}|[a-zA-Z0-9-]+)$')
               networking:
                 default:
                   clusterNetwork:
@@ -4452,6 +4462,24 @@ spec:
                 - host
                 - port
                 type: object
+              customKubeConfig:
+                description: |-
+                  CustomKubeConfig specifies the name and key for the External Custom kubeconfig secret.
+                  When set, it triggers the generation of a secret with the specified name containing a kubeconfig within the `HostedCluster` namespace.
+                  This kubeconfig will also be referenced in the `HostedCluster.status` as `customKubeconfig`.
+                  If removed during day-2 operations, all related secrets and status references will also be deleted.
+                properties:
+                  name:
+                    default: ""
+                    description: |-
+                      Name of the referent.
+                      This field is effectively required, but due to backwards compatibility is
+                      allowed to be empty. Instances of this type with an empty value here are
+                      almost certainly wrong.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
               ignitionEndpoint:
                 description: |-
                   IgnitionEndpoint is the endpoint injected in the ign config userdata.

Diff for: api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AROHCPManagedIdentities.yaml

@@ -2399,6 +2399,16 @@ spec:
                   rule: self == oldSelf
                 - message: issuerURL must be a valid absolute URL
                   rule: isURL(self)
+              kubeAPICustomName:
+                description: |-
+                  kubeApiCustomName specifies the external name for the Kube API Server service.
+                  This is used to configure the Kube API Server service to use a different name, so
+                  the DNS should be configured to resolve the external name to the Kube API Server service.
+                maxLength: 253
+                type: string
+                x-kubernetes-validations:
+                - message: kubeApiCustomName must be a valid URL name (e.g., api.example.com)
+                  rule: self == "" || self.matches('^(?:(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,}|[a-zA-Z0-9-]+)$')
               networking:
                 default:
                   clusterNetwork:
@@ -4214,6 +4224,24 @@ spec:
                 - host
                 - port
                 type: object
+              customKubeConfig:
+                description: |-
+                  CustomKubeConfig specifies the name and key for the External Custom kubeconfig secret.
+                  When set, it triggers the generation of a secret with the specified name containing a kubeconfig within the `HostedCluster` namespace.
+                  This kubeconfig will also be referenced in the `HostedCluster.status` as `customKubeconfig`.
+                  If removed during day-2 operations, all related secrets and status references will also be deleted.
+                properties:
+                  name:
+                    default: ""
+                    description: |-
+                      Name of the referent.
+                      This field is effectively required, but due to backwards compatibility is
+                      allowed to be empty. Instances of this type with an empty value here are
+                      almost certainly wrong.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
               ignitionEndpoint:
                 description: |-
                   IgnitionEndpoint is the endpoint injected in the ign config userdata.

Diff for: api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AutoNodeKarpenter.yaml

@@ -2375,6 +2375,16 @@ spec:
                   rule: self == oldSelf
                 - message: issuerURL must be a valid absolute URL
                   rule: isURL(self)
+              kubeAPICustomName:
+                description: |-
+                  kubeApiCustomName specifies the external name for the Kube API Server service.
+                  This is used to configure the Kube API Server service to use a different name, so
+                  the DNS should be configured to resolve the external name to the Kube API Server service.
+                maxLength: 253
+                type: string
+                x-kubernetes-validations:
+                - message: kubeApiCustomName must be a valid URL name (e.g., api.example.com)
+                  rule: self == "" || self.matches('^(?:(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,}|[a-zA-Z0-9-]+)$')
               networking:
                 default:
                   clusterNetwork:
@@ -4190,6 +4200,24 @@ spec:
                 - host
                 - port
                 type: object
+              customKubeConfig:
+                description: |-
+                  CustomKubeConfig specifies the name and key for the External Custom kubeconfig secret.
+                  When set, it triggers the generation of a secret with the specified name containing a kubeconfig within the `HostedCluster` namespace.
+                  This kubeconfig will also be referenced in the `HostedCluster.status` as `customKubeconfig`.
+                  If removed during day-2 operations, all related secrets and status references will also be deleted.
+                properties:
+                  name:
+                    default: ""
+                    description: |-
+                      Name of the referent.
+                      This field is effectively required, but due to backwards compatibility is
+                      allowed to be empty. Instances of this type with an empty value here are
+                      almost certainly wrong.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
               ignitionEndpoint:
                 description: |-
                   IgnitionEndpoint is the endpoint injected in the ign config userdata.

Diff for: api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/DynamicResourceAllocation.yaml

@@ -2596,6 +2596,16 @@ spec:
                   rule: self == oldSelf
                 - message: issuerURL must be a valid absolute URL
                   rule: isURL(self)
+              kubeAPICustomName:
+                description: |-
+                  kubeApiCustomName specifies the external name for the Kube API Server service.
+                  This is used to configure the Kube API Server service to use a different name, so
+                  the DNS should be configured to resolve the external name to the Kube API Server service.
+                maxLength: 253
+                type: string
+                x-kubernetes-validations:
+                - message: kubeApiCustomName must be a valid URL name (e.g., api.example.com)
+                  rule: self == "" || self.matches('^(?:(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,}|[a-zA-Z0-9-]+)$')
               networking:
                 default:
                   clusterNetwork:
@@ -4411,6 +4421,24 @@ spec:
                 - host
                 - port
                 type: object
+              customKubeConfig:
+                description: |-
+                  CustomKubeConfig specifies the name and key for the External Custom kubeconfig secret.
+                  When set, it triggers the generation of a secret with the specified name containing a kubeconfig within the `HostedCluster` namespace.
+                  This kubeconfig will also be referenced in the `HostedCluster.status` as `customKubeconfig`.
+                  If removed during day-2 operations, all related secrets and status references will also be deleted.
+                properties:
+                  name:
+                    default: ""
+                    description: |-
+                      Name of the referent.
+                      This field is effectively required, but due to backwards compatibility is
+                      allowed to be empty. Instances of this type with an empty value here are
+                      almost certainly wrong.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
               ignitionEndpoint:
                 description: |-
                   IgnitionEndpoint is the endpoint injected in the ign config userdata.