From d61a0ecfee29ed0723b91d680f3895cbfc0f932e Mon Sep 17 00:00:00 2001
From: Dmitri Fedotov <dmitri.fedotov@sap.com>
Date: Fri, 3 Jan 2025 16:44:57 +0200
Subject: [PATCH] Set `CloudControllerManagerNetworking` values in config helm
 chart

---
 pkg/controller/controlplane/valuesprovider.go |  32 +++--
 .../controlplane/valuesprovider_test.go       | 128 ++++--------------
 2 files changed, 50 insertions(+), 110 deletions(-)

diff --git a/pkg/controller/controlplane/valuesprovider.go b/pkg/controller/controlplane/valuesprovider.go
index 4f26bbf..30234d8 100644
--- a/pkg/controller/controlplane/valuesprovider.go
+++ b/pkg/controller/controlplane/valuesprovider.go
@@ -169,10 +169,13 @@ func (vp *valuesProvider) GetConfigChartValues(
 	cp *extensionsv1alpha1.ControlPlane,
 	cluster *extensionscontroller.Cluster,
 ) (map[string]any, error) {
-	// Collect config chart values
-	return map[string]any{
-		metal.ClusterFieldName: cluster.ObjectMeta.Name,
-	}, nil
+	cpConfig := &apismetal.ControlPlaneConfig{}
+	if cp.Spec.ProviderConfig != nil {
+		if _, _, err := vp.decoder.Decode(cp.Spec.ProviderConfig.Raw, nil, cpConfig); err != nil {
+			return nil, fmt.Errorf("could not decode providerConfig of controlplane '%s': %w", client.ObjectKeyFromObject(cp), err)
+		}
+	}
+	return vp.getConfigChartValues(cluster, cpConfig)
 }
 
 // GetControlPlaneChartValues returns the values for the control plane chart applied by the generic actuator.
@@ -301,11 +304,6 @@ func getCCMChartValues(
 
 	if cpConfig.CloudControllerManager != nil {
 		values[metal.CloudControllerManagerFeatureGatesKeyName] = cpConfig.CloudControllerManager.FeatureGates
-		if cpConfig.CloudControllerManager.Networking != nil {
-			values[metal.CloudControllerManagerNetworkingKeyName] = map[string]any{
-				metal.CloudControllerManagerNodeAddressesConfigKeyName: cpConfig.CloudControllerManager.Networking.ConfigureNodeAddresses,
-			}
-		}
 	}
 
 	overlayEnabled, err := isOverlayEnabled(cluster.Shoot.Spec.Networking)
@@ -366,6 +364,22 @@ func (vp *valuesProvider) getControlPlaneShootChartValues(cluster *extensionscon
 	}, nil
 }
 
+// getConfigChartValues collects and returns the config chart values.
+func (vp *valuesProvider) getConfigChartValues(cluster *extensionscontroller.Cluster, cpConfig *apismetal.ControlPlaneConfig) (map[string]any, error) {
+	values := map[string]any{
+		metal.ClusterFieldName: cluster.ObjectMeta.Name,
+	}
+
+	if cpConfig.CloudControllerManager != nil {
+		if cpConfig.CloudControllerManager.Networking != nil {
+			values[metal.CloudControllerManagerNetworkingKeyName] = map[string]any{
+				metal.CloudControllerManagerNodeAddressesConfigKeyName: cpConfig.CloudControllerManager.Networking.ConfigureNodeAddresses,
+			}
+		}
+	}
+	return values, nil
+}
+
 // getMetallbChartValues collects and returns the MetalLB chart values.
 func getMetallbChartValues(
 	cpConfig *apismetal.ControlPlaneConfig,
diff --git a/pkg/controller/controlplane/valuesprovider_test.go b/pkg/controller/controlplane/valuesprovider_test.go
index 302cfdf..cab518e 100644
--- a/pkg/controller/controlplane/valuesprovider_test.go
+++ b/pkg/controller/controlplane/valuesprovider_test.go
@@ -96,16 +96,8 @@ var _ = Describe("Valueprovider Reconcile", func() {
 		})
 	})
 
-	Describe("#GetControlPlaneShootCRDsChartValues", func() {
-		It("should return correct config chart values", func(ctx SpecContext) {
-			values, err := vp.GetControlPlaneShootCRDsChartValues(ctx, nil, nil)
-			Expect(err).NotTo(HaveOccurred())
-			Expect(values).To(Equal(map[string]any{}))
-		})
-	})
-
-	Describe("#GetControlPlaneChartValues", func() {
-		It("should return correct config chart values", func(ctx SpecContext) {
+	Describe("#GetConfigChartValues", func() {
+		It("should return correct config chart values for disabled CCM address config ", func(ctx SpecContext) {
 			cp := &extensionsv1alpha1.ControlPlane{
 				ObjectMeta: metav1.ObjectMeta{
 					Name:      "control-plane",
@@ -125,105 +117,45 @@ var _ = Describe("Valueprovider Reconcile", func() {
 									FeatureGates: map[string]bool{
 										"CustomResourceValidation": true,
 									},
+									Networking: &apismetal.CloudControllerNetworking{
+										ConfigureNodeAddresses: false,
+									},
 								},
 							}),
 						},
 					},
 				},
 			}
-			providerCloudProfile := &apismetal.CloudProfileConfig{}
-			providerCloudProfileJson, err := json.Marshal(providerCloudProfile)
-			Expect(err).NotTo(HaveOccurred())
-			networkProviderConfig := &unstructured.Unstructured{Object: map[string]any{
-				"kind":       "FooNetworkConfig",
-				"apiVersion": "v1alpha1",
-				"overlay": map[string]any{
-					"enabled": false,
-				},
-			}}
-			networkProviderConfigData, err := runtime.Encode(unstructured.UnstructuredJSONScheme, networkProviderConfig)
-			Expect(err).NotTo(HaveOccurred())
-			cluster := &controller.Cluster{
-				CloudProfile: &gardencorev1beta1.CloudProfile{
-					Spec: gardencorev1beta1.CloudProfileSpec{
-						ProviderConfig: &runtime.RawExtension{
-							Raw: providerCloudProfileJson,
-						},
-					},
-				},
-				Shoot: &gardencorev1beta1.Shoot{
-					ObjectMeta: metav1.ObjectMeta{
-						Namespace: ns.Name,
-						Name:      "my-shoot",
-					},
-					Spec: gardencorev1beta1.ShootSpec{
-						Networking: &gardencorev1beta1.Networking{
-							ProviderConfig: &runtime.RawExtension{Raw: networkProviderConfigData},
-							Pods:           ptr.To[string]("10.0.0.0/16"),
-						},
-						Kubernetes: gardencorev1beta1.Kubernetes{
-							Version: "1.26.0",
-							VerticalPodAutoscaler: &gardencorev1beta1.VerticalPodAutoscaler{
-								Enabled: true,
-							},
-						},
-					},
-				},
-				Seed: &gardencorev1beta1.Seed{
-					ObjectMeta: metav1.ObjectMeta{
-						Annotations: map[string]string{
-							metal.LocalMetalAPIAnnotation: "true",
-						},
-					},
+			Expect(k8sClient.Create(ctx, cp)).To(Succeed())
+
+			By("ensuring that the provider ConfigMap has been created")
+			config := &corev1.ConfigMap{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: ns.Name,
+					Name:      internal.CloudProviderConfigMapName,
 				},
 			}
+			Eventually(Get(config)).Should(Succeed())
+			Expect(config.Data).To(HaveKey("cloudprovider.conf"))
+			cloudProviderConfig := map[string]any{}
+			Expect(yaml.Unmarshal([]byte(config.Data["cloudprovider.conf"]), &cloudProviderConfig)).NotTo(HaveOccurred())
+			Expect(cloudProviderConfig["clusterName"]).To(Equal(cluster.Name))
+			networkingConfig, ok := cloudProviderConfig[metal.CloudControllerManagerNetworkingKeyName].(map[string]any)
+			Expect(ok).To(BeTrue())
+			Expect(networkingConfig[metal.CloudControllerManagerNodeAddressesConfigKeyName]).To(BeFalse())
+		})
+	})
 
-			checksums := map[string]string{
-				metal.CloudProviderConfigName: "8bafb35ff1ac60275d62e1cbd495aceb511fb354f74a20f7d06ecb48b3a68432",
-			}
-			values, err := vp.GetControlPlaneChartValues(ctx, cp, cluster, fakeSecretsManager, checksums, false)
+	Describe("#GetControlPlaneShootCRDsChartValues", func() {
+		It("should return correct config chart values", func(ctx SpecContext) {
+			values, err := vp.GetControlPlaneShootCRDsChartValues(ctx, nil, nil)
 			Expect(err).NotTo(HaveOccurred())
-			Expect(values).To(Equal(map[string]any{
-				"global": map[string]any{
-					"genericTokenKubeconfigSecretName": "generic-token-kubeconfig",
-				},
-				"cloud-controller-manager": map[string]any{
-					"enabled":     true,
-					"replicas":    1,
-					"clusterName": ns.Name,
-					"podAnnotations": map[string]any{
-						"checksum/secret-cloud-provider-config": "8bafb35ff1ac60275d62e1cbd495aceb511fb354f74a20f7d06ecb48b3a68432",
-					},
-					"podLabels": map[string]any{
-						"maintenance.gardener.cloud/restart": "true",
-						metal.AllowEgressToIstioIngressLabel: "allowed",
-					},
-					"tlsCipherSuites": []string{
-						"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-						"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-						"TLS_AES_128_GCM_SHA256",
-						"TLS_AES_256_GCM_SHA384",
-						"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-						"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-						"TLS_CHACHA20_POLY1305_SHA256",
-						"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
-						"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
-					},
-					"secrets": map[string]any{
-						"server": "cloud-controller-manager-server",
-					},
-					metal.CloudControllerManagerFeatureGatesKeyName: map[string]bool{
-						"CustomResourceValidation": true,
-					},
-					"podNetwork":           "10.0.0.0/16",
-					"configureCloudRoutes": true,
-				},
-			}))
+			Expect(values).To(Equal(map[string]any{}))
 		})
 	})
 
 	Describe("#GetControlPlaneChartValues", func() {
-		It("should return correct shoot system chart values for disabled CCM address config", func(ctx SpecContext) {
+		It("should return correct config chart values", func(ctx SpecContext) {
 			cp := &extensionsv1alpha1.ControlPlane{
 				ObjectMeta: metav1.ObjectMeta{
 					Name:      "control-plane",
@@ -243,9 +175,6 @@ var _ = Describe("Valueprovider Reconcile", func() {
 									FeatureGates: map[string]bool{
 										"CustomResourceValidation": true,
 									},
-									Networking: &apismetal.CloudControllerNetworking{
-										ConfigureNodeAddresses: false,
-									},
 								},
 							}),
 						},
@@ -336,9 +265,6 @@ var _ = Describe("Valueprovider Reconcile", func() {
 					metal.CloudControllerManagerFeatureGatesKeyName: map[string]bool{
 						"CustomResourceValidation": true,
 					},
-					metal.CloudControllerManagerNetworkingKeyName: map[string]any{
-						metal.CloudControllerManagerNodeAddressesConfigKeyName: false,
-					},
 					"podNetwork":           "10.0.0.0/16",
 					"configureCloudRoutes": true,
 				},