Merge pull request #4 from kahun/feature/wait_infraready_and_oidc_alr…

…eady_exists Feature/wait infraready and OIDC already exists
Stratio · Mar 14, 2023 · a8f4094 · a8f4094
2 parents e711015 + 2c6e6d0
commit a8f4094
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 4 deletions.
diff --git a/controlplane/eks/controllers/awsmanagedcontrolplane_controller.go b/controlplane/eks/controllers/awsmanagedcontrolplane_controller.go
@@ -90,6 +90,7 @@ type AWSManagedControlPlaneReconciler struct {
 	EnableIAM            bool
 	AllowAdditionalRoles bool
 	WatchFilterValue     string
+	WaitInfraPeriod      time.Duration
 	ExternalResourceGC   bool
 }
 
@@ -232,7 +233,7 @@ func (r *AWSManagedControlPlaneReconciler) reconcileNormal(ctx context.Context,
 		// Wait for the cluster infrastructure to be ready before creating machines
 		if !managedScope.Cluster.Status.InfrastructureReady {
 			managedScope.Info("Cluster infrastructure is not ready yet")
-			return ctrl.Result{}, nil
+			return ctrl.Result{RequeueAfter: r.WaitInfraPeriod}, nil
 		}
 	}
 

diff --git a/main.go b/main.go
@@ -93,6 +93,7 @@ var (
 	awsClusterConcurrency    int
 	instanceStateConcurrency int
 	awsMachineConcurrency    int
+	waitInfraPeriod          time.Duration
 	syncPeriod               time.Duration
 	webhookPort              int
 	webhookCertDir           string
@@ -192,7 +193,7 @@ func main() {
 
 	setupReconcilersAndWebhooks(ctx, mgr, awsServiceEndpoints, externalResourceGC)
 	if feature.Gates.Enabled(feature.EKS) {
-		setupEKSReconcilersAndWebhooks(ctx, mgr, awsServiceEndpoints, externalResourceGC)
+		setupEKSReconcilersAndWebhooks(ctx, mgr, awsServiceEndpoints, externalResourceGC, waitInfraPeriod)
 	}
 
 	// +kubebuilder:scaffold:builder
@@ -313,7 +314,7 @@ func setupReconcilersAndWebhooks(ctx context.Context, mgr ctrl.Manager, awsServi
 }
 
 func setupEKSReconcilersAndWebhooks(ctx context.Context, mgr ctrl.Manager, awsServiceEndpoints []scope.ServiceEndpoint,
-	externalResourceGC bool,
+	externalResourceGC bool, waitInfraPeriod time.Duration,
 ) {
 	setupLog.Info("enabling EKS controllers and webhooks")
 
@@ -338,6 +339,7 @@ func setupEKSReconcilersAndWebhooks(ctx context.Context, mgr ctrl.Manager, awsSe
 		AllowAdditionalRoles: allowAddRoles,
 		Endpoints:            awsServiceEndpoints,
 		WatchFilterValue:     watchFilterValue,
+		WaitInfraPeriod:      waitInfraPeriod,
 		ExternalResourceGC:   externalResourceGC,
 	}).SetupWithManager(ctx, mgr, controller.Options{MaxConcurrentReconciles: awsClusterConcurrency, RecoverPanic: true}); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "AWSManagedControlPlane")
@@ -461,6 +463,12 @@ func initFlags(fs *pflag.FlagSet) {
 		"Number of AWSMachines to process simultaneously",
 	)
 
+	fs.DurationVar(&waitInfraPeriod,
+		"wait-infra-period",
+		1*time.Minute,
+		"The minimum interval at which reconcile process wait for infrastructure to be ready.",
+	)
+
 	fs.DurationVar(&syncPeriod,
 		"sync-period",
 		10*time.Minute,

diff --git a/pkg/cloud/services/eks/iam/iam.go b/pkg/cloud/services/eks/iam/iam.go
@@ -23,6 +23,7 @@ import (
 	"encoding/json"
 	"net/http"
 	"net/url"
+	"strings"
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/eks"
@@ -461,7 +462,7 @@ func (s *IAMService) FindAndVerifyOIDCProvider(cluster *eks.Cluster) (string, er
 			return "", errors.Wrap(err, "error getting provider")
 		}
 		// URL should always contain `https`.
-		if *provider.Url != issuerURL.String() {
+		if *provider.Url != issuerURL.String() && *provider.Url != strings.Replace(issuerURL.String(), "https://", "", 1) {
 			continue
 		}
 		if len(provider.ThumbprintList) != 1 || *provider.ThumbprintList[0] != thumbprint {