Merge branch 'dev' into devinwon/cred_provider

aks-node-controller/parser/helper.go

@@ -173,21 +173,21 @@ func getCustomCACertsStatus(customCACerts []string) bool {
 	return len(customCACerts) > 0
 }
 
-func getEnableTLSBootstrap(bootstrapConfig *aksnodeconfigv1.TlsBootstrappingConfig) bool {
+func getEnableTLSBootstrap(bootstrapConfig *aksnodeconfigv1.BootstrappingConfig) bool {
 	return bootstrapConfig.GetTlsBootstrappingToken() != ""
 }
 
-func getEnableSecureTLSBootstrap(bootstrapConfig *aksnodeconfigv1.TlsBootstrappingConfig) bool {
+func getEnableSecureTLSBootstrap(bootstrapConfig *aksnodeconfigv1.BootstrappingConfig) bool {
 	// TODO: Change logic to default to false once Secure TLS Bootstrapping is complete
-	return bootstrapConfig.GetEnableSecureTlsBootstrapping()
+	return bootstrapConfig.GetBootstrappingAuthMethod() == aksnodeconfigv1.BootstrappingAuthMethod_BOOTSTRAPPING_AUTH_METHOD_SECURE_TLS_BOOTSTRAPPING
 }
 
-func getTLSBootstrapToken(bootstrapConfig *aksnodeconfigv1.TlsBootstrappingConfig) string {
+func getTLSBootstrapToken(bootstrapConfig *aksnodeconfigv1.BootstrappingConfig) string {
 	return bootstrapConfig.GetTlsBootstrappingToken()
 }
 
-func getCustomSecureTLSBootstrapAADServerAppID(bootstrapConfig *aksnodeconfigv1.TlsBootstrappingConfig) string {
-	return bootstrapConfig.GetCustomSecureTlsBootstrappingAppserverAppid()
+func getCustomSecureTLSBootstrapAADServerAppID(bootstrapConfig *aksnodeconfigv1.BootstrappingConfig) string {
+	return bootstrapConfig.GetCustomAadResource()
 }
 
 func getIsKrustlet(wr aksnodeconfigv1.WorkloadRuntime) bool {

aks-node-controller/parser/parser.go

@@ -127,9 +127,9 @@ func getCSEEnv(config *aksnodeconfigv1.Configuration) map[string]string {
 		"HTTPS_PROXY_URLS":                               config.GetHttpProxyConfig().GetHttpsProxy(),
 		"NO_PROXY_URLS":                                  getStringifiedStringArray(config.GetHttpProxyConfig().GetNoProxyEntries(), ","),
 		"PROXY_VARS":                                     getProxyVariables(config.GetHttpProxyConfig()),
-		"ENABLE_TLS_BOOTSTRAPPING":                       fmt.Sprintf("%v", getEnableTLSBootstrap(config.GetTlsBootstrappingConfig())),
-		"ENABLE_SECURE_TLS_BOOTSTRAPPING":                fmt.Sprintf("%v", getEnableSecureTLSBootstrap(config.GetTlsBootstrappingConfig())),
-		"CUSTOM_SECURE_TLS_BOOTSTRAP_AAD_SERVER_APP_ID":  getCustomSecureTLSBootstrapAADServerAppID(config.GetTlsBootstrappingConfig()),
+		"ENABLE_TLS_BOOTSTRAPPING":                       fmt.Sprintf("%v", getEnableTLSBootstrap(config.GetBootstrappingConfig())),
+		"ENABLE_SECURE_TLS_BOOTSTRAPPING":                fmt.Sprintf("%v", getEnableSecureTLSBootstrap(config.GetBootstrappingConfig())),
+		"CUSTOM_SECURE_TLS_BOOTSTRAP_AAD_SERVER_APP_ID":  getCustomSecureTLSBootstrapAADServerAppID(config.GetBootstrappingConfig()),
 		"DHCPV6_SERVICE_FILEPATH":                        getDHCPV6ServiceFilepath(),
 		"DHCPV6_CONFIG_FILEPATH":                         getDHCPV6ConfigFilepath(),
 		"THP_ENABLED":                                    config.GetCustomLinuxOsConfig().GetTransparentHugepageSupport(),
@@ -149,7 +149,7 @@ func getCSEEnv(config *aksnodeconfigv1.Configuration) map[string]string {
 		"MESSAGE_OF_THE_DAY":                             config.GetMessageOfTheDay(),
 		"HAS_KUBELET_DISK_TYPE":                          fmt.Sprintf("%v", getHasKubeletDiskType(config.GetKubeletConfig())),
 		"NEEDS_CGROUPV2":                                 fmt.Sprintf("%v", config.GetNeedsCgroupv2()),
-		"TLS_BOOTSTRAP_TOKEN":                            getTLSBootstrapToken(config.GetTlsBootstrappingConfig()),
+		"TLS_BOOTSTRAP_TOKEN":                            getTLSBootstrapToken(config.GetBootstrappingConfig()),
 		"KUBELET_FLAGS":                                  createSortedKeyValuePairs(config.GetKubeletConfig().GetKubeletFlags(), " "),
 		"NETWORK_POLICY":                                 getStringFromNetworkPolicyType(config.GetNetworkConfig().GetNetworkPolicy()),
 		"KUBELET_NODE_LABELS":                            createSortedKeyValuePairs(config.GetKubeletConfig().GetKubeletNodeLabels(), ","),

aks-node-controller/parser/testdata/test_aksnodeconfig.json

@@ -1,7 +1,7 @@
 {
     "version": "v0",
-    "tls_bootstrapping_config": {
-        "enable_secure_tls_bootstrapping": false
+    "bootstrapping_config": {
+        "bootstrapping_auth_method": "BOOTSTRAPPING_AUTH_METHOD_BOOTSTRAP_TOKEN"
     },
     "cluster_config": {
         "vm_type": "VM_TYPE_VMSS",

aks-node-controller/parser/testdata/test_aksnodeconfig_fields_missing.json

@@ -1,7 +1,7 @@
 {
     "version": "v0",
-    "tls_bootstrapping_config": {
-        "enable_secure_tls_bootstrapping": false
+    "bootstrapping_config": {
+        "bootstrapping_auth_method": "BOOTSTRAPPING_AUTH_METHOD_BOOTSTRAP_TOKEN"
     },
     "cluster_config": {
         "vm_type": 2,

aks-node-controller/parser/testdata/test_aksnodeconfig_fields_unexpected.json

@@ -1,7 +1,7 @@
 {
     "version": "v0",
-    "tls_bootstrapping_config": {
-        "enable_secure_tls_bootstrapping": false
+    "bootstrapping_config": {
+        "bootstrapping_auth_method": "BOOTSTRAPPING_AUTH_METHOD_BOOTSTRAP_TOKEN"
     },
     "cluster_config": {
         "vm_type": 2,