From 796f40217f7f6a7a59a811863f90508cae7fbeb8 Mon Sep 17 00:00:00 2001 From: Aswin Suryanarayanan Date: Wed, 25 Sep 2024 23:47:17 -0400 Subject: [PATCH] Fix worker SG assocation when custom vpc is used Signed-off-by: Aswin Suryanarayanan --- pkg/aws/gw-machineset.go | 2 +- pkg/aws/ocpgwdeployer.go | 22 ++++++++++++++++++++-- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/pkg/aws/gw-machineset.go b/pkg/aws/gw-machineset.go index 892f1966..fa920425 100644 --- a/pkg/aws/gw-machineset.go +++ b/pkg/aws/gw-machineset.go @@ -65,7 +65,7 @@ spec: - filters: - name: tag:Name values: - - {{.InfraID}}{{.NodeSGSuffix}} + - {{.NodeSG}} - {{.SecurityGroup}} subnet: filters: diff --git a/pkg/aws/ocpgwdeployer.go b/pkg/aws/ocpgwdeployer.go index dde949c8..1a077a68 100644 --- a/pkg/aws/ocpgwdeployer.go +++ b/pkg/aws/ocpgwdeployer.go @@ -228,7 +228,7 @@ type machineSetConfig struct { Region string SecurityGroup string PublicSubnet string - NodeSGSuffix string + NodeSG string } func (d *ocpGatewayDeployer) findAMIID(vpcID string) (string, error) { @@ -284,7 +284,25 @@ func (d *ocpGatewayDeployer) loadGatewayYAML(gatewaySecurityGroup, amiID string, Region: d.aws.region, SecurityGroup: gatewaySecurityGroup, PublicSubnet: extractName(publicSubnet.Tags), - NodeSGSuffix: d.aws.nodeSGSuffix, + } + + if id, exists := d.aws.cloudConfig[WorkerSecurityGroupIDKey]; exists { + if workerGroupIDStr, ok := id.(string); ok && workerGroupIDStr != "" { + workerSecurityGroup, err := d.aws.getSecurityGroupByID(workerGroupIDStr) + if err != nil { + return nil, errors.Wrapf(err, "error finding the worker security group with ID %s", workerGroupIDStr) + } + + if workerSecurityGroup.GroupName == nil { + return nil, errors.Errorf("security group with ID %s has no group name", workerGroupIDStr) + } + + tplVars.NodeSG = *workerSecurityGroup.GroupName + } else { + return nil, errors.New("worker Security Group ID must be a valid non-empty string") + } + } else { + tplVars.NodeSG = d.aws.infraID + d.aws.nodeSGSuffix } err = tpl.Execute(&buf, tplVars)