feat: support for strategic merge patches

ksawio97 · smira · commit 77a404e76c05 · 2024-04-17T16:27:09.000+04:00
This commit implements strategic merge patch by reusing talos StrategicMergePatch implementation. Additionally, it adds an integration test for strategic merge patches. This resolves issue #181. Signed-off-by: Ksawery Kuczyński <ksawerykuczynskikk@gmail.com>
diff --git a/README.md b/README.md
@@ -145,7 +145,15 @@ spec:
 Machine configuration can be customized by applying configuration patches.
 Any field of the [Talos machine configuration](https://www.talos.dev/docs/latest/reference/configuration/)
 can be overridden on a per-machine basis using this method.
-The format of these patches is based on [JSON 6902](http://jsonpatch.com/) that you may be used to in tools like `kustomize`.
+
+There are two [patch formats](https://www.talos.dev/latest/talos-guides/configuration/patching/) supported by CABPT:
+
+- the [JSON 6902](http://jsonpatch.com/) format that you may be used to in tools like `kustomize`;
+- strategic merge patches which look like incomplete machine configuration documents.
+
+See Talos Linux documentation for more information on patching.
+
+JSON 6902 patch:
 
 ```yaml
 spec:
@@ -164,6 +172,26 @@ spec:
           - https://docs.projectcalico.org/v3.18/manifests/calico.yaml
 ```
 
+Strategic merge patch:
+
+```yaml
+spec:
+  generateType: controlplane
+  talosVersion: v1.6
+  strategicPatches:
+    - |
+      machine:
+        install:
+          disk: /dev/sda
+    - |
+      cluster:
+        network:
+          cni:
+            name: custom
+            urls:
+              - https://docs.projectcalico.org/v3.18/manifests/calico.yaml
+```
+
 ### Retrieving `talosconfig`
 
 Client-side `talosconfig` is required to access the cluster using Talos API.
diff --git a/api/v1alpha3/talosconfig_types.go b/api/v1alpha3/talosconfig_types.go
@@ -20,6 +20,8 @@ type TalosConfigSpec struct {
 	GenerateType  string          `json:"generateType"`           //none,init,controlplane,worker mutually exclusive w/ data
 	Data          string          `json:"data,omitempty"`
 	ConfigPatches []ConfigPatches `json:"configPatches,omitempty"`
+	// Talos Linux machine configuration strategic merge patch list.
+	StrategicPatches []string `json:"strategicPatches,omitempty"`
 	// Set hostname in the machine configuration to some value.
 	Hostname HostnameSpec `json:"hostname,omitempty"`
 	// Important: Run "make" to regenerate code after modifying this file
diff --git a/api/v1alpha3/zz_generated.deepcopy.go b/api/v1alpha3/zz_generated.deepcopy.go
diff --git a/config/crd/bases/bootstrap.cluster.x-k8s.io_talosconfigs.yaml b/config/crd/bases/bootstrap.cluster.x-k8s.io_talosconfigs.yaml
@@ -129,6 +129,12 @@ spec:
                       Allowed values: "MachineName" (use linked Machine's Name).
                     type: string
                 type: object
+              strategicPatches:
+                description: Talos Linux machine configuration strategic merge patch
+                  list.
+                items:
+                  type: string
+                type: array
               talosVersion:
                 type: string
             required:
diff --git a/config/crd/bases/bootstrap.cluster.x-k8s.io_talosconfigtemplates.yaml b/config/crd/bases/bootstrap.cluster.x-k8s.io_talosconfigtemplates.yaml
@@ -124,6 +124,12 @@ spec:
                               Allowed values: "MachineName" (use linked Machine's Name).
                             type: string
                         type: object
+                      strategicPatches:
+                        description: Talos Linux machine configuration strategic merge
+                          patch list.
+                        items:
+                          type: string
+                        type: array
                       talosVersion:
                         type: string
                     required:
diff --git a/controllers/talosconfig_controller.go b/controllers/talosconfig_controller.go
@@ -298,7 +298,7 @@ func (r *TalosConfigReconciler) reconcileGenerate(ctx context.Context, tcScope *
 		return fmt.Errorf("unknown generate type specified: %q", config.Spec.GenerateType)
 	}
 
-	// Handle patches to the machine config if they were specified
+	// Handle JSON6902 patches to the machine config if they were specified
 	// Note this will patch both pre-generated and user-provided configs.
 	if len(config.Spec.ConfigPatches) > 0 {
 		marshalledPatches, err := json.Marshal(config.Spec.ConfigPatches)
@@ -319,6 +319,32 @@ func (r *TalosConfigReconciler) reconcileGenerate(ctx context.Context, tcScope *
 		retData.BootstrapData = string(patchedBytes)
 	}
 
+	// Handle strategic merge patches.
+	if len(config.Spec.StrategicPatches) > 0 {
+		patches := make([]configpatcher.Patch, 0, len(config.Spec.StrategicPatches))
+
+		for _, strategicPatch := range config.Spec.StrategicPatches {
+			patch, err := configpatcher.LoadPatch([]byte(strategicPatch))
+			if err != nil {
+				return fmt.Errorf("failure loading StrategicPatch: %w", err)
+			}
+
+			patches = append(patches, patch)
+		}
+
+		out, err := configpatcher.Apply(configpatcher.WithBytes([]byte(retData.BootstrapData)), patches)
+		if err != nil {
+			return fmt.Errorf("failure applying StrategicPatches: %w", err)
+		}
+
+		outBytes, err := out.Bytes()
+		if err != nil {
+			return fmt.Errorf("failure converting result to bytes: %w", err)
+		}
+
+		retData.BootstrapData = string(outBytes)
+	}
+
 	// Packet acts a fool if you don't prepend #!talos to the userdata
 	// so we try to suss out if that's the type of machine/machinePool getting created.
 	if tcScope.ConfigOwner.IsMachinePool() {
diff --git a/hack/release.toml b/hack/release.toml
@@ -6,7 +6,7 @@ github_repo = "siderolabs/cluster-api-bootstrap-provider-talos"
 match_deps = "^github.com/(siderolabs/[a-zA-Z0-9-]+)$"
 
 # previous release
-previous = "v0.6.3"
+previous = "v0.6.4"
 
 pre_release = false
 
@@ -15,3 +15,8 @@ preface = """\
 
 [notes]
 
+[notes.patches]
+    title = "Patches"
+        description = """\
+CABPT now supports Talos Linux machine configuration strategic merge patches via 'strategicPatches' field on the `TalosConfig` CRD.
+"""
diff --git a/internal/integration/integration_test.go b/internal/integration/integration_test.go
@@ -217,6 +217,30 @@ func TestIntegration(t *testing.T) {
 		assert.Equal(t, []string{"myserver.com"}, provider.Machine().Security().CertSANs())
 	})
 
+	t.Run("StrategicMergePatch", func(t *testing.T) {
+		t.Parallel()
+
+		namespaceName := setupTest(ctx, t, c)
+		cluster := createCluster(ctx, t, c, namespaceName, nil, true)
+
+		talosConfig := createTalosConfig(ctx, t, c, namespaceName, bootstrapv1alpha3.TalosConfigSpec{
+			GenerateType: talosmachine.TypeInit.String(),
+			TalosVersion: TalosVersion,
+			StrategicPatches: []string{
+				"machine:\n  network:\n    hostname: foo.bar",
+				"machine:\n  time:\n    servers: [time.cloudflare.com]",
+			},
+		})
+
+		createMachine(ctx, t, c, cluster, talosConfig, true)
+		waitForReady(ctx, t, c, talosConfig)
+
+		provider := assertMachineConfiguration(ctx, t, c, talosConfig)
+
+		assert.Equal(t, "foo.bar", provider.Machine().Network().Hostname())
+		assert.Equal(t, []string{"time.cloudflare.com"}, provider.Machine().Time().Servers())
+	})
+
 	t.Run("LegacyClusterSecret", func(t *testing.T) {
 		t.Parallel()
 
