[PLT-1246] [GKE] Soportar CMEK para los discos root de los workers (#32)

* [PLT-1246] [GKE] Soportar CMEK * Remove nodePool debug * Remove CIDR blocks * Remove CIDR blocks * 1.6.1-0.2.1
Stratio · Dec 5, 2024 · 19aa42a · 19aa42a
1 parent 6f86dfd
commit 19aa42a
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 1.6.1-0.2.1 (upcoming)
+
+* [PLT-1246] CMEK Support
+
 ## 1.6.1-0.2.0 (2024-10-24)
 
 * [PLT-965] Disable managed Monitoring and Logging

diff --git a/cloud/scope/managedmachinepool.go b/cloud/scope/managedmachinepool.go
@@ -197,6 +197,7 @@ func ConvertToSdkNodePool(nodePool infrav1exp.GCPManagedMachinePool, machinePool
 			ResourceLabels: NodePoolResourceLabels(nodePool.Spec.AdditionalLabels, clusterName),
 		},
 	}
+
 	if nodePool.Spec.MachineType != nil {
 		sdkNodePool.Config.MachineType = *nodePool.Spec.MachineType
 	}
@@ -218,6 +219,9 @@ func ConvertToSdkNodePool(nodePool infrav1exp.GCPManagedMachinePool, machinePool
 	if nodePool.Spec.LinuxNodeConfig != nil {
 		sdkNodePool.Config.LinuxNodeConfig = infrav1exp.ConvertToSdkLinuxNodeConfig(nodePool.Spec.LinuxNodeConfig)
 	}
+	if nodePool.Spec.BootDiskKmsKey != "" {
+		sdkNodePool.Config.BootDiskKmsKey = nodePool.Spec.BootDiskKmsKey
+	}
 	if nodePool.Spec.Management != nil {
 		sdkNodePool.Management = &containerpb.NodeManagement{
 			AutoRepair:  nodePool.Spec.Management.AutoRepair,
@@ -241,6 +245,9 @@ func ConvertToSdkNodePool(nodePool infrav1exp.GCPManagedMachinePool, machinePool
 	if nodePool.Spec.DiskSizeGB != nil {
 		sdkNodePool.Config.DiskSizeGb = int32(*nodePool.Spec.DiskSizeGB)
 	}
+	if nodePool.Spec.BootDiskKmsKey != "" {
+		sdkNodePool.Config.BootDiskKmsKey = nodePool.Spec.BootDiskKmsKey
+	}
 	if len(nodePool.Spec.NodeNetwork.Tags) != 0 {
 		sdkNodePool.Config.Tags = nodePool.Spec.NodeNetwork.Tags
 	}

diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_gcpmanagedmachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_gcpmanagedmachinepools.yaml
@@ -58,6 +58,10 @@ spec:
                   AdditionalLabels is an optional set of tags to add to GCP resources managed by the GCP provider, in addition to the
                   ones added by default.
                 type: object
+              bootDiskKmsKey:
+                description: BootDiskKmsKey is the name of the key used to encrypt
+                  the boot disk.
+                type: string
               diskSizeGB:
                 description: |-
                   DiskSizeGB is size of the disk attached to each node,

diff --git a/exp/api/v1beta1/gcpmanagedmachinepool_types.go b/exp/api/v1beta1/gcpmanagedmachinepool_types.go
@@ -114,6 +114,8 @@ type GCPManagedMachinePoolSpec struct {
 	// machine pool
 	// +optional
 	ProviderIDList []string `json:"providerIDList,omitempty"`
+	// BootDiskKmsKey is the name of the key used to encrypt the boot disk.
+	BootDiskKmsKey string `json:"bootDiskKmsKey,omitempty"`
 }
 
 // NodeNetworkConfig encapsulates node network configurations.