diff --git a/CHANGELOG.md b/CHANGELOG.md index f3fcdac94..1fbb79b84 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 1.6.1-0.2.1 (upcoming) + +* [PLT-1246] CMEK Support + ## 1.6.1-0.2.0 (2024-10-24) * [PLT-965] Disable managed Monitoring and Logging diff --git a/cloud/scope/managedmachinepool.go b/cloud/scope/managedmachinepool.go index 147fd473b..158629288 100644 --- a/cloud/scope/managedmachinepool.go +++ b/cloud/scope/managedmachinepool.go @@ -197,6 +197,7 @@ func ConvertToSdkNodePool(nodePool infrav1exp.GCPManagedMachinePool, machinePool ResourceLabels: NodePoolResourceLabels(nodePool.Spec.AdditionalLabels, clusterName), }, } + if nodePool.Spec.MachineType != nil { sdkNodePool.Config.MachineType = *nodePool.Spec.MachineType } @@ -218,6 +219,9 @@ func ConvertToSdkNodePool(nodePool infrav1exp.GCPManagedMachinePool, machinePool if nodePool.Spec.LinuxNodeConfig != nil { sdkNodePool.Config.LinuxNodeConfig = infrav1exp.ConvertToSdkLinuxNodeConfig(nodePool.Spec.LinuxNodeConfig) } + if nodePool.Spec.BootDiskKmsKey != "" { + sdkNodePool.Config.BootDiskKmsKey = nodePool.Spec.BootDiskKmsKey + } if nodePool.Spec.Management != nil { sdkNodePool.Management = &containerpb.NodeManagement{ AutoRepair: nodePool.Spec.Management.AutoRepair, @@ -241,6 +245,9 @@ func ConvertToSdkNodePool(nodePool infrav1exp.GCPManagedMachinePool, machinePool if nodePool.Spec.DiskSizeGB != nil { sdkNodePool.Config.DiskSizeGb = int32(*nodePool.Spec.DiskSizeGB) } + if nodePool.Spec.BootDiskKmsKey != "" { + sdkNodePool.Config.BootDiskKmsKey = nodePool.Spec.BootDiskKmsKey + } if len(nodePool.Spec.NodeNetwork.Tags) != 0 { sdkNodePool.Config.Tags = nodePool.Spec.NodeNetwork.Tags } diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_gcpmanagedmachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_gcpmanagedmachinepools.yaml index bc678dde4..2c2210d78 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_gcpmanagedmachinepools.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_gcpmanagedmachinepools.yaml @@ -58,6 +58,10 @@ spec: AdditionalLabels is an optional set of tags to add to GCP resources managed by the GCP provider, in addition to the ones added by default. type: object + bootDiskKmsKey: + description: BootDiskKmsKey is the name of the key used to encrypt + the boot disk. + type: string diskSizeGB: description: |- DiskSizeGB is size of the disk attached to each node, diff --git a/exp/api/v1beta1/gcpmanagedmachinepool_types.go b/exp/api/v1beta1/gcpmanagedmachinepool_types.go index 1d24a77d3..e21123330 100644 --- a/exp/api/v1beta1/gcpmanagedmachinepool_types.go +++ b/exp/api/v1beta1/gcpmanagedmachinepool_types.go @@ -114,6 +114,8 @@ type GCPManagedMachinePoolSpec struct { // machine pool // +optional ProviderIDList []string `json:"providerIDList,omitempty"` + // BootDiskKmsKey is the name of the key used to encrypt the boot disk. + BootDiskKmsKey string `json:"bootDiskKmsKey,omitempty"` } // NodeNetworkConfig encapsulates node network configurations.