cli: allow tagging cloud resources with custom tags (#3033)

2025-12-15 08:05:19 -05:00 · 2024-04-19 09:07:57 +00:00 · 2024-04-19 09:07:57 +00:00 · b187966581
commit b187966581
parent f60c133724
27 changed files with 172 additions and 42 deletions
--- a/cli/internal/cloudcmd/tfvars.go
+++ b/cli/internal/cloudcmd/tfvars.go
@ -104,6 +104,7 @@ func awsTerraformVars(conf *config.Config, imageRef string) *terraform.AWSCluste
 		EnableSNP:              conf.GetAttestationConfig().GetVariant().Equal(variant.AWSSEVSNP{}),
 		CustomEndpoint:         conf.CustomEndpoint,
 		InternalLoadBalancer:   conf.InternalLoadBalancer,
+		AdditionalTags:         conf.Tags,
 	}
 }

@ -158,6 +159,7 @@ func azureTerraformVars(conf *config.Config, imageRef string) (*terraform.AzureC
 		CustomEndpoint:       conf.CustomEndpoint,
 		InternalLoadBalancer: conf.InternalLoadBalancer,
 		MarketplaceImage:     nil,
+		AdditionalTags:       conf.Tags,
 	}

 	if conf.UseMarketplaceImage() {
@ -226,6 +228,7 @@ func gcpTerraformVars(conf *config.Config, imageRef string) *terraform.GCPCluste
 		CustomEndpoint:       conf.CustomEndpoint,
 		InternalLoadBalancer: conf.InternalLoadBalancer,
 		CCTechnology:         ccTech,
+		AdditionalLabels:     conf.Tags,
 	}
 }

@ -261,6 +264,14 @@ func openStackTerraformVars(conf *config.Config, imageRef string) (*terraform.Op
 			StateDiskType:   group.StateDiskType,
 		}
 	}
+
+	// since openstack does not support tags in the form of key = value, the tags will be converted
+	// to an array of "key=value" strings
+	tags := []string{}
+	for key, value := range conf.Tags {
+		tags = append(tags, fmt.Sprintf("%s=%s", key, value))
+	}
+
 	return &terraform.OpenStackClusterVariables{
 		Name:                    conf.Name,
 		Cloud:                   toPtr(conf.Provider.OpenStack.Cloud),
@ -272,6 +283,7 @@ func openStackTerraformVars(conf *config.Config, imageRef string) (*terraform.Op
 		CustomEndpoint:          conf.CustomEndpoint,
 		InternalLoadBalancer:    conf.InternalLoadBalancer,
 		STACKITProjectID:        conf.Provider.OpenStack.STACKITProjectID,
+		AdditionalTags:          tags,
 	}, nil
 }

--- a/cli/internal/cmd/configgenerate.go
+++ b/cli/internal/cmd/configgenerate.go
@ -37,6 +37,7 @@ func newConfigGenerateCmd() *cobra.Command {
 	}
 	cmd.Flags().StringP("kubernetes", "k", semver.MajorMinor(string(config.Default().KubernetesVersion)), "Kubernetes version to use in format MAJOR.MINOR")
 	cmd.Flags().StringP("attestation", "a", "", fmt.Sprintf("attestation variant to use %s. If not specified, the default for the cloud provider is used", printFormattedSlice(variant.GetAvailableAttestationVariants())))
+	cmd.Flags().StringSliceP("tags", "t", nil, "additional tags for created resources given a list of key=value")

 	return cmd
 }
@ -45,6 +46,7 @@ type generateFlags struct {
 	rootFlags
 	k8sVersion         versions.ValidK8sVersion
 	attestationVariant variant.Variant
+	tags               cloudprovider.Tags
 }

 func (f *generateFlags) parse(flags *pflag.FlagSet) error {
@ -64,6 +66,12 @@ func (f *generateFlags) parse(flags *pflag.FlagSet) error {
 	}
 	f.attestationVariant = variant

+	tags, err := parseTagsFlags(flags)
+	if err != nil {
+		return err
+	}
+	f.tags = tags
+
 	return nil
 }

@ -99,6 +107,7 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file
 		return fmt.Errorf("creating config: %w", err)
 	}
 	conf.KubernetesVersion = cg.flags.k8sVersion
+	conf.Tags = cg.flags.tags
 	cg.log.Debug("Writing YAML data to configuration file")
 	if err := fileHandler.WriteYAML(constants.ConfigFilename, conf, file.OptMkdirAll); err != nil {
 		return fmt.Errorf("writing config file: %w", err)
@ -221,3 +230,27 @@ func parseAttestationFlag(flags *pflag.FlagSet) (variant.Variant, error) {

 	return attestationVariant, nil
 }
+
+func parseTagsFlags(flags *pflag.FlagSet) (cloudprovider.Tags, error) {
+	tagsSlice, err := flags.GetStringSlice("tags")
+	if err != nil {
+		return nil, fmt.Errorf("getting tags flag: %w", err)
+	}
+
+	// no tags given
+	if tagsSlice == nil {
+		return nil, nil
+	}
+
+	tags := make(cloudprovider.Tags)
+	for _, tag := range tagsSlice {
+		tagSplit := strings.Split(tag, "=")
+		if len(tagSplit) != 2 {
+			return nil, fmt.Errorf("wrong format of tags: expected \"key=value\", got %q", tag)
+		}
+
+		tags[tagSplit[0]] = tagSplit[1]
+	}
+
+	return tags, nil
+}
--- a/cli/internal/terraform/variables.go
+++ b/cli/internal/terraform/variables.go
@ -9,6 +9,7 @@ package terraform
 import (
 	"fmt"

+	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	"github.com/hashicorp/hcl/v2"
 	"github.com/hashicorp/hcl/v2/gohcl"
 	"github.com/hashicorp/hcl/v2/hclsyntax"
@ -69,6 +70,8 @@ type AWSClusterVariables struct {
 	CustomEndpoint string `hcl:"custom_endpoint" cty:"custom_endpoint"`
 	// InternalLoadBalancer is true if an internal load balancer should be created.
 	InternalLoadBalancer bool `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
+	// AdditionalTags describes (optional) additional tags that should be applied to created resources.
+	AdditionalTags cloudprovider.Tags `hcl:"additional_tags" cty:"additional_tags"`
 }

 // GetCreateMAA gets the CreateMAA variable.
@ -138,6 +141,8 @@ type GCPClusterVariables struct {
 	InternalLoadBalancer bool `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
 	// CCTechnology is the confidential computing technology to use on the VMs. (`SEV` or `SEV_SNP`)
 	CCTechnology string `hcl:"cc_technology" cty:"cc_technology"`
+	// AdditionalLables are (optional) additional labels that should be applied to created resources.
+	AdditionalLabels cloudprovider.Tags `hcl:"additional_labels" cty:"additional_labels"`
 }

 // GetCreateMAA gets the CreateMAA variable.
@ -214,6 +219,8 @@ type AzureClusterVariables struct {
 	InternalLoadBalancer bool `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
 	// MarketplaceImage is the (optional) Azure Marketplace image to use.
 	MarketplaceImage *AzureMarketplaceImageVariables `hcl:"marketplace_image" cty:"marketplace_image"`
+	// AdditionalTags are (optional) additional tags that get applied to created resources.
+	AdditionalTags cloudprovider.Tags `hcl:"additional_tags" cty:"additional_tags"`
 }

 // GetCreateMAA gets the CreateMAA variable.
@ -295,7 +302,8 @@ type OpenStackClusterVariables struct {
 	// CustomEndpoint is the (optional) custom dns hostname for the kubernetes api server.
 	CustomEndpoint string `hcl:"custom_endpoint" cty:"custom_endpoint"`
 	// InternalLoadBalancer is true if an internal load balancer should be created.
-	InternalLoadBalancer bool `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
+	InternalLoadBalancer bool     `hcl:"internal_load_balancer" cty:"internal_load_balancer"`
+	AdditionalTags       []string `hcl:"additional_tags" cty:"additional_tags"`
 }

 // GetCreateMAA gets the CreateMAA variable.
--- a/cli/internal/terraform/variables_test.go
+++ b/cli/internal/terraform/variables_test.go
@ -76,6 +76,7 @@ node_groups = {
 }
 custom_endpoint        = "example.com"
 internal_load_balancer = false
+additional_tags        = null
 `
 	got := vars.String()
 	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
@ -153,6 +154,7 @@ node_groups = {
 custom_endpoint        = "example.com"
 internal_load_balancer = false
 cc_technology          = "SEV_SNP"
+additional_labels        = null
 `
 	got := vars.String()
 	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
@ -231,6 +233,7 @@ marketplace_image = {
  publisher = "edgelesssys"
  version   = "2.13.0"
 }
+additional_tags = null
 `
 	got := vars.String()
 	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences
@ -294,6 +297,7 @@ image_id                   = "8e10b92d-8f7a-458c-91c6-59b42f82ef81"
 debug                      = true
 custom_endpoint            = "example.com"
 internal_load_balancer     = false
+additional_tags            = null
 `
 	got := vars.String()
 	assert.Equal(t, strings.Fields(want), strings.Fields(got)) // to ignore whitespace differences