Fixes #930

aws-quickstart · Feb 14, 2024 · 1c39109 · 1c39109
1 parent 4f406be
commit 1c39109
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 10 deletions.
diff --git a/lib/addons/adot/index.ts b/lib/addons/adot/index.ts
@@ -1,5 +1,5 @@
 import { KubernetesManifest } from "aws-cdk-lib/aws-eks";
-import { Construct } from 'constructs';
+import { Construct, IConstruct } from 'constructs';
 import { ClusterInfo } from "../../spi";
 import { createNamespace, dependable, loadYaml, readYamlDocument, supportsALL } from "../../utils";
 import { CertManagerAddOn } from "../cert-manager";
@@ -47,18 +47,27 @@ export class AdotCollectorAddOn extends CoreAddOn {
     }
     @dependable(CertManagerAddOn.name)
     deploy(clusterInfo: ClusterInfo): Promise<Construct>  {
-
-        const cluster = clusterInfo.cluster;
-
         if (semverComparator("0.88",this.coreAddOnProps.version)) {
             console.log("Used Adot Addon Version is Valid");
         } 
         else {
             throw new Error(`Adot Addon Version is not Valid and greater than 0.88.0`);
         }
+
+        const addOnPromise = super.deploy(clusterInfo);
+        return addOnPromise;
+    }
 
+    /**
+     * Overriding base class method to create namespace and register permissions.
+     * @param clusterInfo 
+     * @param name 
+     * @returns 
+     */
+    createNamespace(clusterInfo: ClusterInfo, namespaceName: string): IConstruct | undefined {
         // Create namespace if not default
-        const ns = createNamespace(this.coreAddOnProps.namespace!, cluster, true, true);
+        const cluster = clusterInfo.cluster;
+        const ns = createNamespace(namespaceName, cluster, true, true);
 
         // Applying ADOT Permission manifest
         const otelPermissionsDoc = readYamlDocument(__dirname + '/otel-permissions.yaml');
@@ -71,10 +80,7 @@ export class AdotCollectorAddOn extends CoreAddOn {
         });
 
         otelPermissionsStatement.node.addDependency(ns); 
-
-        const addOnPromise = super.deploy(clusterInfo);
-        addOnPromise.then(addOn => addOn.node.addDependency(otelPermissionsStatement));
-        return addOnPromise;
+        return otelPermissionsStatement;
     }
 }
 

diff --git a/lib/addons/core-addon/index.ts b/lib/addons/core-addon/index.ts
@@ -1,7 +1,7 @@
 import { CfnAddon, FargateCluster, ServiceAccount } from "aws-cdk-lib/aws-eks";
 import { ClusterAddOn } from "../..";
 import { ClusterInfo, Values } from "../../spi";
-import { Construct } from "constructs";
+import { Construct, IConstruct } from "constructs";
 import { IManagedPolicy, ManagedPolicy, PolicyDocument } from "aws-cdk-lib/aws-iam";
 import { KubernetesVersion } from "aws-cdk-lib/aws-eks";
 import { createServiceAccountWithPolicy, deployBeforeCapacity, logger, userLog,  } from "../../utils";
@@ -72,12 +72,18 @@ export class CoreAddOn implements ClusterAddOn {
             saNamespace = this.coreAddOnProps.namespace;
         }
 
+        const ns = this.createNamespace(clusterInfo, saNamespace);
+
         // Create a service account if user provides namespace, PolicyDocument
         const policies = this.provideManagedPolicies(clusterInfo);
         if (policies) {
             serviceAccount = this.createServiceAccount(clusterInfo, saNamespace, policies);
             serviceAccountRoleArn = serviceAccount.role.roleArn;
+            if(ns) {
+                serviceAccount.node.addDependency(ns);
+            }
         }
+
         let version: string = this.coreAddOnProps.version;
 
         if (this.coreAddOnProps.version === "auto") {
@@ -97,6 +103,9 @@ export class CoreAddOn implements ClusterAddOn {
         if (serviceAccount) {
             cfnAddon.node.addDependency(serviceAccount);
         }
+        else if(ns) {
+            cfnAddon.node.addDependency(ns);
+        }
 
         if(this.coreAddOnProps.controlPlaneAddOn) {
             deployBeforeCapacity(cfnAddon, clusterInfo);
@@ -113,6 +122,25 @@ export class CoreAddOn implements ClusterAddOn {
         return Promise.resolve(cfnAddon);
     }
 
+    /**
+     * Override this method to create namespace for the core addon. In many cases the addon is created in the kube-system namespace
+     * which does not require creation as it is always there. 
+     * For addons that support other namespace as destinations this method should be implemented.
+     * @param clusterInfo 
+     * @param name 
+     * @returns 
+     */
+    createNamespace(_clusterInfo: ClusterInfo, _namespaceName: string): IConstruct | undefined {
+        return undefined;
+    }
+
+    /**
+     * Override this method to control how service account is created.
+     * @param clusterInfo 
+     * @param saNamespace 
+     * @param policies 
+     * @returns 
+     */
     createServiceAccount(clusterInfo: ClusterInfo, saNamespace: string, policies: IManagedPolicy[]): ServiceAccount {
         return createServiceAccountWithPolicy(clusterInfo.cluster, this.coreAddOnProps.saName,
             saNamespace, ...policies);