diff --git a/pkg/actions/addon/tasks.go b/pkg/actions/addon/tasks.go index 104da28fa6..8b94271fbd 100644 --- a/pkg/actions/addon/tasks.go +++ b/pkg/actions/addon/tasks.go @@ -18,7 +18,7 @@ import ( "github.com/weaveworks/eksctl/pkg/utils/tasks" ) -func CreateAddonTasks(ctx context.Context, cfg *api.ClusterConfig, clusterProvider *eks.ClusterProvider, iamRoleCreator IAMRoleCreator, forceAll bool, timeout time.Duration, region string) (*tasks.TaskTree, *tasks.TaskTree, *tasks.GenericTask, []string) { +func CreateAddonTasks(ctx context.Context, cfg *api.ClusterConfig, clusterProvider *eks.ClusterProvider, iamRoleCreator IAMRoleCreator, podIdentityIAMUpdater PodIdentityIAMUpdater, forceAll bool, timeout time.Duration, region string) (*tasks.TaskTree, *tasks.TaskTree, *tasks.GenericTask, []string) { var addons []*api.Addon var autoDefaultAddonNames []string if !cfg.AddonsConfig.DisableDefaultAddons { @@ -97,7 +97,7 @@ func CreateAddonTasks(ctx context.Context, cfg *api.ClusterConfig, clusterProvid if err := addonManager.waitForAddonToBeActive(ctx, &api.Addon{Name: api.VPCCNIAddon}, api.DefaultWaitTimeout); err != nil { return fmt.Errorf("waiting for %q to become active: %w", api.VPCCNIAddon, err) } - return addonManager.Update(ctx, vpcCNIAddon, nil, clusterProvider.AWSProvider.WaitTimeout()) + return addonManager.Update(ctx, vpcCNIAddon, podIdentityIAMUpdater, clusterProvider.AWSProvider.WaitTimeout()) }, } } @@ -175,23 +175,10 @@ func (t *createAddonTask) Do(errorCh chan error) error { func createAddonManager(ctx context.Context, clusterProvider *eks.ClusterProvider, cfg *api.ClusterConfig) (*Manager, error) { var ( oidc *iamoidc.OpenIDConnectManager - oidcProviderExists bool ) - if api.IsEnabled(cfg.IAM.WithOIDC) { - var err error - oidc, err = clusterProvider.NewOpenIDConnectManager(ctx, cfg) - if err != nil { - return nil, err - } - oidcProviderExists, err = oidc.CheckProviderExists(ctx) - if err != nil { - return nil, err - } - } - stackManager := clusterProvider.NewStackManager(cfg) - return New(cfg, clusterProvider.AWSProvider.EKS(), stackManager, oidcProviderExists, oidc, func() (kubernetes.Interface, error) { + return New(cfg, clusterProvider.AWSProvider.EKS(), stackManager, api.IsEnabled(cfg.IAM.WithOIDC), oidc, func() (kubernetes.Interface, error) { return clusterProvider.NewStdClientSet(cfg) }) } diff --git a/pkg/ctl/create/cluster.go b/pkg/ctl/create/cluster.go index 56303e1e11..c63572bb09 100644 --- a/pkg/ctl/create/cluster.go +++ b/pkg/ctl/create/cluster.go @@ -352,7 +352,19 @@ func doCreateCluster(cmd *cmdutils.Cmd, ngFilter *filter.NodeGroupFilter, params ClusterName: cfg.Metadata.Name, StackCreator: stackManager, } - preNodegroupAddons, postAddons, updateVPCCNITask, autoDefaultAddons := addon.CreateAddonTasks(ctx, cfg, ctl, iamRoleCreator, true, cmd.ProviderConfig.WaitTimeout, meta.Region) + piaUpdater := &addon.PodIdentityAssociationUpdater{ + ClusterName: cmd.ClusterConfig.Metadata.Name, + IAMRoleCreator: &podidentityassociation.IAMRoleCreator{ + ClusterName: cmd.ClusterConfig.Metadata.Name, + StackCreator: stackManager, + }, + IAMRoleUpdater: &podidentityassociation.IAMRoleUpdater{ + StackUpdater: stackManager, + }, + EKSPodIdentityDescriber: ctl.AWSProvider.EKS(), + StackDeleter: stackManager, + } + preNodegroupAddons, postAddons, updateVPCCNITask, autoDefaultAddons := addon.CreateAddonTasks(ctx, cfg, ctl, iamRoleCreator, piaUpdater, true, cmd.ProviderConfig.WaitTimeout, meta.Region) if len(autoDefaultAddons) > 0 { logger.Info("default addons %s were not specified, will install them as EKS addons", strings.Join(autoDefaultAddons, ", ")) }