From 87abc749389c6884d649524ac2bc279a023781b3 Mon Sep 17 00:00:00 2001
From: Andrey Smirnov <Smirnov.Andrey@gmail.com>
Date: Tue, 2 Apr 2019 01:27:08 +0300
Subject: [PATCH] chore: split ignorePreflightErrors as settings on its own
 (#474)

Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
---
 hack/dev/userdata/.master-1.tpl.yaml          |  8 +++---
 hack/dev/userdata/.master-2.tpl.yaml          |  6 +++--
 hack/dev/userdata/.master-3.tpl.yaml          |  6 +++--
 hack/dev/userdata/.worker.tpl.yaml            |  6 +++--
 .../app/init/pkg/system/services/kubeadm.go   |  5 +++-
 internal/pkg/userdata/userdata.go             | 27 +++++++++++--------
 6 files changed, 36 insertions(+), 22 deletions(-)

diff --git a/hack/dev/userdata/.master-1.tpl.yaml b/hack/dev/userdata/.master-1.tpl.yaml
index 4eb32f7a2..5e2cd6500 100644
--- a/hack/dev/userdata/.master-1.tpl.yaml
+++ b/hack/dev/userdata/.master-1.tpl.yaml
@@ -5,7 +5,6 @@ services:
     configuration: |
       apiVersion: kubeadm.k8s.io/v1beta1
       kind: InitConfiguration
-      apiVersion: kubeadm.k8s.io/v1beta1
       bootstrapTokens:
       - token: 1qbsj9.3oz5hsk6grdfp98b
         ttl: 0s
@@ -37,9 +36,10 @@ services:
       conntrack:
         max: 0
         maxPerCore: 0
-    extraArgs:
-      - --ignore-preflight-errors=cri,kubeletversion,numcpu,requiredipvskernelmodulesavailable,FileContent--proc-sys-net-bridge-bridge-nf-call-iptables,Swap
-        # additions to talos default are:  FileContent--proc-sys-net-bridge-bridge-nf-call-iptables,Swap
+    ignorePreflightErrors:
+      - FileContent--proc-sys-net-bridge-bridge-nf-call-iptables
+      - Swap
+      - SystemVerification
   trustd:
     username: 'dev'
     password: 'talos_trust_dev'
diff --git a/hack/dev/userdata/.master-2.tpl.yaml b/hack/dev/userdata/.master-2.tpl.yaml
index c51993ac7..4e455d9a9 100644
--- a/hack/dev/userdata/.master-2.tpl.yaml
+++ b/hack/dev/userdata/.master-2.tpl.yaml
@@ -25,8 +25,10 @@ services:
         tlsBootstrapToken: 1qbsj9.3oz5hsk6grdfp98b
       nodeRegistration:
         criSocket: /run/containerd/containerd.sock
-    extraArgs:
-    - --ignore-preflight-errors=cri,kubeletversion,numcpu,requiredipvskernelmodulesavailable,FileContent--proc-sys-net-bridge-bridge-nf-call-iptables,Swap
+    ignorePreflightErrors:
+      - FileContent--proc-sys-net-bridge-bridge-nf-call-iptables
+      - Swap
+      - SystemVerification
   trustd:
     username: dev
     password: talos_trust_dev
diff --git a/hack/dev/userdata/.master-3.tpl.yaml b/hack/dev/userdata/.master-3.tpl.yaml
index fa6122f6e..4c65ef689 100644
--- a/hack/dev/userdata/.master-3.tpl.yaml
+++ b/hack/dev/userdata/.master-3.tpl.yaml
@@ -25,8 +25,10 @@ services:
         tlsBootstrapToken: 1qbsj9.3oz5hsk6grdfp98b
       nodeRegistration:
         criSocket: /run/containerd/containerd.sock
-    extraArgs:
-    - --ignore-preflight-errors=cri,kubeletversion,numcpu,requiredipvskernelmodulesavailable,FileContent--proc-sys-net-bridge-bridge-nf-call-iptables,Swap
+    ignorePreflightErrors:
+      - FileContent--proc-sys-net-bridge-bridge-nf-call-iptables
+      - Swap
+      - SystemVerification
   trustd:
     username: dev
     password: talos_trust_dev
diff --git a/hack/dev/userdata/.worker.tpl.yaml b/hack/dev/userdata/.worker.tpl.yaml
index 2ebeed6e2..44203a7d8 100644
--- a/hack/dev/userdata/.worker.tpl.yaml
+++ b/hack/dev/userdata/.worker.tpl.yaml
@@ -23,8 +23,10 @@ services:
         criSocket: /run/containerd/containerd.sock
         kubeletExtraArgs:
           node-labels: node-role.kubernetes.io/worker=
-    extraArgs:
-    - --ignore-preflight-errors=cri,kubeletversion,numcpu,requiredipvskernelmodulesavailable,FileContent--proc-sys-net-bridge-bridge-nf-call-iptables,Swap
+    ignorePreflightErrors:
+      - FileContent--proc-sys-net-bridge-bridge-nf-call-iptables
+      - Swap
+      - SystemVerification
   trustd:
     username: dev
     password: talos_trust_dev
diff --git a/internal/app/init/pkg/system/services/kubeadm.go b/internal/app/init/pkg/system/services/kubeadm.go
index b5de6d929..368abddd3 100644
--- a/internal/app/init/pkg/system/services/kubeadm.go
+++ b/internal/app/init/pkg/system/services/kubeadm.go
@@ -13,6 +13,7 @@ import (
 	"log"
 	"os"
 	"path"
+	"strings"
 	"time"
 
 	"github.com/autonomy/talos/internal/app/init/internal/security/cis"
@@ -110,7 +111,9 @@ func (k *Kubeadm) Start(data *userdata.UserData) error {
 		ID: k.ID(data),
 	}
 
-	ignore := "--ignore-preflight-errors=cri,kubeletversion,numcpu,requiredipvskernelmodulesavailable"
+	ignorePreflightErrors := []string{"cri", "kubeletversion", "numcpu", "requiredipvskernelmodulesavailable"}
+	ignorePreflightErrors = append(ignorePreflightErrors, data.Services.Kubeadm.IgnorePreflightErrors...)
+	ignore := "--ignore-preflight-errors=" + strings.Join(ignorePreflightErrors, ",")
 	encoded := hex.EncodeToString([]byte(data.Services.Kubeadm.CertificateKey))
 	certificateKey := "--certificate-key=" + encoded
 
diff --git a/internal/pkg/userdata/userdata.go b/internal/pkg/userdata/userdata.go
index ff754df1c..c9034850b 100644
--- a/internal/pkg/userdata/userdata.go
+++ b/internal/pkg/userdata/userdata.go
@@ -134,23 +134,26 @@ type Kubelet struct {
 type Kubeadm struct {
 	CommonServiceOptions `yaml:",inline"`
 
-	Configuration  runtime.Object `yaml:"configuration"`
-	ExtraArgs      []string       `yaml:"extraArgs,omitempty"`
-	CertificateKey string         `yaml:"certificateKey,omitempty"`
-	bootstrap      bool
-	controlPlane   bool
+	Configuration         runtime.Object `yaml:"configuration"`
+	ExtraArgs             []string       `yaml:"extraArgs,omitempty"`
+	CertificateKey        string         `yaml:"certificateKey,omitempty"`
+	IgnorePreflightErrors []string       `yaml:"ignorePreflightErrors,omitempty"`
+	bootstrap             bool
+	controlPlane          bool
 }
 
 // MarshalYAML implements the yaml.Marshaler interface.
 func (kdm *Kubeadm) MarshalYAML() (interface{}, error) {
 	var aux struct {
-		Configuration  string   `yaml:"configuration,omitempty"`
-		ExtraArgs      []string `yaml:"extraArgs,omitempty"`
-		CertificateKey string   `yaml:"certificateKey,omitempty"`
+		Configuration         string   `yaml:"configuration,omitempty"`
+		ExtraArgs             []string `yaml:"extraArgs,omitempty"`
+		CertificateKey        string   `yaml:"certificateKey,omitempty"`
+		IgnorePreflightErrors []string `yaml:"ignorePreflightErrors,omitempty"`
 	}
 
 	aux.ExtraArgs = kdm.ExtraArgs
 	aux.CertificateKey = kdm.CertificateKey
+	aux.IgnorePreflightErrors = kdm.IgnorePreflightErrors
 
 	b, err := configutil.MarshalKubeadmConfigObject(kdm.Configuration)
 	if err != nil {
@@ -177,9 +180,10 @@ func (kdm *Kubeadm) MarshalYAML() (interface{}, error) {
 // UnmarshalYAML implements the yaml.Unmarshaler interface.
 func (kdm *Kubeadm) UnmarshalYAML(unmarshal func(interface{}) error) error {
 	var aux struct {
-		Configuration  string   `yaml:"configuration,omitempty"`
-		ExtraArgs      []string `yaml:"extraArgs,omitempty"`
-		CertificateKey string   `yaml:"certificateKey,omitempty"`
+		Configuration         string   `yaml:"configuration,omitempty"`
+		ExtraArgs             []string `yaml:"extraArgs,omitempty"`
+		CertificateKey        string   `yaml:"certificateKey,omitempty"`
+		IgnorePreflightErrors []string `yaml:"ignorePreflightErrors,omitempty"`
 	}
 
 	if err := unmarshal(&aux); err != nil {
@@ -188,6 +192,7 @@ func (kdm *Kubeadm) UnmarshalYAML(unmarshal func(interface{}) error) error {
 
 	kdm.ExtraArgs = aux.ExtraArgs
 	kdm.CertificateKey = aux.CertificateKey
+	kdm.IgnorePreflightErrors = aux.IgnorePreflightErrors
 
 	b := []byte(aux.Configuration)