From 7ce760a5dda73d24b5ec8ad2cc0e8279c5cc9d6b Mon Sep 17 00:00:00 2001
From: Matt Moyer <moyerm@vmware.com>
Date: Wed, 16 Sep 2020 15:00:03 -0500
Subject: [PATCH] Register a second APIService for the login.pinniped.dev.

This is handled by a second instance of the APIServiceUpdaterController.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
---
 deploy/deployment.yaml                          | 17 +++++++++++++++++
 .../controllermanager/prepare_controllers.go    | 11 +++++++++++
 2 files changed, 28 insertions(+)

diff --git a/deploy/deployment.yaml b/deploy/deployment.yaml
index 3bc34a83..c1dcd8d9 100644
--- a/deploy/deployment.yaml
+++ b/deploy/deployment.yaml
@@ -173,3 +173,20 @@ spec:
     name: pinniped-api
     namespace: #@ data.values.namespace
     port: 443
+---
+apiVersion: apiregistration.k8s.io/v1
+kind: APIService
+metadata:
+  name: v1alpha1.login.pinniped.dev
+  labels:
+    app: #@ data.values.app_name
+spec:
+  version: v1alpha1
+  group: login.pinniped.dev
+  groupPriorityMinimum: 2500
+  versionPriority: 10
+  #! caBundle: Do not include this key here. Starts out null, will be updated/owned by the golang code.
+  service:
+    name: pinniped-api
+    namespace: #@ data.values.namespace
+    port: 443
diff --git a/internal/controllermanager/prepare_controllers.go b/internal/controllermanager/prepare_controllers.go
index ebab153b..41b17afb 100644
--- a/internal/controllermanager/prepare_controllers.go
+++ b/internal/controllermanager/prepare_controllers.go
@@ -15,6 +15,7 @@ import (
 	"k8s.io/klog/v2/klogr"
 	aggregatorclient "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset"
 
+	loginv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/login/v1alpha1"
 	pinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1"
 	pinnipedclientset "github.com/suzerain-io/pinniped/generated/1.19/client/clientset/versioned"
 	pinnipedinformers "github.com/suzerain-io/pinniped/generated/1.19/client/informers/externalversions"
@@ -91,6 +92,16 @@ func PrepareControllers(
 			),
 			singletonWorker,
 		).
+		WithController(
+			apicerts.NewAPIServiceUpdaterController(
+				serverInstallationNamespace,
+				loginv1alpha1.SchemeGroupVersion.Version+"."+loginv1alpha1.GroupName,
+				aggregatorClient,
+				installationNamespaceK8sInformers.Core().V1().Secrets(),
+				controllerlib.WithInformer,
+			),
+			singletonWorker,
+		).
 		WithController(
 			apicerts.NewCertsObserverController(
 				serverInstallationNamespace,