From 69b4c635b7457b870cd2907675880b41d8b80d88 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Mon, 13 May 2024 21:44:33 +0300 Subject: [PATCH 01/88] Initial commit --- .../adapters/config_to_prom_config.go | 33 ++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/internal/manifests/targetallocator/adapters/config_to_prom_config.go b/internal/manifests/targetallocator/adapters/config_to_prom_config.go index e0d7cd38e2..1dd316e375 100644 --- a/internal/manifests/targetallocator/adapters/config_to_prom_config.go +++ b/internal/manifests/targetallocator/adapters/config_to_prom_config.go @@ -23,6 +23,8 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector/adapters" ) +type TAOption func(targetAllocatorCfg map[interface{}]interface{}) error + func errorNoComponent(component string) error { return fmt.Errorf("no %s available as part of the configuration", component) } @@ -257,10 +259,32 @@ func AddHTTPSDConfigToPromConfig(prometheus map[interface{}]interface{}, taServi return prometheus, nil } +func WithTLSConfig(caFile, certFile, keyFile string) TAOption { + return func(targetAllocatorCfg map[interface{}]interface{}) error { + if targetAllocatorCfg["tls"] == nil { + targetAllocatorCfg["tls"] = make(map[interface{}]interface{}) + } + + targetAllocatorCfg, ok := targetAllocatorCfg["tls"].(map[interface{}]interface{}) + if !ok { + return errorNotAMap("tls") + } + targetAllocatorCfg["tls"] = make(map[interface{}]interface{}) + tlsCfg, ok := targetAllocatorCfg["tls"].(map[interface{}]interface{}) + if !ok { + return errorNotAMap("tls") + } + tlsCfg["ca_file"] = caFile + tlsCfg["cert_file"] = certFile + tlsCfg["key_file"] = keyFile + return nil + } +} + // AddTAConfigToPromConfig adds or updates the target_allocator configuration in the Prometheus configuration. // If the `EnableTargetAllocatorRewrite` feature flag for the target allocator is enabled, this function // removes the existing scrape_configs from the collector's Prometheus configuration as it's not required. -func AddTAConfigToPromConfig(prometheus map[interface{}]interface{}, taServiceName string) (map[interface{}]interface{}, error) { +func AddTAConfigToPromConfig(prometheus map[interface{}]interface{}, taServiceName string, taOpts ...TAOption) (map[interface{}]interface{}, error) { prometheusConfigProperty, ok := prometheus["config"] if !ok { return nil, errorNoComponent("prometheusConfig") @@ -285,6 +309,13 @@ func AddTAConfigToPromConfig(prometheus map[interface{}]interface{}, taServiceNa targetAllocatorCfg["interval"] = "30s" targetAllocatorCfg["collector_id"] = "${POD_NAME}" + for _, opt := range taOpts { + err := opt(targetAllocatorCfg) + if err != nil { + return nil, err + } + } + // Remove the scrape_configs key from the map delete(prometheusCfg, "scrape_configs") From 684afbdc7a953611942fd3002de7ee718286356a Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Sat, 1 Jun 2024 21:10:23 +0300 Subject: [PATCH 02/88] Added Cert Manager CRDs & RBAC validation and management --- go.mod | 15 ++- go.sum | 17 +++ internal/autodetect/certmanager/check.go | 82 +++++++++++++ internal/autodetect/certmanager/operator.go | 30 +++++ internal/autodetect/main.go | 32 +++++ internal/config/main.go | 18 +++ internal/config/main_test.go | 12 ++ internal/config/options.go | 8 ++ internal/manifests/mutate.go | 23 ++++ .../manifests/targetallocator/certificate.go | 113 ++++++++++++++++++ internal/manifests/targetallocator/issuer.go | 63 ++++++++++ .../targetallocator/targetallocator.go | 9 ++ internal/naming/main.go | 25 ++++ main.go | 11 ++ pkg/constants/env.go | 2 + 15 files changed, 454 insertions(+), 6 deletions(-) create mode 100644 internal/autodetect/certmanager/check.go create mode 100644 internal/autodetect/certmanager/operator.go create mode 100644 internal/manifests/targetallocator/certificate.go create mode 100644 internal/manifests/targetallocator/issuer.go diff --git a/go.mod b/go.mod index 20aad7b197..b0447d5056 100644 --- a/go.mod +++ b/go.mod @@ -49,6 +49,8 @@ require ( sigs.k8s.io/yaml v1.4.0 ) +require sigs.k8s.io/gateway-api v1.0.0 // indirect + require ( cloud.google.com/go/compute v1.24.0 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect @@ -69,6 +71,7 @@ require ( github.com/blang/semver/v4 v4.0.0 // indirect github.com/bytedance/sonic v1.9.1 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect + github.com/cert-manager/cert-manager v1.14.5 github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect @@ -135,7 +138,7 @@ require ( github.com/hashicorp/go-hclog v1.5.0 // indirect github.com/hashicorp/go-immutable-radix v1.3.1 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-retryablehttp v0.7.4 // indirect + github.com/hashicorp/go-retryablehttp v0.7.5 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect github.com/hashicorp/go-version v1.6.0 // indirect github.com/hashicorp/golang-lru v0.6.0 // indirect @@ -145,7 +148,7 @@ require ( github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/ionos-cloud/sdk-go/v6 v6.1.11 // indirect - github.com/jmespath/go-jmespath v0.4.0 // indirect + github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/jpillora/backoff v1.0.0 // indirect github.com/klauspost/compress v1.17.7 // indirect @@ -180,7 +183,7 @@ require ( github.com/prometheus/common/sigv4 v0.1.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/scaleway/scaleway-sdk-go v1.0.0-beta.25 // indirect - github.com/spf13/cobra v1.7.0 // indirect + github.com/spf13/cobra v1.8.0 // indirect github.com/tklauser/go-sysconf v0.3.13 // indirect github.com/tklauser/numcpus v0.7.0 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect @@ -196,14 +199,14 @@ require ( go.uber.org/goleak v1.3.0 // indirect go.uber.org/zap v1.26.0 // indirect golang.org/x/arch v0.3.0 // indirect - golang.org/x/crypto v0.21.0 // indirect + golang.org/x/crypto v0.22.0 // indirect golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect golang.org/x/mod v0.16.0 // indirect - golang.org/x/net v0.23.0 // indirect + golang.org/x/net v0.24.0 // indirect golang.org/x/oauth2 v0.18.0 // indirect golang.org/x/sync v0.6.0 // indirect golang.org/x/sys v0.19.0 // indirect - golang.org/x/term v0.18.0 // indirect + golang.org/x/term v0.19.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.19.0 // indirect diff --git a/go.sum b/go.sum index dd71ff5e6f..2d237403ff 100644 --- a/go.sum +++ b/go.sum @@ -100,6 +100,8 @@ github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZX github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cert-manager/cert-manager v1.14.5 h1:uuM1O2g2S80nxiH3eW2cZYMGiL2zmDFVdAzg8sibWuc= +github.com/cert-manager/cert-manager v1.14.5/go.mod h1:fmr/cU5jiLxWj69CroDggSOa49RljUK+dU583TaQUXM= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -118,6 +120,7 @@ github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa/go.mod h1:x/1Gn8zydmfq github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= @@ -354,6 +357,8 @@ github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9 github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= +github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M= +github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= @@ -391,6 +396,8 @@ github.com/jarcoal/httpmock v1.3.0 h1:2RJ8GP0IIaWwcC9Fp2BmVi8Kog3v2Hn7VXM3fTd+nu github.com/jarcoal/httpmock v1.3.0/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 h1:liMMTbpW34dhU4az1GN0pTPADwNmvoRSeoZ6PItiqnY= +github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= @@ -585,6 +592,8 @@ github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -678,6 +687,8 @@ golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= +golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= +golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -755,6 +766,8 @@ golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= +golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -845,6 +858,8 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= +golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1060,6 +1075,8 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/controller-runtime v0.17.3 h1:65QmN7r3FWgTxDMz9fvGnO1kbf2nu+acg9p2R9oYYYk= sigs.k8s.io/controller-runtime v0.17.3/go.mod h1:N0jpP5Lo7lMTF9aL56Z/B2oWBJjey6StQM0jRbKQXtY= +sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= +sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/internal/autodetect/certmanager/check.go b/internal/autodetect/certmanager/check.go new file mode 100644 index 0000000000..72667d84f0 --- /dev/null +++ b/internal/autodetect/certmanager/check.go @@ -0,0 +1,82 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package certmanager + +import ( + "context" + "fmt" + "os" + + rbacv1 "k8s.io/api/rbac/v1" + "sigs.k8s.io/controller-runtime/pkg/webhook/admission" + + "github.com/open-telemetry/opentelemetry-operator/internal/rbac" +) + +const ( + SA_ENV_VAR = "SERVICE_ACCOUNT_NAME" + NAMESPACE_ENV_VAR = "NAMESPACE" + NAMESPACE_FILE_PATH = "/var/run/secrets/kubernetes.io/serviceaccount/namespace" +) + +func getOperatorNamespace() (string, error) { + namespace := os.Getenv(NAMESPACE_ENV_VAR) + if namespace != "" { + return namespace, nil + } + + nsBytes, err := os.ReadFile(NAMESPACE_FILE_PATH) + if err != nil { + return "", err + } + return string(nsBytes), nil +} + +func getOperatorServiceAccount() (string, error) { + sa := os.Getenv(SA_ENV_VAR) + if sa == "" { + return sa, fmt.Errorf("%s env variable not found", SA_ENV_VAR) + } + return sa, nil +} + +// CheckCertManagerPermissions checks if the operator has the needed permissions to manage cert-manager certificates automatically. +// If the RBAC is there, no errors nor warnings are returned. +func CheckCertManagerPermissions(ctx context.Context, reviewer *rbac.Reviewer) (admission.Warnings, error) { + namespace, err := getOperatorNamespace() + if err != nil { + return nil, fmt.Errorf("%s: %w", "not possible to check RBAC rules", err) + } + + serviceAccount, err := getOperatorServiceAccount() + if err != nil { + return nil, fmt.Errorf("%s: %w", "not possible to check RBAC rules", err) + } + + rules := []*rbacv1.PolicyRule{ + { + APIGroups: []string{"cert-manager.io"}, + Resources: []string{"issuers", "certificaterequests", "certificates"}, + Verbs: []string{"create", "get", "list", "watch", "update", "patch", "delete"}, + }, + } + + if subjectAccessReviews, err := reviewer.CheckPolicyRules(ctx, serviceAccount, namespace, rules...); err != nil { + return nil, fmt.Errorf("%s: %w", "unable to check rbac rules", err) + } else if allowed, deniedReviews := rbac.AllSubjectAccessReviewsAllowed(subjectAccessReviews); !allowed { + return rbac.WarningsGroupedByResource(deniedReviews), nil + } + return nil, nil +} diff --git a/internal/autodetect/certmanager/operator.go b/internal/autodetect/certmanager/operator.go new file mode 100644 index 0000000000..19ec9baf18 --- /dev/null +++ b/internal/autodetect/certmanager/operator.go @@ -0,0 +1,30 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package certmanager + +// Availability represents that the Cert Manager CRDs are installed and the operator's service account has permissions to manage cert-manager resources. +type Availability int + +const ( + // NotAvailable Cert Manager CRDs or RBAC permissions to manage cert-manager certificates are not available. + NotAvailable Availability = iota + + // Available Cert Manager CRDs and RBAC permissions to manage cert-manager certificates are available. + Available +) + +func (p Availability) String() string { + return [...]string{"NotAvailable", "Available"}[p] +} diff --git a/internal/autodetect/main.go b/internal/autodetect/main.go index 359843dcd0..8dadb962ab 100644 --- a/internal/autodetect/main.go +++ b/internal/autodetect/main.go @@ -22,6 +22,7 @@ import ( "k8s.io/client-go/discovery" "k8s.io/client-go/rest" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/prometheus" autoRBAC "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/rbac" @@ -35,6 +36,7 @@ type AutoDetect interface { OpenShiftRoutesAvailability() (openshift.RoutesAvailability, error) PrometheusCRsAvailability() (prometheus.Availability, error) RBACPermissions(ctx context.Context) (autoRBAC.Availability, error) + CertManagerAvailability(ctx context.Context) (certmanager.Availability, error) } type autoDetect struct { @@ -103,3 +105,33 @@ func (a *autoDetect) RBACPermissions(ctx context.Context) (autoRBAC.Availability return autoRBAC.Available, nil } + +func (a *autoDetect) CertManagerAvailability(ctx context.Context) (certmanager.Availability, error) { + apiList, err := a.dcl.ServerGroups() + if err != nil { + return certmanager.NotAvailable, err + } + + apiGroups := apiList.Groups + certManagerFound := false + for i := 0; i < len(apiGroups); i++ { + if apiGroups[i].Name == "cert-manager.io" { + certManagerFound = true + break + } + } + + if !certManagerFound { + return certmanager.NotAvailable, nil + } + + w, err := certmanager.CheckCertManagerPermissions(ctx, a.reviewer) + if err != nil { + return certmanager.NotAvailable, err + } + if w != nil { + return certmanager.NotAvailable, fmt.Errorf("missing permissions: %s", w) + } + + return certmanager.Available, nil +} diff --git a/internal/config/main.go b/internal/config/main.go index a0dbe533b9..e32164585e 100644 --- a/internal/config/main.go +++ b/internal/config/main.go @@ -17,12 +17,14 @@ package config import ( "context" + "fmt" "time" "github.com/go-logr/logr" logf "sigs.k8s.io/controller-runtime/pkg/log" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/prometheus" autoRBAC "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/rbac" @@ -65,6 +67,7 @@ type Config struct { openshiftRoutesAvailability openshift.RoutesAvailability prometheusCRAvailability prometheus.Availability + certManagerAvailability certmanager.Availability labelsFilter []string annotationsFilter []string } @@ -76,6 +79,7 @@ func New(opts ...Option) Config { prometheusCRAvailability: prometheus.NotAvailable, openshiftRoutesAvailability: openshift.RoutesNotAvailable, createRBACPermissions: autoRBAC.NotAvailable, + certManagerAvailability: certmanager.NotAvailable, collectorConfigMapEntry: defaultCollectorConfigMapEntry, targetAllocatorConfigMapEntry: defaultTargetAllocatorConfigMapEntry, operatorOpAMPBridgeConfigMapEntry: defaultOperatorOpAMPBridgeConfigMapEntry, @@ -108,6 +112,7 @@ func New(opts ...Option) Config { logger: o.logger, openshiftRoutesAvailability: o.openshiftRoutesAvailability, prometheusCRAvailability: o.prometheusCRAvailability, + certManagerAvailability: o.certManagerAvailability, autoInstrumentationJavaImage: o.autoInstrumentationJavaImage, autoInstrumentationNodeJSImage: o.autoInstrumentationNodeJSImage, autoInstrumentationPythonImage: o.autoInstrumentationPythonImage, @@ -145,6 +150,14 @@ func (c *Config) AutoDetect() error { c.createRBACPermissions = rAuto c.logger.V(2).Info("create rbac permissions detected", "availability", rAuto) + cmAvl, err := c.autoDetect.CertManagerAvailability(context.Background()) + if err != nil { + c.logger.V(2).Info("the cert manager crd and permissions are not set for the operator", "reason", err) + fmt.Print(err) + } + c.certManagerAvailability = cmAvl + c.logger.V(2).Info("the cert manager crd and permissions are set for the operator", "availability", cmAvl) + return nil } @@ -233,6 +246,11 @@ func (c *Config) PrometheusCRAvailability() prometheus.Availability { return c.prometheusCRAvailability } +// CertManagerAvailability represents the availability of the Cert-Manager. +func (c *Config) CertManagerAvailability() certmanager.Availability { + return c.certManagerAvailability +} + // AutoInstrumentationJavaImage returns OpenTelemetry Java auto-instrumentation container image. func (c *Config) AutoInstrumentationJavaImage() string { return c.autoInstrumentationJavaImage diff --git a/internal/config/main_test.go b/internal/config/main_test.go index 1f3886f776..1d6e236264 100644 --- a/internal/config/main_test.go +++ b/internal/config/main_test.go @@ -22,6 +22,7 @@ import ( "github.com/stretchr/testify/require" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/prometheus" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/rbac" @@ -56,6 +57,9 @@ func TestConfigChangesOnAutoDetect(t *testing.T) { RBACPermissionsFunc: func(ctx context.Context) (rbac.Availability, error) { return rbac.Available, nil }, + CertManagerAvailabilityFunc: func(ctx context.Context) (certmanager.Availability, error) { + return certmanager.Available, nil + }, } cfg := config.New( config.WithAutoDetect(mock), @@ -80,6 +84,7 @@ type mockAutoDetect struct { OpenShiftRoutesAvailabilityFunc func() (openshift.RoutesAvailability, error) PrometheusCRsAvailabilityFunc func() (prometheus.Availability, error) RBACPermissionsFunc func(ctx context.Context) (rbac.Availability, error) + CertManagerAvailabilityFunc func(ctx context.Context) (certmanager.Availability, error) } func (m *mockAutoDetect) OpenShiftRoutesAvailability() (openshift.RoutesAvailability, error) { @@ -102,3 +107,10 @@ func (m *mockAutoDetect) RBACPermissions(ctx context.Context) (rbac.Availability } return rbac.NotAvailable, nil } + +func (m *mockAutoDetect) CertManagerAvailability(ctx context.Context) (certmanager.Availability, error) { + if m.CertManagerAvailabilityFunc != nil { + return m.CertManagerAvailabilityFunc(ctx) + } + return certmanager.NotAvailable, nil +} diff --git a/internal/config/options.go b/internal/config/options.go index 7635059413..66e2eee708 100644 --- a/internal/config/options.go +++ b/internal/config/options.go @@ -21,6 +21,7 @@ import ( "github.com/go-logr/logr" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/prometheus" autoRBAC "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/rbac" @@ -58,6 +59,7 @@ type options struct { operatorOpAMPBridgeImage string openshiftRoutesAvailability openshift.RoutesAvailability prometheusCRAvailability prometheus.Availability + certManagerAvailability certmanager.Availability labelsFilter []string annotationsFilter []string } @@ -208,6 +210,12 @@ func WithRBACPermissions(rAuto autoRBAC.Availability) Option { } } +func WithCertManagerAvailability(cmAvl certmanager.Availability) Option { + return func(o *options) { + o.certManagerAvailability = cmAvl + } +} + func WithLabelFilters(labelFilters []string) Option { return func(o *options) { diff --git a/internal/manifests/mutate.go b/internal/manifests/mutate.go index 9ac2d04fd2..92fcfb860b 100644 --- a/internal/manifests/mutate.go +++ b/internal/manifests/mutate.go @@ -20,6 +20,7 @@ import ( "reflect" "dario.cat/mergo" + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" routev1 "github.com/openshift/api/route/v1" monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" appsv1 "k8s.io/api/apps/v1" @@ -166,6 +167,16 @@ func MutateFuncFor(existing, desired client.Object) controllerutil.MutateFn { wantPr := desired.(*corev1.Secret) mutateSecret(pr, wantPr) + case *cmv1.Certificate: + cert := existing.(*cmv1.Certificate) + wantCert := desired.(*cmv1.Certificate) + mutateCertificate(cert, wantCert) + + case *cmv1.Issuer: + issuer := existing.(*cmv1.Issuer) + wantIssuer := desired.(*cmv1.Issuer) + mutateIssuer(issuer, wantIssuer) + default: t := reflect.TypeOf(existing).String() return fmt.Errorf("missing mutate implementation for resource type: %s", t) @@ -331,6 +342,18 @@ func mutateStatefulSet(existing, desired *appsv1.StatefulSet) error { return nil } +func mutateCertificate(existing, desired *cmv1.Certificate) { + existing.Annotations = desired.Annotations + existing.Labels = desired.Labels + existing.Spec = desired.Spec +} + +func mutateIssuer(existing, desired *cmv1.Issuer) { + existing.Annotations = desired.Annotations + existing.Labels = desired.Labels + existing.Spec = desired.Spec +} + func hasImmutableFieldChange(existing, desired *appsv1.StatefulSet) (bool, string) { if existing.CreationTimestamp.IsZero() { return false, "" diff --git a/internal/manifests/targetallocator/certificate.go b/internal/manifests/targetallocator/certificate.go new file mode 100644 index 0000000000..8ad3d3cd67 --- /dev/null +++ b/internal/manifests/targetallocator/certificate.go @@ -0,0 +1,113 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package targetallocator + +import ( + "fmt" + + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/open-telemetry/opentelemetry-operator/internal/manifests" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" + "github.com/open-telemetry/opentelemetry-operator/internal/naming" +) + +// / CACertificate returns a CA Certificate for the given instance. +func CACertificate(params manifests.Params) *cmv1.Certificate { + name := naming.CACertificate(params.TargetAllocator.Name) + labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) + + return &cmv1.Certificate{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: params.TargetAllocator.Namespace, + Name: name, + Labels: labels, + }, + Spec: cmv1.CertificateSpec{ + IsCA: true, + CommonName: naming.CACertificate(params.TargetAllocator.Name), + Subject: &cmv1.X509Subject{ + OrganizationalUnits: []string{"opentelemetry-operator"}, + }, + SecretName: naming.CACertificate(params.TargetAllocator.Name), + PrivateKey: &cmv1.CertificatePrivateKey{ + Algorithm: "ECDSA", + Size: 256, + }, + IssuerRef: cmmeta.ObjectReference{ + Name: naming.SelfSignedIssuer(params.TargetAllocator.Name), + Kind: "Issuer", + }, + }, + } +} + +// ServingCertificate returns a serving Certificate for the given instance. +func ServingCertificate(params manifests.Params) *cmv1.Certificate { + name := naming.TAServerCertificate(params.TargetAllocator.Name) + labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) + + return &cmv1.Certificate{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: params.TargetAllocator.Namespace, + Name: name, + Labels: labels, + }, + Spec: cmv1.CertificateSpec{ + DNSNames: []string{ + fmt.Sprintf("%s.%s.svc", naming.TAService(params.TargetAllocator.Name), params.TargetAllocator.Namespace), + fmt.Sprintf("%s.%s.svc.cluster.local", naming.TAService(params.TargetAllocator.Name), params.TargetAllocator.Namespace), + }, + IssuerRef: cmmeta.ObjectReference{ + Kind: "Issuer", + Name: naming.CAIssuer(params.TargetAllocator.Name), + }, + SecretName: naming.TAServerCertificate(params.TargetAllocator.Name), + Subject: &cmv1.X509Subject{ + OrganizationalUnits: []string{"opentelemetry-operator"}, + }, + }, + } +} + +// ClientCertificate returns a client Certificate for the given instance. +func ClientCertificate(params manifests.Params) *cmv1.Certificate { + name := naming.TAClientCertificate(params.TargetAllocator.Name) + labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) + + return &cmv1.Certificate{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: params.TargetAllocator.Namespace, + Name: name, + Labels: labels, + }, + Spec: cmv1.CertificateSpec{ + DNSNames: []string{ + fmt.Sprintf("%s.%s.svc", naming.TAService(params.TargetAllocator.Name), params.TargetAllocator.Namespace), + fmt.Sprintf("%s.%s.svc.cluster.local", naming.TAService(params.TargetAllocator.Name), params.TargetAllocator.Namespace), + }, + IssuerRef: cmmeta.ObjectReference{ + Kind: "Issuer", + Name: naming.CAIssuer(params.TargetAllocator.Name), + }, + SecretName: naming.TAClientCertificate(params.TargetAllocator.Name), + Subject: &cmv1.X509Subject{ + OrganizationalUnits: []string{"opentelemetry-operator"}, + }, + }, + } +} diff --git a/internal/manifests/targetallocator/issuer.go b/internal/manifests/targetallocator/issuer.go new file mode 100644 index 0000000000..56c170d2d6 --- /dev/null +++ b/internal/manifests/targetallocator/issuer.go @@ -0,0 +1,63 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package targetallocator + +import ( + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" + "github.com/open-telemetry/opentelemetry-operator/internal/naming" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// SelfSignedIssuer returns a self-signed issuer for the given instance. +func SelfSignedIssuer(params manifests.Params) *cmv1.Issuer { + name := naming.SelfSignedIssuer(params.TargetAllocator.Name) + labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) + + return &cmv1.Issuer{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: params.TargetAllocator.Namespace, + Labels: labels, + }, + Spec: cmv1.IssuerSpec{ + IssuerConfig: cmv1.IssuerConfig{ + SelfSigned: &cmv1.SelfSignedIssuer{}, + }, + }, + } +} + +// CAIssuer returns a CA issuer for the given instance. +func CAIssuer(params manifests.Params) *cmv1.Issuer { + name := naming.CAIssuer(params.TargetAllocator.Name) + labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) + + return &cmv1.Issuer{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: params.TargetAllocator.Namespace, + Labels: labels, + }, + Spec: cmv1.IssuerSpec{ + IssuerConfig: cmv1.IssuerConfig{ + CA: &cmv1.CAIssuer{ + SecretName: naming.CACertificate(params.TargetAllocator.Name), + }, + }, + }, + } +} diff --git a/internal/manifests/targetallocator/targetallocator.go b/internal/manifests/targetallocator/targetallocator.go index 84705184cf..41797bc5d7 100644 --- a/internal/manifests/targetallocator/targetallocator.go +++ b/internal/manifests/targetallocator/targetallocator.go @@ -17,6 +17,7 @@ package targetallocator import ( "sigs.k8s.io/controller-runtime/pkg/client" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -43,6 +44,14 @@ func Build(params manifests.Params) ([]client.Object, error) { resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(ServiceMonitor)) } + if params.Config.CertManagerAvailability() == certmanager.Available { + resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(SelfSignedIssuer)) + resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(CACertificate)) + resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(CAIssuer)) + resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(ServingCertificate)) + resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(ClientCertificate)) + } + for _, factory := range resourceFactories { res, err := factory(params) if err != nil { diff --git a/internal/naming/main.go b/internal/naming/main.go index def5adbf2a..4c51835d70 100644 --- a/internal/naming/main.go +++ b/internal/naming/main.go @@ -179,3 +179,28 @@ func TargetAllocatorServiceMonitor(otelcol string) string { func OpAMPBridgeServiceAccount(opampBridge string) string { return DNSName(Truncate("%s-opamp-bridge", 63, opampBridge)) } + +// SelfSignedIssuer returns the SelfSigned Issuer name based on the instance. +func SelfSignedIssuer(otelcol string) string { + return DNSName(Truncate("%s-self-signed-issuer", 63, otelcol)) +} + +// CAIssuer returns the CA Issuer name based on the instance. +func CAIssuer(otelcol string) string { + return DNSName(Truncate("%s-ca-issuer", 63, otelcol)) +} + +// CACertificateSecret returns the Secret name based on the instance. +func CACertificate(otelcol string) string { + return DNSName(Truncate("%s-ca-cert", 63, otelcol)) +} + +// TAServerCertificate returns the Certificate name based on the instance. +func TAServerCertificate(otelcol string) string { + return DNSName(Truncate("%s-ta-server-cert", 63, otelcol)) +} + +// TAClientCertificate returns the Certificate name based on the instance. +func TAClientCertificate(otelcol string) string { + return DNSName(Truncate("%s-ta-client-cert", 63, otelcol)) +} diff --git a/main.go b/main.go index fb856fd123..2528cee5d0 100644 --- a/main.go +++ b/main.go @@ -46,10 +46,12 @@ import ( "sigs.k8s.io/controller-runtime/pkg/webhook" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" otelv1alpha1 "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" otelv1beta1 "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/controllers" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/prometheus" "github.com/open-telemetry/opentelemetry-operator/internal/config" @@ -132,6 +134,7 @@ func main() { annotationsFilter []string webhookPort int tlsOpt tlsConfig + enableTargetAllocatorMTLS bool ) pflag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.") @@ -163,6 +166,7 @@ func main() { pflag.StringArrayVar(&annotationsFilter, "annotations-filter", []string{}, "Annotations to filter away from propagating onto deploys. It should be a string array containing patterns, which are literal strings optionally containing a * wildcard character. Example: --annotations-filter=.*filter.out will filter out annotations that looks like: annotation.filter.out: true") pflag.StringVar(&tlsOpt.minVersion, "tls-min-version", "VersionTLS12", "Minimum TLS version supported. Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants.") pflag.StringSliceVar(&tlsOpt.cipherSuites, "tls-cipher-suites", nil, "Comma-separated list of cipher suites for the server. Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). If omitted, the default Go cipher suites will be used") + pflag.BoolVar(&enableTargetAllocatorMTLS, constants.FlagTargetAllocatorMTLS, false, "Enable mTLS connection between the target allocator and the controller") pflag.Parse() logger := zap.New(zap.UseFlagOptions(&opts)) @@ -195,6 +199,7 @@ func main() { "enable-nginx-instrumentation", enableNginxInstrumentation, "enable-nodejs-instrumentation", enableNodeJSInstrumentation, "enable-java-instrumentation", enableJavaInstrumentation, + "enable-target-allocator-mtls", enableTargetAllocatorMTLS, ) restConfig := ctrl.GetConfigOrDie() @@ -304,6 +309,12 @@ func main() { } else { setupLog.Info("Openshift CRDs are not installed, skipping adding to scheme.") } + if cfg.CertManagerAvailability() == certmanager.Available { + setupLog.Info("Cert-Manager is installed, adding to scheme.") + utilruntime.Must(cmv1.AddToScheme(scheme)) + } else { + setupLog.Info("Cert-Manager is not installed, skipping adding to scheme.") + } if cfg.AnnotationsFilter() != nil { for _, basePattern := range cfg.AnnotationsFilter() { diff --git a/pkg/constants/env.go b/pkg/constants/env.go index 8ebd1bb5d9..d93505eda1 100644 --- a/pkg/constants/env.go +++ b/pkg/constants/env.go @@ -44,4 +44,6 @@ const ( FlagNginx = "enable-nginx-instrumentation" FlagNodeJS = "enable-nodejs-instrumentation" FlagJava = "enable-java-instrumentation" + + FlagTargetAllocatorMTLS = "enable-target-allocator-mtls" ) From 50d568ab8ec6428f3b21ab22dbcb71db44b20516 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Wed, 5 Jun 2024 22:37:51 +0300 Subject: [PATCH 03/88] Added relevant resources and started adding tests --- go.mod | 111 +++++--- go.sum | 263 ++++++++++-------- .../manifests/collector/config_replace.go | 4 +- internal/manifests/collector/configmap.go | 9 +- internal/manifests/collector/container.go | 13 + internal/manifests/collector/deployment.go | 28 +- internal/manifests/collector/statefulset.go | 28 +- internal/manifests/collector/volume.go | 17 ++ .../adapters/config_to_prom_config.go | 13 +- .../adapters/config_to_prom_config_test.go | 42 +++ .../manifests/targetallocator/certificate.go | 10 + .../manifests/targetallocator/container.go | 19 ++ .../targetallocator/container_test.go | 26 ++ internal/manifests/targetallocator/service.go | 20 +- internal/manifests/targetallocator/volume.go | 12 + main.go | 5 +- 16 files changed, 441 insertions(+), 179 deletions(-) diff --git a/go.mod b/go.mod index b0447d5056..bec17da550 100644 --- a/go.mod +++ b/go.mod @@ -22,13 +22,13 @@ require ( github.com/prometheus-operator/prometheus-operator v0.71.2 github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.72.0 github.com/prometheus-operator/prometheus-operator/pkg/client v0.72.0 - github.com/prometheus/client_golang v1.19.0 + github.com/prometheus/client_golang v1.19.1 github.com/prometheus/common v0.53.0 - github.com/prometheus/prometheus v0.51.2 + github.com/prometheus/prometheus v0.52.1 github.com/shirou/gopsutil v3.21.11+incompatible github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.9.0 - go.opentelemetry.io/collector/featuregate v1.3.0 + go.opentelemetry.io/collector/featuregate v1.8.0 go.opentelemetry.io/otel v1.26.0 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.26.0 go.opentelemetry.io/otel/metric v1.26.0 @@ -49,23 +49,46 @@ require ( sigs.k8s.io/yaml v1.4.0 ) -require sigs.k8s.io/gateway-api v1.0.0 // indirect +require ( + cloud.google.com/go/auth v0.2.0 // indirect + cloud.google.com/go/auth/oauth2adapt v0.2.0 // indirect + github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 // indirect + github.com/knadh/koanf/maps v0.1.1 // indirect + github.com/knadh/koanf/providers/confmap v0.1.0 // indirect + github.com/knadh/koanf/v2 v2.1.1 // indirect + github.com/mitchellh/copystructure v1.2.0 // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect + github.com/moby/docker-image-spec v1.3.1 // indirect + github.com/rs/cors v1.10.1 // indirect + go.opentelemetry.io/collector v0.101.0 // indirect + go.opentelemetry.io/collector/component v0.101.0 // indirect + go.opentelemetry.io/collector/config/configauth v0.101.0 // indirect + go.opentelemetry.io/collector/config/configcompression v1.8.0 // indirect + go.opentelemetry.io/collector/config/configopaque v1.8.0 // indirect + go.opentelemetry.io/collector/config/configtelemetry v0.101.0 // indirect + go.opentelemetry.io/collector/config/configtls v0.101.0 // indirect + go.opentelemetry.io/collector/config/internal v0.101.0 // indirect + go.opentelemetry.io/collector/confmap v0.101.0 // indirect + go.opentelemetry.io/collector/extension v0.101.0 // indirect + go.opentelemetry.io/collector/extension/auth v0.101.0 // indirect + go.opentelemetry.io/collector/pdata v1.8.0 // indirect + sigs.k8s.io/gateway-api v1.0.0 // indirect +) require ( - cloud.google.com/go/compute v1.24.0 // indirect - cloud.google.com/go/compute/metadata v0.2.3 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.10.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 // indirect + cloud.google.com/go/compute/metadata v0.3.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 // indirect + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 // indirect github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect - github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.5.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 v4.3.0 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect - github.com/Code-Hex/go-generics-cache v1.3.1 // indirect + github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect + github.com/Code-Hex/go-generics-cache v1.5.1 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect github.com/alecthomas/units v0.0.0-20231202071711-9a357b53e9c9 // indirect github.com/armon/go-metrics v0.4.1 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect - github.com/aws/aws-sdk-go v1.50.32 // indirect + github.com/aws/aws-sdk-go v1.51.25 // indirect github.com/bboreham/go-loser v0.0.0-20230920113527-fcc2c21820a3 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/blang/semver/v4 v4.0.0 // indirect @@ -76,9 +99,9 @@ require ( github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dennwc/varint v1.0.0 // indirect - github.com/digitalocean/godo v1.109.0 // indirect + github.com/digitalocean/godo v1.113.0 // indirect github.com/distribution/reference v0.5.0 // indirect - github.com/docker/docker v25.0.5+incompatible // indirect + github.com/docker/docker v26.0.1+incompatible // indirect github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/edsrzf/mmap-go v1.1.0 // indirect @@ -99,23 +122,23 @@ require ( github.com/go-logr/zapr v1.3.0 // indirect github.com/go-ole/go-ole v1.2.6 // indirect github.com/go-openapi/analysis v0.22.2 // indirect - github.com/go-openapi/errors v0.21.1 // indirect + github.com/go-openapi/errors v0.22.0 // indirect github.com/go-openapi/jsonpointer v0.20.2 // indirect github.com/go-openapi/jsonreference v0.20.4 // indirect github.com/go-openapi/loads v0.21.5 // indirect github.com/go-openapi/runtime v0.27.1 // indirect github.com/go-openapi/spec v0.20.14 // indirect - github.com/go-openapi/strfmt v0.22.2 // indirect + github.com/go-openapi/strfmt v0.23.0 // indirect github.com/go-openapi/swag v0.22.9 // indirect github.com/go-openapi/validate v0.23.0 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect github.com/go-playground/validator/v10 v10.14.0 // indirect - github.com/go-resty/resty/v2 v2.11.0 // indirect + github.com/go-resty/resty/v2 v2.12.0 // indirect github.com/go-zookeeper/zk v1.0.3 // indirect github.com/goccy/go-json v0.10.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang-jwt/jwt/v5 v5.2.0 // indirect + github.com/golang-jwt/jwt/v5 v5.2.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/golang/snappy v0.0.4 // indirect @@ -126,8 +149,8 @@ require ( github.com/google/s2a-go v0.1.7 // indirect github.com/google/uuid v1.6.0 // indirect github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect - github.com/googleapis/gax-go/v2 v2.12.2 // indirect - github.com/gophercloud/gophercloud v1.8.0 // indirect + github.com/googleapis/gax-go/v2 v2.12.3 // indirect + github.com/gophercloud/gophercloud v1.11.0 // indirect github.com/gorilla/websocket v1.5.1 // indirect github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect @@ -142,26 +165,26 @@ require ( github.com/hashicorp/go-rootcerts v1.0.2 // indirect github.com/hashicorp/go-version v1.6.0 // indirect github.com/hashicorp/golang-lru v0.6.0 // indirect - github.com/hashicorp/nomad/api v0.0.0-20240306004928-3e7191ccb702 // indirect + github.com/hashicorp/nomad/api v0.0.0-20240418183417-ea5f2f6748c7 // indirect github.com/hashicorp/serf v0.10.1 // indirect - github.com/hetznercloud/hcloud-go/v2 v2.6.0 // indirect + github.com/hetznercloud/hcloud-go/v2 v2.7.2 // indirect github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/ionos-cloud/sdk-go/v6 v6.1.11 // indirect github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/jpillora/backoff v1.0.0 // indirect - github.com/klauspost/compress v1.17.7 // indirect + github.com/klauspost/compress v1.17.8 // indirect github.com/klauspost/cpuid/v2 v2.2.5 // indirect github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b // indirect github.com/kylelemons/godebug v1.1.0 // indirect github.com/leodido/go-urn v1.2.4 // indirect - github.com/linode/linodego v1.29.0 // indirect + github.com/linode/linodego v1.32.0 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.19 // indirect github.com/metalmatze/signal v0.0.0-20210307161603-1c9aa721a97a // indirect - github.com/miekg/dns v1.1.58 // indirect + github.com/miekg/dns v1.1.59 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect @@ -182,44 +205,44 @@ require ( github.com/prometheus/client_model v0.6.1 // indirect github.com/prometheus/common/sigv4 v0.1.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect - github.com/scaleway/scaleway-sdk-go v1.0.0-beta.25 // indirect + github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26 // indirect github.com/spf13/cobra v1.8.0 // indirect github.com/tklauser/go-sysconf v0.3.13 // indirect github.com/tklauser/numcpus v0.7.0 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.2.11 // indirect github.com/vultr/govultr/v2 v2.17.2 // indirect - github.com/yusufpapurcu/wmi v1.2.3 // indirect + github.com/yusufpapurcu/wmi v1.2.4 // indirect go.mongodb.org/mongo-driver v1.14.0 // indirect go.opencensus.io v0.24.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect + go.opentelemetry.io/collector/config/confighttp v0.101.0 + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 // indirect go.opentelemetry.io/otel/trace v1.26.0 // indirect go.opentelemetry.io/proto/otlp v1.2.0 // indirect go.uber.org/atomic v1.11.0 // indirect go.uber.org/goleak v1.3.0 // indirect - go.uber.org/zap v1.26.0 // indirect + go.uber.org/zap v1.27.0 // indirect golang.org/x/arch v0.3.0 // indirect - golang.org/x/crypto v0.22.0 // indirect + golang.org/x/crypto v0.23.0 // indirect golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect - golang.org/x/mod v0.16.0 // indirect - golang.org/x/net v0.24.0 // indirect - golang.org/x/oauth2 v0.18.0 // indirect - golang.org/x/sync v0.6.0 // indirect - golang.org/x/sys v0.19.0 // indirect - golang.org/x/term v0.19.0 // indirect - golang.org/x/text v0.14.0 // indirect + golang.org/x/mod v0.17.0 // indirect + golang.org/x/net v0.25.0 // indirect + golang.org/x/oauth2 v0.19.0 // indirect + golang.org/x/sync v0.7.0 // indirect + golang.org/x/sys v0.20.0 // indirect + golang.org/x/term v0.20.0 // indirect + golang.org/x/text v0.15.0 // indirect golang.org/x/time v0.5.0 // indirect - golang.org/x/tools v0.19.0 // indirect + golang.org/x/tools v0.20.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/api v0.168.0 // indirect - google.golang.org/appengine v1.6.8 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240304212257-790db918fca8 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda // indirect + google.golang.org/api v0.174.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240415180920-8c6c420018be // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be // indirect google.golang.org/grpc v1.63.2 // indirect - google.golang.org/protobuf v1.33.0 // indirect + google.golang.org/protobuf v1.34.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect - k8s.io/kube-openapi v0.0.0-20240221221325-2ac9dc51f3f1 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) diff --git a/go.sum b/go.sum index 2d237403ff..f00451c8ae 100644 --- a/go.sum +++ b/go.sum @@ -13,16 +13,18 @@ cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKV cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= +cloud.google.com/go/auth v0.2.0 h1:y6oTcpMSbOcXbwYgUUrvI+mrQ2xbrcdpPgtVbCGTLTk= +cloud.google.com/go/auth v0.2.0/go.mod h1:+yb+oy3/P0geX6DLKlqiGHARGR6EX2GRtYCzWOCQSbU= +cloud.google.com/go/auth/oauth2adapt v0.2.0 h1:FR8zevgQwu+8CqiOT5r6xCmJa3pJC/wdXEEPF1OkNhA= +cloud.google.com/go/auth/oauth2adapt v0.2.0/go.mod h1:AfqujpDAlTfLfeCIl/HJZZlIxD8+nJoZ5e0x1IxGq5k= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/compute v1.24.0 h1:phWcR2eWzRJaL/kOiJwfFsPs4BaKq1j6vnpZrc1YlVg= -cloud.google.com/go/compute v1.24.0/go.mod h1:kw1/T+h/+tK2LJK0wiPPx1intgdAM3j/g3hFDlscY40= -cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= -cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= +cloud.google.com/go/compute/metadata v0.3.0 h1:Tz+eQXMEqDIKRsmY3cHTL6FVaynIjX2QxYC4trgAKZc= +cloud.google.com/go/compute/metadata v0.3.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= @@ -37,14 +39,14 @@ cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9 dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.10.0 h1:n1DH8TPV4qqPTje2RcUBYwtrTWlabVp4n46+74X2pn4= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.10.0/go.mod h1:HDcZnuGbiyppErN6lB+idp4CKhjbc8gwjto6OPpyggM= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 h1:E+OJmp2tPvt1W+amx48v1eqbjDYsgN+RzP4q16yV5eM= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1/go.mod h1:a6xsAQUZg+VsS3TJ05SRp524Hs4pZ/AeFSr5ENf0Yjo= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 h1:FDif4R1+UUR+00q6wquyX90K7A8dN+R5E8GEadoP7sU= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2/go.mod h1:aiYBYui4BJ/BJCAIKs92XiPyQfTaBWqvHujDwKb6CBU= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aMclParm9/5Vgp+TY51uBQ= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.5.0 h1:MxA59PGoCFb+vCwRQi3PhQEwHj4+r2dhuv9HG+vM7iM= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.5.0/go.mod h1:uYt4CfhkJA9o0FN7jfE5minm/i4nUE4MjGUJkzB6Zs8= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0 h1:ui3YNbxfW7J3tTFIZMH6LIGRjCngp+J+nIFlnizfNTE= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0/go.mod h1:gZmgV+qBqygoznvqo2J9oKZAFziqhLZ2xE/WVUmzkHA= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0 h1:PTFGRSlMKCQelWwxUyYVEUqseBJVemLyqWJjvMyt0do= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0/go.mod h1:LRr2FzBTQlONPPa5HREE5+RjSCTXl7BwOvYOaWTqCaI= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 v4.3.0 h1:bXwSugBiSbgtz7rOtbfGf+woewp4f06orW9OP5BjHLA= @@ -53,12 +55,12 @@ github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1. github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.1.1/go.mod h1:c/wcGeGx5FUPbM/JltUYHZcKmigwyVLJlDq+4HdtXaw= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= -github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 h1:DzHpqpoJVaCgOUdVHxE8QB52S6NiVdDQvGlny1qvPqA= -github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/Code-Hex/go-generics-cache v1.3.1 h1:i8rLwyhoyhaerr7JpjtYjJZUcCbWOdiYO3fZXLiEC4g= -github.com/Code-Hex/go-generics-cache v1.3.1/go.mod h1:qxcC9kRVrct9rHeiYpFWSoW1vxyillCVzX13KZG8dl4= +github.com/Code-Hex/go-generics-cache v1.5.1 h1:6vhZGc5M7Y/YD8cIUcY8kcuQLB4cHR7U+0KMqAA0KcU= +github.com/Code-Hex/go-generics-cache v1.5.1/go.mod h1:qxcC9kRVrct9rHeiYpFWSoW1vxyillCVzX13KZG8dl4= github.com/DATA-DOG/go-sqlmock v1.4.1/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= @@ -81,8 +83,8 @@ github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgI github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/aws/aws-sdk-go v1.38.35/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= -github.com/aws/aws-sdk-go v1.50.32 h1:POt81DvegnpQKM4DMDLlHz1CO6OBnEoQ1gRhYFd7QRY= -github.com/aws/aws-sdk-go v1.50.32/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.51.25 h1:DjTT8mtmsachhV6yrXR8+yhnG6120dazr720nopRsls= +github.com/aws/aws-sdk-go v1.51.25/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/bboreham/go-loser v0.0.0-20230920113527-fcc2c21820a3 h1:6df1vn4bBlDDo4tARvBm7l6KA9iVMnE3NWizDeWSrps= github.com/bboreham/go-loser v0.0.0-20230920113527-fcc2c21820a3/go.mod h1:CIWtjkly68+yqLPbvwwR/fjNJA/idrtULjZWh2v1ys0= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -119,7 +121,6 @@ github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa h1:jQCWAUqqlij9Pgj2i/P github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa/go.mod h1:x/1Gn8zydmfq8dk6e9PdstVsDgu9RuyIIJqAaF//0IM= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= -github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -127,14 +128,14 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dennwc/varint v1.0.0 h1:kGNFFSSw8ToIy3obO/kKr8U9GZYUAxQEVuix4zfDWzE= github.com/dennwc/varint v1.0.0/go.mod h1:hnItb35rvZvJrbTALZtY/iQfDs48JKRG1RPpgziApxA= -github.com/digitalocean/godo v1.109.0 h1:4W97RJLJSUQ3veRZDNbp1Ol3Rbn6Lmt9bKGvfqYI5SU= -github.com/digitalocean/godo v1.109.0/go.mod h1:R6EmmWI8CT1+fCtjWY9UCB+L5uufuZH13wk3YhxycCs= +github.com/digitalocean/godo v1.113.0 h1:CLtCxlP4wDAjKIQ+Hshht/UNbgAp8/J/XBH1ZtDCF9Y= +github.com/digitalocean/godo v1.113.0/go.mod h1:Z2mTP848Vi3IXXl5YbPekUgr4j4tOePomA+OE1Ag98w= github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0= github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= -github.com/docker/docker v25.0.5+incompatible h1:UmQydMduGkrD5nQde1mecF/YnSbTOaPeFIeP5C4W+DE= -github.com/docker/docker v25.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v26.0.1+incompatible h1:t39Hm6lpXuXtgkF0dm1t9a5HkbUfdGy6XbWexmGr+hA= +github.com/docker/docker v26.0.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= @@ -200,8 +201,8 @@ github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-openapi/analysis v0.22.2 h1:ZBmNoP2h5omLKr/srIC9bfqrUGzT6g6gNv03HE9Vpj0= github.com/go-openapi/analysis v0.22.2/go.mod h1:pDF4UbZsQTo/oNuRfAWWd4dAh4yuYf//LYorPTjrpvo= -github.com/go-openapi/errors v0.21.1 h1:rVisxQPdETctjlYntm0Ek4dKf68nAQocCloCT50vWuI= -github.com/go-openapi/errors v0.21.1/go.mod h1:LyiY9bgc7AVVh6wtVvMYEyoj3KJYNoRw92mmvnMWgj8= +github.com/go-openapi/errors v0.22.0 h1:c4xY/OLxUBSTiepAg3j/MHuAv5mJhnf53LLMWFB+u/w= +github.com/go-openapi/errors v0.22.0/go.mod h1:J3DmZScxCDufmIMsdOuDHxJbdOGC0xtUynjIx092vXE= github.com/go-openapi/jsonpointer v0.20.2 h1:mQc3nmndL8ZBzStEo3JYF8wzmeWffDH4VbXz58sAx6Q= github.com/go-openapi/jsonpointer v0.20.2/go.mod h1:bHen+N0u1KEO3YlmqOjTT9Adn1RfD91Ar825/PuiRVs= github.com/go-openapi/jsonreference v0.20.4 h1:bKlDxQxQJgwpUSgOENiMPzCTBVuc7vTdXSSgNeAhojU= @@ -212,8 +213,8 @@ github.com/go-openapi/runtime v0.27.1 h1:ae53yaOoh+fx/X5Eaq8cRmavHgDma65XPZuvBqv github.com/go-openapi/runtime v0.27.1/go.mod h1:fijeJEiEclyS8BRurYE1DE5TLb9/KZl6eAdbzjsrlLU= github.com/go-openapi/spec v0.20.14 h1:7CBlRnw+mtjFGlPDRZmAMnq35cRzI91xj03HVyUi/Do= github.com/go-openapi/spec v0.20.14/go.mod h1:8EOhTpBoFiask8rrgwbLC3zmJfz4zsCUueRuPM6GNkw= -github.com/go-openapi/strfmt v0.22.2 h1:DPYOrm6gexCfZZfXUaXFS4+Jw6HAaIIG0SZ5630f8yw= -github.com/go-openapi/strfmt v0.22.2/go.mod h1:HB/b7TCm91rno75Dembc1dFW/0FPLk5CEXsoF9ReNc4= +github.com/go-openapi/strfmt v0.23.0 h1:nlUS6BCqcnAk0pyhi9Y+kdDVZdZMHfEKQiS4HaMgO/c= +github.com/go-openapi/strfmt v0.23.0/go.mod h1:NrtIpfKtWIygRkKVsxh7XQMDQW5HKQl6S5ik2elW+K4= github.com/go-openapi/swag v0.22.9 h1:XX2DssF+mQKM2DHsbgZK74y/zj4mo9I99+89xUmuZCE= github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/XNLXVVwE= github.com/go-openapi/validate v0.23.0 h1:2l7PJLzCis4YUGEoW6eoQw3WhyM65WSIcjX6SQnlfDw= @@ -226,11 +227,13 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js= github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= -github.com/go-resty/resty/v2 v2.11.0 h1:i7jMfNOJYMp69lq7qozJP+bjgzfAzeOhuGlyDrqxT/8= -github.com/go-resty/resty/v2 v2.11.0/go.mod h1:iiP/OpA0CkcL3IGt1O0+/SIItFUbkkyw5BGXiVdTu+A= +github.com/go-resty/resty/v2 v2.12.0 h1:rsVL8P90LFvkUYq/V5BTVe203WfRIU4gvcf+yfzJzGA= +github.com/go-resty/resty/v2 v2.12.0/go.mod h1:o0yGPrkS3lOe1+eFajk6kBW8ScXzwU3hD69/gt2yB/0= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 h1:TQcrn6Wq+sKGkpyPvppOz99zsMBaUOKXq6HSv655U1c= +github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/go-zookeeper/zk v1.0.3 h1:7M2kwOsc//9VeeFiPtf+uSJlVpU66x9Ba5+8XK7/TDg= github.com/go-zookeeper/zk v1.0.3/go.mod h1:nOB03cncLtlp4t+UAkGSV+9beXP/akpekBwL+UX1Qcw= github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= @@ -238,8 +241,8 @@ github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MG github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw= -github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= +github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -267,8 +270,6 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= @@ -307,8 +308,8 @@ github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7 h1:y3N7Bm7Y9/CtpiVkw/ZWj6lSlDF3F74SfKwfTCer72Q= -github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= +github.com/google/pprof v0.0.0-20240416155748-26353dc0451f h1:WpZiq8iqvGjJ3m3wzAVKL6+0vz7VkE79iSy9GII00II= +github.com/google/pprof v0.0.0-20240416155748-26353dc0451f/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= @@ -319,10 +320,10 @@ github.com/googleapis/enterprise-certificate-proxy v0.3.2 h1:Vie5ybvEvT75RniqhfF github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gax-go/v2 v2.12.2 h1:mhN09QQW1jEWeMF74zGR81R30z4VJzjZsfkUhuHF+DA= -github.com/googleapis/gax-go/v2 v2.12.2/go.mod h1:61M8vcyyXR2kqKFxKrfA22jaA8JGF7Dc8App1U3H6jc= -github.com/gophercloud/gophercloud v1.8.0 h1:TM3Jawprb2NrdOnvcHhWJalmKmAmOGgfZElM/3oBYCk= -github.com/gophercloud/gophercloud v1.8.0/go.mod h1:aAVqcocTSXh2vYFZ1JTvx4EQmfgzxRcNupUfxZbBNDM= +github.com/googleapis/gax-go/v2 v2.12.3 h1:5/zPPDvw8Q1SuXjrqrZslrqT7dL/uJT2CQii/cLCKqA= +github.com/googleapis/gax-go/v2 v2.12.3/go.mod h1:AKloxT6GtNbaLm8QTNSidHUVsHYcBHwWRvkNFJUQcS4= +github.com/gophercloud/gophercloud v1.11.0 h1:ls0O747DIq1D8SUHc7r2vI8BFbMLeLFuENaAIfEx7OM= +github.com/gophercloud/gophercloud v1.11.0/go.mod h1:aAVqcocTSXh2vYFZ1JTvx4EQmfgzxRcNupUfxZbBNDM= github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd h1:PpuIBO5P3e9hpqBD0O/HjhShYuM6XE0i/lbE6J94kww= @@ -355,8 +356,6 @@ github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= -github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= -github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M= github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= @@ -379,12 +378,12 @@ github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= github.com/hashicorp/memberlist v0.5.0 h1:EtYPN8DpAURiapus508I4n9CzHs2W+8NZGbmmR/prTM= github.com/hashicorp/memberlist v0.5.0/go.mod h1:yvyXLpo0QaGE59Y7hDTsTzDD25JYBZ4mHgHUZ8lrOI0= -github.com/hashicorp/nomad/api v0.0.0-20240306004928-3e7191ccb702 h1:fI1LXuBaS1d9z1kmb++Og6YD8uMRwadXorCwE+xgOFA= -github.com/hashicorp/nomad/api v0.0.0-20240306004928-3e7191ccb702/go.mod h1:z71gkJdrkAt/Rl6C7Q79VE7AwJ5lUF+M+fzFTyIHYB0= +github.com/hashicorp/nomad/api v0.0.0-20240418183417-ea5f2f6748c7 h1:pjE59CS2C9Bg+Xby0ROrnZSSBWtKwx3Sf9gqsrvIFSA= +github.com/hashicorp/nomad/api v0.0.0-20240418183417-ea5f2f6748c7/go.mod h1:svtxn6QnrQ69P23VvIWMR34tg3vmwLz4UdUzm1dSCgE= github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY= github.com/hashicorp/serf v0.10.1/go.mod h1:yL2t6BqATOLGc5HF7qbFkTfXoPIY0WZdWHfEvMqbG+4= -github.com/hetznercloud/hcloud-go/v2 v2.6.0 h1:RJOA2hHZ7rD1pScA4O1NF6qhkHyUdbbxjHgFNot8928= -github.com/hetznercloud/hcloud-go/v2 v2.6.0/go.mod h1:4J1cSE57+g0WS93IiHLV7ubTHItcp+awzeBp5bM9mfA= +github.com/hetznercloud/hcloud-go/v2 v2.7.2 h1:UlE7n1GQZacCfyjv9tDVUN7HZfOXErPIfM/M039u9A0= +github.com/hetznercloud/hcloud-go/v2 v2.7.2/go.mod h1:49tIV+pXRJTUC7fbFZ03s45LKqSQdOPP5y91eOnJo/k= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= @@ -392,9 +391,8 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/ionos-cloud/sdk-go/v6 v6.1.11 h1:J/uRN4UWO3wCyGOeDdMKv8LWRzKu6UIkLEaes38Kzh8= github.com/ionos-cloud/sdk-go/v6 v6.1.11/go.mod h1:EzEgRIDxBELvfoa/uBN0kOQaqovLjUWEB7iW4/Q+t4k= -github.com/jarcoal/httpmock v1.3.0 h1:2RJ8GP0IIaWwcC9Fp2BmVi8Kog3v2Hn7VXM3fTd+nuc= -github.com/jarcoal/httpmock v1.3.0/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= -github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= +github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww= +github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 h1:liMMTbpW34dhU4az1GN0pTPADwNmvoRSeoZ6PItiqnY= github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= @@ -416,11 +414,17 @@ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7V github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.17.7 h1:ehO88t2UGzQK66LMdE8tibEd1ErmzZjNEqWkjLAKQQg= -github.com/klauspost/compress v1.17.7/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= +github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU= +github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= +github.com/knadh/koanf/maps v0.1.1 h1:G5TjmUh2D7G2YWf5SQQqSiHRJEjaicvU0KpypqB3NIs= +github.com/knadh/koanf/maps v0.1.1/go.mod h1:npD/QZY3V6ghQDdcQzl1W4ICNVTkohC8E73eI2xW4yI= +github.com/knadh/koanf/providers/confmap v0.1.0 h1:gOkxhHkemwG4LezxxN8DMOFopOPghxRVp7JbIvdvqzU= +github.com/knadh/koanf/providers/confmap v0.1.0/go.mod h1:2uLhxQzJnyHKfxG927awZC7+fyHFdQkd697K4MdLnIU= +github.com/knadh/koanf/v2 v2.1.1 h1:/R8eXqasSTsmDCsAyYj+81Wteg8AqrV9CP6gvsTsOmM= +github.com/knadh/koanf/v2 v2.1.1/go.mod h1:4mnTRbZCK+ALuBXHZMjDfG9y714L7TykVnZkXbMU3Es= github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b h1:udzkj9S/zlT5X367kqJis0QP7YMxobob6zhzq6Yre00= github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b/go.mod h1:pcaDhQK0/NJZEvtCO0qQPPropqV0sJOJ6YW7X+9kRwM= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -437,8 +441,8 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= -github.com/linode/linodego v1.29.0 h1:gDSQWAbKMAQX8db9FDCXHhodQPrJmLcmthjx6m+PyV4= -github.com/linode/linodego v1.29.0/go.mod h1:3k6WvCM10gillgYcnoLqIL23ST27BD9HhMsCJWb3Bpk= +github.com/linode/linodego v1.32.0 h1:OmZzB3iON6uu84VtLFf64uKmAQqJJarvmsVguroioPI= +github.com/linode/linodego v1.32.0/go.mod h1:y8GDP9uLVH4jTB9qyrgw79qfKdYJmNCGUOJmfuiOcmI= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= @@ -463,9 +467,11 @@ github.com/metalmatze/signal v0.0.0-20210307161603-1c9aa721a97a h1:0usWxe5SGXKQo github.com/metalmatze/signal v0.0.0-20210307161603-1c9aa721a97a/go.mod h1:3OETvrxfELvGsU2RoGGWercfeZ4bCL3+SOwzIWtJH/Q= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= -github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= -github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= +github.com/miekg/dns v1.1.59 h1:C9EXc/UToRwKLhK5wKU/I4QVsBUc8kE6MkHBkeypWZs= +github.com/miekg/dns v1.1.59/go.mod h1:nZpewl5p6IvctfgrckopVx2OlSEHPRO/U4SYkRklrEk= github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= +github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= @@ -473,6 +479,10 @@ github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= +github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/term v0.0.0-20221205130635-1aeaba878587 h1:HfkjXDfhgVaN5rmueG8cL8KKeFNecRCXFhaJ2qZ5SKA= github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -546,8 +556,8 @@ github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3O github.com/prometheus/client_golang v1.5.1/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU= -github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k= +github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= +github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= @@ -570,15 +580,17 @@ github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/prometheus/prometheus v0.51.2 h1:U0faf1nT4CB9DkBW87XLJCBi2s8nwWXdTbyzRUAkX0w= -github.com/prometheus/prometheus v0.51.2/go.mod h1:yv4MwOn3yHMQ6MZGHPg/U7Fcyqf+rxqiZfSur6myVtc= +github.com/prometheus/prometheus v0.52.1 h1:BrQ29YG+mzdGh8DgHPirHbeMGNqtL+INe0rqg7ttBJ4= +github.com/prometheus/prometheus v0.52.1/go.mod h1:3z74cVsmVH0iXOR5QBjB7Pa6A0KJeEAK5A6UsmAFb1g= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= -github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/rs/cors v1.10.1 h1:L0uuZVXIKlI1SShY2nhFfo44TYvDPQ1w4oFkUJNfhyo= +github.com/rs/cors v1.10.1/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/scaleway/scaleway-sdk-go v1.0.0-beta.25 h1:/8rfZAdFfafRXOgz+ZpMZZWZ5pYggCY9t7e/BvjaBHM= -github.com/scaleway/scaleway-sdk-go v1.0.0-beta.25/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg= +github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26 h1:F+GIVtGqCFxPxO46ujf8cEOP574MBoRm3gNbPXECbxs= +github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUtVbo7ada43DJhG55ua/hjS5I= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI= @@ -590,8 +602,6 @@ github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6Mwd github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= -github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -631,8 +641,8 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/yusufpapurcu/wmi v1.2.3 h1:E1ctvB7uKFMOJw3fdOW32DwGE9I7t++CRUEMKvFoFiw= -github.com/yusufpapurcu/wmi v1.2.3/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= +github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0= +github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= go.mongodb.org/mongo-driver v1.14.0 h1:P98w8egYRjYe3XDjxhYJagTokP/H6HzlsnojRgZRd80= go.mongodb.org/mongo-driver v1.14.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= @@ -642,18 +652,48 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/collector/featuregate v1.3.0 h1:nrFSx+zfjdisjE9oCx25Aep3nJ9RaUjeE1qFL6eovoU= -go.opentelemetry.io/collector/featuregate v1.3.0/go.mod h1:mm8+xyQfgDmqhyegZRNIQmoKsNnDTwWKFLsdMoXAb7A= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw= +go.opentelemetry.io/collector v0.101.0 h1:jnCI/JZgpEYONWy4LCvif4CjMM7cPS4XvGHp3OrZpYo= +go.opentelemetry.io/collector v0.101.0/go.mod h1:N0xja/N3NUDIC55SjjNzyyIoxE6YoCEZC3aXQ39yIVs= +go.opentelemetry.io/collector/component v0.101.0 h1:2sILYgE8cZJj0Vseh6LUjS9iXPyqDPTx/R8yf8IPu+4= +go.opentelemetry.io/collector/component v0.101.0/go.mod h1:OB1uBpQZ2Ba6wVui/sthh6j+CPxVQIy2ou5rzZPINQQ= +go.opentelemetry.io/collector/config/configauth v0.101.0 h1:rUH9aHETDmqaQFq53zaRIEy4N0jllzK6Bl1OoBlUA4s= +go.opentelemetry.io/collector/config/configauth v0.101.0/go.mod h1:wF/luWiQ7rpIWjFs0ds3PVrZ2bKhhVAmANKp3Fv5fjU= +go.opentelemetry.io/collector/config/configcompression v1.8.0 h1:qcgde9yOFkdRYSjHujxxVnciAPYBSI5hv1EZ/+7GQuA= +go.opentelemetry.io/collector/config/configcompression v1.8.0/go.mod h1:O0fOPCADyGwGLLIf5lf7N3960NsnIfxsm6dr/mIpL+M= +go.opentelemetry.io/collector/config/confighttp v0.101.0 h1:/LIrKzD+rzE+uLXECIXHhlO6pu9CnRmdrKV/VKbYT9A= +go.opentelemetry.io/collector/config/confighttp v0.101.0/go.mod h1:KspNrdrtpaPg27qtxZ+e3jmJoOHLyj0oNmMpJd0b3wg= +go.opentelemetry.io/collector/config/configopaque v1.8.0 h1:MXNJDG/yNmEX/tkf4EJ+aSucM92l4KfqtCAhBjMVMg8= +go.opentelemetry.io/collector/config/configopaque v1.8.0/go.mod h1:VUBsRa6pi8z1GaR9CCELMOnIZQRdZQ1GGi0W3UTk7x0= +go.opentelemetry.io/collector/config/configtelemetry v0.101.0 h1:G9RerNdBUm6rYW6wrJoKzleBiDsCGaCjtQx5UYr0hzw= +go.opentelemetry.io/collector/config/configtelemetry v0.101.0/go.mod h1:YV5PaOdtnU1xRomPcYqoHmyCr48tnaAREeGO96EZw8o= +go.opentelemetry.io/collector/config/configtls v0.101.0 h1:kUBqqEPuO7Awsqq8dOlP+NRQ/wSxyosM24m1lF6JIdA= +go.opentelemetry.io/collector/config/configtls v0.101.0/go.mod h1:cyNmN5a/SaXKeup3vbISmjwbXTt9Z0fl1wt7k30Ta3Q= +go.opentelemetry.io/collector/config/internal v0.101.0 h1:GnnVmX/v/MVf4oK4TOcG0+AnCsTDC02CsmTvcSq+08g= +go.opentelemetry.io/collector/config/internal v0.101.0/go.mod h1:GYu44KDiZy9Rs4wIq5kfWDihqfpbktgupUGjW4BBNpY= +go.opentelemetry.io/collector/confmap v0.101.0 h1:pGXZRBKnZqys1HgNECGSi8Pec5RBGa9vVCfrpcvW+kA= +go.opentelemetry.io/collector/confmap v0.101.0/go.mod h1:BWKPIpYeUzSG6ZgCJMjF7xsLvyrvJCfYURl57E5vhiQ= +go.opentelemetry.io/collector/consumer v0.101.0 h1:9tDxaeHe1+Uovf3fhdx7T4pV5mo/Dc0hniH7O5H3RBA= +go.opentelemetry.io/collector/consumer v0.101.0/go.mod h1:ud5k64on9m7hHTrhjEeLhWbLkd8+Gp06rDt3p86TKNs= +go.opentelemetry.io/collector/extension v0.101.0 h1:A4hq/aci9+/Pxi8sJfyYgbeHjSIL7JFZR81IlSOTla4= +go.opentelemetry.io/collector/extension v0.101.0/go.mod h1:14gQMuybTcppfTTM9AwqeoFrNCLv/ds/c0A4Z0hWuLI= +go.opentelemetry.io/collector/extension/auth v0.101.0 h1:Y3sO0qQb2tkm1LBdrH8UIUNpDcorWxwq/9nhcQqlxqU= +go.opentelemetry.io/collector/extension/auth v0.101.0/go.mod h1:5PEBkpr5fF/47BAZ2dvc9M3+QfkabxIOB4YCjjW5DNc= +go.opentelemetry.io/collector/featuregate v1.8.0 h1:p/bAuk5LiSfdYS88yFl/Jzao9bHEYqCh7YvZJ+L+IZg= +go.opentelemetry.io/collector/featuregate v1.8.0/go.mod h1:w7nUODKxEi3FLf1HslCiE6YWtMtOOrMnSwsDam8Mg9w= +go.opentelemetry.io/collector/pdata v1.8.0 h1:d/QQgZxB4Y+d3mqLVh2ozvzujUhloD3P/fk7X+In764= +go.opentelemetry.io/collector/pdata v1.8.0/go.mod h1:/W7clu0wFC4WSRp94Ucn6Vm36Wkrt+tmtlDb1aiNZCY= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 h1:Xs2Ncz0gNihqu9iosIZ5SkBbWo5T8JhhLJFMQL1qmLI= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0/go.mod h1:vy+2G/6NvVMpwGX/NyLqcC41fxepnuKHk16E6IZUcJc= go.opentelemetry.io/otel v1.26.0 h1:LQwgL5s/1W7YiiRwxf03QGnWLb2HW4pLiAhaA5cZXBs= go.opentelemetry.io/otel v1.26.0/go.mod h1:UmLkJHUAidDval2EICqBMbnAd0/m2vmpf/dAM+fvFs4= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.26.0 h1:HGZWGmCVRCVyAs2GQaiHQPbDHo+ObFWeUEOd+zDnp64= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.26.0/go.mod h1:SaH+v38LSCHddyk7RGlU9uZyQoRrKao6IBnJw6Kbn+c= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 h1:t6wl9SPayj+c7lEIFgm4ooDBZVb01IhLB4InpomhRw8= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0/go.mod h1:iSDOcsnSA5INXzZtwaBPrKp/lWu/V14Dd+llD0oI2EA= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 h1:Xw8U6u2f8DK2XAkGRFV7BBLENgnTGX9i4rQRxJf+/vs= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0/go.mod h1:6KW1Fm6R/s6Z3PGXwSJN2K4eT6wQB3vXX6CVnYX9NmM= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0 h1:1u/AyyOqAWzy+SkPxDpahCNZParHV8Vid1RnI2clyDE= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0/go.mod h1:z46paqbJ9l7c9fIPCXTqTGwhQZ5XoTIsfeFYWboizjs= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0 h1:1wp/gyxsuYtuE/JFxsQRtcCDtMrO2qMvlfXALU5wkzI= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0/go.mod h1:gbTHmghkGgqxMomVQQMur1Nba4M0MQ8AYThXDUjsJ38= +go.opentelemetry.io/otel/exporters/prometheus v0.48.0 h1:sBQe3VNGUjY9IKWQC6z2lNqa5iGbDSxhs60ABwK4y0s= +go.opentelemetry.io/otel/exporters/prometheus v0.48.0/go.mod h1:DtrbMzoZWwQHyrQmCfLam5DZbnmorsGbOtTbYHycU5o= go.opentelemetry.io/otel/metric v1.26.0 h1:7S39CLuY5Jgg9CrnA9HHiEjGMF/X2VHvoXGgSllRz30= go.opentelemetry.io/otel/metric v1.26.0/go.mod h1:SY+rHOI4cEawI9a7N1A4nIg/nTQXe1ccCNWYOJUrpX4= go.opentelemetry.io/otel/sdk v1.26.0 h1:Y7bumHf5tAiDlRYFmGqetNcLaVUZmh4iYfmGxtmz7F8= @@ -670,8 +710,8 @@ go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k= golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= @@ -684,11 +724,10 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= -golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= +golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= +golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -723,8 +762,8 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic= -golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -763,19 +802,18 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= -golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= +golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.18.0 h1:09qnuIAgzdx1XplqJvW6CQqMCtGZykZWcXzPMPUusvI= -golang.org/x/oauth2 v0.18.0/go.mod h1:Wf7knwG0MPoWIMMBgFlEaSUDaKskp0dCfrlJRJXbBi8= +golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= +golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -789,8 +827,8 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= -golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -848,18 +886,18 @@ golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= -golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= +golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= -golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= -golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= +golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= +golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -867,16 +905,14 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= +golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -924,8 +960,8 @@ golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw= -golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc= +golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY= +golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -948,16 +984,14 @@ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0M google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/api v0.168.0 h1:MBRe+Ki4mMN93jhDDbpuRLjRddooArz4FeSObvUMmjY= -google.golang.org/api v0.168.0/go.mod h1:gpNOiMA2tZ4mf5R9Iwf4rK/Dcz0fbdIgWYWVoxmsyLg= +google.golang.org/api v0.174.0 h1:zB1BWl7ocxfTea2aQ9mgdzXjnfPySllpPOskdnO+q34= +google.golang.org/api v0.174.0/go.mod h1:aC7tB6j0HR1Nl0ni5ghpx6iLasmAX78Zkh/wgxAAjLg= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -987,10 +1021,10 @@ google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7Fc google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto/googleapis/api v0.0.0-20240304212257-790db918fca8 h1:8eadJkXbwDEMNwcB5O0s5Y5eCfyuCLdvaiOIaGTrWmQ= -google.golang.org/genproto/googleapis/api v0.0.0-20240304212257-790db918fca8/go.mod h1:O1cOfN1Cy6QEYr7VxtjOyP5AdAuR0aJ/MYZaaof623Y= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda h1:LI5DOvAxUPMv/50agcLLoo+AdWc1irS9Rzz4vPuD1V4= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= +google.golang.org/genproto/googleapis/api v0.0.0-20240415180920-8c6c420018be h1:Zz7rLWqp0ApfsR/l7+zSHhY3PMiH2xqgxlfYfAfNpoU= +google.golang.org/genproto/googleapis/api v0.0.0-20240415180920-8c6c420018be/go.mod h1:dvdCTIoAGbkWbcIKBniID56/7XHTt6WfxXNMxuziJ+w= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be h1:LG9vZxsWGOmUKieR8wPAUR3u3MpnYFQZROPIMaXh7/A= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -1017,9 +1051,8 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= +google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -1063,8 +1096,8 @@ k8s.io/component-base v0.29.3 h1:Oq9/nddUxlnrCuuR2K/jp6aflVvc0uDvxMzAWxnGzAo= k8s.io/component-base v0.29.3/go.mod h1:Yuj33XXjuOk2BAaHsIGHhCKZQAgYKhqIxIjIr2UXYio= k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20240221221325-2ac9dc51f3f1 h1:rtdnaWfP40MTKv7izH81gkWpZB45pZrwIxyZdPSn1mI= -k8s.io/kube-openapi v0.0.0-20240221221325-2ac9dc51f3f1/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= k8s.io/kubectl v0.29.3 h1:RuwyyIU42MAISRIePaa8Q7A3U74Q9P4MoJbDFz9o3us= k8s.io/kubectl v0.29.3/go.mod h1:yCxfY1dbwgVdEt2zkJ6d5NNLOhhWgTyrqACIoFhpdd4= k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= diff --git a/internal/manifests/collector/config_replace.go b/internal/manifests/collector/config_replace.go index 85f38bf6ae..e2219f36d6 100644 --- a/internal/manifests/collector/config_replace.go +++ b/internal/manifests/collector/config_replace.go @@ -41,7 +41,7 @@ type Config struct { TargetAllocConfig *targetAllocator `yaml:"target_allocator,omitempty"` } -func ReplaceConfig(instance v1beta1.OpenTelemetryCollector) (string, error) { +func ReplaceConfig(instance v1beta1.OpenTelemetryCollector, options ...ta.TAOption) (string, error) { cfgStr, err := instance.Spec.Config.Yaml() if err != nil { return "", err @@ -68,7 +68,7 @@ func ReplaceConfig(instance v1beta1.OpenTelemetryCollector) (string, error) { // To avoid issues caused by Prometheus validation logic, which fails regex validation when it encounters // $$ in the prom config, we update the YAML file directly without marshaling and unmarshalling. - updPromCfgMap, getCfgPromErr := ta.AddTAConfigToPromConfig(promCfgMap, naming.TAService(instance.Name)) + updPromCfgMap, getCfgPromErr := ta.AddTAConfigToPromConfig(promCfgMap, naming.TAService(instance.Name), options...) if getCfgPromErr != nil { return "", getCfgPromErr } diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index 58ee4c1312..bc7adde837 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -18,8 +18,10 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" + ta "github.com/open-telemetry/opentelemetry-operator/internal/manifests/targetallocator/adapters" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) @@ -27,7 +29,12 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { name := naming.ConfigMap(params.OtelCol.Name) labels := manifestutils.Labels(params.OtelCol.ObjectMeta, name, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) - replacedConf, err := ReplaceConfig(params.OtelCol) + replaceCfgOpts := []ta.TAOption{} + if params.Config.CertManagerAvailability() == certmanager.Available { + replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig("/tls/ca.crt", "/tls/tls.crt", "/tls/tls.key", naming.TAService(params.OtelCol.Name))) + } + + replacedConf, err := ReplaceConfig(params.OtelCol, replaceCfgOpts...) if err != nil { params.Log.V(2).Info("failed to update prometheus config to use sharded targets: ", "err", err) return nil, err diff --git a/internal/manifests/collector/container.go b/internal/manifests/collector/container.go index d0585ff9d8..63726fe2ac 100644 --- a/internal/manifests/collector/container.go +++ b/internal/manifests/collector/container.go @@ -26,6 +26,7 @@ import ( "k8s.io/apimachinery/pkg/util/validation" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector/adapters" "github.com/open-telemetry/opentelemetry-operator/internal/naming" @@ -90,6 +91,18 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme }) } + if cfg.CertManagerAvailability() == certmanager.Available { + volumeMounts = append(volumeMounts, + corev1.VolumeMount{ + Name: naming.TAClientCertificate(otelcol.Name), + MountPath: "/tls"}, + corev1.VolumeMount{ + Name: "shared-ca-certificates", + MountPath: "/etc/ssl/certs/ca-certificates.crt", + SubPath: "ca-certificates.crt", + }) + } + // ensure that the v1alpha1.OpenTelemetryCollectorSpec.Args are ordered when moved to container.Args, // where iterating over a map does not guarantee, so that reconcile will not be fooled by different // ordering in args. diff --git a/internal/manifests/collector/deployment.go b/internal/manifests/collector/deployment.go index 1cc105114b..39ecfdf505 100644 --- a/internal/manifests/collector/deployment.go +++ b/internal/manifests/collector/deployment.go @@ -19,6 +19,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" @@ -38,6 +39,31 @@ func Deployment(params manifests.Params) (*appsv1.Deployment, error) { return nil, err } + initContainers := params.OtelCol.Spec.InitContainers + + if params.Config.CertManagerAvailability() == certmanager.Available { + initContainers = append(initContainers, corev1.Container{ + Name: "install-ca-cert", + Image: "alpine:latest", + Command: []string{ + "/bin/sh", + "-c", + "apk --update add ca-certificates && update-ca-certificates && cp /etc/ssl/certs/ca-certificates.crt /shared/ca-certificates.crt", + }, + VolumeMounts: []corev1.VolumeMount{ + { + Name: naming.TAClientCertificate(params.OtelCol.Name), + MountPath: "/usr/local/share/ca-certificates/ca.crt", + SubPath: "ca.crt", + }, + { + Name: "shared-ca-certificates", + MountPath: "/shared", + }, + }, + }) + } + return &appsv1.Deployment{ ObjectMeta: metav1.ObjectMeta{ Name: name, @@ -58,7 +84,7 @@ func Deployment(params manifests.Params) (*appsv1.Deployment, error) { }, Spec: corev1.PodSpec{ ServiceAccountName: ServiceAccountName(params.OtelCol), - InitContainers: params.OtelCol.Spec.InitContainers, + InitContainers: initContainers, Containers: append(params.OtelCol.Spec.AdditionalContainers, Container(params.Config, params.Log, params.OtelCol, true)), Volumes: Volumes(params.Config, params.OtelCol), DNSPolicy: getDNSPolicy(params.OtelCol), diff --git a/internal/manifests/collector/statefulset.go b/internal/manifests/collector/statefulset.go index bfb3a70964..c1c84a54f0 100644 --- a/internal/manifests/collector/statefulset.go +++ b/internal/manifests/collector/statefulset.go @@ -19,6 +19,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" @@ -39,6 +40,31 @@ func StatefulSet(params manifests.Params) (*appsv1.StatefulSet, error) { return nil, err } + initContainers := params.OtelCol.Spec.InitContainers + + if params.Config.CertManagerAvailability() == certmanager.Available { + initContainers = append(initContainers, corev1.Container{ + Name: "install-ca-cert", + Image: "alpine:latest", + Command: []string{ + "/bin/sh", + "-c", + "apk --update add ca-certificates && update-ca-certificates && cp /etc/ssl/certs/ca-certificates.crt /shared/ca-certificates.crt", + }, + VolumeMounts: []corev1.VolumeMount{ + { + Name: naming.TAClientCertificate(params.OtelCol.Name), + MountPath: "/usr/local/share/ca-certificates/ca.crt", + SubPath: "ca.crt", + }, + { + Name: "shared-ca-certificates", + MountPath: "/shared", + }, + }, + }) + } + return &appsv1.StatefulSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, @@ -58,7 +84,7 @@ func StatefulSet(params manifests.Params) (*appsv1.StatefulSet, error) { }, Spec: corev1.PodSpec{ ServiceAccountName: ServiceAccountName(params.OtelCol), - InitContainers: params.OtelCol.Spec.InitContainers, + InitContainers: initContainers, Containers: append(params.OtelCol.Spec.AdditionalContainers, Container(params.Config, params.Log, params.OtelCol, true)), Volumes: Volumes(params.Config, params.OtelCol), DNSPolicy: getDNSPolicy(params.OtelCol), diff --git a/internal/manifests/collector/volume.go b/internal/manifests/collector/volume.go index 5cf82fde7a..29a5bbb5f8 100644 --- a/internal/manifests/collector/volume.go +++ b/internal/manifests/collector/volume.go @@ -19,6 +19,7 @@ import ( corev1 "k8s.io/api/core/v1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) @@ -38,6 +39,22 @@ func Volumes(cfg config.Config, otelcol v1beta1.OpenTelemetryCollector) []corev1 }, }} + if cfg.CertManagerAvailability() == certmanager.Available { + volumes = append(volumes, corev1.Volume{ + Name: naming.TAClientCertificate(otelcol.Name), + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: naming.TAClientCertificate(otelcol.Name), + }, + }, + }, corev1.Volume{ + Name: "shared-ca-certificates", + VolumeSource: corev1.VolumeSource{ + EmptyDir: &corev1.EmptyDirVolumeSource{}, + }, + }) + } + if len(otelcol.Spec.Volumes) > 0 { volumes = append(volumes, otelcol.Spec.Volumes...) } diff --git a/internal/manifests/targetallocator/adapters/config_to_prom_config.go b/internal/manifests/targetallocator/adapters/config_to_prom_config.go index 1dd316e375..6395c6f2a0 100644 --- a/internal/manifests/targetallocator/adapters/config_to_prom_config.go +++ b/internal/manifests/targetallocator/adapters/config_to_prom_config.go @@ -259,24 +259,23 @@ func AddHTTPSDConfigToPromConfig(prometheus map[interface{}]interface{}, taServi return prometheus, nil } -func WithTLSConfig(caFile, certFile, keyFile string) TAOption { +func WithTLSConfig(caFile, certFile, keyFile, taServiceName string) TAOption { return func(targetAllocatorCfg map[interface{}]interface{}) error { - if targetAllocatorCfg["tls"] == nil { + if _, exists := targetAllocatorCfg["tls"]; !exists { targetAllocatorCfg["tls"] = make(map[interface{}]interface{}) } - targetAllocatorCfg, ok := targetAllocatorCfg["tls"].(map[interface{}]interface{}) - if !ok { - return errorNotAMap("tls") - } - targetAllocatorCfg["tls"] = make(map[interface{}]interface{}) tlsCfg, ok := targetAllocatorCfg["tls"].(map[interface{}]interface{}) if !ok { return errorNotAMap("tls") } + tlsCfg["ca_file"] = caFile tlsCfg["cert_file"] = certFile tlsCfg["key_file"] = keyFile + + targetAllocatorCfg["endpoint"] = fmt.Sprintf("https://%s:443", taServiceName) + return nil } } diff --git a/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go b/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go index 2ad7b741c6..b06d1ed67a 100644 --- a/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go +++ b/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go @@ -518,3 +518,45 @@ func TestValidateTargetAllocatorConfig(t *testing.T) { }) } } + +func TestAddTAConfigToPromConfigWithTLSConfig(t *testing.T) { + t.Run("should return expected prom config map with TA config and TLS config", func(t *testing.T) { + cfg := map[interface{}]interface{}{ + "config": map[interface{}]interface{}{ + "scrape_configs": []interface{}{ + map[interface{}]interface{}{ + "job_name": "test_job", + "static_configs": []interface{}{ + map[interface{}]interface{}{ + "targets": []interface{}{ + "localhost:9090", + }, + }, + }, + }, + }, + }, + } + + taServiceName := "test-targetallocator" + + expectedResult := map[interface{}]interface{}{ + "config": map[interface{}]interface{}{}, + "target_allocator": map[interface{}]interface{}{ + "endpoint": "https://test-targetallocator:443", + "interval": "30s", + "collector_id": "${POD_NAME}", + "tls": map[interface{}]interface{}{ + "ca_file": "ca.crt", + "cert_file": "tls.crt", + "key_file": "tls.key", + }, + }, + } + + result, err := ta.AddTAConfigToPromConfig(cfg, taServiceName, ta.WithTLSConfig("ca.crt", "tls.crt", "tls.key", taServiceName)) + + assert.NoError(t, err) + assert.Equal(t, expectedResult, result) + }) +} diff --git a/internal/manifests/targetallocator/certificate.go b/internal/manifests/targetallocator/certificate.go index 8ad3d3cd67..2175996072 100644 --- a/internal/manifests/targetallocator/certificate.go +++ b/internal/manifests/targetallocator/certificate.go @@ -69,6 +69,7 @@ func ServingCertificate(params manifests.Params) *cmv1.Certificate { }, Spec: cmv1.CertificateSpec{ DNSNames: []string{ + naming.TAService(params.TargetAllocator.Name), fmt.Sprintf("%s.%s.svc", naming.TAService(params.TargetAllocator.Name), params.TargetAllocator.Namespace), fmt.Sprintf("%s.%s.svc.cluster.local", naming.TAService(params.TargetAllocator.Name), params.TargetAllocator.Namespace), }, @@ -76,6 +77,10 @@ func ServingCertificate(params manifests.Params) *cmv1.Certificate { Kind: "Issuer", Name: naming.CAIssuer(params.TargetAllocator.Name), }, + Usages: []cmv1.KeyUsage{ + cmv1.UsageClientAuth, + cmv1.UsageServerAuth, + }, SecretName: naming.TAServerCertificate(params.TargetAllocator.Name), Subject: &cmv1.X509Subject{ OrganizationalUnits: []string{"opentelemetry-operator"}, @@ -97,6 +102,7 @@ func ClientCertificate(params manifests.Params) *cmv1.Certificate { }, Spec: cmv1.CertificateSpec{ DNSNames: []string{ + naming.TAService(params.TargetAllocator.Name), fmt.Sprintf("%s.%s.svc", naming.TAService(params.TargetAllocator.Name), params.TargetAllocator.Namespace), fmt.Sprintf("%s.%s.svc.cluster.local", naming.TAService(params.TargetAllocator.Name), params.TargetAllocator.Namespace), }, @@ -104,6 +110,10 @@ func ClientCertificate(params manifests.Params) *cmv1.Certificate { Kind: "Issuer", Name: naming.CAIssuer(params.TargetAllocator.Name), }, + Usages: []cmv1.KeyUsage{ + cmv1.UsageClientAuth, + cmv1.UsageServerAuth, + }, SecretName: naming.TAClientCertificate(params.TargetAllocator.Name), Subject: &cmv1.X509Subject{ OrganizationalUnits: []string{"opentelemetry-operator"}, diff --git a/internal/manifests/targetallocator/container.go b/internal/manifests/targetallocator/container.go index 17e8d3772f..1ea159c2cc 100644 --- a/internal/manifests/targetallocator/container.go +++ b/internal/manifests/targetallocator/container.go @@ -21,6 +21,7 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) @@ -87,6 +88,24 @@ func Container(cfg config.Config, logger logr.Logger, instance v1beta1.TargetAll }, } + if cfg.CertManagerAvailability() == certmanager.Available { + ports = append(ports, corev1.ContainerPort{ + Name: "https", + ContainerPort: 8443, + Protocol: corev1.ProtocolTCP, + }) + volumeMounts = append(volumeMounts, corev1.VolumeMount{ + Name: naming.TAServerCertificate(instance.Name), + MountPath: "/tls", + }) + args = append(args, + "--enable-https-server", + "--https-ca-file=/tls/ca.crt", + "--https-tls-cert-file=/tls/tls.crt", + "--https-tls-key-file=/tls/tls.key", + ) + } + envVars = append(envVars, proxy.ReadProxyVarsFromEnv()...) return corev1.Container{ Name: naming.TAContainer(), diff --git a/internal/manifests/targetallocator/container_test.go b/internal/manifests/targetallocator/container_test.go index fb9ef9fe2d..f1e15cf7e8 100644 --- a/internal/manifests/targetallocator/container_test.go +++ b/internal/manifests/targetallocator/container_test.go @@ -26,6 +26,7 @@ import ( logf "sigs.k8s.io/controller-runtime/pkg/log" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) @@ -360,3 +361,28 @@ func TestSecurityContext(t *testing.T) { // verify assert.Equal(t, securityContext, c.SecurityContext) } + +func TestContainerWithCertManagerAvailable(t *testing.T) { + // prepare + targetAllocator := v1beta1.TargetAllocator{} + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + // test + c := Container(cfg, logger, targetAllocator) + + // verify + assert.Equal(t, "http", c.Ports[0].Name) + assert.Equal(t, int32(8080), c.Ports[0].ContainerPort) + assert.Equal(t, "https", c.Ports[1].Name) + assert.Equal(t, int32(8443), c.Ports[1].ContainerPort) + + assert.Contains(t, c.VolumeMounts, corev1.VolumeMount{ + Name: naming.TAServerCertificate(""), + MountPath: "/tls", + }) + + assert.Contains(t, c.Args, "--enable-https-server") + assert.Contains(t, c.Args, "--https-ca-file=/tls/ca.crt") + assert.Contains(t, c.Args, "--https-tls-cert-file=/tls/tls.crt") + assert.Contains(t, c.Args, "--https-tls-key-file=/tls/tls.key") +} diff --git a/internal/manifests/targetallocator/service.go b/internal/manifests/targetallocator/service.go index 144213f56d..b72bb415f9 100644 --- a/internal/manifests/targetallocator/service.go +++ b/internal/manifests/targetallocator/service.go @@ -19,6 +19,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" @@ -29,6 +30,19 @@ func Service(params manifests.Params) *corev1.Service { labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) selector := manifestutils.TASelectorLabels(params.TargetAllocator, ComponentOpenTelemetryTargetAllocator) + ports := make([]corev1.ServicePort, 0) + ports = append(ports, corev1.ServicePort{ + Name: "targetallocation", + Port: 80, + TargetPort: intstr.FromString("http")}) + + if params.Config.CertManagerAvailability() == certmanager.Available { + ports = append(ports, corev1.ServicePort{ + Name: "http-metrics", + Port: 443, + TargetPort: intstr.FromString("https")}) + } + return &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ Name: naming.TAService(params.TargetAllocator.Name), @@ -37,11 +51,7 @@ func Service(params manifests.Params) *corev1.Service { }, Spec: corev1.ServiceSpec{ Selector: selector, - Ports: []corev1.ServicePort{{ - Name: "targetallocation", - Port: 80, - TargetPort: intstr.FromString("http"), - }}, + Ports: ports, }, } } diff --git a/internal/manifests/targetallocator/volume.go b/internal/manifests/targetallocator/volume.go index 3651a9d3ae..1ffe3294b2 100644 --- a/internal/manifests/targetallocator/volume.go +++ b/internal/manifests/targetallocator/volume.go @@ -18,6 +18,7 @@ import ( corev1 "k8s.io/api/core/v1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) @@ -38,5 +39,16 @@ func Volumes(cfg config.Config, instance v1beta1.TargetAllocator) []corev1.Volum }, }} + if cfg.CertManagerAvailability() == certmanager.Available { + volumes = append(volumes, corev1.Volume{ + Name: naming.TAServerCertificate(instance.Name), + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: naming.TAServerCertificate(instance.Name), + }, + }, + }) + } + return volumes } diff --git a/main.go b/main.go index 2528cee5d0..2b12a9f50c 100644 --- a/main.go +++ b/main.go @@ -134,7 +134,6 @@ func main() { annotationsFilter []string webhookPort int tlsOpt tlsConfig - enableTargetAllocatorMTLS bool ) pflag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.") @@ -166,7 +165,6 @@ func main() { pflag.StringArrayVar(&annotationsFilter, "annotations-filter", []string{}, "Annotations to filter away from propagating onto deploys. It should be a string array containing patterns, which are literal strings optionally containing a * wildcard character. Example: --annotations-filter=.*filter.out will filter out annotations that looks like: annotation.filter.out: true") pflag.StringVar(&tlsOpt.minVersion, "tls-min-version", "VersionTLS12", "Minimum TLS version supported. Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants.") pflag.StringSliceVar(&tlsOpt.cipherSuites, "tls-cipher-suites", nil, "Comma-separated list of cipher suites for the server. Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). If omitted, the default Go cipher suites will be used") - pflag.BoolVar(&enableTargetAllocatorMTLS, constants.FlagTargetAllocatorMTLS, false, "Enable mTLS connection between the target allocator and the controller") pflag.Parse() logger := zap.New(zap.UseFlagOptions(&opts)) @@ -199,7 +197,6 @@ func main() { "enable-nginx-instrumentation", enableNginxInstrumentation, "enable-nodejs-instrumentation", enableNodeJSInstrumentation, "enable-java-instrumentation", enableJavaInstrumentation, - "enable-target-allocator-mtls", enableTargetAllocatorMTLS, ) restConfig := ctrl.GetConfigOrDie() @@ -312,6 +309,8 @@ func main() { if cfg.CertManagerAvailability() == certmanager.Available { setupLog.Info("Cert-Manager is installed, adding to scheme.") utilruntime.Must(cmv1.AddToScheme(scheme)) + setupLog.Info("Securing the connection between the target allocator and the collector") + cfg.ena } else { setupLog.Info("Cert-Manager is not installed, skipping adding to scheme.") } From 61ba6fc6b3faaa900bf860be55916bbac12583e3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 May 2024 11:14:29 +0200 Subject: [PATCH 04/88] Bump github.com/gin-gonic/gin from 1.9.1 to 1.10.0 (#2953) Bumps [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) from 1.9.1 to 1.10.0. - [Release notes](https://github.com/gin-gonic/gin/releases) - [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md) - [Commits](https://github.com/gin-gonic/gin/compare/v1.9.1...v1.10.0) --- updated-dependencies: - dependency-name: github.com/gin-gonic/gin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 32 +++++++++++++++++-------- go.sum | 74 +++++++++++++++++++++++++++++----------------------------- 2 files changed, 59 insertions(+), 47 deletions(-) diff --git a/go.mod b/go.mod index bec17da550..ad6af1f380 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/buraksezer/consistent v0.10.0 github.com/cespare/xxhash/v2 v2.3.0 github.com/ghodss/yaml v1.0.0 - github.com/gin-gonic/gin v1.9.1 + github.com/gin-gonic/gin v1.10.0 github.com/go-kit/log v0.2.1 github.com/go-logr/logr v1.4.1 github.com/json-iterator/go v1.1.12 @@ -92,10 +92,12 @@ require ( github.com/bboreham/go-loser v0.0.0-20230920113527-fcc2c21820a3 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/blang/semver/v4 v4.0.0 // indirect - github.com/bytedance/sonic v1.9.1 // indirect + github.com/bytedance/sonic v1.11.6 // indirect + github.com/bytedance/sonic/loader v0.1.1 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cert-manager/cert-manager v1.14.5 - github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect + github.com/cloudwego/base64x v0.1.4 // indirect + github.com/cloudwego/iasm v0.2.0 // indirect github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dennwc/varint v1.0.0 // indirect @@ -115,7 +117,7 @@ require ( github.com/fatih/color v1.15.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/gabriel-vasile/mimetype v1.4.2 // indirect + github.com/gabriel-vasile/mimetype v1.4.3 // indirect github.com/gin-contrib/sse v0.1.0 // indirect github.com/go-logfmt/logfmt v0.6.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect @@ -133,7 +135,7 @@ require ( github.com/go-openapi/validate v0.23.0 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect - github.com/go-playground/validator/v10 v10.14.0 // indirect + github.com/go-playground/validator/v10 v10.20.0 // indirect github.com/go-resty/resty/v2 v2.12.0 // indirect github.com/go-zookeeper/zk v1.0.3 // indirect github.com/goccy/go-json v0.10.2 // indirect @@ -174,15 +176,15 @@ require ( github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/jpillora/backoff v1.0.0 // indirect + github.com/klauspost/cpuid/v2 v2.2.7 // indirect github.com/klauspost/compress v1.17.8 // indirect - github.com/klauspost/cpuid/v2 v2.2.5 // indirect github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b // indirect github.com/kylelemons/godebug v1.1.0 // indirect - github.com/leodido/go-urn v1.2.4 // indirect + github.com/leodido/go-urn v1.4.0 // indirect github.com/linode/linodego v1.32.0 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.19 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect github.com/metalmatze/signal v0.0.0-20210307161603-1c9aa721a97a // indirect github.com/miekg/dns v1.1.59 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect @@ -196,7 +198,7 @@ require ( github.com/opencontainers/image-spec v1.0.2 // indirect github.com/opentracing/opentracing-go v1.2.0 // indirect github.com/ovh/go-ovh v1.4.3 // indirect - github.com/pelletier/go-toml/v2 v2.0.8 // indirect + github.com/pelletier/go-toml/v2 v2.2.2 // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect @@ -210,7 +212,7 @@ require ( github.com/tklauser/go-sysconf v0.3.13 // indirect github.com/tklauser/numcpus v0.7.0 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect - github.com/ugorji/go/codec v1.2.11 // indirect + github.com/ugorji/go/codec v1.2.12 // indirect github.com/vultr/govultr/v2 v2.17.2 // indirect github.com/yusufpapurcu/wmi v1.2.4 // indirect go.mongodb.org/mongo-driver v1.14.0 // indirect @@ -221,10 +223,20 @@ require ( go.opentelemetry.io/proto/otlp v1.2.0 // indirect go.uber.org/atomic v1.11.0 // indirect go.uber.org/goleak v1.3.0 // indirect + go.uber.org/zap v1.26.0 // indirect + golang.org/x/arch v0.8.0 // indirect + golang.org/x/crypto v0.23.0 // indirect go.uber.org/zap v1.27.0 // indirect golang.org/x/arch v0.3.0 // indirect golang.org/x/crypto v0.23.0 // indirect golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect + golang.org/x/mod v0.16.0 // indirect + golang.org/x/net v0.25.0 // indirect + golang.org/x/oauth2 v0.18.0 // indirect + golang.org/x/sync v0.6.0 // indirect + golang.org/x/sys v0.20.0 // indirect + golang.org/x/term v0.20.0 // indirect + golang.org/x/text v0.15.0 // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.25.0 // indirect golang.org/x/oauth2 v0.19.0 // indirect diff --git a/go.sum b/go.sum index f00451c8ae..22cb3f5a06 100644 --- a/go.sum +++ b/go.sum @@ -96,9 +96,10 @@ github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/buraksezer/consistent v0.10.0 h1:hqBgz1PvNLC5rkWcEBVAL9dFMBWz6I0VgUCW25rrZlU= github.com/buraksezer/consistent v0.10.0/go.mod h1:6BrVajWq7wbKZlTOUPs/XVfR8c0maujuPowduSpZqmw= -github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM= -github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s= -github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= +github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0= +github.com/bytedance/sonic v1.11.6/go.mod h1:LysEHSvpvDySVdC2f87zGWf6CIKJcAvqab1ZaiQtds4= +github.com/bytedance/sonic/loader v0.1.1 h1:c+e5Pt1k/cy5wMveRDyk2X4B9hF4g7an8N3zCYjJFNM= +github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -107,15 +108,16 @@ github.com/cert-manager/cert-manager v1.14.5/go.mod h1:fmr/cU5jiLxWj69CroDggSOa4 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY= -github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams= -github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/0Y= +github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w= +github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg= +github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa h1:jQCWAUqqlij9Pgj2i/PB79y4KOPYVyFYdROxgaCwdTQ= github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa/go.mod h1:x/1Gn8zydmfq8dk6e9PdstVsDgu9RuyIIJqAaF//0IM= @@ -169,14 +171,14 @@ github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2 github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU= -github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= +github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0= +github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= -github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg= -github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU= +github.com/gin-gonic/gin v1.10.0 h1:nTuyha1TYqgedzytsKYqna+DfLos46nTv2ygFy86HFU= +github.com/gin-gonic/gin v1.10.0/go.mod h1:4PMNQiOhvDRa013RKVbsiNwoyezlm2rm0uX/T7kzp5Y= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -225,10 +227,10 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= -github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js= -github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= -github.com/go-resty/resty/v2 v2.12.0 h1:rsVL8P90LFvkUYq/V5BTVe203WfRIU4gvcf+yfzJzGA= -github.com/go-resty/resty/v2 v2.12.0/go.mod h1:o0yGPrkS3lOe1+eFajk6kBW8ScXzwU3hD69/gt2yB/0= +github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8= +github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= +github.com/go-resty/resty/v2 v2.11.0 h1:i7jMfNOJYMp69lq7qozJP+bjgzfAzeOhuGlyDrqxT/8= +github.com/go-resty/resty/v2 v2.11.0/go.mod h1:iiP/OpA0CkcL3IGt1O0+/SIItFUbkkyw5BGXiVdTu+A= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= @@ -417,8 +419,9 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU= github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= -github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= -github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= +github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM= +github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= +github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M= github.com/knadh/koanf/maps v0.1.1 h1:G5TjmUh2D7G2YWf5SQQqSiHRJEjaicvU0KpypqB3NIs= github.com/knadh/koanf/maps v0.1.1/go.mod h1:npD/QZY3V6ghQDdcQzl1W4ICNVTkohC8E73eI2xW4yI= github.com/knadh/koanf/providers/confmap v0.1.0 h1:gOkxhHkemwG4LezxxN8DMOFopOPghxRVp7JbIvdvqzU= @@ -439,8 +442,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= -github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= +github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= +github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= github.com/linode/linodego v1.32.0 h1:OmZzB3iON6uu84VtLFf64uKmAQqJJarvmsVguroioPI= github.com/linode/linodego v1.32.0/go.mod h1:y8GDP9uLVH4jTB9qyrgw79qfKdYJmNCGUOJmfuiOcmI= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= @@ -458,8 +461,8 @@ github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOA github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= -github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/maxatome/go-testdeep v1.12.0 h1:Ql7Go8Tg0C1D/uMMX59LAoYK7LffeJQ6X2T04nTH68g= github.com/maxatome/go-testdeep v1.12.0/go.mod h1:lPZc/HAcJMP92l7yI6TRz1aZN5URwUBUAfUNvrclaNM= @@ -527,8 +530,8 @@ github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FI github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pborman/getopt v0.0.0-20170112200414-7148bc3a4c30/go.mod h1:85jBQOZwpVEaDAr341tbn15RS4fCAsIst0qp7i8ex1o= -github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ= -github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4= +github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM= +github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -621,8 +624,7 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/tklauser/go-sysconf v0.3.13 h1:GBUpcahXSpR2xN01jhkNAbTLRk2Yzgggk8IM08lq3r4= @@ -632,8 +634,8 @@ github.com/tklauser/numcpus v0.7.0/go.mod h1:bb6dMVcj8A42tSE7i32fsIUCbQNllK5iDgu github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI= github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08= -github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU= -github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= +github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE= +github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= github.com/vultr/govultr/v2 v2.17.2 h1:gej/rwr91Puc/tgh+j33p/BLR16UrIPnSr+AIwYWZQs= github.com/vultr/govultr/v2 v2.17.2/go.mod h1:ZFOKGWmgjytfyjeyAdhQlSWwTjh2ig+X49cAp50dzXI= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -713,8 +715,8 @@ go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN8 go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= -golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k= -golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= +golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc= +golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -724,8 +726,7 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -802,8 +803,7 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -886,16 +886,14 @@ golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -907,7 +905,7 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1051,6 +1049,7 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= @@ -1102,6 +1101,7 @@ k8s.io/kubectl v0.29.3 h1:RuwyyIU42MAISRIePaa8Q7A3U74Q9P4MoJbDFz9o3us= k8s.io/kubectl v0.29.3/go.mod h1:yCxfY1dbwgVdEt2zkJ6d5NNLOhhWgTyrqACIoFhpdd4= k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +nullprogram.com/x/optparse v1.0.0/go.mod h1:KdyPE+Igbe0jQUrVfMqDMeJQIJZEuyV7pjYmp6pbG50= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= From f67c7d18b32d92649c109bd0d4a1e73d3a3affe0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 May 2024 11:54:36 +0200 Subject: [PATCH 05/88] Bump github.com/prometheus/prometheus in the prometheus group (#2951) Bumps the prometheus group with 1 update: [github.com/prometheus/prometheus](https://github.com/prometheus/prometheus). Updates `github.com/prometheus/prometheus` from 0.51.2 to 0.52.0 - [Release notes](https://github.com/prometheus/prometheus/releases) - [Changelog](https://github.com/prometheus/prometheus/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/prometheus/compare/v0.51.2...v0.52.0) --- updated-dependencies: - dependency-name: github.com/prometheus/prometheus dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prometheus ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 14 ++++------- go.sum | 76 ++++++++++++++++++++++------------------------------------ 2 files changed, 32 insertions(+), 58 deletions(-) diff --git a/go.mod b/go.mod index ad6af1f380..e036a932ba 100644 --- a/go.mod +++ b/go.mod @@ -176,6 +176,7 @@ require ( github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/jpillora/backoff v1.0.0 // indirect + github.com/klauspost/compress v1.17.8 // indirect github.com/klauspost/cpuid/v2 v2.2.7 // indirect github.com/klauspost/compress v1.17.8 // indirect github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b // indirect @@ -189,6 +190,7 @@ require ( github.com/miekg/dns v1.1.59 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/moby/docker-image-spec v1.3.1 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect @@ -208,7 +210,7 @@ require ( github.com/prometheus/common/sigv4 v0.1.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26 // indirect - github.com/spf13/cobra v1.8.0 // indirect + github.com/spf13/cobra v1.7.0 // indirect github.com/tklauser/go-sysconf v0.3.13 // indirect github.com/tklauser/numcpus v0.7.0 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect @@ -217,8 +219,7 @@ require ( github.com/yusufpapurcu/wmi v1.2.4 // indirect go.mongodb.org/mongo-driver v1.14.0 // indirect go.opencensus.io v0.24.0 // indirect - go.opentelemetry.io/collector/config/confighttp v0.101.0 - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 // indirect go.opentelemetry.io/otel/trace v1.26.0 // indirect go.opentelemetry.io/proto/otlp v1.2.0 // indirect go.uber.org/atomic v1.11.0 // indirect @@ -230,13 +231,6 @@ require ( golang.org/x/arch v0.3.0 // indirect golang.org/x/crypto v0.23.0 // indirect golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect - golang.org/x/mod v0.16.0 // indirect - golang.org/x/net v0.25.0 // indirect - golang.org/x/oauth2 v0.18.0 // indirect - golang.org/x/sync v0.6.0 // indirect - golang.org/x/sys v0.20.0 // indirect - golang.org/x/term v0.20.0 // indirect - golang.org/x/text v0.15.0 // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.25.0 // indirect golang.org/x/oauth2 v0.19.0 // indirect diff --git a/go.sum b/go.sum index 22cb3f5a06..a5af5cbd98 100644 --- a/go.sum +++ b/go.sum @@ -17,6 +17,10 @@ cloud.google.com/go/auth v0.2.0 h1:y6oTcpMSbOcXbwYgUUrvI+mrQ2xbrcdpPgtVbCGTLTk= cloud.google.com/go/auth v0.2.0/go.mod h1:+yb+oy3/P0geX6DLKlqiGHARGR6EX2GRtYCzWOCQSbU= cloud.google.com/go/auth/oauth2adapt v0.2.0 h1:FR8zevgQwu+8CqiOT5r6xCmJa3pJC/wdXEEPF1OkNhA= cloud.google.com/go/auth/oauth2adapt v0.2.0/go.mod h1:AfqujpDAlTfLfeCIl/HJZZlIxD8+nJoZ5e0x1IxGq5k= +cloud.google.com/go/auth v0.2.0 h1:y6oTcpMSbOcXbwYgUUrvI+mrQ2xbrcdpPgtVbCGTLTk= +cloud.google.com/go/auth v0.2.0/go.mod h1:+yb+oy3/P0geX6DLKlqiGHARGR6EX2GRtYCzWOCQSbU= +cloud.google.com/go/auth/oauth2adapt v0.2.0 h1:FR8zevgQwu+8CqiOT5r6xCmJa3pJC/wdXEEPF1OkNhA= +cloud.google.com/go/auth/oauth2adapt v0.2.0/go.mod h1:AfqujpDAlTfLfeCIl/HJZZlIxD8+nJoZ5e0x1IxGq5k= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -229,8 +233,8 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8= github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= -github.com/go-resty/resty/v2 v2.11.0 h1:i7jMfNOJYMp69lq7qozJP+bjgzfAzeOhuGlyDrqxT/8= -github.com/go-resty/resty/v2 v2.11.0/go.mod h1:iiP/OpA0CkcL3IGt1O0+/SIItFUbkkyw5BGXiVdTu+A= +github.com/go-resty/resty/v2 v2.12.0 h1:rsVL8P90LFvkUYq/V5BTVe203WfRIU4gvcf+yfzJzGA= +github.com/go-resty/resty/v2 v2.12.0/go.mod h1:o0yGPrkS3lOe1+eFajk6kBW8ScXzwU3hD69/gt2yB/0= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= @@ -395,6 +399,7 @@ github.com/ionos-cloud/sdk-go/v6 v6.1.11 h1:J/uRN4UWO3wCyGOeDdMKv8LWRzKu6UIkLEae github.com/ionos-cloud/sdk-go/v6 v6.1.11/go.mod h1:EzEgRIDxBELvfoa/uBN0kOQaqovLjUWEB7iW4/Q+t4k= github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww= github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= +github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 h1:liMMTbpW34dhU4az1GN0pTPADwNmvoRSeoZ6PItiqnY= github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= @@ -482,6 +487,8 @@ github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= +github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= @@ -583,8 +590,8 @@ github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/prometheus/prometheus v0.52.1 h1:BrQ29YG+mzdGh8DgHPirHbeMGNqtL+INe0rqg7ttBJ4= -github.com/prometheus/prometheus v0.52.1/go.mod h1:3z74cVsmVH0iXOR5QBjB7Pa6A0KJeEAK5A6UsmAFb1g= +github.com/prometheus/prometheus v0.52.0 h1:f7kHJgr7+zShpWdTCeKqbCWR7nKTScgLYQwRux9h1V0= +github.com/prometheus/prometheus v0.52.0/go.mod h1:3z74cVsmVH0iXOR5QBjB7Pa6A0KJeEAK5A6UsmAFb1g= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= @@ -654,48 +661,18 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/collector v0.101.0 h1:jnCI/JZgpEYONWy4LCvif4CjMM7cPS4XvGHp3OrZpYo= -go.opentelemetry.io/collector v0.101.0/go.mod h1:N0xja/N3NUDIC55SjjNzyyIoxE6YoCEZC3aXQ39yIVs= -go.opentelemetry.io/collector/component v0.101.0 h1:2sILYgE8cZJj0Vseh6LUjS9iXPyqDPTx/R8yf8IPu+4= -go.opentelemetry.io/collector/component v0.101.0/go.mod h1:OB1uBpQZ2Ba6wVui/sthh6j+CPxVQIy2ou5rzZPINQQ= -go.opentelemetry.io/collector/config/configauth v0.101.0 h1:rUH9aHETDmqaQFq53zaRIEy4N0jllzK6Bl1OoBlUA4s= -go.opentelemetry.io/collector/config/configauth v0.101.0/go.mod h1:wF/luWiQ7rpIWjFs0ds3PVrZ2bKhhVAmANKp3Fv5fjU= -go.opentelemetry.io/collector/config/configcompression v1.8.0 h1:qcgde9yOFkdRYSjHujxxVnciAPYBSI5hv1EZ/+7GQuA= -go.opentelemetry.io/collector/config/configcompression v1.8.0/go.mod h1:O0fOPCADyGwGLLIf5lf7N3960NsnIfxsm6dr/mIpL+M= -go.opentelemetry.io/collector/config/confighttp v0.101.0 h1:/LIrKzD+rzE+uLXECIXHhlO6pu9CnRmdrKV/VKbYT9A= -go.opentelemetry.io/collector/config/confighttp v0.101.0/go.mod h1:KspNrdrtpaPg27qtxZ+e3jmJoOHLyj0oNmMpJd0b3wg= -go.opentelemetry.io/collector/config/configopaque v1.8.0 h1:MXNJDG/yNmEX/tkf4EJ+aSucM92l4KfqtCAhBjMVMg8= -go.opentelemetry.io/collector/config/configopaque v1.8.0/go.mod h1:VUBsRa6pi8z1GaR9CCELMOnIZQRdZQ1GGi0W3UTk7x0= -go.opentelemetry.io/collector/config/configtelemetry v0.101.0 h1:G9RerNdBUm6rYW6wrJoKzleBiDsCGaCjtQx5UYr0hzw= -go.opentelemetry.io/collector/config/configtelemetry v0.101.0/go.mod h1:YV5PaOdtnU1xRomPcYqoHmyCr48tnaAREeGO96EZw8o= -go.opentelemetry.io/collector/config/configtls v0.101.0 h1:kUBqqEPuO7Awsqq8dOlP+NRQ/wSxyosM24m1lF6JIdA= -go.opentelemetry.io/collector/config/configtls v0.101.0/go.mod h1:cyNmN5a/SaXKeup3vbISmjwbXTt9Z0fl1wt7k30Ta3Q= -go.opentelemetry.io/collector/config/internal v0.101.0 h1:GnnVmX/v/MVf4oK4TOcG0+AnCsTDC02CsmTvcSq+08g= -go.opentelemetry.io/collector/config/internal v0.101.0/go.mod h1:GYu44KDiZy9Rs4wIq5kfWDihqfpbktgupUGjW4BBNpY= -go.opentelemetry.io/collector/confmap v0.101.0 h1:pGXZRBKnZqys1HgNECGSi8Pec5RBGa9vVCfrpcvW+kA= -go.opentelemetry.io/collector/confmap v0.101.0/go.mod h1:BWKPIpYeUzSG6ZgCJMjF7xsLvyrvJCfYURl57E5vhiQ= -go.opentelemetry.io/collector/consumer v0.101.0 h1:9tDxaeHe1+Uovf3fhdx7T4pV5mo/Dc0hniH7O5H3RBA= -go.opentelemetry.io/collector/consumer v0.101.0/go.mod h1:ud5k64on9m7hHTrhjEeLhWbLkd8+Gp06rDt3p86TKNs= -go.opentelemetry.io/collector/extension v0.101.0 h1:A4hq/aci9+/Pxi8sJfyYgbeHjSIL7JFZR81IlSOTla4= -go.opentelemetry.io/collector/extension v0.101.0/go.mod h1:14gQMuybTcppfTTM9AwqeoFrNCLv/ds/c0A4Z0hWuLI= -go.opentelemetry.io/collector/extension/auth v0.101.0 h1:Y3sO0qQb2tkm1LBdrH8UIUNpDcorWxwq/9nhcQqlxqU= -go.opentelemetry.io/collector/extension/auth v0.101.0/go.mod h1:5PEBkpr5fF/47BAZ2dvc9M3+QfkabxIOB4YCjjW5DNc= -go.opentelemetry.io/collector/featuregate v1.8.0 h1:p/bAuk5LiSfdYS88yFl/Jzao9bHEYqCh7YvZJ+L+IZg= -go.opentelemetry.io/collector/featuregate v1.8.0/go.mod h1:w7nUODKxEi3FLf1HslCiE6YWtMtOOrMnSwsDam8Mg9w= -go.opentelemetry.io/collector/pdata v1.8.0 h1:d/QQgZxB4Y+d3mqLVh2ozvzujUhloD3P/fk7X+In764= -go.opentelemetry.io/collector/pdata v1.8.0/go.mod h1:/W7clu0wFC4WSRp94Ucn6Vm36Wkrt+tmtlDb1aiNZCY= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 h1:Xs2Ncz0gNihqu9iosIZ5SkBbWo5T8JhhLJFMQL1qmLI= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0/go.mod h1:vy+2G/6NvVMpwGX/NyLqcC41fxepnuKHk16E6IZUcJc= +go.opentelemetry.io/collector/featuregate v1.5.0 h1:uK8qnYQKz1TMkK+FDTFsywg/EybW/gbnOUaPNUkRznM= +go.opentelemetry.io/collector/featuregate v1.5.0/go.mod h1:w7nUODKxEi3FLf1HslCiE6YWtMtOOrMnSwsDam8Mg9w= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 h1:cEPbyTSEHlQR89XVlyo78gqluF8Y3oMeBkXGWzQsfXY= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0/go.mod h1:DKdbWcT4GH1D0Y3Sqt/PFXt2naRKDWtU+eE6oLdFNA8= go.opentelemetry.io/otel v1.26.0 h1:LQwgL5s/1W7YiiRwxf03QGnWLb2HW4pLiAhaA5cZXBs= go.opentelemetry.io/otel v1.26.0/go.mod h1:UmLkJHUAidDval2EICqBMbnAd0/m2vmpf/dAM+fvFs4= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.26.0 h1:HGZWGmCVRCVyAs2GQaiHQPbDHo+ObFWeUEOd+zDnp64= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.26.0/go.mod h1:SaH+v38LSCHddyk7RGlU9uZyQoRrKao6IBnJw6Kbn+c= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0 h1:1u/AyyOqAWzy+SkPxDpahCNZParHV8Vid1RnI2clyDE= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0/go.mod h1:z46paqbJ9l7c9fIPCXTqTGwhQZ5XoTIsfeFYWboizjs= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0 h1:1wp/gyxsuYtuE/JFxsQRtcCDtMrO2qMvlfXALU5wkzI= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0/go.mod h1:gbTHmghkGgqxMomVQQMur1Nba4M0MQ8AYThXDUjsJ38= -go.opentelemetry.io/otel/exporters/prometheus v0.48.0 h1:sBQe3VNGUjY9IKWQC6z2lNqa5iGbDSxhs60ABwK4y0s= -go.opentelemetry.io/otel/exporters/prometheus v0.48.0/go.mod h1:DtrbMzoZWwQHyrQmCfLam5DZbnmorsGbOtTbYHycU5o= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 h1:t6wl9SPayj+c7lEIFgm4ooDBZVb01IhLB4InpomhRw8= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0/go.mod h1:iSDOcsnSA5INXzZtwaBPrKp/lWu/V14Dd+llD0oI2EA= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 h1:Xw8U6u2f8DK2XAkGRFV7BBLENgnTGX9i4rQRxJf+/vs= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0/go.mod h1:6KW1Fm6R/s6Z3PGXwSJN2K4eT6wQB3vXX6CVnYX9NmM= go.opentelemetry.io/otel/metric v1.26.0 h1:7S39CLuY5Jgg9CrnA9HHiEjGMF/X2VHvoXGgSllRz30= go.opentelemetry.io/otel/metric v1.26.0/go.mod h1:SY+rHOI4cEawI9a7N1A4nIg/nTQXe1ccCNWYOJUrpX4= go.opentelemetry.io/otel/sdk v1.26.0 h1:Y7bumHf5tAiDlRYFmGqetNcLaVUZmh4iYfmGxtmz7F8= @@ -726,7 +703,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= +golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -803,7 +781,8 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -886,14 +865,16 @@ golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -905,7 +886,7 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1049,7 +1030,6 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= From ef3e6a4a128c621d99ad25eec5e5a3886421d2bc Mon Sep 17 00:00:00 2001 From: Janario Oliveira Date: Mon, 13 May 2024 15:03:12 +0200 Subject: [PATCH 06/88] Support for collector readinessProbe (#2944) * enable readiness Probe for otel operator Signed-off-by: Janario Oliveira * generate CRD and controller changes Signed-off-by: Janario Oliveira * Adjusted code to be similar to Liveness logic Signed-off-by: Janario Oliveira * Generated manifests Signed-off-by: Janario Oliveira * Add changelog Signed-off-by: Janario Oliveira * Fix lint Signed-off-by: Janario Oliveira * Removed readinessProbe from alpha CRD Signed-off-by: Janario Oliveira * Generated manifests Signed-off-by: Janario Oliveira * Fix lint Signed-off-by: Janario Oliveira * Centralized probe validation Signed-off-by: Janario Oliveira --------- Signed-off-by: Janario Oliveira Co-authored-by: hesam.hamdarsi --- .chloggen/collector-readiness-support.yaml | 17 ++++ apis/v1beta1/collector_webhook.go | 51 ++++++---- apis/v1beta1/collector_webhook_test.go | 66 +++++++++++++ apis/v1beta1/opentelemetrycollector_types.go | 6 +- apis/v1beta1/zz_generated.deepcopy.go | 5 + ...ntelemetry.io_opentelemetrycollectors.yaml | 21 ++++ ...ntelemetry.io_opentelemetrycollectors.yaml | 21 ++++ docs/api.md | 99 +++++++++++++++++++ internal/manifests/collector/container.go | 16 ++- .../manifests/collector/container_test.go | 29 +++++- 10 files changed, 308 insertions(+), 23 deletions(-) create mode 100644 .chloggen/collector-readiness-support.yaml diff --git a/.chloggen/collector-readiness-support.yaml b/.chloggen/collector-readiness-support.yaml new file mode 100644 index 0000000000..e27a8d00d6 --- /dev/null +++ b/.chloggen/collector-readiness-support.yaml @@ -0,0 +1,17 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Add support for readinessProbe on OpenTelemetryCollector CRD. + +# One or more tracking issues related to the change +issues: [2943] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: | + Add support for readinessProbe on `OpenTelemetryCollector` and its default similar to the already supported livenessProbe. diff --git a/apis/v1beta1/collector_webhook.go b/apis/v1beta1/collector_webhook.go index 8780ffa7e3..41951f18b8 100644 --- a/apis/v1beta1/collector_webhook.go +++ b/apis/v1beta1/collector_webhook.go @@ -289,25 +289,14 @@ func (c CollectorWebhook) validate(ctx context.Context, r *OpenTelemetryCollecto return warnings, fmt.Errorf("a valid Ingress hostname has to be defined for subdomain ruleType") } - if r.Spec.LivenessProbe != nil { - if r.Spec.LivenessProbe.InitialDelaySeconds != nil && *r.Spec.LivenessProbe.InitialDelaySeconds < 0 { - return warnings, fmt.Errorf("the OpenTelemetry Spec LivenessProbe InitialDelaySeconds configuration is incorrect. InitialDelaySeconds should be greater than or equal to 0") - } - if r.Spec.LivenessProbe.PeriodSeconds != nil && *r.Spec.LivenessProbe.PeriodSeconds < 1 { - return warnings, fmt.Errorf("the OpenTelemetry Spec LivenessProbe PeriodSeconds configuration is incorrect. PeriodSeconds should be greater than or equal to 1") - } - if r.Spec.LivenessProbe.TimeoutSeconds != nil && *r.Spec.LivenessProbe.TimeoutSeconds < 1 { - return warnings, fmt.Errorf("the OpenTelemetry Spec LivenessProbe TimeoutSeconds configuration is incorrect. TimeoutSeconds should be greater than or equal to 1") - } - if r.Spec.LivenessProbe.SuccessThreshold != nil && *r.Spec.LivenessProbe.SuccessThreshold < 1 { - return warnings, fmt.Errorf("the OpenTelemetry Spec LivenessProbe SuccessThreshold configuration is incorrect. SuccessThreshold should be greater than or equal to 1") - } - if r.Spec.LivenessProbe.FailureThreshold != nil && *r.Spec.LivenessProbe.FailureThreshold < 1 { - return warnings, fmt.Errorf("the OpenTelemetry Spec LivenessProbe FailureThreshold configuration is incorrect. FailureThreshold should be greater than or equal to 1") - } - if r.Spec.LivenessProbe.TerminationGracePeriodSeconds != nil && *r.Spec.LivenessProbe.TerminationGracePeriodSeconds < 1 { - return warnings, fmt.Errorf("the OpenTelemetry Spec LivenessProbe TerminationGracePeriodSeconds configuration is incorrect. TerminationGracePeriodSeconds should be greater than or equal to 1") - } + // validate probes Liveness/Readiness + err := validateProbe("LivenessProbe", r.Spec.LivenessProbe) + if err != nil { + return warnings, err + } + err = validateProbe("ReadinessProbe", r.Spec.ReadinessProbe) + if err != nil { + return warnings, err } // validate updateStrategy for DaemonSet @@ -365,6 +354,30 @@ func (c CollectorWebhook) validateTargetAllocatorConfig(ctx context.Context, r * return nil, nil } +func validateProbe(probeName string, probe *Probe) error { + if probe != nil { + if probe.InitialDelaySeconds != nil && *probe.InitialDelaySeconds < 0 { + return fmt.Errorf("the OpenTelemetry Spec %s InitialDelaySeconds configuration is incorrect. InitialDelaySeconds should be greater than or equal to 0", probeName) + } + if probe.PeriodSeconds != nil && *probe.PeriodSeconds < 1 { + return fmt.Errorf("the OpenTelemetry Spec %s PeriodSeconds configuration is incorrect. PeriodSeconds should be greater than or equal to 1", probeName) + } + if probe.TimeoutSeconds != nil && *probe.TimeoutSeconds < 1 { + return fmt.Errorf("the OpenTelemetry Spec %s TimeoutSeconds configuration is incorrect. TimeoutSeconds should be greater than or equal to 1", probeName) + } + if probe.SuccessThreshold != nil && *probe.SuccessThreshold < 1 { + return fmt.Errorf("the OpenTelemetry Spec %s SuccessThreshold configuration is incorrect. SuccessThreshold should be greater than or equal to 1", probeName) + } + if probe.FailureThreshold != nil && *probe.FailureThreshold < 1 { + return fmt.Errorf("the OpenTelemetry Spec %s FailureThreshold configuration is incorrect. FailureThreshold should be greater than or equal to 1", probeName) + } + if probe.TerminationGracePeriodSeconds != nil && *probe.TerminationGracePeriodSeconds < 1 { + return fmt.Errorf("the OpenTelemetry Spec %s TerminationGracePeriodSeconds configuration is incorrect. TerminationGracePeriodSeconds should be greater than or equal to 1", probeName) + } + } + return nil +} + func checkAutoscalerSpec(autoscaler *AutoscalerSpec) error { if autoscaler.Behavior != nil { if autoscaler.Behavior.ScaleDown != nil && autoscaler.Behavior.ScaleDown.StabilizationWindowSeconds != nil && diff --git a/apis/v1beta1/collector_webhook_test.go b/apis/v1beta1/collector_webhook_test.go index 99d127b3ef..b3b8ade472 100644 --- a/apis/v1beta1/collector_webhook_test.go +++ b/apis/v1beta1/collector_webhook_test.go @@ -1026,6 +1026,17 @@ func TestOTELColValidatingWebhook(t *testing.T) { }, expectedErr: "the OpenTelemetry Spec LivenessProbe InitialDelaySeconds configuration is incorrect", }, + { + name: "invalid InitialDelaySeconds readiness", + otelcol: OpenTelemetryCollector{ + Spec: OpenTelemetryCollectorSpec{ + ReadinessProbe: &Probe{ + InitialDelaySeconds: &minusOne, + }, + }, + }, + expectedErr: "the OpenTelemetry Spec ReadinessProbe InitialDelaySeconds configuration is incorrect", + }, { name: "invalid PeriodSeconds", otelcol: OpenTelemetryCollector{ @@ -1037,6 +1048,17 @@ func TestOTELColValidatingWebhook(t *testing.T) { }, expectedErr: "the OpenTelemetry Spec LivenessProbe PeriodSeconds configuration is incorrect", }, + { + name: "invalid PeriodSeconds readiness", + otelcol: OpenTelemetryCollector{ + Spec: OpenTelemetryCollectorSpec{ + ReadinessProbe: &Probe{ + PeriodSeconds: &zero, + }, + }, + }, + expectedErr: "the OpenTelemetry Spec ReadinessProbe PeriodSeconds configuration is incorrect", + }, { name: "invalid TimeoutSeconds", otelcol: OpenTelemetryCollector{ @@ -1048,6 +1070,17 @@ func TestOTELColValidatingWebhook(t *testing.T) { }, expectedErr: "the OpenTelemetry Spec LivenessProbe TimeoutSeconds configuration is incorrect", }, + { + name: "invalid TimeoutSeconds readiness", + otelcol: OpenTelemetryCollector{ + Spec: OpenTelemetryCollectorSpec{ + ReadinessProbe: &Probe{ + TimeoutSeconds: &zero, + }, + }, + }, + expectedErr: "the OpenTelemetry Spec ReadinessProbe TimeoutSeconds configuration is incorrect", + }, { name: "invalid SuccessThreshold", otelcol: OpenTelemetryCollector{ @@ -1059,6 +1092,17 @@ func TestOTELColValidatingWebhook(t *testing.T) { }, expectedErr: "the OpenTelemetry Spec LivenessProbe SuccessThreshold configuration is incorrect", }, + { + name: "invalid SuccessThreshold readiness", + otelcol: OpenTelemetryCollector{ + Spec: OpenTelemetryCollectorSpec{ + ReadinessProbe: &Probe{ + SuccessThreshold: &zero, + }, + }, + }, + expectedErr: "the OpenTelemetry Spec ReadinessProbe SuccessThreshold configuration is incorrect", + }, { name: "invalid FailureThreshold", otelcol: OpenTelemetryCollector{ @@ -1070,6 +1114,17 @@ func TestOTELColValidatingWebhook(t *testing.T) { }, expectedErr: "the OpenTelemetry Spec LivenessProbe FailureThreshold configuration is incorrect", }, + { + name: "invalid FailureThreshold readiness", + otelcol: OpenTelemetryCollector{ + Spec: OpenTelemetryCollectorSpec{ + ReadinessProbe: &Probe{ + FailureThreshold: &zero, + }, + }, + }, + expectedErr: "the OpenTelemetry Spec ReadinessProbe FailureThreshold configuration is incorrect", + }, { name: "invalid TerminationGracePeriodSeconds", otelcol: OpenTelemetryCollector{ @@ -1081,6 +1136,17 @@ func TestOTELColValidatingWebhook(t *testing.T) { }, expectedErr: "the OpenTelemetry Spec LivenessProbe TerminationGracePeriodSeconds configuration is incorrect", }, + { + name: "invalid TerminationGracePeriodSeconds readiness", + otelcol: OpenTelemetryCollector{ + Spec: OpenTelemetryCollectorSpec{ + ReadinessProbe: &Probe{ + TerminationGracePeriodSeconds: &zero64, + }, + }, + }, + expectedErr: "the OpenTelemetry Spec ReadinessProbe TerminationGracePeriodSeconds configuration is incorrect", + }, { name: "invalid AdditionalContainers", otelcol: OpenTelemetryCollector{ diff --git a/apis/v1beta1/opentelemetrycollector_types.go b/apis/v1beta1/opentelemetrycollector_types.go index 4421165944..141178895f 100644 --- a/apis/v1beta1/opentelemetrycollector_types.go +++ b/apis/v1beta1/opentelemetrycollector_types.go @@ -103,6 +103,10 @@ type OpenTelemetryCollectorSpec struct { // It is only effective when healthcheckextension is configured in the OpenTelemetry Collector pipeline. // +optional LivenessProbe *Probe `json:"livenessProbe,omitempty"` + // Readiness config for the OpenTelemetry Collector except the probe handler which is auto generated from the health extension of the collector. + // It is only effective when healthcheckextension is configured in the OpenTelemetry Collector pipeline. + // +optional + ReadinessProbe *Probe `json:"readinessProbe,omitempty"` // ObservabilitySpec defines how telemetry data gets handled. // @@ -206,7 +210,7 @@ type TargetAllocatorEmbedded struct { PodDisruptionBudget *PodDisruptionBudgetSpec `json:"podDisruptionBudget,omitempty"` } -// Probe defines the OpenTelemetry's pod probe config. Only Liveness probe is supported currently. +// Probe defines the OpenTelemetry's pod probe config. type Probe struct { // Number of seconds after the container has started before liveness probes are initiated. // Defaults to 0 seconds. Minimum value is 0. diff --git a/apis/v1beta1/zz_generated.deepcopy.go b/apis/v1beta1/zz_generated.deepcopy.go index c5e574127c..9690ef897d 100644 --- a/apis/v1beta1/zz_generated.deepcopy.go +++ b/apis/v1beta1/zz_generated.deepcopy.go @@ -306,6 +306,11 @@ func (in *OpenTelemetryCollectorSpec) DeepCopyInto(out *OpenTelemetryCollectorSp *out = new(Probe) (*in).DeepCopyInto(*out) } + if in.ReadinessProbe != nil { + in, out := &in.ReadinessProbe, &out.ReadinessProbe + *out = new(Probe) + (*in).DeepCopyInto(*out) + } out.Observability = in.Observability if in.ConfigMaps != nil { in, out := &in.ConfigMaps, &out.ConfigMaps diff --git a/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml b/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml index 5688544892..092ca2428e 100644 --- a/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml +++ b/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml @@ -6654,6 +6654,27 @@ spec: x-kubernetes-list-type: atomic priorityClassName: type: string + readinessProbe: + properties: + failureThreshold: + format: int32 + type: integer + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object replicas: format: int32 type: integer diff --git a/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml b/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml index 03a1360bfa..ad8c35a81b 100644 --- a/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml +++ b/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml @@ -6640,6 +6640,27 @@ spec: x-kubernetes-list-type: atomic priorityClassName: type: string + readinessProbe: + properties: + failureThreshold: + format: int32 + type: integer + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object replicas: format: int32 type: integer diff --git a/docs/api.md b/docs/api.md index ab95401ad4..c374b1d622 100644 --- a/docs/api.md +++ b/docs/api.md @@ -30050,6 +30050,14 @@ If not specified, the pod priority will be default or zero if there is no default.
false + + readinessProbe + object + + Readiness config for the OpenTelemetry Collector except the probe handler which is auto generated from the health extension of the collector. +It is only effective when healthcheckextension is configured in the OpenTelemetry Collector pipeline.
+ + false replicas integer @@ -40043,6 +40051,97 @@ More info: https://kubernetes.io/docs/concepts/services-networking/service/#defi +### OpenTelemetryCollector.spec.readinessProbe +[↩ Parent](#opentelemetrycollectorspec-1) + + + +Readiness config for the OpenTelemetry Collector except the probe handler which is auto generated from the health extension of the collector. +It is only effective when healthcheckextension is configured in the OpenTelemetry Collector pipeline. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameTypeDescriptionRequired
failureThresholdinteger + Minimum consecutive failures for the probe to be considered failed after having succeeded. +Defaults to 3. Minimum value is 1.
+
+ Format: int32
+ 		false
initialDelaySecondsinteger + Number of seconds after the container has started before liveness probes are initiated. +Defaults to 0 seconds. Minimum value is 0. +More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+
+ Format: int32
+ 		false
periodSecondsinteger + How often (in seconds) to perform the probe. +Default to 10 seconds. Minimum value is 1.
+
+ Format: int32
+ 		false
successThresholdinteger + Minimum consecutive successes for the probe to be considered successful after having failed. +Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
+
+ Format: int32
+ 		false
terminationGracePeriodSecondsinteger + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. +The grace period is the duration in seconds after the processes running in the pod are sent +a termination signal and the time when the processes are forcibly halted with a kill signal. +Set this value longer than the expected cleanup time for your process. +If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this +value overrides the value provided by the pod spec. +Value must be non-negative integer. The value zero indicates stop immediately via +the kill signal (no opportunity to shut down). +This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. +Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
+
+ Format: int64
+ 		false
timeoutSecondsinteger + Number of seconds after which the probe times out. +Defaults to 1 second. Minimum value is 1. +More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+
+ Format: int32
+ 		false
+ + ### OpenTelemetryCollector.spec.resources [↩ Parent](#opentelemetrycollectorspec-1) diff --git a/internal/manifests/collector/container.go b/internal/manifests/collector/container.go index 63726fe2ac..5f95ff12d9 100644 --- a/internal/manifests/collector/container.go +++ b/internal/manifests/collector/container.go @@ -153,8 +153,9 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme } var livenessProbe *corev1.Probe + var readinessProbe *corev1.Probe if configFromString, err := adapters.ConfigFromString(configYaml); err == nil { - if probe, err := getLivenessProbe(configFromString, otelcol.Spec.LivenessProbe); err == nil { + if probe, err := getProbe(configFromString, otelcol.Spec.LivenessProbe); err == nil { livenessProbe = probe } else if errors.Is(err, adapters.ErrNoServiceExtensions) { logger.V(4).Info("extensions not configured, skipping liveness probe creation") @@ -163,6 +164,16 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme } else { logger.Error(err, "cannot create liveness probe.") } + + if probe, err := getProbe(configFromString, otelcol.Spec.ReadinessProbe); err == nil { + readinessProbe = probe + } else if errors.Is(err, adapters.ErrNoServiceExtensions) { + logger.V(4).Info("extensions not configured, skipping readiness probe creation") + } else if errors.Is(err, adapters.ErrNoServiceExtensionHealthCheck) { + logger.V(4).Info("healthcheck extension not configured, skipping readiness probe creation") + } else { + logger.Error(err, "cannot create readiness probe.") + } } envVars = append(envVars, proxy.ReadProxyVarsFromEnv()...) @@ -178,6 +189,7 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme Resources: otelcol.Spec.Resources, SecurityContext: otelcol.Spec.SecurityContext, LivenessProbe: livenessProbe, + ReadinessProbe: readinessProbe, Lifecycle: otelcol.Spec.Lifecycle, } } @@ -240,7 +252,7 @@ func portMapToList(portMap map[string]corev1.ContainerPort) []corev1.ContainerPo return ports } -func getLivenessProbe(config map[interface{}]interface{}, probeConfig *v1beta1.Probe) (*corev1.Probe, error) { +func getProbe(config map[interface{}]interface{}, probeConfig *v1beta1.Probe) (*corev1.Probe, error) { probe, err := adapters.ConfigToContainerProbe(config) if err != nil { return nil, err diff --git a/internal/manifests/collector/container_test.go b/internal/manifests/collector/container_test.go index e2cd24639d..597e98c1e7 100644 --- a/internal/manifests/collector/container_test.go +++ b/internal/manifests/collector/container_test.go @@ -728,6 +728,14 @@ service: FailureThreshold: &failureThreshold, TerminationGracePeriodSeconds: &terminationGracePeriodSeconds, }, + ReadinessProbe: &v1beta1.Probe{ + InitialDelaySeconds: &initialDelaySeconds, + TimeoutSeconds: &timeoutSeconds, + PeriodSeconds: &periodSeconds, + SuccessThreshold: &successThreshold, + FailureThreshold: &failureThreshold, + TerminationGracePeriodSeconds: &terminationGracePeriodSeconds, + }, }, } cfg := config.New() @@ -736,6 +744,7 @@ service: c := Container(cfg, logger, otelcol, true) // verify + // liveness assert.Equal(t, "/", c.LivenessProbe.HTTPGet.Path) assert.Equal(t, int32(13133), c.LivenessProbe.HTTPGet.Port.IntVal) assert.Equal(t, "", c.LivenessProbe.HTTPGet.Host) @@ -746,6 +755,18 @@ service: assert.Equal(t, successThreshold, c.LivenessProbe.SuccessThreshold) assert.Equal(t, failureThreshold, c.LivenessProbe.FailureThreshold) assert.Equal(t, terminationGracePeriodSeconds, *c.LivenessProbe.TerminationGracePeriodSeconds) + + // rediness + assert.Equal(t, "/", c.ReadinessProbe.HTTPGet.Path) + assert.Equal(t, int32(13133), c.ReadinessProbe.HTTPGet.Port.IntVal) + assert.Equal(t, "", c.ReadinessProbe.HTTPGet.Host) + + assert.Equal(t, initialDelaySeconds, c.ReadinessProbe.InitialDelaySeconds) + assert.Equal(t, timeoutSeconds, c.ReadinessProbe.TimeoutSeconds) + assert.Equal(t, periodSeconds, c.ReadinessProbe.PeriodSeconds) + assert.Equal(t, successThreshold, c.ReadinessProbe.SuccessThreshold) + assert.Equal(t, failureThreshold, c.ReadinessProbe.FailureThreshold) + assert.Equal(t, terminationGracePeriodSeconds, *c.ReadinessProbe.TerminationGracePeriodSeconds) } func TestContainerProbeEmptyConfig(t *testing.T) { @@ -757,7 +778,8 @@ func TestContainerProbeEmptyConfig(t *testing.T) { health_check: service: extensions: [health_check]`), - LivenessProbe: &v1beta1.Probe{}, + LivenessProbe: &v1beta1.Probe{}, + ReadinessProbe: &v1beta1.Probe{}, }, } cfg := config.New() @@ -766,9 +788,14 @@ service: c := Container(cfg, logger, otelcol, true) // verify + // liveness assert.Equal(t, "/", c.LivenessProbe.HTTPGet.Path) assert.Equal(t, int32(13133), c.LivenessProbe.HTTPGet.Port.IntVal) assert.Equal(t, "", c.LivenessProbe.HTTPGet.Host) + // readiness + assert.Equal(t, "/", c.ReadinessProbe.HTTPGet.Path) + assert.Equal(t, int32(13133), c.ReadinessProbe.HTTPGet.Port.IntVal) + assert.Equal(t, "", c.ReadinessProbe.HTTPGet.Host) } func TestContainerProbeNoConfig(t *testing.T) { From 62484ae16a8a1963aaa1eb725b1249a90a4930f4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 May 2024 15:08:56 +0200 Subject: [PATCH 07/88] Bump github.com/docker/docker (#2954) Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.0.1+incompatible to 26.0.2+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](https://github.com/docker/docker/compare/v26.0.1...v26.0.2) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index e036a932ba..82390aeda0 100644 --- a/go.mod +++ b/go.mod @@ -103,7 +103,7 @@ require ( github.com/dennwc/varint v1.0.0 // indirect github.com/digitalocean/godo v1.113.0 // indirect github.com/distribution/reference v0.5.0 // indirect - github.com/docker/docker v26.0.1+incompatible // indirect + github.com/docker/docker v26.0.2+incompatible // indirect github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/edsrzf/mmap-go v1.1.0 // indirect diff --git a/go.sum b/go.sum index a5af5cbd98..6e0fb287f2 100644 --- a/go.sum +++ b/go.sum @@ -140,8 +140,8 @@ github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= -github.com/docker/docker v26.0.1+incompatible h1:t39Hm6lpXuXtgkF0dm1t9a5HkbUfdGy6XbWexmGr+hA= -github.com/docker/docker v26.0.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v26.0.2+incompatible h1:yGVmKUFGgcxA6PXWAokO0sQL22BrQ67cgVjko8tGdXE= +github.com/docker/docker v26.0.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= From 801ca166929ae7aeb1a69bb0a447e87c21932d51 Mon Sep 17 00:00:00 2001 From: Yuri Sa <48062171+yuriolisa@users.noreply.github.com> Date: Mon, 13 May 2024 17:37:21 +0200 Subject: [PATCH 08/88] Added new Log Enconder Config (#2927) * Added new Log Enconder Config Signed-off-by: Yuri Sa * Added new Log Enconder Config Signed-off-by: Yuri Sa * Added new Log Enconder Config Signed-off-by: Yuri Sa * Added new Log Enconder Config Signed-off-by: Yuri Sa * Added new Log Enconder Config Signed-off-by: Yuri Sa * Added new Log Enconder Config Signed-off-by: Yuri Sa * Added new Debug doc Signed-off-by: Yuri Sa --------- Signed-off-by: Yuri Sa --- .chloggen/customized-log-encoder.yaml | 16 +++++++++++++ DEBUG.md | 34 +++++++++++++++++++++++++++ internal/config/options.go | 9 +++++++ main.go | 20 ++++++++++++++++ 4 files changed, 79 insertions(+) create mode 100755 .chloggen/customized-log-encoder.yaml create mode 100644 DEBUG.md diff --git a/.chloggen/customized-log-encoder.yaml b/.chloggen/customized-log-encoder.yaml new file mode 100755 index 0000000000..b51a8bc593 --- /dev/null +++ b/.chloggen/customized-log-encoder.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: 'enhancement' + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: operator + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Enabling new Logs Enconder Configuration parameters. + +# One or more tracking issues related to the change +issues: [268] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: diff --git a/DEBUG.md b/DEBUG.md new file mode 100644 index 0000000000..cba2dd3229 --- /dev/null +++ b/DEBUG.md @@ -0,0 +1,34 @@ +# Debug tips to the OpenTelemetry Operator + +A tip during a troubleshooting process is always welcome. Therefore, we prepared this documentation to help you identify possible issues and improve the application's reliability. + +## Customizing Logs Output +By the default the Operator's log format is console like you can see below: +```bash +2024-05-06T11:55:11+02:00 INFO setup Prometheus CRDs are installed, adding to scheme. +2024-05-06T11:55:11+02:00 INFO setup Openshift CRDs are not installed, skipping adding to scheme. +2024-05-06T11:55:11+02:00 INFO setup the env var WATCH_NAMESPACE isn't set, watching all namespaces +2024-05-06T11:55:11+02:00 INFO Webhooks are disabled, operator is running an unsupported mode {"ENABLE_WEBHOOKS": "false"} +2024-05-06T11:55:11+02:00 INFO setup starting manager +``` + +If it is necessary to customize the log format, so you can use one of the following parameters: +- `--zap-devel`: Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default false) +- `--zap-encoder`: Zap log encoding (one of 'json' or 'console') +- `--zap-log-level` Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity +- `--zap-stacktrace-level` Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic'). +- `--zap-time-encoding` Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'. +- The following parameters are effective only if the `--zap-encoder=json`: + - `zap-message-key`: The message key to be used in the customized Log Encoder + - `zap-level-key`: The level key to be used in the customized Log Encoder + - `zap-time-key`: The time key to be used in the customized Log Encoder + - `zap-level-format`: The level format to be used in the customized Log Encoder + +Running the Operator with the parameters `--zap-encoder=json`, `--zap-message-key="msg"`, `zap-level-key="severity"`,`zap-time-key="timestamp"`,`zap-level-format="uppercase"` you should see the following output: +```bash +{"severity":"INFO","timestamp":"2024-05-07T16:23:35+02:00","logger":"setup","msg":"Prometheus CRDs are installed, adding to scheme."} +{"severity":"INFO","timestamp":"2024-05-07T16:23:35+02:00","logger":"setup","msg":"Openshift CRDs are not installed, skipping adding to scheme."} +{"severity":"INFO","timestamp":"2024-05-07T16:23:35+02:00","logger":"setup","msg":"the env var WATCH_NAMESPACE isn't set, watching all namespaces"} +{"severity":"INFO","timestamp":"2024-05-07T16:23:35+02:00","msg":"Webhooks are disabled, operator is running an unsupported mode","ENABLE_WEBHOOKS":"false"} +{"severity":"INFO","timestamp":"2024-05-07T16:23:35+02:00","logger":"setup","msg":"starting manager"} +``` diff --git a/internal/config/options.go b/internal/config/options.go index 66e2eee708..fed234d6af 100644 --- a/internal/config/options.go +++ b/internal/config/options.go @@ -19,6 +19,7 @@ import ( "strings" "github.com/go-logr/logr" + "go.uber.org/zap/zapcore" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" @@ -263,3 +264,11 @@ func WithAnnotationFilters(annotationFilters []string) Option { o.annotationsFilter = filters } } + +func WithEncodeLevelFormat(s string) zapcore.LevelEncoder { + if s == "lowercase" { + return zapcore.LowercaseLevelEncoder + } else { + return zapcore.CapitalLevelEncoder + } +} diff --git a/main.go b/main.go index 2b12a9f50c..9175c9ff36 100644 --- a/main.go +++ b/main.go @@ -29,6 +29,7 @@ import ( monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" "github.com/spf13/pflag" colfeaturegate "go.opentelemetry.io/collector/featuregate" + "go.uber.org/zap/zapcore" networkingv1 "k8s.io/api/networking/v1" k8sruntime "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" @@ -134,6 +135,10 @@ func main() { annotationsFilter []string webhookPort int tlsOpt tlsConfig + encodeMessageKey string + encodeLevelKey string + encodeTimeKey string + encodeLevelFormat string ) pflag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.") @@ -165,8 +170,19 @@ func main() { pflag.StringArrayVar(&annotationsFilter, "annotations-filter", []string{}, "Annotations to filter away from propagating onto deploys. It should be a string array containing patterns, which are literal strings optionally containing a * wildcard character. Example: --annotations-filter=.*filter.out will filter out annotations that looks like: annotation.filter.out: true") pflag.StringVar(&tlsOpt.minVersion, "tls-min-version", "VersionTLS12", "Minimum TLS version supported. Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants.") pflag.StringSliceVar(&tlsOpt.cipherSuites, "tls-cipher-suites", nil, "Comma-separated list of cipher suites for the server. Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). If omitted, the default Go cipher suites will be used") + pflag.StringVar(&encodeMessageKey, "zap-message-key", "message", "The message key to be used in the customized Log Encoder") + pflag.StringVar(&encodeLevelKey, "zap-level-key", "level", "The level key to be used in the customized Log Encoder") + pflag.StringVar(&encodeTimeKey, "zap-time-key", "timestamp", "The time key to be used in the customized Log Encoder") + pflag.StringVar(&encodeLevelFormat, "zap-level-format", "uppercase", "The level format to be used in the customized Log Encoder") pflag.Parse() + opts.EncoderConfigOptions = append(opts.EncoderConfigOptions, func(ec *zapcore.EncoderConfig) { + ec.MessageKey = encodeMessageKey + ec.LevelKey = encodeLevelKey + ec.TimeKey = encodeTimeKey + ec.EncodeLevel = config.WithEncodeLevelFormat(encodeLevelFormat) + }) + logger := zap.New(zap.UseFlagOptions(&opts)) ctrl.SetLogger(logger) @@ -197,6 +213,10 @@ func main() { "enable-nginx-instrumentation", enableNginxInstrumentation, "enable-nodejs-instrumentation", enableNodeJSInstrumentation, "enable-java-instrumentation", enableJavaInstrumentation, + "zap-message-key", encodeMessageKey, + "zap-level-key", encodeLevelKey, + "zap-time-key", encodeTimeKey, + "zap-level-format", encodeLevelFormat, ) restConfig := ctrl.GetConfigOrDie() From dfc788249e6824e6fa331ff896ad16866a06c47f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juraci=20Paix=C3=A3o=20Kr=C3=B6hling?= Date: Wed, 15 May 2024 11:51:09 +0200 Subject: [PATCH 09/88] [chore] move VineethReddy02 to emeritus (#2957) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Juraci Paixão Kröhling --- README.md | 2 +- RELEASE.md | 13 ++++++------- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index d08b684c09..8b175b9c08 100644 --- a/README.md +++ b/README.md @@ -789,7 +789,6 @@ Maintainers ([@open-telemetry/operator-maintainers](https://github.com/orgs/open - [Jacob Aronoff](https://github.com/jaronoff97), Lightstep - [Mikołaj Świątek](https://github.com/swiatekm-sumo), Sumo Logic - [Pavol Loffay](https://github.com/pavolloffay), Red Hat -- [Vineeth Pothulapati](https://github.com/VineethReddy02), Timescale Emeritus Maintainers @@ -797,6 +796,7 @@ Emeritus Maintainers - [Bogdan Drutu](https://github.com/BogdanDrutu), Splunk - [Juraci Paixão Kröhling](https://github.com/jpkrohling), Grafana Labs - [Tigran Najaryan](https://github.com/tigrannajaryan), Splunk +- [Vineeth Pothulapati](https://github.com/VineethReddy02), Timescale Learn more about roles in the [community repository](https://github.com/open-telemetry/community/blob/main/community-membership.md). diff --git a/RELEASE.md b/RELEASE.md index 9a4ba1d87c..94cfcbd777 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -44,10 +44,9 @@ The operator should be released within a week after the [OpenTelemetry collector | Version | Release manager | |----------|-----------------| -| v0.100.0 | @VineethReddy02 | -| v0.101.0 | @TylerHelmuth | -| v0.102.0 | @swiatekm-sumo | -| v0.103.0 | @frzifus | -| v0.104.0 | @jaronoff97 | -| v0.105.0 | @pavolloffay | -| v0.106.0 | @yuriolisa | +| v0.100.0 | @TylerHelmuth | +| v0.101.0 | @swiatekm-sumo | +| v0.102.0 | @frzifus | +| v0.103.0 | @jaronoff97 | +| v0.104.0 | @pavolloffay | +| v0.105.0 | @yuriolisa | From c2f569d80904b67f3198719b1626564245fbb2ec Mon Sep 17 00:00:00 2001 From: Pavol Loffay Date: Thu, 16 May 2024 07:45:28 +0200 Subject: [PATCH 10/88] Cleanup cluster roles and bindings (#2938) * Fix Signed-off-by: Pavol Loffay * Fix Signed-off-by: Pavol Loffay * Fix Signed-off-by: Pavol Loffay * Fix Signed-off-by: Pavol Loffay * Add test Signed-off-by: Pavol Loffay --------- Signed-off-by: Pavol Loffay --- .chloggen/cleanup-roles.yaml | 16 +++ controllers/common.go | 16 ++- .../opentelemetrycollector_controller.go | 86 +++++++++++- controllers/reconcile_test.go | 132 +++++++++++++++--- controllers/suite_test.go | 16 +-- internal/config/main.go | 1 + 6 files changed, 229 insertions(+), 38 deletions(-) create mode 100755 .chloggen/cleanup-roles.yaml diff --git a/.chloggen/cleanup-roles.yaml b/.chloggen/cleanup-roles.yaml new file mode 100755 index 0000000000..51be6f2675 --- /dev/null +++ b/.chloggen/cleanup-roles.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: bug_fix + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Cleanup ClusterRoles and ClusterRoleBindings created by the operator + +# One or more tracking issues related to the change +issues: [2938] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: The operator uses finalizer on the collector to run the cleanup diff --git a/controllers/common.go b/controllers/common.go index 7885fa8a3a..7a2763002d 100644 --- a/controllers/common.go +++ b/controllers/common.go @@ -122,9 +122,18 @@ func reconcileDesiredObjects(ctx context.Context, kubeClient client.Client, logg if len(errs) > 0 { return fmt.Errorf("failed to create objects for %s: %w", owner.GetName(), errors.Join(errs...)) } + // Pruning owned objects in the cluster which are not should not be present after the reconciliation. + err := deleteObjects(ctx, kubeClient, logger, ownedObjects) + if err != nil { + return fmt.Errorf("failed to prune objects for %s: %w", owner.GetName(), err) + } + return nil +} + +func deleteObjects(ctx context.Context, kubeClient client.Client, logger logr.Logger, objects map[types.UID]client.Object) error { // Pruning owned objects in the cluster which are not should not be present after the reconciliation. pruneErrs := []error{} - for _, obj := range ownedObjects { + for _, obj := range objects { l := logger.WithValues( "object_name", obj.GetName(), "object_kind", obj.GetObjectKind().GroupVersionKind(), @@ -137,8 +146,5 @@ func reconcileDesiredObjects(ctx context.Context, kubeClient client.Client, logg pruneErrs = append(pruneErrs, err) } } - if len(pruneErrs) > 0 { - return fmt.Errorf("failed to prune objects for %s: %w", owner.GetName(), errors.Join(pruneErrs...)) - } - return nil + return errors.Join(pruneErrs...) } diff --git a/controllers/opentelemetrycollector_controller.go b/controllers/opentelemetrycollector_controller.go index a713e15dfd..56e229b50b 100644 --- a/controllers/opentelemetrycollector_controller.go +++ b/controllers/opentelemetrycollector_controller.go @@ -35,6 +35,7 @@ import ( "k8s.io/client-go/tools/record" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" @@ -127,7 +128,42 @@ func (r *OpenTelemetryCollectorReconciler) findOtelOwnedObjects(ctx context.Cont for i := range pdbList.Items { ownedObjects[pdbList.Items[i].GetUID()] = &pdbList.Items[i] } + if params.Config.CreateRBACPermissions() == rbac.Available { + clusterObjects, err := r.findClusterRoleObjects(ctx, params) + if err != nil { + return nil, err + } + for k, v := range clusterObjects { + ownedObjects[k] = v + } + } + return ownedObjects, nil +} +// The cluster scope objects do not have owner reference. +func (r *OpenTelemetryCollectorReconciler) findClusterRoleObjects(ctx context.Context, params manifests.Params) (map[types.UID]client.Object, error) { + ownedObjects := map[types.UID]client.Object{} + // Remove cluster roles and bindings. + // Users might switch off the RBAC creation feature on the operator which should remove existing RBAC. + listOpsCluster := &client.ListOptions{ + LabelSelector: labels.SelectorFromSet(manifestutils.SelectorLabels(params.OtelCol.ObjectMeta, collector.ComponentOpenTelemetryCollector)), + } + clusterroleList := &rbacv1.ClusterRoleList{} + err := r.List(ctx, clusterroleList, listOpsCluster) + if err != nil { + return nil, fmt.Errorf("error listing ClusterRoles: %w", err) + } + for i := range clusterroleList.Items { + ownedObjects[clusterroleList.Items[i].GetUID()] = &clusterroleList.Items[i] + } + clusterrolebindingList := &rbacv1.ClusterRoleBindingList{} + err = r.List(ctx, clusterrolebindingList, listOpsCluster) + if err != nil { + return nil, fmt.Errorf("error listing ClusterRoleBIndings: %w", err) + } + for i := range clusterrolebindingList.Items { + ownedObjects[clusterrolebindingList.Items[i].GetUID()] = &clusterrolebindingList.Items[i] + } return ownedObjects, nil } @@ -193,8 +229,32 @@ func (r *OpenTelemetryCollectorReconciler) Reconcile(ctx context.Context, req ct // on deleted requests. return ctrl.Result{}, client.IgnoreNotFound(err) } + + params, err := r.getParams(instance) + if err != nil { + log.Error(err, "Failed to create manifest.Params") + return ctrl.Result{}, err + } + // We have a deletion, short circuit and let the deletion happen if deletionTimestamp := instance.GetDeletionTimestamp(); deletionTimestamp != nil { + if controllerutil.ContainsFinalizer(&instance, collectorFinalizer) { + // If the finalization logic fails, don't remove the finalizer so + // that we can retry during the next reconciliation. + if err = r.finalizeCollector(ctx, params); err != nil { + return ctrl.Result{}, err + } + + // Once all finalizers have been + // removed, the object will be deleted. + if controllerutil.RemoveFinalizer(&instance, collectorFinalizer) { + err = r.Update(ctx, &instance) + if err != nil { + return ctrl.Result{}, err + } + } + } + return ctrl.Result{}, nil } @@ -204,10 +264,14 @@ func (r *OpenTelemetryCollectorReconciler) Reconcile(ctx context.Context, req ct return ctrl.Result{}, nil } - params, err := r.getParams(instance) - if err != nil { - log.Error(err, "Failed to create manifest.Params") - return ctrl.Result{}, err + // Add finalizer for this CR + if !controllerutil.ContainsFinalizer(&instance, collectorFinalizer) { + if controllerutil.AddFinalizer(&instance, collectorFinalizer) { + err = r.Update(ctx, &instance) + if err != nil { + return ctrl.Result{}, err + } + } } desiredObjects, buildErr := BuildCollector(params) @@ -255,3 +319,17 @@ func (r *OpenTelemetryCollectorReconciler) SetupWithManager(mgr ctrl.Manager) er return builder.Complete(r) } + +const collectorFinalizer = "opentelemetrycollector.opentelemetry.io/finalizer" + +func (r *OpenTelemetryCollectorReconciler) finalizeCollector(ctx context.Context, params manifests.Params) error { + // The cluster scope objects do not have owner reference. They need to be deleted explicitly + if params.Config.CreateRBACPermissions() == rbac.Available { + objects, err := r.findClusterRoleObjects(ctx, params) + if err != nil { + return err + } + return deleteObjects(ctx, r.Client, r.log, objects) + } + return nil +} diff --git a/controllers/reconcile_test.go b/controllers/reconcile_test.go index 8dd272e77f..db6cfb267b 100644 --- a/controllers/reconcile_test.go +++ b/controllers/reconcile_test.go @@ -28,6 +28,7 @@ import ( v1 "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" policyV1 "k8s.io/api/policy/v1" + rbacv1 "k8s.io/api/rbac/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/intstr" @@ -43,6 +44,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/controllers" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/prometheus" + autoRBAC "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/rbac" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" ta "github.com/open-telemetry/opentelemetry-operator/internal/manifests/targetallocator/adapters" @@ -73,14 +75,14 @@ var ( type check[T any] func(t *testing.T, params T) func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { - addedMetadataDeployment := testCollectorWithMode(v1alpha1.ModeDeployment) + addedMetadataDeployment := testCollectorWithMode("test-deployment", v1alpha1.ModeDeployment) addedMetadataDeployment.Labels = map[string]string{ labelName: labelVal, } addedMetadataDeployment.Annotations = map[string]string{ annotationName: annotationVal, } - deploymentExtraPorts := testCollectorWithModeAndReplicas(v1alpha1.ModeDeployment, 3) + deploymentExtraPorts := testCollectorWithModeAndReplicas("test-deployment", v1alpha1.ModeDeployment, 3) deploymentExtraPorts.Spec.Ports = append(deploymentExtraPorts.Spec.Ports, extraPorts) deploymentExtraPorts.Spec.DeploymentUpdateStrategy = appsv1.DeploymentStrategy{ RollingUpdate: &appsv1.RollingUpdateDeployment{ @@ -94,20 +96,20 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { }, }, } - ingressParams := testCollectorAssertNoErr(t, "", testFileIngress) + ingressParams := testCollectorAssertNoErr(t, "test-ingress", "", testFileIngress) ingressParams.Spec.Ingress.Type = "ingress" - updatedIngressParams := testCollectorAssertNoErr(t, "", testFileIngress) + updatedIngressParams := testCollectorAssertNoErr(t, "test-ingress", "", testFileIngress) updatedIngressParams.Spec.Ingress.Type = "ingress" updatedIngressParams.Spec.Ingress.Annotations = map[string]string{"blub": "blob"} updatedIngressParams.Spec.Ingress.Hostname = expectHostname - routeParams := testCollectorAssertNoErr(t, "", testFileIngress) + routeParams := testCollectorAssertNoErr(t, "test-route", "", testFileIngress) routeParams.Spec.Ingress.Type = v1alpha1.IngressTypeRoute routeParams.Spec.Ingress.Route.Termination = v1alpha1.TLSRouteTerminationTypeInsecure - updatedRouteParams := testCollectorAssertNoErr(t, "", testFileIngress) + updatedRouteParams := testCollectorAssertNoErr(t, "test-route", "", testFileIngress) updatedRouteParams.Spec.Ingress.Type = v1alpha1.IngressTypeRoute updatedRouteParams.Spec.Ingress.Route.Termination = v1alpha1.TLSRouteTerminationTypeInsecure updatedRouteParams.Spec.Ingress.Hostname = expectHostname - deletedParams := testCollectorWithMode(v1alpha1.ModeDeployment) + deletedParams := testCollectorWithMode("test2", v1alpha1.ModeDeployment) now := metav1.NewTime(time.Now()) deletedParams.DeletionTimestamp = &now @@ -158,7 +160,7 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { assert.True(t, exists) assert.Equal(t, svc.Spec.Selector, map[string]string{ "app.kubernetes.io/component": "opentelemetry-collector", - "app.kubernetes.io/instance": "default.test", + "app.kubernetes.io/instance": "default.test-deployment", "app.kubernetes.io/managed-by": "opentelemetry-operator", "app.kubernetes.io/part-of": "opentelemetry", }) @@ -192,7 +194,7 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { assert.Contains(t, actual.Spec.Ports, extraPorts.ServicePort) assert.Equal(t, actual.Spec.Selector, map[string]string{ "app.kubernetes.io/component": "opentelemetry-collector", - "app.kubernetes.io/instance": "default.test", + "app.kubernetes.io/instance": "default.test-deployment", "app.kubernetes.io/managed-by": "opentelemetry-operator", "app.kubernetes.io/part-of": "opentelemetry", }) @@ -206,7 +208,7 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { { name: "invalid mode", args: args{ - params: testCollectorWithMode("bad"), + params: testCollectorWithMode("test-invalid", "bad"), updates: []v1alpha1.OpenTelemetryCollector{}, }, want: []want{ @@ -223,7 +225,7 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { { name: "invalid prometheus configuration", args: args{ - params: testCollectorAssertNoErr(t, baseTaImage, testFileIngress), + params: testCollectorAssertNoErr(t, "test-invalid-prom", baseTaImage, testFileIngress), updates: []v1alpha1.OpenTelemetryCollector{}, }, want: []want{ @@ -285,7 +287,7 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { checks: []check[v1alpha1.OpenTelemetryCollector]{ func(t *testing.T, params v1alpha1.OpenTelemetryCollector) { got := routev1.Route{} - nsn := types.NamespacedName{Namespace: params.Namespace, Name: "otlp-grpc-test-route"} + nsn := types.NamespacedName{Namespace: params.Namespace, Name: "otlp-grpc-test-route-route"} exists, err := populateObjectIfExists(t, &got, nsn) assert.NoError(t, err) assert.True(t, exists) @@ -299,7 +301,7 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { checks: []check[v1alpha1.OpenTelemetryCollector]{ func(t *testing.T, params v1alpha1.OpenTelemetryCollector) { got := routev1.Route{} - nsn := types.NamespacedName{Namespace: params.Namespace, Name: "otlp-grpc-test-route"} + nsn := types.NamespacedName{Namespace: params.Namespace, Name: "otlp-grpc-test-route-route"} exists, err := populateObjectIfExists(t, &got, nsn) assert.NoError(t, err) assert.True(t, exists) @@ -396,7 +398,7 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { { name: "daemonset collector", args: args{ - params: testCollectorWithMode(v1alpha1.ModeDaemonSet), + params: testCollectorWithMode("test-daemonset", v1alpha1.ModeDaemonSet), }, want: []want{ { @@ -416,11 +418,11 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { { name: "stateful should update collector with TA", args: args{ - params: testCollectorWithMode(v1alpha1.ModeStatefulSet), + params: testCollectorWithMode("test-stateful-ta", v1alpha1.ModeStatefulSet), updates: []v1alpha1.OpenTelemetryCollector{ - testCollectorAssertNoErr(t, baseTaImage, promFile), - testCollectorAssertNoErr(t, baseTaImage, updatedPromFile), - testCollectorAssertNoErr(t, updatedTaImage, updatedPromFile), + testCollectorAssertNoErr(t, "test-stateful-ta", baseTaImage, promFile), + testCollectorAssertNoErr(t, "test-stateful-ta", baseTaImage, updatedPromFile), + testCollectorAssertNoErr(t, "test-stateful-ta", updatedTaImage, updatedPromFile), }, }, want: []want{ @@ -463,13 +465,13 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { exists, err = populateObjectIfExists(t, &v1.ServiceAccount{}, namespacedObjectName(naming.TargetAllocatorServiceAccount(params.Name), params.Namespace)) assert.NoError(t, err) assert.True(t, exists) - promConfig, err := ta.ConfigToPromConfig(testCollectorAssertNoErr(t, baseTaImage, promFile).Spec.Config) + promConfig, err := ta.ConfigToPromConfig(testCollectorAssertNoErr(t, "test-stateful-ta", baseTaImage, promFile).Spec.Config) assert.NoError(t, err) taConfig := make(map[interface{}]interface{}) taConfig["collector_selector"] = metav1.LabelSelector{ MatchLabels: map[string]string{ - "app.kubernetes.io/instance": "default.test", + "app.kubernetes.io/instance": "default.test-stateful-ta", "app.kubernetes.io/managed-by": "opentelemetry-operator", "app.kubernetes.io/component": "opentelemetry-collector", "app.kubernetes.io/part-of": "opentelemetry", @@ -681,7 +683,7 @@ func TestOpAMPBridgeReconciler_Reconcile(t *testing.T) { exists, err = populateObjectIfExists(t, &v1.Service{}, namespacedObjectName(naming.OpAMPBridgeService(params.Name), params.Namespace)) assert.NoError(t, err) assert.True(t, exists) - exists, err = populateObjectIfExists(t, &v1.ServiceAccount{}, namespacedObjectName(naming.ServiceAccount(params.Name), params.Namespace)) + exists, err = populateObjectIfExists(t, &v1.ServiceAccount{}, namespacedObjectName(naming.OpAMPBridgeServiceAccount(params.Name), params.Namespace)) assert.NoError(t, err) assert.True(t, exists) }, @@ -821,6 +823,94 @@ func TestRegisterWithManager(t *testing.T) { assert.NoError(t, err) } +func TestOpenTelemetryCollectorReconciler_Finalizer(t *testing.T) { + otelcol := &v1alpha1.OpenTelemetryCollector{ + ObjectMeta: metav1.ObjectMeta{ + Name: "otel-k8sattrs", + Namespace: "test-finalizer", + }, + Spec: v1alpha1.OpenTelemetryCollectorSpec{ + Mode: v1alpha1.ModeDeployment, + Config: ` +processors: + k8sattributes: +receivers: + otlp: + protocols: + grpc: + +exporters: + debug: + +service: + pipelines: + traces: + receivers: [otlp] + processors: [k8sattributes] + exporters: [debug] +`, + }, + } + + ns := &v1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: otelcol.Namespace, + }, + } + clientErr := k8sClient.Create(context.Background(), ns) + require.NoError(t, clientErr) + clientErr = k8sClient.Create(context.Background(), otelcol) + require.NoError(t, clientErr) + + reconciler := controllers.NewReconciler(controllers.Params{ + Client: k8sClient, + Log: logger, + Scheme: testScheme, + Recorder: record.NewFakeRecorder(20), + Config: config.New( + config.WithCollectorImage("default-collector"), + config.WithTargetAllocatorImage("default-ta-allocator"), + config.WithRBACPermissions(autoRBAC.Available), + ), + }) + + nsn := types.NamespacedName{Name: otelcol.Name, Namespace: otelcol.Namespace} + req := k8sreconcile.Request{ + NamespacedName: nsn, + } + reconcile, reconcileErr := reconciler.Reconcile(context.Background(), req) + require.NoError(t, reconcileErr) + require.False(t, reconcile.Requeue) + + colClusterRole := &rbacv1.ClusterRole{} + clientErr = k8sClient.Get(context.Background(), types.NamespacedName{ + Name: naming.ClusterRole(otelcol.Name, otelcol.Namespace), + }, colClusterRole) + require.NoError(t, clientErr) + colClusterRoleBinding := &rbacv1.ClusterRoleBinding{} + clientErr = k8sClient.Get(context.Background(), types.NamespacedName{ + Name: naming.ClusterRoleBinding(otelcol.Name, otelcol.Namespace), + }, colClusterRoleBinding) + require.NoError(t, clientErr) + + // delete collector and check if the cluster role was deleted + clientErr = k8sClient.Delete(context.Background(), otelcol) + require.NoError(t, clientErr) + + reconcile, reconcileErr = reconciler.Reconcile(context.Background(), req) + require.NoError(t, reconcileErr) + require.False(t, reconcile.Requeue) + + clientErr = k8sClient.Get(context.Background(), types.NamespacedName{ + Name: naming.ClusterRole(otelcol.Name, otelcol.Namespace), + }, colClusterRole) + require.Error(t, clientErr) + clientErr = k8sClient.Get(context.Background(), types.NamespacedName{ + Name: naming.ClusterRoleBinding(otelcol.Name, otelcol.Namespace), + }, colClusterRoleBinding) + require.Error(t, clientErr) +} + func namespacedObjectName(name string, namespace string) types.NamespacedName { return types.NamespacedName{ Namespace: namespace, diff --git a/controllers/suite_test.go b/controllers/suite_test.go index a9d82248e9..b9c2aebfce 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -235,12 +235,12 @@ func TestMain(m *testing.M) { os.Exit(code) } -func testCollectorWithMode(mode v1alpha1.Mode) v1alpha1.OpenTelemetryCollector { +func testCollectorWithMode(name string, mode v1alpha1.Mode) v1alpha1.OpenTelemetryCollector { replicas := int32(2) - return testCollectorWithModeAndReplicas(mode, replicas) + return testCollectorWithModeAndReplicas(name, mode, replicas) } -func testCollectorWithModeAndReplicas(mode v1alpha1.Mode, replicas int32) v1alpha1.OpenTelemetryCollector { +func testCollectorWithModeAndReplicas(name string, mode v1alpha1.Mode, replicas int32) v1alpha1.OpenTelemetryCollector { configYAML, err := os.ReadFile("testdata/test.yaml") if err != nil { fmt.Printf("Error getting yaml file: %v", err) @@ -251,7 +251,7 @@ func testCollectorWithModeAndReplicas(mode v1alpha1.Mode, replicas int32) v1alph APIVersion: "v1", }, ObjectMeta: metav1.ObjectMeta{ - Name: "test", + Name: name, Namespace: "default", }, Spec: v1alpha1.OpenTelemetryCollectorSpec{ @@ -273,8 +273,8 @@ func testCollectorWithModeAndReplicas(mode v1alpha1.Mode, replicas int32) v1alph } } -func testCollectorAssertNoErr(t *testing.T, taContainerImage string, file string) v1alpha1.OpenTelemetryCollector { - p, err := testCollectorWithConfigFile(taContainerImage, file) +func testCollectorAssertNoErr(t *testing.T, name string, taContainerImage string, file string) v1alpha1.OpenTelemetryCollector { + p, err := testCollectorWithConfigFile(name, taContainerImage, file) assert.NoError(t, err) if len(taContainerImage) == 0 { p.Spec.TargetAllocator.Enabled = false @@ -282,7 +282,7 @@ func testCollectorAssertNoErr(t *testing.T, taContainerImage string, file string return p } -func testCollectorWithConfigFile(taContainerImage string, file string) (v1alpha1.OpenTelemetryCollector, error) { +func testCollectorWithConfigFile(name string, taContainerImage string, file string) (v1alpha1.OpenTelemetryCollector, error) { replicas := int32(1) var configYAML []byte var err error @@ -301,7 +301,7 @@ func testCollectorWithConfigFile(taContainerImage string, file string) (v1alpha1 APIVersion: "v1", }, ObjectMeta: metav1.ObjectMeta{ - Name: "test", + Name: name, Namespace: "default", }, Spec: v1alpha1.OpenTelemetryCollectorSpec{ diff --git a/internal/config/main.go b/internal/config/main.go index e32164585e..90ef316365 100644 --- a/internal/config/main.go +++ b/internal/config/main.go @@ -122,6 +122,7 @@ func New(opts ...Option) Config { autoInstrumentationNginxImage: o.autoInstrumentationNginxImage, labelsFilter: o.labelsFilter, annotationsFilter: o.annotationsFilter, + createRBACPermissions: o.createRBACPermissions, } } From 7fafce9e328518c0ca28984a897de74504121cc2 Mon Sep 17 00:00:00 2001 From: Yuri Sa <48062171+yuriolisa@users.noreply.github.com> Date: Thu, 16 May 2024 17:26:16 +0200 Subject: [PATCH 11/88] Fixed non-expected warnings on TA webhook. (#2962) Signed-off-by: Yuri Sa --- .chloggen/fix-ta-check-policy.yaml | 16 ++++++++++++++++ apis/v1beta1/collector_webhook.go | 2 +- 2 files changed, 17 insertions(+), 1 deletion(-) create mode 100755 .chloggen/fix-ta-check-policy.yaml diff --git a/.chloggen/fix-ta-check-policy.yaml b/.chloggen/fix-ta-check-policy.yaml new file mode 100755 index 0000000000..bb35c6d77a --- /dev/null +++ b/.chloggen/fix-ta-check-policy.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: 'bug_fix' + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: target-allocator + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Fixed non-expected warnings on TA webhook. + +# One or more tracking issues related to the change +issues: [2685] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: diff --git a/apis/v1beta1/collector_webhook.go b/apis/v1beta1/collector_webhook.go index 41951f18b8..2c4bc80d85 100644 --- a/apis/v1beta1/collector_webhook.go +++ b/apis/v1beta1/collector_webhook.go @@ -344,7 +344,7 @@ func (c CollectorWebhook) validateTargetAllocatorConfig(ctx context.Context, r * } // if the prometheusCR is enabled, it needs a suite of permissions to function if r.Spec.TargetAllocator.PrometheusCR.Enabled { - if subjectAccessReviews, err := c.reviewer.CheckPolicyRules(ctx, r.GetNamespace(), r.Spec.TargetAllocator.ServiceAccount, targetAllocatorCRPolicyRules...); err != nil { + if subjectAccessReviews, err := c.reviewer.CheckPolicyRules(ctx, r.Spec.TargetAllocator.ServiceAccount, r.GetNamespace(), targetAllocatorCRPolicyRules...); err != nil { return nil, fmt.Errorf("unable to check rbac rules %w", err) } else if allowed, deniedReviews := rbac.AllSubjectAccessReviewsAllowed(subjectAccessReviews); !allowed { return rbac.WarningsGroupedByResource(deniedReviews), nil From 53c5046db594c367017c9d050244bf274a6f0be4 Mon Sep 17 00:00:00 2001 From: Aksel Skaar Leirvaag <52233080+akselleirv@users.noreply.github.com> Date: Fri, 17 May 2024 13:44:30 +0200 Subject: [PATCH 12/88] Verify ServiceMonitor and PodMonitor are installed in prom cr availability check (#2964) * Verify ServiceMonitor and PodMonitor are installed in prom cr availability check * Added changelog --- .chloggen/verify-prom-crd-resources.yaml | 16 +++++++++ internal/autodetect/main.go | 21 ++++++++++- internal/autodetect/main_test.go | 44 ++++++++++++++++++++++-- 3 files changed, 78 insertions(+), 3 deletions(-) create mode 100755 .chloggen/verify-prom-crd-resources.yaml diff --git a/.chloggen/verify-prom-crd-resources.yaml b/.chloggen/verify-prom-crd-resources.yaml new file mode 100755 index 0000000000..1adfe693f9 --- /dev/null +++ b/.chloggen/verify-prom-crd-resources.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: bug_fix + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Ensure all Prometheus CRDs are installed + +# One or more tracking issues related to the change +issues: [2964] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: diff --git a/internal/autodetect/main.go b/internal/autodetect/main.go index 8dadb962ab..93f36d8f2e 100644 --- a/internal/autodetect/main.go +++ b/internal/autodetect/main.go @@ -67,13 +67,32 @@ func (a *autoDetect) PrometheusCRsAvailability() (prometheus.Availability, error return prometheus.NotAvailable, err } + foundServiceMonitor := false + foundPodMonitor := false apiGroups := apiList.Groups for i := 0; i < len(apiGroups); i++ { if apiGroups[i].Name == "monitoring.coreos.com" { - return prometheus.Available, nil + for _, version := range apiGroups[i].Versions { + resources, err := a.dcl.ServerResourcesForGroupVersion(version.GroupVersion) + if err != nil { + return prometheus.NotAvailable, err + } + + for _, resource := range resources.APIResources { + if resource.Kind == "ServiceMonitor" { + foundServiceMonitor = true + } else if resource.Kind == "PodMonitor" { + foundPodMonitor = true + } + } + } } } + if foundServiceMonitor && foundPodMonitor { + return prometheus.Available, nil + } + return prometheus.NotAvailable, nil } diff --git a/internal/autodetect/main_test.go b/internal/autodetect/main_test.go index d5dbbc707e..cae05f1563 100644 --- a/internal/autodetect/main_test.go +++ b/internal/autodetect/main_test.go @@ -85,25 +85,65 @@ func TestDetectPlatformBasedOnAvailableAPIGroups(t *testing.T) { func TestDetectPlatformBasedOnAvailableAPIGroupsPrometheus(t *testing.T) { for _, tt := range []struct { apiGroupList *metav1.APIGroupList + resources *metav1.APIResourceList expected prometheus.Availability }{ { &metav1.APIGroupList{}, + &metav1.APIResourceList{}, prometheus.NotAvailable, }, { &metav1.APIGroupList{ Groups: []metav1.APIGroup{ { - Name: "monitoring.coreos.com", + Name: "monitoring.coreos.com", + Versions: []metav1.GroupVersionForDiscovery{{GroupVersion: "monitoring.coreos.com/v1"}}, }, }, }, + &metav1.APIResourceList{ + APIResources: []metav1.APIResource{{Kind: "ServiceMonitor"}}, + }, + prometheus.NotAvailable, + }, + { + &metav1.APIGroupList{ + Groups: []metav1.APIGroup{ + { + Name: "monitoring.coreos.com", + Versions: []metav1.GroupVersionForDiscovery{{GroupVersion: "monitoring.coreos.com/v1"}}, + }, + }, + }, + &metav1.APIResourceList{ + APIResources: []metav1.APIResource{{Kind: "PodMonitor"}}, + }, + prometheus.NotAvailable, + }, + { + &metav1.APIGroupList{ + Groups: []metav1.APIGroup{ + { + Name: "monitoring.coreos.com", + Versions: []metav1.GroupVersionForDiscovery{{GroupVersion: "monitoring.coreos.com/v1"}}, + }, + }, + }, + &metav1.APIResourceList{ + APIResources: []metav1.APIResource{{Kind: "PodMonitor"}, {Kind: "ServiceMonitor"}}, + }, prometheus.Available, }, } { server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { - output, err := json.Marshal(tt.apiGroupList) + var output []byte + var err error + if req.URL.Path == "/apis" { + output, err = json.Marshal(tt.apiGroupList) + } else { + output, err = json.Marshal(tt.resources) + } require.NoError(t, err) w.Header().Set("Content-Type", "application/json") From f0a2ba910b47c42e397777530b4cb3cfca890e65 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 May 2024 08:26:04 +0200 Subject: [PATCH 13/88] Bump kyverno/action-install-chainsaw from 0.2.0 to 0.2.1 (#2968) Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw) from 0.2.0 to 0.2.1. - [Release notes](https://github.com/kyverno/action-install-chainsaw/releases) - [Commits](https://github.com/kyverno/action-install-chainsaw/compare/v0.2.0...v0.2.1) --- updated-dependencies: - dependency-name: kyverno/action-install-chainsaw dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index ea6a3d7ead..c87c7824b0 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -57,7 +57,7 @@ jobs: path: bin key: ${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('Makefile') }}-${{ steps.setup-go.outputs.go-version }} - name: Install chainsaw - uses: kyverno/action-install-chainsaw@v0.2.0 + uses: kyverno/action-install-chainsaw@v0.2.1 - name: Install tools run: make install-tools - name: Prepare e2e tests From b314e7f90bfef592b75d64f98b77996fb698b62c Mon Sep 17 00:00:00 2001 From: Israel Blancas Date: Mon, 20 May 2024 10:39:43 +0200 Subject: [PATCH 14/88] Fix labels for Service Monitors (#2878) * Create a separate Service Monitor when the Prometheus exporter is present Signed-off-by: Israel Blancas * Improve changelog Signed-off-by: Israel Blancas * Fix prometheus-cr E2E test Signed-off-by: Israel Blancas * Remove unused target Signed-off-by: Israel Blancas * Add docstring Signed-off-by: Israel Blancas * Fix typo Signed-off-by: Israel Blancas * Change the label name Signed-off-by: Israel Blancas * Change changelog description Signed-off-by: Israel Blancas * Recover removed labels Signed-off-by: Israel Blancas * Add missing labels Signed-off-by: Israel Blancas * Remove wrong labels Signed-off-by: Israel Blancas --------- Signed-off-by: Israel Blancas --- .chloggen/bug_2877.yaml | 20 ++++++ controllers/builder_test.go | 47 ++++++++----- internal/manifests/collector/collector.go | 2 +- internal/manifests/collector/podmonitor.go | 37 +++++----- internal/manifests/collector/service.go | 24 +++++-- internal/manifests/collector/service_test.go | 1 + .../manifests/collector/servicemonitor.go | 70 +++++++++++++------ .../collector/servicemonitor_test.go | 37 +++++----- tests/e2e-openshift/kafka/03-assert.yaml | 1 + tests/e2e-openshift/monitoring/01-assert.yaml | 9 ++- tests/e2e-openshift/monitoring/04-assert.yaml | 14 ++++ .../04-use-prometheus-exporter.yaml | 25 +++++++ .../monitoring/chainsaw-test.yaml | 6 ++ .../multi-cluster/02-assert.yaml | 1 + .../multi-cluster/03-assert.yaml | 1 + .../otlp-metrics-traces/02-assert.yaml | 23 +++++- .../01-assert.yaml | 28 +++++++- .../02-assert.yaml | 28 +++++++- .../04-error.yaml | 14 ---- .../05-assert.yaml | 29 +++++++- .../05-error.yaml | 29 +++++++- .../06-assert.yaml | 27 ++++++- 22 files changed, 363 insertions(+), 110 deletions(-) create mode 100755 .chloggen/bug_2877.yaml create mode 100644 tests/e2e-openshift/monitoring/04-assert.yaml create mode 100644 tests/e2e-openshift/monitoring/04-use-prometheus-exporter.yaml diff --git a/.chloggen/bug_2877.yaml b/.chloggen/bug_2877.yaml new file mode 100755 index 0000000000..0ca822551d --- /dev/null +++ b/.chloggen/bug_2877.yaml @@ -0,0 +1,20 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: bug_fix + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Create a Service Monitor for the monitoring service and another one for the collector service when the Prometheus exporter is used. + +# One or more tracking issues related to the change +issues: [2877] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: | + Create a Service Monitor for the collector Service when Prometheus exporter is used. A different Service Monitor is created for the monitoring service. + This helps excluding the headless service (duplicating the metrics collection) and splits responsibilities between the two Service Monitors. + Now, the operator.opentelemetry.io/collector-service-type label is used to differentiate the services. + operator.opentelemetry.io/collector-monitoring-service and operator.opentelemetry.io/collector-headless-service are deprecated now. \ No newline at end of file diff --git a/controllers/builder_test.go b/controllers/builder_test.go index 5cf49c9cde..32fd6db2fd 100644 --- a/controllers/builder_test.go +++ b/controllers/builder_test.go @@ -259,12 +259,13 @@ service: Name: "test-collector", Namespace: "test", Labels: map[string]string{ - "app.kubernetes.io/component": "opentelemetry-collector", - "app.kubernetes.io/instance": "test.test", - "app.kubernetes.io/managed-by": "opentelemetry-operator", - "app.kubernetes.io/name": "test-collector", - "app.kubernetes.io/part-of": "opentelemetry", - "app.kubernetes.io/version": "latest", + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "base", }, Annotations: nil, }, @@ -291,6 +292,7 @@ service: "app.kubernetes.io/part-of": "opentelemetry", "app.kubernetes.io/version": "latest", "operator.opentelemetry.io/collector-headless-service": "Exists", + "operator.opentelemetry.io/collector-service-type": "headless", }, Annotations: map[string]string{ "service.beta.openshift.io/serving-cert-secret-name": "test-collector-headless-tls", @@ -319,6 +321,7 @@ service: "app.kubernetes.io/name": "test-collector-monitoring", "app.kubernetes.io/part-of": "opentelemetry", "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "monitoring", "operator.opentelemetry.io/collector-monitoring-service": "Exists", }, Annotations: nil, @@ -506,12 +509,13 @@ service: Name: "test-collector", Namespace: "test", Labels: map[string]string{ - "app.kubernetes.io/component": "opentelemetry-collector", - "app.kubernetes.io/instance": "test.test", - "app.kubernetes.io/managed-by": "opentelemetry-operator", - "app.kubernetes.io/name": "test-collector", - "app.kubernetes.io/part-of": "opentelemetry", - "app.kubernetes.io/version": "latest", + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "base", }, Annotations: nil, }, @@ -537,6 +541,7 @@ service: "app.kubernetes.io/name": "test-collector", "app.kubernetes.io/part-of": "opentelemetry", "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "headless", "operator.opentelemetry.io/collector-headless-service": "Exists", }, Annotations: map[string]string{ @@ -566,6 +571,7 @@ service: "app.kubernetes.io/name": "test-collector-monitoring", "app.kubernetes.io/part-of": "opentelemetry", "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "monitoring", "operator.opentelemetry.io/collector-monitoring-service": "Exists", }, Annotations: nil, @@ -774,12 +780,13 @@ service: Name: "test-collector", Namespace: "test", Labels: map[string]string{ - "app.kubernetes.io/component": "opentelemetry-collector", - "app.kubernetes.io/instance": "test.test", - "app.kubernetes.io/managed-by": "opentelemetry-operator", - "app.kubernetes.io/name": "test-collector", - "app.kubernetes.io/part-of": "opentelemetry", - "app.kubernetes.io/version": "latest", + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "base", }, Annotations: nil, }, @@ -805,6 +812,7 @@ service: "app.kubernetes.io/name": "test-collector", "app.kubernetes.io/part-of": "opentelemetry", "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "headless", "operator.opentelemetry.io/collector-headless-service": "Exists", }, Annotations: map[string]string{ @@ -834,6 +842,7 @@ service: "app.kubernetes.io/name": "test-collector-monitoring", "app.kubernetes.io/part-of": "opentelemetry", "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "monitoring", "operator.opentelemetry.io/collector-monitoring-service": "Exists", }, Annotations: nil, @@ -1317,6 +1326,7 @@ service: "app.kubernetes.io/name": "test-collector-monitoring", "app.kubernetes.io/part-of": "opentelemetry", "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "monitoring", "operator.opentelemetry.io/collector-monitoring-service": "Exists", }, Annotations: nil, @@ -1711,6 +1721,7 @@ prometheus_cr: "app.kubernetes.io/name": "test-collector-monitoring", "app.kubernetes.io/part-of": "opentelemetry", "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "monitoring", "operator.opentelemetry.io/collector-monitoring-service": "Exists", }, Annotations: nil, diff --git a/internal/manifests/collector/collector.go b/internal/manifests/collector/collector.go index 9cb2302bba..65a19cdc9e 100644 --- a/internal/manifests/collector/collector.go +++ b/internal/manifests/collector/collector.go @@ -57,7 +57,7 @@ func Build(params manifests.Params) ([]client.Object, error) { if params.OtelCol.Spec.Mode == v1beta1.ModeSidecar { manifestFactories = append(manifestFactories, manifests.Factory(PodMonitor)) } else { - manifestFactories = append(manifestFactories, manifests.Factory(ServiceMonitor)) + manifestFactories = append(manifestFactories, manifests.Factory(ServiceMonitor), manifests.Factory(ServiceMonitorMonitoring)) } } diff --git a/internal/manifests/collector/podmonitor.go b/internal/manifests/collector/podmonitor.go index 86157c4138..761f7d307c 100644 --- a/internal/manifests/collector/podmonitor.go +++ b/internal/manifests/collector/podmonitor.go @@ -31,28 +31,14 @@ import ( // PodMonitor returns the pod monitor for the given instance. func PodMonitor(params manifests.Params) (*monitoringv1.PodMonitor, error) { - if !params.OtelCol.Spec.Observability.Metrics.EnableMetrics { - params.Log.V(2).Info("Metrics disabled for this OTEL Collector", - "params.OtelCol.name", params.OtelCol.Name, - "params.OtelCol.namespace", params.OtelCol.Namespace, - ) - return nil, nil - } else if params.Config.PrometheusCRAvailability() == prometheus.NotAvailable { - params.Log.V(1).Info("Cannot enable PodMonitor when prometheus CRDs are unavailable", - "params.OtelCol.name", params.OtelCol.Name, - "params.OtelCol.namespace", params.OtelCol.Namespace, - ) + if !shouldCreatePodMonitor(params) { return nil, nil } - var pm monitoringv1.PodMonitor - if params.OtelCol.Spec.Mode != v1beta1.ModeSidecar { - return nil, nil - } name := naming.PodMonitor(params.OtelCol.Name) labels := manifestutils.Labels(params.OtelCol.ObjectMeta, name, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, nil) selectorLabels := manifestutils.SelectorLabels(params.OtelCol.ObjectMeta, ComponentOpenTelemetryCollector) - pm = monitoringv1.PodMonitor{ + pm := monitoringv1.PodMonitor{ ObjectMeta: metav1.ObjectMeta{ Namespace: params.OtelCol.Namespace, Name: name, @@ -107,3 +93,22 @@ func metricsEndpointsFromConfig(logger logr.Logger, otelcol v1beta1.OpenTelemetr } return metricsEndpoints } + +func shouldCreatePodMonitor(params manifests.Params) bool { + l := params.Log.WithValues( + "params.OtelCol.name", params.OtelCol.Name, + "params.OtelCol.namespace", params.OtelCol.Namespace, + ) + + if !params.OtelCol.Spec.Observability.Metrics.EnableMetrics { + l.V(2).Info("Metrics disabled for this OTEL Collector. PodMonitor will not ve created") + return false + } else if params.Config.PrometheusCRAvailability() == prometheus.NotAvailable { + l.V(2).Info("Cannot enable PodMonitor when prometheus CRDs are unavailable") + return false + } else if params.OtelCol.Spec.Mode != v1beta1.ModeSidecar { + l.V(2).Info("Not using sidecar mode. PodMonitor will not be created") + return false + } + return true +} diff --git a/internal/manifests/collector/service.go b/internal/manifests/collector/service.go index 10d3ae15ab..d66e4bfe99 100644 --- a/internal/manifests/collector/service.go +++ b/internal/manifests/collector/service.go @@ -29,13 +29,26 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) -// headless and monitoring labels are to differentiate the headless/monitoring services from the clusterIP service. +// headless and monitoring labels are to differentiate the base/headless/monitoring services from the clusterIP service. const ( - headlessLabel = "operator.opentelemetry.io/collector-headless-service" - monitoringLabel = "operator.opentelemetry.io/collector-monitoring-service" - valueExists = "Exists" + headlessLabel = "operator.opentelemetry.io/collector-headless-service" + monitoringLabel = "operator.opentelemetry.io/collector-monitoring-service" + serviceTypeLabel = "operator.opentelemetry.io/collector-service-type" + valueExists = "Exists" ) +type ServiceType int + +const ( + BaseServiceType ServiceType = iota + HeadlessServiceType + MonitoringServiceType +) + +func (s ServiceType) String() string { + return [...]string{"base", "headless", "monitoring"}[s] +} + func HeadlessService(params manifests.Params) (*corev1.Service, error) { h, err := Service(params) if h == nil || err != nil { @@ -44,6 +57,7 @@ func HeadlessService(params manifests.Params) (*corev1.Service, error) { h.Name = naming.HeadlessService(params.OtelCol.Name) h.Labels[headlessLabel] = valueExists + h.Labels[serviceTypeLabel] = HeadlessServiceType.String() // copy to avoid modifying params.OtelCol.Annotations annotations := map[string]string{ @@ -63,6 +77,7 @@ func MonitoringService(params manifests.Params) (*corev1.Service, error) { name := naming.MonitoringService(params.OtelCol.Name) labels := manifestutils.Labels(params.OtelCol.ObjectMeta, name, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) labels[monitoringLabel] = valueExists + labels[serviceTypeLabel] = MonitoringServiceType.String() metricsPort, err := params.OtelCol.Spec.Config.Service.MetricsPort() if err != nil { @@ -90,6 +105,7 @@ func MonitoringService(params manifests.Params) (*corev1.Service, error) { func Service(params manifests.Params) (*corev1.Service, error) { name := naming.Service(params.OtelCol.Name) labels := manifestutils.Labels(params.OtelCol.ObjectMeta, name, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) + labels[serviceTypeLabel] = BaseServiceType.String() out, err := params.OtelCol.Spec.Config.Yaml() if err != nil { diff --git a/internal/manifests/collector/service_test.go b/internal/manifests/collector/service_test.go index 0e3c125be5..2a5cd8d08f 100644 --- a/internal/manifests/collector/service_test.go +++ b/internal/manifests/collector/service_test.go @@ -286,6 +286,7 @@ func service(name string, ports []v1beta1.PortsSpec) v1.Service { func serviceWithInternalTrafficPolicy(name string, ports []v1beta1.PortsSpec, internalTrafficPolicy v1.ServiceInternalTrafficPolicyType) v1.Service { params := deploymentParams() labels := manifestutils.Labels(params.OtelCol.ObjectMeta, name, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) + labels[serviceTypeLabel] = BaseServiceType.String() svcPorts := []v1.ServicePort{} for _, p := range ports { diff --git a/internal/manifests/collector/servicemonitor.go b/internal/manifests/collector/servicemonitor.go index 1713ccfe50..2c1088f44c 100644 --- a/internal/manifests/collector/servicemonitor.go +++ b/internal/manifests/collector/servicemonitor.go @@ -15,6 +15,7 @@ package collector import ( + "fmt" "strings" "github.com/go-logr/logr" @@ -29,30 +30,40 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) -// ServiceMonitor returns the service monitor for the given instance. +// ServiceMonitor returns the service monitor for the collector. func ServiceMonitor(params manifests.Params) (*monitoringv1.ServiceMonitor, error) { - if !params.OtelCol.Spec.Observability.Metrics.EnableMetrics { - params.Log.V(2).Info("Metrics disabled for this OTEL Collector", - "params.OtelCol.name", params.OtelCol.Name, - "params.OtelCol.namespace", params.OtelCol.Namespace, - ) - return nil, nil - } else if params.Config.PrometheusCRAvailability() == prometheus.NotAvailable { - params.Log.V(1).Info("Cannot enable ServiceMonitor when prometheus CRDs are unavailable", - "params.OtelCol.name", params.OtelCol.Name, - "params.OtelCol.namespace", params.OtelCol.Namespace, - ) - return nil, nil + name := naming.ServiceMonitor(params.OtelCol.Name) + endpoints := endpointsFromConfig(params.Log, params.OtelCol) + if len(endpoints) > 0 { + return createServiceMonitor(name, params, BaseServiceType, endpoints) } - var sm monitoringv1.ServiceMonitor + return nil, nil +} + +// ServiceMonitor returns the service monitor for the monitoring service of the collector. +func ServiceMonitorMonitoring(params manifests.Params) (*monitoringv1.ServiceMonitor, error) { + name := naming.ServiceMonitor(fmt.Sprintf("%s-monitoring", params.OtelCol.Name)) + endpoints := []monitoringv1.Endpoint{ + { + Port: "monitoring", + }, + } + return createServiceMonitor(name, params, MonitoringServiceType, endpoints) +} - if params.OtelCol.Spec.Mode == v1beta1.ModeSidecar { +// createServiceMonitor creates a Service Monitor using the provided name, the params from the instance, a label to identify the service +// to target (like the monitoring or the collector services) and the endpoints to scrape. +func createServiceMonitor(name string, params manifests.Params, serviceType ServiceType, endpoints []monitoringv1.Endpoint) (*monitoringv1.ServiceMonitor, error) { + if !shouldCreateServiceMonitor(params) { return nil, nil } - name := naming.ServiceMonitor(params.OtelCol.Name) + + var sm monitoringv1.ServiceMonitor + labels := manifestutils.Labels(params.OtelCol.ObjectMeta, name, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) selectorLabels := manifestutils.SelectorLabels(params.OtelCol.ObjectMeta, ComponentOpenTelemetryCollector) - selectorLabels[monitoringLabel] = valueExists + // This label is the one which differentiates the services + selectorLabels[serviceTypeLabel] = serviceType.String() sm = monitoringv1.ServiceMonitor{ ObjectMeta: metav1.ObjectMeta{ @@ -61,11 +72,7 @@ func ServiceMonitor(params manifests.Params) (*monitoringv1.ServiceMonitor, erro Labels: labels, }, Spec: monitoringv1.ServiceMonitorSpec{ - Endpoints: append([]monitoringv1.Endpoint{ - { - Port: "monitoring", - }, - }, endpointsFromConfig(params.Log, params.OtelCol)...), + Endpoints: endpoints, NamespaceSelector: monitoringv1.NamespaceSelector{ MatchNames: []string{params.OtelCol.Namespace}, }, @@ -78,6 +85,25 @@ func ServiceMonitor(params manifests.Params) (*monitoringv1.ServiceMonitor, erro return &sm, nil } +func shouldCreateServiceMonitor(params manifests.Params) bool { + l := params.Log.WithValues( + "params.OtelCol.name", params.OtelCol.Name, + "params.OtelCol.namespace", params.OtelCol.Namespace, + ) + + if !params.OtelCol.Spec.Observability.Metrics.EnableMetrics { + l.V(2).Info("Metrics disabled for this OTEL Collector. ServiceMonitor will not ve created") + return false + } else if params.Config.PrometheusCRAvailability() == prometheus.NotAvailable { + l.V(2).Info("Cannot enable ServiceMonitor when prometheus CRDs are unavailable") + return false + } else if params.OtelCol.Spec.Mode == v1beta1.ModeSidecar { + l.V(2).Info("Using sidecar mode. ServiceMonitor will not be created") + return false + } + return true +} + func endpointsFromConfig(logger logr.Logger, otelcol v1beta1.OpenTelemetryCollector) []monitoringv1.Endpoint { // TODO: https://github.com/open-telemetry/opentelemetry-operator/issues/2603 cfgStr, err := otelcol.Spec.Config.Yaml() diff --git a/internal/manifests/collector/servicemonitor_test.go b/internal/manifests/collector/servicemonitor_test.go index 8b0cc7f117..63f1b216c2 100644 --- a/internal/manifests/collector/servicemonitor_test.go +++ b/internal/manifests/collector/servicemonitor_test.go @@ -34,18 +34,24 @@ func TestDesiredServiceMonitors(t *testing.T) { params.OtelCol.Spec.Observability.Metrics.EnableMetrics = true actual, err = ServiceMonitor(params) assert.NoError(t, err) + assert.Nil(t, actual) + + // Check the monitoring SM + actual, err = ServiceMonitorMonitoring(params) + assert.NoError(t, err) assert.NotNil(t, actual) - assert.Equal(t, fmt.Sprintf("%s-collector", params.OtelCol.Name), actual.Name) + assert.Equal(t, fmt.Sprintf("%s-monitoring-collector", params.OtelCol.Name), actual.Name) assert.Equal(t, params.OtelCol.Namespace, actual.Namespace) assert.Equal(t, "monitoring", actual.Spec.Endpoints[0].Port) - expectedSelectorLabels := map[string]string{ - "app.kubernetes.io/component": "opentelemetry-collector", - "app.kubernetes.io/instance": "default.test", - "app.kubernetes.io/managed-by": "opentelemetry-operator", - "app.kubernetes.io/part-of": "opentelemetry", - "operator.opentelemetry.io/collector-monitoring-service": "Exists", + expectedSelectorLabelsMonitor := map[string]string{ + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "default.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/part-of": "opentelemetry", + "operator.opentelemetry.io/collector-service-type": "monitoring", } - assert.Equal(t, expectedSelectorLabels, actual.Spec.Selector.MatchLabels) + assert.Equal(t, expectedSelectorLabelsMonitor, actual.Spec.Selector.MatchLabels) + } func TestDesiredServiceMonitorsWithPrometheus(t *testing.T) { @@ -57,15 +63,14 @@ func TestDesiredServiceMonitorsWithPrometheus(t *testing.T) { assert.NotNil(t, actual) assert.Equal(t, fmt.Sprintf("%s-collector", params.OtelCol.Name), actual.Name) assert.Equal(t, params.OtelCol.Namespace, actual.Namespace) - assert.Equal(t, "monitoring", actual.Spec.Endpoints[0].Port) - assert.Equal(t, "prometheus-dev", actual.Spec.Endpoints[1].Port) - assert.Equal(t, "prometheus-prod", actual.Spec.Endpoints[2].Port) + assert.Equal(t, "prometheus-dev", actual.Spec.Endpoints[0].Port) + assert.Equal(t, "prometheus-prod", actual.Spec.Endpoints[1].Port) expectedSelectorLabels := map[string]string{ - "app.kubernetes.io/component": "opentelemetry-collector", - "app.kubernetes.io/instance": "default.test", - "app.kubernetes.io/managed-by": "opentelemetry-operator", - "app.kubernetes.io/part-of": "opentelemetry", - "operator.opentelemetry.io/collector-monitoring-service": "Exists", + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "default.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/part-of": "opentelemetry", + "operator.opentelemetry.io/collector-service-type": "base", } assert.Equal(t, expectedSelectorLabels, actual.Spec.Selector.MatchLabels) } diff --git a/tests/e2e-openshift/kafka/03-assert.yaml b/tests/e2e-openshift/kafka/03-assert.yaml index 0152057fd0..34cfabbea3 100644 --- a/tests/e2e-openshift/kafka/03-assert.yaml +++ b/tests/e2e-openshift/kafka/03-assert.yaml @@ -53,6 +53,7 @@ metadata: app.kubernetes.io/instance: chainsaw-kafka.kafka-exporter app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/name: kafka-exporter-collector + operator.opentelemetry.io/collector-service-type: headless operator.opentelemetry.io/collector-headless-service: Exists name: kafka-exporter-collector-headless namespace: chainsaw-kafka diff --git a/tests/e2e-openshift/monitoring/01-assert.yaml b/tests/e2e-openshift/monitoring/01-assert.yaml index 170c0f4148..aefeb5e82d 100644 --- a/tests/e2e-openshift/monitoring/01-assert.yaml +++ b/tests/e2e-openshift/monitoring/01-assert.yaml @@ -15,22 +15,21 @@ status: availableReplicas: 1 readyReplicas: 1 replicas: 1 - --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: labels: app.kubernetes.io/managed-by: opentelemetry-operator - app.kubernetes.io/name: cluster-collector-collector - name: cluster-collector-collector + app.kubernetes.io/name: cluster-collector-monitoring-collector + name: cluster-collector-monitoring-collector spec: endpoints: - port: monitoring selector: matchLabels: app.kubernetes.io/managed-by: opentelemetry-operator - + operator.opentelemetry.io/collector-service-type: monitoring --- apiVersion: v1 kind: Service @@ -68,6 +67,7 @@ metadata: app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/name: cluster-collector-collector app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: headless operator.opentelemetry.io/collector-headless-service: Exists name: cluster-collector-collector-headless spec: @@ -87,7 +87,6 @@ spec: app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/part-of: opentelemetry type: ClusterIP - --- apiVersion: v1 kind: Service diff --git a/tests/e2e-openshift/monitoring/04-assert.yaml b/tests/e2e-openshift/monitoring/04-assert.yaml new file mode 100644 index 0000000000..0b72375c3b --- /dev/null +++ b/tests/e2e-openshift/monitoring/04-assert.yaml @@ -0,0 +1,14 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/name: cluster-collector2-collector + name: cluster-collector2-collector +spec: + endpoints: + - port: prometheus + selector: + matchLabels: + app.kubernetes.io/managed-by: opentelemetry-operator + operator.opentelemetry.io/collector-service-type: base diff --git a/tests/e2e-openshift/monitoring/04-use-prometheus-exporter.yaml b/tests/e2e-openshift/monitoring/04-use-prometheus-exporter.yaml new file mode 100644 index 0000000000..4eb57f2c9a --- /dev/null +++ b/tests/e2e-openshift/monitoring/04-use-prometheus-exporter.yaml @@ -0,0 +1,25 @@ +apiVersion: opentelemetry.io/v1alpha1 +kind: OpenTelemetryCollector +metadata: + name: cluster-collector2 +spec: + mode: deployment + observability: + metrics: + enableMetrics: true + config: | + receivers: + otlp: + protocols: + grpc: + http: + processors: + exporters: + prometheus: + endpoint: "0.0.0.0:8091" + service: + pipelines: + metrics: + receivers: [otlp] + processors: [] + exporters: [prometheus] diff --git a/tests/e2e-openshift/monitoring/chainsaw-test.yaml b/tests/e2e-openshift/monitoring/chainsaw-test.yaml index 232e9a2522..0cf36e93f0 100755 --- a/tests/e2e-openshift/monitoring/chainsaw-test.yaml +++ b/tests/e2e-openshift/monitoring/chainsaw-test.yaml @@ -35,3 +35,9 @@ spec: - script: timeout: 5m content: ./check_metrics.sh + - name: step-04 + try: + - apply: + file: 04-use-prometheus-exporter.yaml + - assert: + file: 04-assert.yaml \ No newline at end of file diff --git a/tests/e2e-openshift/multi-cluster/02-assert.yaml b/tests/e2e-openshift/multi-cluster/02-assert.yaml index 7ba79cbe56..c4dae4d27f 100644 --- a/tests/e2e-openshift/multi-cluster/02-assert.yaml +++ b/tests/e2e-openshift/multi-cluster/02-assert.yaml @@ -58,6 +58,7 @@ metadata: app.kubernetes.io/name: otlp-receiver-collector app.kubernetes.io/part-of: opentelemetry app.kubernetes.io/version: latest + operator.opentelemetry.io/collector-service-type: headless operator.opentelemetry.io/collector-headless-service: Exists name: otlp-receiver-collector-headless namespace: chainsaw-multi-cluster-receive diff --git a/tests/e2e-openshift/multi-cluster/03-assert.yaml b/tests/e2e-openshift/multi-cluster/03-assert.yaml index bc3a130380..a22efdb841 100644 --- a/tests/e2e-openshift/multi-cluster/03-assert.yaml +++ b/tests/e2e-openshift/multi-cluster/03-assert.yaml @@ -58,6 +58,7 @@ metadata: app.kubernetes.io/name: otel-sender-collector app.kubernetes.io/part-of: opentelemetry app.kubernetes.io/version: latest + operator.opentelemetry.io/collector-service-type: headless operator.opentelemetry.io/collector-headless-service: Exists name: otel-sender-collector-headless namespace: chainsaw-multi-cluster-send diff --git a/tests/e2e-openshift/otlp-metrics-traces/02-assert.yaml b/tests/e2e-openshift/otlp-metrics-traces/02-assert.yaml index 057820e934..c2403ae18f 100644 --- a/tests/e2e-openshift/otlp-metrics-traces/02-assert.yaml +++ b/tests/e2e-openshift/otlp-metrics-traces/02-assert.yaml @@ -11,6 +11,27 @@ status: --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/instance: chainsaw-otlp-metrics.cluster-collector + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/name: cluster-collector-monitoring-collector + name: cluster-collector-monitoring-collector + namespace: chainsaw-otlp-metrics +spec: + endpoints: + - port: monitoring + namespaceSelector: + matchNames: + - chainsaw-otlp-metrics + selector: + matchLabels: + app.kubernetes.io/instance: chainsaw-otlp-metrics.cluster-collector + app.kubernetes.io/managed-by: opentelemetry-operator + operator.opentelemetry.io/collector-service-type: monitoring +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor metadata: labels: app.kubernetes.io/instance: chainsaw-otlp-metrics.cluster-collector @@ -20,7 +41,6 @@ metadata: namespace: chainsaw-otlp-metrics spec: endpoints: - - port: monitoring - port: prometheus namespaceSelector: matchNames: @@ -29,3 +49,4 @@ spec: matchLabels: app.kubernetes.io/instance: chainsaw-otlp-metrics.cluster-collector app.kubernetes.io/managed-by: opentelemetry-operator + operator.opentelemetry.io/collector-service-type: base \ No newline at end of file diff --git a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/01-assert.yaml b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/01-assert.yaml index eb0652f517..0b2bd613d3 100644 --- a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/01-assert.yaml +++ b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/01-assert.yaml @@ -1,5 +1,28 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/name: simplest-monitoring-collector + name: simplest-monitoring-collector + namespace: create-sm-prometheus +spec: + endpoints: + - port: monitoring + namespaceSelector: + matchNames: + - create-sm-prometheus + selector: + matchLabels: + app.kubernetes.io/component: opentelemetry-collector + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: monitoring +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor metadata: labels: app.kubernetes.io/instance: create-sm-prometheus.simplest @@ -9,7 +32,6 @@ metadata: namespace: create-sm-prometheus spec: endpoints: - - port: monitoring - port: prometheus-dev - port: prometheus-prod namespaceSelector: @@ -21,7 +43,7 @@ spec: app.kubernetes.io/instance: create-sm-prometheus.simplest app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/part-of: opentelemetry - operator.opentelemetry.io/collector-monitoring-service: "Exists" + operator.opentelemetry.io/collector-service-type: base --- apiVersion: v1 kind: Service @@ -58,7 +80,7 @@ metadata: app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/name: simplest-collector-monitoring app.kubernetes.io/part-of: opentelemetry - operator.opentelemetry.io/collector-monitoring-service: "Exists" + operator.opentelemetry.io/collector-service-type: "monitoring" name: simplest-collector-monitoring namespace: create-sm-prometheus spec: diff --git a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/02-assert.yaml b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/02-assert.yaml index 4c5b8bd5b8..61f74dd1e1 100644 --- a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/02-assert.yaml +++ b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/02-assert.yaml @@ -1,5 +1,28 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/name: simplest-monitoring-collector + name: simplest-monitoring-collector + namespace: create-sm-prometheus +spec: + endpoints: + - port: monitoring + namespaceSelector: + matchNames: + - create-sm-prometheus + selector: + matchLabels: + app.kubernetes.io/component: opentelemetry-collector + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: monitoring +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor metadata: labels: app.kubernetes.io/instance: create-sm-prometheus.simplest @@ -9,7 +32,6 @@ metadata: namespace: create-sm-prometheus spec: endpoints: - - port: monitoring - port: prometheus-prod namespaceSelector: matchNames: @@ -20,8 +42,7 @@ spec: app.kubernetes.io/instance: create-sm-prometheus.simplest app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/part-of: opentelemetry - operator.opentelemetry.io/collector-monitoring-service: "Exists" - + operator.opentelemetry.io/collector-service-type: base --- apiVersion: v1 kind: Service @@ -54,6 +75,7 @@ metadata: app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/name: simplest-collector-monitoring app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: "monitoring" operator.opentelemetry.io/collector-monitoring-service: "Exists" name: simplest-collector-monitoring namespace: create-sm-prometheus diff --git a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/04-error.yaml b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/04-error.yaml index 61ad50e38b..263dbb3c64 100644 --- a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/04-error.yaml +++ b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/04-error.yaml @@ -1,19 +1,5 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: - labels: - app.kubernetes.io/instance: create-sm-prometheus.simplest - app.kubernetes.io/managed-by: opentelemetry-operator - app.kubernetes.io/name: simplest-collector name: simplest-collector namespace: create-sm-prometheus -spec: - endpoints: - - port: monitoring - - port: prometheus-prod - namespaceSelector: - matchNames: - - create-sm-prometheus - selector: - matchLabels: - app.kubernetes.io/managed-by: opentelemetry-operator diff --git a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/05-assert.yaml b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/05-assert.yaml index 3e8205803c..a0b8ebcda6 100644 --- a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/05-assert.yaml +++ b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/05-assert.yaml @@ -1,5 +1,28 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/name: simplest-monitoring-collector + name: simplest-monitoring-collector + namespace: create-sm-prometheus +spec: + endpoints: + - port: monitoring + namespaceSelector: + matchNames: + - create-sm-prometheus + selector: + matchLabels: + app.kubernetes.io/component: opentelemetry-collector + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: monitoring +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor metadata: labels: app.kubernetes.io/instance: create-sm-prometheus.simplest @@ -9,7 +32,6 @@ metadata: namespace: create-sm-prometheus spec: endpoints: - - port: monitoring - port: prometheus-dev - port: prometheus-prod namespaceSelector: @@ -17,11 +39,11 @@ spec: - create-sm-prometheus selector: matchLabels: + app.kubernetes.io/component: opentelemetry-collector app.kubernetes.io/instance: create-sm-prometheus.simplest app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/part-of: opentelemetry - app.kubernetes.io/component: opentelemetry-collector - operator.opentelemetry.io/collector-monitoring-service: "Exists" + operator.opentelemetry.io/collector-service-type: base --- apiVersion: v1 kind: Service @@ -32,6 +54,7 @@ metadata: app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/name: simplest-collector-monitoring app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: "monitoring" operator.opentelemetry.io/collector-monitoring-service: "Exists" name: simplest-collector-monitoring namespace: create-sm-prometheus diff --git a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/05-error.yaml b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/05-error.yaml index ecb59ba1fd..c97ae2597d 100644 --- a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/05-error.yaml +++ b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/05-error.yaml @@ -1,5 +1,28 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/name: simplest-monitoring-collector + name: simplest-monitoring-collector + namespace: create-sm-prometheus +spec: + endpoints: + - port: monitoring + namespaceSelector: + matchNames: + - create-sm-prometheus + selector: + matchLabels: + app.kubernetes.io/component: opentelemetry-collector + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: monitoring +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor metadata: labels: app.kubernetes.io/instance: create-sm-prometheus.simplest @@ -9,7 +32,6 @@ metadata: namespace: create-sm-prometheus spec: endpoints: - - port: monitoring - port: prometheus-dev - port: prometheus-prod - port: prometheusremotewrite/prometheus @@ -18,5 +40,8 @@ spec: - create-sm-prometheus selector: matchLabels: - app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/component: opentelemetry-collector app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: base diff --git a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/06-assert.yaml b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/06-assert.yaml index dcfecf5d81..be594e1a1d 100644 --- a/tests/e2e-prometheuscr/create-sm-prometheus-exporters/06-assert.yaml +++ b/tests/e2e-prometheuscr/create-sm-prometheus-exporters/06-assert.yaml @@ -1,5 +1,28 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor +metadata: + labels: + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/name: simplest-monitoring-collector + name: simplest-monitoring-collector + namespace: create-sm-prometheus +spec: + endpoints: + - port: monitoring + namespaceSelector: + matchNames: + - create-sm-prometheus + selector: + matchLabels: + app.kubernetes.io/component: opentelemetry-collector + app.kubernetes.io/instance: create-sm-prometheus.simplest + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: monitoring +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor metadata: labels: app.kubernetes.io/instance: create-sm-prometheus.simplest @@ -9,7 +32,6 @@ metadata: namespace: create-sm-prometheus spec: endpoints: - - port: monitoring - port: prometheus-dev namespaceSelector: matchNames: @@ -20,7 +42,7 @@ spec: app.kubernetes.io/instance: create-sm-prometheus.simplest app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/part-of: opentelemetry - operator.opentelemetry.io/collector-monitoring-service: "Exists" + operator.opentelemetry.io/collector-service-type: base --- apiVersion: v1 kind: Service @@ -31,6 +53,7 @@ metadata: app.kubernetes.io/managed-by: opentelemetry-operator app.kubernetes.io/name: simplest-collector-monitoring app.kubernetes.io/part-of: opentelemetry + operator.opentelemetry.io/collector-service-type: "monitoring" operator.opentelemetry.io/collector-monitoring-service: "Exists" name: simplest-collector-monitoring namespace: create-sm-prometheus From 314d7c1a78cfb4b0c71d1cca2d55fa3dbbcea478 Mon Sep 17 00:00:00 2001 From: Vineeth Pothulapati Date: Mon, 20 May 2024 14:31:31 +0530 Subject: [PATCH 15/88] Prepare release 0.100.0 (#2960) * Prepare release 0.100.0 Signed-off-by: Vineeth Pothulapati * update the chlog * update the chlog with #2877 merge --------- Signed-off-by: Vineeth Pothulapati --- ...x-detector-resourcedetectionprocessor.yaml | 16 ------- .../2862-fix-clusterrolebinding-names.yaml | 16 ------- .chloggen/add-collector-pool-healthy.yaml | 16 ------- .chloggen/bug_2877.yaml | 20 -------- .chloggen/cleanup-roles.yaml | 16 ------- .chloggen/collector-readiness-support.yaml | 17 ------- .chloggen/customized-log-encoder.yaml | 16 ------- .chloggen/fix-collector-node-selector.yaml | 17 ------- .chloggen/fix-labels-annotations-filter.yaml | 16 ------- .chloggen/fix-ta-check-policy.yaml | 16 ------- .../fix_load-initial-servicemonitors.yaml | 16 ------- ...ssions-by-checking-the-sa-permissions.yaml | 16 ------- .chloggen/ta-add-https.yaml | 18 -------- .chloggen/verify-prom-crd-resources.yaml | 16 ------- CHANGELOG.md | 46 +++++++++++++++++++ README.md | 2 +- RELEASE.md | 4 +- ...emetry-operator.clusterserviceversion.yaml | 8 ++-- versions.txt | 10 ++-- 19 files changed, 58 insertions(+), 244 deletions(-) delete mode 100755 .chloggen/2833-fix-detector-resourcedetectionprocessor.yaml delete mode 100755 .chloggen/2862-fix-clusterrolebinding-names.yaml delete mode 100755 .chloggen/add-collector-pool-healthy.yaml delete mode 100755 .chloggen/bug_2877.yaml delete mode 100755 .chloggen/cleanup-roles.yaml delete mode 100644 .chloggen/collector-readiness-support.yaml delete mode 100755 .chloggen/customized-log-encoder.yaml delete mode 100644 .chloggen/fix-collector-node-selector.yaml delete mode 100755 .chloggen/fix-labels-annotations-filter.yaml delete mode 100755 .chloggen/fix-ta-check-policy.yaml delete mode 100755 .chloggen/fix_load-initial-servicemonitors.yaml delete mode 100755 .chloggen/replace-create-rbac-permissions-by-checking-the-sa-permissions.yaml delete mode 100755 .chloggen/ta-add-https.yaml delete mode 100755 .chloggen/verify-prom-crd-resources.yaml diff --git a/.chloggen/2833-fix-detector-resourcedetectionprocessor.yaml b/.chloggen/2833-fix-detector-resourcedetectionprocessor.yaml deleted file mode 100755 index effa51536f..0000000000 --- a/.chloggen/2833-fix-detector-resourcedetectionprocessor.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: "Use the k8snode detector instead of kubernetes for the automatic RBAC creation for the resourcedetector" - -# One or more tracking issues related to the change -issues: [2833] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/2862-fix-clusterrolebinding-names.yaml b/.chloggen/2862-fix-clusterrolebinding-names.yaml deleted file mode 100755 index 44307f7670..0000000000 --- a/.chloggen/2862-fix-clusterrolebinding-names.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: "When two Collectors are created with the same name but different namespaces, the ClusterRoleBinding created by the first will be overriden by the second one." - -# One or more tracking issues related to the change -issues: [2862] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/add-collector-pool-healthy.yaml b/.chloggen/add-collector-pool-healthy.yaml deleted file mode 100755 index 1bc8ca48ed..0000000000 --- a/.chloggen/add-collector-pool-healthy.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: opamp - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Add healthy field at collector pool level in opamp bridge heartbeat - -# One or more tracking issues related to the change -issues: [2936] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/bug_2877.yaml b/.chloggen/bug_2877.yaml deleted file mode 100755 index 0ca822551d..0000000000 --- a/.chloggen/bug_2877.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Create a Service Monitor for the monitoring service and another one for the collector service when the Prometheus exporter is used. - -# One or more tracking issues related to the change -issues: [2877] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: | - Create a Service Monitor for the collector Service when Prometheus exporter is used. A different Service Monitor is created for the monitoring service. - This helps excluding the headless service (duplicating the metrics collection) and splits responsibilities between the two Service Monitors. - Now, the operator.opentelemetry.io/collector-service-type label is used to differentiate the services. - operator.opentelemetry.io/collector-monitoring-service and operator.opentelemetry.io/collector-headless-service are deprecated now. \ No newline at end of file diff --git a/.chloggen/cleanup-roles.yaml b/.chloggen/cleanup-roles.yaml deleted file mode 100755 index 51be6f2675..0000000000 --- a/.chloggen/cleanup-roles.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Cleanup ClusterRoles and ClusterRoleBindings created by the operator - -# One or more tracking issues related to the change -issues: [2938] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: The operator uses finalizer on the collector to run the cleanup diff --git a/.chloggen/collector-readiness-support.yaml b/.chloggen/collector-readiness-support.yaml deleted file mode 100644 index e27a8d00d6..0000000000 --- a/.chloggen/collector-readiness-support.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Add support for readinessProbe on OpenTelemetryCollector CRD. - -# One or more tracking issues related to the change -issues: [2943] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: | - Add support for readinessProbe on `OpenTelemetryCollector` and its default similar to the already supported livenessProbe. diff --git a/.chloggen/customized-log-encoder.yaml b/.chloggen/customized-log-encoder.yaml deleted file mode 100755 index b51a8bc593..0000000000 --- a/.chloggen/customized-log-encoder.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: 'enhancement' - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Enabling new Logs Enconder Configuration parameters. - -# One or more tracking issues related to the change -issues: [268] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/fix-collector-node-selector.yaml b/.chloggen/fix-collector-node-selector.yaml deleted file mode 100644 index 3674ea046c..0000000000 --- a/.chloggen/fix-collector-node-selector.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Fix to reflect changes of OpenTelemetryCollector.spec.nodeSelector in the collector Pods - -# One or more tracking issues related to the change -issues: [2940] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: | - When updating `OpenTelemetryCollector.spec.nodeSelector` it was not removing previous selector from the final collector pod (Deployment/Daemonset/Statefulset). diff --git a/.chloggen/fix-labels-annotations-filter.yaml b/.chloggen/fix-labels-annotations-filter.yaml deleted file mode 100755 index bde0808c84..0000000000 --- a/.chloggen/fix-labels-annotations-filter.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: 'bug_fix' - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Fix of Labels and Annotations filter - -# One or more tracking issues related to the change -issues: [2770] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/fix-ta-check-policy.yaml b/.chloggen/fix-ta-check-policy.yaml deleted file mode 100755 index bb35c6d77a..0000000000 --- a/.chloggen/fix-ta-check-policy.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: 'bug_fix' - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: target-allocator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Fixed non-expected warnings on TA webhook. - -# One or more tracking issues related to the change -issues: [2685] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/fix_load-initial-servicemonitors.yaml b/.chloggen/fix_load-initial-servicemonitors.yaml deleted file mode 100755 index 7466a937e2..0000000000 --- a/.chloggen/fix_load-initial-servicemonitors.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: target allocator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Fix target allocator readiness check - -# One or more tracking issues related to the change -issues: [2903] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/replace-create-rbac-permissions-by-checking-the-sa-permissions.yaml b/.chloggen/replace-create-rbac-permissions-by-checking-the-sa-permissions.yaml deleted file mode 100755 index ab5895bb16..0000000000 --- a/.chloggen/replace-create-rbac-permissions-by-checking-the-sa-permissions.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Automatically enable RBAC creation if operator SA can create clusterroles and bindings. --create-rbac-permissions flag is noop and deprecated now. - -# One or more tracking issues related to the change -issues: [2588] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: \ No newline at end of file diff --git a/.chloggen/ta-add-https.yaml b/.chloggen/ta-add-https.yaml deleted file mode 100755 index 1c231c3c18..0000000000 --- a/.chloggen/ta-add-https.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: target allocator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Added option for creating an mTLS-configured HTTPS server to fetch scrape config with real secret values. - -# One or more tracking issues related to the change -issues: [1669] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: | - The change introduces an option to create an additional HTTPS server with mTLS configuration. - This server is specifically utilized for obtaining the scrape configuration with actual secret values. diff --git a/.chloggen/verify-prom-crd-resources.yaml b/.chloggen/verify-prom-crd-resources.yaml deleted file mode 100755 index 1adfe693f9..0000000000 --- a/.chloggen/verify-prom-crd-resources.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Ensure all Prometheus CRDs are installed - -# One or more tracking issues related to the change -issues: [2964] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/CHANGELOG.md b/CHANGELOG.md index a874f6d2ec..66a9ffc1b0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,52 @@ +## 0.100.0 + +### 💡 Enhancements 💡 + +- `opamp`: Add healthy field at collector pool level in opamp bridge heartbeat (#2936) +- `collector`: Add support for readinessProbe on OpenTelemetryCollector CRD. (#2943) + Add support for readinessProbe on `OpenTelemetryCollector` and its default similar to the already supported livenessProbe. + +- `operator`: Enabling new Logs Enconder Configuration parameters. (#268) +- `operator`: Automatically enable RBAC creation if operator SA can create clusterroles and bindings. --create-rbac-permissions flag is noop and deprecated now. (#2588) +- `target allocator`: Added option for creating an mTLS-configured HTTPS server to fetch scrape config with real secret values. (#1669) + The change introduces an option to create an additional HTTPS server with mTLS configuration. + This server is specifically utilized for obtaining the scrape configuration with actual secret values. + + +### 🧰 Bug fixes 🧰 + +- `collector`: Create a Service Monitor for the monitoring service and another one for the collector service when the Prometheus exporter is used. (#2877) + Create a Service Monitor for the collector Service when Prometheus exporter is used. A different Service Monitor is created for the monitoring service. + This helps excluding the headless service (duplicating the metrics collection) and splits responsibilities between the two Service Monitors. + Now, the operator.opentelemetry.io/collector-service-type label is used to differentiate the services. + operator.opentelemetry.io/collector-monitoring-service and operator.opentelemetry.io/collector-headless-service are deprecated now. +- `target-allocator`: Fixed non-expected warnings on TA webhook. (#2685) +- `collector`: Ensure all Prometheus CRDs are installed (#2964) +- `collector`: Cleanup ClusterRoles and ClusterRoleBindings created by the operator (#2938) + The operator uses finalizer on the collector to run the cleanup +- `collector`: Use the k8snode detector instead of kubernetes for the automatic RBAC creation for the resourcedetector (#2833) +- `collector`: When two Collectors are created with the same name but different namespaces, the ClusterRoleBinding created by the first will be overriden by the second one. (#2862) +- `collector`: Fix to reflect changes of OpenTelemetryCollector.spec.nodeSelector in the collector Pods (#2940) + When updating `OpenTelemetryCollector.spec.nodeSelector` it was not removing previous selector from the final collector pod (Deployment/Daemonset/Statefulset). + +- `collector`: Fix of Labels and Annotations filter (#2770) +- `target allocator`: Fix target allocator readiness check (#2903) + +### Components + +* [OpenTelemetry Collector - v0.100.0](https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.100.0) +* [OpenTelemetry Contrib - v0.100.0](https://github.com/open-telemetry/opentelemetry-collector-contrib/releases/tag/v0.100.0) +* [Java auto-instrumentation - v1.32.1](https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/tag/v1.32.1) +* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/{AUTO_INSTRUMENTATION_DOTNET_VERSION}) +* [Node.JS - v0.51.0](https://github.com/open-telemetry/opentelemetry-js/releases/tag/experimental%2Fv0.51.0) +* [Python - v0.44b0](https://github.com/open-telemetry/opentelemetry-python-contrib/releases/tag/v0.44b0) +* [Go - v0.12.0-alpha](https://github.com/open-telemetry/opentelemetry-go-instrumentation/releases/tag/v0.12.0-alpha) +* [ApacheHTTPD - 1.0.4](https://github.com/open-telemetry/opentelemetry-cpp-contrib/releases/tag/webserver%2Fv1.0.4) +* [Nginx - 1.0.4](https://github.com/open-telemetry/opentelemetry-cpp-contrib/releases/tag/webserver%2Fv1.0.4) + ## 0.99.0 ### 🛑 Breaking changes 🛑 diff --git a/README.md b/README.md index 8b175b9c08..48e4cc7ffb 100644 --- a/README.md +++ b/README.md @@ -730,6 +730,7 @@ The OpenTelemetry Operator _might_ work on versions outside of the given range, | OpenTelemetry Operator | Kubernetes | Cert-Manager | |------------------------| -------------- | ------------ | +| v0.100.0 | v1.23 to v1.29 | v1 | | v0.99.0 | v1.23 to v1.29 | v1 | | v0.98.0 | v1.23 to v1.29 | v1 | | v0.97.0 | v1.23 to v1.29 | v1 | @@ -752,7 +753,6 @@ The OpenTelemetry Operator _might_ work on versions outside of the given range, | v0.80.0 | v1.19 to v1.27 | v1 | | v0.79.0 | v1.19 to v1.27 | v1 | | v0.78.0 | v1.19 to v1.27 | v1 | -| v0.77.0 | v1.19 to v1.26 | v1 | ## Contributing and Developing diff --git a/RELEASE.md b/RELEASE.md index 94cfcbd777..99ea090f88 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -2,7 +2,7 @@ Steps to release a new version of the OpenTelemetry Operator: -1. Create a `Prepare relese x.y.z` pull request with the following content: +1. Create a `Prepare release x.y.z` pull request with the following content: 1. Set the version you're releasing as an environment variable for convenience: `export VERSION=0.n+1.0` 1. Update `versions.txt` - Operator, target allocator and opamp-bridge should be `$VERSION`. @@ -44,9 +44,9 @@ The operator should be released within a week after the [OpenTelemetry collector | Version | Release manager | |----------|-----------------| -| v0.100.0 | @TylerHelmuth | | v0.101.0 | @swiatekm-sumo | | v0.102.0 | @frzifus | | v0.103.0 | @jaronoff97 | | v0.104.0 | @pavolloffay | | v0.105.0 | @yuriolisa | +| v0.106.0 | @TylerHelmuth | \ No newline at end of file diff --git a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml index c14ddf4e76..fcfd593ee7 100644 --- a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml +++ b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml @@ -99,13 +99,13 @@ metadata: categories: Logging & Tracing,Monitoring certified: "false" containerImage: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator - createdAt: "2024-05-03T15:21:44Z" + createdAt: "2024-05-15T17:31:49Z" description: Provides the OpenTelemetry components, including the Collector operators.operatorframework.io/builder: operator-sdk-v1.29.0 operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: github.com/open-telemetry/opentelemetry-operator support: OpenTelemetry Community - name: opentelemetry-operator.v0.99.0 + name: opentelemetry-operator.v0.100.0 namespace: placeholder spec: apiservicedefinitions: {} @@ -504,7 +504,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.serviceAccountName - image: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator:0.99.0 + image: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator:0.100.0 livenessProbe: httpGet: path: /healthz @@ -612,7 +612,7 @@ spec: minKubeVersion: 1.23.0 provider: name: OpenTelemetry Community - version: 0.99.0 + version: 0.100.0 webhookdefinitions: - admissionReviewVersions: - v1alpha1 diff --git a/versions.txt b/versions.txt index 0d32fe228e..76dd1c2098 100644 --- a/versions.txt +++ b/versions.txt @@ -2,16 +2,16 @@ # by default with the OpenTelemetry Operator. This would usually be the latest # stable OpenTelemetry version. When you update this file, make sure to update the # the docs as well. -opentelemetry-collector=0.99.0 +opentelemetry-collector=0.100.0 # Represents the current release of the OpenTelemetry Operator. -operator=0.99.0 +operator=0.100.0 # Represents the current release of the Target Allocator. -targetallocator=0.99.0 +targetallocator=0.100.0 # Represents the current release of the Operator OpAMP Bridge. -operator-opamp-bridge=0.99.0 +operator-opamp-bridge=0.100.0 # Represents the current release of Java instrumentation. # Should match autoinstrumentation/java/version.txt @@ -19,7 +19,7 @@ autoinstrumentation-java=1.32.1 # Represents the current release of NodeJS instrumentation. # Should match value in autoinstrumentation/nodejs/package.json -autoinstrumentation-nodejs=0.49.1 +autoinstrumentation-nodejs=0.51.0 # Represents the current release of Python instrumentation. # Should match value in autoinstrumentation/python/requirements.txt From 97495ece0d88bd7e69d270ca8f09dd21a08bd3cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miko=C5=82aj=20=C5=9Awi=C4=85tek?= Date: Mon, 20 May 2024 11:04:05 +0000 Subject: [PATCH 16/88] [chore] Refactor allocation strategies (#2928) * Refactor consistent-hashing strategy * Refactor per-node strategy * Refactor least-weighted strategy * Minor allocation strategy refactor * Add some common allocation strategy tests * Fix collector and target reassignment * Minor allocator fixes * Add changelog entry * Fix an incorrect comment --- .chloggen/refactor-strategies.yaml | 16 + cmd/otel-allocator/allocation/allocator.go | 310 ++++++++++++++++++ .../allocation/allocator_test.go | 207 ++++++++++++ .../allocation/consistent_hashing.go | 264 ++------------- .../allocation/consistent_hashing_test.go | 20 +- .../allocation/least_weighted.go | 281 +--------------- .../allocation/least_weighted_test.go | 90 +---- cmd/otel-allocator/allocation/per_node.go | 225 ++----------- .../allocation/per_node_test.go | 2 +- cmd/otel-allocator/allocation/strategy.go | 21 +- .../{allocatortest.go => testutils.go} | 17 + 11 files changed, 638 insertions(+), 815 deletions(-) create mode 100755 .chloggen/refactor-strategies.yaml create mode 100644 cmd/otel-allocator/allocation/allocator.go create mode 100644 cmd/otel-allocator/allocation/allocator_test.go rename cmd/otel-allocator/allocation/{allocatortest.go => testutils.go} (80%) diff --git a/.chloggen/refactor-strategies.yaml b/.chloggen/refactor-strategies.yaml new file mode 100755 index 0000000000..5388aafdad --- /dev/null +++ b/.chloggen/refactor-strategies.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: target allocator + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Refactor allocation strategies + +# One or more tracking issues related to the change +issues: [2928] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: The performance of the per-node strategy was massively improved as part of this change. diff --git a/cmd/otel-allocator/allocation/allocator.go b/cmd/otel-allocator/allocation/allocator.go new file mode 100644 index 0000000000..cbe5d1d31d --- /dev/null +++ b/cmd/otel-allocator/allocation/allocator.go @@ -0,0 +1,310 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package allocation + +import ( + "errors" + "sync" + + "github.com/go-logr/logr" + "github.com/prometheus/client_golang/prometheus" + + "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/diff" + "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/target" +) + +/* + Target Allocator will serve on an HTTP server exposing /jobs//targets + The targets are allocated using the least connection method + Target Allocator will need information about the collectors in order to set the URLs + Keep a Map of what each collector currently holds and update it based on new scrape target updates +*/ + +var _ Allocator = &allocator{} + +func newAllocator(log logr.Logger, strategy Strategy, opts ...AllocationOption) Allocator { + chAllocator := &allocator{ + strategy: strategy, + collectors: make(map[string]*Collector), + targetItems: make(map[string]*target.Item), + targetItemsPerJobPerCollector: make(map[string]map[string]map[string]bool), + log: log, + } + for _, opt := range opts { + opt(chAllocator) + } + + return chAllocator +} + +type allocator struct { + strategy Strategy + + // collectors is a map from a Collector's name to a Collector instance + // collectorKey -> collector pointer + collectors map[string]*Collector + + // targetItems is a map from a target item's hash to the target items allocated state + // targetItem hash -> target item pointer + targetItems map[string]*target.Item + + // collectorKey -> job -> target item hash -> true + targetItemsPerJobPerCollector map[string]map[string]map[string]bool + + // m protects collectors, targetItems and targetItemsPerJobPerCollector for concurrent use. + m sync.RWMutex + + log logr.Logger + + filter Filter +} + +// SetFilter sets the filtering hook to use. +func (a *allocator) SetFilter(filter Filter) { + a.filter = filter +} + +// SetTargets accepts a list of targets that will be used to make +// load balancing decisions. This method should be called when there are +// new targets discovered or existing targets are shutdown. +func (a *allocator) SetTargets(targets map[string]*target.Item) { + timer := prometheus.NewTimer(TimeToAssign.WithLabelValues("SetTargets", a.strategy.GetName())) + defer timer.ObserveDuration() + + if a.filter != nil { + targets = a.filter.Apply(targets) + } + RecordTargetsKept(targets) + + a.m.Lock() + defer a.m.Unlock() + + // Check for target changes + targetsDiff := diff.Maps(a.targetItems, targets) + // If there are any additions or removals + if len(targetsDiff.Additions()) != 0 || len(targetsDiff.Removals()) != 0 { + a.handleTargets(targetsDiff) + } +} + +// SetCollectors sets the set of collectors with key=collectorName, value=Collector object. +// This method is called when Collectors are added or removed. +func (a *allocator) SetCollectors(collectors map[string]*Collector) { + timer := prometheus.NewTimer(TimeToAssign.WithLabelValues("SetCollectors", a.strategy.GetName())) + defer timer.ObserveDuration() + + CollectorsAllocatable.WithLabelValues(a.strategy.GetName()).Set(float64(len(collectors))) + if len(collectors) == 0 { + a.log.Info("No collector instances present") + } + + a.m.Lock() + defer a.m.Unlock() + + // Check for collector changes + collectorsDiff := diff.Maps(a.collectors, collectors) + if len(collectorsDiff.Additions()) != 0 || len(collectorsDiff.Removals()) != 0 { + a.handleCollectors(collectorsDiff) + } +} + +func (a *allocator) GetTargetsForCollectorAndJob(collector string, job string) []*target.Item { + a.m.RLock() + defer a.m.RUnlock() + if _, ok := a.targetItemsPerJobPerCollector[collector]; !ok { + return []*target.Item{} + } + if _, ok := a.targetItemsPerJobPerCollector[collector][job]; !ok { + return []*target.Item{} + } + targetItemsCopy := make([]*target.Item, len(a.targetItemsPerJobPerCollector[collector][job])) + index := 0 + for targetHash := range a.targetItemsPerJobPerCollector[collector][job] { + targetItemsCopy[index] = a.targetItems[targetHash] + index++ + } + return targetItemsCopy +} + +// TargetItems returns a shallow copy of the targetItems map. +func (a *allocator) TargetItems() map[string]*target.Item { + a.m.RLock() + defer a.m.RUnlock() + targetItemsCopy := make(map[string]*target.Item) + for k, v := range a.targetItems { + targetItemsCopy[k] = v + } + return targetItemsCopy +} + +// Collectors returns a shallow copy of the collectors map. +func (a *allocator) Collectors() map[string]*Collector { + a.m.RLock() + defer a.m.RUnlock() + collectorsCopy := make(map[string]*Collector) + for k, v := range a.collectors { + collectorsCopy[k] = v + } + return collectorsCopy +} + +// handleTargets receives the new and removed targets and reconciles the current state. +// Any removals are removed from the allocator's targetItems and unassigned from the corresponding collector. +// Any net-new additions are assigned to the collector on the same node as the target. +func (a *allocator) handleTargets(diff diff.Changes[*target.Item]) { + // Check for removals + for k, item := range a.targetItems { + // if the current item is in the removals list + if _, ok := diff.Removals()[k]; ok { + a.removeTargetItem(item) + } + } + + // Check for additions + assignmentErrors := []error{} + for k, item := range diff.Additions() { + // Do nothing if the item is already there + if _, ok := a.targetItems[k]; ok { + continue + } else { + // TODO: track target -> collector relationship in a separate map + item.CollectorName = "" + // Add item to item pool and assign a collector + err := a.addTargetToTargetItems(item) + if err != nil { + assignmentErrors = append(assignmentErrors, err) + } + } + } + + // Check for unassigned targets + unassignedTargets := len(assignmentErrors) + if unassignedTargets > 0 { + err := errors.Join(assignmentErrors...) + a.log.Info("Could not assign targets for some jobs", "targets", unassignedTargets, "error", err) + TargetsUnassigned.Set(float64(unassignedTargets)) + } +} + +func (a *allocator) addTargetToTargetItems(tg *target.Item) error { + a.targetItems[tg.Hash()] = tg + if len(a.collectors) == 0 { + return nil + } + + colOwner, err := a.strategy.GetCollectorForTarget(a.collectors, tg) + if err != nil { + return err + } + + // Check if this is a reassignment, if so, unassign first + // note: The ordering here is important, we want to determine the new assignment before unassigning, because + // the strategy might make use of previous assignment information + if _, ok := a.collectors[tg.CollectorName]; ok && tg.CollectorName != "" { + a.unassignTargetItem(tg) + } + + tg.CollectorName = colOwner.Name + a.addCollectorTargetItemMapping(tg) + a.collectors[colOwner.Name].NumTargets++ + TargetsPerCollector.WithLabelValues(colOwner.String(), a.strategy.GetName()).Set(float64(a.collectors[colOwner.String()].NumTargets)) + + return nil +} + +// unassignTargetItem unassigns the target item from its Collector. The target item is still tracked. +func (a *allocator) unassignTargetItem(item *target.Item) { + collectorName := item.CollectorName + if collectorName == "" { + return + } + c, ok := a.collectors[collectorName] + if !ok { + return + } + c.NumTargets-- + TargetsPerCollector.WithLabelValues(item.CollectorName, a.strategy.GetName()).Set(float64(c.NumTargets)) + delete(a.targetItemsPerJobPerCollector[item.CollectorName][item.JobName], item.Hash()) + if len(a.targetItemsPerJobPerCollector[item.CollectorName][item.JobName]) == 0 { + delete(a.targetItemsPerJobPerCollector[item.CollectorName], item.JobName) + } + item.CollectorName = "" +} + +// removeTargetItem removes the target item from its Collector. +func (a *allocator) removeTargetItem(item *target.Item) { + a.unassignTargetItem(item) + delete(a.targetItems, item.Hash()) +} + +// removeCollector removes a Collector from the allocator. +func (a *allocator) removeCollector(collector *Collector) { + delete(a.collectors, collector.Name) + // Remove the collector from any target item records + for _, targetItems := range a.targetItemsPerJobPerCollector[collector.Name] { + for targetHash := range targetItems { + a.targetItems[targetHash].CollectorName = "" + } + } + delete(a.targetItemsPerJobPerCollector, collector.Name) + TargetsPerCollector.WithLabelValues(collector.Name, a.strategy.GetName()).Set(0) +} + +// addCollectorTargetItemMapping keeps track of which collector has which jobs and targets +// this allows the allocator to respond without any extra allocations to http calls. The caller of this method +// has to acquire a lock. +func (a *allocator) addCollectorTargetItemMapping(tg *target.Item) { + if a.targetItemsPerJobPerCollector[tg.CollectorName] == nil { + a.targetItemsPerJobPerCollector[tg.CollectorName] = make(map[string]map[string]bool) + } + if a.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName] == nil { + a.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName] = make(map[string]bool) + } + a.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName][tg.Hash()] = true +} + +// handleCollectors receives the new and removed collectors and reconciles the current state. +// Any removals are removed from the allocator's collectors. New collectors are added to the allocator's collector map. +// Finally, update all targets' collector assignments. +func (a *allocator) handleCollectors(diff diff.Changes[*Collector]) { + // Clear removed collectors + for _, k := range diff.Removals() { + a.removeCollector(k) + } + // Insert the new collectors + for _, i := range diff.Additions() { + a.collectors[i.Name] = NewCollector(i.Name, i.NodeName) + } + + // Set collectors on the strategy + a.strategy.SetCollectors(a.collectors) + + // Re-Allocate all targets + assignmentErrors := []error{} + for _, item := range a.targetItems { + err := a.addTargetToTargetItems(item) + if err != nil { + assignmentErrors = append(assignmentErrors, err) + item.CollectorName = "" + } + } + // Check for unassigned targets + unassignedTargets := len(assignmentErrors) + if unassignedTargets > 0 { + err := errors.Join(assignmentErrors...) + a.log.Info("Could not assign targets for some jobs", "targets", unassignedTargets, "error", err) + TargetsUnassigned.Set(float64(unassignedTargets)) + } +} diff --git a/cmd/otel-allocator/allocation/allocator_test.go b/cmd/otel-allocator/allocation/allocator_test.go new file mode 100644 index 0000000000..55f2bb6dc6 --- /dev/null +++ b/cmd/otel-allocator/allocation/allocator_test.go @@ -0,0 +1,207 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package allocation + +import ( + "testing" + + "github.com/prometheus/common/model" + "github.com/stretchr/testify/assert" + + "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/target" +) + +func TestSetCollectors(t *testing.T) { + RunForAllStrategies(t, func(t *testing.T, allocator Allocator) { + cols := MakeNCollectors(3, 0) + allocator.SetCollectors(cols) + + expectedColLen := len(cols) + collectors := allocator.Collectors() + assert.Len(t, collectors, expectedColLen) + + for _, i := range cols { + assert.NotNil(t, collectors[i.Name]) + } + }) +} + +func TestSetTargets(t *testing.T) { + RunForAllStrategies(t, func(t *testing.T, allocator Allocator) { + targets := MakeNNewTargetsWithEmptyCollectors(3, 0) + allocator.SetTargets(targets) + + expectedTargetLen := len(targets) + actualTargets := allocator.TargetItems() + assert.Len(t, actualTargets, expectedTargetLen) + }) +} + +func TestCanSetSingleTarget(t *testing.T) { + RunForAllStrategies(t, func(t *testing.T, allocator Allocator) { + cols := MakeNCollectors(3, 0) + targets := MakeNNewTargetsWithEmptyCollectors(1, 3) + allocator.SetCollectors(cols) + allocator.SetTargets(targets) + actualTargetItems := allocator.TargetItems() + assert.Len(t, actualTargetItems, 1) + for _, item := range actualTargetItems { + assert.NotEmpty(t, item.CollectorName) + } + }) +} + +func TestCanSetTargetsBeforeCollectors(t *testing.T) { + RunForAllStrategies(t, func(t *testing.T, allocator Allocator) { + cols := MakeNCollectors(3, 0) + targets := MakeNNewTargetsWithEmptyCollectors(1, 3) + allocator.SetTargets(targets) + allocator.SetCollectors(cols) + actualTargetItems := allocator.TargetItems() + assert.Len(t, actualTargetItems, 1) + for _, item := range actualTargetItems { + assert.NotEmpty(t, item.CollectorName) + } + }) +} + +func TestAddingAndRemovingTargets(t *testing.T) { + RunForAllStrategies(t, func(t *testing.T, allocator Allocator) { + cols := MakeNCollectors(3, 0) + allocator.SetCollectors(cols) + + initTargets := MakeNNewTargets(6, 3, 0) + + // test that targets and collectors are added properly + allocator.SetTargets(initTargets) + + // verify + expectedTargetLen := len(initTargets) + assert.Len(t, allocator.TargetItems(), expectedTargetLen) + + // prepare second round of targets + tar := MakeNNewTargets(4, 3, 0) + + // test that fewer targets are found - removed + allocator.SetTargets(tar) + + // verify + targetItems := allocator.TargetItems() + expectedNewTargetLen := len(tar) + assert.Len(t, targetItems, expectedNewTargetLen) + + // verify results map + for _, i := range tar { + _, ok := targetItems[i.Hash()] + assert.True(t, ok) + } + }) +} + +func TestAddingAndRemovingCollectors(t *testing.T) { + RunForAllStrategies(t, func(t *testing.T, allocator Allocator) { + targets := MakeNNewTargetsWithEmptyCollectors(3, 0) + allocator.SetTargets(targets) + + collectors := MakeNCollectors(3, 0) + + // test that targets and collectors are added properly + allocator.SetCollectors(collectors) + + // verify + assert.Len(t, allocator.Collectors(), len(collectors)) + for _, tg := range allocator.TargetItems() { + if tg.CollectorName != "" { + assert.Contains(t, collectors, tg.CollectorName) + } + } + + // remove a collector + delete(collectors, "collector-0") + allocator.SetCollectors(collectors) + // verify + assert.Len(t, allocator.Collectors(), len(collectors)) + for _, tg := range allocator.TargetItems() { + if tg.CollectorName != "" { + assert.Contains(t, collectors, tg.CollectorName) + } + } + + // add two more collectors + collectors = MakeNCollectors(5, 0) + allocator.SetCollectors(collectors) + + // verify + assert.Len(t, allocator.Collectors(), len(collectors)) + for _, tg := range allocator.TargetItems() { + if tg.CollectorName != "" { + assert.Contains(t, collectors, tg.CollectorName) + } + } + + // remove all collectors + collectors = map[string]*Collector{} + allocator.SetCollectors(collectors) + + // verify + assert.Len(t, allocator.Collectors(), len(collectors)) + jobs := []string{} + for _, tg := range allocator.TargetItems() { + assert.Empty(t, tg.CollectorName) + jobs = append(jobs, tg.JobName) + } + for _, job := range jobs { + for collector := range collectors { + assert.Empty(t, allocator.GetTargetsForCollectorAndJob(collector, job)) + } + } + }) +} + +// Tests that two targets with the same target url and job name but different label set are both added. +func TestAllocationCollision(t *testing.T) { + RunForAllStrategies(t, func(t *testing.T, allocator Allocator) { + + cols := MakeNCollectors(3, 0) + allocator.SetCollectors(cols) + firstLabels := model.LabelSet{ + "test": "test1", + } + secondLabels := model.LabelSet{ + "test": "test2", + } + firstTarget := target.NewItem("sample-name", "0.0.0.0:8000", firstLabels, "") + secondTarget := target.NewItem("sample-name", "0.0.0.0:8000", secondLabels, "") + + targetList := map[string]*target.Item{ + firstTarget.Hash(): firstTarget, + secondTarget.Hash(): secondTarget, + } + + // test that targets and collectors are added properly + allocator.SetTargets(targetList) + + // verify + targetItems := allocator.TargetItems() + expectedTargetLen := len(targetList) + assert.Len(t, targetItems, expectedTargetLen) + + // verify results map + for _, i := range targetList { + _, ok := targetItems[i.Hash()] + assert.True(t, ok) + } + }) +} diff --git a/cmd/otel-allocator/allocation/consistent_hashing.go b/cmd/otel-allocator/allocation/consistent_hashing.go index f69a2f25d2..8ec07ba857 100644 --- a/cmd/otel-allocator/allocation/consistent_hashing.go +++ b/cmd/otel-allocator/allocation/consistent_hashing.go @@ -15,20 +15,15 @@ package allocation import ( + "fmt" "strings" - "sync" "github.com/buraksezer/consistent" "github.com/cespare/xxhash/v2" - "github.com/go-logr/logr" - "github.com/prometheus/client_golang/prometheus" - "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/diff" "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/target" ) -var _ Allocator = &consistentHashingAllocator{} - const consistentHashingStrategyName = "consistent-hashing" type hasher struct{} @@ -37,29 +32,14 @@ func (h hasher) Sum64(data []byte) uint64 { return xxhash.Sum64(data) } -type consistentHashingAllocator struct { - // m protects consistentHasher, collectors and targetItems for concurrent use. - m sync.RWMutex +var _ Strategy = &consistentHashingStrategy{} +type consistentHashingStrategy struct { + config consistent.Config consistentHasher *consistent.Consistent - - // collectors is a map from a Collector's name to a Collector instance - // collectorKey -> collector pointer - collectors map[string]*Collector - - // targetItems is a map from a target item's hash to the target items allocated state - // targetItem hash -> target item pointer - targetItems map[string]*target.Item - - // collectorKey -> job -> target item hash -> true - targetItemsPerJobPerCollector map[string]map[string]map[string]bool - - log logr.Logger - - filter Filter } -func newConsistentHashingAllocator(log logr.Logger, opts ...AllocationOption) Allocator { +func newConsistentHashingStrategy() Strategy { config := consistent.Config{ PartitionCount: 1061, ReplicationFactor: 5, @@ -67,228 +47,40 @@ func newConsistentHashingAllocator(log logr.Logger, opts ...AllocationOption) Al Hasher: hasher{}, } consistentHasher := consistent.New(nil, config) - chAllocator := &consistentHashingAllocator{ - consistentHasher: consistentHasher, - collectors: make(map[string]*Collector), - targetItems: make(map[string]*target.Item), - targetItemsPerJobPerCollector: make(map[string]map[string]map[string]bool), - log: log, + chStrategy := &consistentHashingStrategy{ + consistentHasher: consistentHasher, + config: config, } - for _, opt := range opts { - opt(chAllocator) - } - - return chAllocator -} - -// SetFilter sets the filtering hook to use. -func (c *consistentHashingAllocator) SetFilter(filter Filter) { - c.filter = filter + return chStrategy } -// addCollectorTargetItemMapping keeps track of which collector has which jobs and targets -// this allows the allocator to respond without any extra allocations to http calls. The caller of this method -// has to acquire a lock. -func (c *consistentHashingAllocator) addCollectorTargetItemMapping(tg *target.Item) { - if c.targetItemsPerJobPerCollector[tg.CollectorName] == nil { - c.targetItemsPerJobPerCollector[tg.CollectorName] = make(map[string]map[string]bool) - } - if c.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName] == nil { - c.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName] = make(map[string]bool) - } - c.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName][tg.Hash()] = true +func (s *consistentHashingStrategy) GetName() string { + return consistentHashingStrategyName } -// addTargetToTargetItems assigns a target to the collector based on its hash and adds it to the allocator's targetItems -// This method is called from within SetTargets and SetCollectors, which acquire the needed lock. -// This is only called after the collectors are cleared or when a new target has been found in the tempTargetMap. -// INVARIANT: c.collectors must have at least 1 collector set. -// NOTE: by not creating a new target item, there is the potential for a race condition where we modify this target -// item while it's being encoded by the server JSON handler. -func (c *consistentHashingAllocator) addTargetToTargetItems(tg *target.Item) { - // Check if this is a reassignment, if so, decrement the previous collector's NumTargets - if previousColName, ok := c.collectors[tg.CollectorName]; ok { - previousColName.NumTargets-- - delete(c.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName], tg.Hash()) - TargetsPerCollector.WithLabelValues(previousColName.String(), consistentHashingStrategyName).Set(float64(c.collectors[previousColName.String()].NumTargets)) +func (s *consistentHashingStrategy) GetCollectorForTarget(collectors map[string]*Collector, item *target.Item) (*Collector, error) { + hashKey := strings.Join(item.TargetURL, "") + member := s.consistentHasher.LocateKey([]byte(hashKey)) + collectorName := member.String() + collector, ok := collectors[collectorName] + if !ok { + return nil, fmt.Errorf("unknown collector %s", collectorName) } - colOwner := c.consistentHasher.LocateKey([]byte(strings.Join(tg.TargetURL, ""))) - tg.CollectorName = colOwner.String() - c.targetItems[tg.Hash()] = tg - c.addCollectorTargetItemMapping(tg) - c.collectors[colOwner.String()].NumTargets++ - TargetsPerCollector.WithLabelValues(colOwner.String(), consistentHashingStrategyName).Set(float64(c.collectors[colOwner.String()].NumTargets)) + return collector, nil } -// handleTargets receives the new and removed targets and reconciles the current state. -// Any removals are removed from the allocator's targetItems and unassigned from the corresponding collector. -// Any net-new additions are assigned to the next available collector. -func (c *consistentHashingAllocator) handleTargets(diff diff.Changes[*target.Item]) { - // Check for removals - for k, item := range c.targetItems { - // if the current item is in the removals list - if _, ok := diff.Removals()[k]; ok { - col := c.collectors[item.CollectorName] - col.NumTargets-- - delete(c.targetItems, k) - delete(c.targetItemsPerJobPerCollector[item.CollectorName][item.JobName], item.Hash()) - TargetsPerCollector.WithLabelValues(item.CollectorName, consistentHashingStrategyName).Set(float64(col.NumTargets)) - } - } +func (s *consistentHashingStrategy) SetCollectors(collectors map[string]*Collector) { + // we simply recreate the hasher with the new member set + // this isn't any more expensive than doing a diff and then applying the change + var members []consistent.Member - // Check for additions - for k, item := range diff.Additions() { - // Do nothing if the item is already there - if _, ok := c.targetItems[k]; ok { - continue - } else { - // Add item to item pool and assign a collector - c.addTargetToTargetItems(item) + if len(collectors) > 0 { + members = make([]consistent.Member, 0, len(collectors)) + for _, collector := range collectors { + members = append(members, collector) } } -} - -// handleCollectors receives the new and removed collectors and reconciles the current state. -// Any removals are removed from the allocator's collectors. New collectors are added to the allocator's collector map. -// Finally, update all targets' collectors to match the consistent hashing. -func (c *consistentHashingAllocator) handleCollectors(diff diff.Changes[*Collector]) { - // Clear removed collectors - for _, k := range diff.Removals() { - delete(c.collectors, k.Name) - delete(c.targetItemsPerJobPerCollector, k.Name) - c.consistentHasher.Remove(k.Name) - TargetsPerCollector.WithLabelValues(k.Name, consistentHashingStrategyName).Set(0) - } - // Insert the new collectors - for _, i := range diff.Additions() { - c.collectors[i.Name] = NewCollector(i.Name, i.NodeName) - c.consistentHasher.Add(c.collectors[i.Name]) - } - - // Re-Allocate all targets - for _, item := range c.targetItems { - c.addTargetToTargetItems(item) - } -} - -// SetTargets accepts a list of targets that will be used to make -// load balancing decisions. This method should be called when there are -// new targets discovered or existing targets are shutdown. -func (c *consistentHashingAllocator) SetTargets(targets map[string]*target.Item) { - timer := prometheus.NewTimer(TimeToAssign.WithLabelValues("SetTargets", consistentHashingStrategyName)) - defer timer.ObserveDuration() - - if c.filter != nil { - targets = c.filter.Apply(targets) - } - RecordTargetsKept(targets) - c.m.Lock() - defer c.m.Unlock() + s.consistentHasher = consistent.New(members, s.config) - if len(c.collectors) == 0 { - c.log.Info("No collector instances present, saving targets to allocate to collector(s)") - // If there were no targets discovered previously, assign this as the new set of target items - if len(c.targetItems) == 0 { - c.log.Info("Not discovered any targets previously, saving targets found to the targetItems set") - for k, item := range targets { - c.targetItems[k] = item - } - } else { - // If there were previously discovered targets, add or remove accordingly - targetsDiffEmptyCollectorSet := diff.Maps(c.targetItems, targets) - - // Check for additions - if len(targetsDiffEmptyCollectorSet.Additions()) > 0 { - c.log.Info("New targets discovered, adding new targets to the targetItems set") - for k, item := range targetsDiffEmptyCollectorSet.Additions() { - // Do nothing if the item is already there - if _, ok := c.targetItems[k]; ok { - continue - } else { - // Add item to item pool - c.targetItems[k] = item - } - } - } - - // Check for deletions - if len(targetsDiffEmptyCollectorSet.Removals()) > 0 { - c.log.Info("Targets removed, Removing targets from the targetItems set") - for k := range targetsDiffEmptyCollectorSet.Removals() { - // Delete item from target items - delete(c.targetItems, k) - } - } - } - return - } - // Check for target changes - targetsDiff := diff.Maps(c.targetItems, targets) - // If there are any additions or removals - if len(targetsDiff.Additions()) != 0 || len(targetsDiff.Removals()) != 0 { - c.handleTargets(targetsDiff) - } -} - -// SetCollectors sets the set of collectors with key=collectorName, value=Collector object. -// This method is called when Collectors are added or removed. -func (c *consistentHashingAllocator) SetCollectors(collectors map[string]*Collector) { - timer := prometheus.NewTimer(TimeToAssign.WithLabelValues("SetCollectors", consistentHashingStrategyName)) - defer timer.ObserveDuration() - - CollectorsAllocatable.WithLabelValues(consistentHashingStrategyName).Set(float64(len(collectors))) - if len(collectors) == 0 { - c.log.Info("No collector instances present") - return - } - - c.m.Lock() - defer c.m.Unlock() - - // Check for collector changes - collectorsDiff := diff.Maps(c.collectors, collectors) - if len(collectorsDiff.Additions()) != 0 || len(collectorsDiff.Removals()) != 0 { - c.handleCollectors(collectorsDiff) - } -} - -func (c *consistentHashingAllocator) GetTargetsForCollectorAndJob(collector string, job string) []*target.Item { - c.m.RLock() - defer c.m.RUnlock() - if _, ok := c.targetItemsPerJobPerCollector[collector]; !ok { - return []*target.Item{} - } - if _, ok := c.targetItemsPerJobPerCollector[collector][job]; !ok { - return []*target.Item{} - } - targetItemsCopy := make([]*target.Item, len(c.targetItemsPerJobPerCollector[collector][job])) - index := 0 - for targetHash := range c.targetItemsPerJobPerCollector[collector][job] { - targetItemsCopy[index] = c.targetItems[targetHash] - index++ - } - return targetItemsCopy -} - -// TargetItems returns a shallow copy of the targetItems map. -func (c *consistentHashingAllocator) TargetItems() map[string]*target.Item { - c.m.RLock() - defer c.m.RUnlock() - targetItemsCopy := make(map[string]*target.Item) - for k, v := range c.targetItems { - targetItemsCopy[k] = v - } - return targetItemsCopy -} - -// Collectors returns a shallow copy of the collectors map. -func (c *consistentHashingAllocator) Collectors() map[string]*Collector { - c.m.RLock() - defer c.m.RUnlock() - collectorsCopy := make(map[string]*Collector) - for k, v := range c.collectors { - collectorsCopy[k] = v - } - return collectorsCopy } diff --git a/cmd/otel-allocator/allocation/consistent_hashing_test.go b/cmd/otel-allocator/allocation/consistent_hashing_test.go index bbd4295202..206497ebd2 100644 --- a/cmd/otel-allocator/allocation/consistent_hashing_test.go +++ b/cmd/otel-allocator/allocation/consistent_hashing_test.go @@ -20,25 +20,13 @@ import ( "github.com/stretchr/testify/assert" ) -func TestCanSetSingleTarget(t *testing.T) { - cols := MakeNCollectors(3, 0) - c := newConsistentHashingAllocator(logger) - c.SetCollectors(cols) - c.SetTargets(MakeNNewTargets(1, 3, 0)) - actualTargetItems := c.TargetItems() - assert.Len(t, actualTargetItems, 1) - for _, item := range actualTargetItems { - assert.Equal(t, "collector-0", item.CollectorName) - } -} - func TestRelativelyEvenDistribution(t *testing.T) { numCols := 15 numItems := 10000 cols := MakeNCollectors(numCols, 0) var expectedPerCollector = float64(numItems / numCols) expectedDelta := (expectedPerCollector * 1.5) - expectedPerCollector - c := newConsistentHashingAllocator(logger) + c, _ := New("consistent-hashing", logger) c.SetCollectors(cols) c.SetTargets(MakeNNewTargets(numItems, 0, 0)) actualTargetItems := c.TargetItems() @@ -52,7 +40,7 @@ func TestRelativelyEvenDistribution(t *testing.T) { func TestFullReallocation(t *testing.T) { cols := MakeNCollectors(10, 0) - c := newConsistentHashingAllocator(logger) + c, _ := New("consistent-hashing", logger) c.SetCollectors(cols) c.SetTargets(MakeNNewTargets(10000, 10, 0)) actualTargetItems := c.TargetItems() @@ -77,7 +65,7 @@ func TestNumRemapped(t *testing.T) { numFinalCols := 16 expectedDelta := float64((numFinalCols - numInitialCols) * (numItems / numFinalCols)) cols := MakeNCollectors(numInitialCols, 0) - c := newConsistentHashingAllocator(logger) + c, _ := New("consistent-hashing", logger) c.SetCollectors(cols) c.SetTargets(MakeNNewTargets(numItems, numInitialCols, 0)) actualTargetItems := c.TargetItems() @@ -106,7 +94,7 @@ func TestNumRemapped(t *testing.T) { func TestTargetsWithNoCollectorsConsistentHashing(t *testing.T) { - c := newConsistentHashingAllocator(logger) + c, _ := New("consistent-hashing", logger) // Adding 10 new targets numItems := 10 diff --git a/cmd/otel-allocator/allocation/least_weighted.go b/cmd/otel-allocator/allocation/least_weighted.go index 55a9551efd..caa2febbd9 100644 --- a/cmd/otel-allocator/allocation/least_weighted.go +++ b/cmd/otel-allocator/allocation/least_weighted.go @@ -15,98 +15,34 @@ package allocation import ( - "sync" - - "github.com/go-logr/logr" - "github.com/prometheus/client_golang/prometheus" - - "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/diff" "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/target" ) -var _ Allocator = &leastWeightedAllocator{} - const leastWeightedStrategyName = "least-weighted" -/* - Target Allocator will serve on an HTTP server exposing /jobs//targets - The targets are allocated using the least connection method - Target Allocator will need information about the collectors in order to set the URLs - Keep a Map of what each collector currently holds and update it based on new scrape target updates -*/ - -// leastWeightedAllocator makes decisions to distribute work among -// a number of OpenTelemetry collectors based on the number of targets. -// Users need to call SetTargets when they have new targets in their -// clusters and call SetCollectors when the collectors have changed. -type leastWeightedAllocator struct { - // m protects collectors and targetItems for concurrent use. - m sync.RWMutex - // collectors is a map from a Collector's name to a Collector instance - collectors map[string]*Collector - // targetItems is a map from a target item's hash to the target items allocated state - targetItems map[string]*target.Item - - // collectorKey -> job -> target item hash -> true - targetItemsPerJobPerCollector map[string]map[string]map[string]bool - - log logr.Logger - - filter Filter -} +var _ Strategy = &leastWeightedStrategy{} -// SetFilter sets the filtering hook to use. -func (allocator *leastWeightedAllocator) SetFilter(filter Filter) { - allocator.filter = filter -} +type leastWeightedStrategy struct{} -func (allocator *leastWeightedAllocator) GetTargetsForCollectorAndJob(collector string, job string) []*target.Item { - allocator.m.RLock() - defer allocator.m.RUnlock() - if _, ok := allocator.targetItemsPerJobPerCollector[collector]; !ok { - return []*target.Item{} - } - if _, ok := allocator.targetItemsPerJobPerCollector[collector][job]; !ok { - return []*target.Item{} - } - targetItemsCopy := make([]*target.Item, len(allocator.targetItemsPerJobPerCollector[collector][job])) - index := 0 - for targetHash := range allocator.targetItemsPerJobPerCollector[collector][job] { - targetItemsCopy[index] = allocator.targetItems[targetHash] - index++ - } - return targetItemsCopy +func newleastWeightedStrategy() Strategy { + return &leastWeightedStrategy{} } -// TargetItems returns a shallow copy of the targetItems map. -func (allocator *leastWeightedAllocator) TargetItems() map[string]*target.Item { - allocator.m.RLock() - defer allocator.m.RUnlock() - targetItemsCopy := make(map[string]*target.Item) - for k, v := range allocator.targetItems { - targetItemsCopy[k] = v - } - return targetItemsCopy +func (s *leastWeightedStrategy) GetName() string { + return leastWeightedStrategyName } -// Collectors returns a shallow copy of the collectors map. -func (allocator *leastWeightedAllocator) Collectors() map[string]*Collector { - allocator.m.RLock() - defer allocator.m.RUnlock() - collectorsCopy := make(map[string]*Collector) - for k, v := range allocator.collectors { - collectorsCopy[k] = v +func (s *leastWeightedStrategy) GetCollectorForTarget(collectors map[string]*Collector, item *target.Item) (*Collector, error) { + // if a collector is already assigned, do nothing + // TODO: track this in a separate map + if item.CollectorName != "" { + if col, ok := collectors[item.CollectorName]; ok { + return col, nil + } } - return collectorsCopy -} -// findNextCollector finds the next collector with fewer number of targets. -// This method is called from within SetTargets and SetCollectors, whose caller -// acquires the needed lock. This method assumes there are is at least 1 collector set. -// INVARIANT: allocator.collectors must have at least 1 collector set. -func (allocator *leastWeightedAllocator) findNextCollector() *Collector { var col *Collector - for _, v := range allocator.collectors { + for _, v := range collectors { // If the initial collector is empty, set the initial collector to the first element of map if col == nil { col = v @@ -114,192 +50,7 @@ func (allocator *leastWeightedAllocator) findNextCollector() *Collector { col = v } } - return col -} - -// addCollectorTargetItemMapping keeps track of which collector has which jobs and targets -// this allows the allocator to respond without any extra allocations to http calls. The caller of this method -// has to acquire a lock. -func (allocator *leastWeightedAllocator) addCollectorTargetItemMapping(tg *target.Item) { - if allocator.targetItemsPerJobPerCollector[tg.CollectorName] == nil { - allocator.targetItemsPerJobPerCollector[tg.CollectorName] = make(map[string]map[string]bool) - } - if allocator.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName] == nil { - allocator.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName] = make(map[string]bool) - } - allocator.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName][tg.Hash()] = true -} - -// addTargetToTargetItems assigns a target to the next available collector and adds it to the allocator's targetItems -// This method is called from within SetTargets and SetCollectors, which acquire the needed lock. -// This is only called after the collectors are cleared or when a new target has been found in the tempTargetMap. -// INVARIANT: allocator.collectors must have at least 1 collector set. -// NOTE: by not creating a new target item, there is the potential for a race condition where we modify this target -// item while it's being encoded by the server JSON handler. -func (allocator *leastWeightedAllocator) addTargetToTargetItems(tg *target.Item) { - chosenCollector := allocator.findNextCollector() - tg.CollectorName = chosenCollector.Name - allocator.targetItems[tg.Hash()] = tg - allocator.addCollectorTargetItemMapping(tg) - chosenCollector.NumTargets++ - TargetsPerCollector.WithLabelValues(chosenCollector.Name, leastWeightedStrategyName).Set(float64(chosenCollector.NumTargets)) -} - -// handleTargets receives the new and removed targets and reconciles the current state. -// Any removals are removed from the allocator's targetItems and unassigned from the corresponding collector. -// Any net-new additions are assigned to the next available collector. -func (allocator *leastWeightedAllocator) handleTargets(diff diff.Changes[*target.Item]) { - // Check for removals - for k, item := range allocator.targetItems { - // if the current item is in the removals list - if _, ok := diff.Removals()[k]; ok { - c := allocator.collectors[item.CollectorName] - c.NumTargets-- - delete(allocator.targetItems, k) - delete(allocator.targetItemsPerJobPerCollector[item.CollectorName][item.JobName], item.Hash()) - TargetsPerCollector.WithLabelValues(item.CollectorName, leastWeightedStrategyName).Set(float64(c.NumTargets)) - } - } - - // Check for additions - for k, item := range diff.Additions() { - // Do nothing if the item is already there - if _, ok := allocator.targetItems[k]; ok { - continue - } else { - // Add item to item pool and assign a collector - allocator.addTargetToTargetItems(item) - } - } -} - -// handleCollectors receives the new and removed collectors and reconciles the current state. -// Any removals are removed from the allocator's collectors. New collectors are added to the allocator's collector map. -// Finally, any targets of removed collectors are reallocated to the next available collector. -func (allocator *leastWeightedAllocator) handleCollectors(diff diff.Changes[*Collector]) { - // Clear removed collectors - for _, k := range diff.Removals() { - delete(allocator.collectors, k.Name) - delete(allocator.targetItemsPerJobPerCollector, k.Name) - TargetsPerCollector.WithLabelValues(k.Name, leastWeightedStrategyName).Set(0) - } - - // If previously there were no collector instances present, allocate the previous set of saved targets to the new collectors - allocateTargets := false - if len(allocator.collectors) == 0 && len(allocator.targetItems) > 0 { - allocateTargets = true - } - // Insert the new collectors - for _, i := range diff.Additions() { - allocator.collectors[i.Name] = NewCollector(i.Name, i.NodeName) - } - if allocateTargets { - for _, item := range allocator.targetItems { - allocator.addTargetToTargetItems(item) - } - } - - // Re-Allocate targets of the removed collectors - for _, item := range allocator.targetItems { - if _, ok := diff.Removals()[item.CollectorName]; ok { - allocator.addTargetToTargetItems(item) - } - } + return col, nil } -// SetTargets accepts a list of targets that will be used to make -// load balancing decisions. This method should be called when there are -// new targets discovered or existing targets are shutdown. -func (allocator *leastWeightedAllocator) SetTargets(targets map[string]*target.Item) { - timer := prometheus.NewTimer(TimeToAssign.WithLabelValues("SetTargets", leastWeightedStrategyName)) - defer timer.ObserveDuration() - - if allocator.filter != nil { - targets = allocator.filter.Apply(targets) - } - RecordTargetsKept(targets) - - allocator.m.Lock() - defer allocator.m.Unlock() - - if len(allocator.collectors) == 0 { - allocator.log.Info("No collector instances present, saving targets to allocate to collector(s)") - // If there were no targets discovered previously, assign this as the new set of target items - if len(allocator.targetItems) == 0 { - allocator.log.Info("Not discovered any targets previously, saving targets found to the targetItems set") - for k, item := range targets { - allocator.targetItems[k] = item - } - } else { - // If there were previously discovered targets, add or remove accordingly - targetsDiffEmptyCollectorSet := diff.Maps(allocator.targetItems, targets) - - // Check for additions - if len(targetsDiffEmptyCollectorSet.Additions()) > 0 { - allocator.log.Info("New targets discovered, adding new targets to the targetItems set") - for k, item := range targetsDiffEmptyCollectorSet.Additions() { - // Do nothing if the item is already there - if _, ok := allocator.targetItems[k]; ok { - continue - } else { - // Add item to item pool - allocator.targetItems[k] = item - } - } - } - - // Check for deletions - if len(targetsDiffEmptyCollectorSet.Removals()) > 0 { - allocator.log.Info("Targets removed, Removing targets from the targetItems set") - for k := range targetsDiffEmptyCollectorSet.Removals() { - // Delete item from target items - delete(allocator.targetItems, k) - } - } - } - return - } - // Check for target changes - targetsDiff := diff.Maps(allocator.targetItems, targets) - // If there are any additions or removals - if len(targetsDiff.Additions()) != 0 || len(targetsDiff.Removals()) != 0 { - allocator.handleTargets(targetsDiff) - } -} - -// SetCollectors sets the set of collectors with key=collectorName, value=Collector object. -// This method is called when Collectors are added or removed. -func (allocator *leastWeightedAllocator) SetCollectors(collectors map[string]*Collector) { - timer := prometheus.NewTimer(TimeToAssign.WithLabelValues("SetCollectors", leastWeightedStrategyName)) - defer timer.ObserveDuration() - - CollectorsAllocatable.WithLabelValues(leastWeightedStrategyName).Set(float64(len(collectors))) - if len(collectors) == 0 { - allocator.log.Info("No collector instances present") - return - } - - allocator.m.Lock() - defer allocator.m.Unlock() - - // Check for collector changes - collectorsDiff := diff.Maps(allocator.collectors, collectors) - if len(collectorsDiff.Additions()) != 0 || len(collectorsDiff.Removals()) != 0 { - allocator.handleCollectors(collectorsDiff) - } -} - -func newLeastWeightedAllocator(log logr.Logger, opts ...AllocationOption) Allocator { - lwAllocator := &leastWeightedAllocator{ - log: log, - collectors: make(map[string]*Collector), - targetItems: make(map[string]*target.Item), - targetItemsPerJobPerCollector: make(map[string]map[string]map[string]bool), - } - - for _, opt := range opts { - opt(lwAllocator) - } - - return lwAllocator -} +func (s *leastWeightedStrategy) SetCollectors(_ map[string]*Collector) {} diff --git a/cmd/otel-allocator/allocation/least_weighted_test.go b/cmd/otel-allocator/allocation/least_weighted_test.go index 0fa91953af..27a149ad33 100644 --- a/cmd/otel-allocator/allocation/least_weighted_test.go +++ b/cmd/otel-allocator/allocation/least_weighted_test.go @@ -20,100 +20,12 @@ import ( "math/rand" "testing" - "github.com/prometheus/common/model" "github.com/stretchr/testify/assert" logf "sigs.k8s.io/controller-runtime/pkg/log" - - "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/target" ) var logger = logf.Log.WithName("unit-tests") -func TestSetCollectors(t *testing.T) { - s, _ := New("least-weighted", logger) - - cols := MakeNCollectors(3, 0) - s.SetCollectors(cols) - - expectedColLen := len(cols) - collectors := s.Collectors() - assert.Len(t, collectors, expectedColLen) - - for _, i := range cols { - assert.NotNil(t, collectors[i.Name]) - } -} - -func TestAddingAndRemovingTargets(t *testing.T) { - // prepare allocator with initial targets and collectors - s, _ := New("least-weighted", logger) - - cols := MakeNCollectors(3, 0) - s.SetCollectors(cols) - - initTargets := MakeNNewTargets(6, 3, 0) - - // test that targets and collectors are added properly - s.SetTargets(initTargets) - - // verify - expectedTargetLen := len(initTargets) - assert.Len(t, s.TargetItems(), expectedTargetLen) - - // prepare second round of targets - tar := MakeNNewTargets(4, 3, 0) - - // test that fewer targets are found - removed - s.SetTargets(tar) - - // verify - targetItems := s.TargetItems() - expectedNewTargetLen := len(tar) - assert.Len(t, targetItems, expectedNewTargetLen) - - // verify results map - for _, i := range tar { - _, ok := targetItems[i.Hash()] - assert.True(t, ok) - } -} - -// Tests that two targets with the same target url and job name but different label set are both added. -func TestAllocationCollision(t *testing.T) { - // prepare allocator with initial targets and collectors - s, _ := New("least-weighted", logger) - - cols := MakeNCollectors(3, 0) - s.SetCollectors(cols) - firstLabels := model.LabelSet{ - "test": "test1", - } - secondLabels := model.LabelSet{ - "test": "test2", - } - firstTarget := target.NewItem("sample-name", "0.0.0.0:8000", firstLabels, "") - secondTarget := target.NewItem("sample-name", "0.0.0.0:8000", secondLabels, "") - - targetList := map[string]*target.Item{ - firstTarget.Hash(): firstTarget, - secondTarget.Hash(): secondTarget, - } - - // test that targets and collectors are added properly - s.SetTargets(targetList) - - // verify - targetItems := s.TargetItems() - expectedTargetLen := len(targetList) - assert.Len(t, targetItems, expectedTargetLen) - - // verify results map - for _, i := range targetList { - _, ok := targetItems[i.Hash()] - assert.True(t, ok) - } -} - func TestNoCollectorReassignment(t *testing.T) { s, _ := New("least-weighted", logger) @@ -192,7 +104,7 @@ func TestNoAssignmentToNewCollector(t *testing.T) { // new collector should have no targets newCollector := s.Collectors()[newColName] - assert.Equal(t, newCollector.NumTargets, 0) + assert.Equal(t, 0, newCollector.NumTargets) } // Tests that the delta in number of targets per collector is less than 15% of an even distribution. diff --git a/cmd/otel-allocator/allocation/per_node.go b/cmd/otel-allocator/allocation/per_node.go index dff1b218c3..a5e2bfa3f8 100644 --- a/cmd/otel-allocator/allocation/per_node.go +++ b/cmd/otel-allocator/allocation/per_node.go @@ -15,228 +15,43 @@ package allocation import ( - "sync" + "fmt" - "github.com/go-logr/logr" - "github.com/prometheus/client_golang/prometheus" - - "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/diff" "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/target" ) -var _ Allocator = &perNodeAllocator{} - const perNodeStrategyName = "per-node" -// perNodeAllocator makes decisions to distribute work among -// a number of OpenTelemetry collectors based on the node on which -// the collector is running. This allocator should be used only when -// collectors are running as daemon set (agent) on each node. -// Users need to call SetTargets when they have new targets in their -// clusters and call SetCollectors when the collectors have changed. -type perNodeAllocator struct { - // m protects collectors and targetItems for concurrent use. - m sync.RWMutex - // collectors is a map from a Collector's node name to a Collector instance - collectors map[string]*Collector - // targetItems is a map from a target item's hash to the target items allocated state - targetItems map[string]*target.Item - - // collectorKey -> job -> target item hash -> true - targetItemsPerJobPerCollector map[string]map[string]map[string]bool - - log logr.Logger - - filter Filter -} - -// SetCollectors sets the set of collectors with key=collectorName, value=Collector object. -// This method is called when Collectors are added or removed. -func (allocator *perNodeAllocator) SetCollectors(collectors map[string]*Collector) { - timer := prometheus.NewTimer(TimeToAssign.WithLabelValues("SetCollectors", perNodeStrategyName)) - defer timer.ObserveDuration() - - CollectorsAllocatable.WithLabelValues(perNodeStrategyName).Set(float64(len(collectors))) - if len(collectors) == 0 { - allocator.log.Info("No collector instances present") - return - } - - allocator.m.Lock() - defer allocator.m.Unlock() - - // Check for collector changes - collectorsDiff := diff.Maps(allocator.collectors, collectors) - if len(collectorsDiff.Additions()) != 0 || len(collectorsDiff.Removals()) != 0 { - for _, k := range allocator.collectors { - delete(allocator.collectors, k.NodeName) - delete(allocator.targetItemsPerJobPerCollector, k.Name) - TargetsPerCollector.WithLabelValues(k.Name, perNodeStrategyName).Set(0) - } - - for _, k := range collectors { - allocator.collectors[k.NodeName] = NewCollector(k.Name, k.NodeName) - } +var _ Strategy = &perNodeStrategy{} - // Re-allocate any already existing targets. - for _, item := range allocator.targetItems { - allocator.addTargetToTargetItems(item) - } - } +type perNodeStrategy struct { + collectorByNode map[string]*Collector } -// SetTargets accepts a list of targets that will be used to make -// load balancing decisions. This method should be called when there are -// new targets discovered or existing targets are shutdown. -func (allocator *perNodeAllocator) SetTargets(targets map[string]*target.Item) { - timer := prometheus.NewTimer(TimeToAssign.WithLabelValues("SetTargets", perNodeStrategyName)) - defer timer.ObserveDuration() - - if allocator.filter != nil { - targets = allocator.filter.Apply(targets) - } - RecordTargetsKept(targets) - - allocator.m.Lock() - defer allocator.m.Unlock() - - // Check for target changes - targetsDiff := diff.Maps(allocator.targetItems, targets) - // If there are any additions or removals - if len(targetsDiff.Additions()) != 0 || len(targetsDiff.Removals()) != 0 { - allocator.handleTargets(targetsDiff) +func newPerNodeStrategy() Strategy { + return &perNodeStrategy{ + collectorByNode: make(map[string]*Collector), } } -// handleTargets receives the new and removed targets and reconciles the current state. -// Any removals are removed from the allocator's targetItems and unassigned from the corresponding collector. -// Any net-new additions are assigned to the collector on the same node as the target. -func (allocator *perNodeAllocator) handleTargets(diff diff.Changes[*target.Item]) { - // Check for removals - for k, item := range allocator.targetItems { - // if the current item is in the removals list - if _, ok := diff.Removals()[k]; ok { - c, ok := allocator.collectors[item.GetNodeName()] - if ok { - c.NumTargets-- - TargetsPerCollector.WithLabelValues(item.CollectorName, perNodeStrategyName).Set(float64(c.NumTargets)) - } - delete(allocator.targetItems, k) - delete(allocator.targetItemsPerJobPerCollector[item.CollectorName][item.JobName], item.Hash()) - } - } - - // Check for additions - var unassignedTargets int - for k, item := range diff.Additions() { - // Do nothing if the item is already there - if _, ok := allocator.targetItems[k]; ok { - continue - } else { - // Add item to item pool and assign a collector - collectorAssigned := allocator.addTargetToTargetItems(item) - if !collectorAssigned { - unassignedTargets++ - } - } - } - - // Check for unassigned targets - if unassignedTargets > 0 { - allocator.log.Info("Could not assign targets for some jobs due to missing node labels", "targets", unassignedTargets) - TargetsUnassigned.Set(float64(unassignedTargets)) - } +func (s *perNodeStrategy) GetName() string { + return perNodeStrategyName } -// addTargetToTargetItems assigns a target to the collector and adds it to the allocator's targetItems -// This method is called from within SetTargets and SetCollectors, which acquire the needed lock. -// This is only called after the collectors are cleared or when a new target has been found in the tempTargetMap. -// Also, any targets that cannot be assigned to a collector, due to no matching node name, will remain unassigned. These -// targets are still "silently" added to the targetItems map, to make sure they exist if collector for a node is added -// later and to prevent them from being reported as unassigned on each new target items setting. -func (allocator *perNodeAllocator) addTargetToTargetItems(tg *target.Item) bool { - allocator.targetItems[tg.Hash()] = tg - chosenCollector, ok := allocator.collectors[tg.GetNodeName()] +func (s *perNodeStrategy) GetCollectorForTarget(collectors map[string]*Collector, item *target.Item) (*Collector, error) { + targetNodeName := item.GetNodeName() + collector, ok := s.collectorByNode[targetNodeName] if !ok { - allocator.log.V(2).Info("Couldn't find a collector for the target item", "item", tg, "collectors", allocator.collectors) - return false - } - tg.CollectorName = chosenCollector.Name - allocator.addCollectorTargetItemMapping(tg) - chosenCollector.NumTargets++ - TargetsPerCollector.WithLabelValues(chosenCollector.Name, perNodeStrategyName).Set(float64(chosenCollector.NumTargets)) - return true -} - -// addCollectorTargetItemMapping keeps track of which collector has which jobs and targets -// this allows the allocator to respond without any extra allocations to http calls. The caller of this method -// has to acquire a lock. -func (allocator *perNodeAllocator) addCollectorTargetItemMapping(tg *target.Item) { - if allocator.targetItemsPerJobPerCollector[tg.CollectorName] == nil { - allocator.targetItemsPerJobPerCollector[tg.CollectorName] = make(map[string]map[string]bool) - } - if allocator.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName] == nil { - allocator.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName] = make(map[string]bool) - } - allocator.targetItemsPerJobPerCollector[tg.CollectorName][tg.JobName][tg.Hash()] = true -} - -// TargetItems returns a shallow copy of the targetItems map. -func (allocator *perNodeAllocator) TargetItems() map[string]*target.Item { - allocator.m.RLock() - defer allocator.m.RUnlock() - targetItemsCopy := make(map[string]*target.Item) - for k, v := range allocator.targetItems { - targetItemsCopy[k] = v - } - return targetItemsCopy -} - -// Collectors returns a shallow copy of the collectors map. -func (allocator *perNodeAllocator) Collectors() map[string]*Collector { - allocator.m.RLock() - defer allocator.m.RUnlock() - collectorsCopy := make(map[string]*Collector) - for k, v := range allocator.collectors { - collectorsCopy[k] = v - } - return collectorsCopy -} - -func (allocator *perNodeAllocator) GetTargetsForCollectorAndJob(collector string, job string) []*target.Item { - allocator.m.RLock() - defer allocator.m.RUnlock() - if _, ok := allocator.targetItemsPerJobPerCollector[collector]; !ok { - return []*target.Item{} - } - if _, ok := allocator.targetItemsPerJobPerCollector[collector][job]; !ok { - return []*target.Item{} - } - targetItemsCopy := make([]*target.Item, len(allocator.targetItemsPerJobPerCollector[collector][job])) - index := 0 - for targetHash := range allocator.targetItemsPerJobPerCollector[collector][job] { - targetItemsCopy[index] = allocator.targetItems[targetHash] - index++ + return nil, fmt.Errorf("could not find collector for node %s", targetNodeName) } - return targetItemsCopy + return collectors[collector.Name], nil } -// SetFilter sets the filtering hook to use. -func (allocator *perNodeAllocator) SetFilter(filter Filter) { - allocator.filter = filter -} - -func newPerNodeAllocator(log logr.Logger, opts ...AllocationOption) Allocator { - pnAllocator := &perNodeAllocator{ - log: log, - collectors: make(map[string]*Collector), - targetItems: make(map[string]*target.Item), - targetItemsPerJobPerCollector: make(map[string]map[string]map[string]bool), - } - - for _, opt := range opts { - opt(pnAllocator) +func (s *perNodeStrategy) SetCollectors(collectors map[string]*Collector) { + clear(s.collectorByNode) + for _, collector := range collectors { + if collector.NodeName != "" { + s.collectorByNode[collector.NodeName] = collector + } } - - return pnAllocator } diff --git a/cmd/otel-allocator/allocation/per_node_test.go b/cmd/otel-allocator/allocation/per_node_test.go index 047e16dc6d..d853574a11 100644 --- a/cmd/otel-allocator/allocation/per_node_test.go +++ b/cmd/otel-allocator/allocation/per_node_test.go @@ -128,7 +128,7 @@ func TestTargetsWithNoCollectorsPerNode(t *testing.T) { assert.Len(t, actualCollectors, numCols) // Based on lable all targets should be assigned to node-0 for name, ac := range actualCollectors { - if name == "node-0" { + if name == "collector-0" { assert.Equal(t, 6, ac.NumTargets) } else { assert.Equal(t, 0, ac.NumTargets) diff --git a/cmd/otel-allocator/allocation/strategy.go b/cmd/otel-allocator/allocation/strategy.go index b61313bd1f..29ae7fd99a 100644 --- a/cmd/otel-allocator/allocation/strategy.go +++ b/cmd/otel-allocator/allocation/strategy.go @@ -103,6 +103,15 @@ type Allocator interface { SetFilter(filter Filter) } +type Strategy interface { + GetCollectorForTarget(map[string]*Collector, *target.Item) (*Collector, error) + // SetCollectors exists for strategies where changing the collector set is potentially an expensive operation. + // The caller must guarantee that the collectors map passed in GetCollectorForTarget is consistent with the latest + // SetCollectors call. Strategies which don't need this information can just ignore it. + SetCollectors(map[string]*Collector) + GetName() string +} + var _ consistent.Member = Collector{} // Collector Creates a struct that holds Collector information. @@ -127,15 +136,21 @@ func NewCollector(name, node string) *Collector { } func init() { - err := Register(leastWeightedStrategyName, newLeastWeightedAllocator) + err := Register(leastWeightedStrategyName, func(log logr.Logger, opts ...AllocationOption) Allocator { + return newAllocator(log, newleastWeightedStrategy(), opts...) + }) if err != nil { panic(err) } - err = Register(consistentHashingStrategyName, newConsistentHashingAllocator) + err = Register(consistentHashingStrategyName, func(log logr.Logger, opts ...AllocationOption) Allocator { + return newAllocator(log, newConsistentHashingStrategy(), opts...) + }) if err != nil { panic(err) } - err = Register(perNodeStrategyName, newPerNodeAllocator) + err = Register(perNodeStrategyName, func(log logr.Logger, opts ...AllocationOption) Allocator { + return newAllocator(log, newPerNodeStrategy(), opts...) + }) if err != nil { panic(err) } diff --git a/cmd/otel-allocator/allocation/allocatortest.go b/cmd/otel-allocator/allocation/testutils.go similarity index 80% rename from cmd/otel-allocator/allocation/allocatortest.go rename to cmd/otel-allocator/allocation/testutils.go index c47f5976ce..054e9e0205 100644 --- a/cmd/otel-allocator/allocation/allocatortest.go +++ b/cmd/otel-allocator/allocation/testutils.go @@ -12,13 +12,18 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Note: These utilities are used by other packages, which is why they're defined in a non-test file. + package allocation import ( "fmt" "strconv" + "testing" "github.com/prometheus/common/model" + "github.com/stretchr/testify/require" + logf "sigs.k8s.io/controller-runtime/pkg/log" "github.com/open-telemetry/opentelemetry-operator/cmd/otel-allocator/target" ) @@ -70,3 +75,15 @@ func MakeNNewTargetsWithEmptyCollectors(n int, startingIndex int) map[string]*ta } return toReturn } + +func RunForAllStrategies(t *testing.T, f func(t *testing.T, allocator Allocator)) { + allocatorNames := GetRegisteredAllocatorNames() + logger := logf.Log.WithName("unit-tests") + for _, allocatorName := range allocatorNames { + t.Run(allocatorName, func(t *testing.T) { + allocator, err := New(allocatorName, logger) + require.NoError(t, err) + f(t, allocator) + }) + } +} From d1126a22a7d22420b4a5bfbdf660904c08aa7f59 Mon Sep 17 00:00:00 2001 From: Jacob Aronoff Date: Mon, 20 May 2024 12:54:34 -0700 Subject: [PATCH 17/88] Bring back webhook port (#2973) * add back webhook port * chlog --- .chloggen/bring-back-wh-port.yaml | 16 ++++++++++++++++ main.go | 1 + 2 files changed, 17 insertions(+) create mode 100755 .chloggen/bring-back-wh-port.yaml diff --git a/.chloggen/bring-back-wh-port.yaml b/.chloggen/bring-back-wh-port.yaml new file mode 100755 index 0000000000..6232fdd2a8 --- /dev/null +++ b/.chloggen/bring-back-wh-port.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: bug_fix + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: operator + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Fixes an issue where the user can no longer set the webhook port + +# One or more tracking issues related to the change +issues: [2923] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: diff --git a/main.go b/main.go index 9175c9ff36..611fa2cb0c 100644 --- a/main.go +++ b/main.go @@ -174,6 +174,7 @@ func main() { pflag.StringVar(&encodeLevelKey, "zap-level-key", "level", "The level key to be used in the customized Log Encoder") pflag.StringVar(&encodeTimeKey, "zap-time-key", "timestamp", "The time key to be used in the customized Log Encoder") pflag.StringVar(&encodeLevelFormat, "zap-level-format", "uppercase", "The level format to be used in the customized Log Encoder") + pflag.IntVar(&webhookPort, "webhook-port", 9443, "The port the webhook endpoint binds to.") pflag.Parse() opts.EncoderConfigOptions = append(opts.EncoderConfigOptions, func(ec *zapcore.EncoderConfig) { From 435b9000dc63a254dba49cfafcb094e43106ce6e Mon Sep 17 00:00:00 2001 From: Jacob Aronoff Date: Mon, 20 May 2024 13:31:20 -0700 Subject: [PATCH 18/88] patch 0.100.1 (#2974) --- .chloggen/bring-back-wh-port.yaml | 16 ------------- .chloggen/refactor-strategies.yaml | 16 ------------- CHANGELOG.md | 23 +++++++++++++++++++ ...emetry-operator.clusterserviceversion.yaml | 8 +++---- versions.txt | 2 +- 5 files changed, 28 insertions(+), 37 deletions(-) delete mode 100755 .chloggen/bring-back-wh-port.yaml delete mode 100755 .chloggen/refactor-strategies.yaml diff --git a/.chloggen/bring-back-wh-port.yaml b/.chloggen/bring-back-wh-port.yaml deleted file mode 100755 index 6232fdd2a8..0000000000 --- a/.chloggen/bring-back-wh-port.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Fixes an issue where the user can no longer set the webhook port - -# One or more tracking issues related to the change -issues: [2923] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/refactor-strategies.yaml b/.chloggen/refactor-strategies.yaml deleted file mode 100755 index 5388aafdad..0000000000 --- a/.chloggen/refactor-strategies.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: target allocator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Refactor allocation strategies - -# One or more tracking issues related to the change -issues: [2928] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: The performance of the per-node strategy was massively improved as part of this change. diff --git a/CHANGELOG.md b/CHANGELOG.md index 66a9ffc1b0..d5f0846b5f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,29 @@ +## 0.100.1 + +### 💡 Enhancements 💡 + +- `target allocator`: Refactor allocation strategies (#2928) + The performance of the per-node strategy was massively improved as part of this change. + +### 🧰 Bug fixes 🧰 + +- `operator`: Fixes an issue where the user can no longer set the webhook port (#2923) + +### Components + +* [OpenTelemetry Collector - v0.100.0](https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.100.0) +* [OpenTelemetry Contrib - v0.100.0](https://github.com/open-telemetry/opentelemetry-collector-contrib/releases/tag/v0.100.0) +* [Java auto-instrumentation - v1.32.1](https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/tag/v1.32.1) +* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/{AUTO_INSTRUMENTATION_DOTNET_VERSION}) +* [Node.JS - v0.51.0](https://github.com/open-telemetry/opentelemetry-js/releases/tag/experimental%2Fv0.51.0) +* [Python - v0.44b0](https://github.com/open-telemetry/opentelemetry-python-contrib/releases/tag/v0.44b0) +* [Go - v0.12.0-alpha](https://github.com/open-telemetry/opentelemetry-go-instrumentation/releases/tag/v0.12.0-alpha) +* [ApacheHTTPD - 1.0.4](https://github.com/open-telemetry/opentelemetry-cpp-contrib/releases/tag/webserver%2Fv1.0.4) +* [Nginx - 1.0.4](https://github.com/open-telemetry/opentelemetry-cpp-contrib/releases/tag/webserver%2Fv1.0.4) + ## 0.100.0 ### 💡 Enhancements 💡 diff --git a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml index fcfd593ee7..f46b6a5f9b 100644 --- a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml +++ b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml @@ -99,13 +99,13 @@ metadata: categories: Logging & Tracing,Monitoring certified: "false" containerImage: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator - createdAt: "2024-05-15T17:31:49Z" + createdAt: "2024-05-20T19:57:07Z" description: Provides the OpenTelemetry components, including the Collector operators.operatorframework.io/builder: operator-sdk-v1.29.0 operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: github.com/open-telemetry/opentelemetry-operator support: OpenTelemetry Community - name: opentelemetry-operator.v0.100.0 + name: opentelemetry-operator.v0.100.1 namespace: placeholder spec: apiservicedefinitions: {} @@ -504,7 +504,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.serviceAccountName - image: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator:0.100.0 + image: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator:0.100.1 livenessProbe: httpGet: path: /healthz @@ -612,7 +612,7 @@ spec: minKubeVersion: 1.23.0 provider: name: OpenTelemetry Community - version: 0.100.0 + version: 0.100.1 webhookdefinitions: - admissionReviewVersions: - v1alpha1 diff --git a/versions.txt b/versions.txt index 76dd1c2098..4226fc1374 100644 --- a/versions.txt +++ b/versions.txt @@ -5,7 +5,7 @@ opentelemetry-collector=0.100.0 # Represents the current release of the OpenTelemetry Operator. -operator=0.100.0 +operator=0.100.1 # Represents the current release of the Target Allocator. targetallocator=0.100.0 From 2a9db5f26c01cd0df557426c54dab0b18006ad4c Mon Sep 17 00:00:00 2001 From: OpenTelemetry Bot <107717825+opentelemetrybot@users.noreply.github.com> Date: Tue, 21 May 2024 09:27:09 +0200 Subject: [PATCH 19/88] Update the OpenTelemetry Java agent version to 2.4.0 (#2967) --- autoinstrumentation/java/version.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/autoinstrumentation/java/version.txt b/autoinstrumentation/java/version.txt index 276cbf9e28..197c4d5c2d 100644 --- a/autoinstrumentation/java/version.txt +++ b/autoinstrumentation/java/version.txt @@ -1 +1 @@ -2.3.0 +2.4.0 From eaa4e6385d36d639b3cb1edc8f1bf1a8fd6ca44d Mon Sep 17 00:00:00 2001 From: Jacob Aronoff Date: Tue, 21 May 2024 04:12:05 -0700 Subject: [PATCH 20/88] simplify deletion logic (#2971) --- controllers/common.go | 21 ++++ .../opentelemetrycollector_controller.go | 101 ++++++------------ 2 files changed, 55 insertions(+), 67 deletions(-) diff --git a/controllers/common.go b/controllers/common.go index 7a2763002d..1be956b8b4 100644 --- a/controllers/common.go +++ b/controllers/common.go @@ -22,11 +22,13 @@ import ( "github.com/go-logr/logr" rbacv1 "k8s.io/api/rbac/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/util/retry" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/client/apiutil" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" @@ -77,6 +79,25 @@ func BuildOpAMPBridge(params manifests.Params) ([]client.Object, error) { return resources, nil } +// getList queries the Kubernetes API to list the requested resource, setting the list l of type T. +func getList[T client.Object](ctx context.Context, cl client.Client, l T, options ...client.ListOption) (map[types.UID]client.Object, error) { + ownedObjects := map[types.UID]client.Object{} + list := &unstructured.UnstructuredList{} + gvk, err := apiutil.GVKForObject(l, cl.Scheme()) + if err != nil { + return nil, err + } + list.SetGroupVersionKind(gvk) + err = cl.List(ctx, list, options...) + if err != nil { + return ownedObjects, fmt.Errorf("error listing %T: %w", l, err) + } + for i := range list.Items { + ownedObjects[list.Items[i].GetUID()] = &list.Items[i] + } + return ownedObjects, nil +} + // reconcileDesiredObjects runs the reconcile process using the mutateFn over the given list of objects. func reconcileDesiredObjects(ctx context.Context, kubeClient client.Client, logger logr.Logger, owner metav1.Object, scheme *runtime.Scheme, desiredObjects []client.Object, ownedObjects map[types.UID]client.Object) error { var errs []error diff --git a/controllers/opentelemetrycollector_controller.go b/controllers/opentelemetrycollector_controller.go index 56e229b50b..e4f64429d3 100644 --- a/controllers/opentelemetrycollector_controller.go +++ b/controllers/opentelemetrycollector_controller.go @@ -17,7 +17,6 @@ package controllers import ( "context" - "fmt" "github.com/go-logr/logr" routev1 "github.com/openshift/api/route/v1" @@ -49,6 +48,13 @@ import ( "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) +var ( + ownedClusterObjectTypes = []client.Object{ + &rbacv1.ClusterRole{}, + &rbacv1.ClusterRoleBinding{}, + } +) + // OpenTelemetryCollectorReconciler reconciles a OpenTelemetryCollector object. type OpenTelemetryCollectorReconciler struct { client.Client @@ -69,72 +75,40 @@ type Params struct { func (r *OpenTelemetryCollectorReconciler) findOtelOwnedObjects(ctx context.Context, params manifests.Params) (map[types.UID]client.Object, error) { ownedObjects := map[types.UID]client.Object{} - + ownedObjectTypes := []client.Object{ + &autoscalingv2.HorizontalPodAutoscaler{}, + &networkingv1.Ingress{}, + &policyV1.PodDisruptionBudget{}, + } listOps := &client.ListOptions{ Namespace: params.OtelCol.Namespace, LabelSelector: labels.SelectorFromSet(manifestutils.SelectorLabels(params.OtelCol.ObjectMeta, collector.ComponentOpenTelemetryCollector)), } - hpaList := &autoscalingv2.HorizontalPodAutoscalerList{} - err := r.List(ctx, hpaList, listOps) - if err != nil { - return nil, fmt.Errorf("error listing HorizontalPodAutoscalers: %w", err) - } - for i := range hpaList.Items { - ownedObjects[hpaList.Items[i].GetUID()] = &hpaList.Items[i] - } if featuregate.PrometheusOperatorIsAvailable.IsEnabled() && r.config.PrometheusCRAvailability() == prometheus.Available { - servicemonitorList := &monitoringv1.ServiceMonitorList{} - err = r.List(ctx, servicemonitorList, listOps) - if err != nil { - return nil, fmt.Errorf("error listing ServiceMonitors: %w", err) - } - for i := range servicemonitorList.Items { - ownedObjects[servicemonitorList.Items[i].GetUID()] = servicemonitorList.Items[i] - } - - podMonitorList := &monitoringv1.PodMonitorList{} - err = r.List(ctx, podMonitorList, listOps) - if err != nil { - return nil, fmt.Errorf("error listing PodMonitors: %w", err) - } - for i := range podMonitorList.Items { - ownedObjects[podMonitorList.Items[i].GetUID()] = podMonitorList.Items[i] - } - } - ingressList := &networkingv1.IngressList{} - err = r.List(ctx, ingressList, listOps) - if err != nil { - return nil, fmt.Errorf("error listing Ingresses: %w", err) + ownedObjectTypes = append(ownedObjectTypes, + &monitoringv1.ServiceMonitor{}, + &monitoringv1.PodMonitor{}, + ) } - for i := range ingressList.Items { - ownedObjects[ingressList.Items[i].GetUID()] = &ingressList.Items[i] - } - if params.Config.OpenShiftRoutesAvailability() == openshift.RoutesAvailable { - routesList := &routev1.RouteList{} - err = r.List(ctx, routesList, listOps) + ownedObjectTypes = append(ownedObjectTypes, &routev1.Route{}) + } + for _, objectType := range ownedObjectTypes { + objs, err := getList(ctx, r, objectType, listOps) if err != nil { - return nil, fmt.Errorf("error listing Routes: %w", err) + return nil, err } - for i := range routesList.Items { - ownedObjects[routesList.Items[i].GetUID()] = &routesList.Items[i] + for uid, object := range objs { + ownedObjects[uid] = object } } - pdbList := &policyV1.PodDisruptionBudgetList{} - err = r.List(ctx, pdbList, listOps) - if err != nil { - return nil, fmt.Errorf("error listing PodDisruptionBudgets: %w", err) - } - for i := range pdbList.Items { - ownedObjects[pdbList.Items[i].GetUID()] = &pdbList.Items[i] - } if params.Config.CreateRBACPermissions() == rbac.Available { - clusterObjects, err := r.findClusterRoleObjects(ctx, params) + objs, err := r.findClusterRoleObjects(ctx, params) if err != nil { return nil, err } - for k, v := range clusterObjects { - ownedObjects[k] = v + for uid, object := range objs { + ownedObjects[uid] = object } } return ownedObjects, nil @@ -148,21 +122,14 @@ func (r *OpenTelemetryCollectorReconciler) findClusterRoleObjects(ctx context.Co listOpsCluster := &client.ListOptions{ LabelSelector: labels.SelectorFromSet(manifestutils.SelectorLabels(params.OtelCol.ObjectMeta, collector.ComponentOpenTelemetryCollector)), } - clusterroleList := &rbacv1.ClusterRoleList{} - err := r.List(ctx, clusterroleList, listOpsCluster) - if err != nil { - return nil, fmt.Errorf("error listing ClusterRoles: %w", err) - } - for i := range clusterroleList.Items { - ownedObjects[clusterroleList.Items[i].GetUID()] = &clusterroleList.Items[i] - } - clusterrolebindingList := &rbacv1.ClusterRoleBindingList{} - err = r.List(ctx, clusterrolebindingList, listOpsCluster) - if err != nil { - return nil, fmt.Errorf("error listing ClusterRoleBIndings: %w", err) - } - for i := range clusterrolebindingList.Items { - ownedObjects[clusterrolebindingList.Items[i].GetUID()] = &clusterrolebindingList.Items[i] + for _, objectType := range ownedClusterObjectTypes { + objs, err := getList(ctx, r, objectType, listOpsCluster) + if err != nil { + return nil, err + } + for uid, object := range objs { + ownedObjects[uid] = object + } } return ownedObjects, nil } From ac93c7ee641c5710147445dc23639067035ab050 Mon Sep 17 00:00:00 2001 From: Pavol Loffay Date: Tue, 21 May 2024 13:24:35 +0200 Subject: [PATCH 21/88] Update maintainers in the operator hub PR (#2977) Signed-off-by: Pavol Loffay --- .github/workflows/reusable-operator-hub-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-operator-hub-release.yaml b/.github/workflows/reusable-operator-hub-release.yaml index e6e90f7445..948d2df208 100644 --- a/.github/workflows/reusable-operator-hub-release.yaml +++ b/.github/workflows/reusable-operator-hub-release.yaml @@ -70,7 +70,7 @@ jobs: message="Update the opentelemetry to $VERSION" body="Release opentelemetry-operator \`$VERSION\`. - cc @pavolloffay @frzifus @yuriolisa @jaronoff97 @VineethReddy02 @TylerHelmuth @swiatekm-sumo + cc @pavolloffay @frzifus @yuriolisa @jaronoff97 @TylerHelmuth @swiatekm-sumo " branch="update-opentelemetry-operator-to-${VERSION}" From 1a731c9145bd22677c11160f46c7171c54c80e1a Mon Sep 17 00:00:00 2001 From: Vasi Vasireddy <41936996+vasireddy99@users.noreply.github.com> Date: Wed, 22 May 2024 00:58:26 -0700 Subject: [PATCH 22/88] Support for kubernetes 1.30 version (#2975) * Support for kubernetes 1.30 version * Update makefile --- .chloggen/kind130.yaml | 16 ++++++++++++++++ .github/workflows/e2e.yaml | 2 +- .github/workflows/scorecard.yaml | 2 +- Makefile | 2 +- kind-1.30.yaml | 18 ++++++++++++++++++ 5 files changed, 37 insertions(+), 3 deletions(-) create mode 100644 .chloggen/kind130.yaml create mode 100644 kind-1.30.yaml diff --git a/.chloggen/kind130.yaml b/.chloggen/kind130.yaml new file mode 100644 index 0000000000..8ded213051 --- /dev/null +++ b/.chloggen/kind130.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: 'enhancement' + +# The name of the component, or a single word describing the area of concern, (e.g. operator, target allocator, github action) +component: operator + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Support for Kubernetes 1.30 version. + +# One or more tracking issues related to the change +issues: [2881] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: \ No newline at end of file diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index c87c7824b0..358f367439 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -21,7 +21,7 @@ jobs: # should be compatible with them. kube-version: - "1.23" - - "1.29" + - "1.30" group: - e2e - e2e-automatic-rbac diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index ed3cbc493b..c0eb437a9e 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -18,7 +18,7 @@ jobs: matrix: kube-version: - "1.23" - - "1.29" + - "1.30" steps: diff --git a/Makefile b/Makefile index c5a601fe0a..157d172907 100644 --- a/Makefile +++ b/Makefile @@ -62,7 +62,7 @@ endif START_KIND_CLUSTER ?= true -KUBE_VERSION ?= 1.29 +KUBE_VERSION ?= 1.30 KIND_CONFIG ?= kind-$(KUBE_VERSION).yaml KIND_CLUSTER_NAME ?= "otel-operator" diff --git a/kind-1.30.yaml b/kind-1.30.yaml new file mode 100644 index 0000000000..ad68ebecd3 --- /dev/null +++ b/kind-1.30.yaml @@ -0,0 +1,18 @@ +kind: Cluster +apiVersion: kind.x-k8s.io/v1alpha4 +nodes: + - role: control-plane + image: kindest/node:v1.30.0@sha256:047357ac0cfea04663786a612ba1eaba9702bef25227a794b52890dd8bcd692e + kubeadmConfigPatches: + - | + kind: InitConfiguration + nodeRegistration: + kubeletExtraArgs: + node-labels: "ingress-ready=true" + extraPortMappings: + - containerPort: 80 + hostPort: 80 + protocol: TCP + - containerPort: 443 + hostPort: 443 + protocol: TCP From cfc1dc3e6d7fe03ba9a9d50ac05615a85dc5d222 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miko=C5=82aj=20=C5=9Awi=C4=85tek?= Date: Wed, 22 May 2024 15:12:53 +0000 Subject: [PATCH 23/88] [chore] Move TargetAllocator CRD to v1alpha1 (#2918) --- apis/v1alpha1/targetallocator_types.go | 94 ++++++++++++++++ apis/v1alpha1/zz_generated.deepcopy.go | 101 ++++++++++++++++++ apis/v1beta1/targetallocator_types.go | 73 ------------- apis/v1beta1/zz_generated.deepcopy.go | 100 ----------------- .../opentelemetry.io_targetallocators.yaml | 2 +- .../manifests/collector/targetallocator.go | 7 +- .../collector/targetallocator_test.go | 11 +- internal/manifests/manifestutils/labels.go | 4 +- .../manifests/manifestutils/labels_test.go | 9 +- internal/manifests/params.go | 2 +- .../manifests/targetallocator/annotations.go | 4 +- .../manifests/targetallocator/container.go | 4 +- .../targetallocator/container_test.go | 35 +++--- .../targetallocator/deployment_test.go | 33 +++--- .../poddisruptionbudget_test.go | 13 +-- .../targetallocator/serviceaccount.go | 4 +- .../targetallocator/serviceaccount_test.go | 13 +-- .../targetallocator/servicemonitor_test.go | 5 +- internal/manifests/targetallocator/volume.go | 4 +- .../manifests/targetallocator/volume_test.go | 4 +- 20 files changed, 275 insertions(+), 247 deletions(-) create mode 100644 apis/v1alpha1/targetallocator_types.go diff --git a/apis/v1alpha1/targetallocator_types.go b/apis/v1alpha1/targetallocator_types.go new file mode 100644 index 0000000000..f4acfae76b --- /dev/null +++ b/apis/v1alpha1/targetallocator_types.go @@ -0,0 +1,94 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" +) + +func init() { + v1beta1.SchemeBuilder.Register(&TargetAllocator{}, &TargetAllocatorList{}) +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status + +// TargetAllocator is the Schema for the targetallocators API. +type TargetAllocator struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec TargetAllocatorSpec `json:"spec,omitempty"` + Status TargetAllocatorStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// TargetAllocatorList contains a list of TargetAllocator. +type TargetAllocatorList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []v1beta1.OpenTelemetryCollector `json:"items"` +} + +// TargetAllocatorStatus defines the observed state of Target Allocator. +type TargetAllocatorStatus struct { + // Version of the managed Target Allocator (operand) + // +optional + Version string `json:"version,omitempty"` + + // Image indicates the container image to use for the Target Allocator. + // +optional + Image string `json:"image,omitempty"` +} + +// TargetAllocatorSpec defines the desired state of TargetAllocator. +type TargetAllocatorSpec struct { + // Common defines fields that are common to all OpenTelemetry CRD workloads. + v1beta1.OpenTelemetryCommonFields `json:",inline"` + // CollectorSelector is the selector for Collector Pods the target allocator will allocate targets to. + CollectorSelector metav1.LabelSelector `json:"collectorSelector,omitempty"` + // AllocationStrategy determines which strategy the target allocator should use for allocation. + // The current options are least-weighted, consistent-hashing and per-node. The default is + // consistent-hashing. + // WARNING: The per-node strategy currently ignores targets without a Node, like control plane components. + // +optional + // +kubebuilder:default:=consistent-hashing + AllocationStrategy v1beta1.TargetAllocatorAllocationStrategy `json:"allocationStrategy,omitempty"` + // FilterStrategy determines how to filter targets before allocating them among the collectors. + // The only current option is relabel-config (drops targets based on prom relabel_config). + // The default is relabel-config. + // +optional + // +kubebuilder:default:=relabel-config + FilterStrategy v1beta1.TargetAllocatorFilterStrategy `json:"filterStrategy,omitempty"` + // ScrapeConfigs define static Prometheus scrape configurations for the target allocator. + // To use dynamic configurations from ServiceMonitors and PodMonitors, see the PrometheusCR section. + // For the exact format, see https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. + // +optional + // +listType=atomic + // +kubebuilder:pruning:PreserveUnknownFields + ScrapeConfigs []v1beta1.AnyConfig `json:"scrapeConfigs,omitempty"` + // PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ). + // +optional + PrometheusCR v1beta1.TargetAllocatorPrometheusCR `json:"prometheusCR,omitempty"` + // ObservabilitySpec defines how telemetry data gets handled. + // + // +optional + // +kubebuilder:validation:Optional + // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Observability" + Observability v1beta1.ObservabilitySpec `json:"observability,omitempty"` +} diff --git a/apis/v1alpha1/zz_generated.deepcopy.go b/apis/v1alpha1/zz_generated.deepcopy.go index 8f47cb64dc..ef6579f898 100644 --- a/apis/v1alpha1/zz_generated.deepcopy.go +++ b/apis/v1alpha1/zz_generated.deepcopy.go @@ -19,6 +19,7 @@ package v1alpha1 import ( + "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "k8s.io/api/autoscaling/v2" "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" @@ -1243,3 +1244,103 @@ func (in *ScaleSubresourceStatus) DeepCopy() *ScaleSubresourceStatus { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetAllocator) DeepCopyInto(out *TargetAllocator) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetAllocator. +func (in *TargetAllocator) DeepCopy() *TargetAllocator { + if in == nil { + return nil + } + out := new(TargetAllocator) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TargetAllocator) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetAllocatorList) DeepCopyInto(out *TargetAllocatorList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]v1beta1.OpenTelemetryCollector, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetAllocatorList. +func (in *TargetAllocatorList) DeepCopy() *TargetAllocatorList { + if in == nil { + return nil + } + out := new(TargetAllocatorList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TargetAllocatorList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetAllocatorSpec) DeepCopyInto(out *TargetAllocatorSpec) { + *out = *in + in.OpenTelemetryCommonFields.DeepCopyInto(&out.OpenTelemetryCommonFields) + in.CollectorSelector.DeepCopyInto(&out.CollectorSelector) + if in.ScrapeConfigs != nil { + in, out := &in.ScrapeConfigs, &out.ScrapeConfigs + *out = make([]v1beta1.AnyConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.PrometheusCR.DeepCopyInto(&out.PrometheusCR) + out.Observability = in.Observability +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetAllocatorSpec. +func (in *TargetAllocatorSpec) DeepCopy() *TargetAllocatorSpec { + if in == nil { + return nil + } + out := new(TargetAllocatorSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetAllocatorStatus) DeepCopyInto(out *TargetAllocatorStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetAllocatorStatus. +func (in *TargetAllocatorStatus) DeepCopy() *TargetAllocatorStatus { + if in == nil { + return nil + } + out := new(TargetAllocatorStatus) + in.DeepCopyInto(out) + return out +} diff --git a/apis/v1beta1/targetallocator_types.go b/apis/v1beta1/targetallocator_types.go index c833c54816..f772acdde4 100644 --- a/apis/v1beta1/targetallocator_types.go +++ b/apis/v1beta1/targetallocator_types.go @@ -18,79 +18,6 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -func init() { - SchemeBuilder.Register(&TargetAllocator{}, &TargetAllocatorList{}) -} - -//+kubebuilder:object:root=true -//+kubebuilder:subresource:status - -// TargetAllocator is the Schema for the targetallocators API. -type TargetAllocator struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec TargetAllocatorSpec `json:"spec,omitempty"` - Status TargetAllocatorStatus `json:"status,omitempty"` -} - -//+kubebuilder:object:root=true - -// TargetAllocatorList contains a list of TargetAllocator. -type TargetAllocatorList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - Items []OpenTelemetryCollector `json:"items"` -} - -// TargetAllocatorStatus defines the observed state of Target Allocator. -type TargetAllocatorStatus struct { - // Version of the managed Target Allocator (operand) - // +optional - Version string `json:"version,omitempty"` - - // Image indicates the container image to use for the Target Allocator. - // +optional - Image string `json:"image,omitempty"` -} - -// TargetAllocatorSpec defines the desired state of TargetAllocator. -type TargetAllocatorSpec struct { - // Common defines fields that are common to all OpenTelemetry CRD workloads. - OpenTelemetryCommonFields `json:",inline"` - // CollectorSelector is the selector for Collector Pods the target allocator will allocate targets to. - CollectorSelector metav1.LabelSelector `json:"collectorSelector,omitempty"` - // AllocationStrategy determines which strategy the target allocator should use for allocation. - // The current options are least-weighted, consistent-hashing and per-node. The default is - // consistent-hashing. - // WARNING: The per-node strategy currently ignores targets without a Node, like control plane components. - // +optional - // +kubebuilder:default:=consistent-hashing - AllocationStrategy TargetAllocatorAllocationStrategy `json:"allocationStrategy,omitempty"` - // FilterStrategy determines how to filter targets before allocating them among the collectors. - // The only current option is relabel-config (drops targets based on prom relabel_config). - // The default is relabel-config. - // +optional - // +kubebuilder:default:=relabel-config - FilterStrategy TargetAllocatorFilterStrategy `json:"filterStrategy,omitempty"` - // ScrapeConfigs define static Prometheus scrape configurations for the target allocator. - // To use dynamic configurations from ServiceMonitors and PodMonitors, see the PrometheusCR section. - // For the exact format, see https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. - // +optional - // +listType=atomic - // +kubebuilder:pruning:PreserveUnknownFields - ScrapeConfigs []AnyConfig `json:"scrapeConfigs,omitempty"` - // PrometheusCR defines the configuration for the retrieval of PrometheusOperator CRDs ( servicemonitor.monitoring.coreos.com/v1 and podmonitor.monitoring.coreos.com/v1 ). - // +optional - PrometheusCR TargetAllocatorPrometheusCR `json:"prometheusCR,omitempty"` - // ObservabilitySpec defines how telemetry data gets handled. - // - // +optional - // +kubebuilder:validation:Optional - // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Observability" - Observability ObservabilitySpec `json:"observability,omitempty"` -} - // TargetAllocatorPrometheusCR configures Prometheus CustomResource handling in the Target Allocator. type TargetAllocatorPrometheusCR struct { // Enabled indicates whether to use a PrometheusOperator custom resources as targets or not. diff --git a/apis/v1beta1/zz_generated.deepcopy.go b/apis/v1beta1/zz_generated.deepcopy.go index 9690ef897d..e34b26d522 100644 --- a/apis/v1beta1/zz_generated.deepcopy.go +++ b/apis/v1beta1/zz_generated.deepcopy.go @@ -669,33 +669,6 @@ func (in *Service) DeepCopy() *Service { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TargetAllocator) DeepCopyInto(out *TargetAllocator) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetAllocator. -func (in *TargetAllocator) DeepCopy() *TargetAllocator { - if in == nil { - return nil - } - out := new(TargetAllocator) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TargetAllocator) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TargetAllocatorEmbedded) DeepCopyInto(out *TargetAllocatorEmbedded) { *out = *in @@ -767,38 +740,6 @@ func (in *TargetAllocatorEmbedded) DeepCopy() *TargetAllocatorEmbedded { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TargetAllocatorList) DeepCopyInto(out *TargetAllocatorList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OpenTelemetryCollector, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetAllocatorList. -func (in *TargetAllocatorList) DeepCopy() *TargetAllocatorList { - if in == nil { - return nil - } - out := new(TargetAllocatorList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TargetAllocatorList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TargetAllocatorPrometheusCR) DeepCopyInto(out *TargetAllocatorPrometheusCR) { *out = *in @@ -829,47 +770,6 @@ func (in *TargetAllocatorPrometheusCR) DeepCopy() *TargetAllocatorPrometheusCR { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TargetAllocatorSpec) DeepCopyInto(out *TargetAllocatorSpec) { - *out = *in - in.OpenTelemetryCommonFields.DeepCopyInto(&out.OpenTelemetryCommonFields) - in.CollectorSelector.DeepCopyInto(&out.CollectorSelector) - if in.ScrapeConfigs != nil { - in, out := &in.ScrapeConfigs, &out.ScrapeConfigs - *out = make([]AnyConfig, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - in.PrometheusCR.DeepCopyInto(&out.PrometheusCR) - out.Observability = in.Observability -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetAllocatorSpec. -func (in *TargetAllocatorSpec) DeepCopy() *TargetAllocatorSpec { - if in == nil { - return nil - } - out := new(TargetAllocatorSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TargetAllocatorStatus) DeepCopyInto(out *TargetAllocatorStatus) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetAllocatorStatus. -func (in *TargetAllocatorStatus) DeepCopy() *TargetAllocatorStatus { - if in == nil { - return nil - } - out := new(TargetAllocatorStatus) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Telemetry) DeepCopyInto(out *Telemetry) { *out = *in diff --git a/config/crd/bases/opentelemetry.io_targetallocators.yaml b/config/crd/bases/opentelemetry.io_targetallocators.yaml index 7d59d689c6..30346ed44f 100644 --- a/config/crd/bases/opentelemetry.io_targetallocators.yaml +++ b/config/crd/bases/opentelemetry.io_targetallocators.yaml @@ -14,7 +14,7 @@ spec: singular: targetallocator scope: Namespaced versions: - - name: v1beta1 + - name: v1alpha1 schema: openAPIV3Schema: properties: diff --git a/internal/manifests/collector/targetallocator.go b/internal/manifests/collector/targetallocator.go index 4083d4c3f7..4245efdd79 100644 --- a/internal/manifests/collector/targetallocator.go +++ b/internal/manifests/collector/targetallocator.go @@ -17,6 +17,7 @@ package collector import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" @@ -24,7 +25,7 @@ import ( ) // TargetAllocator builds the TargetAllocator CR for the given instance. -func TargetAllocator(params manifests.Params) (*v1beta1.TargetAllocator, error) { +func TargetAllocator(params manifests.Params) (*v1alpha1.TargetAllocator, error) { taSpec := params.OtelCol.Spec.TargetAllocator if !taSpec.Enabled { @@ -44,14 +45,14 @@ func TargetAllocator(params manifests.Params) (*v1beta1.TargetAllocator, error) return nil, err } - return &v1beta1.TargetAllocator{ + return &v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: params.OtelCol.Name, Namespace: params.OtelCol.Namespace, Annotations: params.OtelCol.Annotations, Labels: params.OtelCol.Labels, }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Replicas: taSpec.Replicas, NodeSelector: taSpec.NodeSelector, diff --git a/internal/manifests/collector/targetallocator_test.go b/internal/manifests/collector/targetallocator_test.go index 76a51b66ef..617234bb28 100644 --- a/internal/manifests/collector/targetallocator_test.go +++ b/internal/manifests/collector/targetallocator_test.go @@ -26,6 +26,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" @@ -62,7 +63,7 @@ func TestTargetAllocator(t *testing.T) { testCases := []struct { name string input v1beta1.OpenTelemetryCollector - want *v1beta1.TargetAllocator + want *v1alpha1.TargetAllocator wantErr error }{ { @@ -87,9 +88,9 @@ func TestTargetAllocator(t *testing.T) { }, }, }, - want: &v1beta1.TargetAllocator{ + want: &v1alpha1.TargetAllocator{ ObjectMeta: objectMetadata, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ CollectorSelector: metav1.LabelSelector{ MatchLabels: manifestutils.SelectorLabels(objectMetadata, ComponentOpenTelemetryCollector), }, @@ -200,9 +201,9 @@ func TestTargetAllocator(t *testing.T) { Config: otelcolConfig, }, }, - want: &v1beta1.TargetAllocator{ + want: &v1alpha1.TargetAllocator{ ObjectMeta: objectMetadata, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Replicas: &replicas, NodeSelector: map[string]string{"key": "value"}, diff --git a/internal/manifests/manifestutils/labels.go b/internal/manifests/manifestutils/labels.go index 3605e38c12..943b642a0b 100644 --- a/internal/manifests/manifestutils/labels.go +++ b/internal/manifests/manifestutils/labels.go @@ -20,7 +20,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) @@ -86,7 +86,7 @@ func SelectorLabels(instance metav1.ObjectMeta, component string) map[string]str } // SelectorLabels return the selector labels for Target Allocator Pods. -func TASelectorLabels(instance v1beta1.TargetAllocator, component string) map[string]string { +func TASelectorLabels(instance v1alpha1.TargetAllocator, component string) map[string]string { selectorLabels := SelectorLabels(instance.ObjectMeta, component) // TargetAllocator uses the name label as well for selection diff --git a/internal/manifests/manifestutils/labels_test.go b/internal/manifests/manifestutils/labels_test.go index 22fc5eb33d..90faf23adc 100644 --- a/internal/manifests/manifestutils/labels_test.go +++ b/internal/manifests/manifestutils/labels_test.go @@ -21,7 +21,6 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" - "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) @@ -163,7 +162,7 @@ func TestSelectorLabels(t *testing.T) { "app.kubernetes.io/name": "my-opentelemetry-collector-targetallocator", "app.kubernetes.io/part-of": "opentelemetry", } - tainstance := v1beta1.TargetAllocator{ + tainstance := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{Name: "my-opentelemetry-collector", Namespace: "my-namespace"}, } @@ -176,7 +175,7 @@ func TestSelectorLabels(t *testing.T) { func TestLabelsTACommonSet(t *testing.T) { // prepare - tainstance := v1beta1.TargetAllocator{ + tainstance := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: taname, Namespace: tanamespace, @@ -195,7 +194,7 @@ func TestLabelsTACommonSet(t *testing.T) { func TestLabelsTAPropagateDown(t *testing.T) { // prepare - tainstance := v1beta1.TargetAllocator{ + tainstance := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ "myapp": "mycomponent", @@ -218,7 +217,7 @@ func TestLabelsTAPropagateDown(t *testing.T) { func TestSelectorTALabels(t *testing.T) { // prepare - tainstance := v1beta1.TargetAllocator{ + tainstance := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: taname, Namespace: tanamespace, diff --git a/internal/manifests/params.go b/internal/manifests/params.go index de80cbc966..7e12a74b4d 100644 --- a/internal/manifests/params.go +++ b/internal/manifests/params.go @@ -32,7 +32,7 @@ type Params struct { Scheme *runtime.Scheme Log logr.Logger OtelCol v1beta1.OpenTelemetryCollector - TargetAllocator v1beta1.TargetAllocator + TargetAllocator v1alpha1.TargetAllocator OpAMPBridge v1alpha1.OpAMPBridge Config config.Config } diff --git a/internal/manifests/targetallocator/annotations.go b/internal/manifests/targetallocator/annotations.go index 7666bd64ab..263b6234b1 100644 --- a/internal/manifests/targetallocator/annotations.go +++ b/internal/manifests/targetallocator/annotations.go @@ -20,14 +20,14 @@ import ( v1 "k8s.io/api/core/v1" - "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" ) const configMapHashAnnotationKey = "opentelemetry-targetallocator-config/hash" // Annotations returns the annotations for the TargetAllocator Pod. -func Annotations(instance v1beta1.TargetAllocator, configMap *v1.ConfigMap, filterAnnotations []string) map[string]string { +func Annotations(instance v1alpha1.TargetAllocator, configMap *v1.ConfigMap, filterAnnotations []string) map[string]string { // Make a copy of PodAnnotations to be safe annotations := make(map[string]string, len(instance.Spec.PodAnnotations)) for key, value := range instance.Spec.PodAnnotations { diff --git a/internal/manifests/targetallocator/container.go b/internal/manifests/targetallocator/container.go index 1ea159c2cc..3480aa57eb 100644 --- a/internal/manifests/targetallocator/container.go +++ b/internal/manifests/targetallocator/container.go @@ -20,14 +20,14 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/intstr" - "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) // Container builds a container for the given TargetAllocator. -func Container(cfg config.Config, logger logr.Logger, instance v1beta1.TargetAllocator) corev1.Container { +func Container(cfg config.Config, logger logr.Logger, instance v1alpha1.TargetAllocator) corev1.Container { image := instance.Spec.Image if len(image) == 0 { image = cfg.TargetAllocatorImage() diff --git a/internal/manifests/targetallocator/container_test.go b/internal/manifests/targetallocator/container_test.go index f1e15cf7e8..ce91ecc10f 100644 --- a/internal/manifests/targetallocator/container_test.go +++ b/internal/manifests/targetallocator/container_test.go @@ -25,6 +25,7 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" logf "sigs.k8s.io/controller-runtime/pkg/log" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" @@ -35,7 +36,7 @@ var logger = logf.Log.WithName("unit-tests") func TestContainerNewDefault(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{} + targetAllocator := v1alpha1.TargetAllocator{} cfg := config.New(config.WithTargetAllocatorImage("default-image")) // test @@ -47,8 +48,8 @@ func TestContainerNewDefault(t *testing.T) { func TestContainerWithImageOverridden(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{ - Spec: v1beta1.TargetAllocatorSpec{ + targetAllocator := v1alpha1.TargetAllocator{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Image: "overridden-image", }, @@ -65,7 +66,7 @@ func TestContainerWithImageOverridden(t *testing.T) { func TestContainerPorts(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{} + targetAllocator := v1alpha1.TargetAllocator{} cfg := config.New() // test @@ -79,7 +80,7 @@ func TestContainerPorts(t *testing.T) { func TestContainerVolumes(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{} + targetAllocator := v1alpha1.TargetAllocator{} cfg := config.New() // test @@ -91,8 +92,8 @@ func TestContainerVolumes(t *testing.T) { } func TestContainerResourceRequirements(t *testing.T) { - targetAllocator := v1beta1.TargetAllocator{ - Spec: v1beta1.TargetAllocatorSpec{ + targetAllocator := v1alpha1.TargetAllocator{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Resources: corev1.ResourceRequirements{ Limits: corev1.ResourceList{ @@ -129,8 +130,8 @@ func TestContainerResourceRequirements(t *testing.T) { func TestContainerHasEnvVars(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{ - Spec: v1beta1.TargetAllocatorSpec{ + targetAllocator := v1alpha1.TargetAllocator{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Env: []corev1.EnvVar{ { @@ -213,8 +214,8 @@ func TestContainerHasProxyEnvVars(t *testing.T) { defer os.Unsetenv("NO_PROXY") // prepare - targetAllocator := v1beta1.TargetAllocator{ - Spec: v1beta1.TargetAllocatorSpec{ + targetAllocator := v1alpha1.TargetAllocator{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Env: []corev1.EnvVar{ { @@ -238,8 +239,8 @@ func TestContainerHasProxyEnvVars(t *testing.T) { func TestContainerDoesNotOverrideEnvVars(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{ - Spec: v1beta1.TargetAllocatorSpec{ + targetAllocator := v1alpha1.TargetAllocator{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Env: []corev1.EnvVar{ { @@ -303,7 +304,7 @@ func TestContainerDoesNotOverrideEnvVars(t *testing.T) { assert.Equal(t, expected, c) } func TestReadinessProbe(t *testing.T) { - targetAllocator := v1beta1.TargetAllocator{} + targetAllocator := v1alpha1.TargetAllocator{} cfg := config.New() expected := &corev1.Probe{ ProbeHandler: corev1.ProbeHandler{ @@ -322,7 +323,7 @@ func TestReadinessProbe(t *testing.T) { } func TestLivenessProbe(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{} + targetAllocator := v1alpha1.TargetAllocator{} cfg := config.New() expected := &corev1.Probe{ ProbeHandler: corev1.ProbeHandler{ @@ -346,8 +347,8 @@ func TestSecurityContext(t *testing.T) { RunAsNonRoot: &runAsNonRoot, } // prepare - targetAllocator := v1beta1.TargetAllocator{ - Spec: v1beta1.TargetAllocatorSpec{ + targetAllocator := v1alpha1.TargetAllocator{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ SecurityContext: securityContext, }, diff --git a/internal/manifests/targetallocator/deployment_test.go b/internal/manifests/targetallocator/deployment_test.go index 1767696fdb..e4d5759f0a 100644 --- a/internal/manifests/targetallocator/deployment_test.go +++ b/internal/manifests/targetallocator/deployment_test.go @@ -24,6 +24,7 @@ import ( v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" @@ -79,7 +80,7 @@ var testSecurityContextValue = &v1.PodSecurityContext{ func TestDeploymentSecurityContext(t *testing.T) { // Test default - targetallocator11 := v1beta1.TargetAllocator{ + targetallocator11 := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", }, @@ -99,11 +100,11 @@ func TestDeploymentSecurityContext(t *testing.T) { assert.Empty(t, d1.Spec.Template.Spec.SecurityContext) // Test SecurityContext - targetAllocator2 := v1beta1.TargetAllocator{ + targetAllocator2 := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance-securitycontext", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ PodSecurityContext: testSecurityContextValue, }, @@ -208,7 +209,7 @@ func collectorInstance() v1beta1.OpenTelemetryCollector { } } -func targetAllocatorInstance() v1beta1.TargetAllocator { +func targetAllocatorInstance() v1alpha1.TargetAllocator { collectorInstance := collectorInstance() collectorInstance.Spec.TargetAllocator.Enabled = true params := manifests.Params{OtelCol: collectorInstance} @@ -219,7 +220,7 @@ func targetAllocatorInstance() v1beta1.TargetAllocator { func TestDeploymentNodeSelector(t *testing.T) { // Test default - targetAllocator1 := v1beta1.TargetAllocator{} + targetAllocator1 := v1alpha1.TargetAllocator{} cfg := config.New() @@ -233,11 +234,11 @@ func TestDeploymentNodeSelector(t *testing.T) { assert.Empty(t, d1.Spec.Template.Spec.NodeSelector) // Test nodeSelector - targetAllocator2 := v1beta1.TargetAllocator{ + targetAllocator2 := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance-nodeselector", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ NodeSelector: map[string]string{ "node-key": "node-value", @@ -261,7 +262,7 @@ func TestDeploymentNodeSelector(t *testing.T) { func TestDeploymentAffinity(t *testing.T) { // Test default - targetAllocator1 := v1beta1.TargetAllocator{} + targetAllocator1 := v1alpha1.TargetAllocator{} cfg := config.New() @@ -275,11 +276,11 @@ func TestDeploymentAffinity(t *testing.T) { assert.Empty(t, d1.Spec.Template.Spec.Affinity) // Test affinity - targetAllocator2 := v1beta1.TargetAllocator{ + targetAllocator2 := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance-affinity", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Affinity: testAffinityValue, }, @@ -301,7 +302,7 @@ func TestDeploymentAffinity(t *testing.T) { func TestDeploymentTolerations(t *testing.T) { // Test default - targetAllocator1 := v1beta1.TargetAllocator{ + targetAllocator1 := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", }, @@ -319,11 +320,11 @@ func TestDeploymentTolerations(t *testing.T) { assert.Empty(t, d1.Spec.Template.Spec.Tolerations) // Test Tolerations - targetAllocator2 := v1beta1.TargetAllocator{ + targetAllocator2 := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance-toleration", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Tolerations: testTolerationValues, }, @@ -345,7 +346,7 @@ func TestDeploymentTolerations(t *testing.T) { func TestDeploymentTopologySpreadConstraints(t *testing.T) { // Test default - targetAllocator1 := v1beta1.TargetAllocator{ + targetAllocator1 := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", }, @@ -364,11 +365,11 @@ func TestDeploymentTopologySpreadConstraints(t *testing.T) { assert.Empty(t, d1.Spec.Template.Spec.TopologySpreadConstraints) // Test TopologySpreadConstraints - targetAllocator2 := v1beta1.TargetAllocator{ + targetAllocator2 := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance-topologyspreadconstraint", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ TopologySpreadConstraints: testTopologySpreadConstraintValue, }, diff --git a/internal/manifests/targetallocator/poddisruptionbudget_test.go b/internal/manifests/targetallocator/poddisruptionbudget_test.go index 3beb7d1ee3..40ff03e64c 100644 --- a/internal/manifests/targetallocator/poddisruptionbudget_test.go +++ b/internal/manifests/targetallocator/poddisruptionbudget_test.go @@ -21,6 +21,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" @@ -66,11 +67,11 @@ var tests = []test{ func TestPDBWithValidStrategy(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - targetAllocator := v1beta1.TargetAllocator{ + targetAllocator := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ PodDisruptionBudget: &v1beta1.PodDisruptionBudgetSpec{ MinAvailable: test.MinAvailable, @@ -100,11 +101,11 @@ func TestPDBWithValidStrategy(t *testing.T) { func TestPDBWithNotValidStrategy(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - targetAllocator := v1beta1.TargetAllocator{ + targetAllocator := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ PodDisruptionBudget: &v1beta1.PodDisruptionBudgetSpec{ MinAvailable: test.MinAvailable, @@ -129,8 +130,8 @@ func TestPDBWithNotValidStrategy(t *testing.T) { } func TestNoPDB(t *testing.T) { - targetAllocator := v1beta1.TargetAllocator{ - Spec: v1beta1.TargetAllocatorSpec{ + targetAllocator := v1alpha1.TargetAllocator{ + Spec: v1alpha1.TargetAllocatorSpec{ AllocationStrategy: v1beta1.TargetAllocatorAllocationStrategyLeastWeighted, }, } diff --git a/internal/manifests/targetallocator/serviceaccount.go b/internal/manifests/targetallocator/serviceaccount.go index e38e64b557..05ae797ef1 100644 --- a/internal/manifests/targetallocator/serviceaccount.go +++ b/internal/manifests/targetallocator/serviceaccount.go @@ -18,14 +18,14 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) // ServiceAccountName returns the name of the existing or self-provisioned service account to use for the given instance. -func ServiceAccountName(instance v1beta1.TargetAllocator) string { +func ServiceAccountName(instance v1alpha1.TargetAllocator) string { if len(instance.Spec.ServiceAccount) == 0 { return naming.TargetAllocatorServiceAccount(instance.Name) } diff --git a/internal/manifests/targetallocator/serviceaccount_test.go b/internal/manifests/targetallocator/serviceaccount_test.go index f8bd532f9e..85d11c1c50 100644 --- a/internal/manifests/targetallocator/serviceaccount_test.go +++ b/internal/manifests/targetallocator/serviceaccount_test.go @@ -21,6 +21,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" @@ -28,7 +29,7 @@ import ( func TestServiceAccountDefaultName(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{ + targetAllocator := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", }, @@ -43,11 +44,11 @@ func TestServiceAccountDefaultName(t *testing.T) { func TestServiceAccountOverrideName(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{ + targetAllocator := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ ServiceAccount: "my-special-sa", }, @@ -63,7 +64,7 @@ func TestServiceAccountOverrideName(t *testing.T) { func TestServiceAccountDefault(t *testing.T) { params := manifests.Params{ - TargetAllocator: v1beta1.TargetAllocator{ + TargetAllocator: v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", }, @@ -87,11 +88,11 @@ func TestServiceAccountDefault(t *testing.T) { func TestServiceAccountOverride(t *testing.T) { params := manifests.Params{ - TargetAllocator: v1beta1.TargetAllocator{ + TargetAllocator: v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ ServiceAccount: "my-special-sa", }, diff --git a/internal/manifests/targetallocator/servicemonitor_test.go b/internal/manifests/targetallocator/servicemonitor_test.go index a39c5aec46..dbe31a505c 100644 --- a/internal/manifests/targetallocator/servicemonitor_test.go +++ b/internal/manifests/targetallocator/servicemonitor_test.go @@ -21,18 +21,19 @@ import ( "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" ) func TestDesiredServiceMonitors(t *testing.T) { - ta := v1beta1.TargetAllocator{ + ta := v1alpha1.TargetAllocator{ ObjectMeta: metav1.ObjectMeta{ Name: "my-instance", Namespace: "my-namespace", }, - Spec: v1beta1.TargetAllocatorSpec{ + Spec: v1alpha1.TargetAllocatorSpec{ OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ Tolerations: testTolerationValues, }, diff --git a/internal/manifests/targetallocator/volume.go b/internal/manifests/targetallocator/volume.go index 1ffe3294b2..c609f551e1 100644 --- a/internal/manifests/targetallocator/volume.go +++ b/internal/manifests/targetallocator/volume.go @@ -17,14 +17,14 @@ package targetallocator import ( corev1 "k8s.io/api/core/v1" - "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) // Volumes builds the volumes for the given instance, including the config map volume. -func Volumes(cfg config.Config, instance v1beta1.TargetAllocator) []corev1.Volume { +func Volumes(cfg config.Config, instance v1alpha1.TargetAllocator) []corev1.Volume { volumes := []corev1.Volume{{ Name: naming.TAConfigMapVolume(), VolumeSource: corev1.VolumeSource{ diff --git a/internal/manifests/targetallocator/volume_test.go b/internal/manifests/targetallocator/volume_test.go index 052e1fb20d..6d255e849c 100644 --- a/internal/manifests/targetallocator/volume_test.go +++ b/internal/manifests/targetallocator/volume_test.go @@ -19,14 +19,14 @@ import ( "github.com/stretchr/testify/assert" - "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) func TestVolumeNewDefault(t *testing.T) { // prepare - otelcol := v1beta1.TargetAllocator{} + otelcol := v1alpha1.TargetAllocator{} cfg := config.New() // test From cb7aaa831278ad0b4977709ed7dbb71919fdd19e Mon Sep 17 00:00:00 2001 From: Jacob Aronoff Date: Wed, 22 May 2024 11:22:59 -0400 Subject: [PATCH 24/88] [featuregate] Automatically set GOMEMLIMIT and GOMAXPROCS for collector, target allocator, opamp bridge (#2933) * set things * fix kustomize shim * restore, better chlog --- .chloggen/set-gomemlimit.yaml | 18 +++++++++++++++ internal/manifests/collector/container.go | 23 +++++++++++++++++++ internal/manifests/opampbridge/container.go | 23 +++++++++++++++++++ .../manifests/targetallocator/container.go | 23 +++++++++++++++++++ pkg/featuregate/featuregate.go | 8 +++++++ 5 files changed, 95 insertions(+) create mode 100755 .chloggen/set-gomemlimit.yaml diff --git a/.chloggen/set-gomemlimit.yaml b/.chloggen/set-gomemlimit.yaml new file mode 100755 index 0000000000..3f28143953 --- /dev/null +++ b/.chloggen/set-gomemlimit.yaml @@ -0,0 +1,18 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector, target allocator, opamp + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Introduces a new feature gate for `operator.golang.flags` to automatically add the environment variables for GOMAXPROCS and GOMEMLIMIT + +# One or more tracking issues related to the change +issues: [2919, 1456] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: | + A new featuregate `operator.golang.flags` is added. This featuregate will allow the operator to automatically + set GOMAXPROCS and GOMEMLIMIT equal to the CPU and Memory limit provided respectively for the pod. diff --git a/internal/manifests/collector/container.go b/internal/manifests/collector/container.go index 5f95ff12d9..77e7511ce2 100644 --- a/internal/manifests/collector/container.go +++ b/internal/manifests/collector/container.go @@ -30,6 +30,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector/adapters" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) // maxPortLen allows us to truncate a port name according to what is considered valid port syntax: @@ -176,6 +177,28 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme } } + if featuregate.SetGolangFlags.IsEnabled() { + envVars = append(envVars, corev1.EnvVar{ + Name: "GOMEMLIMIT", + ValueFrom: &corev1.EnvVarSource{ + ResourceFieldRef: &corev1.ResourceFieldSelector{ + Resource: "limits.memory", + ContainerName: naming.Container(), + }, + }, + }, + corev1.EnvVar{ + Name: "GOMAXPROCS", + ValueFrom: &corev1.EnvVarSource{ + ResourceFieldRef: &corev1.ResourceFieldSelector{ + Resource: "limits.cpu", + ContainerName: naming.Container(), + }, + }, + }, + ) + } + envVars = append(envVars, proxy.ReadProxyVarsFromEnv()...) return corev1.Container{ Name: naming.Container(), diff --git a/internal/manifests/opampbridge/container.go b/internal/manifests/opampbridge/container.go index 131eb040d5..6b5e70a8d6 100644 --- a/internal/manifests/opampbridge/container.go +++ b/internal/manifests/opampbridge/container.go @@ -22,6 +22,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) // Container builds a container for the given OpAMPBridge. @@ -62,6 +63,28 @@ func Container(cfg config.Config, logger logr.Logger, opampBridge v1alpha1.OpAMP }) } + if featuregate.SetGolangFlags.IsEnabled() { + envVars = append(envVars, corev1.EnvVar{ + Name: "GOMEMLIMIT", + ValueFrom: &corev1.EnvVarSource{ + ResourceFieldRef: &corev1.ResourceFieldSelector{ + Resource: "limits.memory", + ContainerName: naming.OpAMPBridgeContainer(), + }, + }, + }, + corev1.EnvVar{ + Name: "GOMAXPROCS", + ValueFrom: &corev1.EnvVarSource{ + ResourceFieldRef: &corev1.ResourceFieldSelector{ + Resource: "limits.cpu", + ContainerName: naming.OpAMPBridgeContainer(), + }, + }, + }, + ) + } + envVars = append(envVars, proxy.ReadProxyVarsFromEnv()...) return corev1.Container{ diff --git a/internal/manifests/targetallocator/container.go b/internal/manifests/targetallocator/container.go index 3480aa57eb..4193b269e8 100644 --- a/internal/manifests/targetallocator/container.go +++ b/internal/manifests/targetallocator/container.go @@ -24,6 +24,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) // Container builds a container for the given TargetAllocator. @@ -67,6 +68,28 @@ func Container(cfg config.Config, logger logr.Logger, instance v1alpha1.TargetAl }) } + if featuregate.SetGolangFlags.IsEnabled() { + envVars = append(envVars, corev1.EnvVar{ + Name: "GOMEMLIMIT", + ValueFrom: &corev1.EnvVarSource{ + ResourceFieldRef: &corev1.ResourceFieldSelector{ + Resource: "limits.memory", + ContainerName: naming.TAContainer(), + }, + }, + }, + corev1.EnvVar{ + Name: "GOMAXPROCS", + ValueFrom: &corev1.EnvVarSource{ + ResourceFieldRef: &corev1.ResourceFieldSelector{ + Resource: "limits.cpu", + ContainerName: naming.TAContainer(), + }, + }, + }, + ) + } + var args []string if instance.Spec.PrometheusCR.Enabled { args = append(args, "--enable-prometheus-cr-watcher") diff --git a/pkg/featuregate/featuregate.go b/pkg/featuregate/featuregate.go index 2d633c5276..f50095e874 100644 --- a/pkg/featuregate/featuregate.go +++ b/pkg/featuregate/featuregate.go @@ -32,6 +32,14 @@ var ( featuregate.WithRegisterDescription("enables features associated to the Prometheus Operator"), featuregate.WithRegisterFromVersion("v0.82.0"), ) + // SetGolangFlags is the feature gate that enables automatically setting GOMEMLIMIT and GOMAXPROCS for the + // collector, bridge, and target allocator. + SetGolangFlags = featuregate.GlobalRegistry().MustRegister( + "operator.golang.flags", + featuregate.StageAlpha, + featuregate.WithRegisterDescription("enables feature to set GOMEMLIMIT and GOMAXPROCS automatically"), + featuregate.WithRegisterFromVersion("v0.100.0"), + ) ) // Flags creates a new FlagSet that represents the available featuregate flags using the supplied featuregate registry. From 532661467348c63e0d6cc62ecd10f4ee22350904 Mon Sep 17 00:00:00 2001 From: Ishwar Kanse Date: Thu, 23 May 2024 20:22:24 +0530 Subject: [PATCH 25/88] Fix querying OpenShift user workload monitoring stack. (#2984) --- tests/e2e-openshift/monitoring/check_metrics.sh | 3 +-- tests/e2e-openshift/otlp-metrics-traces/check_metrics.sh | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/tests/e2e-openshift/monitoring/check_metrics.sh b/tests/e2e-openshift/monitoring/check_metrics.sh index 8331ff8366..e92a1649e4 100755 --- a/tests/e2e-openshift/monitoring/check_metrics.sh +++ b/tests/e2e-openshift/monitoring/check_metrics.sh @@ -1,7 +1,6 @@ #!/bin/bash -SECRET=$(oc get secret -n openshift-user-workload-monitoring | grep prometheus-user-workload-token | head -n 1 | awk '{print $1}') -TOKEN=$(echo $(oc get secret $SECRET -n openshift-user-workload-monitoring -o json | jq -r '.data.token') | base64 -d) +TOKEN=$(oc create token prometheus-user-workload -n openshift-user-workload-monitoring) THANOS_QUERIER_HOST=$(oc get route thanos-querier -n openshift-monitoring -o json | jq -r '.spec.host') #Check metrics for OpenTelemetry collector instance. diff --git a/tests/e2e-openshift/otlp-metrics-traces/check_metrics.sh b/tests/e2e-openshift/otlp-metrics-traces/check_metrics.sh index 066a5c01e0..18a487525a 100755 --- a/tests/e2e-openshift/otlp-metrics-traces/check_metrics.sh +++ b/tests/e2e-openshift/otlp-metrics-traces/check_metrics.sh @@ -1,7 +1,6 @@ #!/bin/bash -SECRET=$(oc get secret -n openshift-user-workload-monitoring | grep prometheus-user-workload-token | head -n 1 | awk '{print $1}') -TOKEN=$(echo $(oc get secret $SECRET -n openshift-user-workload-monitoring -o json | jq -r '.data.token') | base64 -d) +TOKEN=$(oc create token prometheus-user-workload -n openshift-user-workload-monitoring) THANOS_QUERIER_HOST=$(oc get route thanos-querier -n openshift-monitoring -o json | jq -r '.spec.host') while true; do From a8f63a14be001280e2b1230196461ecd96094be3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 10:13:51 +0200 Subject: [PATCH 26/88] Bump alpine from 3.19 to 3.20 (#2990) Bumps alpine from 3.19 to 3.20. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 75820d9f99..3ab8a0336d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Get CA certificates from alpine package repo -FROM alpine:3.19 as certificates +FROM alpine:3.20 as certificates RUN apk --no-cache add ca-certificates From 65d6c4f5840aef54ef1d73b74c4b9100fa5d8037 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 10:17:24 +0200 Subject: [PATCH 27/88] Bump alpine from 3.19 to 3.20 in /cmd/operator-opamp-bridge (#2991) Bumps alpine from 3.19 to 3.20. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- cmd/operator-opamp-bridge/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/operator-opamp-bridge/Dockerfile b/cmd/operator-opamp-bridge/Dockerfile index ebf707b249..1e02700eb7 100644 --- a/cmd/operator-opamp-bridge/Dockerfile +++ b/cmd/operator-opamp-bridge/Dockerfile @@ -1,5 +1,5 @@ # Get CA certificates from the Alpine package repo -FROM alpine:3.19 as certificates +FROM alpine:3.20 as certificates RUN apk --no-cache add ca-certificates From 307a6ba8a1feccd4085b18972819a78613d93695 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 10:30:24 +0200 Subject: [PATCH 28/88] Bump github.com/go-logr/logr from 1.4.1 to 1.4.2 (#2987) Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.4.1 to 1.4.2. - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](https://github.com/go-logr/logr/compare/v1.4.1...v1.4.2) --- updated-dependencies: - dependency-name: github.com/go-logr/logr dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 82390aeda0..45a877f7f2 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/ghodss/yaml v1.0.0 github.com/gin-gonic/gin v1.10.0 github.com/go-kit/log v0.2.1 - github.com/go-logr/logr v1.4.1 + github.com/go-logr/logr v1.4.2 github.com/json-iterator/go v1.1.12 github.com/oklog/run v1.1.0 github.com/oklog/ulid/v2 v2.1.0 @@ -35,6 +35,7 @@ require ( go.opentelemetry.io/otel/sdk v1.26.0 go.opentelemetry.io/otel/sdk/metric v1.26.0 go.uber.org/multierr v1.11.0 + go.uber.org/zap v1.26.0 gopkg.in/yaml.v2 v2.4.0 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.29.3 @@ -224,7 +225,6 @@ require ( go.opentelemetry.io/proto/otlp v1.2.0 // indirect go.uber.org/atomic v1.11.0 // indirect go.uber.org/goleak v1.3.0 // indirect - go.uber.org/zap v1.26.0 // indirect golang.org/x/arch v0.8.0 // indirect golang.org/x/crypto v0.23.0 // indirect go.uber.org/zap v1.27.0 // indirect diff --git a/go.sum b/go.sum index 6e0fb287f2..2da5619941 100644 --- a/go.sum +++ b/go.sum @@ -197,8 +197,8 @@ github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG github.com/go-logfmt/logfmt v0.6.0 h1:wGYYu3uicYdqXVgoYbvnkrPVXkuLM1p1ifugDMEdRi4= github.com/go-logfmt/logfmt v0.6.0/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= From 8138afed0e8548b956dca3fe334a4b27886737d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 10:30:47 +0200 Subject: [PATCH 29/88] Bump kyverno/action-install-chainsaw from 0.2.1 to 0.2.2 (#2989) Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw) from 0.2.1 to 0.2.2. - [Release notes](https://github.com/kyverno/action-install-chainsaw/releases) - [Commits](https://github.com/kyverno/action-install-chainsaw/compare/v0.2.1...v0.2.2) --- updated-dependencies: - dependency-name: kyverno/action-install-chainsaw dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 358f367439..8d09536f0c 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -57,7 +57,7 @@ jobs: path: bin key: ${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('Makefile') }}-${{ steps.setup-go.outputs.go-version }} - name: Install chainsaw - uses: kyverno/action-install-chainsaw@v0.2.1 + uses: kyverno/action-install-chainsaw@v0.2.2 - name: Install tools run: make install-tools - name: Prepare e2e tests From cf2660962342f42457e08b31106fa423874e4c3f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 14:59:40 +0200 Subject: [PATCH 30/88] Bump the otel group with 5 updates (#2986) Bumps the otel group with 5 updates: | Package | From | To | | --- | --- | --- | | [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` | | [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` | | [go.opentelemetry.io/otel/metric](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` | | [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` | | [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go) | `1.26.0` | `1.27.0` | Updates `go.opentelemetry.io/otel` from 1.26.0 to 1.27.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0) Updates `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` from 1.26.0 to 1.27.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0) Updates `go.opentelemetry.io/otel/metric` from 1.26.0 to 1.27.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0) Updates `go.opentelemetry.io/otel/sdk` from 1.26.0 to 1.27.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0) Updates `go.opentelemetry.io/otel/sdk/metric` from 1.26.0 to 1.27.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/metric dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/sdk dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/sdk/metric dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 24 ++++++++++++------------ go.sum | 50 ++++++++++++++++++++++++++------------------------ 2 files changed, 38 insertions(+), 36 deletions(-) diff --git a/go.mod b/go.mod index 45a877f7f2..e786618da4 100644 --- a/go.mod +++ b/go.mod @@ -29,11 +29,11 @@ require ( github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.9.0 go.opentelemetry.io/collector/featuregate v1.8.0 - go.opentelemetry.io/otel v1.26.0 - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.26.0 - go.opentelemetry.io/otel/metric v1.26.0 - go.opentelemetry.io/otel/sdk v1.26.0 - go.opentelemetry.io/otel/sdk/metric v1.26.0 + go.opentelemetry.io/otel v1.27.0 + go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 + go.opentelemetry.io/otel/metric v1.27.0 + go.opentelemetry.io/otel/sdk v1.27.0 + go.opentelemetry.io/otel/sdk/metric v1.27.0 go.uber.org/multierr v1.11.0 go.uber.org/zap v1.26.0 gopkg.in/yaml.v2 v2.4.0 @@ -99,7 +99,7 @@ require ( github.com/cert-manager/cert-manager v1.14.5 github.com/cloudwego/base64x v0.1.4 // indirect github.com/cloudwego/iasm v0.2.0 // indirect - github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa // indirect + github.com/cncf/xds/go v0.0.0-20240318125728-8a4994d93e50 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dennwc/varint v1.0.0 // indirect github.com/digitalocean/godo v1.113.0 // indirect @@ -156,7 +156,7 @@ require ( github.com/gophercloud/gophercloud v1.11.0 // indirect github.com/gorilla/websocket v1.5.1 // indirect github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd // indirect - github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect github.com/hashicorp/consul/api v1.28.2 // indirect github.com/hashicorp/cronexpr v1.1.2 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect @@ -221,7 +221,7 @@ require ( go.mongodb.org/mongo-driver v1.14.0 // indirect go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 // indirect - go.opentelemetry.io/otel/trace v1.26.0 // indirect + go.opentelemetry.io/otel/trace v1.27.0 // indirect go.opentelemetry.io/proto/otlp v1.2.0 // indirect go.uber.org/atomic v1.11.0 // indirect go.uber.org/goleak v1.3.0 // indirect @@ -233,7 +233,7 @@ require ( golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.25.0 // indirect - golang.org/x/oauth2 v0.19.0 // indirect + golang.org/x/oauth2 v0.20.0 // indirect golang.org/x/sync v0.7.0 // indirect golang.org/x/sys v0.20.0 // indirect golang.org/x/term v0.20.0 // indirect @@ -242,9 +242,9 @@ require ( golang.org/x/tools v0.20.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/api v0.174.0 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240415180920-8c6c420018be // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be // indirect - google.golang.org/grpc v1.63.2 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 // indirect + google.golang.org/grpc v1.64.0 // indirect google.golang.org/protobuf v1.34.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect diff --git a/go.sum b/go.sum index 2da5619941..eb2c357afd 100644 --- a/go.sum +++ b/go.sum @@ -123,8 +123,8 @@ github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJ github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg= github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa h1:jQCWAUqqlij9Pgj2i/PB79y4KOPYVyFYdROxgaCwdTQ= -github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa/go.mod h1:x/1Gn8zydmfq8dk6e9PdstVsDgu9RuyIIJqAaF//0IM= +github.com/cncf/xds/go v0.0.0-20240318125728-8a4994d93e50 h1:DBmgJDC9dTfkVyGgipamEh2BpGYxScCH1TOF1LL1cXc= +github.com/cncf/xds/go v0.0.0-20240318125728-8a4994d93e50/go.mod h1:5e1+Vvlzido69INQaVO6d87Qn543Xr6nooe9Kz7oBFM= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= @@ -334,8 +334,8 @@ github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/ github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd h1:PpuIBO5P3e9hpqBD0O/HjhShYuM6XE0i/lbE6J94kww= github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd/go.mod h1:M5qHK+eWfAv8VR/265dIuEpL3fNfeC21tXXp9itM24A= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 h1:/c3QmbOGMGTOumP2iT/rCwB7b0QDGLKzqOmktBjT+Is= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1/go.mod h1:5SN9VR2LTsRFsrEC6FHgRbTWrTHu6tqPeKxEQv15giM= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 h1:bkypFPDjIYGfCYD5mRBvpqxfYX1YCS1PXdKYWi8FsN0= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0/go.mod h1:P+Lt/0by1T8bfcF3z737NnSbmxQAppXMRziHUxPOC8k= github.com/hashicorp/consul/api v1.28.2 h1:mXfkRHrpHN4YY3RqL09nXU1eHKLNiuAN4kHvDQ16k/8= github.com/hashicorp/consul/api v1.28.2/go.mod h1:KyzqzgMEya+IZPcD65YFoOVAgPpbfERu4I/tzG6/ueE= github.com/hashicorp/consul/sdk v0.16.0 h1:SE9m0W6DEfgIVCJX7xU+iv/hUl4m/nxqMTnCdMxDpJ8= @@ -597,6 +597,8 @@ github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/rs/cors v1.10.1 h1:L0uuZVXIKlI1SShY2nhFfo44TYvDPQ1w4oFkUJNfhyo= github.com/rs/cors v1.10.1/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26 h1:F+GIVtGqCFxPxO46ujf8cEOP574MBoRm3gNbPXECbxs= @@ -665,22 +667,22 @@ go.opentelemetry.io/collector/featuregate v1.5.0 h1:uK8qnYQKz1TMkK+FDTFsywg/EybW go.opentelemetry.io/collector/featuregate v1.5.0/go.mod h1:w7nUODKxEi3FLf1HslCiE6YWtMtOOrMnSwsDam8Mg9w= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 h1:cEPbyTSEHlQR89XVlyo78gqluF8Y3oMeBkXGWzQsfXY= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0/go.mod h1:DKdbWcT4GH1D0Y3Sqt/PFXt2naRKDWtU+eE6oLdFNA8= -go.opentelemetry.io/otel v1.26.0 h1:LQwgL5s/1W7YiiRwxf03QGnWLb2HW4pLiAhaA5cZXBs= -go.opentelemetry.io/otel v1.26.0/go.mod h1:UmLkJHUAidDval2EICqBMbnAd0/m2vmpf/dAM+fvFs4= -go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.26.0 h1:HGZWGmCVRCVyAs2GQaiHQPbDHo+ObFWeUEOd+zDnp64= -go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.26.0/go.mod h1:SaH+v38LSCHddyk7RGlU9uZyQoRrKao6IBnJw6Kbn+c= +go.opentelemetry.io/otel v1.27.0 h1:9BZoF3yMK/O1AafMiQTVu0YDj5Ea4hPhxCs7sGva+cg= +go.opentelemetry.io/otel v1.27.0/go.mod h1:DMpAK8fzYRzs+bi3rS5REupisuqTheUlSZJ1WnZaPAQ= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 h1:CIHWikMsN3wO+wq1Tp5VGdVRTcON+DmOJSfDjXypKOc= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0/go.mod h1:TNupZ6cxqyFEpLXAZW7On+mLFL0/g0TE3unIYL91xWc= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 h1:t6wl9SPayj+c7lEIFgm4ooDBZVb01IhLB4InpomhRw8= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0/go.mod h1:iSDOcsnSA5INXzZtwaBPrKp/lWu/V14Dd+llD0oI2EA= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 h1:Xw8U6u2f8DK2XAkGRFV7BBLENgnTGX9i4rQRxJf+/vs= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0/go.mod h1:6KW1Fm6R/s6Z3PGXwSJN2K4eT6wQB3vXX6CVnYX9NmM= -go.opentelemetry.io/otel/metric v1.26.0 h1:7S39CLuY5Jgg9CrnA9HHiEjGMF/X2VHvoXGgSllRz30= -go.opentelemetry.io/otel/metric v1.26.0/go.mod h1:SY+rHOI4cEawI9a7N1A4nIg/nTQXe1ccCNWYOJUrpX4= -go.opentelemetry.io/otel/sdk v1.26.0 h1:Y7bumHf5tAiDlRYFmGqetNcLaVUZmh4iYfmGxtmz7F8= -go.opentelemetry.io/otel/sdk v1.26.0/go.mod h1:0p8MXpqLeJ0pzcszQQN4F0S5FVjBLgypeGSngLsmirs= -go.opentelemetry.io/otel/sdk/metric v1.26.0 h1:cWSks5tfriHPdWFnl+qpX3P681aAYqlZHcAyHw5aU9Y= -go.opentelemetry.io/otel/sdk/metric v1.26.0/go.mod h1:ClMFFknnThJCksebJwz7KIyEDHO+nTB6gK8obLy8RyE= -go.opentelemetry.io/otel/trace v1.26.0 h1:1ieeAUb4y0TE26jUFrCIXKpTuVK7uJGN9/Z/2LP5sQA= -go.opentelemetry.io/otel/trace v1.26.0/go.mod h1:4iDxvGDQuUkHve82hJJ8UqrwswHYsZuWCBllGV2U2y0= +go.opentelemetry.io/otel/metric v1.27.0 h1:hvj3vdEKyeCi4YaYfNjv2NUje8FqKqUY8IlF0FxV/ik= +go.opentelemetry.io/otel/metric v1.27.0/go.mod h1:mVFgmRlhljgBiuk/MP/oKylr4hs85GZAylncepAX/ak= +go.opentelemetry.io/otel/sdk v1.27.0 h1:mlk+/Y1gLPLn84U4tI8d3GNJmGT/eXe3ZuOXN9kTWmI= +go.opentelemetry.io/otel/sdk v1.27.0/go.mod h1:Ha9vbLwJE6W86YstIywK2xFfPjbWlCuwPtMkKdz/Y4A= +go.opentelemetry.io/otel/sdk/metric v1.27.0 h1:5uGNOlpXi+Hbo/DRoI31BSb1v+OGcpv2NemcCrOL8gI= +go.opentelemetry.io/otel/sdk/metric v1.27.0/go.mod h1:we7jJVrYN2kh3mVBlswtPU22K0SA+769l93J6bsyvqw= +go.opentelemetry.io/otel/trace v1.27.0 h1:IqYb813p7cmbHk0a5y6pD5JPakbVfftRXABGt5/Rscw= +go.opentelemetry.io/otel/trace v1.27.0/go.mod h1:6RiD1hkAprV4/q+yd2ln1HG9GoPx39SuvvstaLBl+l4= go.opentelemetry.io/proto/otlp v1.2.0 h1:pVeZGk7nXDC9O2hncA6nHldxEjm6LByfA2aN8IOkz94= go.opentelemetry.io/proto/otlp v1.2.0/go.mod h1:gGpR8txAl5M03pDhMC79G6SdqNV26naRm/KDsgaHD8A= go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= @@ -791,8 +793,8 @@ golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= -golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= +golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo= +golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1000,10 +1002,10 @@ google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7Fc google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto/googleapis/api v0.0.0-20240415180920-8c6c420018be h1:Zz7rLWqp0ApfsR/l7+zSHhY3PMiH2xqgxlfYfAfNpoU= -google.golang.org/genproto/googleapis/api v0.0.0-20240415180920-8c6c420018be/go.mod h1:dvdCTIoAGbkWbcIKBniID56/7XHTt6WfxXNMxuziJ+w= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be h1:LG9vZxsWGOmUKieR8wPAUR3u3MpnYFQZROPIMaXh7/A= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= +google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5 h1:P8OJ/WCl/Xo4E4zoe4/bifHpSmmKwARqyqE4nW6J2GQ= +google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5/go.mod h1:RGnPtTG7r4i8sPlNyDeikXF99hMM+hN6QMm4ooG9g2g= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 h1:AgADTJarZTBqgjiUzRgfaBchgYB3/WFTC80GPwsMcRI= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -1017,8 +1019,8 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.63.2 h1:MUeiw1B2maTVZthpU5xvASfTh3LDbxHd6IJ6QQVU+xM= -google.golang.org/grpc v1.63.2/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA= +google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY= +google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= From 59197339009dcb81dbb99509e135a3621f2f9949 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 15:00:00 +0200 Subject: [PATCH 31/88] Bump alpine from 3.19 to 3.20 in /cmd/otel-allocator (#2992) Bumps alpine from 3.19 to 3.20. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- cmd/otel-allocator/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/otel-allocator/Dockerfile b/cmd/otel-allocator/Dockerfile index 0d50a4f548..2e57628925 100644 --- a/cmd/otel-allocator/Dockerfile +++ b/cmd/otel-allocator/Dockerfile @@ -1,5 +1,5 @@ # Get CA certificates from the Alpine package repo -FROM alpine:3.19 as certificates +FROM alpine:3.20 as certificates RUN apk --no-cache add ca-certificates From fa40888035f2c8a387d5c1d78a1ee34e898dcbc3 Mon Sep 17 00:00:00 2001 From: Matt Hagenbuch Date: Tue, 28 May 2024 08:57:16 -0700 Subject: [PATCH 32/88] Keep multiple versions of Collector Config (#2946) --- .chloggen/matth.versioned_config.yaml | 17 ++++++++++ apis/v1beta1/opentelemetrycollector_types.go | 6 ++++ ...ntelemetry.io_opentelemetrycollectors.yaml | 4 +++ ...ntelemetry.io_opentelemetrycollectors.yaml | 4 +++ controllers/builder_test.go | 29 ++++++++++------ .../opentelemetrycollector_controller.go | 34 +++++++++++++++++++ controllers/reconcile_test.go | 12 +++++-- controllers/suite_test.go | 11 ++++++ docs/api.md | 11 ++++++ internal/manifests/collector/configmap.go | 9 +++-- .../manifests/collector/configmap_test.go | 29 +++++++++++----- internal/manifests/collector/volume.go | 5 ++- .../manifests/manifestutils/annotations.go | 6 ++-- internal/naming/main.go | 5 +-- .../targetallocator-features/00-assert.yaml | 2 +- .../00-assert.yaml | 2 +- .../00-assert.yaml | 2 +- tests/e2e/managed-reconcile/02-assert.yaml | 2 +- tests/e2e/multiple-configmaps/00-assert.yaml | 2 +- .../e2e/smoke-targetallocator/00-assert.yaml | 2 +- tests/e2e/statefulset-features/00-assert.yaml | 2 +- tests/e2e/statefulset-features/01-assert.yaml | 2 +- tests/e2e/versioned-configmaps/00-assert.yaml | 19 +++++++++++ .../e2e/versioned-configmaps/00-install.yaml | 27 +++++++++++++++ tests/e2e/versioned-configmaps/01-assert.yaml | 24 +++++++++++++ tests/e2e/versioned-configmaps/01-update.yaml | 27 +++++++++++++++ tests/e2e/versioned-configmaps/02-error.yaml | 5 +++ tests/e2e/versioned-configmaps/02-update.yaml | 27 +++++++++++++++ .../versioned-configmaps/chainsaw-test.yaml | 28 +++++++++++++++ 29 files changed, 317 insertions(+), 38 deletions(-) create mode 100755 .chloggen/matth.versioned_config.yaml create mode 100644 tests/e2e/versioned-configmaps/00-assert.yaml create mode 100644 tests/e2e/versioned-configmaps/00-install.yaml create mode 100644 tests/e2e/versioned-configmaps/01-assert.yaml create mode 100644 tests/e2e/versioned-configmaps/01-update.yaml create mode 100644 tests/e2e/versioned-configmaps/02-error.yaml create mode 100644 tests/e2e/versioned-configmaps/02-update.yaml create mode 100755 tests/e2e/versioned-configmaps/chainsaw-test.yaml diff --git a/.chloggen/matth.versioned_config.yaml b/.chloggen/matth.versioned_config.yaml new file mode 100755 index 0000000000..b49551e923 --- /dev/null +++ b/.chloggen/matth.versioned_config.yaml @@ -0,0 +1,17 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Keep multiple previous versions of the Collector ConfigMap, configurable via the ConfigVersions field. + +# One or more tracking issues related to the change +issues: [2871] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: | + This change introduces a new field in the Collector ConfigMap, `ConfigVersions`, which allows users to specify the number of previous versions of the Collector ConfigMap to keep. The default value is 1, which means that the current and one previous version of the Collector ConfigMap are kept. By keeping historical versions of the configuration, we ensure that during a config upgrade the previous configuration is still available for running (non-upgraded) pods as well as for rollbacks. If we overwrite the original ConfigMap with the new configuration, any pod which restarts for any reason will get the new configuration, which makes rollouts impossible to control. \ No newline at end of file diff --git a/apis/v1beta1/opentelemetrycollector_types.go b/apis/v1beta1/opentelemetrycollector_types.go index 141178895f..28e91ded22 100644 --- a/apis/v1beta1/opentelemetrycollector_types.go +++ b/apis/v1beta1/opentelemetrycollector_types.go @@ -94,6 +94,12 @@ type OpenTelemetryCollectorSpec struct { // +required // +kubebuilder:pruning:PreserveUnknownFields Config Config `json:"config"` + // ConfigVersions defines the number versions to keep for the collector config. Each config version is stored in a separate ConfigMap. + // Defaults to 3. The minimum value is 1. + // +optional + // +kubebuilder:default:=3 + // +kubebuilder:validation:Minimum:=1 + ConfigVersions int `json:"configVersions,omitempty"` // Ingress is used to specify how OpenTelemetry Collector is exposed. This // functionality is only available if one of the valid modes is set. // Valid modes are: deployment, daemonset and statefulset. diff --git a/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml b/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml index 092ca2428e..c7b60afc4f 100644 --- a/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml +++ b/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml @@ -5555,6 +5555,10 @@ spec: - service type: object x-kubernetes-preserve-unknown-fields: true + configVersions: + default: 3 + minimum: 1 + type: integer configmaps: items: properties: diff --git a/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml b/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml index ad8c35a81b..e1121c60af 100644 --- a/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml +++ b/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml @@ -5541,6 +5541,10 @@ spec: - service type: object x-kubernetes-preserve-unknown-fields: true + configVersions: + default: 3 + minimum: 1 + type: integer configmaps: items: properties: diff --git a/controllers/builder_test.go b/controllers/builder_test.go index 32fd6db2fd..63de426fb4 100644 --- a/controllers/builder_test.go +++ b/controllers/builder_test.go @@ -37,6 +37,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -86,6 +87,10 @@ service: goodConfig := v1beta1.Config{} err := go_yaml.Unmarshal([]byte(goodConfigYaml), &goodConfig) require.NoError(t, err) + + goodConfigHash, _ := manifestutils.GetConfigMapSHA(goodConfig) + goodConfigHash = goodConfigHash[:8] + one := int32(1) type args struct { instance v1beta1.OpenTelemetryCollector @@ -164,7 +169,7 @@ service: VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, }, Items: []corev1.KeyToPath{ { @@ -223,7 +228,7 @@ service: }, &corev1.ConfigMap{ ObjectMeta: metav1.ObjectMeta{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, Namespace: "test", Labels: map[string]string{ "app.kubernetes.io/component": "opentelemetry-collector", @@ -414,7 +419,7 @@ service: VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, }, Items: []corev1.KeyToPath{ { @@ -473,7 +478,7 @@ service: }, &corev1.ConfigMap{ ObjectMeta: metav1.ObjectMeta{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, Namespace: "test", Labels: map[string]string{ "app.kubernetes.io/component": "opentelemetry-collector", @@ -700,7 +705,7 @@ service: VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, }, Items: []corev1.KeyToPath{ { @@ -759,7 +764,7 @@ service: }, &corev1.ConfigMap{ ObjectMeta: metav1.ObjectMeta{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, Namespace: "test", Labels: map[string]string{ "app.kubernetes.io/component": "opentelemetry-collector", @@ -1138,6 +1143,10 @@ service: goodConfig := v1beta1.Config{} err := go_yaml.Unmarshal([]byte(goodConfigYaml), &goodConfig) require.NoError(t, err) + + goodConfigHash, _ := manifestutils.GetConfigMapSHA(goodConfig) + goodConfigHash = goodConfigHash[:8] + one := int32(1) type args struct { instance v1beta1.OpenTelemetryCollector @@ -1225,7 +1234,7 @@ service: VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, }, Items: []corev1.KeyToPath{ { @@ -1284,7 +1293,7 @@ service: }, &corev1.ConfigMap{ ObjectMeta: metav1.ObjectMeta{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, Namespace: "test", Labels: map[string]string{ "app.kubernetes.io/component": "opentelemetry-collector", @@ -1620,7 +1629,7 @@ prometheus_cr: VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, }, Items: []corev1.KeyToPath{ { @@ -1679,7 +1688,7 @@ prometheus_cr: }, &corev1.ConfigMap{ ObjectMeta: metav1.ObjectMeta{ - Name: "test-collector", + Name: "test-collector-" + goodConfigHash, Namespace: "test", Labels: map[string]string{ "app.kubernetes.io/component": "opentelemetry-collector", diff --git a/controllers/opentelemetrycollector_controller.go b/controllers/opentelemetrycollector_controller.go index e4f64429d3..b005728199 100644 --- a/controllers/opentelemetrycollector_controller.go +++ b/controllers/opentelemetrycollector_controller.go @@ -17,6 +17,8 @@ package controllers import ( "context" + "fmt" + "sort" "github.com/go-logr/logr" routev1 "github.com/openshift/api/route/v1" @@ -111,6 +113,17 @@ func (r *OpenTelemetryCollectorReconciler) findOtelOwnedObjects(ctx context.Cont ownedObjects[uid] = object } } + + configMapList := &corev1.ConfigMapList{} + err := r.List(ctx, configMapList, listOps) + if err != nil { + return nil, fmt.Errorf("error listing ConfigMaps: %w", err) + } + ownedConfigMaps := r.getConfigMapsToRemove(params.OtelCol.Spec.ConfigVersions, configMapList) + for i := range ownedConfigMaps { + ownedObjects[ownedConfigMaps[i].GetUID()] = &ownedConfigMaps[i] + } + return ownedObjects, nil } @@ -134,6 +147,27 @@ func (r *OpenTelemetryCollectorReconciler) findClusterRoleObjects(ctx context.Co return ownedObjects, nil } +// getConfigMapsToRemove returns a list of ConfigMaps to remove based on the number of ConfigMaps to keep. +// It keeps the newest ConfigMap, the `configVersionsToKeep` next newest ConfigMaps, and returns the remainder. +func (r *OpenTelemetryCollectorReconciler) getConfigMapsToRemove(configVersionsToKeep int, configMapList *corev1.ConfigMapList) []corev1.ConfigMap { + configVersionsToKeep = max(1, configVersionsToKeep) + ownedConfigMaps := []corev1.ConfigMap{} + sort.Slice(configMapList.Items, func(i, j int) bool { + iTime := configMapList.Items[i].GetCreationTimestamp().Time + jTime := configMapList.Items[j].GetCreationTimestamp().Time + // sort the ConfigMaps newest to oldest + return iTime.After(jTime) + }) + + for i := range configMapList.Items { + if i > configVersionsToKeep { + ownedConfigMaps = append(ownedConfigMaps, configMapList.Items[i]) + } + } + + return ownedConfigMaps +} + func (r *OpenTelemetryCollectorReconciler) getParams(instance v1beta1.OpenTelemetryCollector) (manifests.Params, error) { p := manifests.Params{ Config: r.config, diff --git a/controllers/reconcile_test.go b/controllers/reconcile_test.go index db6cfb267b..2a48e28ed9 100644 --- a/controllers/reconcile_test.go +++ b/controllers/reconcile_test.go @@ -430,7 +430,9 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { result: controllerruntime.Result{}, checks: []check[v1alpha1.OpenTelemetryCollector]{ func(t *testing.T, params v1alpha1.OpenTelemetryCollector) { - exists, err := populateObjectIfExists(t, &v1.ConfigMap{}, namespacedObjectName(naming.Collector(params.Name), params.Namespace)) + configHash, _ := getConfigMapSHAFromString(params.Spec.Config) + configHash = configHash[:8] + exists, err := populateObjectIfExists(t, &v1.ConfigMap{}, namespacedObjectName(naming.ConfigMap(params.Name, configHash), params.Namespace)) assert.NoError(t, err) assert.True(t, exists) exists, err = populateObjectIfExists(t, &appsv1.StatefulSet{}, namespacedObjectName(naming.Collector(params.Name), params.Namespace)) @@ -452,7 +454,9 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { result: controllerruntime.Result{}, checks: []check[v1alpha1.OpenTelemetryCollector]{ func(t *testing.T, params v1alpha1.OpenTelemetryCollector) { - exists, err := populateObjectIfExists(t, &v1.ConfigMap{}, namespacedObjectName(naming.Collector(params.Name), params.Namespace)) + configHash, _ := getConfigMapSHAFromString(params.Spec.Config) + configHash = configHash[:8] + exists, err := populateObjectIfExists(t, &v1.ConfigMap{}, namespacedObjectName(naming.ConfigMap(params.Name, configHash), params.Namespace)) assert.NoError(t, err) assert.True(t, exists) actual := v1.ConfigMap{} @@ -497,7 +501,9 @@ func TestOpenTelemetryCollectorReconciler_Reconcile(t *testing.T) { result: controllerruntime.Result{}, checks: []check[v1alpha1.OpenTelemetryCollector]{ func(t *testing.T, params v1alpha1.OpenTelemetryCollector) { - exists, err := populateObjectIfExists(t, &v1.ConfigMap{}, namespacedObjectName(naming.Collector(params.Name), params.Namespace)) + configHash, _ := getConfigMapSHAFromString(params.Spec.Config) + configHash = configHash[:8] + exists, err := populateObjectIfExists(t, &v1.ConfigMap{}, namespacedObjectName(naming.ConfigMap(params.Name, configHash), params.Namespace)) assert.NoError(t, err) assert.True(t, exists) actual := v1.ConfigMap{} diff --git a/controllers/suite_test.go b/controllers/suite_test.go index b9c2aebfce..b17379dd8b 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -50,6 +50,7 @@ import ( logf "sigs.k8s.io/controller-runtime/pkg/log" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" "sigs.k8s.io/controller-runtime/pkg/webhook" + "sigs.k8s.io/yaml" "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" @@ -60,6 +61,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector/testdata" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/rbac" // +kubebuilder:scaffold:imports ) @@ -480,3 +482,12 @@ func populateObjectIfExists(t testing.TB, object client.Object, namespacedName t } return true, nil } + +func getConfigMapSHAFromString(configStr string) (string, error) { + var config v1beta1.Config + err := yaml.Unmarshal([]byte(configStr), &config) + if err != nil { + return "", err + } + return manifestutils.GetConfigMapSHA(config) +} diff --git a/docs/api.md b/docs/api.md index c374b1d622..43815b9add 100644 --- a/docs/api.md +++ b/docs/api.md @@ -29872,6 +29872,17 @@ doing so, you wil accept the risk of it breaking things.
for the workload.
false + + configVersions + integer + + ConfigVersions defines the number versions to keep for the collector config. Each config version is stored in a separate ConfigMap. +Defaults to 3. The minimum value is 1.
+
+ Default: 3
+ Minimum: 1
+ + false configmaps []object diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index bc7adde837..f0654e05b4 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -26,8 +26,13 @@ import ( ) func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { - name := naming.ConfigMap(params.OtelCol.Name) - labels := manifestutils.Labels(params.OtelCol.ObjectMeta, name, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) + hash, err := manifestutils.GetConfigMapSHA(params.OtelCol.Spec.Config) + if err != nil { + return nil, err + } + name := naming.ConfigMap(params.OtelCol.Name, hash) + collectorName := naming.Collector(params.OtelCol.Name) + labels := manifestutils.Labels(params.OtelCol.ObjectMeta, collectorName, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) replaceCfgOpts := []ta.TAOption{} if params.Config.CertManagerAvailability() == certmanager.Available { diff --git a/internal/manifests/collector/configmap_test.go b/internal/manifests/collector/configmap_test.go index b850084c53..d7614c8648 100644 --- a/internal/manifests/collector/configmap_test.go +++ b/internal/manifests/collector/configmap_test.go @@ -18,6 +18,9 @@ import ( "testing" "github.com/stretchr/testify/assert" + + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" + "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) func TestDesiredConfigMap(t *testing.T) { @@ -29,9 +32,6 @@ func TestDesiredConfigMap(t *testing.T) { } t.Run("should return expected collector config map", func(t *testing.T) { - expectedLables["app.kubernetes.io/component"] = "opentelemetry-collector" - expectedLables["app.kubernetes.io/name"] = "test-collector" - expectedLables["app.kubernetes.io/version"] = "0.47.0" expectedData := map[string]string{ "collector.yaml": `receivers: @@ -58,10 +58,17 @@ service: } param := deploymentParams() + hash, _ := manifestutils.GetConfigMapSHA(param.OtelCol.Spec.Config) + expectedName := naming.ConfigMap("test", hash) + + expectedLables["app.kubernetes.io/component"] = "opentelemetry-collector" + expectedLables["app.kubernetes.io/name"] = "test-collector" + expectedLables["app.kubernetes.io/version"] = "0.47.0" + actual, err := ConfigMap(param) assert.NoError(t, err) - assert.Equal(t, "test-collector", actual.Name) + assert.Equal(t, expectedName, actual.Name) assert.Equal(t, expectedLables, actual.Labels) assert.Equal(t, len(expectedData), len(actual.Data)) for k, expected := range expectedData { @@ -70,10 +77,6 @@ service: }) t.Run("should return expected escaped collector config map with target_allocator config block", func(t *testing.T) { - expectedLables["app.kubernetes.io/component"] = "opentelemetry-collector" - expectedLables["app.kubernetes.io/name"] = "test-collector" - expectedLables["app.kubernetes.io/version"] = "latest" - expectedData := map[string]string{ "collector.yaml": `exporters: debug: @@ -97,11 +100,19 @@ service: param, err := newParams("test/test-img", "testdata/http_sd_config_servicemonitor_test.yaml") assert.NoError(t, err) + + hash, _ := manifestutils.GetConfigMapSHA(param.OtelCol.Spec.Config) + expectedName := naming.ConfigMap("test", hash) + + expectedLables["app.kubernetes.io/component"] = "opentelemetry-collector" + expectedLables["app.kubernetes.io/name"] = "test-collector" + expectedLables["app.kubernetes.io/version"] = "latest" + param.OtelCol.Spec.TargetAllocator.Enabled = true actual, err := ConfigMap(param) assert.NoError(t, err) - assert.Equal(t, "test-collector", actual.Name) + assert.Equal(t, expectedName, actual.Name) assert.Equal(t, expectedLables, actual.Labels) assert.Equal(t, len(expectedData), len(actual.Data)) for k, expected := range expectedData { diff --git a/internal/manifests/collector/volume.go b/internal/manifests/collector/volume.go index 29a5bbb5f8..d46e56939a 100644 --- a/internal/manifests/collector/volume.go +++ b/internal/manifests/collector/volume.go @@ -21,16 +21,19 @@ import ( "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) // Volumes builds the volumes for the given instance, including the config map volume. func Volumes(cfg config.Config, otelcol v1beta1.OpenTelemetryCollector) []corev1.Volume { + hash, _ := manifestutils.GetConfigMapSHA(otelcol.Spec.Config) + configMapName := naming.ConfigMap(otelcol.Name, hash) volumes := []corev1.Volume{{ Name: naming.ConfigMapVolume(), VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ - LocalObjectReference: corev1.LocalObjectReference{Name: naming.ConfigMap(otelcol.Name)}, + LocalObjectReference: corev1.LocalObjectReference{Name: configMapName}, Items: []corev1.KeyToPath{{ Key: cfg.CollectorConfigMapEntry(), Path: cfg.CollectorConfigMapEntry(), diff --git a/internal/manifests/manifestutils/annotations.go b/internal/manifests/manifestutils/annotations.go index 06f1baed81..c4243e350d 100644 --- a/internal/manifests/manifestutils/annotations.go +++ b/internal/manifests/manifestutils/annotations.go @@ -44,7 +44,7 @@ func Annotations(instance v1beta1.OpenTelemetryCollector, filterAnnotations []st } } - hash, err := getConfigMapSHA(instance.Spec.Config) + hash, err := GetConfigMapSHA(instance.Spec.Config) if err != nil { return nil, err } @@ -78,7 +78,7 @@ func PodAnnotations(instance v1beta1.OpenTelemetryCollector, filterAnnotations [ } } - hash, err := getConfigMapSHA(instance.Spec.Config) + hash, err := GetConfigMapSHA(instance.Spec.Config) if err != nil { return nil, err } @@ -88,7 +88,7 @@ func PodAnnotations(instance v1beta1.OpenTelemetryCollector, filterAnnotations [ return podAnnotations, nil } -func getConfigMapSHA(config v1beta1.Config) (string, error) { +func GetConfigMapSHA(config v1beta1.Config) (string, error) { b, err := json.Marshal(&config) if err != nil { return "", err diff --git a/internal/naming/main.go b/internal/naming/main.go index 4c51835d70..a4a0882026 100644 --- a/internal/naming/main.go +++ b/internal/naming/main.go @@ -16,8 +16,9 @@ package naming // ConfigMap builds the name for the config map used in the OpenTelemetryCollector containers. -func ConfigMap(otelcol string) string { - return DNSName(Truncate("%s-collector", 63, otelcol)) +// The configHash should be calculated using manifestutils.GetConfigMapSHA. +func ConfigMap(otelcol, configHash string) string { + return DNSName(Truncate("%s-collector-%s", 63, otelcol, configHash[:8])) } // TAConfigMap returns the name for the config map used in the TargetAllocator. diff --git a/tests/e2e-targetallocator/targetallocator-features/00-assert.yaml b/tests/e2e-targetallocator/targetallocator-features/00-assert.yaml index 823f435484..7175937de8 100644 --- a/tests/e2e-targetallocator/targetallocator-features/00-assert.yaml +++ b/tests/e2e-targetallocator/targetallocator-features/00-assert.yaml @@ -20,7 +20,7 @@ spec: items: - key: collector.yaml path: collector.yaml - name: stateful-collector + name: stateful-collector-31b1d381 name: otc-internal - emptyDir: {} name: testvolume diff --git a/tests/e2e-targetallocator/targetallocator-kubernetessd/00-assert.yaml b/tests/e2e-targetallocator/targetallocator-kubernetessd/00-assert.yaml index 88d16ed604..300d2668b4 100644 --- a/tests/e2e-targetallocator/targetallocator-kubernetessd/00-assert.yaml +++ b/tests/e2e-targetallocator/targetallocator-kubernetessd/00-assert.yaml @@ -15,7 +15,7 @@ metadata: apiVersion: v1 kind: ConfigMap metadata: - name: prometheus-kubernetessd-collector + name: prometheus-kubernetessd-collector-8236b782 data: collector.yaml: | exporters: diff --git a/tests/e2e-targetallocator/targetallocator-prometheuscr/00-assert.yaml b/tests/e2e-targetallocator/targetallocator-prometheuscr/00-assert.yaml index 66a10f2f1d..4afae1a5ee 100644 --- a/tests/e2e-targetallocator/targetallocator-prometheuscr/00-assert.yaml +++ b/tests/e2e-targetallocator/targetallocator-prometheuscr/00-assert.yaml @@ -43,4 +43,4 @@ data: - prometheus kind: ConfigMap metadata: - name: prometheus-cr-collector + name: prometheus-cr-collector-b88fa6e7 diff --git a/tests/e2e/managed-reconcile/02-assert.yaml b/tests/e2e/managed-reconcile/02-assert.yaml index 0a6a83b1a3..0847c94ed8 100644 --- a/tests/e2e/managed-reconcile/02-assert.yaml +++ b/tests/e2e/managed-reconcile/02-assert.yaml @@ -52,7 +52,7 @@ spec: apiVersion: v1 kind: ConfigMap metadata: - name: simplest-collector + name: simplest-collector-17ca6c13 data: collector.yaml: | receivers: diff --git a/tests/e2e/multiple-configmaps/00-assert.yaml b/tests/e2e/multiple-configmaps/00-assert.yaml index 14c929470a..b040f87074 100644 --- a/tests/e2e/multiple-configmaps/00-assert.yaml +++ b/tests/e2e/multiple-configmaps/00-assert.yaml @@ -25,7 +25,7 @@ spec: volumes: - name: otc-internal configMap: - name: simplest-with-configmaps-collector + name: simplest-with-configmaps-collector-17ca6c13 items: - key: collector.yaml path: collector.yaml diff --git a/tests/e2e/smoke-targetallocator/00-assert.yaml b/tests/e2e/smoke-targetallocator/00-assert.yaml index 35a1d6356f..53d8bc5a89 100644 --- a/tests/e2e/smoke-targetallocator/00-assert.yaml +++ b/tests/e2e/smoke-targetallocator/00-assert.yaml @@ -45,4 +45,4 @@ data: - jaeger kind: ConfigMap metadata: - name: stateful-collector + name: stateful-collector-fb278632 diff --git a/tests/e2e/statefulset-features/00-assert.yaml b/tests/e2e/statefulset-features/00-assert.yaml index 744ba76e26..5363d785b9 100644 --- a/tests/e2e/statefulset-features/00-assert.yaml +++ b/tests/e2e/statefulset-features/00-assert.yaml @@ -20,7 +20,7 @@ spec: items: - key: collector.yaml path: collector.yaml - name: stateful-collector + name: stateful-collector-f0fa6faa name: otc-internal - emptyDir: {} name: testvolume diff --git a/tests/e2e/statefulset-features/01-assert.yaml b/tests/e2e/statefulset-features/01-assert.yaml index fdccb0fadd..c68dc9aa80 100644 --- a/tests/e2e/statefulset-features/01-assert.yaml +++ b/tests/e2e/statefulset-features/01-assert.yaml @@ -20,7 +20,7 @@ spec: items: - key: collector.yaml path: collector.yaml - name: stateful-collector + name: stateful-collector-f0fa6faa name: otc-internal - emptyDir: {} name: testvolume diff --git a/tests/e2e/versioned-configmaps/00-assert.yaml b/tests/e2e/versioned-configmaps/00-assert.yaml new file mode 100644 index 0000000000..09b5d13d9e --- /dev/null +++ b/tests/e2e/versioned-configmaps/00-assert.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: simple-collector +spec: + template: + spec: + volumes: + - name: otc-internal + configMap: + name: simple-collector-d6f40475 +status: + readyReplicas: 1 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: simple-collector-d6f40475 diff --git a/tests/e2e/versioned-configmaps/00-install.yaml b/tests/e2e/versioned-configmaps/00-install.yaml new file mode 100644 index 0000000000..a34135e7f0 --- /dev/null +++ b/tests/e2e/versioned-configmaps/00-install.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: opentelemetry.io/v1beta1 +kind: OpenTelemetryCollector +metadata: + name: simple +spec: + mode: "deployment" + configVersions: 1 + config: + receivers: + otlp: + protocols: + grpc: {} + http: {} + processors: + batch: + send_batch_size: 10000 + timeout: 10s + exporters: + debug: {} + + service: + pipelines: + traces: + receivers: [otlp] + processors: [batch] + exporters: [debug] diff --git a/tests/e2e/versioned-configmaps/01-assert.yaml b/tests/e2e/versioned-configmaps/01-assert.yaml new file mode 100644 index 0000000000..b9cb6d35d9 --- /dev/null +++ b/tests/e2e/versioned-configmaps/01-assert.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: simple-collector +spec: + template: + spec: + volumes: + - name: otc-internal + configMap: + name: simple-collector-8cd615bf +status: + readyReplicas: 1 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: simple-collector-d6f40475 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: simple-collector-8cd615bf diff --git a/tests/e2e/versioned-configmaps/01-update.yaml b/tests/e2e/versioned-configmaps/01-update.yaml new file mode 100644 index 0000000000..8004c4ef55 --- /dev/null +++ b/tests/e2e/versioned-configmaps/01-update.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: opentelemetry.io/v1beta1 +kind: OpenTelemetryCollector +metadata: + name: simple +spec: + mode: "deployment" + configVersions: 1 + config: + receivers: + otlp: + protocols: + grpc: {} + http: {} + processors: + batch: + send_batch_size: 10000 + timeout: 20s + exporters: + debug: {} + + service: + pipelines: + traces: + receivers: [otlp] + processors: [batch] + exporters: [debug] diff --git a/tests/e2e/versioned-configmaps/02-error.yaml b/tests/e2e/versioned-configmaps/02-error.yaml new file mode 100644 index 0000000000..2b63829a6c --- /dev/null +++ b/tests/e2e/versioned-configmaps/02-error.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: simple-collector-d6f40475 diff --git a/tests/e2e/versioned-configmaps/02-update.yaml b/tests/e2e/versioned-configmaps/02-update.yaml new file mode 100644 index 0000000000..7cb8f19060 --- /dev/null +++ b/tests/e2e/versioned-configmaps/02-update.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: opentelemetry.io/v1beta1 +kind: OpenTelemetryCollector +metadata: + name: simple +spec: + mode: "deployment" + configVersions: 1 + config: + receivers: + otlp: + protocols: + grpc: {} + http: {} + processors: + batch: + send_batch_size: 10000 + timeout: 30s + exporters: + debug: {} + + service: + pipelines: + traces: + receivers: [otlp] + processors: [batch] + exporters: [debug] \ No newline at end of file diff --git a/tests/e2e/versioned-configmaps/chainsaw-test.yaml b/tests/e2e/versioned-configmaps/chainsaw-test.yaml new file mode 100755 index 0000000000..f837498100 --- /dev/null +++ b/tests/e2e/versioned-configmaps/chainsaw-test.yaml @@ -0,0 +1,28 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json +apiVersion: chainsaw.kyverno.io/v1alpha1 +kind: Test +metadata: + creationTimestamp: null + name: versioned-configmaps +spec: + steps: + - name: step-00 + try: + - apply: + file: 00-install.yaml + - assert: + file: 00-assert.yaml + # Update the collector config and ensure both the new and old confmaps are present + - name: step-01 + try: + - apply: + file: 01-update.yaml + - assert: + file: 01-assert.yaml + # Update the collector config again and ensure the oldest confmap is deleted + - name: step-02 + try: + - apply: + file: 02-update.yaml + - error: + file: 02-error.yaml \ No newline at end of file From c678e14fcd03ec651800c01dbbb78198b381f0d1 Mon Sep 17 00:00:00 2001 From: Tyler Helmuth <12352919+TylerHelmuth@users.noreply.github.com> Date: Wed, 29 May 2024 06:19:03 -0600 Subject: [PATCH 33/88] Prepare v0.101.0 release (#2994) * Prepare v0.101.0 release * Undo kustomize stuff * Undo kustomize stuff again * Undo kustomize stuff again * Apply feedback --- .chloggen/kind130.yaml | 16 ---------- .chloggen/matth.versioned_config.yaml | 17 ---------- .chloggen/set-gomemlimit.yaml | 18 ----------- CHANGELOG.md | 32 ++++++++++++++++--- README.md | 4 +-- RELEASE.md | 12 +++---- ...emetry-operator.clusterserviceversion.yaml | 8 ++--- versions.txt | 8 ++--- 8 files changed, 44 insertions(+), 71 deletions(-) delete mode 100644 .chloggen/kind130.yaml delete mode 100755 .chloggen/matth.versioned_config.yaml delete mode 100755 .chloggen/set-gomemlimit.yaml diff --git a/.chloggen/kind130.yaml b/.chloggen/kind130.yaml deleted file mode 100644 index 8ded213051..0000000000 --- a/.chloggen/kind130.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: 'enhancement' - -# The name of the component, or a single word describing the area of concern, (e.g. operator, target allocator, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Support for Kubernetes 1.30 version. - -# One or more tracking issues related to the change -issues: [2881] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: \ No newline at end of file diff --git a/.chloggen/matth.versioned_config.yaml b/.chloggen/matth.versioned_config.yaml deleted file mode 100755 index b49551e923..0000000000 --- a/.chloggen/matth.versioned_config.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Keep multiple previous versions of the Collector ConfigMap, configurable via the ConfigVersions field. - -# One or more tracking issues related to the change -issues: [2871] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: | - This change introduces a new field in the Collector ConfigMap, `ConfigVersions`, which allows users to specify the number of previous versions of the Collector ConfigMap to keep. The default value is 1, which means that the current and one previous version of the Collector ConfigMap are kept. By keeping historical versions of the configuration, we ensure that during a config upgrade the previous configuration is still available for running (non-upgraded) pods as well as for rollbacks. If we overwrite the original ConfigMap with the new configuration, any pod which restarts for any reason will get the new configuration, which makes rollouts impossible to control. \ No newline at end of file diff --git a/.chloggen/set-gomemlimit.yaml b/.chloggen/set-gomemlimit.yaml deleted file mode 100755 index 3f28143953..0000000000 --- a/.chloggen/set-gomemlimit.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector, target allocator, opamp - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Introduces a new feature gate for `operator.golang.flags` to automatically add the environment variables for GOMAXPROCS and GOMEMLIMIT - -# One or more tracking issues related to the change -issues: [2919, 1456] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: | - A new featuregate `operator.golang.flags` is added. This featuregate will allow the operator to automatically - set GOMAXPROCS and GOMEMLIMIT equal to the CPU and Memory limit provided respectively for the pod. diff --git a/CHANGELOG.md b/CHANGELOG.md index d5f0846b5f..c016d434d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,30 @@ +## 0.101.0 + +### 💡 Enhancements 💡 + +- `operator`: Support for Kubernetes 1.30 version. (#2881) +- `collector`: Keep multiple previous versions of the Collector ConfigMap, configurable via the ConfigVersions field. (#2871) + This change introduces a new field in the Collector ConfigMap, `ConfigVersions`, which allows users to specify the number of previous versions of the Collector ConfigMap to keep. The default value is 1, which means that the current and one previous version of the Collector ConfigMap are kept. By keeping historical versions of the configuration, we ensure that during a config upgrade the previous configuration is still available for running (non-upgraded) pods as well as for rollbacks. If we overwrite the original ConfigMap with the new configuration, any pod which restarts for any reason will get the new configuration, which makes rollouts impossible to control. +- `collector, target allocator, opamp`: Introduces a new feature gate for `operator.golang.flags` to automatically add the environment variables for GOMAXPROCS and GOMEMLIMIT (#2919, #1456) + A new featuregate `operator.golang.flags` is added. This featuregate will allow the operator to automatically + set GOMAXPROCS and GOMEMLIMIT equal to the CPU and Memory limit provided respectively for the pod. + + +### Components + +* [OpenTelemetry Collector - v0.101.0](https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.101.0) +* [OpenTelemetry Contrib - v0.101.0](https://github.com/open-telemetry/opentelemetry-collector-contrib/releases/tag/v0.101.0) +* [Java auto-instrumentation - v1.32.1](https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/tag/v1.32.1) +* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/v1.2.0) +* [Node.JS - v0.51.0](https://github.com/open-telemetry/opentelemetry-js/releases/tag/experimental%2Fv0.51.0) +* [Python - v0.44b0](https://github.com/open-telemetry/opentelemetry-python-contrib/releases/tag/v0.44b0) +* [Go - v0.12.0-alpha](https://github.com/open-telemetry/opentelemetry-go-instrumentation/releases/tag/v0.12.0-alpha) +* [ApacheHTTPD - 1.0.4](https://github.com/open-telemetry/opentelemetry-cpp-contrib/releases/tag/webserver%2Fv1.0.4) +* [Nginx - 1.0.4](https://github.com/open-telemetry/opentelemetry-cpp-contrib/releases/tag/webserver%2Fv1.0.4) + ## 0.100.1 ### 💡 Enhancements 💡 @@ -18,7 +42,7 @@ * [OpenTelemetry Collector - v0.100.0](https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.100.0) * [OpenTelemetry Contrib - v0.100.0](https://github.com/open-telemetry/opentelemetry-collector-contrib/releases/tag/v0.100.0) * [Java auto-instrumentation - v1.32.1](https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/tag/v1.32.1) -* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/{AUTO_INSTRUMENTATION_DOTNET_VERSION}) +* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/v1.2.0) * [Node.JS - v0.51.0](https://github.com/open-telemetry/opentelemetry-js/releases/tag/experimental%2Fv0.51.0) * [Python - v0.44b0](https://github.com/open-telemetry/opentelemetry-python-contrib/releases/tag/v0.44b0) * [Go - v0.12.0-alpha](https://github.com/open-telemetry/opentelemetry-go-instrumentation/releases/tag/v0.12.0-alpha) @@ -64,7 +88,7 @@ * [OpenTelemetry Collector - v0.100.0](https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.100.0) * [OpenTelemetry Contrib - v0.100.0](https://github.com/open-telemetry/opentelemetry-collector-contrib/releases/tag/v0.100.0) * [Java auto-instrumentation - v1.32.1](https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/tag/v1.32.1) -* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/{AUTO_INSTRUMENTATION_DOTNET_VERSION}) +* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/v1.2.0) * [Node.JS - v0.51.0](https://github.com/open-telemetry/opentelemetry-js/releases/tag/experimental%2Fv0.51.0) * [Python - v0.44b0](https://github.com/open-telemetry/opentelemetry-python-contrib/releases/tag/v0.44b0) * [Go - v0.12.0-alpha](https://github.com/open-telemetry/opentelemetry-go-instrumentation/releases/tag/v0.12.0-alpha) @@ -153,7 +177,7 @@ * [OpenTelemetry Collector - v0.98.0](https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.98.0) * [OpenTelemetry Contrib - v0.98.0](https://github.com/open-telemetry/opentelemetry-collector-contrib/releases/tag/v0.98.0) * [Java auto-instrumentation - v1.32.1](https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/tag/v1.32.1) -* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/{AUTO_INSTRUMENTATION_DOTNET_VERSION}) +* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/v1.2.0) * [Node.JS - v0.49.1](https://github.com/open-telemetry/opentelemetry-js/releases/tag/experimental%2Fv0.49.1) * [Python - v0.44b0](https://github.com/open-telemetry/opentelemetry-python-contrib/releases/tag/v0.44b0) * [Go - v0.10.1-alpha](https://github.com/open-telemetry/opentelemetry-go-instrumentation/releases/tag/v0.10.1-alpha) @@ -171,7 +195,7 @@ * [OpenTelemetry Collector - v0.97.0](https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.97.0) * [OpenTelemetry Contrib - v0.97.0](https://github.com/open-telemetry/opentelemetry-collector-contrib/releases/tag/v0.97.0) * [Java auto-instrumentation - v1.32.1](https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/tag/v1.32.1) -* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/{AUTO_INSTRUMENTATION_DOTNET_VERSION}) +* [.NET auto-instrumentation - v1.2.0](https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/v1.2.0) * [Node.JS - v0.49.1](https://github.com/open-telemetry/opentelemetry-js/releases/tag/experimental%2Fv0.49.1) * [Python - v0.44b0](https://github.com/open-telemetry/opentelemetry-python-contrib/releases/tag/v0.44b0) * [Go - v0.10.1-alpha](https://github.com/open-telemetry/opentelemetry-go-instrumentation/releases/tag/v0.10.1-alpha) diff --git a/README.md b/README.md index 48e4cc7ffb..b015274043 100644 --- a/README.md +++ b/README.md @@ -729,7 +729,8 @@ We use `cert-manager` for some features of this operator and the third column sh The OpenTelemetry Operator _might_ work on versions outside of the given range, but when opening new issues, please make sure to test your scenario on a supported version. | OpenTelemetry Operator | Kubernetes | Cert-Manager | -|------------------------| -------------- | ------------ | +|------------------------|----------------| ------------ | +| v0.101.0 | v1.23 to v1.30 | v1 | | v0.100.0 | v1.23 to v1.29 | v1 | | v0.99.0 | v1.23 to v1.29 | v1 | | v0.98.0 | v1.23 to v1.29 | v1 | @@ -752,7 +753,6 @@ The OpenTelemetry Operator _might_ work on versions outside of the given range, | v0.81.0 | v1.19 to v1.27 | v1 | | v0.80.0 | v1.19 to v1.27 | v1 | | v0.79.0 | v1.19 to v1.27 | v1 | -| v0.78.0 | v1.19 to v1.27 | v1 | ## Contributing and Developing diff --git a/RELEASE.md b/RELEASE.md index 99ea090f88..696a59ecfb 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -44,9 +44,9 @@ The operator should be released within a week after the [OpenTelemetry collector | Version | Release manager | |----------|-----------------| -| v0.101.0 | @swiatekm-sumo | -| v0.102.0 | @frzifus | -| v0.103.0 | @jaronoff97 | -| v0.104.0 | @pavolloffay | -| v0.105.0 | @yuriolisa | -| v0.106.0 | @TylerHelmuth | \ No newline at end of file +| v0.102.0 | @swiatekm-sumo | +| v0.103.0 | @frzifus | +| v0.104.0 | @jaronoff97 | +| v0.105.0 | @pavolloffay | +| v0.106.0 | @yuriolisa | +| v0.107.0 | @TylerHelmuth | \ No newline at end of file diff --git a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml index f46b6a5f9b..95b56619fb 100644 --- a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml +++ b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml @@ -99,13 +99,13 @@ metadata: categories: Logging & Tracing,Monitoring certified: "false" containerImage: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator - createdAt: "2024-05-20T19:57:07Z" + createdAt: "2024-05-28T16:20:50Z" description: Provides the OpenTelemetry components, including the Collector operators.operatorframework.io/builder: operator-sdk-v1.29.0 operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: github.com/open-telemetry/opentelemetry-operator support: OpenTelemetry Community - name: opentelemetry-operator.v0.100.1 + name: opentelemetry-operator.v0.101.0 namespace: placeholder spec: apiservicedefinitions: {} @@ -504,7 +504,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.serviceAccountName - image: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator:0.100.1 + image: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator:0.101.0 livenessProbe: httpGet: path: /healthz @@ -612,7 +612,7 @@ spec: minKubeVersion: 1.23.0 provider: name: OpenTelemetry Community - version: 0.100.1 + version: 0.101.0 webhookdefinitions: - admissionReviewVersions: - v1alpha1 diff --git a/versions.txt b/versions.txt index 4226fc1374..26a6921194 100644 --- a/versions.txt +++ b/versions.txt @@ -2,16 +2,16 @@ # by default with the OpenTelemetry Operator. This would usually be the latest # stable OpenTelemetry version. When you update this file, make sure to update the # the docs as well. -opentelemetry-collector=0.100.0 +opentelemetry-collector=0.101.0 # Represents the current release of the OpenTelemetry Operator. -operator=0.100.1 +operator=0.101.0 # Represents the current release of the Target Allocator. -targetallocator=0.100.0 +targetallocator=0.101.0 # Represents the current release of the Operator OpAMP Bridge. -operator-opamp-bridge=0.100.0 +operator-opamp-bridge=0.101.0 # Represents the current release of Java instrumentation. # Should match autoinstrumentation/java/version.txt From 438773a763cef0aa89846ce9b03071d7be5f6233 Mon Sep 17 00:00:00 2001 From: Ruben Vargas Date: Thu, 30 May 2024 09:38:49 -0600 Subject: [PATCH 34/88] Add crd metrics usage information (#2825) * Add crd metrics usage information Signed-off-by: Ruben Vargas * Add mode metric Signed-off-by: Ruben Vargas * Refactor CR metrics Signed-off-by: Ruben Vargas * Add annotation to avoid generate Metrics Signed-off-by: Ruben Vargas * Add unit tests Signed-off-by: Ruben Vargas * remove space Signed-off-by: Ruben Vargas * remove global provider Signed-off-by: Ruben Vargas * Update main.go Co-authored-by: Israel Blancas * revert kusttomization.yaml Signed-off-by: Ruben Vargas * rename some constants Signed-off-by: Ruben Vargas * Add connectors metrics Signed-off-by: Ruben Vargas * Update chlog Signed-off-by: Ruben Vargas * merge new with init, rename some functions, improve changelog entry Signed-off-by: Ruben Vargas * improve todo comment Signed-off-by: Ruben Vargas * fix tests Signed-off-by: Ruben Vargas * set flag to default false Signed-off-by: Ruben Vargas * fix lint issues Signed-off-by: Ruben Vargas * breaking line Signed-off-by: Ruben Vargas * Use api reader to avoid cache issues Signed-off-by: Ruben Vargas * Add info metric to changelog entry Signed-off-by: Ruben Vargas --------- Signed-off-by: Ruben Vargas Co-authored-by: Israel Blancas --- .chloggen/usage_metrics.yaml | 25 + apis/v1beta1/collector_webhook.go | 46 +- apis/v1beta1/metrics.go | 231 +++++ apis/v1beta1/metrics_test.go | 842 ++++++++++++++++++ controllers/suite_test.go | 2 +- go.mod | 1 + go.sum | 2 + .../podmutation/webhookhandler_suite_test.go | 2 +- main.go | 21 +- pkg/collector/upgrade/suite_test.go | 2 +- pkg/constants/env.go | 1 + 11 files changed, 1166 insertions(+), 9 deletions(-) create mode 100755 .chloggen/usage_metrics.yaml create mode 100644 apis/v1beta1/metrics.go create mode 100644 apis/v1beta1/metrics_test.go diff --git a/.chloggen/usage_metrics.yaml b/.chloggen/usage_metrics.yaml new file mode 100755 index 0000000000..c4051bde5a --- /dev/null +++ b/.chloggen/usage_metrics.yaml @@ -0,0 +1,25 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Add usage metrics for the collector + +# One or more tracking issues related to the change +issues: [2829] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: | + This change will add metrics to the OpenTelemetry operator about how the collector is used in the cluster, + it will add the following metrics to the opentelemetry-operator metrics endpoint + ``` + opentelemetry_collector_receivers{collector_name="collector_name", namespace="ns", type="otlp"} 1 + opentelemetry_collector_exporters{collector_name="collector_name", namespace="ns", type="otlp"} 1 + opentelemetry_collector_processors{collector_name="collector_name", namespace="ns", type="otlp"} 1 + opentelemetry_collector_connectors{collector_name="collector_name", namespace="ns", type="myconnector"} 0 + opentelemetry_collector_info{collector_name="simplest",namespace="default", type="deployment"} 1 + ``` diff --git a/apis/v1beta1/collector_webhook.go b/apis/v1beta1/collector_webhook.go index 2c4bc80d85..ffe4eff5e5 100644 --- a/apis/v1beta1/collector_webhook.go +++ b/apis/v1beta1/collector_webhook.go @@ -76,6 +76,7 @@ type CollectorWebhook struct { cfg config.Config scheme *runtime.Scheme reviewer *rbac.Reviewer + metrics *Metrics } func (c CollectorWebhook) Default(_ context.Context, obj runtime.Object) error { @@ -166,15 +167,39 @@ func (c CollectorWebhook) ValidateCreate(ctx context.Context, obj runtime.Object if !ok { return nil, fmt.Errorf("expected an OpenTelemetryCollector, received %T", obj) } - return c.validate(ctx, otelcol) + + warnings, err := c.validate(ctx, otelcol) + if err != nil { + return warnings, err + } + if c.metrics != nil { + c.metrics.create(ctx, otelcol) + } + + return warnings, nil } -func (c CollectorWebhook) ValidateUpdate(ctx context.Context, _, newObj runtime.Object) (admission.Warnings, error) { +func (c CollectorWebhook) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) { otelcol, ok := newObj.(*OpenTelemetryCollector) if !ok { return nil, fmt.Errorf("expected an OpenTelemetryCollector, received %T", newObj) } - return c.validate(ctx, otelcol) + + otelcolOld, ok := oldObj.(*OpenTelemetryCollector) + if !ok { + return nil, fmt.Errorf("expected an OpenTelemetryCollector, received %T", oldObj) + } + + warnings, err := c.validate(ctx, otelcol) + if err != nil { + return warnings, err + } + + if c.metrics != nil { + c.metrics.update(ctx, otelcolOld, otelcol) + } + + return warnings, nil } func (c CollectorWebhook) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) { @@ -182,7 +207,17 @@ func (c CollectorWebhook) ValidateDelete(ctx context.Context, obj runtime.Object if !ok || otelcol == nil { return nil, fmt.Errorf("expected an OpenTelemetryCollector, received %T", obj) } - return c.validate(ctx, otelcol) + + warnings, err := c.validate(ctx, otelcol) + if err != nil { + return warnings, err + } + + if c.metrics != nil { + c.metrics.delete(ctx, otelcol) + } + + return warnings, nil } func (c CollectorWebhook) validate(ctx context.Context, r *OpenTelemetryCollector) (admission.Warnings, error) { @@ -419,12 +454,13 @@ func checkAutoscalerSpec(autoscaler *AutoscalerSpec) error { return nil } -func SetupCollectorWebhook(mgr ctrl.Manager, cfg config.Config, reviewer *rbac.Reviewer) error { +func SetupCollectorWebhook(mgr ctrl.Manager, cfg config.Config, reviewer *rbac.Reviewer, metrics *Metrics) error { cvw := &CollectorWebhook{ reviewer: reviewer, logger: mgr.GetLogger().WithValues("handler", "CollectorWebhook", "version", "v1beta1"), scheme: mgr.GetScheme(), cfg: cfg, + metrics: metrics, } return ctrl.NewWebhookManagedBy(mgr). For(&OpenTelemetryCollector{}). diff --git a/apis/v1beta1/metrics.go b/apis/v1beta1/metrics.go new file mode 100644 index 0000000000..395306059d --- /dev/null +++ b/apis/v1beta1/metrics.go @@ -0,0 +1,231 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + "context" + "fmt" + "strings" + + "go.opentelemetry.io/otel/attribute" + "go.opentelemetry.io/otel/exporters/prometheus" + "go.opentelemetry.io/otel/metric" + sdkmetric "go.opentelemetry.io/otel/sdk/metric" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/metrics" +) + +const ( + meterName = "crd-metrics" +) + +// Metric labels + +const ( + prefix = "opentelemetry_collector_" + receiversMetricName = prefix + "receivers" + exportersMetricName = prefix + "exporters" + processorsMetricName = prefix + "processors" + extensionsMetricName = prefix + "extensions" + connectorsMetricName = prefix + "connectors" + modeMetricName = prefix + "info" +) + +// TODO: Refactor this logic, centralize it. See: https://github.com/open-telemetry/opentelemetry-operator/issues/2603 +type components struct { + receivers []string + processors []string + exporters []string + extensions []string + connectors []string +} + +// Metrics hold all gauges for the different metrics related to the CRs +// +kubebuilder:object:generate=false +type Metrics struct { + modeCounter metric.Int64UpDownCounter + receiversCounter metric.Int64UpDownCounter + exporterCounter metric.Int64UpDownCounter + processorCounter metric.Int64UpDownCounter + extensionsCounter metric.Int64UpDownCounter + connectorsCounter metric.Int64UpDownCounter +} + +// BootstrapMetrics configures the OpenTelemetry meter provider with the Prometheus exporter. +func BootstrapMetrics() (metric.MeterProvider, error) { + exporter, err := prometheus.New(prometheus.WithRegisterer(metrics.Registry)) + if err != nil { + return nil, err + } + return sdkmetric.NewMeterProvider(sdkmetric.WithReader(exporter)), err +} + +func NewMetrics(prv metric.MeterProvider, ctx context.Context, cl client.Reader) (*Metrics, error) { + meter := prv.Meter(meterName) + modeCounter, err := meter.Int64UpDownCounter(modeMetricName) + if err != nil { + return nil, err + } + receiversCounter, err := meter.Int64UpDownCounter(receiversMetricName) + if err != nil { + return nil, err + } + + exporterCounter, err := meter.Int64UpDownCounter(exportersMetricName) + if err != nil { + return nil, err + } + + processorCounter, err := meter.Int64UpDownCounter(processorsMetricName) + if err != nil { + return nil, err + } + + extensionsCounter, err := meter.Int64UpDownCounter(extensionsMetricName) + if err != nil { + return nil, err + } + + connectorsCounter, err := meter.Int64UpDownCounter(connectorsMetricName) + if err != nil { + return nil, err + } + + m := &Metrics{ + modeCounter: modeCounter, + receiversCounter: receiversCounter, + exporterCounter: exporterCounter, + processorCounter: processorCounter, + extensionsCounter: extensionsCounter, + connectorsCounter: connectorsCounter, + } + + err = m.init(ctx, cl) + if err != nil { + return nil, err + } + return m, nil +} + +// Init metrics from the first time the operator starts. +func (m *Metrics) init(ctx context.Context, cl client.Reader) error { + opts := []client.ListOption{ + client.MatchingLabels(map[string]string{ + "app.kubernetes.io/managed-by": "opentelemetry-operator", + }), + } + list := &OpenTelemetryCollectorList{} + if err := cl.List(ctx, list, opts...); err != nil { + return fmt.Errorf("failed to list: %w", err) + } + + for i := range list.Items { + m.create(ctx, &list.Items[i]) + } + return nil +} + +func (m *Metrics) create(ctx context.Context, collector *OpenTelemetryCollector) { + m.updateComponentCounters(ctx, collector, true) + m.updateGeneralCRMetricsComponents(ctx, collector, true) +} + +func (m *Metrics) delete(ctx context.Context, collector *OpenTelemetryCollector) { + m.updateComponentCounters(ctx, collector, false) + m.updateGeneralCRMetricsComponents(ctx, collector, false) +} + +func (m *Metrics) update(ctx context.Context, oldCollector *OpenTelemetryCollector, newCollector *OpenTelemetryCollector) { + m.delete(ctx, oldCollector) + m.create(ctx, newCollector) +} + +func (m *Metrics) updateGeneralCRMetricsComponents(ctx context.Context, collector *OpenTelemetryCollector, up bool) { + + inc := 1 + if !up { + inc = -1 + } + m.modeCounter.Add(ctx, int64(inc), metric.WithAttributes( + attribute.Key("collector_name").String(collector.Name), + attribute.Key("namespace").String(collector.Namespace), + attribute.Key("type").String(string(collector.Spec.Mode)), + )) +} +func (m *Metrics) updateComponentCounters(ctx context.Context, collector *OpenTelemetryCollector, up bool) { + components := getComponentsFromConfig(collector.Spec.Config) + moveCounter(ctx, collector, components.receivers, m.receiversCounter, up) + moveCounter(ctx, collector, components.exporters, m.exporterCounter, up) + moveCounter(ctx, collector, components.processors, m.processorCounter, up) + moveCounter(ctx, collector, components.extensions, m.extensionsCounter, up) + moveCounter(ctx, collector, components.connectors, m.connectorsCounter, up) + +} + +func extractElements(elements map[string]interface{}) []string { + // TODO: we should get rid of this method and centralize the parse logic + // see https://github.com/open-telemetry/opentelemetry-operator/issues/2603 + if elements == nil { + return []string{} + } + + itemsMap := map[string]struct{}{} + var items []string + for key := range elements { + itemName := strings.SplitN(key, "/", 2)[0] + itemsMap[itemName] = struct{}{} + } + for key := range itemsMap { + items = append(items, key) + } + return items +} + +func getComponentsFromConfig(yamlContent Config) *components { + + info := &components{ + receivers: extractElements(yamlContent.Receivers.Object), + exporters: extractElements(yamlContent.Exporters.Object), + } + + if yamlContent.Processors != nil { + info.processors = extractElements(yamlContent.Processors.Object) + } + + if yamlContent.Extensions != nil { + info.extensions = extractElements(yamlContent.Extensions.Object) + } + + if yamlContent.Connectors != nil { + info.connectors = extractElements(yamlContent.Connectors.Object) + } + + return info +} + +func moveCounter( + ctx context.Context, collector *OpenTelemetryCollector, types []string, upDown metric.Int64UpDownCounter, up bool) { + for _, exporter := range types { + inc := 1 + if !up { + inc = -1 + } + upDown.Add(ctx, int64(inc), metric.WithAttributes( + attribute.Key("collector_name").String(collector.Name), + attribute.Key("namespace").String(collector.Namespace), + attribute.Key("type").String(exporter), + )) + } +} diff --git a/apis/v1beta1/metrics_test.go b/apis/v1beta1/metrics_test.go new file mode 100644 index 0000000000..71df095c53 --- /dev/null +++ b/apis/v1beta1/metrics_test.go @@ -0,0 +1,842 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + "context" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "go.opentelemetry.io/otel" + "go.opentelemetry.io/otel/attribute" + "go.opentelemetry.io/otel/sdk/instrumentation" + "go.opentelemetry.io/otel/sdk/metric" + sdkmetric "go.opentelemetry.io/otel/sdk/metric" + "go.opentelemetry.io/otel/sdk/metric/metricdata" + "go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/controller-runtime/pkg/client/fake" +) + +var wantInstrumentationScope = instrumentation.Scope{ + Name: "crd-metrics", +} + +func TestOTELCollectorCRDMetrics(t *testing.T) { + + otelcollector1 := &OpenTelemetryCollector{ + ObjectMeta: metav1.ObjectMeta{ + Name: "collector1", + Namespace: "test1", + }, + Spec: OpenTelemetryCollectorSpec{ + Mode: ModeDeployment, + Config: Config{ + Processors: &AnyConfig{ + Object: map[string]interface{}{ + "batch": nil, + "foo": nil, + }, + }, + Extensions: &AnyConfig{ + Object: map[string]interface{}{ + "extfoo": nil, + }, + }, + }, + }, + } + + otelcollector2 := &OpenTelemetryCollector{ + ObjectMeta: metav1.ObjectMeta{ + Name: "collector2", + Namespace: "test2", + }, + Spec: OpenTelemetryCollectorSpec{ + Mode: ModeSidecar, + Config: Config{ + Processors: &AnyConfig{ + Object: map[string]interface{}{ + "x": nil, + "y": nil, + }, + }, + Extensions: &AnyConfig{ + Object: map[string]interface{}{ + "z/r": nil, + }, + }, + Exporters: AnyConfig{ + Object: map[string]interface{}{ + "w": nil, + }, + }, + }, + }, + } + + updatedCollector1 := &OpenTelemetryCollector{ + ObjectMeta: metav1.ObjectMeta{ + Name: "collector1", + Namespace: "test1", + }, + Spec: OpenTelemetryCollectorSpec{ + Mode: ModeSidecar, + Config: Config{ + Processors: &AnyConfig{ + Object: map[string]interface{}{ + "foo": nil, + "y": nil, + }, + }, + Extensions: &AnyConfig{ + Object: map[string]interface{}{ + "z/r": nil, + }, + }, + Exporters: AnyConfig{ + Object: map[string]interface{}{ + "w": nil, + }, + }, + }, + }, + } + + var tests = []struct { + name string + testFunction func(t *testing.T, m *Metrics, collectors []*OpenTelemetryCollector, reader metric.Reader) + }{ + { + name: "create", + testFunction: checkCreate, + }, + { + name: "update", + testFunction: checkUpdate, + }, + { + name: "delete", + testFunction: checkDelete, + }, + } + schemeBuilder := runtime.NewSchemeBuilder(func(s *runtime.Scheme) error { + s.AddKnownTypes(GroupVersion, &OpenTelemetryCollector{}, &OpenTelemetryCollectorList{}) + metav1.AddToGroupVersion(s, GroupVersion) + return nil + }) + scheme := runtime.NewScheme() + err := schemeBuilder.AddToScheme(scheme) + require.NoError(t, err) + reader := sdkmetric.NewManualReader() + provider := sdkmetric.NewMeterProvider(sdkmetric.WithReader(reader)) + cl := fake.NewClientBuilder().WithScheme(scheme).Build() + crdMetrics, err := NewMetrics(provider, context.Background(), cl) + assert.NoError(t, err) + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + tt.testFunction(t, crdMetrics, []*OpenTelemetryCollector{otelcollector1, otelcollector2, updatedCollector1}, reader) + }) + } +} + +func TestOTELCollectorInitMetrics(t *testing.T) { + otelcollector1 := OpenTelemetryCollector{ + ObjectMeta: metav1.ObjectMeta{ + Name: "collector1", + Namespace: "test1", + Labels: map[string]string{"app.kubernetes.io/managed-by": "opentelemetry-operator"}, + }, + Spec: OpenTelemetryCollectorSpec{ + Mode: ModeDeployment, + Config: Config{ + Processors: &AnyConfig{ + Object: map[string]interface{}{ + "batch": nil, + "foo": nil, + }, + }, + Extensions: &AnyConfig{ + Object: map[string]interface{}{ + "extfoo": nil, + }, + }, + }, + }, + } + + otelcollector2 := OpenTelemetryCollector{ + ObjectMeta: metav1.ObjectMeta{ + Name: "collector2", + Namespace: "test2", + Labels: map[string]string{"app.kubernetes.io/managed-by": "opentelemetry-operator"}, + }, + Spec: OpenTelemetryCollectorSpec{ + Mode: ModeSidecar, + Config: Config{ + Processors: &AnyConfig{ + Object: map[string]interface{}{ + "x": nil, + "y": nil, + }, + }, + Extensions: &AnyConfig{ + Object: map[string]interface{}{ + "z/r": nil, + }, + }, + Exporters: AnyConfig{ + Object: map[string]interface{}{ + "w": nil, + }, + }, + }, + }, + } + + schemeBuilder := runtime.NewSchemeBuilder(func(s *runtime.Scheme) error { + s.AddKnownTypes(GroupVersion, &OpenTelemetryCollector{}, &OpenTelemetryCollectorList{}) + metav1.AddToGroupVersion(s, GroupVersion) + return nil + }) + scheme := runtime.NewScheme() + err := schemeBuilder.AddToScheme(scheme) + require.NoError(t, err) + list := &OpenTelemetryCollectorList{ + Items: []OpenTelemetryCollector{otelcollector1, otelcollector2}, + } + require.NoError(t, err, "Should be able to add custom types") + cl := fake.NewClientBuilder().WithLists(list).WithScheme(scheme).Build() + reader := sdkmetric.NewManualReader() + provider := sdkmetric.NewMeterProvider(sdkmetric.WithReader(reader)) + _, err = NewMetrics(provider, context.Background(), cl) + assert.NoError(t, err) + + rm := metricdata.ResourceMetrics{} + err = reader.Collect(context.Background(), &rm) + assert.NoError(t, err) + require.Len(t, rm.ScopeMetrics, 1) + + want := metricdata.ScopeMetrics{ + Scope: wantInstrumentationScope, + Metrics: []metricdata.Metrics{ + { + Name: "opentelemetry_collector_info", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("deployment"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String(string(ModeSidecar)), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_processors", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("batch"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("foo"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("x"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("y"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_extensions", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("extfoo"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("z"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_exporters", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("w"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + }, + } + + metricdatatest.AssertEqual(t, want, rm.ScopeMetrics[0], metricdatatest.IgnoreTimestamp()) +} + +func checkCreate(t *testing.T, m *Metrics, collectors []*OpenTelemetryCollector, reader metric.Reader) { + provider := sdkmetric.NewMeterProvider(sdkmetric.WithReader(reader)) + otel.SetMeterProvider(provider) + + m.create(context.Background(), collectors[0]) + rm := metricdata.ResourceMetrics{} + err := reader.Collect(context.Background(), &rm) + assert.NoError(t, err) + + want := metricdata.ScopeMetrics{ + Scope: wantInstrumentationScope, + Metrics: []metricdata.Metrics{ + { + Name: "opentelemetry_collector_info", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("deployment"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_processors", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("batch"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("foo"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_extensions", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("extfoo"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + }, + } + require.Len(t, rm.ScopeMetrics, 1) + metricdatatest.AssertEqual(t, want, rm.ScopeMetrics[0], metricdatatest.IgnoreTimestamp()) + + m.create(context.Background(), collectors[1]) + + rm = metricdata.ResourceMetrics{} + err = reader.Collect(context.Background(), &rm) + assert.NoError(t, err) + require.Len(t, rm.ScopeMetrics, 1) + + want = metricdata.ScopeMetrics{ + Scope: wantInstrumentationScope, + Metrics: []metricdata.Metrics{ + { + Name: "opentelemetry_collector_info", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("deployment"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String(string(ModeSidecar)), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_processors", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("batch"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("foo"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("x"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("y"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_extensions", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("extfoo"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("z"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_exporters", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("w"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + }, + } + + metricdatatest.AssertEqual(t, want, rm.ScopeMetrics[0], metricdatatest.IgnoreTimestamp()) +} + +func checkUpdate(t *testing.T, m *Metrics, collectors []*OpenTelemetryCollector, reader metric.Reader) { + + m.update(context.Background(), collectors[0], collectors[2]) + + rm := metricdata.ResourceMetrics{} + err := reader.Collect(context.Background(), &rm) + assert.NoError(t, err) + require.Len(t, rm.ScopeMetrics, 1) + + want := metricdata.ScopeMetrics{ + Scope: wantInstrumentationScope, + Metrics: []metricdata.Metrics{ + { + Name: "opentelemetry_collector_info", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String(string(ModeDeployment)), + ), + Value: 0, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String(string(ModeSidecar)), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String(string(ModeSidecar)), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_processors", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("batch"), + ), + Value: 0, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("foo"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("y"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("x"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("y"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_extensions", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("extfoo"), + ), + Value: 0, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("z"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("z"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_exporters", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("w"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("w"), + ), + Value: 1, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + }, + } + metricdatatest.AssertEqual(t, want, rm.ScopeMetrics[0], metricdatatest.IgnoreTimestamp()) +} + +func checkDelete(t *testing.T, m *Metrics, collectors []*OpenTelemetryCollector, reader metric.Reader) { + m.delete(context.Background(), collectors[1]) + rm := metricdata.ResourceMetrics{} + err := reader.Collect(context.Background(), &rm) + assert.NoError(t, err) + require.Len(t, rm.ScopeMetrics, 1) + want := metricdata.ScopeMetrics{ + Scope: wantInstrumentationScope, + Metrics: []metricdata.Metrics{ + { + Name: "opentelemetry_collector_info", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String(string(ModeDeployment)), + ), + Value: 0, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String(string(ModeSidecar)), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String(string(ModeSidecar)), + ), + Value: 0, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_processors", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("batch"), + ), + Value: 0, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("foo"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("y"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("x"), + ), + Value: 0, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("y"), + ), + Value: 0, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_extensions", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("extfoo"), + ), + Value: 0, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("z"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("z"), + ), + Value: 0, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + { + Name: "opentelemetry_collector_exporters", + Data: metricdata.Sum[int64]{ + DataPoints: []metricdata.DataPoint[int64]{ + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector1"), + attribute.Key("namespace").String("test1"), + attribute.Key("type").String("w"), + ), + Value: 1, + }, + { + Attributes: attribute.NewSet( + attribute.Key("collector_name").String("collector2"), + attribute.Key("namespace").String("test2"), + attribute.Key("type").String("w"), + ), + Value: 0, + }, + }, + Temporality: metricdata.CumulativeTemporality, + }, + }, + }, + } + metricdatatest.AssertEqual(t, want, rm.ScopeMetrics[0], metricdatatest.IgnoreTimestamp()) +} diff --git a/controllers/suite_test.go b/controllers/suite_test.go index b17379dd8b..0b8ee89adf 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -177,7 +177,7 @@ func TestMain(m *testing.M) { } reviewer := rbac.NewReviewer(clientset) - if err = v1beta1.SetupCollectorWebhook(mgr, config.New(), reviewer); err != nil { + if err = v1beta1.SetupCollectorWebhook(mgr, config.New(), reviewer, nil); err != nil { fmt.Printf("failed to SetupWebhookWithManager: %v", err) os.Exit(1) } diff --git a/go.mod b/go.mod index e786618da4..6d00283852 100644 --- a/go.mod +++ b/go.mod @@ -31,6 +31,7 @@ require ( go.opentelemetry.io/collector/featuregate v1.8.0 go.opentelemetry.io/otel v1.27.0 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 + go.opentelemetry.io/otel/exporters/prometheus v0.48.0 go.opentelemetry.io/otel/metric v1.27.0 go.opentelemetry.io/otel/sdk v1.27.0 go.opentelemetry.io/otel/sdk/metric v1.27.0 diff --git a/go.sum b/go.sum index eb2c357afd..bba70911cd 100644 --- a/go.sum +++ b/go.sum @@ -675,6 +675,8 @@ go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 h1:t6wl9SPayj+c7lEIFgm go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0/go.mod h1:iSDOcsnSA5INXzZtwaBPrKp/lWu/V14Dd+llD0oI2EA= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 h1:Xw8U6u2f8DK2XAkGRFV7BBLENgnTGX9i4rQRxJf+/vs= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0/go.mod h1:6KW1Fm6R/s6Z3PGXwSJN2K4eT6wQB3vXX6CVnYX9NmM= +go.opentelemetry.io/otel/exporters/prometheus v0.48.0 h1:sBQe3VNGUjY9IKWQC6z2lNqa5iGbDSxhs60ABwK4y0s= +go.opentelemetry.io/otel/exporters/prometheus v0.48.0/go.mod h1:DtrbMzoZWwQHyrQmCfLam5DZbnmorsGbOtTbYHycU5o= go.opentelemetry.io/otel/metric v1.27.0 h1:hvj3vdEKyeCi4YaYfNjv2NUje8FqKqUY8IlF0FxV/ik= go.opentelemetry.io/otel/metric v1.27.0/go.mod h1:mVFgmRlhljgBiuk/MP/oKylr4hs85GZAylncepAX/ak= go.opentelemetry.io/otel/sdk v1.27.0 h1:mlk+/Y1gLPLn84U4tI8d3GNJmGT/eXe3ZuOXN9kTWmI= diff --git a/internal/webhook/podmutation/webhookhandler_suite_test.go b/internal/webhook/podmutation/webhookhandler_suite_test.go index 464649f489..1336cab0e8 100644 --- a/internal/webhook/podmutation/webhookhandler_suite_test.go +++ b/internal/webhook/podmutation/webhookhandler_suite_test.go @@ -105,7 +105,7 @@ func TestMain(m *testing.M) { } reviewer := rbac.NewReviewer(clientset) - if err = v1beta1.SetupCollectorWebhook(mgr, config.New(), reviewer); err != nil { + if err = v1beta1.SetupCollectorWebhook(mgr, config.New(), reviewer, nil); err != nil { fmt.Printf("failed to SetupWebhookWithManager: %v", err) os.Exit(1) } diff --git a/main.go b/main.go index 611fa2cb0c..865f829b63 100644 --- a/main.go +++ b/main.go @@ -121,6 +121,7 @@ func main() { enableNginxInstrumentation bool enableNodeJSInstrumentation bool enableJavaInstrumentation bool + enableCRMetrics bool collectorImage string targetAllocatorImage string operatorOpAMPBridgeImage string @@ -156,6 +157,8 @@ func main() { pflag.BoolVar(&enableNginxInstrumentation, constants.FlagNginx, false, "Controls whether the operator supports nginx auto-instrumentation") pflag.BoolVar(&enableNodeJSInstrumentation, constants.FlagNodeJS, true, "Controls whether the operator supports nodejs auto-instrumentation") pflag.BoolVar(&enableJavaInstrumentation, constants.FlagJava, true, "Controls whether the operator supports java auto-instrumentation") + pflag.BoolVar(&enableCRMetrics, constants.FlagCRMetrics, false, "Controls whether exposing the CR metrics is enabled") + stringFlagOrEnv(&collectorImage, "collector-image", "RELATED_IMAGE_COLLECTOR", fmt.Sprintf("ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector:%s", v.OpenTelemetryCollector), "The default OpenTelemetry collector image. This image is used when no image is specified in the CustomResource.") stringFlagOrEnv(&targetAllocatorImage, "target-allocator-image", "RELATED_IMAGE_TARGET_ALLOCATOR", fmt.Sprintf("ghcr.io/open-telemetry/opentelemetry-operator/target-allocator:%s", v.TargetAllocator), "The default OpenTelemetry target allocator image. This image is used when no image is specified in the CustomResource.") stringFlagOrEnv(&operatorOpAMPBridgeImage, "operator-opamp-bridge-image", "RELATED_IMAGE_OPERATOR_OPAMP_BRIDGE", fmt.Sprintf("ghcr.io/open-telemetry/opentelemetry-operator/operator-opamp-bridge:%s", v.OperatorOpAMPBridge), "The default OpenTelemetry Operator OpAMP Bridge image. This image is used when no image is specified in the CustomResource.") @@ -344,6 +347,7 @@ func main() { } } } + if cfg.LabelsFilter() != nil { for _, basePattern := range cfg.LabelsFilter() { _, compileErr := regexp.Compile(basePattern) @@ -382,7 +386,22 @@ func main() { } if os.Getenv("ENABLE_WEBHOOKS") != "false" { - if err = otelv1beta1.SetupCollectorWebhook(mgr, cfg, reviewer); err != nil { + var crdMetrics *otelv1beta1.Metrics + + if enableCRMetrics { + meterProvider, metricsErr := otelv1beta1.BootstrapMetrics() + if metricsErr != nil { + setupLog.Error(metricsErr, "Error bootstrapping CRD metrics") + } + + crdMetrics, err = otelv1beta1.NewMetrics(meterProvider, ctx, mgr.GetAPIReader()) + if err != nil { + setupLog.Error(err, "Error init CRD metrics") + } + + } + + if err = otelv1beta1.SetupCollectorWebhook(mgr, cfg, reviewer, crdMetrics); err != nil { setupLog.Error(err, "unable to create webhook", "webhook", "OpenTelemetryCollector") os.Exit(1) } diff --git a/pkg/collector/upgrade/suite_test.go b/pkg/collector/upgrade/suite_test.go index e6e505b760..fdafdca245 100644 --- a/pkg/collector/upgrade/suite_test.go +++ b/pkg/collector/upgrade/suite_test.go @@ -105,7 +105,7 @@ func TestMain(m *testing.M) { } reviewer := rbac.NewReviewer(clientset) - if err = v1beta1.SetupCollectorWebhook(mgr, config.New(), reviewer); err != nil { + if err = v1beta1.SetupCollectorWebhook(mgr, config.New(), reviewer, nil); err != nil { fmt.Printf("failed to SetupWebhookWithManager: %v", err) os.Exit(1) } diff --git a/pkg/constants/env.go b/pkg/constants/env.go index d93505eda1..b4a839182b 100644 --- a/pkg/constants/env.go +++ b/pkg/constants/env.go @@ -37,6 +37,7 @@ const ( EnvNodeName = "OTEL_RESOURCE_ATTRIBUTES_NODE_NAME" EnvNodeIP = "OTEL_NODE_IP" + FlagCRMetrics = "enable-cr-metrics" FlagApacheHttpd = "enable-apache-httpd-instrumentation" FlagDotNet = "enable-dotnet-instrumentation" FlagGo = "enable-go-instrumentation" From 04d107c548618a45f92e371dc0e20c14a213e45e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miko=C5=82aj=20=C5=9Awi=C4=85tek?= Date: Fri, 31 May 2024 14:46:05 +0000 Subject: [PATCH 35/88] Update selector documentation for Target Allocator (#3001) --- README.md | 2 ++ apis/v1beta1/targetallocator_types.go | 10 ++++++---- cmd/otel-allocator/README.md | 21 --------------------- docs/api.md | 20 ++++++++++++-------- docs/crd-changelog.md | 3 +++ 5 files changed, 23 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index b015274043..45d86dbb69 100644 --- a/README.md +++ b/README.md @@ -693,6 +693,8 @@ spec: serviceAccount: everything-prometheus-operator-needs prometheusCR: enabled: true + serviceMonitorSelector: {} + podMonitorSelector: {} config: receivers: prometheus: diff --git a/apis/v1beta1/targetallocator_types.go b/apis/v1beta1/targetallocator_types.go index f772acdde4..5eceb5664e 100644 --- a/apis/v1beta1/targetallocator_types.go +++ b/apis/v1beta1/targetallocator_types.go @@ -31,13 +31,15 @@ type TargetAllocatorPrometheusCR struct { // +kubebuilder:validation:Format:=duration ScrapeInterval *metav1.Duration `json:"scrapeInterval,omitempty"` // PodMonitors to be selected for target discovery. - // This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a - // PodMonitor's meta labels. The requirements are ANDed. + // A label selector is a label query over a set of resources. The result of matchLabels and + // matchExpressions are ANDed. An empty label selector matches all objects. A null + // label selector matches no objects. // +optional PodMonitorSelector *metav1.LabelSelector `json:"podMonitorSelector,omitempty"` // ServiceMonitors to be selected for target discovery. - // This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a - // ServiceMonitor's meta labels. The requirements are ANDed. + // A label selector is a label query over a set of resources. The result of matchLabels and + // matchExpressions are ANDed. An empty label selector matches all objects. A null + // label selector matches no objects. // +optional ServiceMonitorSelector *metav1.LabelSelector `json:"serviceMonitorSelector,omitempty"` } diff --git a/cmd/otel-allocator/README.md b/cmd/otel-allocator/README.md index d1b5d6aa40..e8f72af35f 100644 --- a/cmd/otel-allocator/README.md +++ b/cmd/otel-allocator/README.md @@ -131,29 +131,8 @@ and jobs on the `/scrape_configs` and `/jobs` endpoints respectively. The CRs can be filtered by labels as documented here: [api.md#opentelemetrycollectorspectargetallocatorprometheuscr](../../docs/api.md#opentelemetrycollectorspectargetallocatorprometheuscr) -The Prometheus Receiver in the deployed Collector also has to know where the Allocator service exists. This is done by a -OpenTelemetry Collector Operator-specific config. - -```yaml - config: | - receivers: - prometheus: - config: - scrape_configs: - - job_name: 'otel-collector' - target_allocator: - endpoint: http://my-targetallocator-service - interval: 30s - collector_id: "${POD_NAME}" -``` - Upstream documentation here: [PrometheusReceiver](https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/prometheusreceiver#opentelemetry-operator) -The TargetAllocator service is named based on the `OpenTelemetryCollector` CR name. For example, if your Collector CR name is `my-collector`, then the TargetAllocator `service` and `deployment` will each be named `my-collector-targetallocator`, and the `pod` will be named `my-collector-targetallocator-`. `collector_id` should be unique per -collector instance, such as the pod name. The `POD_NAME` environment variable is convenient since this is supplied -to collector instance pods by default. - - ### RBAC Before the TargetAllocator can start scraping, you need to set up Kubernetes RBAC (role-based access controls) resources. This means that you need to have a `ServiceAccount` and corresponding cluster roles so that the TargetAllocator has access to all of the necessary resources to pull metrics from. diff --git a/docs/api.md b/docs/api.md index 43815b9add..d355d2e32d 100644 --- a/docs/api.md +++ b/docs/api.md @@ -43103,8 +43103,9 @@ All CR instances which the ServiceAccount has access to will be retrieved. This object PodMonitors to be selected for target discovery. -This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a -PodMonitor's meta labels. The requirements are ANDed.
+A label selector is a label query over a set of resources. The result of matchLabels and +matchExpressions are ANDed. An empty label selector matches all objects. A null +label selector matches no objects.
false @@ -43126,8 +43127,9 @@ Default: "30s"
object ServiceMonitors to be selected for target discovery. -This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a -ServiceMonitor's meta labels. The requirements are ANDed.
+A label selector is a label query over a set of resources. The result of matchLabels and +matchExpressions are ANDed. An empty label selector matches all objects. A null +label selector matches no objects.
false @@ -43140,8 +43142,9 @@ ServiceMonitor's meta labels. The requirements are ANDed.
PodMonitors to be selected for target discovery. -This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a -PodMonitor's meta labels. The requirements are ANDed. +A label selector is a label query over a set of resources. The result of matchLabels and +matchExpressions are ANDed. An empty label selector matches all objects. A null +label selector matches no objects. @@ -43224,8 +43227,9 @@ merge patch.
ServiceMonitors to be selected for target discovery. -This is a map of {key,value} pairs. Each {key,value} in the map is going to exactly match a label in a -ServiceMonitor's meta labels. The requirements are ANDed. +A label selector is a label query over a set of resources. The result of matchLabels and +matchExpressions are ANDed. An empty label selector matches all objects. A null +label selector matches no objects.
diff --git a/docs/crd-changelog.md b/docs/crd-changelog.md index a3e54660b9..3719211495 100644 --- a/docs/crd-changelog.md +++ b/docs/crd-changelog.md @@ -145,6 +145,9 @@ spec: key: value ``` +> [!NOTE] +> A `nil` selector now selects no resources, while an empty selector selects all of them. To get the old default behaviour, it's necessary to set `serviceMonitorSelector: {}`. + ### Default Collector image The OpenTelemetry Collector maintainers recently introduced a [Collector distribution][k8s_distro] specifically aimed at From 5e95eb72ccabd65492bcc5860a3a41c2be603fc4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 11:34:19 +0200 Subject: [PATCH 36/88] Bump github.com/prometheus/prometheus in the prometheus group (#3004) Bumps the prometheus group with 1 update: [github.com/prometheus/prometheus](https://github.com/prometheus/prometheus). Updates `github.com/prometheus/prometheus` from 0.52.0 to 0.52.1 - [Release notes](https://github.com/prometheus/prometheus/releases) - [Changelog](https://github.com/prometheus/prometheus/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/prometheus/compare/v0.52.0...v0.52.1) --- updated-dependencies: - dependency-name: github.com/prometheus/prometheus dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prometheus ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.sum | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/go.sum b/go.sum index bba70911cd..d9998729d5 100644 --- a/go.sum +++ b/go.sum @@ -590,8 +590,8 @@ github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/prometheus/prometheus v0.52.0 h1:f7kHJgr7+zShpWdTCeKqbCWR7nKTScgLYQwRux9h1V0= -github.com/prometheus/prometheus v0.52.0/go.mod h1:3z74cVsmVH0iXOR5QBjB7Pa6A0KJeEAK5A6UsmAFb1g= +github.com/prometheus/prometheus v0.52.1 h1:BrQ29YG+mzdGh8DgHPirHbeMGNqtL+INe0rqg7ttBJ4= +github.com/prometheus/prometheus v0.52.1/go.mod h1:3z74cVsmVH0iXOR5QBjB7Pa6A0KJeEAK5A6UsmAFb1g= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= From 365ddf41d76ec75ac5e00cff7ff504448a31c5f9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 11:45:32 +0200 Subject: [PATCH 37/88] Bump kyverno/action-install-chainsaw from 0.2.2 to 0.2.3 (#3003) Bumps [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw) from 0.2.2 to 0.2.3. - [Release notes](https://github.com/kyverno/action-install-chainsaw/releases) - [Commits](https://github.com/kyverno/action-install-chainsaw/compare/v0.2.2...v0.2.3) --- updated-dependencies: - dependency-name: kyverno/action-install-chainsaw dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 8d09536f0c..4a042e736e 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -57,7 +57,7 @@ jobs: path: bin key: ${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('Makefile') }}-${{ steps.setup-go.outputs.go-version }} - name: Install chainsaw - uses: kyverno/action-install-chainsaw@v0.2.2 + uses: kyverno/action-install-chainsaw@v0.2.3 - name: Install tools run: make install-tools - name: Prepare e2e tests From bff19dcd937f92fef2f2f4c2985be13273051cee Mon Sep 17 00:00:00 2001 From: Jacob Aronoff Date: Mon, 3 Jun 2024 08:59:44 -0400 Subject: [PATCH 38/88] Introduce simplified parsers (#2972) --- internal/components/component.go | 115 ++++++ internal/components/component_test.go | 67 ++++ internal/components/multi_endpoint.go | 96 +++++ internal/components/multi_endpoint_test.go | 329 +++++++++++++++ internal/components/receivers/helpers.go | 146 +++++++ .../receivers/multi_endpoint_receiver_test.go | 378 ++++++++++++++++++ internal/components/receivers/scraper.go | 50 +++ internal/components/receivers/scraper_test.go | 98 +++++ .../single_endpoint_receiver_test.go | 148 +++++++ internal/components/single_endpoint.go | 96 +++++ internal/components/single_endpoint_test.go | 294 ++++++++++++++ 11 files changed, 1817 insertions(+) create mode 100644 internal/components/component.go create mode 100644 internal/components/component_test.go create mode 100644 internal/components/multi_endpoint.go create mode 100644 internal/components/multi_endpoint_test.go create mode 100644 internal/components/receivers/helpers.go create mode 100644 internal/components/receivers/multi_endpoint_receiver_test.go create mode 100644 internal/components/receivers/scraper.go create mode 100644 internal/components/receivers/scraper_test.go create mode 100644 internal/components/receivers/single_endpoint_receiver_test.go create mode 100644 internal/components/single_endpoint.go create mode 100644 internal/components/single_endpoint_test.go diff --git a/internal/components/component.go b/internal/components/component.go new file mode 100644 index 0000000000..e704c39e25 --- /dev/null +++ b/internal/components/component.go @@ -0,0 +1,115 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package components + +import ( + "errors" + "regexp" + "strconv" + "strings" + + "github.com/go-logr/logr" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/intstr" +) + +var ( + GrpcProtocol = "grpc" + HttpProtocol = "http" + UnsetPort int32 = 0 + PortNotFoundErr = errors.New("port should not be empty") +) + +type PortRetriever interface { + GetPortNum() (int32, error) + GetPortNumOrDefault(logr.Logger, int32) int32 +} + +type PortBuilderOption func(*corev1.ServicePort) + +func WithTargetPort(targetPort int32) PortBuilderOption { + return func(servicePort *corev1.ServicePort) { + servicePort.TargetPort = intstr.FromInt32(targetPort) + } +} + +func WithAppProtocol(proto *string) PortBuilderOption { + return func(servicePort *corev1.ServicePort) { + servicePort.AppProtocol = proto + } +} + +func WithProtocol(proto corev1.Protocol) PortBuilderOption { + return func(servicePort *corev1.ServicePort) { + servicePort.Protocol = proto + } +} + +// ComponentType returns the type for a given component name. +// components have a name like: +// - mycomponent/custom +// - mycomponent +// we extract the "mycomponent" part and see if we have a parser for the component. +func ComponentType(name string) string { + if strings.Contains(name, "/") { + return name[:strings.Index(name, "/")] + } + return name +} + +func PortFromEndpoint(endpoint string) (int32, error) { + var err error + var port int64 + + r := regexp.MustCompile(":[0-9]+") + + if r.MatchString(endpoint) { + portStr := r.FindString(endpoint) + cleanedPortStr := strings.Replace(portStr, ":", "", -1) + port, err = strconv.ParseInt(cleanedPortStr, 10, 32) + + if err != nil { + return 0, err + } + } + + if port == 0 { + return 0, PortNotFoundErr + } + + return int32(port), err +} + +type ComponentPortParser interface { + // Ports returns the service ports parsed based on the exporter's configuration + Ports(logger logr.Logger, config interface{}) ([]corev1.ServicePort, error) + + // ParserType returns the name of this parser + ParserType() string + + // ParserName is an internal name for the parser + ParserName() string +} + +func ConstructServicePort(current *corev1.ServicePort, port int32) corev1.ServicePort { + return corev1.ServicePort{ + Name: current.Name, + Port: port, + TargetPort: current.TargetPort, + NodePort: current.NodePort, + AppProtocol: current.AppProtocol, + Protocol: current.Protocol, + } +} diff --git a/internal/components/component_test.go b/internal/components/component_test.go new file mode 100644 index 0000000000..4671e98087 --- /dev/null +++ b/internal/components/component_test.go @@ -0,0 +1,67 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package components_test + +import ( + "testing" + + "github.com/stretchr/testify/assert" + + "github.com/open-telemetry/opentelemetry-operator/internal/components" +) + +func TestComponentType(t *testing.T) { + for _, tt := range []struct { + desc string + name string + expected string + }{ + {"regular case", "myreceiver", "myreceiver"}, + {"named instance", "myreceiver/custom", "myreceiver"}, + } { + t.Run(tt.desc, func(t *testing.T) { + // test and verify + assert.Equal(t, tt.expected, components.ComponentType(tt.name)) + }) + } +} + +func TestReceiverParsePortFromEndpoint(t *testing.T) { + for _, tt := range []struct { + desc string + endpoint string + expected int + errorExpected bool + }{ + {"regular case", "http://localhost:1234", 1234, false}, + {"absolute with path", "http://localhost:1234/server-status?auto", 1234, false}, + {"no protocol", "0.0.0.0:1234", 1234, false}, + {"just port", ":1234", 1234, false}, + {"no port at all", "http://localhost", 0, true}, + {"overflow", "0.0.0.0:2147483648", 0, true}, + } { + t.Run(tt.desc, func(t *testing.T) { + // test + val, err := components.PortFromEndpoint(tt.endpoint) + if tt.errorExpected { + assert.Error(t, err) + } else { + assert.NoError(t, err) + } + + assert.EqualValues(t, tt.expected, val, "wrong port from endpoint %s: %d", tt.endpoint, val) + }) + } +} diff --git a/internal/components/multi_endpoint.go b/internal/components/multi_endpoint.go new file mode 100644 index 0000000000..304d92d521 --- /dev/null +++ b/internal/components/multi_endpoint.go @@ -0,0 +1,96 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package components + +import ( + "fmt" + + "github.com/go-logr/logr" + "github.com/mitchellh/mapstructure" + corev1 "k8s.io/api/core/v1" + + "github.com/open-telemetry/opentelemetry-operator/internal/naming" +) + +var _ ComponentPortParser = &MultiPortReceiver{} + +// MultiProtocolEndpointConfig represents the minimal struct for a given YAML configuration input containing a map to +// a struct with either endpoint or listen_address. +type MultiProtocolEndpointConfig struct { + Protocols map[string]*SingleEndpointConfig `mapstructure:"protocols"` +} + +// MultiPortOption allows the setting of options for a MultiPortReceiver. +type MultiPortOption func(parser *MultiPortReceiver) + +// MultiPortReceiver is a special parser for components with endpoints for each protocol. +type MultiPortReceiver struct { + name string + + portMappings map[string]*corev1.ServicePort +} + +func (m *MultiPortReceiver) Ports(logger logr.Logger, config interface{}) ([]corev1.ServicePort, error) { + multiProtoEndpointCfg := &MultiProtocolEndpointConfig{} + if err := mapstructure.Decode(config, multiProtoEndpointCfg); err != nil { + return nil, err + } + var ports []corev1.ServicePort + for protocol, ec := range multiProtoEndpointCfg.Protocols { + if defaultSvc, ok := m.portMappings[protocol]; ok { + port := defaultSvc.Port + if ec != nil { + port = ec.GetPortNumOrDefault(logger, port) + defaultSvc.Name = naming.PortName(fmt.Sprintf("%s-%s", m.name, protocol), port) + } + ports = append(ports, ConstructServicePort(defaultSvc, port)) + } else { + return nil, fmt.Errorf("unknown protocol set: %s", protocol) + } + } + return ports, nil +} + +func (m *MultiPortReceiver) ParserType() string { + return ComponentType(m.name) +} + +func (m *MultiPortReceiver) ParserName() string { + return fmt.Sprintf("__%s", m.name) +} + +func NewMultiPortReceiver(name string, opts ...MultiPortOption) *MultiPortReceiver { + multiReceiver := &MultiPortReceiver{ + name: name, + portMappings: map[string]*corev1.ServicePort{}, + } + for _, opt := range opts { + opt(multiReceiver) + } + return multiReceiver +} + +func WithPortMapping(name string, port int32, opts ...PortBuilderOption) MultiPortOption { + return func(parser *MultiPortReceiver) { + servicePort := &corev1.ServicePort{ + Name: naming.PortName(fmt.Sprintf("%s-%s", parser.name, name), port), + Port: port, + } + for _, opt := range opts { + opt(servicePort) + } + parser.portMappings[name] = servicePort + } +} diff --git a/internal/components/multi_endpoint_test.go b/internal/components/multi_endpoint_test.go new file mode 100644 index 0000000000..8009b8e9f3 --- /dev/null +++ b/internal/components/multi_endpoint_test.go @@ -0,0 +1,329 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package components_test + +import ( + "fmt" + "testing" + + "github.com/go-logr/logr" + "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/intstr" + + "github.com/open-telemetry/opentelemetry-operator/internal/components" +) + +var ( + httpConfig = map[string]interface{}{ + "protocols": map[string]interface{}{ + "http": map[string]interface{}{}, + }, + } + httpAndGrpcConfig = map[string]interface{}{ + "protocols": map[string]interface{}{ + "http": map[string]interface{}{}, + "grpc": map[string]interface{}{}, + }, + } +) + +func TestMultiPortReceiver_ParserName(t *testing.T) { + type fields struct { + name string + opts []components.MultiPortOption + } + tests := []struct { + name string + fields fields + want string + }{ + { + name: "no options", + fields: fields{ + name: "receiver1", + opts: nil, + }, + want: "__receiver1", + }, + { + name: "with port mapping without builder options", + fields: fields{ + name: "receiver2", + opts: []components.MultiPortOption{ + components.WithPortMapping("http", 80), + }, + }, + want: "__receiver2", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + m := components.NewMultiPortReceiver(tt.fields.name, tt.fields.opts...) + assert.Equalf(t, tt.want, m.ParserName(), "ParserName()") + }) + } +} + +func TestMultiPortReceiver_ParserType(t *testing.T) { + type fields struct { + name string + opts []components.MultiPortOption + } + tests := []struct { + name string + fields fields + want string + }{ + { + name: "no options", + fields: fields{ + name: "receiver1", + opts: nil, + }, + want: "receiver1", + }, + { + name: "with port mapping without builder options", + fields: fields{ + name: "receiver2/test", + opts: []components.MultiPortOption{ + components.WithPortMapping("http", 80), + }, + }, + want: "receiver2", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + m := components.NewMultiPortReceiver(tt.fields.name, tt.fields.opts...) + assert.Equalf(t, tt.want, m.ParserType(), "ParserType()") + }) + } +} + +func TestMultiPortReceiver_Ports(t *testing.T) { + type fields struct { + name string + opts []components.MultiPortOption + } + type args struct { + config interface{} + } + tests := []struct { + name string + fields fields + args args + want []corev1.ServicePort + wantErr assert.ErrorAssertionFunc + }{ + { + name: "no options", + fields: fields{ + name: "receiver1", + opts: nil, + }, + args: args{ + config: nil, + }, + want: nil, + wantErr: assert.NoError, + }, + { + name: "single port mapping without builder options", + fields: fields{ + name: "receiver2", + opts: []components.MultiPortOption{ + components.WithPortMapping("http", 80), + }, + }, + args: args{ + config: httpConfig, + }, + want: []corev1.ServicePort{ + { + Name: "receiver2-http", + Port: 80, + }, + }, + wantErr: assert.NoError, + }, + { + name: "port mapping with target port", + fields: fields{ + name: "receiver3", + opts: []components.MultiPortOption{ + components.WithPortMapping("http", 80, components.WithTargetPort(8080)), + }, + }, + args: args{ + config: httpConfig, + }, + want: []corev1.ServicePort{ + { + Name: "receiver3-http", + Port: 80, + TargetPort: intstr.FromInt32(8080), + }, + }, + wantErr: assert.NoError, + }, + { + name: "port mapping with app protocol", + fields: fields{ + name: "receiver4", + opts: []components.MultiPortOption{ + components.WithPortMapping("http", 80, components.WithAppProtocol(&components.HttpProtocol)), + }, + }, + args: args{ + config: httpConfig, + }, + want: []corev1.ServicePort{ + { + Name: "receiver4-http", + Port: 80, + AppProtocol: &components.HttpProtocol, + }, + }, + wantErr: assert.NoError, + }, + { + name: "port mapping with protocol", + fields: fields{ + name: "receiver5", + opts: []components.MultiPortOption{ + components.WithPortMapping("http", 80, components.WithProtocol(corev1.ProtocolTCP)), + }, + }, + args: args{ + config: httpConfig, + }, + want: []corev1.ServicePort{ + { + Name: "receiver5-http", + Port: 80, + Protocol: corev1.ProtocolTCP, + }, + }, + wantErr: assert.NoError, + }, + { + name: "multiple port mappings", + fields: fields{ + name: "receiver6", + opts: []components.MultiPortOption{ + components.WithPortMapping("http", 80), + components.WithPortMapping("grpc", 4317, + components.WithTargetPort(4317), + components.WithProtocol(corev1.ProtocolTCP), + components.WithAppProtocol(&components.GrpcProtocol)), + }, + }, + args: args{ + config: httpAndGrpcConfig, + }, + want: []corev1.ServicePort{ + { + Name: "receiver6-grpc", + Port: 4317, + TargetPort: intstr.FromInt32(4317), + Protocol: corev1.ProtocolTCP, + AppProtocol: &components.GrpcProtocol, + }, + { + Name: "receiver6-http", + Port: 80, + }, + }, + wantErr: assert.NoError, + }, + { + name: "multiple port mappings only one enabled", + fields: fields{ + name: "receiver6", + opts: []components.MultiPortOption{ + components.WithPortMapping("http", 80), + components.WithPortMapping("grpc", 4317, + components.WithTargetPort(4317), + components.WithProtocol(corev1.ProtocolTCP), + components.WithAppProtocol(&components.GrpcProtocol)), + }, + }, + args: args{ + config: httpConfig, + }, + want: []corev1.ServicePort{ + { + Name: "receiver6-http", + Port: 80, + }, + }, + wantErr: assert.NoError, + }, + { + name: "error unmarshalling configuration", + fields: fields{ + name: "receiver1", + opts: nil, + }, + args: args{ + config: "invalid config", // Simulate an invalid config that causes LoadMap to fail + }, + want: nil, + wantErr: assert.Error, + }, + { + name: "error marshaling configuration", + fields: fields{ + name: "receiver1", + opts: nil, + }, + args: args{ + config: func() {}, // Simulate an invalid config that causes LoadMap to fail + }, + want: nil, + wantErr: assert.Error, + }, + { + name: "unknown protocol", + fields: fields{ + name: "receiver2", + opts: []components.MultiPortOption{ + components.WithPortMapping("http", 80), + }, + }, + args: args{ + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "unknown": map[string]interface{}{}, + }, + }, + }, + want: nil, + wantErr: assert.Error, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + m := components.NewMultiPortReceiver(tt.fields.name, tt.fields.opts...) + got, err := m.Ports(logr.Discard(), tt.args.config) + if !tt.wantErr(t, err, fmt.Sprintf("Ports(%v)", tt.args.config)) { + return + } + assert.ElementsMatchf(t, tt.want, got, "Ports(%v)", tt.args.config) + }) + } +} diff --git a/internal/components/receivers/helpers.go b/internal/components/receivers/helpers.go new file mode 100644 index 0000000000..2848b36514 --- /dev/null +++ b/internal/components/receivers/helpers.go @@ -0,0 +1,146 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package receivers + +import ( + corev1 "k8s.io/api/core/v1" + + "github.com/open-telemetry/opentelemetry-operator/internal/components" +) + +// registry holds a record of all known receiver parsers. +var registry = make(map[string]components.ComponentPortParser) + +// Register adds a new parser builder to the list of known builders. +func Register(name string, p components.ComponentPortParser) { + registry[name] = p +} + +// IsRegistered checks whether a parser is registered with the given name. +func IsRegistered(name string) bool { + _, ok := registry[name] + return ok +} + +// BuilderFor returns a parser builder for the given exporter name. +func BuilderFor(name string) components.ComponentPortParser { + if parser, ok := registry[components.ComponentType(name)]; ok { + return parser + } + return components.NewSinglePortParser(components.ComponentType(name), components.UnsetPort) +} + +var ( + componentParsers = []components.ComponentPortParser{ + components.NewMultiPortReceiver("otlp", + components.WithPortMapping( + "grpc", + 4317, + components.WithAppProtocol(&components.GrpcProtocol), + components.WithTargetPort(4317), + ), components.WithPortMapping( + "http", + 4318, + components.WithAppProtocol(&components.HttpProtocol), + components.WithTargetPort(4318), + ), + ), + components.NewMultiPortReceiver("skywalking", + components.WithPortMapping(components.GrpcProtocol, 11800, + components.WithTargetPort(11800), + components.WithAppProtocol(&components.GrpcProtocol), + ), + components.WithPortMapping(components.HttpProtocol, 12800, + components.WithTargetPort(12800), + components.WithAppProtocol(&components.HttpProtocol), + )), + components.NewMultiPortReceiver("jaeger", + components.WithPortMapping(components.GrpcProtocol, 14250, + components.WithProtocol(corev1.ProtocolTCP), + components.WithAppProtocol(&components.GrpcProtocol), + ), + components.WithPortMapping("thrift_http", 14268, + components.WithProtocol(corev1.ProtocolTCP), + components.WithAppProtocol(&components.HttpProtocol), + ), + components.WithPortMapping("thrift_compact", 6831, + components.WithProtocol(corev1.ProtocolUDP), + ), + components.WithPortMapping("thrift_binary", 6832, + components.WithProtocol(corev1.ProtocolUDP), + ), + ), + components.NewMultiPortReceiver("loki", + components.WithPortMapping(components.GrpcProtocol, 9095, + components.WithTargetPort(9095), + components.WithAppProtocol(&components.GrpcProtocol), + ), + components.WithPortMapping(components.HttpProtocol, 3100, + components.WithTargetPort(3100), + components.WithAppProtocol(&components.HttpProtocol), + ), + ), + components.NewSinglePortParser("awsxray", 2000), + components.NewSinglePortParser("carbon", 2003), + components.NewSinglePortParser("collectd", 8081), + components.NewSinglePortParser("fluentforward", 8006), + components.NewSinglePortParser("influxdb", 8086), + components.NewSinglePortParser("opencensus", 55678, components.WithAppProtocol(nil)), + components.NewSinglePortParser("sapm", 7276), + components.NewSinglePortParser("signalfx", 9943), + components.NewSinglePortParser("splunk_hec", 8088), + components.NewSinglePortParser("statsd", 8125, components.WithProtocol(corev1.ProtocolUDP)), + components.NewSinglePortParser("tcplog", components.UnsetPort, components.WithProtocol(corev1.ProtocolTCP)), + components.NewSinglePortParser("udplog", components.UnsetPort, components.WithProtocol(corev1.ProtocolUDP)), + components.NewSinglePortParser("wavefront", 2003), + components.NewSinglePortParser("zipkin", 9411, components.WithAppProtocol(&components.HttpProtocol), components.WithProtocol(corev1.ProtocolTCP)), + NewScraperParser("prometheus"), + NewScraperParser("kubeletstats"), + NewScraperParser("sshcheck"), + NewScraperParser("cloudfoundry"), + NewScraperParser("vcenter"), + NewScraperParser("oracledb"), + NewScraperParser("snmp"), + NewScraperParser("googlecloudpubsub"), + NewScraperParser("chrony"), + NewScraperParser("jmx"), + NewScraperParser("podman_stats"), + NewScraperParser("pulsar"), + NewScraperParser("docker_stats"), + NewScraperParser("aerospike"), + NewScraperParser("zookeeper"), + NewScraperParser("prometheus_simple"), + NewScraperParser("saphana"), + NewScraperParser("riak"), + NewScraperParser("redis"), + NewScraperParser("rabbitmq"), + NewScraperParser("purefb"), + NewScraperParser("postgresql"), + NewScraperParser("nsxt"), + NewScraperParser("nginx"), + NewScraperParser("mysql"), + NewScraperParser("memcached"), + NewScraperParser("httpcheck"), + NewScraperParser("haproxy"), + NewScraperParser("flinkmetrics"), + NewScraperParser("couchdb"), + } +) + +func init() { + for _, parser := range componentParsers { + Register(parser.ParserType(), parser) + } +} diff --git a/internal/components/receivers/multi_endpoint_receiver_test.go b/internal/components/receivers/multi_endpoint_receiver_test.go new file mode 100644 index 0000000000..dde04b763f --- /dev/null +++ b/internal/components/receivers/multi_endpoint_receiver_test.go @@ -0,0 +1,378 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package receivers_test + +import ( + "testing" + + "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/intstr" + + "github.com/open-telemetry/opentelemetry-operator/internal/components/receivers" +) + +var ( + grpc = "grpc" + http = "http" +) + +func TestMultiEndpointReceiverParsers(t *testing.T) { + type testCase struct { + name string + config interface{} + expectedErr error + expectedSvc []corev1.ServicePort + } + type fields struct { + receiverName string + parserName string + cases []testCase + } + for _, tt := range []fields{ + { + receiverName: "jaeger", + parserName: "__jaeger", + cases: []testCase{ + { + name: "minimal config", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{}, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "jaeger-grpc", + Port: 14250, + Protocol: corev1.ProtocolTCP, + AppProtocol: &grpc, + }, + }, + }, + { + name: "grpc overridden", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{ + "endpoint": "0.0.0.0:1234", + }, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "jaeger-grpc", + Port: 1234, + Protocol: corev1.ProtocolTCP, + AppProtocol: &grpc, + }, + }, + }, + { + name: "all defaults", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{}, + "thrift_http": map[string]interface{}{}, + "thrift_compact": map[string]interface{}{}, + "thrift_binary": map[string]interface{}{}, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "jaeger-grpc", + Port: 14250, + Protocol: corev1.ProtocolTCP, + AppProtocol: &grpc, + }, + { + Name: "port-14268", + Port: 14268, + Protocol: corev1.ProtocolTCP, + AppProtocol: &http, + }, + { + Name: "port-6831", + Port: 6831, + Protocol: corev1.ProtocolUDP, + }, + { + Name: "port-6832", + Port: 6832, + Protocol: corev1.ProtocolUDP, + }, + }, + }, + }, + }, + { + receiverName: "otlp", + parserName: "__otlp", + cases: []testCase{ + { + name: "minimal config", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{}, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "otlp-grpc", + Port: 4317, + TargetPort: intstr.FromInt32(4317), + AppProtocol: &grpc, + }, + }, + }, + { + name: "grpc overridden", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{ + "endpoint": "0.0.0.0:1234", + }, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "otlp-grpc", + Port: 1234, + TargetPort: intstr.FromInt32(4317), + AppProtocol: &grpc, + }, + }, + }, + { + name: "all defaults", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{}, + "http": map[string]interface{}{}, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "otlp-grpc", + Port: 4317, + TargetPort: intstr.FromInt32(4317), + AppProtocol: &grpc, + }, + { + Name: "otlp-http", + Port: 4318, + TargetPort: intstr.FromInt32(4318), + AppProtocol: &http, + }, + }, + }, + }, + }, + { + receiverName: "loki", + parserName: "__loki", + cases: []testCase{ + { + name: "minimal config", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{}, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "loki-grpc", + Port: 9095, + TargetPort: intstr.FromInt32(9095), + AppProtocol: &grpc, + }, + }, + }, + { + name: "grpc overridden", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{ + "endpoint": "0.0.0.0:1234", + }, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "loki-grpc", + Port: 1234, + TargetPort: intstr.FromInt32(9095), + AppProtocol: &grpc, + }, + }, + }, + { + name: "all defaults", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{}, + "http": map[string]interface{}{}, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "loki-grpc", + Port: 9095, + TargetPort: intstr.FromInt32(9095), + AppProtocol: &grpc, + }, + { + Name: "loki-http", + Port: 3100, + TargetPort: intstr.FromInt32(3100), + AppProtocol: &http, + }, + }, + }, + }, + }, + { + receiverName: "skywalking", + parserName: "__skywalking", + cases: []testCase{ + { + name: "minimal config", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{}, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "skywalking-grpc", + Port: 11800, + TargetPort: intstr.FromInt32(11800), + AppProtocol: &grpc, + }, + }, + }, + { + name: "grpc overridden", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{ + "endpoint": "0.0.0.0:1234", + }, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "skywalking-grpc", + Port: 1234, + TargetPort: intstr.FromInt32(11800), + AppProtocol: &grpc, + }, + }, + }, + { + name: "all defaults", + config: map[string]interface{}{ + "protocols": map[string]interface{}{ + "grpc": map[string]interface{}{}, + "http": map[string]interface{}{}, + }, + }, + expectedErr: nil, + expectedSvc: []corev1.ServicePort{ + { + Name: "skywalking-grpc", + Port: 11800, + TargetPort: intstr.FromInt32(11800), + AppProtocol: &grpc, + }, + { + Name: "skywalking-http", + Port: 12800, + TargetPort: intstr.FromInt32(12800), + AppProtocol: &http, + }, + }, + }, + }, + }, + } { + t.Run(tt.receiverName, func(t *testing.T) { + t.Run("self registers", func(t *testing.T) { + // verify + assert.True(t, receivers.IsRegistered(tt.receiverName)) + }) + + t.Run("is found by name", func(t *testing.T) { + p := receivers.BuilderFor(tt.receiverName) + assert.Equal(t, tt.parserName, p.ParserName()) + }) + + t.Run("bad config errors", func(t *testing.T) { + // prepare + parser := receivers.BuilderFor(tt.receiverName) + + // test + _, err := parser.Ports(logger, []interface{}{"junk"}) + + // verify + assert.ErrorContains(t, err, "expected a map, got 'slice'") + }) + t.Run("good config, unknown protocol", func(t *testing.T) { + // prepare + parser := receivers.BuilderFor(tt.receiverName) + + // test + _, err := parser.Ports(logger, map[string]interface{}{ + "protocols": map[string]interface{}{ + "garbage": map[string]interface{}{}, + }, + }) + + // verify + assert.ErrorContains(t, err, "unknown protocol set: garbage") + }) + for _, kase := range tt.cases { + t.Run(kase.name, func(t *testing.T) { + // prepare + parser := receivers.BuilderFor(tt.receiverName) + + // test + ports, err := parser.Ports(logger, kase.config) + if kase.expectedErr != nil { + assert.EqualError(t, err, kase.expectedErr.Error()) + return + } + + // verify + assert.NoError(t, err) + assert.Len(t, ports, len(kase.expectedSvc)) + assert.ElementsMatch(t, ports, kase.expectedSvc) + }) + } + + }) + } +} diff --git a/internal/components/receivers/scraper.go b/internal/components/receivers/scraper.go new file mode 100644 index 0000000000..8f01e95c3a --- /dev/null +++ b/internal/components/receivers/scraper.go @@ -0,0 +1,50 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package receivers + +import ( + "fmt" + + "github.com/go-logr/logr" + corev1 "k8s.io/api/core/v1" + + "github.com/open-telemetry/opentelemetry-operator/internal/components" +) + +var ( + _ components.ComponentPortParser = &ScraperParser{} +) + +type ScraperParser struct { + componentType string +} + +func (s *ScraperParser) Ports(logger logr.Logger, config interface{}) ([]corev1.ServicePort, error) { + return nil, nil +} + +func (s *ScraperParser) ParserType() string { + return s.componentType +} + +func (s *ScraperParser) ParserName() string { + return fmt.Sprintf("__%s", s.componentType) +} + +func NewScraperParser(name string) *ScraperParser { + return &ScraperParser{ + componentType: components.ComponentType(name), + } +} diff --git a/internal/components/receivers/scraper_test.go b/internal/components/receivers/scraper_test.go new file mode 100644 index 0000000000..3456cbc6ff --- /dev/null +++ b/internal/components/receivers/scraper_test.go @@ -0,0 +1,98 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package receivers_test + +import ( + "testing" + + "github.com/stretchr/testify/assert" + + "github.com/open-telemetry/opentelemetry-operator/internal/components/receivers" +) + +func TestScraperParsers(t *testing.T) { + for _, tt := range []struct { + receiverName string + parserName string + defaultPort int + }{ + {"prometheus", "__prometheus", 0}, + {"kubeletstats", "__kubeletstats", 0}, + {"sshcheck", "__sshcheck", 0}, + {"cloudfoundry", "__cloudfoundry", 0}, + {"vcenter", "__vcenter", 0}, + {"oracledb", "__oracledb", 0}, + {"snmp", "__snmp", 0}, + {"googlecloudpubsub", "__googlecloudpubsub", 0}, + {"chrony", "__chrony", 0}, + {"jmx", "__jmx", 0}, + {"podman_stats", "__podman_stats", 0}, + {"pulsar", "__pulsar", 0}, + {"docker_stats", "__docker_stats", 0}, + {"aerospike", "__aerospike", 0}, + {"zookeeper", "__zookeeper", 0}, + {"prometheus_simple", "__prometheus_simple", 0}, + {"saphana", "__saphana", 0}, + {"riak", "__riak", 0}, + {"redis", "__redis", 0}, + {"rabbitmq", "__rabbitmq", 0}, + {"purefb", "__purefb", 0}, + {"postgresql", "__postgresql", 0}, + {"nsxt", "__nsxt", 0}, + {"nginx", "__nginx", 0}, + {"mysql", "__mysql", 0}, + {"memcached", "__memcached", 0}, + {"httpcheck", "__httpcheck", 0}, + {"haproxy", "__haproxy", 0}, + {"flinkmetrics", "__flinkmetrics", 0}, + {"couchdb", "__couchdb", 0}, + } { + t.Run(tt.receiverName, func(t *testing.T) { + t.Run("builds successfully", func(t *testing.T) { + // test + parser := receivers.BuilderFor(tt.receiverName) + + // verify + assert.Equal(t, tt.parserName, parser.ParserName()) + }) + + t.Run("default is nothing", func(t *testing.T) { + // prepare + parser := receivers.BuilderFor(tt.receiverName) + + // test + ports, err := parser.Ports(logger, map[string]interface{}{}) + + // verify + assert.NoError(t, err) + assert.Len(t, ports, 0) + }) + + t.Run("always returns nothing", func(t *testing.T) { + // prepare + parser := receivers.BuilderFor(tt.receiverName) + + // test + ports, err := parser.Ports(logger, map[string]interface{}{ + "endpoint": "0.0.0.0:65535", + }) + + // verify + assert.NoError(t, err) + assert.Len(t, ports, 0) + }) + }) + } +} diff --git a/internal/components/receivers/single_endpoint_receiver_test.go b/internal/components/receivers/single_endpoint_receiver_test.go new file mode 100644 index 0000000000..f06353ca90 --- /dev/null +++ b/internal/components/receivers/single_endpoint_receiver_test.go @@ -0,0 +1,148 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package receivers_test + +import ( + "testing" + + "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" + logf "sigs.k8s.io/controller-runtime/pkg/log" + + "github.com/open-telemetry/opentelemetry-operator/internal/components/receivers" + "github.com/open-telemetry/opentelemetry-operator/internal/naming" +) + +var logger = logf.Log.WithName("unit-tests") + +func TestParseEndpoint(t *testing.T) { + // prepare + // there's no parser registered to handle "myreceiver", so, it falls back to the generic parser + parser := receivers.BuilderFor("myreceiver") + + // test + ports, err := parser.Ports(logger, map[string]interface{}{ + "endpoint": "0.0.0.0:1234", + }) + + // verify + assert.NoError(t, err) + assert.Len(t, ports, 1) + assert.EqualValues(t, 1234, ports[0].Port) +} + +func TestFailedToParseEndpoint(t *testing.T) { + // prepare + // there's no parser registered to handle "myreceiver", so, it falls back to the generic parser + parser := receivers.BuilderFor("myreceiver") + + // test + ports, err := parser.Ports(logger, map[string]interface{}{ + "endpoint": "0.0.0.0", + }) + + // verify + assert.Error(t, err) + assert.Len(t, ports, 0) +} + +func TestDownstreamParsers(t *testing.T) { + for _, tt := range []struct { + desc string + receiverName string + parserName string + defaultPort int + listenAddrParser bool + }{ + {"zipkin", "zipkin", "__zipkin", 9411, false}, + {"opencensus", "opencensus", "__opencensus", 55678, false}, + + // contrib receivers + {"carbon", "carbon", "__carbon", 2003, false}, + {"collectd", "collectd", "__collectd", 8081, false}, + {"sapm", "sapm", "__sapm", 7276, false}, + {"signalfx", "signalfx", "__signalfx", 9943, false}, + {"wavefront", "wavefront", "__wavefront", 2003, false}, + {"fluentforward", "fluentforward", "__fluentforward", 8006, false}, + {"statsd", "statsd", "__statsd", 8125, false}, + {"influxdb", "influxdb", "__influxdb", 8086, false}, + {"splunk_hec", "splunk_hec", "__splunk_hec", 8088, false}, + {"awsxray", "awsxray", "__awsxray", 2000, false}, + {"tcplog", "tcplog", "__tcplog", 0, true}, + {"udplog", "udplog", "__udplog", 0, true}, + } { + t.Run(tt.receiverName, func(t *testing.T) { + t.Run("builds successfully", func(t *testing.T) { + // test + parser := receivers.BuilderFor(tt.receiverName) + + // verify + assert.Equal(t, tt.parserName, parser.ParserName()) + }) + t.Run("bad config errors", func(t *testing.T) { + // prepare + parser := receivers.BuilderFor(tt.receiverName) + + // test throwing in pure junk + _, err := parser.Ports(logger, func() {}) + + // verify + assert.ErrorContains(t, err, "expected a map, got 'func'") + }) + + t.Run("assigns the expected port", func(t *testing.T) { + // prepare + parser := receivers.BuilderFor(tt.receiverName) + + // test + ports, err := parser.Ports(logger, map[string]interface{}{}) + + if tt.defaultPort == 0 { + assert.Len(t, ports, 0) + return + } + // verify + assert.NoError(t, err) + assert.Len(t, ports, 1) + assert.EqualValues(t, tt.defaultPort, ports[0].Port) + assert.Equal(t, naming.PortName(tt.receiverName, int32(tt.defaultPort)), ports[0].Name) + }) + + t.Run("allows port to be overridden", func(t *testing.T) { + // prepare + parser := receivers.BuilderFor(tt.receiverName) + + // test + var ports []corev1.ServicePort + var err error + if tt.listenAddrParser { + ports, err = parser.Ports(logger, map[string]interface{}{ + "listen_address": "0.0.0.0:65535", + }) + } else { + ports, err = parser.Ports(logger, map[string]interface{}{ + "endpoint": "0.0.0.0:65535", + }) + } + + // verify + assert.NoError(t, err) + assert.Len(t, ports, 1) + assert.EqualValues(t, 65535, ports[0].Port) + assert.Equal(t, naming.PortName(tt.receiverName, int32(tt.defaultPort)), ports[0].Name) + }) + }) + } +} diff --git a/internal/components/single_endpoint.go b/internal/components/single_endpoint.go new file mode 100644 index 0000000000..f7de2b7aaa --- /dev/null +++ b/internal/components/single_endpoint.go @@ -0,0 +1,96 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package components + +import ( + "fmt" + + "github.com/go-logr/logr" + "github.com/mitchellh/mapstructure" + corev1 "k8s.io/api/core/v1" + + "github.com/open-telemetry/opentelemetry-operator/internal/naming" +) + +var ( + _ ComponentPortParser = &SingleEndpointParser{} +) + +// SingleEndpointConfig represents the minimal struct for a given YAML configuration input containing either +// endpoint or listen_address. +type SingleEndpointConfig struct { + Endpoint string `mapstructure:"endpoint,omitempty"` + ListenAddress string `mapstructure:"listen_address,omitempty"` +} + +func (g *SingleEndpointConfig) GetPortNumOrDefault(logger logr.Logger, p int32) int32 { + num, err := g.GetPortNum() + if err != nil { + logger.V(3).Info("no port set, using default: %d", p) + return p + } + return num +} + +func (g *SingleEndpointConfig) GetPortNum() (int32, error) { + if len(g.Endpoint) > 0 { + return PortFromEndpoint(g.Endpoint) + } else if len(g.ListenAddress) > 0 { + return PortFromEndpoint(g.ListenAddress) + } + return 0, PortNotFoundErr +} + +// SingleEndpointParser is a special parser for a generic receiver that has an endpoint or listen_address in its +// configuration. It doesn't self-register and should be created/used directly. +type SingleEndpointParser struct { + name string + + svcPort *corev1.ServicePort +} + +func (s *SingleEndpointParser) Ports(logger logr.Logger, config interface{}) ([]corev1.ServicePort, error) { + singleEndpointConfig := &SingleEndpointConfig{} + if err := mapstructure.Decode(config, singleEndpointConfig); err != nil { + return nil, err + } + if _, err := singleEndpointConfig.GetPortNum(); err != nil && s.svcPort.Port == UnsetPort { + logger.WithValues("receiver", s.name).Error(err, "couldn't parse the endpoint's port and no default port set") + return []corev1.ServicePort{}, err + } + + port := singleEndpointConfig.GetPortNumOrDefault(logger, s.svcPort.Port) + s.svcPort.Name = naming.PortName(s.name, port) + return []corev1.ServicePort{ConstructServicePort(s.svcPort, port)}, nil +} + +func (s *SingleEndpointParser) ParserType() string { + return ComponentType(s.name) +} + +func (s *SingleEndpointParser) ParserName() string { + return fmt.Sprintf("__%s", s.name) +} + +func NewSinglePortParser(name string, port int32, opts ...PortBuilderOption) *SingleEndpointParser { + servicePort := &corev1.ServicePort{ + Name: naming.PortName(name, port), + Port: port, + } + for _, opt := range opts { + opt(servicePort) + } + return &SingleEndpointParser{name: name, svcPort: servicePort} +} diff --git a/internal/components/single_endpoint_test.go b/internal/components/single_endpoint_test.go new file mode 100644 index 0000000000..b0efdb1c90 --- /dev/null +++ b/internal/components/single_endpoint_test.go @@ -0,0 +1,294 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package components_test + +import ( + "fmt" + "testing" + + "github.com/go-logr/logr" + "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/intstr" + + "github.com/open-telemetry/opentelemetry-operator/internal/components" +) + +func TestSingleEndpointConfig_GetPortNumOrDefault(t *testing.T) { + type fields struct { + Endpoint string + ListenAddress string + } + type args struct { + p int32 + } + tests := []struct { + name string + fields fields + args args + want int32 + }{ + { + name: "Test with valid endpoint", + fields: fields{ + Endpoint: "example.com:8080", + ListenAddress: "", + }, + args: args{ + p: 9000, + }, + want: 8080, + }, + { + name: "Test with valid listen address", + fields: fields{ + Endpoint: "", + ListenAddress: "0.0.0.0:9090", + }, + args: args{ + p: 9000, + }, + want: 9090, + }, + { + name: "Test with invalid configuration (no endpoint or listen address)", + fields: fields{ + Endpoint: "", + ListenAddress: "", + }, + args: args{ + p: 9000, + }, + want: 9000, // Should return default port + }, + { + name: "Test with invalid endpoint format", + fields: fields{ + Endpoint: "invalid_endpoint", + ListenAddress: "", + }, + args: args{ + p: 9000, + }, + want: 9000, // Should return default port + }, + { + name: "Test with invalid listen address format", + fields: fields{ + Endpoint: "", + ListenAddress: "invalid_listen_address", + }, + args: args{ + p: 9000, + }, + want: 9000, // Should return default port + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + g := &components.SingleEndpointConfig{ + Endpoint: tt.fields.Endpoint, + ListenAddress: tt.fields.ListenAddress, + } + assert.Equalf(t, tt.want, g.GetPortNumOrDefault(logr.Discard(), tt.args.p), "GetPortNumOrDefault(%v)", tt.args.p) + }) + } +} + +func TestSingleEndpointParser_ParserName(t *testing.T) { + type fields struct { + name string + port int32 + opts []components.PortBuilderOption + } + tests := []struct { + name string + fields fields + want string + }{ + { + name: "no options", + fields: fields{ + name: "receiver1", + opts: nil, + }, + want: "__receiver1", + }, + { + name: "with port mapping without builder options", + fields: fields{ + name: "receiver2", + opts: []components.PortBuilderOption{ + components.WithTargetPort(8080), + }, + }, + want: "__receiver2", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + s := components.NewSinglePortParser(tt.fields.name, tt.fields.port, tt.fields.opts...) + assert.Equalf(t, tt.want, s.ParserName(), "ParserName()") + }) + } +} + +func TestSingleEndpointParser_ParserType(t *testing.T) { + type fields struct { + name string + port int32 + opts []components.PortBuilderOption + } + tests := []struct { + name string + fields fields + want string + }{ + { + name: "no options", + fields: fields{ + name: "receiver1", + opts: nil, + }, + want: "receiver1", + }, + { + name: "with port mapping without builder options", + fields: fields{ + name: "receiver2/test", + opts: []components.PortBuilderOption{ + components.WithTargetPort(80), + }, + }, + want: "receiver2", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + s := components.NewSinglePortParser(tt.fields.name, tt.fields.port, tt.fields.opts...) + assert.Equalf(t, tt.want, s.ParserType(), "ParserType()") + }) + } +} + +func TestSingleEndpointParser_Ports(t *testing.T) { + type fields struct { + name string + port int32 + opts []components.PortBuilderOption + } + type args struct { + config interface{} + } + tests := []struct { + name string + fields fields + args args + want []corev1.ServicePort + wantErr assert.ErrorAssertionFunc + }{ + { + name: "ValidConfigWithPort", + fields: fields{ + name: "testparser", + port: 8080, + }, + args: args{ + config: map[string]interface{}{ + "port": 8080, + }, + }, + want: []corev1.ServicePort{ + {Name: "testparser", Port: 8080}, + }, + wantErr: assert.NoError, + }, + { + name: "ValidConfigWithDefaultPort", + fields: fields{ + name: "testparser", + port: 8080, + }, + args: args{ + config: map[string]interface{}{}, + }, + want: []corev1.ServicePort{ + {Name: "testparser", Port: 8080}, + }, + wantErr: assert.NoError, + }, + { + name: "ConfigWithFixins", + fields: fields{ + name: "testparser", + port: 8080, + opts: []components.PortBuilderOption{ + components.WithTargetPort(4317), + components.WithProtocol(corev1.ProtocolTCP), + components.WithAppProtocol(&components.GrpcProtocol), + }, + }, + args: args{ + config: map[string]interface{}{}, + }, + want: []corev1.ServicePort{ + { + Name: "testparser", + Port: 8080, + TargetPort: intstr.FromInt32(4317), + Protocol: corev1.ProtocolTCP, + AppProtocol: &components.GrpcProtocol, + }, + }, + wantErr: assert.NoError, + }, + { + name: "InvalidConfigMissingPort", + fields: fields{ + name: "testparser", + port: 0, + }, + args: args{ + config: map[string]interface{}{ + "endpoint": "garbageeeee", + }, + }, + want: nil, + wantErr: assert.Error, + }, + { + name: "ErrorParsingConfig", + fields: fields{ + name: "testparser", + port: 8080, + }, + args: args{ + config: "invalid config", + }, + want: nil, + wantErr: assert.Error, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + s := components.NewSinglePortParser(tt.fields.name, tt.fields.port, tt.fields.opts...) + got, err := s.Ports(logr.Discard(), tt.args.config) + if !tt.wantErr(t, err, fmt.Sprintf("Ports(%v)", tt.args.config)) { + return + } + assert.ElementsMatchf(t, tt.want, got, "Ports(%v)", tt.args.config) + }) + } +} From 0a209c6ea42eb2803ef0e17596d4b64332461215 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 11:21:33 -0400 Subject: [PATCH 39/88] Bump go.opentelemetry.io/otel/exporters/prometheus in the otel group (#3005) Bumps the otel group with 1 update: [go.opentelemetry.io/otel/exporters/prometheus](https://github.com/open-telemetry/opentelemetry-go). Updates `go.opentelemetry.io/otel/exporters/prometheus` from 0.48.0 to 0.49.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/example/prometheus/v0.48.0...example/prometheus/v0.49.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/prometheus dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 6d00283852..268bf7b70d 100644 --- a/go.mod +++ b/go.mod @@ -31,7 +31,7 @@ require ( go.opentelemetry.io/collector/featuregate v1.8.0 go.opentelemetry.io/otel v1.27.0 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 - go.opentelemetry.io/otel/exporters/prometheus v0.48.0 + go.opentelemetry.io/otel/exporters/prometheus v0.49.0 go.opentelemetry.io/otel/metric v1.27.0 go.opentelemetry.io/otel/sdk v1.27.0 go.opentelemetry.io/otel/sdk/metric v1.27.0 @@ -210,7 +210,7 @@ require ( github.com/prometheus/alertmanager v0.27.0 // indirect github.com/prometheus/client_model v0.6.1 // indirect github.com/prometheus/common/sigv4 v0.1.0 // indirect - github.com/prometheus/procfs v0.12.0 // indirect + github.com/prometheus/procfs v0.15.0 // indirect github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26 // indirect github.com/spf13/cobra v1.7.0 // indirect github.com/tklauser/go-sysconf v0.3.13 // indirect diff --git a/go.sum b/go.sum index d9998729d5..369c34513b 100644 --- a/go.sum +++ b/go.sum @@ -588,8 +588,8 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= -github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/prometheus/procfs v0.15.0 h1:A82kmvXJq2jTu5YUhSGNlYoxh85zLnKgPz4bMZgI5Ek= +github.com/prometheus/procfs v0.15.0/go.mod h1:Y0RJ/Y5g5wJpkTisOtqwDSo4HwhGmLB4VQSw2sQJLHk= github.com/prometheus/prometheus v0.52.1 h1:BrQ29YG+mzdGh8DgHPirHbeMGNqtL+INe0rqg7ttBJ4= github.com/prometheus/prometheus v0.52.1/go.mod h1:3z74cVsmVH0iXOR5QBjB7Pa6A0KJeEAK5A6UsmAFb1g= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= @@ -675,8 +675,8 @@ go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 h1:t6wl9SPayj+c7lEIFgm go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0/go.mod h1:iSDOcsnSA5INXzZtwaBPrKp/lWu/V14Dd+llD0oI2EA= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 h1:Xw8U6u2f8DK2XAkGRFV7BBLENgnTGX9i4rQRxJf+/vs= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0/go.mod h1:6KW1Fm6R/s6Z3PGXwSJN2K4eT6wQB3vXX6CVnYX9NmM= -go.opentelemetry.io/otel/exporters/prometheus v0.48.0 h1:sBQe3VNGUjY9IKWQC6z2lNqa5iGbDSxhs60ABwK4y0s= -go.opentelemetry.io/otel/exporters/prometheus v0.48.0/go.mod h1:DtrbMzoZWwQHyrQmCfLam5DZbnmorsGbOtTbYHycU5o= +go.opentelemetry.io/otel/exporters/prometheus v0.49.0 h1:Er5I1g/YhfYv9Affk9nJLfH/+qCCVVg1f2R9AbJfqDQ= +go.opentelemetry.io/otel/exporters/prometheus v0.49.0/go.mod h1:KfQ1wpjf3zsHjzP149P4LyAwWRupc6c7t1ZJ9eXpKQM= go.opentelemetry.io/otel/metric v1.27.0 h1:hvj3vdEKyeCi4YaYfNjv2NUje8FqKqUY8IlF0FxV/ik= go.opentelemetry.io/otel/metric v1.27.0/go.mod h1:mVFgmRlhljgBiuk/MP/oKylr4hs85GZAylncepAX/ak= go.opentelemetry.io/otel/sdk v1.27.0 h1:mlk+/Y1gLPLn84U4tI8d3GNJmGT/eXe3ZuOXN9kTWmI= From e14a3e79962e401de4f5b99571b2cc7174444c9f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 11:24:47 -0400 Subject: [PATCH 40/88] Bump go.uber.org/zap from 1.26.0 to 1.27.0 (#3006) Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.26.0 to 1.27.0. - [Release notes](https://github.com/uber-go/zap/releases) - [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md) - [Commits](https://github.com/uber-go/zap/compare/v1.26.0...v1.27.0) --- updated-dependencies: - dependency-name: go.uber.org/zap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 268bf7b70d..c71444aa96 100644 --- a/go.mod +++ b/go.mod @@ -36,7 +36,7 @@ require ( go.opentelemetry.io/otel/sdk v1.27.0 go.opentelemetry.io/otel/sdk/metric v1.27.0 go.uber.org/multierr v1.11.0 - go.uber.org/zap v1.26.0 + go.uber.org/zap v1.27.0 gopkg.in/yaml.v2 v2.4.0 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.29.3 From 8d5f5af88e78156736939b1d457d7bc3205ae948 Mon Sep 17 00:00:00 2001 From: Ishwar Kanse Date: Tue, 4 Jun 2024 20:59:26 +0530 Subject: [PATCH 41/88] Update Kafka version in e2e test (#3009) --- tests/e2e-openshift/kafka/00-create-kafka-instance.yaml | 4 ++-- tests/e2e-openshift/kafka/chainsaw-test.yaml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/e2e-openshift/kafka/00-create-kafka-instance.yaml b/tests/e2e-openshift/kafka/00-create-kafka-instance.yaml index a137dd3325..044d2b882f 100644 --- a/tests/e2e-openshift/kafka/00-create-kafka-instance.yaml +++ b/tests/e2e-openshift/kafka/00-create-kafka-instance.yaml @@ -19,7 +19,7 @@ spec: reconciliationIntervalSeconds: 120 kafka: config: - log.message.format.version: 3.5.0 + log.message.format.version: 3.7.0 message.max.bytes: 10485760 offsets.topic.replication.factor: 1 ssl.cipher.suites: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 @@ -53,7 +53,7 @@ spec: memory: 4Gi storage: type: ephemeral - version: 3.5.0 + version: 3.7.0 zookeeper: replicas: 1 storage: diff --git a/tests/e2e-openshift/kafka/chainsaw-test.yaml b/tests/e2e-openshift/kafka/chainsaw-test.yaml index c58c51db22..faf789f182 100755 --- a/tests/e2e-openshift/kafka/chainsaw-test.yaml +++ b/tests/e2e-openshift/kafka/chainsaw-test.yaml @@ -5,6 +5,7 @@ metadata: creationTimestamp: null name: kafka spec: + namespace: chainsaw-kafka steps: - name: step-00 try: From 028aa56708dc4375341b598b8218062e0125878a Mon Sep 17 00:00:00 2001 From: brandonkzw <3462248+brandonkzw@users.noreply.github.com> Date: Tue, 4 Jun 2024 23:31:15 +0800 Subject: [PATCH 42/88] [chore] Bump opentelemetry-autoinstrumentation-python to 0.45b0 (#3000) * chore: Bump opentelemetry-autoinstrumentation-python to 0.45b0 * [chore] add psycopg==0.45b0 --- autoinstrumentation/python/requirements.txt | 101 ++++++++++---------- 1 file changed, 51 insertions(+), 50 deletions(-) diff --git a/autoinstrumentation/python/requirements.txt b/autoinstrumentation/python/requirements.txt index 86faa1aec7..56e3e8405e 100644 --- a/autoinstrumentation/python/requirements.txt +++ b/autoinstrumentation/python/requirements.txt @@ -1,58 +1,59 @@ -opentelemetry-distro==0.44b0 +opentelemetry-distro==0.45b0 # We don't use the distro[otlp] option which automatically includes exporters since gRPC is not appropriate for # injected auto-instrumentation, where it has a strict dependency on the OS / Python version the artifact is built for. -opentelemetry-exporter-otlp-proto-http==1.23.0 +opentelemetry-exporter-otlp-proto-http==1.24.0 -opentelemetry-propagator-b3==1.23.0 -opentelemetry-propagator-jaeger==1.23.0 +opentelemetry-propagator-b3==1.24.0 +opentelemetry-propagator-jaeger==1.24.0 opentelemetry-propagator-aws-xray==1.0.1 -opentelemetry-instrumentation==0.44b0 -opentelemetry-propagator-ot-trace==0.44b0 +opentelemetry-instrumentation==0.45b0 +opentelemetry-propagator-ot-trace==0.45b0 # Copied in from https://github.com/open-telemetry/opentelemetry-python-contrib/tree/main/instrumentation # except for aws-lambda -opentelemetry-instrumentation-aio-pika==0.44b0 -opentelemetry-instrumentation-aiohttp-client==0.44b0 -opentelemetry-instrumentation-aiopg==0.44b0 -opentelemetry-instrumentation-asgi==0.44b0 -opentelemetry-instrumentation-asyncio==0.44b0 -opentelemetry-instrumentation-asyncpg==0.44b0 -opentelemetry-instrumentation-boto==0.44b0 -opentelemetry-instrumentation-boto3sqs==0.44b0 -opentelemetry-instrumentation-botocore==0.44b0 -opentelemetry-instrumentation-cassandra==0.44b0 -opentelemetry-instrumentation-celery==0.44b0 -opentelemetry-instrumentation-confluent-kafka==0.44b0 -opentelemetry-instrumentation-dbapi==0.44b0 -opentelemetry-instrumentation-django==0.44b0 -opentelemetry-instrumentation-elasticsearch==0.44b0 -opentelemetry-instrumentation-falcon==0.44b0 -opentelemetry-instrumentation-fastapi==0.44b0 -opentelemetry-instrumentation-flask==0.44b0 -opentelemetry-instrumentation-grpc==0.44b0 -opentelemetry-instrumentation-httpx==0.44b0 -opentelemetry-instrumentation-jinja2==0.44b0 -opentelemetry-instrumentation-kafka-python==0.44b0 -opentelemetry-instrumentation-logging==0.44b0 -opentelemetry-instrumentation-mysql==0.44b0 -opentelemetry-instrumentation-mysqlclient==0.44b0 -opentelemetry-instrumentation-pika==0.44b0 -opentelemetry-instrumentation-psycopg2==0.44b0 -opentelemetry-instrumentation-pymemcache==0.44b0 -opentelemetry-instrumentation-pymongo==0.44b0 -opentelemetry-instrumentation-pymysql==0.44b0 -opentelemetry-instrumentation-pyramid==0.44b0 -opentelemetry-instrumentation-redis==0.44b0 -opentelemetry-instrumentation-remoulade==0.44b0 -opentelemetry-instrumentation-requests==0.44b0 -opentelemetry-instrumentation-sklearn==0.44b0 -opentelemetry-instrumentation-sqlalchemy==0.44b0 -opentelemetry-instrumentation-sqlite3==0.44b0 -opentelemetry-instrumentation-starlette==0.44b0 -opentelemetry-instrumentation-system-metrics==0.44b0 -opentelemetry-instrumentation-tornado==0.44b0 -opentelemetry-instrumentation-tortoiseorm==0.44b0 -opentelemetry-instrumentation-urllib==0.44b0 -opentelemetry-instrumentation-urllib3==0.44b0 -opentelemetry-instrumentation-wsgi==0.44b0 +opentelemetry-instrumentation-aio-pika==0.45b0 +opentelemetry-instrumentation-aiohttp-client==0.45b0 +opentelemetry-instrumentation-aiopg==0.45b0 +opentelemetry-instrumentation-asgi==0.45b0 +opentelemetry-instrumentation-asyncio==0.45b0 +opentelemetry-instrumentation-asyncpg==0.45b0 +opentelemetry-instrumentation-boto==0.45b0 +opentelemetry-instrumentation-boto3sqs==0.45b0 +opentelemetry-instrumentation-botocore==0.45b0 +opentelemetry-instrumentation-cassandra==0.45b0 +opentelemetry-instrumentation-celery==0.45b0 +opentelemetry-instrumentation-confluent-kafka==0.45b0 +opentelemetry-instrumentation-dbapi==0.45b0 +opentelemetry-instrumentation-django==0.45b0 +opentelemetry-instrumentation-elasticsearch==0.45b0 +opentelemetry-instrumentation-falcon==0.45b0 +opentelemetry-instrumentation-fastapi==0.45b0 +opentelemetry-instrumentation-flask==0.45b0 +opentelemetry-instrumentation-grpc==0.45b0 +opentelemetry-instrumentation-httpx==0.45b0 +opentelemetry-instrumentation-jinja2==0.45b0 +opentelemetry-instrumentation-kafka-python==0.45b0 +opentelemetry-instrumentation-logging==0.45b0 +opentelemetry-instrumentation-mysql==0.45b0 +opentelemetry-instrumentation-mysqlclient==0.45b0 +opentelemetry-instrumentation-pika==0.45b0 +opentelemetry-instrumentation-psycopg==0.45b0 +opentelemetry-instrumentation-psycopg2==0.45b0 +opentelemetry-instrumentation-pymemcache==0.45b0 +opentelemetry-instrumentation-pymongo==0.45b0 +opentelemetry-instrumentation-pymysql==0.45b0 +opentelemetry-instrumentation-pyramid==0.45b0 +opentelemetry-instrumentation-redis==0.45b0 +opentelemetry-instrumentation-remoulade==0.45b0 +opentelemetry-instrumentation-requests==0.45b0 +opentelemetry-instrumentation-sklearn==0.45b0 +opentelemetry-instrumentation-sqlalchemy==0.45b0 +opentelemetry-instrumentation-sqlite3==0.45b0 +opentelemetry-instrumentation-starlette==0.45b0 +opentelemetry-instrumentation-system-metrics==0.45b0 +opentelemetry-instrumentation-tornado==0.45b0 +opentelemetry-instrumentation-tortoiseorm==0.45b0 +opentelemetry-instrumentation-urllib==0.45b0 +opentelemetry-instrumentation-urllib3==0.45b0 +opentelemetry-instrumentation-wsgi==0.45b0 From 10c2575ca3ee3799e3642345d077adef8cc868e1 Mon Sep 17 00:00:00 2001 From: Jacob Aronoff Date: Wed, 5 Jun 2024 11:40:42 -0400 Subject: [PATCH 43/88] Fix annotation/label filter setting (#3008) * fix how options are loaded by removing special casing * oop * chlog * update to specific test * oop --- .chloggen/fix-annot-again.yaml | 19 +++++++++ .github/workflows/e2e.yaml | 2 +- internal/config/options.go | 40 +------------------ .../annotations/00-error.yaml | 1 + .../annotations/00-install.yaml | 1 + 5 files changed, 24 insertions(+), 39 deletions(-) create mode 100755 .chloggen/fix-annot-again.yaml diff --git a/.chloggen/fix-annot-again.yaml b/.chloggen/fix-annot-again.yaml new file mode 100755 index 0000000000..de93eeacda --- /dev/null +++ b/.chloggen/fix-annot-again.yaml @@ -0,0 +1,19 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: bug_fix + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Fixes a bug that was preventing regexes from being loaded correctly. Now the filter provide is exactly what's used. + +# One or more tracking issues related to the change +issues: [3007] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: | + This is technically a breaking change if a user relied on the previously broken regex functionality. + This change will actually fix their regex to work where it didn't before. I expect that users would rather their + regexes work than break silently. diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 4a042e736e..4a885bac69 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -40,7 +40,7 @@ jobs: - group: e2e-multi-instrumentation setup: "add-multi-instrumentation-params prepare-e2e" - group: e2e-metadata-filters - setup: "add-operator-arg OPERATOR_ARG='--annotations-filter=.*filter.out --labels=.*filter.out' prepare-e2e" + setup: "add-operator-arg OPERATOR_ARG='--annotations-filter=.*filter.out --annotations-filter=config.*.gke.io.* --labels=.*filter.out' prepare-e2e" - group: e2e-automatic-rbac setup: "add-rbac-permissions-to-operator prepare-e2e" steps: diff --git a/internal/config/options.go b/internal/config/options.go index fed234d6af..6046dcc356 100644 --- a/internal/config/options.go +++ b/internal/config/options.go @@ -15,9 +15,6 @@ package config import ( - "regexp" - "strings" - "github.com/go-logr/logr" "go.uber.org/zap/zapcore" @@ -219,24 +216,7 @@ func WithCertManagerAvailability(cmAvl certmanager.Availability) Option { func WithLabelFilters(labelFilters []string) Option { return func(o *options) { - - filters := []string{} - for _, pattern := range labelFilters { - var result strings.Builder - - for i, literal := range strings.Split(pattern, "*") { - - // Replace * with .* - if i > 0 { - result.WriteString(".*") - } - // Quote any regular expression meta characters in the - // literal text. - result.WriteString(regexp.QuoteMeta(literal)) - } - filters = append(filters, result.String()) - } - o.labelsFilter = filters + o.labelsFilter = append(o.labelsFilter, labelFilters...) } } @@ -245,23 +225,7 @@ func WithLabelFilters(labelFilters []string) Option { // * kubectl.kubernetes.io/last-applied-configuration. func WithAnnotationFilters(annotationFilters []string) Option { return func(o *options) { - filters := o.annotationsFilter - for _, pattern := range annotationFilters { - var result strings.Builder - - for i, literal := range strings.Split(pattern, "*") { - - // Replace * with .* - if i > 0 { - result.WriteString(".*") - } - // Quote any regular expression meta characters in the - // literal text. - result.WriteString(regexp.QuoteMeta(literal)) - } - filters = append(filters, result.String()) - } - o.annotationsFilter = filters + o.annotationsFilter = append(o.annotationsFilter, annotationFilters...) } } diff --git a/tests/e2e-metadata-filters/annotations/00-error.yaml b/tests/e2e-metadata-filters/annotations/00-error.yaml index be76e1f6d4..91e159cbbf 100644 --- a/tests/e2e-metadata-filters/annotations/00-error.yaml +++ b/tests/e2e-metadata-filters/annotations/00-error.yaml @@ -4,6 +4,7 @@ metadata: name: test-annotations-collector annotations: annotation.filter.out: "true" + configmanagement.gke.io/token: "asdfasdf" spec: updateStrategy: rollingUpdate: diff --git a/tests/e2e-metadata-filters/annotations/00-install.yaml b/tests/e2e-metadata-filters/annotations/00-install.yaml index 66c0353334..e6963f4726 100644 --- a/tests/e2e-metadata-filters/annotations/00-install.yaml +++ b/tests/e2e-metadata-filters/annotations/00-install.yaml @@ -4,6 +4,7 @@ metadata: name: test-annotations annotations: annotation.filter.out: "true" + configmanagement.gke.io/token: "asdfasdf" spec: mode: daemonset config: | From cb266f246da65986730714eede84b7b6cb4d98fd Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Sat, 1 Jun 2024 21:10:23 +0300 Subject: [PATCH 44/88] Added Cert Manager CRDs & RBAC validation and management --- go.mod | 4 +++- go.sum | 9 +++++++++ main.go | 3 +++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index c71444aa96..03f315a347 100644 --- a/go.mod +++ b/go.mod @@ -51,6 +51,8 @@ require ( sigs.k8s.io/yaml v1.4.0 ) +require sigs.k8s.io/gateway-api v1.0.0 // indirect + require ( cloud.google.com/go/auth v0.2.0 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.0 // indirect @@ -212,7 +214,7 @@ require ( github.com/prometheus/common/sigv4 v0.1.0 // indirect github.com/prometheus/procfs v0.15.0 // indirect github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26 // indirect - github.com/spf13/cobra v1.7.0 // indirect + github.com/spf13/cobra v1.8.0 // indirect github.com/tklauser/go-sysconf v0.3.13 // indirect github.com/tklauser/numcpus v0.7.0 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect diff --git a/go.sum b/go.sum index 369c34513b..bda238aa59 100644 --- a/go.sum +++ b/go.sum @@ -127,6 +127,7 @@ github.com/cncf/xds/go v0.0.0-20240318125728-8a4994d93e50 h1:DBmgJDC9dTfkVyGgipa github.com/cncf/xds/go v0.0.0-20240318125728-8a4994d93e50/go.mod h1:5e1+Vvlzido69INQaVO6d87Qn543Xr6nooe9Kz7oBFM= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= +github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -362,6 +363,8 @@ github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= +github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= +github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M= github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= @@ -614,6 +617,8 @@ github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6Mwd github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= +github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -789,6 +794,8 @@ golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= +golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= +golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -881,6 +888,8 @@ golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= +golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= +golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/main.go b/main.go index 865f829b63..5ff894270f 100644 --- a/main.go +++ b/main.go @@ -140,6 +140,7 @@ func main() { encodeLevelKey string encodeTimeKey string encodeLevelFormat string + enableTargetAllocatorMTLS bool ) pflag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.") @@ -178,6 +179,7 @@ func main() { pflag.StringVar(&encodeTimeKey, "zap-time-key", "timestamp", "The time key to be used in the customized Log Encoder") pflag.StringVar(&encodeLevelFormat, "zap-level-format", "uppercase", "The level format to be used in the customized Log Encoder") pflag.IntVar(&webhookPort, "webhook-port", 9443, "The port the webhook endpoint binds to.") + pflag.BoolVar(&enableTargetAllocatorMTLS, constants.FlagTargetAllocatorMTLS, false, "Enable mTLS connection between the target allocator and the controller") pflag.Parse() opts.EncoderConfigOptions = append(opts.EncoderConfigOptions, func(ec *zapcore.EncoderConfig) { @@ -221,6 +223,7 @@ func main() { "zap-level-key", encodeLevelKey, "zap-time-key", encodeTimeKey, "zap-level-format", encodeLevelFormat, + "enable-target-allocator-mtls", enableTargetAllocatorMTLS, ) restConfig := ctrl.GetConfigOrDie() From c06c4868fed8dab555dcc1d21039f10d69de8a5f Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Wed, 5 Jun 2024 22:37:51 +0300 Subject: [PATCH 45/88] Added relevant resources and started adding tests --- go.mod | 22 +++++++++++++--------- go.sum | 34 ++++++++++++++++------------------ main.go | 3 --- 3 files changed, 29 insertions(+), 30 deletions(-) diff --git a/go.mod b/go.mod index 03f315a347..3b5f1e5a7c 100644 --- a/go.mod +++ b/go.mod @@ -29,6 +29,7 @@ require ( github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.9.0 go.opentelemetry.io/collector/featuregate v1.8.0 + go.opentelemetry.io/collector/featuregate v1.8.0 go.opentelemetry.io/otel v1.27.0 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 go.opentelemetry.io/otel/exporters/prometheus v0.49.0 @@ -51,8 +52,6 @@ require ( sigs.k8s.io/yaml v1.4.0 ) -require sigs.k8s.io/gateway-api v1.0.0 // indirect - require ( cloud.google.com/go/auth v0.2.0 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.0 // indirect @@ -80,9 +79,18 @@ require ( ) require ( - cloud.google.com/go/compute/metadata v0.3.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 // indirect github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 // indirect + github.com/docker/go-units v0.5.0 // indirect + github.com/efficientgo/core v1.0.0-rc.2 // indirect + github.com/envoyproxy/go-control-plane v0.12.0 // indirect + github.com/moby/docker-image-spec v1.3.1 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0 // indirect + sigs.k8s.io/gateway-api v1.0.0 // indirect +) + +require ( + cloud.google.com/go/compute/metadata v0.3.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 v4.3.0 // indirect @@ -109,11 +117,8 @@ require ( github.com/distribution/reference v0.5.0 // indirect github.com/docker/docker v26.0.2+incompatible // indirect github.com/docker/go-connections v0.4.0 // indirect - github.com/docker/go-units v0.5.0 // indirect github.com/edsrzf/mmap-go v1.1.0 // indirect - github.com/efficientgo/core v1.0.0-rc.2 // indirect github.com/emicklei/go-restful/v3 v3.11.2 // indirect - github.com/envoyproxy/go-control-plane v0.12.0 // indirect github.com/envoyproxy/protoc-gen-validate v1.0.4 // indirect github.com/evanphx/json-patch v5.9.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.8.0 // indirect @@ -193,8 +198,7 @@ require ( github.com/metalmatze/signal v0.0.0-20210307161603-1c9aa721a97a // indirect github.com/miekg/dns v1.1.59 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect - github.com/mitchellh/mapstructure v1.5.0 // indirect - github.com/moby/docker-image-spec v1.3.1 // indirect + github.com/mitchellh/mapstructure v1.5.0 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect @@ -223,7 +227,7 @@ require ( github.com/yusufpapurcu/wmi v1.2.4 // indirect go.mongodb.org/mongo-driver v1.14.0 // indirect go.opencensus.io v0.24.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 // indirect go.opentelemetry.io/otel/trace v1.27.0 // indirect go.opentelemetry.io/proto/otlp v1.2.0 // indirect go.uber.org/atomic v1.11.0 // indirect diff --git a/go.sum b/go.sum index bda238aa59..1c96e9d4e4 100644 --- a/go.sum +++ b/go.sum @@ -21,6 +21,10 @@ cloud.google.com/go/auth v0.2.0 h1:y6oTcpMSbOcXbwYgUUrvI+mrQ2xbrcdpPgtVbCGTLTk= cloud.google.com/go/auth v0.2.0/go.mod h1:+yb+oy3/P0geX6DLKlqiGHARGR6EX2GRtYCzWOCQSbU= cloud.google.com/go/auth/oauth2adapt v0.2.0 h1:FR8zevgQwu+8CqiOT5r6xCmJa3pJC/wdXEEPF1OkNhA= cloud.google.com/go/auth/oauth2adapt v0.2.0/go.mod h1:AfqujpDAlTfLfeCIl/HJZZlIxD8+nJoZ5e0x1IxGq5k= +cloud.google.com/go/auth v0.2.0 h1:y6oTcpMSbOcXbwYgUUrvI+mrQ2xbrcdpPgtVbCGTLTk= +cloud.google.com/go/auth v0.2.0/go.mod h1:+yb+oy3/P0geX6DLKlqiGHARGR6EX2GRtYCzWOCQSbU= +cloud.google.com/go/auth/oauth2adapt v0.2.0 h1:FR8zevgQwu+8CqiOT5r6xCmJa3pJC/wdXEEPF1OkNhA= +cloud.google.com/go/auth/oauth2adapt v0.2.0/go.mod h1:AfqujpDAlTfLfeCIl/HJZZlIxD8+nJoZ5e0x1IxGq5k= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -51,6 +55,8 @@ github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aM github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0 h1:ui3YNbxfW7J3tTFIZMH6LIGRjCngp+J+nIFlnizfNTE= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0/go.mod h1:gZmgV+qBqygoznvqo2J9oKZAFziqhLZ2xE/WVUmzkHA= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0 h1:ui3YNbxfW7J3tTFIZMH6LIGRjCngp+J+nIFlnizfNTE= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0/go.mod h1:gZmgV+qBqygoznvqo2J9oKZAFziqhLZ2xE/WVUmzkHA= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0 h1:PTFGRSlMKCQelWwxUyYVEUqseBJVemLyqWJjvMyt0do= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0/go.mod h1:LRr2FzBTQlONPPa5HREE5+RjSCTXl7BwOvYOaWTqCaI= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 v4.3.0 h1:bXwSugBiSbgtz7rOtbfGf+woewp4f06orW9OP5BjHLA= @@ -61,6 +67,8 @@ github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOEl github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= +github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Code-Hex/go-generics-cache v1.5.1 h1:6vhZGc5M7Y/YD8cIUcY8kcuQLB4cHR7U+0KMqAA0KcU= @@ -127,7 +135,6 @@ github.com/cncf/xds/go v0.0.0-20240318125728-8a4994d93e50 h1:DBmgJDC9dTfkVyGgipa github.com/cncf/xds/go v0.0.0-20240318125728-8a4994d93e50/go.mod h1:5e1+Vvlzido69INQaVO6d87Qn543Xr6nooe9Kz7oBFM= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= -github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -363,8 +370,6 @@ github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= -github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= -github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M= github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= @@ -402,7 +407,6 @@ github.com/ionos-cloud/sdk-go/v6 v6.1.11 h1:J/uRN4UWO3wCyGOeDdMKv8LWRzKu6UIkLEae github.com/ionos-cloud/sdk-go/v6 v6.1.11/go.mod h1:EzEgRIDxBELvfoa/uBN0kOQaqovLjUWEB7iW4/Q+t4k= github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww= github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= -github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 h1:liMMTbpW34dhU4az1GN0pTPADwNmvoRSeoZ6PItiqnY= github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= @@ -617,8 +621,6 @@ github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6Mwd github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= -github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -668,18 +670,18 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/collector/featuregate v1.5.0 h1:uK8qnYQKz1TMkK+FDTFsywg/EybW/gbnOUaPNUkRznM= -go.opentelemetry.io/collector/featuregate v1.5.0/go.mod h1:w7nUODKxEi3FLf1HslCiE6YWtMtOOrMnSwsDam8Mg9w= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 h1:cEPbyTSEHlQR89XVlyo78gqluF8Y3oMeBkXGWzQsfXY= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0/go.mod h1:DKdbWcT4GH1D0Y3Sqt/PFXt2naRKDWtU+eE6oLdFNA8= +go.opentelemetry.io/collector/featuregate v1.8.0 h1:p/bAuk5LiSfdYS88yFl/Jzao9bHEYqCh7YvZJ+L+IZg= +go.opentelemetry.io/collector/featuregate v1.8.0/go.mod h1:w7nUODKxEi3FLf1HslCiE6YWtMtOOrMnSwsDam8Mg9w= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 h1:Xs2Ncz0gNihqu9iosIZ5SkBbWo5T8JhhLJFMQL1qmLI= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0/go.mod h1:vy+2G/6NvVMpwGX/NyLqcC41fxepnuKHk16E6IZUcJc= go.opentelemetry.io/otel v1.27.0 h1:9BZoF3yMK/O1AafMiQTVu0YDj5Ea4hPhxCs7sGva+cg= go.opentelemetry.io/otel v1.27.0/go.mod h1:DMpAK8fzYRzs+bi3rS5REupisuqTheUlSZJ1WnZaPAQ= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 h1:CIHWikMsN3wO+wq1Tp5VGdVRTcON+DmOJSfDjXypKOc= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0/go.mod h1:TNupZ6cxqyFEpLXAZW7On+mLFL0/g0TE3unIYL91xWc= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 h1:t6wl9SPayj+c7lEIFgm4ooDBZVb01IhLB4InpomhRw8= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0/go.mod h1:iSDOcsnSA5INXzZtwaBPrKp/lWu/V14Dd+llD0oI2EA= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 h1:Xw8U6u2f8DK2XAkGRFV7BBLENgnTGX9i4rQRxJf+/vs= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0/go.mod h1:6KW1Fm6R/s6Z3PGXwSJN2K4eT6wQB3vXX6CVnYX9NmM= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0 h1:1u/AyyOqAWzy+SkPxDpahCNZParHV8Vid1RnI2clyDE= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0/go.mod h1:z46paqbJ9l7c9fIPCXTqTGwhQZ5XoTIsfeFYWboizjs= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0 h1:1wp/gyxsuYtuE/JFxsQRtcCDtMrO2qMvlfXALU5wkzI= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0/go.mod h1:gbTHmghkGgqxMomVQQMur1Nba4M0MQ8AYThXDUjsJ38= go.opentelemetry.io/otel/exporters/prometheus v0.49.0 h1:Er5I1g/YhfYv9Affk9nJLfH/+qCCVVg1f2R9AbJfqDQ= go.opentelemetry.io/otel/exporters/prometheus v0.49.0/go.mod h1:KfQ1wpjf3zsHjzP149P4LyAwWRupc6c7t1ZJ9eXpKQM= go.opentelemetry.io/otel/metric v1.27.0 h1:hvj3vdEKyeCi4YaYfNjv2NUje8FqKqUY8IlF0FxV/ik= @@ -794,8 +796,6 @@ golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= -golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -888,8 +888,6 @@ golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= -golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= -golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/main.go b/main.go index 5ff894270f..865f829b63 100644 --- a/main.go +++ b/main.go @@ -140,7 +140,6 @@ func main() { encodeLevelKey string encodeTimeKey string encodeLevelFormat string - enableTargetAllocatorMTLS bool ) pflag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.") @@ -179,7 +178,6 @@ func main() { pflag.StringVar(&encodeTimeKey, "zap-time-key", "timestamp", "The time key to be used in the customized Log Encoder") pflag.StringVar(&encodeLevelFormat, "zap-level-format", "uppercase", "The level format to be used in the customized Log Encoder") pflag.IntVar(&webhookPort, "webhook-port", 9443, "The port the webhook endpoint binds to.") - pflag.BoolVar(&enableTargetAllocatorMTLS, constants.FlagTargetAllocatorMTLS, false, "Enable mTLS connection between the target allocator and the controller") pflag.Parse() opts.EncoderConfigOptions = append(opts.EncoderConfigOptions, func(ec *zapcore.EncoderConfig) { @@ -223,7 +221,6 @@ func main() { "zap-level-key", encodeLevelKey, "zap-time-key", encodeTimeKey, "zap-level-format", encodeLevelFormat, - "enable-target-allocator-mtls", enableTargetAllocatorMTLS, ) restConfig := ctrl.GetConfigOrDie() From 1a39bf126622a838fa8cb1b3de36c2735b1cdf6f Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 6 Jun 2024 08:37:05 +0300 Subject: [PATCH 46/88] minor change --- Makefile | 16 ++++++++++------ config/manager/kustomization.yaml | 6 ++++++ config/manager/manager.yaml | 2 +- .../manifests/targetallocator/container_test.go | 2 +- 4 files changed, 18 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index 157d172907..44049d130d 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,7 @@ ARCH ?= $(shell go env GOARCH) # Image URL to use all building/pushing image targets DOCKER_USER ?= open-telemetry -IMG_PREFIX ?= ghcr.io/${DOCKER_USER}/opentelemetry-operator +IMG_PREFIX ?= opentelemetry-operator IMG_REPO ?= opentelemetry-operator IMG ?= ${IMG_PREFIX}/${IMG_REPO}:${VERSION} BUNDLE_IMG ?= ${IMG_PREFIX}/${IMG_REPO}-bundle:${VERSION} @@ -104,17 +104,17 @@ ci: generate fmt vet test ensure-generate-is-noop # Build manager binary .PHONY: manager manager: generate - CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(ARCH) go build -o bin/manager_${ARCH} -ldflags "${COMMON_LDFLAGS} ${OPERATOR_LDFLAGS}" main.go + CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -o bin/manager_${ARCH} -ldflags "${COMMON_LDFLAGS} ${OPERATOR_LDFLAGS}" main.go # Build target allocator binary .PHONY: targetallocator targetallocator: - CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(ARCH) go build -o cmd/otel-allocator/bin/targetallocator_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/otel-allocator + CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -o cmd/otel-allocator/bin/targetallocator_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/otel-allocator # Build opamp bridge binary .PHONY: operator-opamp-bridge operator-opamp-bridge: generate - CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(ARCH) go build -o cmd/operator-opamp-bridge/bin/opampbridge_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/operator-opamp-bridge + CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -o cmd/operator-opamp-bridge/bin/opampbridge_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/operator-opamp-bridge # Run against the configured Kubernetes cluster in ~/.kube/config .PHONY: run @@ -170,6 +170,10 @@ add-rbac-permissions-to-operator: manifests kustomize # Deploy controller in the current Kubernetes context, configured in ~/.kube/config .PHONY: deploy deploy: set-image-controller + docker build -t ${IMG} . + docker build -t ${TARGETALLOCATOR_IMG} cmd/otel-allocator + k3d image import ${IMG} -c otel + k3d image import ${TARGETALLOCATOR_IMG} -c otel $(KUSTOMIZE) build config/default | kubectl apply -f - go run hack/check-operator-ready.go 300 @@ -298,11 +302,11 @@ container: manager # Push the container image, used only for local dev purposes .PHONY: container-push container-push: - docker push ${IMG} + k3d image import ${IMG} -c otel .PHONY: container-target-allocator-push container-target-allocator-push: - docker push ${TARGETALLOCATOR_IMG} + k3d image import ${TARGETALLOCATOR_IMG} -c otel .PHONY: container-operator-opamp-bridge-push container-operator-opamp-bridge-push: diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 5c5f0b84cb..6dc4fd9aa2 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,2 +1,8 @@ resources: - manager.yaml +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +images: +- name: controller + newName: opentelemetry-operator/opentelemetry-operator + newTag: 0.98.0-53-g684afbdc diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index b15e4abfd6..d577ba58d6 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -30,7 +30,7 @@ spec: - args: - "--metrics-addr=127.0.0.1:8080" - "--enable-leader-election" - - "--zap-log-level=info" + - "--zap-log-level=2" - "--zap-time-encoding=rfc3339nano" - "--enable-nginx-instrumentation=true" image: controller diff --git a/internal/manifests/targetallocator/container_test.go b/internal/manifests/targetallocator/container_test.go index ce91ecc10f..8f578f394d 100644 --- a/internal/manifests/targetallocator/container_test.go +++ b/internal/manifests/targetallocator/container_test.go @@ -365,7 +365,7 @@ func TestSecurityContext(t *testing.T) { func TestContainerWithCertManagerAvailable(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{} + targetAllocator := v1alpha1.TargetAllocator{} cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) // test From 8affdf200f8e4dec36cc1cc71a59e7fb02d90583 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 6 Jun 2024 08:40:19 +0300 Subject: [PATCH 47/88] Minor change --- internal/manifests/targetallocator/container_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/manifests/targetallocator/container_test.go b/internal/manifests/targetallocator/container_test.go index 8f578f394d..ce91ecc10f 100644 --- a/internal/manifests/targetallocator/container_test.go +++ b/internal/manifests/targetallocator/container_test.go @@ -365,7 +365,7 @@ func TestSecurityContext(t *testing.T) { func TestContainerWithCertManagerAvailable(t *testing.T) { // prepare - targetAllocator := v1alpha1.TargetAllocator{} + targetAllocator := v1beta1.TargetAllocator{} cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) // test From 446f570c2fcd57c63b14414850d2f01863358573 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 6 Jun 2024 08:41:00 +0300 Subject: [PATCH 48/88] minor change --- internal/manifests/targetallocator/container_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/manifests/targetallocator/container_test.go b/internal/manifests/targetallocator/container_test.go index ce91ecc10f..8f578f394d 100644 --- a/internal/manifests/targetallocator/container_test.go +++ b/internal/manifests/targetallocator/container_test.go @@ -365,7 +365,7 @@ func TestSecurityContext(t *testing.T) { func TestContainerWithCertManagerAvailable(t *testing.T) { // prepare - targetAllocator := v1beta1.TargetAllocator{} + targetAllocator := v1alpha1.TargetAllocator{} cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) // test From 71614fc2d5d61fd99fd5601fc7390663b760e3f2 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 6 Jun 2024 08:49:54 +0300 Subject: [PATCH 49/88] Cleanup --- main.go | 1 - 1 file changed, 1 deletion(-) diff --git a/main.go b/main.go index 865f829b63..13c65044e9 100644 --- a/main.go +++ b/main.go @@ -334,7 +334,6 @@ func main() { setupLog.Info("Cert-Manager is installed, adding to scheme.") utilruntime.Must(cmv1.AddToScheme(scheme)) setupLog.Info("Securing the connection between the target allocator and the collector") - cfg.ena } else { setupLog.Info("Cert-Manager is not installed, skipping adding to scheme.") } From 1078c9d6a4070c805218e28ba37af95c1581e583 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 6 Jun 2024 10:11:13 +0300 Subject: [PATCH 50/88] Cleanup, go tidy and resolved conflics --- go.mod | 26 -------------------------- go.sum | 30 ------------------------------ 2 files changed, 56 deletions(-) diff --git a/go.mod b/go.mod index 3b5f1e5a7c..cc9c7212aa 100644 --- a/go.mod +++ b/go.mod @@ -29,7 +29,6 @@ require ( github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.9.0 go.opentelemetry.io/collector/featuregate v1.8.0 - go.opentelemetry.io/collector/featuregate v1.8.0 go.opentelemetry.io/otel v1.27.0 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 go.opentelemetry.io/otel/exporters/prometheus v0.49.0 @@ -55,26 +54,7 @@ require ( require ( cloud.google.com/go/auth v0.2.0 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.0 // indirect - github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 // indirect - github.com/knadh/koanf/maps v0.1.1 // indirect - github.com/knadh/koanf/providers/confmap v0.1.0 // indirect - github.com/knadh/koanf/v2 v2.1.1 // indirect - github.com/mitchellh/copystructure v1.2.0 // indirect - github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/moby/docker-image-spec v1.3.1 // indirect - github.com/rs/cors v1.10.1 // indirect - go.opentelemetry.io/collector v0.101.0 // indirect - go.opentelemetry.io/collector/component v0.101.0 // indirect - go.opentelemetry.io/collector/config/configauth v0.101.0 // indirect - go.opentelemetry.io/collector/config/configcompression v1.8.0 // indirect - go.opentelemetry.io/collector/config/configopaque v1.8.0 // indirect - go.opentelemetry.io/collector/config/configtelemetry v0.101.0 // indirect - go.opentelemetry.io/collector/config/configtls v0.101.0 // indirect - go.opentelemetry.io/collector/config/internal v0.101.0 // indirect - go.opentelemetry.io/collector/confmap v0.101.0 // indirect - go.opentelemetry.io/collector/extension v0.101.0 // indirect - go.opentelemetry.io/collector/extension/auth v0.101.0 // indirect - go.opentelemetry.io/collector/pdata v1.8.0 // indirect sigs.k8s.io/gateway-api v1.0.0 // indirect ) @@ -84,9 +64,7 @@ require ( github.com/docker/go-units v0.5.0 // indirect github.com/efficientgo/core v1.0.0-rc.2 // indirect github.com/envoyproxy/go-control-plane v0.12.0 // indirect - github.com/moby/docker-image-spec v1.3.1 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0 // indirect - sigs.k8s.io/gateway-api v1.0.0 // indirect ) require ( @@ -187,7 +165,6 @@ require ( github.com/jpillora/backoff v1.0.0 // indirect github.com/klauspost/compress v1.17.8 // indirect github.com/klauspost/cpuid/v2 v2.2.7 // indirect - github.com/klauspost/compress v1.17.8 // indirect github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b // indirect github.com/kylelemons/godebug v1.1.0 // indirect github.com/leodido/go-urn v1.4.0 // indirect @@ -234,9 +211,6 @@ require ( go.uber.org/goleak v1.3.0 // indirect golang.org/x/arch v0.8.0 // indirect golang.org/x/crypto v0.23.0 // indirect - go.uber.org/zap v1.27.0 // indirect - golang.org/x/arch v0.3.0 // indirect - golang.org/x/crypto v0.23.0 // indirect golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.25.0 // indirect diff --git a/go.sum b/go.sum index 1c96e9d4e4..6d66c033d5 100644 --- a/go.sum +++ b/go.sum @@ -17,14 +17,6 @@ cloud.google.com/go/auth v0.2.0 h1:y6oTcpMSbOcXbwYgUUrvI+mrQ2xbrcdpPgtVbCGTLTk= cloud.google.com/go/auth v0.2.0/go.mod h1:+yb+oy3/P0geX6DLKlqiGHARGR6EX2GRtYCzWOCQSbU= cloud.google.com/go/auth/oauth2adapt v0.2.0 h1:FR8zevgQwu+8CqiOT5r6xCmJa3pJC/wdXEEPF1OkNhA= cloud.google.com/go/auth/oauth2adapt v0.2.0/go.mod h1:AfqujpDAlTfLfeCIl/HJZZlIxD8+nJoZ5e0x1IxGq5k= -cloud.google.com/go/auth v0.2.0 h1:y6oTcpMSbOcXbwYgUUrvI+mrQ2xbrcdpPgtVbCGTLTk= -cloud.google.com/go/auth v0.2.0/go.mod h1:+yb+oy3/P0geX6DLKlqiGHARGR6EX2GRtYCzWOCQSbU= -cloud.google.com/go/auth/oauth2adapt v0.2.0 h1:FR8zevgQwu+8CqiOT5r6xCmJa3pJC/wdXEEPF1OkNhA= -cloud.google.com/go/auth/oauth2adapt v0.2.0/go.mod h1:AfqujpDAlTfLfeCIl/HJZZlIxD8+nJoZ5e0x1IxGq5k= -cloud.google.com/go/auth v0.2.0 h1:y6oTcpMSbOcXbwYgUUrvI+mrQ2xbrcdpPgtVbCGTLTk= -cloud.google.com/go/auth v0.2.0/go.mod h1:+yb+oy3/P0geX6DLKlqiGHARGR6EX2GRtYCzWOCQSbU= -cloud.google.com/go/auth/oauth2adapt v0.2.0 h1:FR8zevgQwu+8CqiOT5r6xCmJa3pJC/wdXEEPF1OkNhA= -cloud.google.com/go/auth/oauth2adapt v0.2.0/go.mod h1:AfqujpDAlTfLfeCIl/HJZZlIxD8+nJoZ5e0x1IxGq5k= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -55,8 +47,6 @@ github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aM github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0 h1:ui3YNbxfW7J3tTFIZMH6LIGRjCngp+J+nIFlnizfNTE= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0/go.mod h1:gZmgV+qBqygoznvqo2J9oKZAFziqhLZ2xE/WVUmzkHA= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0 h1:ui3YNbxfW7J3tTFIZMH6LIGRjCngp+J+nIFlnizfNTE= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0/go.mod h1:gZmgV+qBqygoznvqo2J9oKZAFziqhLZ2xE/WVUmzkHA= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0 h1:PTFGRSlMKCQelWwxUyYVEUqseBJVemLyqWJjvMyt0do= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0/go.mod h1:LRr2FzBTQlONPPa5HREE5+RjSCTXl7BwOvYOaWTqCaI= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 v4.3.0 h1:bXwSugBiSbgtz7rOtbfGf+woewp4f06orW9OP5BjHLA= @@ -67,8 +57,6 @@ github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOEl github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= -github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= -github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Code-Hex/go-generics-cache v1.5.1 h1:6vhZGc5M7Y/YD8cIUcY8kcuQLB4cHR7U+0KMqAA0KcU= @@ -246,8 +234,6 @@ github.com/go-resty/resty/v2 v2.12.0/go.mod h1:o0yGPrkS3lOe1+eFajk6kBW8ScXzwU3hD github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 h1:TQcrn6Wq+sKGkpyPvppOz99zsMBaUOKXq6HSv655U1c= -github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/go-zookeeper/zk v1.0.3 h1:7M2kwOsc//9VeeFiPtf+uSJlVpU66x9Ba5+8XK7/TDg= github.com/go-zookeeper/zk v1.0.3/go.mod h1:nOB03cncLtlp4t+UAkGSV+9beXP/akpekBwL+UX1Qcw= github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= @@ -434,12 +420,6 @@ github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa02 github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM= github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M= -github.com/knadh/koanf/maps v0.1.1 h1:G5TjmUh2D7G2YWf5SQQqSiHRJEjaicvU0KpypqB3NIs= -github.com/knadh/koanf/maps v0.1.1/go.mod h1:npD/QZY3V6ghQDdcQzl1W4ICNVTkohC8E73eI2xW4yI= -github.com/knadh/koanf/providers/confmap v0.1.0 h1:gOkxhHkemwG4LezxxN8DMOFopOPghxRVp7JbIvdvqzU= -github.com/knadh/koanf/providers/confmap v0.1.0/go.mod h1:2uLhxQzJnyHKfxG927awZC7+fyHFdQkd697K4MdLnIU= -github.com/knadh/koanf/v2 v2.1.1 h1:/R8eXqasSTsmDCsAyYj+81Wteg8AqrV9CP6gvsTsOmM= -github.com/knadh/koanf/v2 v2.1.1/go.mod h1:4mnTRbZCK+ALuBXHZMjDfG9y714L7TykVnZkXbMU3Es= github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b h1:udzkj9S/zlT5X367kqJis0QP7YMxobob6zhzq6Yre00= github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b/go.mod h1:pcaDhQK0/NJZEvtCO0qQPPropqV0sJOJ6YW7X+9kRwM= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -485,8 +465,6 @@ github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJys github.com/miekg/dns v1.1.59 h1:C9EXc/UToRwKLhK5wKU/I4QVsBUc8kE6MkHBkeypWZs= github.com/miekg/dns v1.1.59/go.mod h1:nZpewl5p6IvctfgrckopVx2OlSEHPRO/U4SYkRklrEk= github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= -github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= -github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= @@ -496,10 +474,6 @@ github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyua github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= -github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= -github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= -github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/term v0.0.0-20221205130635-1aeaba878587 h1:HfkjXDfhgVaN5rmueG8cL8KKeFNecRCXFhaJ2qZ5SKA= github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -602,10 +576,6 @@ github.com/prometheus/prometheus v0.52.1/go.mod h1:3z74cVsmVH0iXOR5QBjB7Pa6A0KJe github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= -github.com/rs/cors v1.10.1 h1:L0uuZVXIKlI1SShY2nhFfo44TYvDPQ1w4oFkUJNfhyo= -github.com/rs/cors v1.10.1/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= -github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= -github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26 h1:F+GIVtGqCFxPxO46ujf8cEOP574MBoRm3gNbPXECbxs= From 85c72920e47b8d6c579c09dd8228204e4e59e7c4 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 6 Jun 2024 10:18:10 +0300 Subject: [PATCH 51/88] Restored local dev changes --- Makefile | 16 ++++++---------- config/manager/kustomization.yaml | 6 ------ config/manager/manager.yaml | 2 +- 3 files changed, 7 insertions(+), 17 deletions(-) diff --git a/Makefile b/Makefile index 44049d130d..157d172907 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,7 @@ ARCH ?= $(shell go env GOARCH) # Image URL to use all building/pushing image targets DOCKER_USER ?= open-telemetry -IMG_PREFIX ?= opentelemetry-operator +IMG_PREFIX ?= ghcr.io/${DOCKER_USER}/opentelemetry-operator IMG_REPO ?= opentelemetry-operator IMG ?= ${IMG_PREFIX}/${IMG_REPO}:${VERSION} BUNDLE_IMG ?= ${IMG_PREFIX}/${IMG_REPO}-bundle:${VERSION} @@ -104,17 +104,17 @@ ci: generate fmt vet test ensure-generate-is-noop # Build manager binary .PHONY: manager manager: generate - CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -o bin/manager_${ARCH} -ldflags "${COMMON_LDFLAGS} ${OPERATOR_LDFLAGS}" main.go + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(ARCH) go build -o bin/manager_${ARCH} -ldflags "${COMMON_LDFLAGS} ${OPERATOR_LDFLAGS}" main.go # Build target allocator binary .PHONY: targetallocator targetallocator: - CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -o cmd/otel-allocator/bin/targetallocator_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/otel-allocator + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(ARCH) go build -o cmd/otel-allocator/bin/targetallocator_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/otel-allocator # Build opamp bridge binary .PHONY: operator-opamp-bridge operator-opamp-bridge: generate - CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -o cmd/operator-opamp-bridge/bin/opampbridge_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/operator-opamp-bridge + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(ARCH) go build -o cmd/operator-opamp-bridge/bin/opampbridge_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/operator-opamp-bridge # Run against the configured Kubernetes cluster in ~/.kube/config .PHONY: run @@ -170,10 +170,6 @@ add-rbac-permissions-to-operator: manifests kustomize # Deploy controller in the current Kubernetes context, configured in ~/.kube/config .PHONY: deploy deploy: set-image-controller - docker build -t ${IMG} . - docker build -t ${TARGETALLOCATOR_IMG} cmd/otel-allocator - k3d image import ${IMG} -c otel - k3d image import ${TARGETALLOCATOR_IMG} -c otel $(KUSTOMIZE) build config/default | kubectl apply -f - go run hack/check-operator-ready.go 300 @@ -302,11 +298,11 @@ container: manager # Push the container image, used only for local dev purposes .PHONY: container-push container-push: - k3d image import ${IMG} -c otel + docker push ${IMG} .PHONY: container-target-allocator-push container-target-allocator-push: - k3d image import ${TARGETALLOCATOR_IMG} -c otel + docker push ${TARGETALLOCATOR_IMG} .PHONY: container-operator-opamp-bridge-push container-operator-opamp-bridge-push: diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 6dc4fd9aa2..5c5f0b84cb 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,8 +1,2 @@ resources: - manager.yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -images: -- name: controller - newName: opentelemetry-operator/opentelemetry-operator - newTag: 0.98.0-53-g684afbdc diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index d577ba58d6..b15e4abfd6 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -30,7 +30,7 @@ spec: - args: - "--metrics-addr=127.0.0.1:8080" - "--enable-leader-election" - - "--zap-log-level=2" + - "--zap-log-level=info" - "--zap-time-encoding=rfc3339nano" - "--enable-nginx-instrumentation=true" image: controller From 815c4d935e3fd0ae332835fb1f549e508b042b83 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Tue, 11 Jun 2024 10:30:15 +0300 Subject: [PATCH 52/88] Refactored, removed init container, minor changes --- cmd/otel-allocator/config/config.go | 25 ++++++---- cmd/otel-allocator/config/flags.go | 45 ++++++++++++++---- cmd/otel-allocator/config/flags_test.go | 10 +++- go.mod | 5 +- go.sum | 1 - internal/autodetect/autodetectutils/utils.go | 47 +++++++++++++++++++ internal/autodetect/certmanager/check.go | 35 ++------------ internal/autodetect/main_test.go | 5 +- internal/autodetect/rbac/check.go | 33 ++----------- internal/manifests/collector/configmap.go | 9 +++- internal/manifests/collector/container.go | 7 +-- internal/manifests/collector/deployment.go | 28 +---------- internal/manifests/collector/statefulset.go | 29 +----------- internal/manifests/collector/volume.go | 7 +-- internal/manifests/manifestutils/utils.go | 22 +++++++++ .../manifests/targetallocator/certificate.go | 4 -- .../manifests/targetallocator/configmap.go | 12 +++++ .../manifests/targetallocator/container.go | 9 +--- internal/manifests/targetallocator/volume.go | 2 +- internal/naming/main.go | 10 ++++ 20 files changed, 177 insertions(+), 168 deletions(-) create mode 100644 internal/autodetect/autodetectutils/utils.go create mode 100644 internal/manifests/manifestutils/utils.go diff --git a/cmd/otel-allocator/config/config.go b/cmd/otel-allocator/config/config.go index e772eadc45..5338101e30 100644 --- a/cmd/otel-allocator/config/config.go +++ b/cmd/otel-allocator/config/config.go @@ -114,29 +114,34 @@ func LoadFromCLI(target *Config, flagSet *pflag.FlagSet) error { return err } - target.HTTPS.Enabled, err = getHttpsEnabled(flagSet) - if err != nil { + if httpsEnabled, changed, err := getHttpsEnabled(flagSet); err != nil { return err + } else if changed { + target.HTTPS.Enabled = httpsEnabled } - target.HTTPS.ListenAddr, err = getHttpsListenAddr(flagSet) - if err != nil { + if listenAddrHttps, changed, err := getHttpsListenAddr(flagSet); err != nil { return err + } else if changed { + target.HTTPS.ListenAddr = listenAddrHttps } - target.HTTPS.CAFilePath, err = getHttpsCAFilePath(flagSet) - if err != nil { + if caFilePath, changed, err := getHttpsCAFilePath(flagSet); err != nil { return err + } else if changed { + target.HTTPS.CAFilePath = caFilePath } - target.HTTPS.TLSCertFilePath, err = getHttpsTLSCertFilePath(flagSet) - if err != nil { + if tlsCertFilePath, changed, err := getHttpsTLSCertFilePath(flagSet); err != nil { return err + } else if changed { + target.HTTPS.TLSCertFilePath = tlsCertFilePath } - target.HTTPS.TLSKeyFilePath, err = getHttpsTLSKeyFilePath(flagSet) - if err != nil { + if tlsKeyFilePath, changed, err := getHttpsTLSKeyFilePath(flagSet); err != nil { return err + } else if changed { + target.HTTPS.TLSKeyFilePath = tlsKeyFilePath } return nil diff --git a/cmd/otel-allocator/config/flags.go b/cmd/otel-allocator/config/flags.go index 9a928cb958..e3f6cdfd22 100644 --- a/cmd/otel-allocator/config/flags.go +++ b/cmd/otel-allocator/config/flags.go @@ -73,22 +73,47 @@ func getPrometheusCREnabled(flagSet *pflag.FlagSet) (bool, error) { return flagSet.GetBool(prometheusCREnabledFlagName) } -func getHttpsListenAddr(flagSet *pflag.FlagSet) (string, error) { - return flagSet.GetString(listenAddrHttpsFlagName) +func getHttpsListenAddr(flagSet *pflag.FlagSet) (value string, changed bool, err error) { + if changed = flagSet.Changed(listenAddrHttpsFlagName); !changed { + value, err = "", nil + return + } + value, err = flagSet.GetString(listenAddrHttpsFlagName) + return } -func getHttpsEnabled(flagSet *pflag.FlagSet) (bool, error) { - return flagSet.GetBool(httpsEnabledFlagName) +func getHttpsEnabled(flagSet *pflag.FlagSet) (value bool, changed bool, err error) { + if changed = flagSet.Changed(httpsEnabledFlagName); !changed { + value, err = false, nil + return + } + value, err = flagSet.GetBool(httpsEnabledFlagName) + return } -func getHttpsCAFilePath(flagSet *pflag.FlagSet) (string, error) { - return flagSet.GetString(httpsCAFilePathFlagName) +func getHttpsCAFilePath(flagSet *pflag.FlagSet) (value string, changed bool, err error) { + if changed = flagSet.Changed(httpsCAFilePathFlagName); !changed { + value, err = "", nil + return + } + value, err = flagSet.GetString(httpsCAFilePathFlagName) + return } -func getHttpsTLSCertFilePath(flagSet *pflag.FlagSet) (string, error) { - return flagSet.GetString(httpsTLSCertFilePathFlagName) +func getHttpsTLSCertFilePath(flagSet *pflag.FlagSet) (value string, changed bool, err error) { + if changed = flagSet.Changed(httpsTLSCertFilePathFlagName); !changed { + value, err = "", nil + return + } + value, err = flagSet.GetString(httpsTLSCertFilePathFlagName) + return } -func getHttpsTLSKeyFilePath(flagSet *pflag.FlagSet) (string, error) { - return flagSet.GetString(httpsTLSKeyFilePathFlagName) +func getHttpsTLSKeyFilePath(flagSet *pflag.FlagSet) (value string, changed bool, err error) { + if changed = flagSet.Changed(httpsTLSKeyFilePathFlagName); !changed { + value, err = "", nil + return + } + value, err = flagSet.GetString(httpsTLSKeyFilePathFlagName) + return } diff --git a/cmd/otel-allocator/config/flags_test.go b/cmd/otel-allocator/config/flags_test.go index fe83863569..7394d14133 100644 --- a/cmd/otel-allocator/config/flags_test.go +++ b/cmd/otel-allocator/config/flags_test.go @@ -74,13 +74,19 @@ func TestFlagGetters(t *testing.T) { name: "HttpsServer", flagArgs: []string{"--" + httpsEnabledFlagName, "true"}, expectedValue: true, - getterFunc: func(fs *pflag.FlagSet) (interface{}, error) { return getHttpsEnabled(fs) }, + getterFunc: func(fs *pflag.FlagSet) (interface{}, error) { + _, value, err := getHttpsEnabled(fs) + return value, err + }, }, { name: "HttpsServerKey", flagArgs: []string{"--" + httpsTLSKeyFilePathFlagName, "/path/to/tls.key"}, expectedValue: "/path/to/tls.key", - getterFunc: func(fs *pflag.FlagSet) (interface{}, error) { return getHttpsTLSKeyFilePath(fs) }, + getterFunc: func(fs *pflag.FlagSet) (interface{}, error) { + _, value, err := getHttpsTLSKeyFilePath(fs) + return value, err + }, }, } diff --git a/go.mod b/go.mod index 3132bf939f..cc9c7212aa 100644 --- a/go.mod +++ b/go.mod @@ -69,8 +69,6 @@ require ( require ( cloud.google.com/go/compute/metadata v0.3.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 // indirect github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 v4.3.0 // indirect @@ -177,8 +175,7 @@ require ( github.com/metalmatze/signal v0.0.0-20210307161603-1c9aa721a97a // indirect github.com/miekg/dns v1.1.59 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect - github.com/mitchellh/mapstructure v1.5.0 // indirect - github.com/moby/docker-image-spec v1.3.1 // indirect + github.com/mitchellh/mapstructure v1.5.0 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect diff --git a/go.sum b/go.sum index 2a0d4d29d8..6d66c033d5 100644 --- a/go.sum +++ b/go.sum @@ -393,7 +393,6 @@ github.com/ionos-cloud/sdk-go/v6 v6.1.11 h1:J/uRN4UWO3wCyGOeDdMKv8LWRzKu6UIkLEae github.com/ionos-cloud/sdk-go/v6 v6.1.11/go.mod h1:EzEgRIDxBELvfoa/uBN0kOQaqovLjUWEB7iW4/Q+t4k= github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww= github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= -github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 h1:liMMTbpW34dhU4az1GN0pTPADwNmvoRSeoZ6PItiqnY= github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= diff --git a/internal/autodetect/autodetectutils/utils.go b/internal/autodetect/autodetectutils/utils.go new file mode 100644 index 0000000000..9bbf64357e --- /dev/null +++ b/internal/autodetect/autodetectutils/utils.go @@ -0,0 +1,47 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package autodetectutils + +import ( + "fmt" + "os" +) + +const ( + SA_ENV_VAR = "SERVICE_ACCOUNT_NAME" + NAMESPACE_ENV_VAR = "NAMESPACE" + NAMESPACE_FILE_PATH = "/var/run/secrets/kubernetes.io/serviceaccount/namespace" +) + +func GetOperatorNamespace() (string, error) { + namespace := os.Getenv(NAMESPACE_ENV_VAR) + if namespace != "" { + return namespace, nil + } + + nsBytes, err := os.ReadFile(NAMESPACE_FILE_PATH) + if err != nil { + return "", err + } + return string(nsBytes), nil +} + +func GetOperatorServiceAccount() (string, error) { + sa := os.Getenv(SA_ENV_VAR) + if sa == "" { + return sa, fmt.Errorf("%s env variable not found", SA_ENV_VAR) + } + return sa, nil +} diff --git a/internal/autodetect/certmanager/check.go b/internal/autodetect/certmanager/check.go index 72667d84f0..f4f58da623 100644 --- a/internal/autodetect/certmanager/check.go +++ b/internal/autodetect/certmanager/check.go @@ -17,50 +17,23 @@ package certmanager import ( "context" "fmt" - "os" rbacv1 "k8s.io/api/rbac/v1" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" - "github.com/open-telemetry/opentelemetry-operator/internal/rbac" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/autodetectutils" + rbac "github.com/open-telemetry/opentelemetry-operator/internal/rbac" ) -const ( - SA_ENV_VAR = "SERVICE_ACCOUNT_NAME" - NAMESPACE_ENV_VAR = "NAMESPACE" - NAMESPACE_FILE_PATH = "/var/run/secrets/kubernetes.io/serviceaccount/namespace" -) - -func getOperatorNamespace() (string, error) { - namespace := os.Getenv(NAMESPACE_ENV_VAR) - if namespace != "" { - return namespace, nil - } - - nsBytes, err := os.ReadFile(NAMESPACE_FILE_PATH) - if err != nil { - return "", err - } - return string(nsBytes), nil -} - -func getOperatorServiceAccount() (string, error) { - sa := os.Getenv(SA_ENV_VAR) - if sa == "" { - return sa, fmt.Errorf("%s env variable not found", SA_ENV_VAR) - } - return sa, nil -} - // CheckCertManagerPermissions checks if the operator has the needed permissions to manage cert-manager certificates automatically. // If the RBAC is there, no errors nor warnings are returned. func CheckCertManagerPermissions(ctx context.Context, reviewer *rbac.Reviewer) (admission.Warnings, error) { - namespace, err := getOperatorNamespace() + namespace, err := autodetectutils.GetOperatorNamespace() if err != nil { return nil, fmt.Errorf("%s: %w", "not possible to check RBAC rules", err) } - serviceAccount, err := getOperatorServiceAccount() + serviceAccount, err := autodetectutils.GetOperatorServiceAccount() if err != nil { return nil, fmt.Errorf("%s: %w", "not possible to check RBAC rules", err) } diff --git a/internal/autodetect/main_test.go b/internal/autodetect/main_test.go index cae05f1563..387b72d721 100644 --- a/internal/autodetect/main_test.go +++ b/internal/autodetect/main_test.go @@ -33,6 +33,7 @@ import ( kubeTesting "k8s.io/client-go/testing" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/autodetectutils" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/prometheus" autoRBAC "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/rbac" @@ -243,8 +244,8 @@ func TestDetectRBACPermissionsBasedOnAvailableClusterRoles(t *testing.T) { } { t.Run(tt.description, func(t *testing.T) { // These settings can be get from env vars - t.Setenv(autoRBAC.NAMESPACE_ENV_VAR, tt.namespace) - t.Setenv(autoRBAC.SA_ENV_VAR, tt.serviceAccount) + t.Setenv(autodetectutils.NAMESPACE_ENV_VAR, tt.namespace) + t.Setenv(autodetectutils.SA_ENV_VAR, tt.serviceAccount) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {})) defer server.Close() diff --git a/internal/autodetect/rbac/check.go b/internal/autodetect/rbac/check.go index 1e133ebf49..9c67d79cc3 100644 --- a/internal/autodetect/rbac/check.go +++ b/internal/autodetect/rbac/check.go @@ -17,50 +17,23 @@ package rbac import ( "context" "fmt" - "os" rbacv1 "k8s.io/api/rbac/v1" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/autodetectutils" "github.com/open-telemetry/opentelemetry-operator/internal/rbac" ) -const ( - SA_ENV_VAR = "SERVICE_ACCOUNT_NAME" - NAMESPACE_ENV_VAR = "NAMESPACE" - NAMESPACE_FILE_PATH = "/var/run/secrets/kubernetes.io/serviceaccount/namespace" -) - -func getOperatorNamespace() (string, error) { - namespace := os.Getenv(NAMESPACE_ENV_VAR) - if namespace != "" { - return namespace, nil - } - - nsBytes, err := os.ReadFile(NAMESPACE_FILE_PATH) - if err != nil { - return "", err - } - return string(nsBytes), nil -} - -func getOperatorServiceAccount() (string, error) { - sa := os.Getenv(SA_ENV_VAR) - if sa == "" { - return sa, fmt.Errorf("%s env variable not found", SA_ENV_VAR) - } - return sa, nil -} - // CheckRBACPermissions checks if the operator has the needed permissions to create RBAC resources automatically. // If the RBAC is there, no errors nor warnings are returned. func CheckRBACPermissions(ctx context.Context, reviewer *rbac.Reviewer) (admission.Warnings, error) { - namespace, err := getOperatorNamespace() + namespace, err := autodetectutils.GetOperatorNamespace() if err != nil { return nil, fmt.Errorf("%s: %w", "not possible to check RBAC rules", err) } - serviceAccount, err := getOperatorServiceAccount() + serviceAccount, err := autodetectutils.GetOperatorServiceAccount() if err != nil { return nil, fmt.Errorf("%s: %w", "not possible to check RBAC rules", err) } diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index f0654e05b4..527842c855 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -15,6 +15,8 @@ package collector import ( + "path/filepath" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -36,7 +38,12 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { replaceCfgOpts := []ta.TAOption{} if params.Config.CertManagerAvailability() == certmanager.Available { - replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig("/tls/ca.crt", "/tls/tls.crt", "/tls/tls.key", naming.TAService(params.OtelCol.Name))) + replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig( + filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), + filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), + filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), + naming.TAService(params.OtelCol.Name)), + ) } replacedConf, err := ReplaceConfig(params.OtelCol, replaceCfgOpts...) diff --git a/internal/manifests/collector/container.go b/internal/manifests/collector/container.go index 77e7511ce2..24c4e14990 100644 --- a/internal/manifests/collector/container.go +++ b/internal/manifests/collector/container.go @@ -29,6 +29,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector/adapters" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -96,11 +97,7 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme volumeMounts = append(volumeMounts, corev1.VolumeMount{ Name: naming.TAClientCertificate(otelcol.Name), - MountPath: "/tls"}, - corev1.VolumeMount{ - Name: "shared-ca-certificates", - MountPath: "/etc/ssl/certs/ca-certificates.crt", - SubPath: "ca-certificates.crt", + MountPath: manifestutils.TLSDirPath, }) } diff --git a/internal/manifests/collector/deployment.go b/internal/manifests/collector/deployment.go index 39ecfdf505..1cc105114b 100644 --- a/internal/manifests/collector/deployment.go +++ b/internal/manifests/collector/deployment.go @@ -19,7 +19,6 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" @@ -39,31 +38,6 @@ func Deployment(params manifests.Params) (*appsv1.Deployment, error) { return nil, err } - initContainers := params.OtelCol.Spec.InitContainers - - if params.Config.CertManagerAvailability() == certmanager.Available { - initContainers = append(initContainers, corev1.Container{ - Name: "install-ca-cert", - Image: "alpine:latest", - Command: []string{ - "/bin/sh", - "-c", - "apk --update add ca-certificates && update-ca-certificates && cp /etc/ssl/certs/ca-certificates.crt /shared/ca-certificates.crt", - }, - VolumeMounts: []corev1.VolumeMount{ - { - Name: naming.TAClientCertificate(params.OtelCol.Name), - MountPath: "/usr/local/share/ca-certificates/ca.crt", - SubPath: "ca.crt", - }, - { - Name: "shared-ca-certificates", - MountPath: "/shared", - }, - }, - }) - } - return &appsv1.Deployment{ ObjectMeta: metav1.ObjectMeta{ Name: name, @@ -84,7 +58,7 @@ func Deployment(params manifests.Params) (*appsv1.Deployment, error) { }, Spec: corev1.PodSpec{ ServiceAccountName: ServiceAccountName(params.OtelCol), - InitContainers: initContainers, + InitContainers: params.OtelCol.Spec.InitContainers, Containers: append(params.OtelCol.Spec.AdditionalContainers, Container(params.Config, params.Log, params.OtelCol, true)), Volumes: Volumes(params.Config, params.OtelCol), DNSPolicy: getDNSPolicy(params.OtelCol), diff --git a/internal/manifests/collector/statefulset.go b/internal/manifests/collector/statefulset.go index c1c84a54f0..cd6c1f20c7 100644 --- a/internal/manifests/collector/statefulset.go +++ b/internal/manifests/collector/statefulset.go @@ -19,7 +19,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" + // "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" @@ -40,31 +40,6 @@ func StatefulSet(params manifests.Params) (*appsv1.StatefulSet, error) { return nil, err } - initContainers := params.OtelCol.Spec.InitContainers - - if params.Config.CertManagerAvailability() == certmanager.Available { - initContainers = append(initContainers, corev1.Container{ - Name: "install-ca-cert", - Image: "alpine:latest", - Command: []string{ - "/bin/sh", - "-c", - "apk --update add ca-certificates && update-ca-certificates && cp /etc/ssl/certs/ca-certificates.crt /shared/ca-certificates.crt", - }, - VolumeMounts: []corev1.VolumeMount{ - { - Name: naming.TAClientCertificate(params.OtelCol.Name), - MountPath: "/usr/local/share/ca-certificates/ca.crt", - SubPath: "ca.crt", - }, - { - Name: "shared-ca-certificates", - MountPath: "/shared", - }, - }, - }) - } - return &appsv1.StatefulSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, @@ -84,7 +59,7 @@ func StatefulSet(params manifests.Params) (*appsv1.StatefulSet, error) { }, Spec: corev1.PodSpec{ ServiceAccountName: ServiceAccountName(params.OtelCol), - InitContainers: initContainers, + InitContainers: params.OtelCol.Spec.InitContainers, Containers: append(params.OtelCol.Spec.AdditionalContainers, Container(params.Config, params.Log, params.OtelCol, true)), Volumes: Volumes(params.Config, params.OtelCol), DNSPolicy: getDNSPolicy(params.OtelCol), diff --git a/internal/manifests/collector/volume.go b/internal/manifests/collector/volume.go index d46e56939a..96d7c4b6ab 100644 --- a/internal/manifests/collector/volume.go +++ b/internal/manifests/collector/volume.go @@ -47,14 +47,9 @@ func Volumes(cfg config.Config, otelcol v1beta1.OpenTelemetryCollector) []corev1 Name: naming.TAClientCertificate(otelcol.Name), VolumeSource: corev1.VolumeSource{ Secret: &corev1.SecretVolumeSource{ - SecretName: naming.TAClientCertificate(otelcol.Name), + SecretName: naming.TAClientCertificateSecretName(otelcol.Name), }, }, - }, corev1.Volume{ - Name: "shared-ca-certificates", - VolumeSource: corev1.VolumeSource{ - EmptyDir: &corev1.EmptyDirVolumeSource{}, - }, }) } diff --git a/internal/manifests/manifestutils/utils.go b/internal/manifests/manifestutils/utils.go new file mode 100644 index 0000000000..7fdb0ef1c3 --- /dev/null +++ b/internal/manifests/manifestutils/utils.go @@ -0,0 +1,22 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package manifestutils + +const ( + TLSDirPath = "/tls" + CAFileName = "ca.crt" + TLSKeyFileName = "tls.key" + TLSCertFileName = "tls.crt" +) diff --git a/internal/manifests/targetallocator/certificate.go b/internal/manifests/targetallocator/certificate.go index 2175996072..37cb6092ee 100644 --- a/internal/manifests/targetallocator/certificate.go +++ b/internal/manifests/targetallocator/certificate.go @@ -44,10 +44,6 @@ func CACertificate(params manifests.Params) *cmv1.Certificate { OrganizationalUnits: []string{"opentelemetry-operator"}, }, SecretName: naming.CACertificate(params.TargetAllocator.Name), - PrivateKey: &cmv1.CertificatePrivateKey{ - Algorithm: "ECDSA", - Size: 256, - }, IssuerRef: cmmeta.ObjectReference{ Name: naming.SelfSignedIssuer(params.TargetAllocator.Name), Kind: "Issuer", diff --git a/internal/manifests/targetallocator/configmap.go b/internal/manifests/targetallocator/configmap.go index 09a3c5f48f..a0c287720d 100644 --- a/internal/manifests/targetallocator/configmap.go +++ b/internal/manifests/targetallocator/configmap.go @@ -15,11 +15,14 @@ package targetallocator import ( + "path/filepath" + "gopkg.in/yaml.v2" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" @@ -65,6 +68,15 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { taConfig["prometheus_cr"] = prometheusCRConfig } + if params.Config.CertManagerAvailability() == certmanager.Available { + taConfig["https"] = map[string]interface{}{ + "enabled": true, + "ca_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), + "tls_cert_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), + "tls_key_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), + } + } + taConfigYAML, err := yaml.Marshal(taConfig) if err != nil { return &corev1.ConfigMap{}, err diff --git a/internal/manifests/targetallocator/container.go b/internal/manifests/targetallocator/container.go index 4193b269e8..cc9b54371e 100644 --- a/internal/manifests/targetallocator/container.go +++ b/internal/manifests/targetallocator/container.go @@ -23,6 +23,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -119,14 +120,8 @@ func Container(cfg config.Config, logger logr.Logger, instance v1alpha1.TargetAl }) volumeMounts = append(volumeMounts, corev1.VolumeMount{ Name: naming.TAServerCertificate(instance.Name), - MountPath: "/tls", + MountPath: manifestutils.TLSDirPath, }) - args = append(args, - "--enable-https-server", - "--https-ca-file=/tls/ca.crt", - "--https-tls-cert-file=/tls/tls.crt", - "--https-tls-key-file=/tls/tls.key", - ) } envVars = append(envVars, proxy.ReadProxyVarsFromEnv()...) diff --git a/internal/manifests/targetallocator/volume.go b/internal/manifests/targetallocator/volume.go index c609f551e1..81e796aab8 100644 --- a/internal/manifests/targetallocator/volume.go +++ b/internal/manifests/targetallocator/volume.go @@ -44,7 +44,7 @@ func Volumes(cfg config.Config, instance v1alpha1.TargetAllocator) []corev1.Volu Name: naming.TAServerCertificate(instance.Name), VolumeSource: corev1.VolumeSource{ Secret: &corev1.SecretVolumeSource{ - SecretName: naming.TAServerCertificate(instance.Name), + SecretName: naming.TAServerCertificateSecretName(instance.Name), }, }, }) diff --git a/internal/naming/main.go b/internal/naming/main.go index a4a0882026..0fdc3fca5e 100644 --- a/internal/naming/main.go +++ b/internal/naming/main.go @@ -201,7 +201,17 @@ func TAServerCertificate(otelcol string) string { return DNSName(Truncate("%s-ta-server-cert", 63, otelcol)) } +// TAServerCertificateSecretName returns the Secret name based on the instance. +func TAServerCertificateSecretName(otelcol string) string { + return DNSName(Truncate("%s-ta-server-cert", 63, otelcol)) +} + // TAClientCertificate returns the Certificate name based on the instance. func TAClientCertificate(otelcol string) string { return DNSName(Truncate("%s-ta-client-cert", 63, otelcol)) } + +// TAClientCertificateSecretName returns the Secret name based on the instance. +func TAClientCertificateSecretName(otelcol string) string { + return DNSName(Truncate("%s-ta-client-cert", 63, otelcol)) +} From 2ab7e728849da5ee14108496aeccdeeae8c03b06 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Tue, 11 Jun 2024 10:53:29 +0300 Subject: [PATCH 53/88] Use correct files in TLS config --- internal/manifests/collector/configmap.go | 2 +- internal/manifests/collector/statefulset.go | 1 - internal/manifests/targetallocator/configmap.go | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index 527842c855..c9893b5a0c 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -41,7 +41,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig( filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), - filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), + filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSKeyFileName), naming.TAService(params.OtelCol.Name)), ) } diff --git a/internal/manifests/collector/statefulset.go b/internal/manifests/collector/statefulset.go index cd6c1f20c7..bfb3a70964 100644 --- a/internal/manifests/collector/statefulset.go +++ b/internal/manifests/collector/statefulset.go @@ -19,7 +19,6 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - // "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" diff --git a/internal/manifests/targetallocator/configmap.go b/internal/manifests/targetallocator/configmap.go index a0c287720d..3c2b6ffa3d 100644 --- a/internal/manifests/targetallocator/configmap.go +++ b/internal/manifests/targetallocator/configmap.go @@ -73,7 +73,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { "enabled": true, "ca_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), "tls_cert_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), - "tls_key_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), + "tls_key_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSKeyFileName), } } From 306f6f36c00d378896f72bd446b35f43e63d4811 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Tue, 11 Jun 2024 11:17:12 +0300 Subject: [PATCH 54/88] Added default value to getHttpsListenAddr --- cmd/otel-allocator/config/flags.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/otel-allocator/config/flags.go b/cmd/otel-allocator/config/flags.go index e3f6cdfd22..a7043d57e9 100644 --- a/cmd/otel-allocator/config/flags.go +++ b/cmd/otel-allocator/config/flags.go @@ -75,7 +75,7 @@ func getPrometheusCREnabled(flagSet *pflag.FlagSet) (bool, error) { func getHttpsListenAddr(flagSet *pflag.FlagSet) (value string, changed bool, err error) { if changed = flagSet.Changed(listenAddrHttpsFlagName); !changed { - value, err = "", nil + value, err = ":8443", nil return } value, err = flagSet.GetString(listenAddrHttpsFlagName) From 9e1ae16eb70d0f0387141ab11b14d3a1d02d9293 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 13 Jun 2024 15:41:11 +0300 Subject: [PATCH 55/88] Added flag to enable mTLS between the Target Allocator and the Collector. go mod cleanup --- ...ntelemetry-operator.clusterserviceversion.yaml | 1 + config/manager/manager.yaml | 1 + go.mod | 15 +++++---------- go.sum | 4 ++-- main.go | 9 +++++++-- 5 files changed, 16 insertions(+), 14 deletions(-) diff --git a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml index a404a30ec1..fcec5b9d7a 100644 --- a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml +++ b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml @@ -499,6 +499,7 @@ spec: - --zap-log-level=info - --zap-time-encoding=rfc3339nano - --enable-nginx-instrumentation=true + - --enable-target-allocator-mtls=false env: - name: SERVICE_ACCOUNT_NAME valueFrom: diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index b15e4abfd6..4e46fcf984 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -33,6 +33,7 @@ spec: - "--zap-log-level=info" - "--zap-time-encoding=rfc3339nano" - "--enable-nginx-instrumentation=true" + - "--enable-target-allocator-mtls=false" image: controller name: manager livenessProbe: diff --git a/go.mod b/go.mod index ea4aa060b5..fad89a9a1a 100644 --- a/go.mod +++ b/go.mod @@ -59,19 +59,10 @@ require ( ) require ( + cloud.google.com/go/compute/metadata v0.3.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 // indirect github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 // indirect - github.com/docker/go-units v0.5.0 // indirect - github.com/efficientgo/core v1.0.0-rc.2 // indirect - github.com/envoyproxy/go-control-plane v0.12.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0 // indirect -) - -require ( - cloud.google.com/go/compute/metadata v0.3.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.6.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4 v4.3.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect @@ -97,8 +88,11 @@ require ( github.com/distribution/reference v0.5.0 // indirect github.com/docker/docker v26.0.2+incompatible // indirect github.com/docker/go-connections v0.4.0 // indirect + github.com/docker/go-units v0.5.0 // indirect github.com/edsrzf/mmap-go v1.1.0 // indirect + github.com/efficientgo/core v1.0.0-rc.2 // indirect github.com/emicklei/go-restful/v3 v3.11.2 // indirect + github.com/envoyproxy/go-control-plane v0.12.0 // indirect github.com/envoyproxy/protoc-gen-validate v1.0.4 // indirect github.com/evanphx/json-patch v5.9.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.8.0 // indirect @@ -207,6 +201,7 @@ require ( go.mongodb.org/mongo-driver v1.14.0 // indirect go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.26.0 // indirect go.opentelemetry.io/otel/trace v1.27.0 // indirect go.opentelemetry.io/proto/otlp v1.2.0 // indirect go.uber.org/atomic v1.11.0 // indirect diff --git a/go.sum b/go.sum index 38b0e22e78..cd00796340 100644 --- a/go.sum +++ b/go.sum @@ -642,8 +642,8 @@ go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/collector/featuregate v1.9.0 h1:mC4/HnR5cx/kkG1RKOQAvHxxg5Ktmd9gpFdttPEXQtA= go.opentelemetry.io/collector/featuregate v1.9.0/go.mod h1:PsOINaGgTiFc+Tzu2K/X2jP+Ngmlp7YKGV1XrnBkH7U= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 h1:cEPbyTSEHlQR89XVlyo78gqluF8Y3oMeBkXGWzQsfXY= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0/go.mod h1:DKdbWcT4GH1D0Y3Sqt/PFXt2naRKDWtU+eE6oLdFNA8= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 h1:Xs2Ncz0gNihqu9iosIZ5SkBbWo5T8JhhLJFMQL1qmLI= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0/go.mod h1:vy+2G/6NvVMpwGX/NyLqcC41fxepnuKHk16E6IZUcJc= go.opentelemetry.io/otel v1.27.0 h1:9BZoF3yMK/O1AafMiQTVu0YDj5Ea4hPhxCs7sGva+cg= go.opentelemetry.io/otel v1.27.0/go.mod h1:DMpAK8fzYRzs+bi3rS5REupisuqTheUlSZJ1WnZaPAQ= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0 h1:CIHWikMsN3wO+wq1Tp5VGdVRTcON+DmOJSfDjXypKOc= diff --git a/main.go b/main.go index 13c65044e9..f8c9de260d 100644 --- a/main.go +++ b/main.go @@ -140,6 +140,7 @@ func main() { encodeLevelKey string encodeTimeKey string encodeLevelFormat string + enableTargetAllocatorMTLS bool ) pflag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.") @@ -178,6 +179,7 @@ func main() { pflag.StringVar(&encodeTimeKey, "zap-time-key", "timestamp", "The time key to be used in the customized Log Encoder") pflag.StringVar(&encodeLevelFormat, "zap-level-format", "uppercase", "The level format to be used in the customized Log Encoder") pflag.IntVar(&webhookPort, "webhook-port", 9443, "The port the webhook endpoint binds to.") + pflag.BoolVar(&enableTargetAllocatorMTLS, constants.FlagTargetAllocatorMTLS, false, "Enable mTLS connection between the target allocator and the collector") pflag.Parse() opts.EncoderConfigOptions = append(opts.EncoderConfigOptions, func(ec *zapcore.EncoderConfig) { @@ -221,6 +223,7 @@ func main() { "zap-level-key", encodeLevelKey, "zap-time-key", encodeTimeKey, "zap-level-format", encodeLevelFormat, + "enable-target-allocator-mtls", enableTargetAllocatorMTLS, ) restConfig := ctrl.GetConfigOrDie() @@ -312,6 +315,7 @@ func main() { config.WithAutoDetect(ad), config.WithLabelFilters(labelsFilter), config.WithAnnotationFilters(annotationsFilter), + config.WithEnableTargetAllocatorMTLS(enableTargetAllocatorMTLS), ) err = cfg.AutoDetect() if err != nil { @@ -333,11 +337,12 @@ func main() { if cfg.CertManagerAvailability() == certmanager.Available { setupLog.Info("Cert-Manager is installed, adding to scheme.") utilruntime.Must(cmv1.AddToScheme(scheme)) - setupLog.Info("Securing the connection between the target allocator and the collector") } else { setupLog.Info("Cert-Manager is not installed, skipping adding to scheme.") } - + if cfg.EnableTargetAllocatorMTLS() { + setupLog.Info("Securing the connection between the target allocator and the collector") + } if cfg.AnnotationsFilter() != nil { for _, basePattern := range cfg.AnnotationsFilter() { _, compileErr := regexp.Compile(basePattern) From caa497eebf87335c74e360181c842563af06040b Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 13 Jun 2024 15:47:40 +0300 Subject: [PATCH 56/88] Using the enable mTLS flag --- internal/config/main.go | 7 +++++++ internal/config/options.go | 7 +++++++ internal/manifests/collector/configmap.go | 2 +- internal/manifests/collector/container.go | 2 +- internal/manifests/collector/volume.go | 2 +- internal/manifests/targetallocator/configmap.go | 2 +- internal/manifests/targetallocator/container.go | 2 +- internal/manifests/targetallocator/service.go | 2 +- internal/manifests/targetallocator/targetallocator.go | 2 +- internal/manifests/targetallocator/volume.go | 2 +- main.go | 7 ++++--- 11 files changed, 26 insertions(+), 11 deletions(-) diff --git a/internal/config/main.go b/internal/config/main.go index 90ef316365..4168682463 100644 --- a/internal/config/main.go +++ b/internal/config/main.go @@ -70,6 +70,7 @@ type Config struct { certManagerAvailability certmanager.Availability labelsFilter []string annotationsFilter []string + enableTargetAllocatorMTLS bool } // New constructs a new configuration based on the given options. @@ -123,6 +124,7 @@ func New(opts ...Option) Config { labelsFilter: o.labelsFilter, annotationsFilter: o.annotationsFilter, createRBACPermissions: o.createRBACPermissions, + enableTargetAllocatorMTLS: o.enableTargetAllocatorMTLS, } } @@ -252,6 +254,11 @@ func (c *Config) CertManagerAvailability() certmanager.Availability { return c.certManagerAvailability } +// EnableTargetAllocatorMTLS returns true when the operator supports mTLS between the collector and the target allocator. +func (c *Config) EnableTargetAllocatorMTLS() bool { + return c.enableTargetAllocatorMTLS +} + // AutoInstrumentationJavaImage returns OpenTelemetry Java auto-instrumentation container image. func (c *Config) AutoInstrumentationJavaImage() string { return c.autoInstrumentationJavaImage diff --git a/internal/config/options.go b/internal/config/options.go index 6046dcc356..19da765e18 100644 --- a/internal/config/options.go +++ b/internal/config/options.go @@ -60,6 +60,7 @@ type options struct { certManagerAvailability certmanager.Availability labelsFilter []string annotationsFilter []string + enableTargetAllocatorMTLS bool } func WithAutoDetect(a autodetect.AutoDetect) Option { @@ -214,6 +215,12 @@ func WithCertManagerAvailability(cmAvl certmanager.Availability) Option { } } +func WithEnableTargetAllocatorMTLS(mtls bool) Option { + return func(o *options) { + o.enableTargetAllocatorMTLS = mtls + } +} + func WithLabelFilters(labelFilters []string) Option { return func(o *options) { o.labelsFilter = append(o.labelsFilter, labelFilters...) diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index c9893b5a0c..427a6377ae 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -37,7 +37,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { labels := manifestutils.Labels(params.OtelCol.ObjectMeta, collectorName, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) replaceCfgOpts := []ta.TAOption{} - if params.Config.CertManagerAvailability() == certmanager.Available { + if params.Config.CertManagerAvailability() == certmanager.Available && params.Config.EnableTargetAllocatorMTLS() { replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig( filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), diff --git a/internal/manifests/collector/container.go b/internal/manifests/collector/container.go index 24c4e14990..8641d3daae 100644 --- a/internal/manifests/collector/container.go +++ b/internal/manifests/collector/container.go @@ -93,7 +93,7 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme }) } - if cfg.CertManagerAvailability() == certmanager.Available { + if cfg.CertManagerAvailability() == certmanager.Available && cfg.EnableTargetAllocatorMTLS() { volumeMounts = append(volumeMounts, corev1.VolumeMount{ Name: naming.TAClientCertificate(otelcol.Name), diff --git a/internal/manifests/collector/volume.go b/internal/manifests/collector/volume.go index 96d7c4b6ab..2023d764e9 100644 --- a/internal/manifests/collector/volume.go +++ b/internal/manifests/collector/volume.go @@ -42,7 +42,7 @@ func Volumes(cfg config.Config, otelcol v1beta1.OpenTelemetryCollector) []corev1 }, }} - if cfg.CertManagerAvailability() == certmanager.Available { + if cfg.CertManagerAvailability() == certmanager.Available && cfg.EnableTargetAllocatorMTLS() { volumes = append(volumes, corev1.Volume{ Name: naming.TAClientCertificate(otelcol.Name), VolumeSource: corev1.VolumeSource{ diff --git a/internal/manifests/targetallocator/configmap.go b/internal/manifests/targetallocator/configmap.go index 748be74034..aba9f17470 100644 --- a/internal/manifests/targetallocator/configmap.go +++ b/internal/manifests/targetallocator/configmap.go @@ -70,7 +70,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { taConfig["prometheus_cr"] = prometheusCRConfig } - if params.Config.CertManagerAvailability() == certmanager.Available { + if params.Config.CertManagerAvailability() == certmanager.Available && params.Config.EnableTargetAllocatorMTLS() { taConfig["https"] = map[string]interface{}{ "enabled": true, "ca_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), diff --git a/internal/manifests/targetallocator/container.go b/internal/manifests/targetallocator/container.go index d70ea9a130..3247d03702 100644 --- a/internal/manifests/targetallocator/container.go +++ b/internal/manifests/targetallocator/container.go @@ -121,7 +121,7 @@ func Container(cfg config.Config, logger logr.Logger, instance v1alpha1.TargetAl }, } - if cfg.CertManagerAvailability() == certmanager.Available { + if cfg.CertManagerAvailability() == certmanager.Available && cfg.EnableTargetAllocatorMTLS() { ports = append(ports, corev1.ContainerPort{ Name: "https", ContainerPort: 8443, diff --git a/internal/manifests/targetallocator/service.go b/internal/manifests/targetallocator/service.go index b72bb415f9..fa3e71c697 100644 --- a/internal/manifests/targetallocator/service.go +++ b/internal/manifests/targetallocator/service.go @@ -36,7 +36,7 @@ func Service(params manifests.Params) *corev1.Service { Port: 80, TargetPort: intstr.FromString("http")}) - if params.Config.CertManagerAvailability() == certmanager.Available { + if params.Config.CertManagerAvailability() == certmanager.Available && params.Config.EnableTargetAllocatorMTLS() { ports = append(ports, corev1.ServicePort{ Name: "http-metrics", Port: 443, diff --git a/internal/manifests/targetallocator/targetallocator.go b/internal/manifests/targetallocator/targetallocator.go index 41797bc5d7..ae80660b93 100644 --- a/internal/manifests/targetallocator/targetallocator.go +++ b/internal/manifests/targetallocator/targetallocator.go @@ -44,7 +44,7 @@ func Build(params manifests.Params) ([]client.Object, error) { resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(ServiceMonitor)) } - if params.Config.CertManagerAvailability() == certmanager.Available { + if params.Config.CertManagerAvailability() == certmanager.Available && params.Config.EnableTargetAllocatorMTLS() { resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(SelfSignedIssuer)) resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(CACertificate)) resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(CAIssuer)) diff --git a/internal/manifests/targetallocator/volume.go b/internal/manifests/targetallocator/volume.go index 81e796aab8..bf35b38d0e 100644 --- a/internal/manifests/targetallocator/volume.go +++ b/internal/manifests/targetallocator/volume.go @@ -39,7 +39,7 @@ func Volumes(cfg config.Config, instance v1alpha1.TargetAllocator) []corev1.Volu }, }} - if cfg.CertManagerAvailability() == certmanager.Available { + if cfg.CertManagerAvailability() == certmanager.Available && cfg.EnableTargetAllocatorMTLS() { volumes = append(volumes, corev1.Volume{ Name: naming.TAServerCertificate(instance.Name), VolumeSource: corev1.VolumeSource{ diff --git a/main.go b/main.go index f8c9de260d..bf445b99e0 100644 --- a/main.go +++ b/main.go @@ -337,12 +337,13 @@ func main() { if cfg.CertManagerAvailability() == certmanager.Available { setupLog.Info("Cert-Manager is installed, adding to scheme.") utilruntime.Must(cmv1.AddToScheme(scheme)) + + if cfg.EnableTargetAllocatorMTLS() { + setupLog.Info("Securing the connection between the target allocator and the collector") + } } else { setupLog.Info("Cert-Manager is not installed, skipping adding to scheme.") } - if cfg.EnableTargetAllocatorMTLS() { - setupLog.Info("Securing the connection between the target allocator and the collector") - } if cfg.AnnotationsFilter() != nil { for _, basePattern := range cfg.AnnotationsFilter() { _, compileErr := regexp.Compile(basePattern) From a4aacecf713aa50842a37d70c7effdb76eb8fa18 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Sun, 16 Jun 2024 08:07:59 +0300 Subject: [PATCH 57/88] Using feature gate in place of command line flags to enable the feature --- internal/config/main.go | 7 ------- internal/config/options.go | 7 ------- internal/manifests/collector/configmap.go | 3 ++- internal/manifests/collector/container.go | 2 +- internal/manifests/collector/volume.go | 3 ++- internal/manifests/targetallocator/configmap.go | 3 ++- internal/manifests/targetallocator/container.go | 2 +- internal/manifests/targetallocator/service.go | 3 ++- internal/manifests/targetallocator/targetallocator.go | 2 +- internal/manifests/targetallocator/volume.go | 3 ++- main.go | 6 +----- pkg/featuregate/featuregate.go | 7 +++++++ 12 files changed, 21 insertions(+), 27 deletions(-) diff --git a/internal/config/main.go b/internal/config/main.go index 4168682463..90ef316365 100644 --- a/internal/config/main.go +++ b/internal/config/main.go @@ -70,7 +70,6 @@ type Config struct { certManagerAvailability certmanager.Availability labelsFilter []string annotationsFilter []string - enableTargetAllocatorMTLS bool } // New constructs a new configuration based on the given options. @@ -124,7 +123,6 @@ func New(opts ...Option) Config { labelsFilter: o.labelsFilter, annotationsFilter: o.annotationsFilter, createRBACPermissions: o.createRBACPermissions, - enableTargetAllocatorMTLS: o.enableTargetAllocatorMTLS, } } @@ -254,11 +252,6 @@ func (c *Config) CertManagerAvailability() certmanager.Availability { return c.certManagerAvailability } -// EnableTargetAllocatorMTLS returns true when the operator supports mTLS between the collector and the target allocator. -func (c *Config) EnableTargetAllocatorMTLS() bool { - return c.enableTargetAllocatorMTLS -} - // AutoInstrumentationJavaImage returns OpenTelemetry Java auto-instrumentation container image. func (c *Config) AutoInstrumentationJavaImage() string { return c.autoInstrumentationJavaImage diff --git a/internal/config/options.go b/internal/config/options.go index 19da765e18..6046dcc356 100644 --- a/internal/config/options.go +++ b/internal/config/options.go @@ -60,7 +60,6 @@ type options struct { certManagerAvailability certmanager.Availability labelsFilter []string annotationsFilter []string - enableTargetAllocatorMTLS bool } func WithAutoDetect(a autodetect.AutoDetect) Option { @@ -215,12 +214,6 @@ func WithCertManagerAvailability(cmAvl certmanager.Availability) Option { } } -func WithEnableTargetAllocatorMTLS(mtls bool) Option { - return func(o *options) { - o.enableTargetAllocatorMTLS = mtls - } -} - func WithLabelFilters(labelFilters []string) Option { return func(o *options) { o.labelsFilter = append(o.labelsFilter, labelFilters...) diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index 427a6377ae..94c7f38904 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -25,6 +25,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" ta "github.com/open-telemetry/opentelemetry-operator/internal/manifests/targetallocator/adapters" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { @@ -37,7 +38,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { labels := manifestutils.Labels(params.OtelCol.ObjectMeta, collectorName, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) replaceCfgOpts := []ta.TAOption{} - if params.Config.CertManagerAvailability() == certmanager.Available && params.Config.EnableTargetAllocatorMTLS() { + if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig( filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), diff --git a/internal/manifests/collector/container.go b/internal/manifests/collector/container.go index 8641d3daae..dee293c9fe 100644 --- a/internal/manifests/collector/container.go +++ b/internal/manifests/collector/container.go @@ -93,7 +93,7 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme }) } - if cfg.CertManagerAvailability() == certmanager.Available && cfg.EnableTargetAllocatorMTLS() { + if cfg.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { volumeMounts = append(volumeMounts, corev1.VolumeMount{ Name: naming.TAClientCertificate(otelcol.Name), diff --git a/internal/manifests/collector/volume.go b/internal/manifests/collector/volume.go index 2023d764e9..f1bd201056 100644 --- a/internal/manifests/collector/volume.go +++ b/internal/manifests/collector/volume.go @@ -23,6 +23,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) // Volumes builds the volumes for the given instance, including the config map volume. @@ -42,7 +43,7 @@ func Volumes(cfg config.Config, otelcol v1beta1.OpenTelemetryCollector) []corev1 }, }} - if cfg.CertManagerAvailability() == certmanager.Available && cfg.EnableTargetAllocatorMTLS() { + if cfg.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { volumes = append(volumes, corev1.Volume{ Name: naming.TAClientCertificate(otelcol.Name), VolumeSource: corev1.VolumeSource{ diff --git a/internal/manifests/targetallocator/configmap.go b/internal/manifests/targetallocator/configmap.go index aba9f17470..0ee66efe18 100644 --- a/internal/manifests/targetallocator/configmap.go +++ b/internal/manifests/targetallocator/configmap.go @@ -26,6 +26,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) const ( @@ -70,7 +71,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { taConfig["prometheus_cr"] = prometheusCRConfig } - if params.Config.CertManagerAvailability() == certmanager.Available && params.Config.EnableTargetAllocatorMTLS() { + if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { taConfig["https"] = map[string]interface{}{ "enabled": true, "ca_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), diff --git a/internal/manifests/targetallocator/container.go b/internal/manifests/targetallocator/container.go index 3247d03702..5b39b533eb 100644 --- a/internal/manifests/targetallocator/container.go +++ b/internal/manifests/targetallocator/container.go @@ -121,7 +121,7 @@ func Container(cfg config.Config, logger logr.Logger, instance v1alpha1.TargetAl }, } - if cfg.CertManagerAvailability() == certmanager.Available && cfg.EnableTargetAllocatorMTLS() { + if cfg.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { ports = append(ports, corev1.ContainerPort{ Name: "https", ContainerPort: 8443, diff --git a/internal/manifests/targetallocator/service.go b/internal/manifests/targetallocator/service.go index fa3e71c697..799bcf34a6 100644 --- a/internal/manifests/targetallocator/service.go +++ b/internal/manifests/targetallocator/service.go @@ -23,6 +23,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) func Service(params manifests.Params) *corev1.Service { @@ -36,7 +37,7 @@ func Service(params manifests.Params) *corev1.Service { Port: 80, TargetPort: intstr.FromString("http")}) - if params.Config.CertManagerAvailability() == certmanager.Available && params.Config.EnableTargetAllocatorMTLS() { + if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { ports = append(ports, corev1.ServicePort{ Name: "http-metrics", Port: 443, diff --git a/internal/manifests/targetallocator/targetallocator.go b/internal/manifests/targetallocator/targetallocator.go index ae80660b93..d9c95c828c 100644 --- a/internal/manifests/targetallocator/targetallocator.go +++ b/internal/manifests/targetallocator/targetallocator.go @@ -44,7 +44,7 @@ func Build(params manifests.Params) ([]client.Object, error) { resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(ServiceMonitor)) } - if params.Config.CertManagerAvailability() == certmanager.Available && params.Config.EnableTargetAllocatorMTLS() { + if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(SelfSignedIssuer)) resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(CACertificate)) resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(CAIssuer)) diff --git a/internal/manifests/targetallocator/volume.go b/internal/manifests/targetallocator/volume.go index bf35b38d0e..c78b736254 100644 --- a/internal/manifests/targetallocator/volume.go +++ b/internal/manifests/targetallocator/volume.go @@ -21,6 +21,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) // Volumes builds the volumes for the given instance, including the config map volume. @@ -39,7 +40,7 @@ func Volumes(cfg config.Config, instance v1alpha1.TargetAllocator) []corev1.Volu }, }} - if cfg.CertManagerAvailability() == certmanager.Available && cfg.EnableTargetAllocatorMTLS() { + if cfg.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { volumes = append(volumes, corev1.Volume{ Name: naming.TAServerCertificate(instance.Name), VolumeSource: corev1.VolumeSource{ diff --git a/main.go b/main.go index bf445b99e0..ebd9915156 100644 --- a/main.go +++ b/main.go @@ -140,7 +140,6 @@ func main() { encodeLevelKey string encodeTimeKey string encodeLevelFormat string - enableTargetAllocatorMTLS bool ) pflag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.") @@ -179,7 +178,6 @@ func main() { pflag.StringVar(&encodeTimeKey, "zap-time-key", "timestamp", "The time key to be used in the customized Log Encoder") pflag.StringVar(&encodeLevelFormat, "zap-level-format", "uppercase", "The level format to be used in the customized Log Encoder") pflag.IntVar(&webhookPort, "webhook-port", 9443, "The port the webhook endpoint binds to.") - pflag.BoolVar(&enableTargetAllocatorMTLS, constants.FlagTargetAllocatorMTLS, false, "Enable mTLS connection between the target allocator and the collector") pflag.Parse() opts.EncoderConfigOptions = append(opts.EncoderConfigOptions, func(ec *zapcore.EncoderConfig) { @@ -223,7 +221,6 @@ func main() { "zap-level-key", encodeLevelKey, "zap-time-key", encodeTimeKey, "zap-level-format", encodeLevelFormat, - "enable-target-allocator-mtls", enableTargetAllocatorMTLS, ) restConfig := ctrl.GetConfigOrDie() @@ -315,7 +312,6 @@ func main() { config.WithAutoDetect(ad), config.WithLabelFilters(labelsFilter), config.WithAnnotationFilters(annotationsFilter), - config.WithEnableTargetAllocatorMTLS(enableTargetAllocatorMTLS), ) err = cfg.AutoDetect() if err != nil { @@ -338,7 +334,7 @@ func main() { setupLog.Info("Cert-Manager is installed, adding to scheme.") utilruntime.Must(cmv1.AddToScheme(scheme)) - if cfg.EnableTargetAllocatorMTLS() { + if featuregate.EnableTargetAllocatorMTLS.IsEnabled() { setupLog.Info("Securing the connection between the target allocator and the collector") } } else { diff --git a/pkg/featuregate/featuregate.go b/pkg/featuregate/featuregate.go index f50095e874..ae1b50932c 100644 --- a/pkg/featuregate/featuregate.go +++ b/pkg/featuregate/featuregate.go @@ -40,6 +40,13 @@ var ( featuregate.WithRegisterDescription("enables feature to set GOMEMLIMIT and GOMAXPROCS automatically"), featuregate.WithRegisterFromVersion("v0.100.0"), ) + + EnableTargetAllocatorMTLS = featuregate.GlobalRegistry().MustRegister( + "operator.targetallocator.mtls", + featuregate.StageAlpha, + featuregate.WithRegisterDescription("enables mTLS between the target allocator and the collector"), + featuregate.WithRegisterFromVersion("v0.102.0"), + ) ) // Flags creates a new FlagSet that represents the available featuregate flags using the supplied featuregate registry. From 94363e0c2ebe89a6ada91e09f0dc1afeff4a9171 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Sun, 16 Jun 2024 08:08:30 +0300 Subject: [PATCH 58/88] Removed flag from manager yaml --- config/manager/manager.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 4e46fcf984..b15e4abfd6 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -33,7 +33,6 @@ spec: - "--zap-log-level=info" - "--zap-time-encoding=rfc3339nano" - "--enable-nginx-instrumentation=true" - - "--enable-target-allocator-mtls=false" image: controller name: manager livenessProbe: From 2ef561bc6f8bf7feed0a1582eb9aa7c5b5c99ce7 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Sun, 16 Jun 2024 08:11:03 +0300 Subject: [PATCH 59/88] Added featuregate func description --- pkg/featuregate/featuregate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/featuregate/featuregate.go b/pkg/featuregate/featuregate.go index ae1b50932c..d30bde4f0b 100644 --- a/pkg/featuregate/featuregate.go +++ b/pkg/featuregate/featuregate.go @@ -40,7 +40,7 @@ var ( featuregate.WithRegisterDescription("enables feature to set GOMEMLIMIT and GOMAXPROCS automatically"), featuregate.WithRegisterFromVersion("v0.100.0"), ) - + // EnableTargetAllocatorMTLS is the feature gate that enables mTLS between the target allocator and the collector. EnableTargetAllocatorMTLS = featuregate.GlobalRegistry().MustRegister( "operator.targetallocator.mtls", featuregate.StageAlpha, From afdacb6b029d24215d324da4a71367f78f40553c Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 4 Jul 2024 09:48:56 +0300 Subject: [PATCH 60/88] Initial unit/e2e tests. some cleanup --- .github/workflows/e2e.yaml | 3 + Makefile | 5 + ...emetry-operator.clusterserviceversion.yaml | 1 - .../config/testdata/config_test.yaml | 1 + controllers/suite_test.go | 9 + internal/autodetect/main_test.go | 92 +++++++++ internal/manifests/collector/configmap.go | 1 + .../manifests/targetallocator/configmap.go | 1 + .../ta-collector-mtls/00-assert.yaml | 46 +++++ .../ta-collector-mtls/00-install.yaml | 194 ++++++++++++++++++ .../ta-collector-mtls/chainsaw-test.yaml | 24 +++ 11 files changed, 376 insertions(+), 1 deletion(-) create mode 100644 tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml create mode 100644 tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml create mode 100755 tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 8bb6dc6bee..2e322eac9c 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -34,6 +34,7 @@ jobs: - e2e-upgrade - e2e-multi-instrumentation - e2e-metadata-filters + - e2e-ta-collector-mtls include: - group: e2e-instrumentation setup: "add-instrumentation-params prepare-e2e" @@ -41,6 +42,8 @@ jobs: setup: "add-multi-instrumentation-params prepare-e2e" - group: e2e-metadata-filters setup: "add-operator-arg OPERATOR_ARG='--annotations-filter=.*filter.out --annotations-filter=config.*.gke.io.* --labels=.*filter.out' prepare-e2e" + - group: e2e-ta-collector-mtls + setup: "add-operator-arg OPERATOR_ARG='--feature-gates=operator.targetallocator.mtls' prepare-e2e" - group: e2e-automatic-rbac setup: "add-rbac-permissions-to-operator prepare-e2e" steps: diff --git a/Makefile b/Makefile index b8e4fd3656..5dcda85099 100644 --- a/Makefile +++ b/Makefile @@ -273,6 +273,11 @@ e2e-prometheuscr: chainsaw e2e-targetallocator: chainsaw $(CHAINSAW) test --test-dir ./tests/e2e-targetallocator +# Target allocator collector mTLS end-to-tests +.PHONY: e2e-ta-collector-mtls +e2e-ta-collector-mtls: chainsaw + $(CHAINSAW) test --test-dir ./tests/e2e-ta-collector-mtls + # end-to-end-test for Annotations/Labels Filters .PHONY: e2e-metadata-filters e2e-metadata-filters: chainsaw diff --git a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml index fcec5b9d7a..a404a30ec1 100644 --- a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml +++ b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml @@ -499,7 +499,6 @@ spec: - --zap-log-level=info - --zap-time-encoding=rfc3339nano - --enable-nginx-instrumentation=true - - --enable-target-allocator-mtls=false env: - name: SERVICE_ACCOUNT_NAME valueFrom: diff --git a/cmd/otel-allocator/config/testdata/config_test.yaml b/cmd/otel-allocator/config/testdata/config_test.yaml index bcb220adf8..47a3226517 100644 --- a/cmd/otel-allocator/config/testdata/config_test.yaml +++ b/cmd/otel-allocator/config/testdata/config_test.yaml @@ -7,6 +7,7 @@ prometheus_cr: scrape_interval: 60s https: enabled: true + listen_addr: :8443 ca_file_path: /path/to/ca.pem tls_cert_file_path: /path/to/cert.pem tls_key_file_path: /path/to/key.pem diff --git a/controllers/suite_test.go b/controllers/suite_test.go index 0b8ee89adf..525b57a831 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -55,6 +55,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/prometheus" autoRBAC "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/rbac" @@ -99,6 +100,7 @@ type mockAutoDetect struct { OpenShiftRoutesAvailabilityFunc func() (openshift.RoutesAvailability, error) PrometheusCRsAvailabilityFunc func() (prometheus.Availability, error) RBACPermissionsFunc func(ctx context.Context) (autoRBAC.Availability, error) + CertManagerAvailabilityFunc func(ctx context.Context) (certmanager.Availability, error) } func (m *mockAutoDetect) PrometheusCRsAvailability() (prometheus.Availability, error) { @@ -122,6 +124,13 @@ func (m *mockAutoDetect) RBACPermissions(ctx context.Context) (autoRBAC.Availabi return autoRBAC.NotAvailable, nil } +func (m *mockAutoDetect) CertManagerAvailability(ctx context.Context) (certmanager.Availability, error) { + if m.CertManagerAvailabilityFunc != nil { + return m.CertManagerAvailabilityFunc(ctx) + } + return certmanager.NotAvailable, nil +} + func TestMain(m *testing.M) { ctx, cancel = context.WithCancel(context.TODO()) defer cancel() diff --git a/internal/autodetect/main_test.go b/internal/autodetect/main_test.go index 387b72d721..82e7a2a093 100644 --- a/internal/autodetect/main_test.go +++ b/internal/autodetect/main_test.go @@ -34,6 +34,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/autodetect" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/autodetectutils" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/openshift" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/prometheus" autoRBAC "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/rbac" @@ -268,3 +269,94 @@ func TestDetectRBACPermissionsBasedOnAvailableClusterRoles(t *testing.T) { }) } } + +func TestCertManagerAvailability(t *testing.T) { + // test data + for _, tt := range []struct { + description string + apiGroupList *metav1.APIGroupList + expectedAvailability certmanager.Availability + namespace string + serviceAccount string + clientGenerator fakeClientGenerator + shouldError bool + }{ + { + description: "CertManager is not installed", + namespace: "default", + serviceAccount: "defaultSA", + apiGroupList: &metav1.APIGroupList{}, + expectedAvailability: certmanager.NotAvailable, + clientGenerator: reactorFactory(v1.SubjectAccessReviewStatus{ + Allowed: true, + }), + shouldError: false, + }, + { + description: "CertManager is installed but RBAC permissions are not granted", + namespace: "default", + serviceAccount: "defaultSA", + apiGroupList: &metav1.APIGroupList{ + Groups: []metav1.APIGroup{ + { + Name: "cert-manager.io", + }, + }, + }, + expectedAvailability: certmanager.NotAvailable, + clientGenerator: reactorFactory(v1.SubjectAccessReviewStatus{ + Allowed: false, + }), + shouldError: true, + }, + { + description: "CertManager is installed and RBAC permissions are granted", + namespace: "default", + serviceAccount: "defaultSA", + apiGroupList: &metav1.APIGroupList{ + Groups: []metav1.APIGroup{ + { + Name: "cert-manager.io", + }, + }, + }, + expectedAvailability: certmanager.Available, + clientGenerator: reactorFactory(v1.SubjectAccessReviewStatus{ + Allowed: true, + }), + shouldError: false, + }, + } { + t.Run(tt.description, func(t *testing.T) { + t.Setenv(autodetectutils.NAMESPACE_ENV_VAR, tt.namespace) + t.Setenv(autodetectutils.SA_ENV_VAR, tt.serviceAccount) + + server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + output, err := json.Marshal(tt.apiGroupList) + require.NoError(t, err) + + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(http.StatusOK) + _, err = w.Write(output) + require.NoError(t, err) + })) + defer server.Close() + + r := rbac.NewReviewer(tt.clientGenerator()) + + aD, err := autodetect.New(&rest.Config{Host: server.URL}, r) + require.NoError(t, err) + + // test + cma, err := aD.CertManagerAvailability(context.Background()) + + // verify + assert.Equal(t, tt.expectedAvailability, cma) + if tt.shouldError { + require.Error(t, err) + } else { + assert.NoError(t, err) + } + }) + } +} diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index 94c7f38904..be4812acfd 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -38,6 +38,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { labels := manifestutils.Labels(params.OtelCol.ObjectMeta, collectorName, params.OtelCol.Spec.Image, ComponentOpenTelemetryCollector, []string{}) replaceCfgOpts := []ta.TAOption{} + if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig( filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), diff --git a/internal/manifests/targetallocator/configmap.go b/internal/manifests/targetallocator/configmap.go index 0ee66efe18..bcf9a6caec 100644 --- a/internal/manifests/targetallocator/configmap.go +++ b/internal/manifests/targetallocator/configmap.go @@ -74,6 +74,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { taConfig["https"] = map[string]interface{}{ "enabled": true, + "listen_addr": ":8443", "ca_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), "tls_cert_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), "tls_key_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSKeyFileName), diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml new file mode 100644 index 0000000000..23b343ca2a --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml @@ -0,0 +1,46 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: prometheus-cr-collector +status: + readyReplicas: 1 + replicas: 1 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: prometheus-cr-targetallocator +status: + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: prometheus-cr-targetallocator +--- +apiVersion: v1 +data: + collector.yaml: | + exporters: + prometheus: + endpoint: 0.0.0.0:9090 + receivers: + prometheus: + config: {} + target_allocator: + collector_id: ${POD_NAME} + endpoint: https://prometheus-cr-targetallocator:443 + interval: 30s + service: + pipelines: + metrics: + exporters: + - prometheus + processors: [] + receivers: + - prometheus +kind: ConfigMap +metadata: + name: prometheus-cr-collector-b88fa6e7 diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml new file mode 100644 index 0000000000..dcee78c452 --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml @@ -0,0 +1,194 @@ +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + name: ta +--- +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + name: collector +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: targetallocator-prometheuscr +rules: +- apiGroups: + - "" + resources: + - pods + - nodes + - services + - endpoints + - configmaps + - secrets + - namespaces + verbs: + - get + - watch + - list +- apiGroups: + - apps + resources: + - statefulsets + - services + - endpoints + verbs: + - get + - watch + - list +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - get + - watch + - list +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - watch + - list +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + - podmonitors + verbs: + - get + - watch + - list +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: collector-prometheuscr +rules: +- apiGroups: + - "" + resources: + - pods + - nodes + - nodes/metrics + - services + - endpoints + - namespaces + verbs: + - get + - watch + - list +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - watch + - list +- nonResourceURLs: + - /metrics + - /metrics/cadvisor + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: opentelemetry-operator-manager-certmanager-role +rules: +- apiGroups: + - cert-manager.io + resources: + - issuers + - certificaterequests + - certificates + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: (join('-', ['ta', $namespace])) +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: targetallocator-prometheuscr +subjects: +- kind: ServiceAccount + name: ta + namespace: ($namespace) +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: (join('-', ['collector', $namespace])) +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: collector-prometheuscr +subjects: +- kind: ServiceAccount + name: collector + namespace: ($namespace) +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/name: opentelemetry-operator + name: opentelemetry-operator-manager-certmanager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: opentelemetry-operator-manager-certmanager-role +subjects: + - kind: ServiceAccount + name: opentelemetry-operator-controller-manager + namespace: opentelemetry-operator-system +--- +apiVersion: opentelemetry.io/v1alpha1 +kind: OpenTelemetryCollector +metadata: + name: prometheus-cr +spec: + config: | + receivers: + prometheus: + config: + scrape_configs: [] + + processors: + + exporters: + prometheus: + endpoint: 0.0.0.0:9090 + service: + pipelines: + metrics: + receivers: [prometheus] + processors: [] + exporters: [prometheus] + mode: statefulset + serviceAccount: collector + targetAllocator: + enabled: true + prometheusCR: + enabled: true + scrapeInterval: 1s + serviceAccount: ta diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml new file mode 100755 index 0000000000..bbdbe75432 --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml @@ -0,0 +1,24 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json +apiVersion: chainsaw.kyverno.io/v1alpha1 +kind: Test +metadata: + creationTimestamp: null + name: targetallocator-collector-mtls +spec: + steps: + - name: step-00 + try: + - apply: + template: true + file: 00-install.yaml + - assert: + file: 00-assert.yaml + catch: + - podLogs: + selector: app.kubernetes.io/managed-by=opentelemetry-operator + - name: step-01 + try: + - apply: + file: 01-install.yaml + - assert: + file: 01-assert.yaml From c3eda01463e12308b81ad495ecf82f59c66fda30 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 4 Jul 2024 10:22:10 +0300 Subject: [PATCH 61/88] Using TA params --- internal/manifests/targetallocator/certificate.go | 7 +++---- internal/manifests/targetallocator/issuer.go | 5 ++--- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/internal/manifests/targetallocator/certificate.go b/internal/manifests/targetallocator/certificate.go index 37cb6092ee..46357eca23 100644 --- a/internal/manifests/targetallocator/certificate.go +++ b/internal/manifests/targetallocator/certificate.go @@ -21,13 +21,12 @@ import ( cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) // / CACertificate returns a CA Certificate for the given instance. -func CACertificate(params manifests.Params) *cmv1.Certificate { +func CACertificate(params Params) *cmv1.Certificate { name := naming.CACertificate(params.TargetAllocator.Name) labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) @@ -53,7 +52,7 @@ func CACertificate(params manifests.Params) *cmv1.Certificate { } // ServingCertificate returns a serving Certificate for the given instance. -func ServingCertificate(params manifests.Params) *cmv1.Certificate { +func ServingCertificate(params Params) *cmv1.Certificate { name := naming.TAServerCertificate(params.TargetAllocator.Name) labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) @@ -86,7 +85,7 @@ func ServingCertificate(params manifests.Params) *cmv1.Certificate { } // ClientCertificate returns a client Certificate for the given instance. -func ClientCertificate(params manifests.Params) *cmv1.Certificate { +func ClientCertificate(params Params) *cmv1.Certificate { name := naming.TAClientCertificate(params.TargetAllocator.Name) labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) diff --git a/internal/manifests/targetallocator/issuer.go b/internal/manifests/targetallocator/issuer.go index 56c170d2d6..e92cbf69ee 100644 --- a/internal/manifests/targetallocator/issuer.go +++ b/internal/manifests/targetallocator/issuer.go @@ -16,14 +16,13 @@ package targetallocator import ( cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" - "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) // SelfSignedIssuer returns a self-signed issuer for the given instance. -func SelfSignedIssuer(params manifests.Params) *cmv1.Issuer { +func SelfSignedIssuer(params Params) *cmv1.Issuer { name := naming.SelfSignedIssuer(params.TargetAllocator.Name) labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) @@ -42,7 +41,7 @@ func SelfSignedIssuer(params manifests.Params) *cmv1.Issuer { } // CAIssuer returns a CA issuer for the given instance. -func CAIssuer(params manifests.Params) *cmv1.Issuer { +func CAIssuer(params Params) *cmv1.Issuer { name := naming.CAIssuer(params.TargetAllocator.Name) labels := manifestutils.Labels(params.TargetAllocator.ObjectMeta, name, params.TargetAllocator.Spec.Image, ComponentOpenTelemetryTargetAllocator, nil) From 9c12441bc3b7b6e37ed28039f15fba7171643fbc Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 4 Jul 2024 10:30:54 +0300 Subject: [PATCH 62/88] Cleanup makefile from local changes --- Makefile | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/Makefile b/Makefile index 7096dac42c..84dd550e46 100644 --- a/Makefile +++ b/Makefile @@ -109,17 +109,17 @@ ci: generate fmt vet test ensure-generate-is-noop # Build manager binary .PHONY: manager manager: generate - CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -o bin/manager_${ARCH} -ldflags "${COMMON_LDFLAGS} ${OPERATOR_LDFLAGS}" main.go + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(ARCH) go build -o bin/manager_${ARCH} -ldflags "${COMMON_LDFLAGS} ${OPERATOR_LDFLAGS}" main.go # Build target allocator binary .PHONY: targetallocator targetallocator: - CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -o cmd/otel-allocator/bin/targetallocator_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/otel-allocator + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(ARCH) go build -o cmd/otel-allocator/bin/targetallocator_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/otel-allocator # Build opamp bridge binary .PHONY: operator-opamp-bridge operator-opamp-bridge: generate - CGO_ENABLED=0 GOOS=linux GOARCH=$(ARCH) go build -o cmd/operator-opamp-bridge/bin/opampbridge_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/operator-opamp-bridge + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(ARCH) go build -o cmd/operator-opamp-bridge/bin/opampbridge_${ARCH} -ldflags "${COMMON_LDFLAGS}" ./cmd/operator-opamp-bridge # Run against the configured Kubernetes cluster in ~/.kube/config .PHONY: run @@ -175,10 +175,6 @@ add-rbac-permissions-to-operator: manifests kustomize # Deploy controller in the current Kubernetes context, configured in ~/.kube/config .PHONY: deploy deploy: set-image-controller - docker build -t ${IMG} . - docker build -t ${TARGETALLOCATOR_IMG} cmd/otel-allocator - k3d image import ${IMG} -c otel - k3d image import ${TARGETALLOCATOR_IMG} -c otel $(KUSTOMIZE) build config/default | kubectl apply -f - go run hack/check-operator-ready.go 300 @@ -312,11 +308,11 @@ container: manager # Push the container image, used only for local dev purposes .PHONY: container-push container-push: - k3d image import ${IMG} -c otel + docker push ${IMG} .PHONY: container-target-allocator-push container-target-allocator-push: - k3d image import ${TARGETALLOCATOR_IMG} -c otel + docker push ${TARGETALLOCATOR_IMG} .PHONY: container-operator-opamp-bridge-push container-operator-opamp-bridge-push: From bea9947358c0aff3b7a0bc955a2077e2628bf0ed Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 4 Jul 2024 15:45:40 +0300 Subject: [PATCH 63/88] Added step to create cert manager RBAC for e2e mtls tests --- .github/workflows/e2e.yaml | 2 +- Makefile | 4 ++ config/manager/kustomization.yaml | 13 ------- hack/add-certmanager-rbac.sh | 39 +++++++++++++++++++ main.go | 4 +- .../ta-collector-mtls/00-assert.yaml | 2 +- .../ta-collector-mtls/00-install.yaml | 35 ----------------- 7 files changed, 47 insertions(+), 52 deletions(-) create mode 100755 hack/add-certmanager-rbac.sh diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index a1b79caf43..d9f26c9c55 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -43,7 +43,7 @@ jobs: - group: e2e-metadata-filters setup: "add-operator-arg OPERATOR_ARG='--annotations-filter=.*filter.out --annotations-filter=config.*.gke.io.* --labels=.*filter.out' prepare-e2e" - group: e2e-ta-collector-mtls - setup: "add-operator-arg OPERATOR_ARG='--feature-gates=operator.targetallocator.mtls' prepare-e2e" + setup: "add-operator-arg OPERATOR_ARG='--feature-gates=operator.targetallocator.mtls' add-certmanager-rbac prepare-e2e" - group: e2e-automatic-rbac setup: "add-rbac-permissions-to-operator prepare-e2e" steps: diff --git a/Makefile b/Makefile index 84dd550e46..9e4b799722 100644 --- a/Makefile +++ b/Makefile @@ -273,6 +273,10 @@ e2e-prometheuscr: chainsaw e2e-targetallocator: chainsaw $(CHAINSAW) test --test-dir ./tests/e2e-targetallocator +.PHONY: add-certmanager-rbac +add-certmanager-rbac: + ./hack/add-certmanager-rbac.sh + # Target allocator collector mTLS end-to-tests .PHONY: e2e-ta-collector-mtls e2e-ta-collector-mtls: chainsaw diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index ee4c8ade43..5c5f0b84cb 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,15 +1,2 @@ resources: - manager.yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -images: -- name: controller - newName: opentelemetry-operator/opentelemetry-operator - newTag: 0.102.0-72-g2ef561bc -patches: -- patch: '[{"op":"add","path":"/spec/template/spec/containers/0/args/-","value":"--target-allocator-image=opentelemetry-operator/target-allocator:v0.102.0-72-g2ef561bc"}]' - target: - kind: Deployment -- patch: '[{"op":"add","path":"/spec/template/spec/containers/0/args/-","value":"--operator-opamp-bridge-image=opentelemetry-operator/operator-opamp-bridge:v0.102.0-72-g2ef561bc"}]' - target: - kind: Deployment diff --git a/hack/add-certmanager-rbac.sh b/hack/add-certmanager-rbac.sh new file mode 100755 index 0000000000..85a39b5ed2 --- /dev/null +++ b/hack/add-certmanager-rbac.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +kubectl apply -f - < Date: Thu, 4 Jul 2024 20:33:00 +0300 Subject: [PATCH 64/88] Using Kustomize for patching certmanager permissions --- .github/workflows/e2e.yaml | 2 +- .gitignore | 4 +- Makefile | 9 +++-- hack/add-certmanager-rbac.sh | 39 ------------------- .../certmanager-permissions/certmanager.yaml | 17 ++++++++ 5 files changed, 26 insertions(+), 45 deletions(-) delete mode 100755 hack/add-certmanager-rbac.sh create mode 100644 tests/e2e-ta-collector-mtls/certmanager-permissions/certmanager.yaml diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index d9f26c9c55..2b9a01ea13 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -43,7 +43,7 @@ jobs: - group: e2e-metadata-filters setup: "add-operator-arg OPERATOR_ARG='--annotations-filter=.*filter.out --annotations-filter=config.*.gke.io.* --labels=.*filter.out' prepare-e2e" - group: e2e-ta-collector-mtls - setup: "add-operator-arg OPERATOR_ARG='--feature-gates=operator.targetallocator.mtls' add-certmanager-rbac prepare-e2e" + setup: "add-operator-arg OPERATOR_ARG='--feature-gates=operator.targetallocator.mtls' add-certmanager-permissions prepare-e2e" - group: e2e-automatic-rbac setup: "add-rbac-permissions-to-operator prepare-e2e" steps: diff --git a/.gitignore b/.gitignore index 1438657894..52b40a6635 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,3 @@ - # Binaries for programs and plugins *.exe *.exe~ @@ -39,8 +38,9 @@ config/manager/kustomization.yaml kubeconfig tests/_build/ config/rbac/extra-permissions-operator/ +config/rbac/certmanager-permissions/ # autoinstrumentation artifacts build node_modules -package-lock.json \ No newline at end of file +package-lock.json diff --git a/Makefile b/Makefile index 9e4b799722..6e573f4421 100644 --- a/Makefile +++ b/Makefile @@ -273,9 +273,12 @@ e2e-prometheuscr: chainsaw e2e-targetallocator: chainsaw $(CHAINSAW) test --test-dir ./tests/e2e-targetallocator -.PHONY: add-certmanager-rbac -add-certmanager-rbac: - ./hack/add-certmanager-rbac.sh +.PHONY: add-certmanager-permissions +add-certmanager-permissions: + # Kustomize only allows patches in the folder where the kustomization is located + # This folder is ignored by .gitignore + cp -r tests/e2e-ta-collector-mtls/certmanager-permissions config/rbac/certmanager-permissions + cd config/rbac && $(KUSTOMIZE) edit add patch --kind ClusterRole --name manager-role --path certmanager-permissions/certmanager.yaml # Target allocator collector mTLS end-to-tests .PHONY: e2e-ta-collector-mtls diff --git a/hack/add-certmanager-rbac.sh b/hack/add-certmanager-rbac.sh deleted file mode 100755 index 85a39b5ed2..0000000000 --- a/hack/add-certmanager-rbac.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash - -kubectl apply -f - < Date: Thu, 4 Jul 2024 20:54:40 +0300 Subject: [PATCH 65/88] Cleanup chainsaw test --- tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml | 5 ++++- .../e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml | 1 - 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml index 7e46d76a1e..266a2b8371 100644 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml @@ -33,12 +33,15 @@ data: collector_id: ${POD_NAME} endpoint: https://prometheus-cr-targetallocator:443 interval: 30s + tls: + ca_file: /tls/ca.crt + cert_file: /tls/tls.crt + key_file: /tls/tls.key service: pipelines: metrics: exporters: - prometheus - processors: [] receivers: - prometheus kind: ConfigMap diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml index 65a9807454..201491ec56 100644 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml @@ -147,7 +147,6 @@ spec: pipelines: metrics: receivers: [prometheus] - processors: [] exporters: [prometheus] mode: statefulset serviceAccount: collector From 7dafe9111efede43b297217c2c35fdd4bf0b02f5 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 4 Jul 2024 21:10:01 +0300 Subject: [PATCH 66/88] Cleanup chainsaw tests --- .../ta-collector-mtls/chainsaw-test.yaml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml index bbdbe75432..389462d06e 100755 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml @@ -16,9 +16,3 @@ spec: catch: - podLogs: selector: app.kubernetes.io/managed-by=opentelemetry-operator - - name: step-01 - try: - - apply: - file: 01-install.yaml - - assert: - file: 01-assert.yaml From 73d0ce9fe7ade803415fe0f34c792f7c094204d8 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Fri, 5 Jul 2024 10:38:53 +0300 Subject: [PATCH 67/88] e2e test case verifying Collector got secret from TA over mTLS --- .../ta-collector-mtls/01-install.yaml | 78 +++++++++++++++++++ .../ta-collector-mtls/02-assert.yaml | 20 +++++ .../ta-collector-mtls/02-install.yaml | 63 +++++++++++++++ 3 files changed, 161 insertions(+) create mode 100644 tests/e2e-ta-collector-mtls/ta-collector-mtls/01-install.yaml create mode 100644 tests/e2e-ta-collector-mtls/ta-collector-mtls/02-assert.yaml create mode 100644 tests/e2e-ta-collector-mtls/ta-collector-mtls/02-install.yaml diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-install.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-install.yaml new file mode 100644 index 0000000000..30bc058eae --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-install.yaml @@ -0,0 +1,78 @@ +apiVersion: v1 +kind: Secret +metadata: + name: metrics-app-secret +type: Opaque +stringData: + BASIC_AUTH_USERNAME: user + BASIC_AUTH_PASSWORD: t0p$ecreT +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: metrics-app + labels: + app: metrics-app +spec: + replicas: 1 + selector: + matchLabels: + app: metrics-app + template: + metadata: + labels: + app: metrics-app + spec: + containers: + - name: metrics-app + image: ghcr.io/open-telemetry/opentelemetry-operator/e2e-test-app-metrics-basic-auth:main + ports: + - containerPort: 9123 + env: + - name: BASIC_AUTH_USERNAME + valueFrom: + secretKeyRef: + name: metrics-app-secret + key: BASIC_AUTH_USERNAME + - name: BASIC_AUTH_PASSWORD + valueFrom: + secretKeyRef: + name: metrics-app-secret + key: BASIC_AUTH_PASSWORD +--- +apiVersion: v1 +kind: Service +metadata: + name: metrics-service + labels: + app: metrics-app +spec: + ports: + - name: metrics + port: 9123 + targetPort: 9123 + protocol: TCP + selector: + app: metrics-app + type: ClusterIP +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: metrics-servicemonitor + labels: + app: metrics-app +spec: + selector: + matchLabels: + app: metrics-app + endpoints: + - port: metrics + interval: 30s + basicAuth: + username: + name: metrics-app-secret + key: BASIC_AUTH_USERNAME + password: + name: metrics-app-secret + key: BASIC_AUTH_PASSWORD diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-assert.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-assert.yaml new file mode 100644 index 0000000000..b3b95bf022 --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-assert.yaml @@ -0,0 +1,20 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: check-metrics +status: + succeeded: 1 +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: check-ta-jobs +status: + succeeded: 1 +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: check-ta-scrape-configs +status: + succeeded: 1 \ No newline at end of file diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-install.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-install.yaml new file mode 100644 index 0000000000..fd872253fd --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-install.yaml @@ -0,0 +1,63 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: prometheus-cr +spec: + endpoints: + - port: monitoring + selector: + matchLabels: + app.kubernetes.io/managed-by: opentelemetry-operator +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: check-metrics +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: check-metrics + image: curlimages/curl + args: + - /bin/sh + - -c + - | + for i in $(seq 30); do + if curl -m 1 -s http://prometheus-cr-collector:9090/metrics | grep "The Collector got the secret from the Target Allocator over mTLS"; then exit 0; fi + sleep 5 + done + exit 1 +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: check-ta-jobs +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: check-metrics + image: curlimages/curl + args: + - /bin/sh + - -c + - curl -s http://prometheus-cr-targetallocator/scrape_configs | grep "prometheus-cr" +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: check-ta-scrape-configs +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: check-metrics + image: curlimages/curl + args: + - /bin/sh + - -c + - curl -s http://prometheus-cr-targetallocator/jobs | grep "prometheus-cr" From c39295283f94a5b1d307f5d9fca6b03cb601bfad Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Fri, 5 Jul 2024 12:15:14 +0300 Subject: [PATCH 68/88] Added changelog, fixed unit tests --- .../TA-update-configs-to-enable-mtls.yaml | 18 +++++++++++++ cmd/otel-allocator/config/config_test.go | 1 + cmd/otel-allocator/config/flags_test.go | 4 +-- .../targetallocator/container_test.go | 26 ++++++++++--------- 4 files changed, 35 insertions(+), 14 deletions(-) create mode 100755 .chloggen/TA-update-configs-to-enable-mtls.yaml diff --git a/.chloggen/TA-update-configs-to-enable-mtls.yaml b/.chloggen/TA-update-configs-to-enable-mtls.yaml new file mode 100755 index 0000000000..66c35faf91 --- /dev/null +++ b/.chloggen/TA-update-configs-to-enable-mtls.yaml @@ -0,0 +1,18 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: target allocator collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: "Enable mTLS between the TA and collector for passing secrets in the scrape_config securely" + +# One or more tracking issues related to the change +issues: [1669] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: | + This change enables mTLS between the collector and the target allocator. + This is necessary for passing secrets securely from the TA to the collector for scraping endpoints that have authentication. \ No newline at end of file diff --git a/cmd/otel-allocator/config/config_test.go b/cmd/otel-allocator/config/config_test.go index 53ddc52a49..c1b721b773 100644 --- a/cmd/otel-allocator/config/config_test.go +++ b/cmd/otel-allocator/config/config_test.go @@ -64,6 +64,7 @@ func TestLoad(t *testing.T) { }, HTTPS: HTTPSServerConfig{ Enabled: true, + ListenAddr: ":8443", CAFilePath: "/path/to/ca.pem", TLSCertFilePath: "/path/to/cert.pem", TLSKeyFilePath: "/path/to/key.pem", diff --git a/cmd/otel-allocator/config/flags_test.go b/cmd/otel-allocator/config/flags_test.go index dd7420a27e..b2725c170e 100644 --- a/cmd/otel-allocator/config/flags_test.go +++ b/cmd/otel-allocator/config/flags_test.go @@ -78,7 +78,7 @@ func TestFlagGetters(t *testing.T) { flagArgs: []string{"--" + httpsEnabledFlagName, "true"}, expectedValue: true, getterFunc: func(fs *pflag.FlagSet) (interface{}, error) { - _, value, err := getHttpsEnabled(fs) + value, _, err := getHttpsEnabled(fs) return value, err }, }, @@ -87,7 +87,7 @@ func TestFlagGetters(t *testing.T) { flagArgs: []string{"--" + httpsTLSKeyFilePathFlagName, "/path/to/tls.key"}, expectedValue: "/path/to/tls.key", getterFunc: func(fs *pflag.FlagSet) (interface{}, error) { - _, value, err := getHttpsTLSKeyFilePath(fs) + value, _, err := getHttpsTLSKeyFilePath(fs) return value, err }, }, diff --git a/internal/manifests/targetallocator/container_test.go b/internal/manifests/targetallocator/container_test.go index 03c4bb3058..7a78069524 100644 --- a/internal/manifests/targetallocator/container_test.go +++ b/internal/manifests/targetallocator/container_test.go @@ -18,18 +18,20 @@ import ( "os" "testing" + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" + "github.com/open-telemetry/opentelemetry-operator/internal/config" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" + "github.com/open-telemetry/opentelemetry-operator/internal/naming" + a "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "go.opentelemetry.io/collector/featuregate" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" "k8s.io/apimachinery/pkg/util/intstr" logf "sigs.k8s.io/controller-runtime/pkg/log" - - "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" - "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" - "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" - "github.com/open-telemetry/opentelemetry-operator/internal/config" - "github.com/open-telemetry/opentelemetry-operator/internal/naming" ) var logger = logf.Log.WithName("unit-tests") @@ -388,6 +390,11 @@ func TestArgs(t *testing.T) { func TestContainerWithCertManagerAvailable(t *testing.T) { // prepare targetAllocator := v1alpha1.TargetAllocator{} + + flgs := a.Flags(featuregate.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + require.NoError(t, err) + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) // test @@ -401,13 +408,8 @@ func TestContainerWithCertManagerAvailable(t *testing.T) { assert.Contains(t, c.VolumeMounts, corev1.VolumeMount{ Name: naming.TAServerCertificate(""), - MountPath: "/tls", + MountPath: manifestutils.TLSDirPath, }) - - assert.Contains(t, c.Args, "--enable-https-server") - assert.Contains(t, c.Args, "--https-ca-file=/tls/ca.crt") - assert.Contains(t, c.Args, "--https-tls-cert-file=/tls/tls.crt") - assert.Contains(t, c.Args, "--https-tls-key-file=/tls/tls.key") } func TestContainerCustomVolumes(t *testing.T) { From 475a1e252bc911378cea71a398942f4368512f56 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Fri, 5 Jul 2024 12:15:41 +0300 Subject: [PATCH 69/88] restored makefile --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 6e573f4421..c95a272c5e 100644 --- a/Makefile +++ b/Makefile @@ -24,7 +24,7 @@ endif # Image URL to use all building/pushing image targets DOCKER_USER ?= open-telemetry -IMG_PREFIX ?= opentelemetry-operator +IMG_PREFIX ?= ghcr.io/${DOCKER_USER}/opentelemetry-operator IMG_REPO ?= opentelemetry-operator IMG ?= ${IMG_PREFIX}/${IMG_REPO}:${VERSION} BUNDLE_IMG ?= ${IMG_PREFIX}/${IMG_REPO}-bundle:${VERSION} From e293a78d73e5c9302e024dee8717fad426fe0c74 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Fri, 5 Jul 2024 12:51:59 +0300 Subject: [PATCH 70/88] Renamed fg import --- internal/manifests/targetallocator/container_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/manifests/targetallocator/container_test.go b/internal/manifests/targetallocator/container_test.go index 7a78069524..e8b23e1f7a 100644 --- a/internal/manifests/targetallocator/container_test.go +++ b/internal/manifests/targetallocator/container_test.go @@ -24,10 +24,10 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" - a "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "go.opentelemetry.io/collector/featuregate" + colfg "go.opentelemetry.io/collector/featuregate" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" "k8s.io/apimachinery/pkg/util/intstr" @@ -391,7 +391,7 @@ func TestContainerWithCertManagerAvailable(t *testing.T) { // prepare targetAllocator := v1alpha1.TargetAllocator{} - flgs := a.Flags(featuregate.GlobalRegistry()) + flgs := featuregate.Flags(colfg.GlobalRegistry()) err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) require.NoError(t, err) From 71ca0c052f3735a4de6aae292bcc95d7e3b6dad3 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Fri, 5 Jul 2024 12:56:31 +0300 Subject: [PATCH 71/88] Linting rules for imports --- .../manifests/targetallocator/container_test.go | 15 ++++++++------- internal/manifests/targetallocator/issuer.go | 3 ++- main.go | 2 +- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/internal/manifests/targetallocator/container_test.go b/internal/manifests/targetallocator/container_test.go index e8b23e1f7a..65b79f6ff7 100644 --- a/internal/manifests/targetallocator/container_test.go +++ b/internal/manifests/targetallocator/container_test.go @@ -18,13 +18,6 @@ import ( "os" "testing" - "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" - "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" - "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" - "github.com/open-telemetry/opentelemetry-operator/internal/config" - "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" - "github.com/open-telemetry/opentelemetry-operator/internal/naming" - "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" colfg "go.opentelemetry.io/collector/featuregate" @@ -32,6 +25,14 @@ import ( "k8s.io/apimachinery/pkg/api/resource" "k8s.io/apimachinery/pkg/util/intstr" logf "sigs.k8s.io/controller-runtime/pkg/log" + + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" + "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" + "github.com/open-telemetry/opentelemetry-operator/internal/config" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" + "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) var logger = logf.Log.WithName("unit-tests") diff --git a/internal/manifests/targetallocator/issuer.go b/internal/manifests/targetallocator/issuer.go index e92cbf69ee..8732fd1376 100644 --- a/internal/manifests/targetallocator/issuer.go +++ b/internal/manifests/targetallocator/issuer.go @@ -16,9 +16,10 @@ package targetallocator import ( cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) // SelfSignedIssuer returns a self-signed issuer for the given instance. diff --git a/main.go b/main.go index 4e7a4543cd..314f210d43 100644 --- a/main.go +++ b/main.go @@ -25,6 +25,7 @@ import ( "strings" "time" + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" routev1 "github.com/openshift/api/route/v1" monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" "github.com/spf13/pflag" @@ -47,7 +48,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/webhook" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" - cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" otelv1alpha1 "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" otelv1beta1 "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/controllers" From 09bdf3c9349094c73eb07f2411cb0a9485ea99f6 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Fri, 5 Jul 2024 14:32:45 +0300 Subject: [PATCH 72/88] Added more tests, updated the readme --- cmd/otel-allocator/README.md | 37 +++++++++++- .../manifests/collector/configmap_test.go | 59 +++++++++++++++++++ .../manifests/collector/container_test.go | 24 ++++++++ 3 files changed, 118 insertions(+), 2 deletions(-) diff --git a/cmd/otel-allocator/README.md b/cmd/otel-allocator/README.md index 230ec8f269..bf37e8e3f8 100644 --- a/cmd/otel-allocator/README.md +++ b/cmd/otel-allocator/README.md @@ -211,9 +211,42 @@ rules: ### Service / Pod monitor endpoint credentials -If your service or pod monitor endpoints require credentials or other supported form of authentication (bearer token, basic auth, OAuth2 etc.), you need to ensure that the collector has access to this information. Due to some limitations in how the endpoints configuration is handled, target allocator currently does **not** support credentials provided via secrets. It is only possible to provide credentials in a file (for more details see issue https://github.com/open-telemetry/opentelemetry-operator/issues/1669). +If your service or pod monitor endpoints require authentication (such as bearer tokens, basic auth, OAuth2, etc.), you must ensure that the collector has access to these credentials. + +To secure the connection between the target allocator and the collector so that the secrets can be retrieved, mTLS is used. This involves the use of cert-manager to manage the CA, server, and client certificates. + +Prerequisites: +- Ensure cert-manager is installed in your Kubernetes cluster. +- Grant RBAC Permissions: + + - The target allocator needs the appropriate RBAC permissions to get the secrets referenced in the Service / Pod monitor. + + - The operator needs the appropriate RBAC permissions to manage cert-manager resources. The following clusterRole can be used to grant the necessary permissions: + + ```yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: opentelemetry-operator-controller-manager-cert-manager-role + rules: + - apiGroups: + - cert-manager.io + resources: + - issuers + - certificaterequests + - certificates + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + ``` + +- Enable the `operator.targetallocator.mtls` feature gate in the operator's deployment. -In order to ensure your endpoints can be scraped, your collector instance needs to have the particular secret mounted as a file at the correct path. # Design diff --git a/internal/manifests/collector/configmap_test.go b/internal/manifests/collector/configmap_test.go index fc66cf3794..a6469704ea 100644 --- a/internal/manifests/collector/configmap_test.go +++ b/internal/manifests/collector/configmap_test.go @@ -18,9 +18,14 @@ import ( "testing" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + colfg "go.opentelemetry.io/collector/featuregate" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" + "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) func TestDesiredConfigMap(t *testing.T) { @@ -123,4 +128,58 @@ service: }) + t.Run("should return expected escaped collector config map with target_allocator and https config block", func(t *testing.T) { + expectedData := map[string]string{ + "collector.yaml": `exporters: + debug: +receivers: + prometheus: + config: {} + target_allocator: + collector_id: ${POD_NAME} + endpoint: https://test-targetallocator:443 + interval: 30s + tls: + ca_file: /tls/ca.crt + cert_file: /tls/tls.crt + key_file: /tls/tls.key +service: + pipelines: + metrics: + exporters: + - debug + receivers: + - prometheus +`, + } + + param, err := newParams("test/test-img", "testdata/http_sd_config_servicemonitor_test.yaml", config.WithCertManagerAvailability(certmanager.Available)) + require.NoError(t, err) + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err = flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + require.NoError(t, err) + + hash, _ := manifestutils.GetConfigMapSHA(param.OtelCol.Spec.Config) + expectedName := naming.ConfigMap("test", hash) + + expectedLables["app.kubernetes.io/component"] = "opentelemetry-collector" + expectedLables["app.kubernetes.io/name"] = "test-collector" + expectedLables["app.kubernetes.io/version"] = "latest" + + param.OtelCol.Spec.TargetAllocator.Enabled = true + actual, err := ConfigMap(param) + + assert.NoError(t, err) + assert.Equal(t, expectedName, actual.Name) + assert.Equal(t, expectedLables, actual.Labels) + assert.Equal(t, len(expectedData), len(actual.Data)) + for k, expected := range expectedData { + assert.YAMLEq(t, expected, actual.Data[k]) + } + + // Reset the value + expectedLables["app.kubernetes.io/version"] = "0.47.0" + assert.NoError(t, err) + + }) } diff --git a/internal/manifests/collector/container_test.go b/internal/manifests/collector/container_test.go index 597e98c1e7..39a9cd808d 100644 --- a/internal/manifests/collector/container_test.go +++ b/internal/manifests/collector/container_test.go @@ -20,14 +20,19 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + colfg "go.opentelemetry.io/collector/featuregate" "gopkg.in/yaml.v3" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" logf "sigs.k8s.io/controller-runtime/pkg/log" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" . "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector" + "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" + "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) var logger = logf.Log.WithName("unit-tests") @@ -860,3 +865,22 @@ func mustUnmarshalToConfig(t *testing.T, config string) v1beta1.Config { } return cfg } + +func TestContainerWithCertManagerAvailable(t *testing.T) { + otelcol := v1beta1.OpenTelemetryCollector{} + + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + require.NoError(t, err) + + // test + c := Container(cfg, logger, otelcol, true) + + // verify + assert.Contains(t, c.VolumeMounts, corev1.VolumeMount{ + Name: naming.TAClientCertificate(""), + MountPath: manifestutils.TLSDirPath, + }) +} From fd9977642f49911f3b49180650e78b7062faa8ab Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 11 Jul 2024 20:55:57 +0300 Subject: [PATCH 73/88] Added steps in e2e tests for new app --- .../ta-collector-mtls/02-install.yaml | 2 +- .../ta-collector-mtls/chainsaw-test.yaml | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-install.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-install.yaml index fd872253fd..5e45f4e150 100644 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-install.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/02-install.yaml @@ -25,7 +25,7 @@ spec: - -c - | for i in $(seq 30); do - if curl -m 1 -s http://prometheus-cr-collector:9090/metrics | grep "The Collector got the secret from the Target Allocator over mTLS"; then exit 0; fi + if curl -m 1 -s http://prometheus-cr-collector:9090/metrics | grep "Client was authenticated"; then exit 0; fi sleep 5 done exit 1 diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml index 389462d06e..1004298cb6 100755 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml @@ -16,3 +16,17 @@ spec: catch: - podLogs: selector: app.kubernetes.io/managed-by=opentelemetry-operator + - name: step-01 + try: + - apply: + file: 01-install.yaml + - name: step-02 + try: + - apply: + template: true + file: 02-install.yaml + - assert: + file: 02-assert.yaml + catch: + - podLogs: + selector: app.kubernetes.io/managed-by=opentelemetry-operator \ No newline at end of file From 4cd6b9d218a99d27310fbca91c6b65627c118cab Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 29 Aug 2024 21:28:19 +0300 Subject: [PATCH 74/88] Ran go mod tidy --- go.sum | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/go.sum b/go.sum index 9f3a8f3220..e964d425d2 100644 --- a/go.sum +++ b/go.sum @@ -632,8 +632,8 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0= -github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= +github.com/yusufpapurcu/wmi v1.2.3 h1:E1ctvB7uKFMOJw3fdOW32DwGE9I7t++CRUEMKvFoFiw= +github.com/yusufpapurcu/wmi v1.2.3/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= go.mongodb.org/mongo-driver v1.14.0 h1:P98w8egYRjYe3XDjxhYJagTokP/H6HzlsnojRgZRd80= go.mongodb.org/mongo-driver v1.14.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= @@ -1076,6 +1076,8 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/controller-runtime v0.19.0 h1:nWVM7aq+Il2ABxwiCizrVDSlmDcshi9llbaFbC0ji/Q= sigs.k8s.io/controller-runtime v0.19.0/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= +sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= +sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= From ca26b014dabcf51e35a291d5fabcc73b42552586 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 29 Aug 2024 21:54:54 +0300 Subject: [PATCH 75/88] Added new variable to test TA's AddTAConfigToPromConfig --- .../targetallocator/adapters/config_to_prom_config_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go b/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go index b325102e98..5287572ce5 100644 --- a/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go +++ b/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go @@ -539,6 +539,7 @@ func TestAddTAConfigToPromConfigWithTLSConfig(t *testing.T) { } taServiceName := "test-targetallocator" + taServiceNamespace := "default" expectedResult := map[interface{}]interface{}{ "config": map[interface{}]interface{}{}, @@ -554,7 +555,7 @@ func TestAddTAConfigToPromConfigWithTLSConfig(t *testing.T) { }, } - result, err := ta.AddTAConfigToPromConfig(cfg, taServiceName, ta.WithTLSConfig("ca.crt", "tls.crt", "tls.key", taServiceName)) + result, err := ta.AddTAConfigToPromConfig(cfg, taServiceName, taServiceNamespace, ta.WithTLSConfig("ca.crt", "tls.crt", "tls.key", taServiceName)) assert.NoError(t, err) assert.Equal(t, expectedResult, result) From 046019725da70f31b00bf14293a2c97cbb017d06 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Fri, 30 Aug 2024 12:55:11 +0300 Subject: [PATCH 76/88] Setting otel-col-contrib 0.108.0 in e2e test until operator gets updated --- tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml index 201491ec56..de46c836d3 100644 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml @@ -132,6 +132,8 @@ kind: OpenTelemetryCollector metadata: name: prometheus-cr spec: + # Can be removed once operator is updated to use opentelemetry-collector-contrib:0.108.0 + image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:0.108.0 config: | receivers: prometheus: From 40935542f7e4bb551b53130945d2f7ea500ad94d Mon Sep 17 00:00:00 2001 From: ItielOlenick <67790309+ItielOlenick@users.noreply.github.com> Date: Sat, 31 Aug 2024 20:57:33 +0300 Subject: [PATCH 77/88] Update pkg/featuregate/featuregate.go Co-authored-by: Jacob Aronoff --- pkg/featuregate/featuregate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/featuregate/featuregate.go b/pkg/featuregate/featuregate.go index d30bde4f0b..f6aa19b769 100644 --- a/pkg/featuregate/featuregate.go +++ b/pkg/featuregate/featuregate.go @@ -45,7 +45,7 @@ var ( "operator.targetallocator.mtls", featuregate.StageAlpha, featuregate.WithRegisterDescription("enables mTLS between the target allocator and the collector"), - featuregate.WithRegisterFromVersion("v0.102.0"), + featuregate.WithRegisterFromVersion("v0.108.0"), ) ) From 6f7f817056ad44027f51019d3ef040c524f930cb Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Sat, 31 Aug 2024 22:31:31 +0300 Subject: [PATCH 78/88] Added https, serviceMonitor and tls resources assertions to e2e tests --- .../ta-collector-mtls/00-assert.yaml | 37 +++++++++++++++++++ .../ta-collector-mtls/00-install.yaml | 29 +++++++++++++++ .../ta-collector-mtls/01-assert.yaml | 6 +++ 3 files changed, 72 insertions(+) create mode 100644 tests/e2e-ta-collector-mtls/ta-collector-mtls/01-assert.yaml diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml index 266a2b8371..08aacf33b6 100644 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-assert.yaml @@ -20,6 +20,21 @@ kind: ConfigMap metadata: name: prometheus-cr-targetallocator --- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: prometheus-cr-ca-cert +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: prometheus-cr-ta-server-cert +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: prometheus-cr-ta-client-cert +--- apiVersion: v1 data: collector.yaml: | @@ -47,3 +62,25 @@ data: kind: ConfigMap metadata: name: prometheus-cr-collector-52e1d2ae +--- +apiVersion: v1 +kind: Pod +metadata: + labels: + app.kubernetes.io/component: opentelemetry-targetallocator + app.kubernetes.io/managed-by: opentelemetry-operator +spec: + containers: + - name: ta-container + ports: + - containerPort: 8080 + name: http + - containerPort: 8443 + name: https +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: check-ta-serving-over-https +status: + succeeded: 1 \ No newline at end of file diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml index de46c836d3..919dab2bf4 100644 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml @@ -158,3 +158,32 @@ spec: enabled: true scrapeInterval: 1s serviceAccount: ta +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: check-ta-serving-over-https +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: check-ta + image: curlimages/curl + volumeMounts: + - name: tls-secret + mountPath: /etc/tls + readOnly: true + args: + - /bin/sh + - -c + - | + curl -s \ + --cert /etc/tls/tls.crt \ + --key /etc/tls/tls.key \ + --cacert /etc/tls/ca.crt \ + https://prometheus-cr-targetallocator:443 + volumes: + - name: tls-secret + secret: + secretName: prometheus-cr-ta-client-cert \ No newline at end of file diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-assert.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-assert.yaml new file mode 100644 index 0000000000..c5ef31e070 --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-assert.yaml @@ -0,0 +1,6 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: metrics-servicemonitor + labels: + app: metrics-app \ No newline at end of file From 80cd205699991c8a4cdfa60b63e6a208be86ec13 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Mon, 2 Sep 2024 16:01:35 +0300 Subject: [PATCH 79/88] Using namespaced names for ClusterRoles --- .../ta-collector-mtls/00-install.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml index 919dab2bf4..ccbe39094f 100644 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml @@ -13,7 +13,7 @@ metadata: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: targetallocator-prometheuscr + name: (join('-', ['ta', $namespace])) rules: - apiGroups: - "" @@ -72,7 +72,7 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: collector-prometheuscr + name: (join('-', ['collector', $namespace])) rules: - apiGroups: - "" @@ -108,7 +108,7 @@ metadata: roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: targetallocator-prometheuscr + name: (join('-', ['ta', $namespace])) subjects: - kind: ServiceAccount name: ta @@ -121,7 +121,7 @@ metadata: roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: collector-prometheuscr + name: (join('-', ['collector', $namespace])) subjects: - kind: ServiceAccount name: collector From 06b1dfebcc34beaf6a21d1c178574717c358edcf Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Mon, 2 Sep 2024 19:42:46 +0300 Subject: [PATCH 80/88] Cleanup --- internal/config/main.go | 2 -- pkg/constants/env.go | 2 -- 2 files changed, 4 deletions(-) diff --git a/internal/config/main.go b/internal/config/main.go index 90ef316365..434ae5493f 100644 --- a/internal/config/main.go +++ b/internal/config/main.go @@ -17,7 +17,6 @@ package config import ( "context" - "fmt" "time" "github.com/go-logr/logr" @@ -154,7 +153,6 @@ func (c *Config) AutoDetect() error { cmAvl, err := c.autoDetect.CertManagerAvailability(context.Background()) if err != nil { c.logger.V(2).Info("the cert manager crd and permissions are not set for the operator", "reason", err) - fmt.Print(err) } c.certManagerAvailability = cmAvl c.logger.V(2).Info("the cert manager crd and permissions are set for the operator", "availability", cmAvl) diff --git a/pkg/constants/env.go b/pkg/constants/env.go index a1d187736e..45d0a82982 100644 --- a/pkg/constants/env.go +++ b/pkg/constants/env.go @@ -46,6 +46,4 @@ const ( FlagNginx = "enable-nginx-instrumentation" FlagNodeJS = "enable-nodejs-instrumentation" FlagJava = "enable-java-instrumentation" - - FlagTargetAllocatorMTLS = "enable-target-allocator-mtls" ) From e073de69546d6ece6d9f3ef586c4c11410e1a3b0 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Mon, 2 Sep 2024 19:43:06 +0300 Subject: [PATCH 81/88] Added CertManager resources unit tests --- .../targetallocator/certificate_test.go | 221 ++++++++++++++++++ .../manifests/targetallocator/issuer_test.go | 113 +++++++++ 2 files changed, 334 insertions(+) create mode 100644 internal/manifests/targetallocator/certificate_test.go create mode 100644 internal/manifests/targetallocator/issuer_test.go diff --git a/internal/manifests/targetallocator/certificate_test.go b/internal/manifests/targetallocator/certificate_test.go new file mode 100644 index 0000000000..ae9dceb6a7 --- /dev/null +++ b/internal/manifests/targetallocator/certificate_test.go @@ -0,0 +1,221 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package targetallocator + +import ( + "testing" + + "github.com/stretchr/testify/assert" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" + "github.com/open-telemetry/opentelemetry-operator/internal/config" +) + +type CACertificateConfig struct { + Name string + Namespace string + SecretName string + IssuerName string +} + +type ServingCertificateConfig struct { + Name string + Namespace string + SecretName string + IssuerName string +} + +type ClientCertificateConfig struct { + Name string + Namespace string + SecretName string + IssuerName string +} + +func TestCACertificate(t *testing.T) { + tests := []struct { + name string + targetAllocator v1alpha1.TargetAllocator + expectedCAConfig CACertificateConfig + expectedLabels map[string]string + }{ + { + name: "Default CA Certificate", + targetAllocator: v1alpha1.TargetAllocator{ + ObjectMeta: metav1.ObjectMeta{ + Name: "my-instance", + Namespace: "my-namespace", + }, + }, + expectedCAConfig: CACertificateConfig{ + Name: "my-instance-ca-cert", + Namespace: "my-namespace", + SecretName: "my-instance-ca-cert", + IssuerName: "my-instance-self-signed-issuer", + }, + expectedLabels: map[string]string{ + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/instance": "my-namespace.my-instance", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/name": "my-instance-ca-cert", + "app.kubernetes.io/version": "latest", + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + params := Params{ + TargetAllocator: tt.targetAllocator, + Config: config.New(), + } + + caCert := CACertificate(params) + + assert.Equal(t, tt.expectedCAConfig.Name, caCert.Name) + assert.Equal(t, tt.expectedCAConfig.Namespace, caCert.Namespace) + assert.Equal(t, tt.expectedCAConfig.SecretName, caCert.Spec.SecretName) + assert.Equal(t, tt.expectedCAConfig.IssuerName, caCert.Spec.IssuerRef.Name) + assert.True(t, caCert.Spec.IsCA) + assert.Equal(t, "Issuer", caCert.Spec.IssuerRef.Kind) + assert.Equal(t, []string{"opentelemetry-operator"}, caCert.Spec.Subject.OrganizationalUnits) + assert.Equal(t, tt.expectedLabels, caCert.Labels) + }) + } +} + +func TestServingCertificate(t *testing.T) { + tests := []struct { + name string + targetAllocator v1alpha1.TargetAllocator + expectedServingConfig ServingCertificateConfig + expectedDNSNames []string + expectedOrganizationUnit []string + expectedLabels map[string]string + }{ + { + name: "Default Serving Certificate", + targetAllocator: v1alpha1.TargetAllocator{ + ObjectMeta: metav1.ObjectMeta{ + Name: "my-instance", + Namespace: "my-namespace", + }, + }, + expectedServingConfig: ServingCertificateConfig{ + Name: "my-instance-ta-server-cert", + Namespace: "my-namespace", + SecretName: "my-instance-ta-server-cert", + IssuerName: "my-instance-ca-issuer", + }, + expectedDNSNames: []string{ + "my-instance-targetallocator", + "my-instance-targetallocator.my-namespace.svc", + "my-instance-targetallocator.my-namespace.svc.cluster.local", + }, + expectedOrganizationUnit: []string{"opentelemetry-operator"}, + expectedLabels: map[string]string{ + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/instance": "my-namespace.my-instance", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/name": "my-instance-ta-server-cert", + "app.kubernetes.io/version": "latest", + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + params := Params{ + TargetAllocator: tt.targetAllocator, + Config: config.New(), + } + + servingCert := ServingCertificate(params) + + assert.Equal(t, tt.expectedServingConfig.Name, servingCert.Name) + assert.Equal(t, tt.expectedServingConfig.Namespace, servingCert.Namespace) + assert.Equal(t, tt.expectedServingConfig.SecretName, servingCert.Spec.SecretName) + assert.Equal(t, tt.expectedServingConfig.IssuerName, servingCert.Spec.IssuerRef.Name) + assert.Equal(t, "Issuer", servingCert.Spec.IssuerRef.Kind) + assert.ElementsMatch(t, tt.expectedDNSNames, servingCert.Spec.DNSNames) + assert.ElementsMatch(t, tt.expectedOrganizationUnit, servingCert.Spec.Subject.OrganizationalUnits) + assert.Equal(t, tt.expectedLabels, servingCert.Labels) + }) + } +} + +func TestClientCertificate(t *testing.T) { + tests := []struct { + name string + targetAllocator v1alpha1.TargetAllocator + expectedClientConfig ClientCertificateConfig + expectedDNSNames []string + expectedOrganizationUnit []string + expectedLabels map[string]string + }{ + { + name: "Default Client Certificate", + targetAllocator: v1alpha1.TargetAllocator{ + ObjectMeta: metav1.ObjectMeta{ + Name: "my-instance", + Namespace: "my-namespace", + }, + }, + expectedClientConfig: ClientCertificateConfig{ + Name: "my-instance-ta-client-cert", + Namespace: "my-namespace", + SecretName: "my-instance-ta-client-cert", + IssuerName: "my-instance-ca-issuer", + }, + expectedDNSNames: []string{ + "my-instance-targetallocator", + "my-instance-targetallocator.my-namespace.svc", + "my-instance-targetallocator.my-namespace.svc.cluster.local", + }, + expectedOrganizationUnit: []string{"opentelemetry-operator"}, + expectedLabels: map[string]string{ + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/instance": "my-namespace.my-instance", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/name": "my-instance-ta-client-cert", + "app.kubernetes.io/version": "latest", + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + params := Params{ + TargetAllocator: tt.targetAllocator, + Config: config.New(), + } + + clientCert := ClientCertificate(params) + + assert.Equal(t, tt.expectedClientConfig.Name, clientCert.Name) + assert.Equal(t, tt.expectedClientConfig.Namespace, clientCert.Namespace) + assert.Equal(t, tt.expectedClientConfig.SecretName, clientCert.Spec.SecretName) + assert.Equal(t, tt.expectedClientConfig.IssuerName, clientCert.Spec.IssuerRef.Name) + assert.Equal(t, "Issuer", clientCert.Spec.IssuerRef.Kind) + assert.ElementsMatch(t, tt.expectedDNSNames, clientCert.Spec.DNSNames) + assert.ElementsMatch(t, tt.expectedOrganizationUnit, clientCert.Spec.Subject.OrganizationalUnits) + assert.Equal(t, tt.expectedLabels, clientCert.Labels) + }) + } +} diff --git a/internal/manifests/targetallocator/issuer_test.go b/internal/manifests/targetallocator/issuer_test.go new file mode 100644 index 0000000000..d5d0c1d021 --- /dev/null +++ b/internal/manifests/targetallocator/issuer_test.go @@ -0,0 +1,113 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package targetallocator + +import ( + "testing" + + "github.com/stretchr/testify/assert" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" + "github.com/open-telemetry/opentelemetry-operator/internal/config" +) + +type SelfSignedIssuerConfig struct { + Name string + Namespace string + Labels map[string]string +} + +type CAIssuerConfig struct { + Name string + Namespace string + Labels map[string]string + SecretName string +} + +func TestSelfSignedIssuer(t *testing.T) { + taSpec := v1alpha1.TargetAllocatorSpec{} + ta := v1alpha1.TargetAllocator{ + ObjectMeta: metav1.ObjectMeta{ + Name: "my-instance", + Namespace: "my-namespace", + }, + Spec: taSpec, + } + + cfg := config.New() + + expected := SelfSignedIssuerConfig{ + Name: "my-instance-self-signed-issuer", + Namespace: "my-namespace", + Labels: map[string]string{ + "app.kubernetes.io/name": "my-instance-self-signed-issuer", + "app.kubernetes.io/instance": "my-namespace.my-instance", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/version": "latest", + }, + } + + params := Params{ + Config: cfg, + TargetAllocator: ta, + } + + issuer := SelfSignedIssuer(params) + + assert.Equal(t, expected.Name, issuer.Name) + assert.Equal(t, expected.Namespace, issuer.Namespace) + assert.Equal(t, expected.Labels, issuer.Labels) + assert.NotNil(t, issuer.Spec.SelfSigned) +} + +func TestCAIssuer(t *testing.T) { + ta := v1alpha1.TargetAllocator{ + ObjectMeta: metav1.ObjectMeta{ + Name: "my-instance", + Namespace: "my-namespace", + }, + } + + cfg := config.New() + + expected := CAIssuerConfig{ + Name: "my-instance-ca-issuer", + Namespace: "my-namespace", + Labels: map[string]string{ + "app.kubernetes.io/name": "my-instance-ca-issuer", + "app.kubernetes.io/instance": "my-namespace.my-instance", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/version": "latest", + }, + SecretName: "my-instance-ca-cert", + } + + params := Params{ + Config: cfg, + TargetAllocator: ta, + } + + issuer := CAIssuer(params) + + assert.Equal(t, expected.Name, issuer.Name) + assert.Equal(t, expected.Namespace, issuer.Namespace) + assert.Equal(t, expected.Labels, issuer.Labels) + assert.Equal(t, expected.SecretName, issuer.Spec.CA.SecretName) +} From 7e412edaa16409de4e94e508dce9b43627b8b9ec Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Tue, 3 Sep 2024 16:16:15 +0300 Subject: [PATCH 82/88] Added unit tests and e2e assertions --- controllers/builder_test.go | 648 +++++++++++++++++- internal/manifests/collector/volume_test.go | 52 ++ .../targetallocator/configmap_test.go | 58 ++ internal/manifests/targetallocator/service.go | 2 +- .../manifests/targetallocator/service_test.go | 33 + .../manifests/targetallocator/volume_test.go | 61 ++ .../ta-collector-mtls/01-assert.yaml | 23 + 7 files changed, 875 insertions(+), 2 deletions(-) diff --git a/controllers/builder_test.go b/controllers/builder_test.go index 2c5070fa84..c6e67e4c27 100644 --- a/controllers/builder_test.go +++ b/controllers/builder_test.go @@ -18,6 +18,8 @@ import ( "strings" "testing" + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + cmmetav1 "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" "github.com/go-logr/logr" monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" "github.com/stretchr/testify/require" @@ -35,6 +37,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector" @@ -1243,6 +1246,7 @@ service: want []client.Object featuregates []string wantErr bool + opts []config.Option }{ { name: "base case", @@ -2186,12 +2190,654 @@ prometheus_cr: wantErr: false, featuregates: []string{}, }, + { + name: "target allocator mtls enabled", + args: args{ + instance: v1beta1.OpenTelemetryCollector{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + Namespace: "test", + }, + Spec: v1beta1.OpenTelemetryCollectorSpec{ + OpenTelemetryCommonFields: v1beta1.OpenTelemetryCommonFields{ + Image: "test", + Replicas: &one, + }, + Mode: "statefulset", + Config: goodConfig, + TargetAllocator: v1beta1.TargetAllocatorEmbedded{ + Enabled: true, + FilterStrategy: "relabel-config", + AllocationStrategy: v1beta1.TargetAllocatorAllocationStrategyConsistentHashing, + PrometheusCR: v1beta1.TargetAllocatorPrometheusCR{ + Enabled: true, + }, + }, + }, + }, + }, + want: []client.Object{ + &appsv1.StatefulSet{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-collector", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: map[string]string{}, + }, + Spec: appsv1.StatefulSetSpec{ + ServiceName: "test-collector", + Replicas: &one, + Selector: &metav1.LabelSelector{ + MatchLabels: selectorLabels, + }, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: map[string]string{ + "opentelemetry-operator-config/sha256": "39cae697770f9d7e183e8fa9ba56043315b62e19c7231537870acfaaabc30a43", + "prometheus.io/path": "/metrics", + "prometheus.io/port": "8888", + "prometheus.io/scrape": "true", + }, + }, + Spec: corev1.PodSpec{ + Volumes: []corev1.Volume{ + { + Name: "otc-internal", + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: "test-collector-" + goodConfigHash, + }, + Items: []corev1.KeyToPath{ + { + Key: "collector.yaml", + Path: "collector.yaml", + }, + }, + }, + }, + }, + { + Name: "test-ta-client-cert", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: "test-ta-client-cert", + }, + }, + }, + }, + Containers: []corev1.Container{ + { + Name: "otc-container", + Image: "test", + Args: []string{ + "--config=/conf/collector.yaml", + }, + Env: []corev1.EnvVar{ + { + Name: "POD_NAME", + ValueFrom: &corev1.EnvVarSource{ + FieldRef: &corev1.ObjectFieldSelector{ + FieldPath: "metadata.name", + }, + }, + }, + { + Name: "SHARD", + Value: "0", + }, + }, + Ports: []corev1.ContainerPort{ + { + Name: "metrics", + HostPort: 0, + ContainerPort: 8888, + Protocol: "TCP", + }, + }, + VolumeMounts: []corev1.VolumeMount{ + { + Name: "otc-internal", + MountPath: "/conf", + }, + { + Name: "test-ta-client-cert", + MountPath: "/tls", + }, + }, + }, + }, + ShareProcessNamespace: ptr.To(false), + DNSPolicy: "ClusterFirst", + DNSConfig: &corev1.PodDNSConfig{}, + ServiceAccountName: "test-collector", + }, + }, + PodManagementPolicy: "Parallel", + }, + }, + &policyV1.PodDisruptionBudget{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-collector", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: map[string]string{}, + }, + Spec: policyV1.PodDisruptionBudgetSpec{ + Selector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + }, + MaxUnavailable: &intstr.IntOrString{ + Type: intstr.Int, + IntVal: 1, + }, + }, + }, + &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-collector-" + goodConfigHash, + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: map[string]string{}, + }, + Data: map[string]string{ + "collector.yaml": "exporters:\n logging: null\nreceivers:\n prometheus:\n config: {}\n target_allocator:\n collector_id: ${POD_NAME}\n endpoint: https://test-targetallocator:443\n interval: 30s\n tls:\n ca_file: /tls/ca.crt\n cert_file: /tls/tls.crt\n key_file: /tls/tls.key\nservice:\n pipelines:\n metrics:\n exporters:\n - logging\n receivers:\n - prometheus\n", + }, + }, + &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-collector", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: map[string]string{}, + }, + }, + &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-collector-monitoring", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-collector", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-collector-monitoring", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + "operator.opentelemetry.io/collector-service-type": "monitoring", + "operator.opentelemetry.io/collector-monitoring-service": "Exists", + }, + Annotations: map[string]string{}, + }, + Spec: corev1.ServiceSpec{ + Ports: []corev1.ServicePort{ + { + Name: "monitoring", + Port: 8888, + }, + }, + Selector: selectorLabels, + }, + }, + &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-targetallocator", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-targetallocator", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: nil, + }, + Data: map[string]string{ + "targetallocator.yaml": `allocation_strategy: consistent-hashing +collector_selector: + matchlabels: + app.kubernetes.io/component: opentelemetry-collector + app.kubernetes.io/instance: test.test + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/part-of: opentelemetry + matchexpressions: [] +config: + scrape_configs: + - job_name: example + metric_relabel_configs: + - replacement: $1_$2 + source_labels: + - job + target_label: job + relabel_configs: + - replacement: my_service_$1 + source_labels: + - __meta_service_id + target_label: job + - replacement: $1 + source_labels: + - __meta_service_name + target_label: instance +filter_strategy: relabel-config +https: + ca_file_path: /tls/ca.crt + enabled: true + listen_addr: :8443 + tls_cert_file_path: /tls/tls.crt + tls_key_file_path: /tls/tls.key +prometheus_cr: + enabled: true + pod_monitor_selector: null + service_monitor_selector: null +`, + }, + }, + &appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-targetallocator", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-targetallocator", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: nil, + }, + Spec: appsv1.DeploymentSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: taSelectorLabels, + }, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-targetallocator", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: map[string]string{ + "opentelemetry-targetallocator-config/hash": "f1ce0fdbf69924576576d1d6eb2a3cc91a3f72675b3facbb36702d57027bc6ae", + }, + }, + Spec: corev1.PodSpec{ + Volumes: []corev1.Volume{ + { + Name: "ta-internal", + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: "test-targetallocator", + }, + Items: []corev1.KeyToPath{ + { + Key: "targetallocator.yaml", + Path: "targetallocator.yaml", + }, + }, + }, + }, + }, + { + Name: "test-ta-server-cert", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: "test-ta-server-cert", + }, + }, + }, + }, + Containers: []corev1.Container{ + { + Name: "ta-container", + Image: "default-ta-allocator", + Env: []corev1.EnvVar{ + { + Name: "OTELCOL_NAMESPACE", + ValueFrom: &corev1.EnvVarSource{ + FieldRef: &corev1.ObjectFieldSelector{ + FieldPath: "metadata.namespace", + }, + }, + }, + }, + Ports: []corev1.ContainerPort{ + { + Name: "http", + HostPort: 0, + ContainerPort: 8080, + Protocol: "TCP", + }, + { + Name: "https", + HostPort: 0, + ContainerPort: 8443, + Protocol: "TCP", + }, + }, + VolumeMounts: []corev1.VolumeMount{ + { + Name: "ta-internal", + MountPath: "/conf", + }, + { + Name: "test-ta-server-cert", + MountPath: "/tls", + }, + }, + LivenessProbe: &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/livez", + Port: intstr.FromInt(8080), + }, + }, + }, + ReadinessProbe: &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/readyz", + Port: intstr.FromInt(8080), + }, + }, + }, + }, + }, + DNSPolicy: "ClusterFirst", + DNSConfig: &corev1.PodDNSConfig{}, + ShareProcessNamespace: ptr.To(false), + ServiceAccountName: "test-targetallocator", + }, + }, + }, + }, + &corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-targetallocator", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-targetallocator", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + }, + }, + &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-targetallocator", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-targetallocator", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: nil, + }, + Spec: corev1.ServiceSpec{ + Ports: []corev1.ServicePort{ + { + Name: "targetallocation", + Port: 80, + TargetPort: intstr.IntOrString{ + Type: 1, + StrVal: "http", + }, + }, + { + Name: "targetallocation-https", + Port: 443, + TargetPort: intstr.IntOrString{ + Type: 1, + StrVal: "https", + }, + }, + }, + Selector: taSelectorLabels, + }, + }, + &policyV1.PodDisruptionBudget{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-targetallocator", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-targetallocator", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + Annotations: map[string]string{ + "opentelemetry-targetallocator-config/hash": "f1ce0fdbf69924576576d1d6eb2a3cc91a3f72675b3facbb36702d57027bc6ae", + }, + }, + Spec: policyV1.PodDisruptionBudgetSpec{ + Selector: &v1.LabelSelector{ + MatchLabels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-targetallocator", + "app.kubernetes.io/part-of": "opentelemetry", + }, + }, + MaxUnavailable: &intstr.IntOrString{ + Type: intstr.Int, + IntVal: 1, + }, + }, + }, + &cmv1.Issuer{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-self-signed-issuer", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-self-signed-issuer", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + }, + Spec: cmv1.IssuerSpec{ + IssuerConfig: cmv1.IssuerConfig{ + SelfSigned: &cmv1.SelfSignedIssuer{ + CRLDistributionPoints: nil, + }, + }, + }, + }, + &cmv1.Certificate{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-ca-cert", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-ca-cert", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + }, + Spec: cmv1.CertificateSpec{ + Subject: &cmv1.X509Subject{ + OrganizationalUnits: []string{"opentelemetry-operator"}, + }, + CommonName: "test-ca-cert", + IsCA: true, + SecretName: "test-ca-cert", + IssuerRef: cmmetav1.ObjectReference{ + Name: "test-self-signed-issuer", + Kind: "Issuer", + }, + }, + }, + &cmv1.Issuer{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-ca-issuer", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-ca-issuer", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + }, + Spec: cmv1.IssuerSpec{ + IssuerConfig: cmv1.IssuerConfig{ + CA: &cmv1.CAIssuer{ + SecretName: "test-ca-cert", + }, + }, + }, + }, + &cmv1.Certificate{ + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-ta-server-cert", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-ta-server-cert", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + }, + Spec: cmv1.CertificateSpec{ + Subject: &cmv1.X509Subject{ + OrganizationalUnits: []string{"opentelemetry-operator"}, + }, + DNSNames: []string{ + "test-targetallocator", + "test-targetallocator.test.svc", + "test-targetallocator.test.svc.cluster.local", + }, + SecretName: "test-ta-server-cert", + IssuerRef: cmmetav1.ObjectReference{ + Name: "test-ca-issuer", + Kind: "Issuer", + }, + Usages: []cmv1.KeyUsage{ + "client auth", + "server auth", + }, + }, + }, + &cmv1.Certificate{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-ta-client-cert", + Namespace: "test", + Labels: map[string]string{ + "app.kubernetes.io/component": "opentelemetry-targetallocator", + "app.kubernetes.io/instance": "test.test", + "app.kubernetes.io/managed-by": "opentelemetry-operator", + "app.kubernetes.io/name": "test-ta-client-cert", + "app.kubernetes.io/part-of": "opentelemetry", + "app.kubernetes.io/version": "latest", + }, + }, + Spec: cmv1.CertificateSpec{ + Subject: &cmv1.X509Subject{ + OrganizationalUnits: []string{"opentelemetry-operator"}, + }, + DNSNames: []string{ + "test-targetallocator", + "test-targetallocator.test.svc", + "test-targetallocator.test.svc.cluster.local", + }, + SecretName: "test-ta-client-cert", + IssuerRef: cmmetav1.ObjectReference{ + Name: "test-ca-issuer", + Kind: "Issuer", + }, + Usages: []cmv1.KeyUsage{ + "client auth", + "server auth", + }, + }, + }, + }, + wantErr: false, + opts: []config.Option{ + config.WithCertManagerAvailability(certmanager.Available), + }, + featuregates: []string{"operator.targetallocator.mtls"}, + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - cfg := config.New( + opts := []config.Option{ config.WithCollectorImage("default-collector"), config.WithTargetAllocatorImage("default-ta-allocator"), + } + opts = append(opts, tt.opts...) + cfg := config.New( + opts..., ) params := manifests.Params{ Log: logr.Discard(), diff --git a/internal/manifests/collector/volume_test.go b/internal/manifests/collector/volume_test.go index 06832e6314..03747d519e 100644 --- a/internal/manifests/collector/volume_test.go +++ b/internal/manifests/collector/volume_test.go @@ -18,12 +18,17 @@ import ( "testing" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + colfg "go.opentelemetry.io/collector/featuregate" corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" . "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) func TestVolumeNewDefault(t *testing.T) { @@ -89,3 +94,50 @@ func TestVolumeWithMoreConfigMaps(t *testing.T) { assert.Equal(t, "configmap-configmap-test", volumes[1].Name) assert.Equal(t, "configmap-configmap-test2", volumes[2].Name) } + +func TestVolumeWithTargetAllocatorMTLS(t *testing.T) { + t.Run("CertManager available and EnableTargetAllocatorMTLS enabled", func(t *testing.T) { + otelcol := v1beta1.OpenTelemetryCollector{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-collector", + }, + } + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + require.NoError(t, err) + + volumes := Volumes(cfg, otelcol) + + expectedVolume := corev1.Volume{ + Name: naming.TAClientCertificate(otelcol.Name), + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: naming.TAClientCertificateSecretName(otelcol.Name), + }, + }, + } + assert.Contains(t, volumes, expectedVolume) + }) + + t.Run("CertManager not available", func(t *testing.T) { + otelcol := v1beta1.OpenTelemetryCollector{} + cfg := config.New(config.WithCertManagerAvailability(certmanager.NotAvailable)) + + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + require.NoError(t, err) + + volumes := Volumes(cfg, otelcol) + assert.NotContains(t, volumes, corev1.Volume{Name: naming.TAClientCertificate(otelcol.Name)}) + }) + + t.Run("EnableTargetAllocatorMTLS disabled", func(t *testing.T) { + otelcol := v1beta1.OpenTelemetryCollector{} + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + volumes := Volumes(cfg, otelcol) + assert.NotContains(t, volumes, corev1.Volume{Name: naming.TAClientCertificate(otelcol.Name)}) + }) +} diff --git a/internal/manifests/targetallocator/configmap_test.go b/internal/manifests/targetallocator/configmap_test.go index cfa45feb8c..0837ea2074 100644 --- a/internal/manifests/targetallocator/configmap_test.go +++ b/internal/manifests/targetallocator/configmap_test.go @@ -23,10 +23,13 @@ import ( "github.com/mitchellh/mapstructure" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + colfg "go.opentelemetry.io/collector/featuregate" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) func TestDesiredConfigMap(t *testing.T) { @@ -226,6 +229,61 @@ prometheus_cr: }) + t.Run("should return expected target allocator config map with HTTPS configuration", func(t *testing.T) { + expectedLabels["app.kubernetes.io/component"] = "opentelemetry-targetallocator" + expectedLabels["app.kubernetes.io/name"] = "my-instance-targetallocator" + + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + require.NoError(t, err) + + testParams := Params{ + Collector: collector, + TargetAllocator: targetAllocator, + Config: cfg, + } + + expectedData := map[string]string{ + targetAllocatorFilename: `allocation_strategy: consistent-hashing +collector_selector: + matchlabels: + app.kubernetes.io/component: opentelemetry-collector + app.kubernetes.io/instance: default.my-instance + app.kubernetes.io/managed-by: opentelemetry-operator + app.kubernetes.io/part-of: opentelemetry + matchexpressions: [] +config: + scrape_configs: + - job_name: otel-collector + scrape_interval: 10s + static_configs: + - targets: + - 0.0.0.0:8888 + - 0.0.0.0:9999 +filter_strategy: relabel-config +https: + ca_file_path: /tls/ca.crt + enabled: true + listen_addr: :8443 + tls_cert_file_path: /tls/tls.crt + tls_key_file_path: /tls/tls.key +prometheus_cr: + enabled: true + pod_monitor_selector: null + scrape_interval: 30s + service_monitor_selector: null +`, + } + + actual, err := ConfigMap(testParams) + assert.NoError(t, err) + + assert.Equal(t, "my-instance-targetallocator", actual.Name) + assert.Equal(t, expectedLabels, actual.Labels) + assert.Equal(t, expectedData, actual.Data) + }) } func TestGetScrapeConfigsFromOtelConfig(t *testing.T) { diff --git a/internal/manifests/targetallocator/service.go b/internal/manifests/targetallocator/service.go index 85dc8b2d36..b372cd97a2 100644 --- a/internal/manifests/targetallocator/service.go +++ b/internal/manifests/targetallocator/service.go @@ -38,7 +38,7 @@ func Service(params Params) *corev1.Service { if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { ports = append(ports, corev1.ServicePort{ - Name: "http-metrics", + Name: "targetallocation-https", Port: 443, TargetPort: intstr.FromString("https")}) } diff --git a/internal/manifests/targetallocator/service_test.go b/internal/manifests/targetallocator/service_test.go index f21e0fe5d6..2c0aead766 100644 --- a/internal/manifests/targetallocator/service_test.go +++ b/internal/manifests/targetallocator/service_test.go @@ -18,10 +18,14 @@ import ( "testing" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + colfg "go.opentelemetry.io/collector/featuregate" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/intstr" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) func TestServicePorts(t *testing.T) { @@ -42,3 +46,32 @@ func TestServicePorts(t *testing.T) { assert.Equal(t, ports[0].Port, s.Spec.Ports[0].Port) assert.Equal(t, ports[0].TargetPort, s.Spec.Ports[0].TargetPort) } + +func TestServicePortsWithTargetAllocatorMTLS(t *testing.T) { + targetAllocator := targetAllocatorInstance() + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + require.NoError(t, err) + + params := Params{ + TargetAllocator: targetAllocator, + Config: cfg, + Log: logger, + } + + ports := []v1.ServicePort{ + {Name: "targetallocation", Port: 80, TargetPort: intstr.FromString("http")}, + {Name: "targetallocation-https", Port: 443, TargetPort: intstr.FromString("https")}, + } + + s := Service(params) + + assert.Equal(t, ports[0].Name, s.Spec.Ports[0].Name) + assert.Equal(t, ports[0].Port, s.Spec.Ports[0].Port) + assert.Equal(t, ports[0].TargetPort, s.Spec.Ports[0].TargetPort) + assert.Equal(t, ports[1].Name, s.Spec.Ports[1].Name) + assert.Equal(t, ports[1].Port, s.Spec.Ports[1].Port) + assert.Equal(t, ports[1].TargetPort, s.Spec.Ports[1].TargetPort) +} diff --git a/internal/manifests/targetallocator/volume_test.go b/internal/manifests/targetallocator/volume_test.go index 6d255e849c..898f900924 100644 --- a/internal/manifests/targetallocator/volume_test.go +++ b/internal/manifests/targetallocator/volume_test.go @@ -18,10 +18,16 @@ import ( "testing" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + colfg "go.opentelemetry.io/collector/featuregate" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" + "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) func TestVolumeNewDefault(t *testing.T) { @@ -41,3 +47,58 @@ func TestVolumeNewDefault(t *testing.T) { // check that it's the ta-internal volume, with the config map assert.Equal(t, naming.TAConfigMapVolume(), volumes[0].Name) } + +func TestVolumeWithTargetAllocatorMTLS(t *testing.T) { + t.Run("CertManager available and EnableTargetAllocatorMTLS enabled", func(t *testing.T) { + ta := v1alpha1.TargetAllocator{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-targetallocator", + }, + } + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + require.NoError(t, err) + + volumes := Volumes(cfg, ta) + + expectedVolume := corev1.Volume{ + Name: naming.TAServerCertificate(ta.Name), + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: naming.TAServerCertificateSecretName(ta.Name), + }, + }, + } + assert.Contains(t, volumes, expectedVolume) + }) + + t.Run("CertManager not available", func(t *testing.T) { + ta := v1alpha1.TargetAllocator{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-targetallocator", + }, + } + cfg := config.New(config.WithCertManagerAvailability(certmanager.NotAvailable)) + + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + require.NoError(t, err) + + volumes := Volumes(cfg, ta) + assert.NotContains(t, volumes, corev1.Volume{Name: naming.TAServerCertificate(ta.Name)}) + }) + + t.Run("EnableTargetAllocatorMTLS disabled", func(t *testing.T) { + ta := v1alpha1.TargetAllocator{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-targetallocator", + }, + } + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + volumes := Volumes(cfg, ta) + assert.NotContains(t, volumes, corev1.Volume{Name: naming.TAServerCertificate(ta.Name)}) + }) +} diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-assert.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-assert.yaml index c5ef31e070..e4f67bf8d4 100644 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-assert.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/01-assert.yaml @@ -1,3 +1,26 @@ +apiVersion: v1 +kind: Secret +metadata: + name: metrics-app-secret +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: metrics-app + labels: + app: metrics-app +status: + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +--- +apiVersion: v1 +kind: Service +metadata: + name: metrics-service + labels: + app: metrics-app +--- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: From 17ff5645bc8b8bf160fb64882ccc6b5c7ac502d6 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Tue, 3 Sep 2024 16:32:17 +0300 Subject: [PATCH 83/88] Added missing assertion call --- .../e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml index 1004298cb6..6db3baf206 100755 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/chainsaw-test.yaml @@ -20,6 +20,8 @@ spec: try: - apply: file: 01-install.yaml + - assert: + file: 01-assert.yaml - name: step-02 try: - apply: From 7a8e8dd502d541917fa98745ad6f48b111faf206 Mon Sep 17 00:00:00 2001 From: ItielOlenick <67790309+ItielOlenick@users.noreply.github.com> Date: Tue, 10 Sep 2024 09:51:59 +0200 Subject: [PATCH 84/88] Update 00-install.yaml Removed collector image override for e2e test --- tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml index ccbe39094f..5d0359b079 100644 --- a/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml +++ b/tests/e2e-ta-collector-mtls/ta-collector-mtls/00-install.yaml @@ -132,8 +132,6 @@ kind: OpenTelemetryCollector metadata: name: prometheus-cr spec: - # Can be removed once operator is updated to use opentelemetry-collector-contrib:0.108.0 - image: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-contrib:0.108.0 config: | receivers: prometheus: @@ -186,4 +184,4 @@ spec: volumes: - name: tls-secret secret: - secretName: prometheus-cr-ta-client-cert \ No newline at end of file + secretName: prometheus-cr-ta-client-cert From e8f7ae2e1c6d281d6bbd423d9844c0ced91bd278 Mon Sep 17 00:00:00 2001 From: ItielOlenick <67790309+ItielOlenick@users.noreply.github.com> Date: Tue, 10 Sep 2024 10:01:29 +0200 Subject: [PATCH 85/88] Update pkg/featuregate/featuregate.go MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Mikołaj Świątek --- pkg/featuregate/featuregate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/featuregate/featuregate.go b/pkg/featuregate/featuregate.go index f6aa19b769..ad1792f851 100644 --- a/pkg/featuregate/featuregate.go +++ b/pkg/featuregate/featuregate.go @@ -45,7 +45,7 @@ var ( "operator.targetallocator.mtls", featuregate.StageAlpha, featuregate.WithRegisterDescription("enables mTLS between the target allocator and the collector"), - featuregate.WithRegisterFromVersion("v0.108.0"), + featuregate.WithRegisterFromVersion("v0.109.0"), ) ) From 27b887c19a9cb9d901aa63cad7cded9b69c62f9d Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Wed, 25 Sep 2024 15:00:15 +0300 Subject: [PATCH 86/88] Minor fixes --- go.mod | 3 +-- .../adapters/config_to_prom_config_test.go | 3 +-- .../manifests/targetallocator/targetallocator.go | 12 +++++++----- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 0175a67821..2fe85566d0 100644 --- a/go.mod +++ b/go.mod @@ -50,11 +50,10 @@ require ( k8s.io/kubectl v0.31.1 k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 sigs.k8s.io/controller-runtime v0.19.0 + sigs.k8s.io/gateway-api v1.0.0 // indirect sigs.k8s.io/yaml v1.4.0 ) -require sigs.k8s.io/gateway-api v1.0.0 // indirect - require ( cloud.google.com/go/auth v0.7.0 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.2 // indirect diff --git a/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go b/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go index 097f6053ed..b06d1ed67a 100644 --- a/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go +++ b/internal/manifests/targetallocator/adapters/config_to_prom_config_test.go @@ -539,7 +539,6 @@ func TestAddTAConfigToPromConfigWithTLSConfig(t *testing.T) { } taServiceName := "test-targetallocator" - taServiceNamespace := "default" expectedResult := map[interface{}]interface{}{ "config": map[interface{}]interface{}{}, @@ -555,7 +554,7 @@ func TestAddTAConfigToPromConfigWithTLSConfig(t *testing.T) { }, } - result, err := ta.AddTAConfigToPromConfig(cfg, taServiceName, taServiceNamespace, ta.WithTLSConfig("ca.crt", "tls.crt", "tls.key", taServiceName)) + result, err := ta.AddTAConfigToPromConfig(cfg, taServiceName, ta.WithTLSConfig("ca.crt", "tls.crt", "tls.key", taServiceName)) assert.NoError(t, err) assert.Equal(t, expectedResult, result) diff --git a/internal/manifests/targetallocator/targetallocator.go b/internal/manifests/targetallocator/targetallocator.go index 42c5ef54af..21b00eebc8 100644 --- a/internal/manifests/targetallocator/targetallocator.go +++ b/internal/manifests/targetallocator/targetallocator.go @@ -48,11 +48,13 @@ func Build(params Params) ([]client.Object, error) { } if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { - resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(SelfSignedIssuer)) - resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(CACertificate)) - resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(CAIssuer)) - resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(ServingCertificate)) - resourceFactories = append(resourceFactories, manifests.FactoryWithoutError(ClientCertificate)) + resourceFactories = append(resourceFactories, + manifests.FactoryWithoutError(SelfSignedIssuer), + manifests.FactoryWithoutError(CACertificate), + manifests.FactoryWithoutError(CAIssuer), + manifests.FactoryWithoutError(ServingCertificate), + manifests.FactoryWithoutError(ClientCertificate), + ) } for _, factory := range resourceFactories { From f14821f06273d5e7b1ab33d8668b38df2fc7840f Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Wed, 25 Sep 2024 15:33:06 +0300 Subject: [PATCH 87/88] Fixed tests referencing logging exporter --- controllers/builder_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/controllers/builder_test.go b/controllers/builder_test.go index 5ed801d9ce..eb4566cfb0 100644 --- a/controllers/builder_test.go +++ b/controllers/builder_test.go @@ -2249,7 +2249,7 @@ prometheus_cr: "app.kubernetes.io/version": "latest", }, Annotations: map[string]string{ - "opentelemetry-operator-config/sha256": "39cae697770f9d7e183e8fa9ba56043315b62e19c7231537870acfaaabc30a43", + "opentelemetry-operator-config/sha256": "42773025f65feaf30df59a306a9e38f1aaabe94c8310983beaddb7f648d699b0", "prometheus.io/path": "/metrics", "prometheus.io/port": "8888", "prometheus.io/scrape": "true", @@ -2379,7 +2379,7 @@ prometheus_cr: Annotations: map[string]string{}, }, Data: map[string]string{ - "collector.yaml": "exporters:\n logging: null\nreceivers:\n prometheus:\n config: {}\n target_allocator:\n collector_id: ${POD_NAME}\n endpoint: https://test-targetallocator:443\n interval: 30s\n tls:\n ca_file: /tls/ca.crt\n cert_file: /tls/tls.crt\n key_file: /tls/tls.key\nservice:\n pipelines:\n metrics:\n exporters:\n - logging\n receivers:\n - prometheus\n", + "collector.yaml": "exporters:\n debug: null\nreceivers:\n prometheus:\n config: {}\n target_allocator:\n collector_id: ${POD_NAME}\n endpoint: https://test-targetallocator:443\n interval: 30s\n tls:\n ca_file: /tls/ca.crt\n cert_file: /tls/tls.crt\n key_file: /tls/tls.key\nservice:\n pipelines:\n metrics:\n exporters:\n - debug\n receivers:\n - prometheus\n", }, }, &corev1.ServiceAccount{ From 9f16d571998b4e19d7cfae11479a67a006186367 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Wed, 25 Sep 2024 21:29:06 +0300 Subject: [PATCH 88/88] Moved mTLS file naming consts --- internal/manifests/collector/configmap.go | 7 +++--- internal/manifests/collector/container.go | 4 ++-- .../manifests/collector/container_test.go | 4 ++-- internal/manifests/manifestutils/utils.go | 22 ------------------- .../manifests/targetallocator/configmap.go | 7 +++--- .../manifests/targetallocator/container.go | 4 ++-- .../targetallocator/container_test.go | 4 ++-- pkg/constants/env.go | 5 +++++ 8 files changed, 21 insertions(+), 36 deletions(-) delete mode 100644 internal/manifests/manifestutils/utils.go diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index f6adbbdb9a..b611dea178 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -25,6 +25,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" ta "github.com/open-telemetry/opentelemetry-operator/internal/manifests/targetallocator/adapters" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/constants" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -46,9 +47,9 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig( - filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), - filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), - filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSKeyFileName), + filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorCAFileName), + filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorTLSCertFileName), + filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorTLSKeyFileName), naming.TAService(params.OtelCol.Name)), ) } diff --git a/internal/manifests/collector/container.go b/internal/manifests/collector/container.go index b595e331f9..e7b131d571 100644 --- a/internal/manifests/collector/container.go +++ b/internal/manifests/collector/container.go @@ -29,8 +29,8 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector/adapters" - "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/constants" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -97,7 +97,7 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme volumeMounts = append(volumeMounts, corev1.VolumeMount{ Name: naming.TAClientCertificate(otelcol.Name), - MountPath: manifestutils.TLSDirPath, + MountPath: constants.TACollectorTLSDirPath, }) } diff --git a/internal/manifests/collector/container_test.go b/internal/manifests/collector/container_test.go index 39a9cd808d..3f48fc26da 100644 --- a/internal/manifests/collector/container_test.go +++ b/internal/manifests/collector/container_test.go @@ -30,8 +30,8 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" . "github.com/open-telemetry/opentelemetry-operator/internal/manifests/collector" - "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/constants" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -881,6 +881,6 @@ func TestContainerWithCertManagerAvailable(t *testing.T) { // verify assert.Contains(t, c.VolumeMounts, corev1.VolumeMount{ Name: naming.TAClientCertificate(""), - MountPath: manifestutils.TLSDirPath, + MountPath: constants.TACollectorTLSDirPath, }) } diff --git a/internal/manifests/manifestutils/utils.go b/internal/manifests/manifestutils/utils.go deleted file mode 100644 index 7fdb0ef1c3..0000000000 --- a/internal/manifests/manifestutils/utils.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright The OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package manifestutils - -const ( - TLSDirPath = "/tls" - CAFileName = "ca.crt" - TLSKeyFileName = "tls.key" - TLSCertFileName = "tls.crt" -) diff --git a/internal/manifests/targetallocator/configmap.go b/internal/manifests/targetallocator/configmap.go index 36439cd024..b17df29151 100644 --- a/internal/manifests/targetallocator/configmap.go +++ b/internal/manifests/targetallocator/configmap.go @@ -28,6 +28,7 @@ import ( "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/manifests/targetallocator/adapters" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/constants" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -110,9 +111,9 @@ func ConfigMap(params Params) (*corev1.ConfigMap, error) { taConfig["https"] = map[string]interface{}{ "enabled": true, "listen_addr": ":8443", - "ca_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.CAFileName), - "tls_cert_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSCertFileName), - "tls_key_file_path": filepath.Join(manifestutils.TLSDirPath, manifestutils.TLSKeyFileName), + "ca_file_path": filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorCAFileName), + "tls_cert_file_path": filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorTLSCertFileName), + "tls_key_file_path": filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorTLSKeyFileName), } } diff --git a/internal/manifests/targetallocator/container.go b/internal/manifests/targetallocator/container.go index 7fc472b3db..f1e5e78bbc 100644 --- a/internal/manifests/targetallocator/container.go +++ b/internal/manifests/targetallocator/container.go @@ -26,8 +26,8 @@ import ( "github.com/open-telemetry/opentelemetry-operator/apis/v1alpha1" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" - "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/constants" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -138,7 +138,7 @@ func Container(cfg config.Config, logger logr.Logger, instance v1alpha1.TargetAl }) volumeMounts = append(volumeMounts, corev1.VolumeMount{ Name: naming.TAServerCertificate(instance.Name), - MountPath: manifestutils.TLSDirPath, + MountPath: constants.TACollectorTLSDirPath, }) } diff --git a/internal/manifests/targetallocator/container_test.go b/internal/manifests/targetallocator/container_test.go index 65b79f6ff7..7ce57d4257 100644 --- a/internal/manifests/targetallocator/container_test.go +++ b/internal/manifests/targetallocator/container_test.go @@ -30,8 +30,8 @@ import ( "github.com/open-telemetry/opentelemetry-operator/apis/v1beta1" "github.com/open-telemetry/opentelemetry-operator/internal/autodetect/certmanager" "github.com/open-telemetry/opentelemetry-operator/internal/config" - "github.com/open-telemetry/opentelemetry-operator/internal/manifests/manifestutils" "github.com/open-telemetry/opentelemetry-operator/internal/naming" + "github.com/open-telemetry/opentelemetry-operator/pkg/constants" "github.com/open-telemetry/opentelemetry-operator/pkg/featuregate" ) @@ -409,7 +409,7 @@ func TestContainerWithCertManagerAvailable(t *testing.T) { assert.Contains(t, c.VolumeMounts, corev1.VolumeMount{ Name: naming.TAServerCertificate(""), - MountPath: manifestutils.TLSDirPath, + MountPath: constants.TACollectorTLSDirPath, }) } diff --git a/pkg/constants/env.go b/pkg/constants/env.go index 45d0a82982..a3e6922c4a 100644 --- a/pkg/constants/env.go +++ b/pkg/constants/env.go @@ -46,4 +46,9 @@ const ( FlagNginx = "enable-nginx-instrumentation" FlagNodeJS = "enable-nodejs-instrumentation" FlagJava = "enable-java-instrumentation" + + TACollectorTLSDirPath = "/tls" + TACollectorCAFileName = "ca.crt" + TACollectorTLSKeyFileName = "tls.key" + TACollectorTLSCertFileName = "tls.crt" )