Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mount telemetryService.TlsRefName secret to OtelC POD #4412

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Mount telemetryService.TlsRefName secret to OtelC POD #4412

wants to merge 1 commit into from
+111 −14

Conversation

aorcholski
Copy link
Contributor

JIRA

Description

Mounts TLS secret to OtelC POD.

extensions-collector POD is restarted if the secret is changed (added ts-secret-hash template annotation).

How can this be tested?

  1. unittests
  2. dynakube

create secret

openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out crt.pem -days 5 -subj "/CN=test"
kctl create secret tls ts --cert=crt.pem --key=key.pem

deploy dynakube

  apiUrl: ...
  activeGate:
    capabilities:
    - kubernetes-monitoring
  extensions: {}
  customPullSecret: ...
  telemetryService:
    tlsRefName: ts
  templates:
    extensionExecutionController:
      imageRef:
        repository: ...
        tag: ...

check dynakube-extensions-collector-0 spec.volumes

@aorcholski aorcholski marked this pull request as ready for review February 5, 2025 10:39
@aorcholski aorcholski requested a review from a team as a code owner February 5, 2025 10:39
@aorcholski aorcholski added the core Changes to core functionality of the Operator label Feb 5, 2025
@aorcholski aorcholski force-pushed the feature/otelc-tls-mount branch from e20e9b2 to 91eb61e Compare February 5, 2025 10:40
@codecov-commenter
Copy link

codecov-commenter commented Feb 5, 2025
edited
Loading

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

Attention: Patch coverage is 82.60870% with 8 lines in your changes missing coverage. Please review.

Project coverage is 64.43%. Comparing base (fcac2b4) to head (a64df72).

Files with missing lines Patch % Lines
...ntrollers/dynakube/otelc/statefulset/reconciler.go 55.55% 6 Missing and 2 partials ⚠️

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4412      +/-   ##
==========================================
+ Coverage   64.37%   64.43%   +0.05%     
==========================================
  Files         402      402              
  Lines       26562    26602      +40     
==========================================
+ Hits        17100    17141      +41     
+ Misses       8151     8148       -3     
- Partials     1311     1313       +2
Flag Coverage Δ
unittests 64.43% <82.60%> (+0.05%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@aorcholski aorcholski force-pushed the feature/otelc-tls-mount branch from 91eb61e to f38b4b0 Compare February 5, 2025 10:44
@aorcholski aorcholski force-pushed the feature/otelc-tls-mount branch from f38b4b0 to a64df72 Compare February 5, 2025 14:15
StefanHauth
StefanHauth requested changes Feb 5, 2025
View reviewed changes
pkg/api/consts.go
RawTag = "raw"
InternalFlagPrefix = "internal.operator.dynatrace.com/"
AnnotationSecretHash = InternalFlagPrefix + "secret-hash"
AnnotationTelemetryServiceSecretHash = InternalFlagPrefix + "ts-secret-hash"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
AnnotationTelemetryServiceSecretHash = InternalFlagPrefix + "ts-secret-hash"
AnnotationTelemetryServiceSecretHash = InternalFlagPrefix + "telemetry-service-secret-hash"

pkg/controllers/dynakube/otelc/statefulset/reconciler.go
@@ -127,24 +127,42 @@ func (r *Reconciler) buildTemplateAnnotations(ctx context.Context) (map[string]s
templateAnnotations = r.dk.Spec.Templates.OpenTelemetryCollector.Annotations
}

tlsSecretHash, err := r.calculateSecretHash(ctx, r.dk.ExtensionsTLSSecretName())
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be also conditional, only if extension are enabled?

pkg/api/consts.go
LatestTag = "latest"
RawTag = "raw"
InternalFlagPrefix = "internal.operator.dynatrace.com/"
AnnotationSecretHash = InternalFlagPrefix + "secret-hash"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
AnnotationSecretHash = InternalFlagPrefix + "secret-hash"
AnnotationExtensionsSecretHash = InternalFlagPrefix + "extensions-secret-hash"

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1 to this, as it is only used for extensions

maybe the location of the const is not the best(veeery general location)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@StefanHauth StefanHauth StefanHauth requested changes

@andriisoldatenko andriisoldatenko Awaiting requested review from andriisoldatenko andriisoldatenko is a code owner automatically assigned from Dynatrace/kubernetes-operator

@gkrenn gkrenn Awaiting requested review from gkrenn gkrenn is a code owner automatically assigned from Dynatrace/kubernetes-operator

@0sewa0 0sewa0 Awaiting requested review from 0sewa0 0sewa0 is a code owner automatically assigned from Dynatrace/kubernetes-operator

@chrismuellner chrismuellner Awaiting requested review from chrismuellner chrismuellner is a code owner automatically assigned from Dynatrace/kubernetes-operator

@waodim waodim Awaiting requested review from waodim waodim is a code owner automatically assigned from Dynatrace/kubernetes-operator

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
core Changes to core functionality of the Operator
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@aorcholski @codecov-commenter @0sewa0 @StefanHauth