diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml new file mode 100644 index 0000000..49bdbcb --- /dev/null +++ b/.github/workflows/artifacts.yaml @@ -0,0 +1,145 @@ +name: Artifacts + +on: + workflow_call: + inputs: + publish: + description: Publish artifacts to the artifact store + default: false + required: false + type: boolean + release: + description: Whether this is a release build + default: false + required: false + type: boolean + outputs: + container-image-name: + description: Container image name + value: ${{ jobs.container-image.outputs.name }} + container-image-digest: + description: Container image digest + value: ${{ jobs.container-image.outputs.digest }} + container-image-tag: + description: Container image tag + value: ${{ jobs.container-image.outputs.tag }} + container-image-ref: + description: Container image ref + value: ${{ jobs.container-image.outputs.ref }} + +permissions: + contents: read + +jobs: + container-image: + name: Container image + runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + id-token: write + security-events: write + + outputs: + name: ${{ steps.image-name.outputs.value }} + digest: ${{ steps.build.outputs.digest }} + tag: ${{ steps.meta.outputs.version }} + ref: ${{ steps.image-ref.outputs.value }} + + steps: + - name: Checkout repository + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1 + + - name: Set image name + id: image-name + run: echo "value=ghcr.io/${{ github.repository }}" >> "$GITHUB_OUTPUT" + + - name: Gather build metadata + id: meta + uses: docker/metadata-action@818d4b7b91585d195f67373fd9cb0332e31a7175 # v4.6.0 + with: + images: ${{ steps.image-name.outputs.value }} + flavor: | + latest = false + tags: | + type=ref,event=branch + type=ref,event=pr,prefix=pr- + type=semver,pattern={{raw}} + type=raw,value=latest,enable={{is_default_branch}} + labels: | + org.opencontainers.image.description=Telemetry controller + org.opencontainers.image.title=Telemetry controller + org.opencontainers.image.authors=Kube logging authors + org.opencontainers.image.documentation=https://todo.docs + + + # Multiple exporters are not supported yet + # See https://github.com/moby/buildkit/pull/2760 + - name: Determine build output + uses: haya14busa/action-cond@1d6e8a12b20cdb4f1954feef9aa475b9c390cab5 # v1.1.1 + id: build-output + with: + cond: ${{ inputs.publish }} + if_true: type=image,push=true + if_false: type=oci,dest=image.tar + + - name: Login to GitHub Container Registry + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ github.token }} + if: inputs.publish + + - name: Build and push image + id: build + uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1 + with: + context: . + platforms: linux/amd64,linux/arm64,linux/arm/v7 + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + outputs: ${{ steps.build-output.outputs.value }},name=target,annotation-index.org.opencontainers.image.description=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.description'] }} + # push: ${{ inputs.publish }} + + - name: Set image ref + id: image-ref + run: echo "value=${{ steps.image-name.outputs.value }}@${{ steps.build.outputs.digest }}" >> "$GITHUB_OUTPUT" + + - name: Fetch image + run: skopeo --insecure-policy copy docker://${{ steps.image-name.outputs.value }}:${{ steps.meta.outputs.version }} oci-archive:image.tar + if: inputs.publish + + - name: Extract OCI tarball + run: | + mkdir -p image + tar -xf image.tar -C image + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca # 0.16.1 + with: + input: image + format: sarif + output: trivy-results.sarif + + - name: Upload Trivy scan results as artifact + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + with: + name: "[${{ github.job }}] Trivy scan results" + path: trivy-results.sarif + retention-days: 5 + + # TODO: Enable it once it can successfully run + # - name: Upload Trivy scan results to GitHub Security tab + # uses: github/codeql-action/upload-sarif@6b5b95806324a3ee7e164709fbfc152595556fe9 # v2.16.1 + # with: + # sarif_file: trivy-results.sarif diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..28e2315 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,90 @@ +name: CI + +on: + push: + branches: + - main + - "release-[0-9]+.[0-9]+*" + + pull_request: + +jobs: + test: + name: Test + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: '1.21' + + - name: Check diff + run: make check-diff + + - name: Test + run: make test + + lint: + name: Lint + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: '1.21' + + - name: Lint + run: make lint + env: + LINTER_FLAGS: '--timeout 5m' + + license-check: + name: License check + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: '1.21' + + - name: Cache licenses + uses: actions/cache@v3 + with: + key: licensei-v2-${{ hashFiles('go.sum') }} + path: | + .licensei.cache + restore-keys: | + licensei-v2 + + - name: Download license information for dependencies + env: + GITHUB_TOKEN: ${{ github.token }} + run: make license-cache + + - name: Check licenses + env: + GITHUB_TOKEN: ${{ github.token }} + run: make license-check + + artifacts: + name: Artifacts + uses: ./.github/workflows/artifacts.yaml + with: + publish: ${{ github.event_name == 'push' }} + permissions: + contents: read + packages: write + id-token: write + security-events: write \ No newline at end of file diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml new file mode 100644 index 0000000..58473b6 --- /dev/null +++ b/.github/workflows/e2e.yaml @@ -0,0 +1,166 @@ +name: E2E tests + +on: + push: + branches: + - master + - "release-[0-9]+.[0-9]+*" + pull_request: + +env: + GO_VERSION: '1.21.5' + KUBECTL_VERSION: 'v1.24.1' + +jobs: + build: + name: Image build + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Build and export + uses: docker/build-push-action@v4 + with: + context: . + tags: controller:latest + cache-from: type=gha + cache-to: type=gha,mode=max + outputs: type=docker,dest=/tmp/controller.tar + + - name: Upload artifact + uses: actions/upload-artifact@v3 + with: + name: controller + path: /tmp/controller.tar + + go: + name: Go end2end tests + runs-on: ubuntu-latest + needs: build + strategy: + fail-fast: false +# matrix: +# SHARD: [0] +# SHARDS: [1] + + steps: + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Download artifact + uses: actions/download-artifact@v3 + with: + name: controller + path: /tmp + + - name: Load image + run: | + docker load --input /tmp/controller.tar + docker image ls -a + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: ${{ env.GO_VERSION }} + + - name: Set up kubectl + uses: azure/setup-kubectl@v3 + with: + version: ${{ env.KUBECTL_VERSION }} + + - name: Checkout code + uses: actions/checkout@v3 + + - name: Run e2e tests + run: make e2e-test-ci +# env: +# SHARD: ${{ matrix.SHARD }} +# SHARDS: ${{ matrix.SHARDS }} + + - name: Archive Test Results + if: always() + uses: actions/upload-artifact@v3 + with: + name: go-e2e-test-cluster-logs + path: build/_test + retention-days: 5 + + e2e-test: + name: Shell script tests with different k8s versions + runs-on: ubuntu-latest + needs: build + strategy: + fail-fast: false + matrix: + kube: ["1.26", "1.27", "1.28", "1.29"] + + steps: + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Download artifact + uses: actions/download-artifact@v3 + with: + name: controller + path: /tmp + + - name: Load image + run: | + docker load --input /tmp/controller.tar + docker image ls -a + + - name: Set up kubectl + uses: azure/setup-kubectl@v3 + with: + version: ${{ env.KUBECTL_VERSION }} + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: ${{ env.GO_VERSION }} + + - name: Checkout code + uses: actions/checkout@v3 + + # See https://github.com/kubernetes-sigs/kind/releases/tag/v0.20.0 + - name: Determine KinD node image version + id: node_image + run: | + case ${{ matrix.kube }} in + 1.26) + NODE_IMAGE=kindest/node:v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb ;; + 1.27) + NODE_IMAGE=kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 ;; + 1.28) + NODE_IMAGE=kindest/node:v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31 ;; + 1.29) + NODE_IMAGE=kindest/node:v1.29.0@sha256:eaa1450915475849a73a9227b8f201df25e55e268e5d619312131292e324d570 ;; + esac + + echo "image=$NODE_IMAGE" >> $GITHUB_OUTPUT + + - name: Make setup + run: make kind-cluster stern + env: + KIND_IMAGE: ${{ steps.node_image.outputs.image }} + + - name: Test script for E2E + run: make e2e-test-ci + + - name: Print last 10k kubernetes logs from default, collector and example-tenant-ns namespaces + if: always() + run: | + mkdir -p build/_test + bin/stern -n default,collector,example-tenant-ns ".*" --tail 100000 --no-follow > build/_test/cluster.logs + + - name: Archive Test Results + if: always() + uses: actions/upload-artifact@v3 + with: + name: script-e2e-test-cluster-logs + path: build/_test + retention-days: 5 diff --git a/.licensei.toml b/.licensei.toml new file mode 100644 index 0000000..c38905d --- /dev/null +++ b/.licensei.toml @@ -0,0 +1,36 @@ +approved = [ + "mit", + "mit-0", + "apache-2.0", + "bsd-3-clause", + "bsd-2-clause", + "mpl-2.0", + "isc" +] + +ignored = [ + # Unsupported VCS + "google.golang.org/protobuf", + "github.com/gogo/protobuf", + "sigs.k8s.io/yaml", + "gomodules.xyz/jsonpatch/v2", + "cloud.google.com/go", +] + +[header] +ignorePaths = ["vendor"] +ignoreFiles = ["zz_generated.*.go", "generated.go","cache.go"] +authors = ["Kube logging authors"] +template = """// Copyright © :YEAR: :AUTHOR: +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License.""" diff --git a/Dockerfile b/Dockerfile index c389c09..aa74435 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.20 as builder +FROM golang:1.21 as builder ARG TARGETOS ARG TARGETARCH diff --git a/Makefile b/Makefile index 4f705a6..b87f42e 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,19 @@ # Image URL to use all building/pushing image targets +BIN := ${PWD}/bin + +export PATH := $(BIN):$(PATH) + +GOVERSION := $(shell go env GOVERSION) + +KIND := ${BIN}/kind +KIND_VERSION ?= v0.20.0 +KIND_IMAGE ?= kindest/node:v1.29.0@sha256:eaa1450915475849a73a9227b8f201df25e55e268e5d619312131292e324d570 +KIND_CLUSTER ?= kind + +CI_MODE_ENABLED := "" +NO_KIND_CLEANUP := "" + IMG ?= controller:latest # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.28.0 @@ -22,6 +36,9 @@ CONTAINER_TOOL ?= docker SHELL = /usr/bin/env bash -o pipefail .SHELLFLAGS = -ec +LICENSEI := ${BIN}/licensei +LICENSEI_VERSION = v0.8.0 + .PHONY: all all: build @@ -65,7 +82,7 @@ test: manifests generate fmt vet envtest ## Run tests. KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test -v ./... -coverprofile cover.out GOLANGCI_LINT = $(shell pwd)/bin/golangci-lint -GOLANGCI_LINT_VERSION ?= v1.54.2 +GOLANGCI_LINT_VERSION ?= v1.55.2 golangci-lint: @[ -f $(GOLANGCI_LINT) ] || { \ set -e ;\ @@ -121,7 +138,7 @@ docker-buildx: ## Build and push docker image for the manager for cross-platform ##@ Deployment ifndef ignore-not-found - ignore-not-found = false +ignore-not-found = false endif .PHONY: install @@ -156,7 +173,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest ## Tool Versions KUSTOMIZE_VERSION ?= v5.2.1 -CONTROLLER_TOOLS_VERSION ?= v0.13.0 +CONTROLLER_TOOLS_VERSION ?= v0.14.0 .PHONY: kustomize kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. If wrong version is installed, it will be removed before downloading. @@ -188,5 +205,62 @@ tidy: ## Tidy Go modules find . -iname "go.mod" -not -path "./.devcontainer/*" | xargs -L1 sh -c 'cd $$(dirname $$0); go mod tidy' .PHONY: e2e-test -e2e-test: ## Run e2e tests, make sure subscription operator is running somewhere - cd e2e && timeout --foreground 15m ./e2e_test.sh || (echo "E2E test failed"; exit 1) +e2e-test: ## Run e2e tests + cd e2e && export CI_MODE=$(CI_MODE_ENABLED) NO_KIND_CLEANUP=$(NO_KIND_CLEANUP) && timeout --foreground 15m ./e2e_test.sh || (echo "E2E test failed"; exit 1) + +.PHONY: e2e-test-ci +e2e-test-ci: CI_MODE_ENABLED=1 +e2e-test-ci: NO_KIND_CLEANUP=1 +e2e-test-ci: IMG="controller:latest" ## Run e2e tests, telemetry collector runs inside k8s +e2e-test-ci: docker-build e2e-test + +.PHONY: check-diff +check-diff: generate + git diff --exit-code + +.PHONY: license-check +license-check: ${LICENSEI} .licensei.cache ## Run license check + ${LICENSEI} check + ${LICENSEI} header + +.PHONY: license-cache +license-cache: ${LICENSEI} ## Generate license cache + ${LICENSEI} cache + +stern: | ${BIN} + GOBIN=${BIN} go install github.com/stern/stern@latest + +.PHONY: kind-cluster +kind-cluster: ${KIND} + kind create cluster --name $(KIND_CLUSTER) --image $(KIND_IMAGE) + +## target: ci-run + +${KIND}: ${KIND}_${KIND_VERSION}_${GOVERSION} | ${BIN} + ln -sf $(notdir $<) $@ + +${KIND}_${KIND_VERSION}_${GOVERSION}: IMPORT_PATH := sigs.k8s.io/kind +${KIND}_${KIND_VERSION}_${GOVERSION}: VERSION := ${KIND_VERSION} +${KIND}_${KIND_VERSION}_${GOVERSION}: | ${BIN} + ${go_install_binary} + +${LICENSEI}: ${LICENSEI}_${LICENSEI_VERSION}_${GOVERSION} | ${BIN} + ln -sf $(notdir $<) $@ + +${LICENSEI}_${LICENSEI_VERSION}_${GOVERSION}: IMPORT_PATH := github.com/goph/licensei/cmd/licensei +${LICENSEI}_${LICENSEI_VERSION}_${GOVERSION}: VERSION := ${LICENSEI_VERSION} +${LICENSEI}_${LICENSEI_VERSION}_${GOVERSION}: | ${BIN} + ${go_install_binary} + +.licensei.cache: ${LICENSEI} +ifndef GITHUB_TOKEN + @>&2 echo "WARNING: building licensei cache without Github token, rate limiting might occur." + @>&2 echo "(Hint: If too many licenses are missing, try specifying a Github token via the environment variable GITHUB_TOKEN.)" +endif + ${LICENSEI} cache + +define go_install_binary +find ${BIN} -name '$(notdir ${IMPORT_PATH})_*' -exec rm {} + +GOBIN=${BIN} go install ${IMPORT_PATH}@${VERSION} +mv ${BIN}/$(notdir ${IMPORT_PATH}) $@ +endef diff --git a/api/telemetry/v1alpha1/common.go b/api/telemetry/v1alpha1/common.go index 3368d57..24b27c6 100644 --- a/api/telemetry/v1alpha1/common.go +++ b/api/telemetry/v1alpha1/common.go @@ -1,3 +1,17 @@ +// Copyright © 2023 Kube logging authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package v1alpha1 type NamespacedName struct { diff --git a/api/telemetry/v1alpha1/oteloutput_types.go b/api/telemetry/v1alpha1/oteloutput_types.go index 34d9d90..42f54d4 100644 --- a/api/telemetry/v1alpha1/oteloutput_types.go +++ b/api/telemetry/v1alpha1/oteloutput_types.go @@ -1,18 +1,16 @@ -/* -Copyright 2023. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ +// Copyright © 2023 Kube logging authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. package v1alpha1 diff --git a/api/telemetry/v1alpha1/otlp_config.go b/api/telemetry/v1alpha1/otlp_config.go index 0e2fab4..dd00f04 100644 --- a/api/telemetry/v1alpha1/otlp_config.go +++ b/api/telemetry/v1alpha1/otlp_config.go @@ -1,3 +1,17 @@ +// Copyright © 2023 Kube logging authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package v1alpha1 import ( @@ -95,7 +109,7 @@ type GRPCClientSettings struct { Authority string `json:"authority,omitempty"` // Auth configuration for outgoing RPCs. - Auth string `json:"auth,omitempty"` //TODO this is a refernece *configauth.Authentication + Auth string `json:"auth,omitempty"` //TODO this is a reference *configauth.Authentication } // TLSClientSetting contains TLS configurations that are specific to client diff --git a/cmd/main.go b/cmd/main.go index 6c48ce6..3294704 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -112,7 +112,7 @@ func main() { os.Exit(1) } - setupLog.Info("starting manager") + setupLog.Info("starting telemetry controller manager") if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { setupLog.Error(err, "problem running manager") os.Exit(1) diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 5c5f0b8..ad13e96 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,2 +1,8 @@ resources: - manager.yaml +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +images: +- name: controller + newName: controller + newTag: latest diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index ecd3b66..068ec9a 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -71,6 +71,7 @@ spec: args: - --leader-elect image: controller:latest + imagePullPolicy: IfNotPresent name: manager securityContext: allowPrivilegeEscalation: false diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index b33c4eb..563c762 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -4,10 +4,80 @@ kind: ClusterRole metadata: name: manager-role rules: +- apiGroups: + - "" + resources: + - endpoints + - namespaces + - nodes + - nodes/proxy + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + - pods + - serviceaccounts + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - daemonsets + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opentelemetry.io + resources: + - opentelemetrycollectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - telemetry.kube-logging.dev resources: - collectors + - oteloutputs + - subscriptions + - tenants verbs: - create - delete @@ -26,6 +96,9 @@ rules: - telemetry.kube-logging.dev resources: - collectors/status + - oteloutputs/status + - subscriptions/status + - tenants/status verbs: - get - patch diff --git a/e2e/e2e_test.sh b/e2e/e2e_test.sh index 7535aab..30557ce 100755 --- a/e2e/e2e_test.sh +++ b/e2e/e2e_test.sh @@ -9,7 +9,8 @@ create_if_does_not_exist() { } KIND_CLUSTER_NAME=${KIND_CLUSTER_NAME_E2E:-so-e2e} -# Backup current kubernetes context +NO_KIND_CLEANUP=${NO_KIND_CLEANUP:-} + # Backup current kubernetes context CURRENT_K8S_CTX=$(kubectl config view | grep "current" | cut -f 2 -d : | xargs) # Prepare env @@ -38,8 +39,12 @@ kubectl wait --namespace opentelemetry-operator-system --for=condition=available # Use example kubectl apply -f ../docs/examples/simple-demo - -(cd .. && timeout 5m make run &) +if [[ -z "${CI_MODE}" ]]; then + $(cd .. && timeout 5m make run &) +else + kind load docker-image controller:latest --name "${KIND_CLUSTER_NAME}" + cd .. && make deploy && cd - +fi # Create log-generator helm install --wait --create-namespace --namespace example-tenant-ns --generate-name oci://ghcr.io/kube-logging/helm-charts/log-generator @@ -68,7 +73,3 @@ echo "E2E test: PASSED" if [[ -z "${NO_KIND_CLEANUP}" ]]; then kind delete cluster --name "${KIND_CLUSTER_NAME}" fi - -if [[ "${CURRENT_K8S_CTX}" != "" ]]; then - kubectl config get-contexts -o name | grep -q "${CURRENT_K8S_CTX}" && kubectl config set-context "${CURRENT_K8S_CTX}" -fi diff --git a/internal/controller/telemetry/collector_controller.go b/internal/controller/telemetry/collector_controller.go index 0e5bdd3..4173e59 100644 --- a/internal/controller/telemetry/collector_controller.go +++ b/internal/controller/telemetry/collector_controller.go @@ -41,9 +41,14 @@ type CollectorReconciler struct { Scheme *runtime.Scheme } -//+kubebuilder:rbac:groups=telemetry.kube-logging.dev,resources=collectors,verbs=get;list;watch;create;update;patch;delete -//+kubebuilder:rbac:groups=telemetry.kube-logging.dev,resources=collectors/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=telemetry.kube-logging.dev,resources=collectors;tenants;subscriptions;oteloutputs;,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=telemetry.kube-logging.dev,resources=collectors/status;tenants/status;subscriptions/status;oteloutputs/status;,verbs=get;update;patch //+kubebuilder:rbac:groups=telemetry.kube-logging.dev,resources=collectors/finalizers,verbs=update +//+kubebuilder:rbac:groups="",resources=nodes;namespaces;endpoints;nodes/proxy,verbs=get;list;watch +//+kubebuilder:rbac:groups="rbac.authorization.k8s.io",resources=clusterroles;clusterrolebindings;roles;rolebindings,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups="",resources=services;persistentvolumeclaims;serviceaccounts;pods,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=apps,resources=statefulsets;daemonsets;replicasets,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=opentelemetry.io,resources=opentelemetrycollectors,verbs=get;list;watch;create;update;patch;delete // Reconcile is part of the main kubernetes reconciliation loop which aims to // move the current state of the cluster closer to the desired state. @@ -76,7 +81,10 @@ func (r *CollectorReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( collector.Status.Tenants = tenantNames - r.Status().Update(ctx, collector) + if err := r.Status().Update(ctx, collector); err != nil { + return ctrl.Result{}, err + } + logger.Info("Setting collector status") subscriptions := []v1alpha1.Subscription{} @@ -112,7 +120,10 @@ func (r *CollectorReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( slices.Sort(logsourceNamespacesForTenant) tenant.Status.LogSourceNamespaces = logsourceNamespacesForTenant - r.Status().Update(ctx, &tenant) + if err := r.Status().Update(ctx, &tenant); err != nil { + return ctrl.Result{}, err + } + logger.Info("Setting tenant status") } @@ -190,7 +201,9 @@ func (r *CollectorReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( }, } - ctrl.SetControllerReference(collector, &otelCollector, r.Scheme) + if err := ctrl.SetControllerReference(collector, &otelCollector, r.Scheme); err != nil { + return ctrl.Result{}, err + } resourceReconciler := reconciler.NewReconcilerWith(r.Client, reconciler.WithLog(logger)) @@ -235,7 +248,9 @@ func (r *CollectorReconciler) reconcileServiceAccount(ctx context.Context, colle }, } - ctrl.SetControllerReference(collector, &serviceAccount, r.Scheme) + if err := ctrl.SetControllerReference(collector, &serviceAccount, r.Scheme); err != nil { + return v1alpha1.NamespacedName{}, err + } resourceReconciler := reconciler.NewReconcilerWith(r.Client, reconciler.WithLog(logger)) @@ -265,7 +280,9 @@ func (r *CollectorReconciler) reconcileClusterRoleBinding(ctx context.Context, c }, } - ctrl.SetControllerReference(collector, &clusterRoleBinding, r.Scheme) + if err := ctrl.SetControllerReference(collector, &clusterRoleBinding, r.Scheme); err != nil { + return err + } resourceReconciler := reconciler.NewReconcilerWith(r.Client, reconciler.WithLog(logger)) @@ -295,7 +312,9 @@ func (r *CollectorReconciler) reconcileClusterRole(ctx context.Context, collecto }, } - ctrl.SetControllerReference(collector, &clusterRole, r.Scheme) + if err := ctrl.SetControllerReference(collector, &clusterRole, r.Scheme); err != nil { + return err + } resourceReconciler := reconciler.NewReconcilerWith(r.Client, reconciler.WithLog(logger)) @@ -305,18 +324,18 @@ func (r *CollectorReconciler) reconcileClusterRole(ctx context.Context, collecto } func getTenantNamesFromTenants(tenants []v1alpha1.Tenant) []string { - var tenantNames []string - for _, tenant := range tenants { - tenantNames = append(tenantNames, tenant.Name) + tenantNames := make([]string, len(tenants)) + for i, tenant := range tenants { + tenantNames[i] = tenant.Name } return tenantNames } func getSubscriptionNamesFromSubscription(subscriptions []v1alpha1.Subscription) []v1alpha1.NamespacedName { - var subscriptionNames []v1alpha1.NamespacedName - for _, subscription := range subscriptions { - subscriptionNames = append(subscriptionNames, subscription.NamespacedName()) + subscriptionNames := make([]v1alpha1.NamespacedName, len(subscriptions)) + for i, subscription := range subscriptions { + subscriptionNames[i] = subscription.NamespacedName() } return subscriptionNames @@ -434,10 +453,10 @@ func (r *CollectorReconciler) getLogsourceNamespaceNamesForTenant(ctx context.Co return nil, err } - var namespaceNames []string + namespaceNames := make([]string, len(namespaces)) - for _, namespace := range namespaces { - namespaceNames = append(namespaceNames, namespace.Name) + for i, namespace := range namespaces { + namespaceNames[i] = namespace.Name } return namespaceNames, nil diff --git a/internal/controller/telemetry/otel_col_conf_test_fixtures/complex.yaml b/internal/controller/telemetry/otel_col_conf_test_fixtures/complex.yaml index 3d476a9..df9ee8c 100644 --- a/internal/controller/telemetry/otel_col_conf_test_fixtures/complex.yaml +++ b/internal/controller/telemetry/otel_col_conf_test_fixtures/complex.yaml @@ -1,143 +1,128 @@ receivers: - file/in: - path: - /dev/stdin - + filelog/kubernetes: + exclude: + - /var/log/pods/*/otc-container/*.log + include: + - /var/log/pods/*/*/*.log + include_file_name: false + include_file_path: true + operators: + - id: get-format + routes: + - expr: body matches "^\\{" + output: parser-docker + - expr: body matches "^[^ Z]+Z" + output: parser-containerd + type: router + - id: parser-containerd + output: extract_metadata_from_filepath + regex: ^(?P