From 4d0d41853d0d5a0aced0b717b76683232f94e5e9 Mon Sep 17 00:00:00 2001 From: Jonathan Hess Date: Mon, 13 Feb 2023 22:05:11 -0700 Subject: [PATCH 1/2] feat: add QuoteProject flag This reverts commit f107aa1d581536249a8ddf9ccf33156cff9786b8. --- .../cloudsql.cloud.google.com_authproxyworkloads.yaml | 3 +++ installer/cloud-sql-proxy-operator.yaml | 3 +++ internal/api/v1alpha1/authproxyworkload_types.go | 8 ++++++++ internal/api/v1alpha1/zz_generated.deepcopy.go | 5 +++++ internal/workload/podspec_updates.go | 3 +++ internal/workload/podspec_updates_test.go | 2 ++ 6 files changed, 24 insertions(+) diff --git a/config/crd/bases/cloudsql.cloud.google.com_authproxyworkloads.yaml b/config/crd/bases/cloudsql.cloud.google.com_authproxyworkloads.yaml index df30678d..346f4a6d 100644 --- a/config/crd/bases/cloudsql.cloud.google.com_authproxyworkloads.yaml +++ b/config/crd/bases/cloudsql.cloud.google.com_authproxyworkloads.yaml @@ -941,6 +941,9 @@ spec: prometheusNamespace: description: PrometheusNamespace is used the provided Prometheus namespace for metrics This sets the proxy container's CLI argument `--prometheus-namespace` type: string + quotaProject: + description: QuotaProject Specifies the project to use for Cloud SQL Admin API quota tracking. The IAM principal must have the "serviceusage.services.use" permission for the given project. See https://cloud.google.com/service-usage/docs/overview and https://cloud.google.com/storage/docs/requester-pays This sets the proxy container's CLI argument `--quota-project` + type: string telemetryPrefix: description: TelemetryPrefix is the prefix for Cloud Monitoring metrics. This sets the proxy container's CLI argument `--telemetry-prefix` type: string diff --git a/installer/cloud-sql-proxy-operator.yaml b/installer/cloud-sql-proxy-operator.yaml index faedd04a..310ba0aa 100644 --- a/installer/cloud-sql-proxy-operator.yaml +++ b/installer/cloud-sql-proxy-operator.yaml @@ -959,6 +959,9 @@ spec: prometheusNamespace: description: PrometheusNamespace is used the provided Prometheus namespace for metrics This sets the proxy container's CLI argument `--prometheus-namespace` type: string + quotaProject: + description: QuotaProject Specifies the project to use for Cloud SQL Admin API quota tracking. The IAM principal must have the "serviceusage.services.use" permission for the given project. See https://cloud.google.com/service-usage/docs/overview and https://cloud.google.com/storage/docs/requester-pays This sets the proxy container's CLI argument `--quota-project` + type: string telemetryPrefix: description: TelemetryPrefix is the prefix for Cloud Monitoring metrics. This sets the proxy container's CLI argument `--telemetry-prefix` type: string diff --git a/internal/api/v1alpha1/authproxyworkload_types.go b/internal/api/v1alpha1/authproxyworkload_types.go index ee567064..346319ce 100644 --- a/internal/api/v1alpha1/authproxyworkload_types.go +++ b/internal/api/v1alpha1/authproxyworkload_types.go @@ -220,6 +220,14 @@ type AdminServerSpec struct { // TelemetrySpec specifies how the proxy container will expose telemetry. type TelemetrySpec struct { + // QuotaProject Specifies the project to use for Cloud SQL Admin API quota tracking. + // The IAM principal must have the "serviceusage.services.use" permission + // for the given project. See https://cloud.google.com/service-usage/docs/overview and + // https://cloud.google.com/storage/docs/requester-pays + // This sets the proxy container's CLI argument `--quota-project` + //+kubebuilder:validation:Optional + QuotaProject *string `json:"quotaProject,omitempty"` + // Prometheus Enables Prometheus HTTP endpoint /metrics on localhost // This sets the proxy container's CLI argument `--prometheus` //+kubebuilder:validation:Optional diff --git a/internal/api/v1alpha1/zz_generated.deepcopy.go b/internal/api/v1alpha1/zz_generated.deepcopy.go index b719553d..6ae0c0bf 100644 --- a/internal/api/v1alpha1/zz_generated.deepcopy.go +++ b/internal/api/v1alpha1/zz_generated.deepcopy.go @@ -247,6 +247,11 @@ func (in *InstanceSpec) DeepCopy() *InstanceSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TelemetrySpec) DeepCopyInto(out *TelemetrySpec) { *out = *in + if in.QuotaProject != nil { + in, out := &in.QuotaProject, &out.QuotaProject + *out = new(string) + **out = **in + } if in.Prometheus != nil { in, out := &in.Prometheus, &out.Prometheus *out = new(bool) diff --git a/internal/workload/podspec_updates.go b/internal/workload/podspec_updates.go index 978fa8a5..56801ace 100644 --- a/internal/workload/podspec_updates.go +++ b/internal/workload/podspec_updates.go @@ -668,6 +668,9 @@ func (s *updateState) applyTelemetrySpec(p *cloudsqlapi.AuthProxyWorkload) { if tel.TelemetryPrefix != nil { s.addProxyContainerEnvVar(p, "CSQL_PROXY_TELEMETRY_PREFIX", *tel.TelemetryPrefix) } + if tel.QuotaProject != nil { + s.addProxyContainerEnvVar(p, "CSQL_PROXY_QUOTA_PROJECT", *tel.QuotaProject) + } return } diff --git a/internal/workload/podspec_updates_test.go b/internal/workload/podspec_updates_test.go index c905809d..c8c69bcc 100644 --- a/internal/workload/podspec_updates_test.go +++ b/internal/workload/podspec_updates_test.go @@ -636,6 +636,7 @@ func TestProxyCLIArgs(t *testing.T) { DisableMetrics: &wantTrue, Prometheus: &wantTrue, PrometheusNamespace: ptr("hello"), + QuotaProject: ptr("qp"), }, AdminServer: &v1alpha1.AdminServerSpec{ EnableAPIs: []string{"Debug", "QuitQuitQuit"}, @@ -666,6 +667,7 @@ func TestProxyCLIArgs(t *testing.T) { "CSQL_PROXY_DISABLE_TRACES": "true", "CSQL_PROXY_DISABLE_METRICS": "true", "CSQL_PROXY_PROMETHEUS": "true", + "CSQL_PROXY_QUOTA_PROJECT": "qp", "CSQL_PROXY_MAX_CONNECTIONS": "10", "CSQL_PROXY_MAX_SIGTERM_DELAY": "20", }, From da12f504d661391a21cf9d048723c8dbe9841668 Mon Sep 17 00:00:00 2001 From: Jonathan Hess Date: Mon, 27 Feb 2023 13:30:34 -0700 Subject: [PATCH 2/2] chore: update api doc --- docs/api.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/api.md b/docs/api.md index b96f4647..9e3af8e0 100644 --- a/docs/api.md +++ b/docs/api.md @@ -120,6 +120,7 @@ _Appears in:_ | Field | Description | | --- | --- | +| `quotaProject` _string_ | QuotaProject Specifies the project to use for Cloud SQL Admin API quota tracking. The IAM principal must have the "serviceusage.services.use" permission for the given project. See https://cloud.google.com/service-usage/docs/overview and https://cloud.google.com/storage/docs/requester-pays This sets the proxy container's CLI argument `--quota-project` | | `prometheus` _boolean_ | Prometheus Enables Prometheus HTTP endpoint /metrics on localhost This sets the proxy container's CLI argument `--prometheus` | | `prometheusNamespace` _string_ | PrometheusNamespace is used the provided Prometheus namespace for metrics This sets the proxy container's CLI argument `--prometheus-namespace` | | `telemetryProject` _string_ | TelemetryProject enables Cloud Monitoring and Cloud Trace with the provided project ID. This sets the proxy container's CLI argument `--telemetry-project` |