Skip to content

Commit

Permalink
Fix reconcile from DISABLED to AUTO configuration (#365)
Browse files Browse the repository at this point in the history
  • Loading branch information
OlivierCazade authored Jun 8, 2023
1 parent 1183794 commit 15af7d5
Show file tree
Hide file tree
Showing 3 changed files with 43 additions and 0 deletions.
21 changes: 21 additions & 0 deletions controllers/flowlogspipeline/flp_common_objects.go
Original file line number Diff line number Diff line change
Expand Up @@ -683,6 +683,7 @@ func (b *builder) clusterRoleBinding(ck ConfKind, mono bool) *rbacv1.ClusterRole
}

func (b *builder) serviceMonitor() *monitoringv1.ServiceMonitor {
serverName := fmt.Sprintf("%s.%s.svc", b.promServiceName(), b.info.Namespace)
flpServiceMonitorObject := monitoringv1.ServiceMonitor{
ObjectMeta: metav1.ObjectMeta{
Name: b.serviceMonitorName(),
Expand All @@ -707,6 +708,26 @@ func (b *builder) serviceMonitor() *monitoringv1.ServiceMonitor {
},
},
}
if b.desired.Processor.Metrics.Server.TLS.Type == flowslatest.ServerTLSAuto {
flpServiceMonitorObject.Spec.Endpoints[0].Scheme = "https"
flpServiceMonitorObject.Spec.Endpoints[0].TLSConfig = &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
ServerName: serverName,
},
CAFile: "/etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt",
}
}

if b.desired.Processor.Metrics.Server.TLS.Type == flowslatest.ServerTLSProvided {
flpServiceMonitorObject.Spec.Endpoints[0].Scheme = "https"
flpServiceMonitorObject.Spec.Endpoints[0].TLSConfig = &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
ServerName: serverName,
InsecureSkipVerify: true,
},
}
}

return &flpServiceMonitorObject
}

Expand Down
21 changes: 21 additions & 0 deletions controllers/flowlogspipeline/flp_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -482,6 +482,18 @@ func TestServiceChanged(t *testing.T) {
report = helper.NewChangeReport("")
assert.False(helper.ServiceChanged(second, third, &report))
assert.Contains(report.String(), "no change")

// Check annotations change
cfg.Processor.LogLevel = "error"
b = monoBuilder(ns, &cfg)
fourth := b.promService()
fourth.ObjectMeta.Annotations = map[string]string{
"name": "value",
}

report = helper.NewChangeReport("")
assert.True(helper.ServiceChanged(third, fourth, &report))
assert.Contains(report.String(), "Service annotations changed")
}

func TestServiceMonitorNoChange(t *testing.T) {
Expand Down Expand Up @@ -526,6 +538,15 @@ func TestServiceMonitorChanged(t *testing.T) {
report = helper.NewChangeReport("")
assert.True(helper.ServiceMonitorChanged(second, third, &report))
assert.Contains(report.String(), "ServiceMonitor labels changed")

// Check scheme changed
b = newMonolithBuilder(info.NewInstance(image2), &cfg)
fourth := b.generic.serviceMonitor()
fourth.Spec.Endpoints[0].Scheme = "https"

report = helper.NewChangeReport("")
assert.True(helper.ServiceMonitorChanged(third, fourth, &report))
assert.Contains(report.String(), "ServiceMonitor spec changed")
}

func TestPrometheusRuleNoChange(t *testing.T) {
Expand Down
1 change: 1 addition & 0 deletions controllers/reconcilers/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,7 @@ func (i *Instance) ReconcileService(ctx context.Context, old, new *corev1.Servic
// In case we're updating an existing service, we need to build from the old one to keep immutable fields such as clusterIP
newSVC := old.DeepCopy()
newSVC.Spec.Ports = new.Spec.Ports
newSVC.ObjectMeta.Annotations = new.ObjectMeta.Annotations
if err := i.UpdateOwned(ctx, old, newSVC); err != nil {
return err
}
Expand Down

0 comments on commit 15af7d5

Please sign in to comment.