Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NETOBSERV-1070: Fix reconcile from DISABLED to AUTO configuration #365

Merged
merged 1 commit into from Jun 8, 2023
Merged

NETOBSERV-1070: Fix reconcile from DISABLED to AUTO configuration #365

merged 1 commit into from Jun 8, 2023

Conversation

OlivierCazade
Copy link
Contributor

Two bug correction here:

Service annotations not being updated during reconcile, this had two effects:

  • secret for TLS certificate were not being created resulting in pod failing to start
  • the operator was trying indefinitely to update the service

ServiceMonitor now adapt to the TLS configuration

@openshift-ci-robot
Copy link
Collaborator

openshift-ci-robot commented Jun 7, 2023
edited by openshift-ci bot

@OlivierCazade: This pull request references NETOBSERV-1070 which is a valid jira issue.

In response to this:

Two bug correction here:

Service annotations not being updated during reconcile, this had two effects:

  • secret for TLS certificate were not being created resulting in pod failing to start
  • the operator was trying indefinitely to update the service

ServiceMonitor now adapt to the TLS configuration

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@codecov
Copy link

codecov bot commented Jun 7, 2023
edited

Codecov Report

Merging #365 (931da2e) into main (f664d0f) will decrease coverage by 0.17%.
The diff coverage is 10.00%.

@@            Coverage Diff             @@
##             main     #365      +/-   ##
==========================================
- Coverage   53.53%   53.37%   -0.17%     
==========================================
  Files          45       45              
  Lines        5329     5349      +20     
==========================================
+ Hits         2853     2855       +2     
- Misses       2272     2288      +16     
- Partials      204      206       +2
Flag Coverage Δ
unittests 53.37% <10.00%> (-0.17%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
controllers/flowlogspipeline/flp_common_objects.go 86.59% <5.26%> (-2.52%) ⬇️
controllers/reconcilers/common.go 53.50% <100.00%> (+0.41%) ⬆️

jotak
jotak reviewed Jun 7, 2023
View reviewed changes
controllers/flowlogspipeline/flp_common_objects.go
flpServiceMonitorObject.Spec.Endpoints[0].TLSConfig = &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
ServerName: serverName,
InsecureSkipVerify: true,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So this is where you plan a follow-up? did you already create the jira ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, we have multiple case here that should be addressed:

  • the certificate is a valid certificate signed by a public authority
  • the user provide a CA (we need to add a field for that) certificate and we must validate the certificate with this CA
  • the user want to skip verification and we should have an option to configure this

jotak
jotak approved these changes Jun 7, 2023
View reviewed changes
Copy link
Member

@jotak jotak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
can you just open a follow-up bug ticket if it's not already done? (for the insecure-verify)

@openshift-ci openshift-ci bot added the lgtm label Jun 7, 2023
@OlivierCazade
Copy link
Contributor Author

/approve

@jotak the ticket is here:
https://issues.redhat.com/browse/NETOBSERV-1087

@openshift-ci
Copy link

openshift-ci bot commented Jun 8, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: OlivierCazade

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved label Jun 8, 2023
@openshift-merge-robot openshift-merge-robot merged commit 15af7d5 into netobserv:main Jun 8, 2023
9 checks passed
OlivierCazade added a commit to OlivierCazade/network-observability-operator that referenced this pull request Jun 8, 2023
@OlivierCazade
Fix reconcile from DISABLED to AUTO configuration (netobserv#365)
b4acd5c
openshift-merge-robot pushed a commit that referenced this pull request Jun 8, 2023
@OlivierCazade
Fix reconcile from DISABLED to AUTO configuration (#365) (#368)
5958814
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jotak jotak jotak approved these changes

@jpinsonneau jpinsonneau Awaiting requested review from jpinsonneau

Assignees

@jotak jotak

Labels
approved jira/valid-reference lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@OlivierCazade @openshift-ci-robot @jotak @openshift-merge-robot