feat: support SDK auth in AzureAD RemoteWrite #6596
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@simonpasquier addressed comments PTAL |
Related-to prometheus-operator#6584 Signed-off-by: Jayapriya Pai <slashpai9@gmail.com>
|
@simonpasquier updated |
Co-authored-by: Simon Pasquier <spasquie@redhat.com>
simonpasquier
approved these changes
May 17, 2024
| @@ -127,14 +127,22 @@ func ValidateRemoteWriteSpec(spec monitoringv1.RemoteWriteSpec) error { | |||
| } | |||
|
|
|||
| if spec.AzureAD != nil { | |||
| if spec.AzureAD.ManagedIdentity == nil && spec.AzureAD.OAuth == nil { | |||
| return fmt.Errorf("must provide Azure Managed Identity or Azure OAuth in the Azure AD config") | |||
| if spec.AzureAD.ManagedIdentity == nil && spec.AzureAD.OAuth == nil && spec.AzureAD.SDK == nil { | |||
There was a problem hiding this comment.
There's still a risk that users pick up the SDK option with an older Prometheus version in which the generated config will fail. Ideally the operator should fail here.
There was a problem hiding this comment.
should we have this validated similar to relabel configs is resource_selector.go?
| @@ -2124,6 +2124,12 @@ func (cg *ConfigGenerator) generateRemoteWriteConfig( | |||
| }) | |||
| } | |||
|
|
|||
| if spec.AzureAD.SDK != nil { | |||
There was a problem hiding this comment.
(nit) we could use a switch/case to make it more readable/robust.
|
I can address comments in follow up PR I had enabled auto-merge :) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
feat: support SDK auth in AzureAD RemoteWrite
Related-to #6584
Description
Describe the big picture of your changes here to communicate to the maintainers why we should accept this pull request.
If it fixes a bug or resolves a feature request, be sure to link to that issue.
Type of change
What type of changes does your code introduce to the Prometheus operator? Put an
xin the box that apply.CHANGE(fix or feature that would cause existing functionality to not work as expected)FEATURE(non-breaking change which adds functionality)BUGFIX(non-breaking change which fixes an issue)ENHANCEMENT(non-breaking change which improves existing functionality)NONE(if none of the other choices apply. Example, tooling, build system, CI, docs, etc.)Verification
Please check the Prometheus-Operator testing guidelines for recommendations about automated tests.
Changelog entry
Please put a one-line changelog entry below. This will be copied to the changelog file during the release process.