From 0916e16ab62ffcbf24a2a1d62ba055b507222254 Mon Sep 17 00:00:00 2001 From: dongjiang1989 Date: Mon, 15 Apr 2024 17:43:05 +0800 Subject: [PATCH 1/7] update prometheus remote write/read proxy config Signed-off-by: dongjiang1989 --- Documentation/api.md | 113 ++++++++++- bundle.yaml | 176 +++++++++++++++++- ...onitoring.coreos.com_prometheusagents.yaml | 61 +++++- .../monitoring.coreos.com_prometheuses.yaml | 115 +++++++++++- ...onitoring.coreos.com_prometheusagents.yaml | 61 +++++- .../monitoring.coreos.com_prometheuses.yaml | 115 +++++++++++- .../prometheusagents-crd.json | 42 ++++- .../prometheus-operator/prometheuses-crd.json | 80 +++++++- pkg/apis/monitoring/v1/prometheus_types.go | 17 +- .../monitoring/v1/zz_generated.deepcopy.go | 7 + .../monitoring/v1/remotereadspec.go | 61 ++++-- .../monitoring/v1/remotewritespec.go | 78 ++++++-- pkg/prometheus/promcfg.go | 20 +- pkg/prometheus/promcfg_test.go | 107 +++++++++-- ...emoteReadConfig_v2.43.0_ProxyConfig.golden | 15 ++ ...moteWriteConfig_v2.43.0_ProxyConfig.golden | 16 ++ 16 files changed, 1002 insertions(+), 82 deletions(-) create mode 100644 pkg/prometheus/testdata/RemoteReadConfig_v2.43.0_ProxyConfig.golden create mode 100644 pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfig.golden diff --git a/Documentation/api.md b/Documentation/api.md index 0489f793bb..33c8c9b445 100644 --- a/Documentation/api.md +++ b/Documentation/api.md @@ -11994,7 +11994,7 @@ A zero value means that Prometheus doesn’t accept any incoming connection.

ProxyConfig

-(Appears on:ConsulSDConfig, DigitalOceanSDConfig, DockerSDConfig, EurekaSDConfig, HTTPSDConfig, HetznerSDConfig, KubernetesSDConfig, KumaSDConfig, ScrapeConfigSpec) +(Appears on:RemoteReadSpec, RemoteWriteSpec, ConsulSDConfig, DigitalOceanSDConfig, DockerSDConfig, EurekaSDConfig, HTTPSDConfig, HetznerSDConfig, KubernetesSDConfig, KumaSDConfig, ScrapeConfigSpec)

@@ -12603,7 +12603,54 @@ string -

Optional ProxyURL.

+(Optional) +

proxyURL defines the HTTP proxy server to use.

+

It requires Prometheus >= v2.43.0.

+ + + + +noProxy
+ +string + + + +(Optional) +

noProxy is a comma-separated string that can contain IPs, CIDR notation, domain names +that should be excluded from proxying. IP and domain names can +contain port numbers.

+

It requires Prometheus >= v2.43.0.

+ + + + +proxyFromEnvironment
+ +bool + + + +(Optional) +

Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). +If unset, Prometheus uses its default value.

+

It requires Prometheus >= v2.43.0.

+ + + + +proxyConnectHeader
+ + +map[string]k8s.io/api/core/v1.SecretKeySelector + + + + +(Optional) +

ProxyConnectHeader optionally specifies headers to send to +proxies during CONNECT requests.

+

It requires Prometheus >= v2.43.0.

@@ -12871,7 +12918,67 @@ string -

Optional ProxyURL.

+(Optional) +

proxyURL defines the HTTP proxy server to use.

+

It requires Prometheus >= v2.43.0.

+ + + + +noProxy
+ +string + + + +(Optional) +

noProxy is a comma-separated string that can contain IPs, CIDR notation, domain names +that should be excluded from proxying. IP and domain names can +contain port numbers.

+

It requires Prometheus >= v2.43.0.

+ + + + +proxyFromEnvironment
+ +bool + + + +(Optional) +

Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). +If unset, Prometheus uses its default value.

+

It requires Prometheus >= v2.43.0.

+ + + + +proxyConnectHeader
+ + +map[string]k8s.io/api/core/v1.SecretKeySelector + + + + +(Optional) +

ProxyConnectHeader optionally specifies headers to send to +proxies during CONNECT requests.

+

It requires Prometheus >= v2.43.0.

+ + + + +followRedirects
+ +bool + + + +(Optional) +

Configure whether HTTP requests follow HTTP 3xx redirects.

+

It requires Prometheus >= v2.26.0.

diff --git a/bundle.yaml b/bundle.yaml index 1c8ca532a6..ab56e90496 100644 --- a/bundle.yaml +++ b/bundle.yaml @@ -20396,6 +20396,13 @@ spec: enableHTTP2: description: Whether to enable HTTP2. type: boolean + followRedirects: + description: |- + Configure whether HTTP requests follow HTTP 3xx redirects. + + + It requires Prometheus >= v2.26.0. + type: boolean headers: additionalProperties: type: string @@ -20428,6 +20435,15 @@ spec: It requires Prometheus >= v2.15.0. type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + + It requires Prometheus >= v2.43.0. + type: string oauth2: description: |- OAuth2 configuration for the URL. @@ -20532,8 +20548,51 @@ spec: - clientSecret - tokenUrl type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + + It requires Prometheus >= v2.43.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.43.0. + type: boolean proxyUrl: - description: Optional ProxyURL. + description: |- + `proxyURL` defines the HTTP proxy server to use. + + + It requires Prometheus >= v2.43.0. + pattern: ^http(s)?://.+$ type: string queueConfig: description: QueueConfig allows tuning of the remote write queue @@ -30394,6 +30453,15 @@ spec: It requires Prometheus >= v2.15.0. type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + + It requires Prometheus >= v2.43.0. + type: string oauth2: description: |- OAuth2 configuration for the URL. @@ -30498,8 +30566,51 @@ spec: - clientSecret - tokenUrl type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + + It requires Prometheus >= v2.43.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.43.0. + type: boolean proxyUrl: - description: Optional ProxyURL. + description: |- + `proxyURL` defines the HTTP proxy server to use. + + + It requires Prometheus >= v2.43.0. + pattern: ^http(s)?://.+$ type: string readRecent: description: |- @@ -30866,6 +30977,13 @@ spec: enableHTTP2: description: Whether to enable HTTP2. type: boolean + followRedirects: + description: |- + Configure whether HTTP requests follow HTTP 3xx redirects. + + + It requires Prometheus >= v2.26.0. + type: boolean headers: additionalProperties: type: string @@ -30898,6 +31016,15 @@ spec: It requires Prometheus >= v2.15.0. type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + + It requires Prometheus >= v2.43.0. + type: string oauth2: description: |- OAuth2 configuration for the URL. @@ -31002,8 +31129,51 @@ spec: - clientSecret - tokenUrl type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + + It requires Prometheus >= v2.43.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.43.0. + type: boolean proxyUrl: - description: Optional ProxyURL. + description: |- + `proxyURL` defines the HTTP proxy server to use. + + + It requires Prometheus >= v2.43.0. + pattern: ^http(s)?://.+$ type: string queueConfig: description: QueueConfig allows tuning of the remote write queue diff --git a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml index 2bf5529742..da5de2af57 100644 --- a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml +++ b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml @@ -4898,6 +4898,13 @@ spec: enableHTTP2: description: Whether to enable HTTP2. type: boolean + followRedirects: + description: |- + Configure whether HTTP requests follow HTTP 3xx redirects. + + + It requires Prometheus >= v2.26.0. + type: boolean headers: additionalProperties: type: string @@ -4930,6 +4937,15 @@ spec: It requires Prometheus >= v2.15.0. type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + + It requires Prometheus >= v2.43.0. + type: string oauth2: description: |- OAuth2 configuration for the URL. @@ -5034,8 +5050,51 @@ spec: - clientSecret - tokenUrl type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + + It requires Prometheus >= v2.43.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.43.0. + type: boolean proxyUrl: - description: Optional ProxyURL. + description: |- + `proxyURL` defines the HTTP proxy server to use. + + + It requires Prometheus >= v2.43.0. + pattern: ^http(s)?://.+$ type: string queueConfig: description: QueueConfig allows tuning of the remote write queue diff --git a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml index df1d52cc2d..afaec1f1c9 100644 --- a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml +++ b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml @@ -5403,6 +5403,15 @@ spec: It requires Prometheus >= v2.15.0. type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + + It requires Prometheus >= v2.43.0. + type: string oauth2: description: |- OAuth2 configuration for the URL. @@ -5507,8 +5516,51 @@ spec: - clientSecret - tokenUrl type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + + It requires Prometheus >= v2.43.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.43.0. + type: boolean proxyUrl: - description: Optional ProxyURL. + description: |- + `proxyURL` defines the HTTP proxy server to use. + + + It requires Prometheus >= v2.43.0. + pattern: ^http(s)?://.+$ type: string readRecent: description: |- @@ -5875,6 +5927,13 @@ spec: enableHTTP2: description: Whether to enable HTTP2. type: boolean + followRedirects: + description: |- + Configure whether HTTP requests follow HTTP 3xx redirects. + + + It requires Prometheus >= v2.26.0. + type: boolean headers: additionalProperties: type: string @@ -5907,6 +5966,15 @@ spec: It requires Prometheus >= v2.15.0. type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + + It requires Prometheus >= v2.43.0. + type: string oauth2: description: |- OAuth2 configuration for the URL. @@ -6011,8 +6079,51 @@ spec: - clientSecret - tokenUrl type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + + It requires Prometheus >= v2.43.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.43.0. + type: boolean proxyUrl: - description: Optional ProxyURL. + description: |- + `proxyURL` defines the HTTP proxy server to use. + + + It requires Prometheus >= v2.43.0. + pattern: ^http(s)?://.+$ type: string queueConfig: description: QueueConfig allows tuning of the remote write queue diff --git a/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml b/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml index 99356209f5..341eab1223 100644 --- a/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml +++ b/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml @@ -4899,6 +4899,13 @@ spec: enableHTTP2: description: Whether to enable HTTP2. type: boolean + followRedirects: + description: |- + Configure whether HTTP requests follow HTTP 3xx redirects. + + + It requires Prometheus >= v2.26.0. + type: boolean headers: additionalProperties: type: string @@ -4931,6 +4938,15 @@ spec: It requires Prometheus >= v2.15.0. type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + + It requires Prometheus >= v2.43.0. + type: string oauth2: description: |- OAuth2 configuration for the URL. @@ -5035,8 +5051,51 @@ spec: - clientSecret - tokenUrl type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + + It requires Prometheus >= v2.43.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.43.0. + type: boolean proxyUrl: - description: Optional ProxyURL. + description: |- + `proxyURL` defines the HTTP proxy server to use. + + + It requires Prometheus >= v2.43.0. + pattern: ^http(s)?://.+$ type: string queueConfig: description: QueueConfig allows tuning of the remote write queue diff --git a/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml b/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml index c660e7fc44..a25d7b7afb 100644 --- a/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +++ b/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml @@ -5404,6 +5404,15 @@ spec: It requires Prometheus >= v2.15.0. type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + + It requires Prometheus >= v2.43.0. + type: string oauth2: description: |- OAuth2 configuration for the URL. @@ -5508,8 +5517,51 @@ spec: - clientSecret - tokenUrl type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + + It requires Prometheus >= v2.43.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.43.0. + type: boolean proxyUrl: - description: Optional ProxyURL. + description: |- + `proxyURL` defines the HTTP proxy server to use. + + + It requires Prometheus >= v2.43.0. + pattern: ^http(s)?://.+$ type: string readRecent: description: |- @@ -5876,6 +5928,13 @@ spec: enableHTTP2: description: Whether to enable HTTP2. type: boolean + followRedirects: + description: |- + Configure whether HTTP requests follow HTTP 3xx redirects. + + + It requires Prometheus >= v2.26.0. + type: boolean headers: additionalProperties: type: string @@ -5908,6 +5967,15 @@ spec: It requires Prometheus >= v2.15.0. type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + + It requires Prometheus >= v2.43.0. + type: string oauth2: description: |- OAuth2 configuration for the URL. @@ -6012,8 +6080,51 @@ spec: - clientSecret - tokenUrl type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + + It requires Prometheus >= v2.43.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.43.0. + type: boolean proxyUrl: - description: Optional ProxyURL. + description: |- + `proxyURL` defines the HTTP proxy server to use. + + + It requires Prometheus >= v2.43.0. + pattern: ^http(s)?://.+$ type: string queueConfig: description: QueueConfig allows tuning of the remote write queue diff --git a/jsonnet/prometheus-operator/prometheusagents-crd.json b/jsonnet/prometheus-operator/prometheusagents-crd.json index d068c51752..7423d216ec 100644 --- a/jsonnet/prometheus-operator/prometheusagents-crd.json +++ b/jsonnet/prometheus-operator/prometheusagents-crd.json @@ -4197,6 +4197,10 @@ "description": "Whether to enable HTTP2.", "type": "boolean" }, + "followRedirects": { + "description": "Configure whether HTTP requests follow HTTP 3xx redirects.\n\n\nIt requires Prometheus >= v2.26.0.", + "type": "boolean" + }, "headers": { "additionalProperties": { "type": "string" @@ -4223,6 +4227,10 @@ "description": "The name of the remote write queue, it must be unique if specified. The\nname is used in metrics and logging in order to differentiate queues.\n\n\nIt requires Prometheus >= v2.15.0.", "type": "string" }, + "noProxy": { + "description": "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0.", + "type": "string" + }, "oauth2": { "description": "OAuth2 configuration for the URL.\n\n\nIt requires Prometheus >= v2.27.0.\n\n\nCannot be set at the same time as `sigv4`, `authorization`, `basicAuth`, or `azureAd`.", "properties": { @@ -4325,8 +4333,40 @@ ], "type": "object" }, + "proxyConnectHeader": { + "additionalProperties": { + "description": "SecretKeySelector selects a key of a Secret.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "description": "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0.", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "proxyFromEnvironment": { + "description": "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0.", + "type": "boolean" + }, "proxyUrl": { - "description": "Optional ProxyURL.", + "description": "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0.", + "pattern": "^http(s)?://.+$", "type": "string" }, "queueConfig": { diff --git a/jsonnet/prometheus-operator/prometheuses-crd.json b/jsonnet/prometheus-operator/prometheuses-crd.json index 1044a848f5..d0c0e21375 100644 --- a/jsonnet/prometheus-operator/prometheuses-crd.json +++ b/jsonnet/prometheus-operator/prometheuses-crd.json @@ -4630,6 +4630,10 @@ "description": "The name of the remote read queue, it must be unique if specified. The\nname is used in metrics and logging in order to differentiate read\nconfigurations.\n\n\nIt requires Prometheus >= v2.15.0.", "type": "string" }, + "noProxy": { + "description": "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0.", + "type": "string" + }, "oauth2": { "description": "OAuth2 configuration for the URL.\n\n\nIt requires Prometheus >= v2.27.0.\n\n\nCannot be set at the same time as `authorization`, or `basicAuth`.", "properties": { @@ -4732,8 +4736,40 @@ ], "type": "object" }, + "proxyConnectHeader": { + "additionalProperties": { + "description": "SecretKeySelector selects a key of a Secret.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "description": "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0.", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "proxyFromEnvironment": { + "description": "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0.", + "type": "boolean" + }, "proxyUrl": { - "description": "Optional ProxyURL.", + "description": "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0.", + "pattern": "^http(s)?://.+$", "type": "string" }, "readRecent": { @@ -5087,6 +5123,10 @@ "description": "Whether to enable HTTP2.", "type": "boolean" }, + "followRedirects": { + "description": "Configure whether HTTP requests follow HTTP 3xx redirects.\n\n\nIt requires Prometheus >= v2.26.0.", + "type": "boolean" + }, "headers": { "additionalProperties": { "type": "string" @@ -5113,6 +5153,10 @@ "description": "The name of the remote write queue, it must be unique if specified. The\nname is used in metrics and logging in order to differentiate queues.\n\n\nIt requires Prometheus >= v2.15.0.", "type": "string" }, + "noProxy": { + "description": "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0.", + "type": "string" + }, "oauth2": { "description": "OAuth2 configuration for the URL.\n\n\nIt requires Prometheus >= v2.27.0.\n\n\nCannot be set at the same time as `sigv4`, `authorization`, `basicAuth`, or `azureAd`.", "properties": { @@ -5215,8 +5259,40 @@ ], "type": "object" }, + "proxyConnectHeader": { + "additionalProperties": { + "description": "SecretKeySelector selects a key of a Secret.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "description": "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0.", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "proxyFromEnvironment": { + "description": "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0.", + "type": "boolean" + }, "proxyUrl": { - "description": "Optional ProxyURL.", + "description": "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0.", + "pattern": "^http(s)?://.+$", "type": "string" }, "queueConfig": { diff --git a/pkg/apis/monitoring/v1/prometheus_types.go b/pkg/apis/monitoring/v1/prometheus_types.go index 4a6e4a21e7..0fb8c055a5 100644 --- a/pkg/apis/monitoring/v1/prometheus_types.go +++ b/pkg/apis/monitoring/v1/prometheus_types.go @@ -1294,8 +1294,16 @@ type RemoteWriteSpec struct { // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` - // Optional ProxyURL. - ProxyURL string `json:"proxyUrl,omitempty"` + // Optional ProxyConfig. + // +optional + ProxyConfig `json:",inline"` + + // Configure whether HTTP requests follow HTTP 3xx redirects. + // + // It requires Prometheus >= v2.26.0. + // + // +optional + FollowRedirects *bool `json:"followRedirects,omitempty"` // QueueConfig allows tuning of the remote write queue parameters. // +optional @@ -1481,8 +1489,9 @@ type RemoteReadSpec struct { // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` - // Optional ProxyURL. - ProxyURL string `json:"proxyUrl,omitempty"` + // Optional ProxyConfig. + // +optional + ProxyConfig `json:",inline"` // Configure whether HTTP requests follow HTTP 3xx redirects. // diff --git a/pkg/apis/monitoring/v1/zz_generated.deepcopy.go b/pkg/apis/monitoring/v1/zz_generated.deepcopy.go index e921ee27fc..8b80bc991c 100644 --- a/pkg/apis/monitoring/v1/zz_generated.deepcopy.go +++ b/pkg/apis/monitoring/v1/zz_generated.deepcopy.go @@ -2387,6 +2387,7 @@ func (in *RemoteReadSpec) DeepCopyInto(out *RemoteReadSpec) { *out = new(TLSConfig) (*in).DeepCopyInto(*out) } + in.ProxyConfig.DeepCopyInto(&out.ProxyConfig) if in.FollowRedirects != nil { in, out := &in.FollowRedirects, &out.FollowRedirects *out = new(bool) @@ -2466,6 +2467,12 @@ func (in *RemoteWriteSpec) DeepCopyInto(out *RemoteWriteSpec) { *out = new(TLSConfig) (*in).DeepCopyInto(*out) } + in.ProxyConfig.DeepCopyInto(&out.ProxyConfig) + if in.FollowRedirects != nil { + in, out := &in.FollowRedirects, &out.FollowRedirects + *out = new(bool) + **out = **in + } if in.QueueConfig != nil { in, out := &in.QueueConfig, &out.QueueConfig *out = new(QueueConfig) diff --git a/pkg/client/applyconfiguration/monitoring/v1/remotereadspec.go b/pkg/client/applyconfiguration/monitoring/v1/remotereadspec.go index 7aa798bbcd..4c5cb06fd8 100644 --- a/pkg/client/applyconfiguration/monitoring/v1/remotereadspec.go +++ b/pkg/client/applyconfiguration/monitoring/v1/remotereadspec.go @@ -18,26 +18,27 @@ package v1 import ( v1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + corev1 "k8s.io/api/core/v1" ) // RemoteReadSpecApplyConfiguration represents an declarative configuration of the RemoteReadSpec type for use // with apply. type RemoteReadSpecApplyConfiguration struct { - URL *string `json:"url,omitempty"` - Name *string `json:"name,omitempty"` - RequiredMatchers map[string]string `json:"requiredMatchers,omitempty"` - RemoteTimeout *v1.Duration `json:"remoteTimeout,omitempty"` - Headers map[string]string `json:"headers,omitempty"` - ReadRecent *bool `json:"readRecent,omitempty"` - OAuth2 *OAuth2ApplyConfiguration `json:"oauth2,omitempty"` - BasicAuth *BasicAuthApplyConfiguration `json:"basicAuth,omitempty"` - BearerTokenFile *string `json:"bearerTokenFile,omitempty"` - Authorization *AuthorizationApplyConfiguration `json:"authorization,omitempty"` - BearerToken *string `json:"bearerToken,omitempty"` - TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` - ProxyURL *string `json:"proxyUrl,omitempty"` - FollowRedirects *bool `json:"followRedirects,omitempty"` - FilterExternalLabels *bool `json:"filterExternalLabels,omitempty"` + URL *string `json:"url,omitempty"` + Name *string `json:"name,omitempty"` + RequiredMatchers map[string]string `json:"requiredMatchers,omitempty"` + RemoteTimeout *v1.Duration `json:"remoteTimeout,omitempty"` + Headers map[string]string `json:"headers,omitempty"` + ReadRecent *bool `json:"readRecent,omitempty"` + OAuth2 *OAuth2ApplyConfiguration `json:"oauth2,omitempty"` + BasicAuth *BasicAuthApplyConfiguration `json:"basicAuth,omitempty"` + BearerTokenFile *string `json:"bearerTokenFile,omitempty"` + Authorization *AuthorizationApplyConfiguration `json:"authorization,omitempty"` + BearerToken *string `json:"bearerToken,omitempty"` + TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` + ProxyConfigApplyConfiguration `json:",inline"` + FollowRedirects *bool `json:"followRedirects,omitempty"` + FilterExternalLabels *bool `json:"filterExternalLabels,omitempty"` } // RemoteReadSpecApplyConfiguration constructs an declarative configuration of the RemoteReadSpec type for use with @@ -162,6 +163,36 @@ func (b *RemoteReadSpecApplyConfiguration) WithProxyURL(value string) *RemoteRea return b } +// WithNoProxy sets the NoProxy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NoProxy field is set to the value of the last call. +func (b *RemoteReadSpecApplyConfiguration) WithNoProxy(value string) *RemoteReadSpecApplyConfiguration { + b.NoProxy = &value + return b +} + +// WithProxyFromEnvironment sets the ProxyFromEnvironment field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ProxyFromEnvironment field is set to the value of the last call. +func (b *RemoteReadSpecApplyConfiguration) WithProxyFromEnvironment(value bool) *RemoteReadSpecApplyConfiguration { + b.ProxyFromEnvironment = &value + return b +} + +// WithProxyConnectHeader puts the entries into the ProxyConnectHeader field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the ProxyConnectHeader field, +// overwriting an existing map entries in ProxyConnectHeader field with the same key. +func (b *RemoteReadSpecApplyConfiguration) WithProxyConnectHeader(entries map[string]corev1.SecretKeySelector) *RemoteReadSpecApplyConfiguration { + if b.ProxyConnectHeader == nil && len(entries) > 0 { + b.ProxyConnectHeader = make(map[string]corev1.SecretKeySelector, len(entries)) + } + for k, v := range entries { + b.ProxyConnectHeader[k] = v + } + return b +} + // WithFollowRedirects sets the FollowRedirects field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the FollowRedirects field is set to the value of the last call. diff --git a/pkg/client/applyconfiguration/monitoring/v1/remotewritespec.go b/pkg/client/applyconfiguration/monitoring/v1/remotewritespec.go index ac09413f9f..eb478627a1 100644 --- a/pkg/client/applyconfiguration/monitoring/v1/remotewritespec.go +++ b/pkg/client/applyconfiguration/monitoring/v1/remotewritespec.go @@ -18,30 +18,32 @@ package v1 import ( v1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + corev1 "k8s.io/api/core/v1" ) // RemoteWriteSpecApplyConfiguration represents an declarative configuration of the RemoteWriteSpec type for use // with apply. type RemoteWriteSpecApplyConfiguration struct { - URL *string `json:"url,omitempty"` - Name *string `json:"name,omitempty"` - SendExemplars *bool `json:"sendExemplars,omitempty"` - SendNativeHistograms *bool `json:"sendNativeHistograms,omitempty"` - RemoteTimeout *v1.Duration `json:"remoteTimeout,omitempty"` - Headers map[string]string `json:"headers,omitempty"` - WriteRelabelConfigs []RelabelConfigApplyConfiguration `json:"writeRelabelConfigs,omitempty"` - OAuth2 *OAuth2ApplyConfiguration `json:"oauth2,omitempty"` - BasicAuth *BasicAuthApplyConfiguration `json:"basicAuth,omitempty"` - BearerTokenFile *string `json:"bearerTokenFile,omitempty"` - Authorization *AuthorizationApplyConfiguration `json:"authorization,omitempty"` - Sigv4 *Sigv4ApplyConfiguration `json:"sigv4,omitempty"` - AzureAD *AzureADApplyConfiguration `json:"azureAd,omitempty"` - BearerToken *string `json:"bearerToken,omitempty"` - TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` - ProxyURL *string `json:"proxyUrl,omitempty"` - QueueConfig *QueueConfigApplyConfiguration `json:"queueConfig,omitempty"` - MetadataConfig *MetadataConfigApplyConfiguration `json:"metadataConfig,omitempty"` - EnableHttp2 *bool `json:"enableHTTP2,omitempty"` + URL *string `json:"url,omitempty"` + Name *string `json:"name,omitempty"` + SendExemplars *bool `json:"sendExemplars,omitempty"` + SendNativeHistograms *bool `json:"sendNativeHistograms,omitempty"` + RemoteTimeout *v1.Duration `json:"remoteTimeout,omitempty"` + Headers map[string]string `json:"headers,omitempty"` + WriteRelabelConfigs []RelabelConfigApplyConfiguration `json:"writeRelabelConfigs,omitempty"` + OAuth2 *OAuth2ApplyConfiguration `json:"oauth2,omitempty"` + BasicAuth *BasicAuthApplyConfiguration `json:"basicAuth,omitempty"` + BearerTokenFile *string `json:"bearerTokenFile,omitempty"` + Authorization *AuthorizationApplyConfiguration `json:"authorization,omitempty"` + Sigv4 *Sigv4ApplyConfiguration `json:"sigv4,omitempty"` + AzureAD *AzureADApplyConfiguration `json:"azureAd,omitempty"` + BearerToken *string `json:"bearerToken,omitempty"` + TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` + ProxyConfigApplyConfiguration `json:",inline"` + FollowRedirects *bool `json:"followRedirects,omitempty"` + QueueConfig *QueueConfigApplyConfiguration `json:"queueConfig,omitempty"` + MetadataConfig *MetadataConfigApplyConfiguration `json:"metadataConfig,omitempty"` + EnableHttp2 *bool `json:"enableHTTP2,omitempty"` } // RemoteWriteSpecApplyConfiguration constructs an declarative configuration of the RemoteWriteSpec type for use with @@ -189,6 +191,44 @@ func (b *RemoteWriteSpecApplyConfiguration) WithProxyURL(value string) *RemoteWr return b } +// WithNoProxy sets the NoProxy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NoProxy field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithNoProxy(value string) *RemoteWriteSpecApplyConfiguration { + b.NoProxy = &value + return b +} + +// WithProxyFromEnvironment sets the ProxyFromEnvironment field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ProxyFromEnvironment field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithProxyFromEnvironment(value bool) *RemoteWriteSpecApplyConfiguration { + b.ProxyFromEnvironment = &value + return b +} + +// WithProxyConnectHeader puts the entries into the ProxyConnectHeader field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the ProxyConnectHeader field, +// overwriting an existing map entries in ProxyConnectHeader field with the same key. +func (b *RemoteWriteSpecApplyConfiguration) WithProxyConnectHeader(entries map[string]corev1.SecretKeySelector) *RemoteWriteSpecApplyConfiguration { + if b.ProxyConnectHeader == nil && len(entries) > 0 { + b.ProxyConnectHeader = make(map[string]corev1.SecretKeySelector, len(entries)) + } + for k, v := range entries { + b.ProxyConnectHeader[k] = v + } + return b +} + +// WithFollowRedirects sets the FollowRedirects field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the FollowRedirects field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithFollowRedirects(value bool) *RemoteWriteSpecApplyConfiguration { + b.FollowRedirects = &value + return b +} + // WithQueueConfig sets the QueueConfig field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the QueueConfig field is set to the value of the last call. diff --git a/pkg/prometheus/promcfg.go b/pkg/prometheus/promcfg.go index c9568b9c74..8ee6168ee5 100644 --- a/pkg/prometheus/promcfg.go +++ b/pkg/prometheus/promcfg.go @@ -700,12 +700,12 @@ func (cg *ConfigGenerator) GenerateServerConfiguration( // Remote write config if len(cpf.RemoteWrite) > 0 { - cfg = append(cfg, cg.generateRemoteWriteConfig(store)) + cfg = append(cfg, cg.generateRemoteWriteConfig(ctx, store)) } // Remote read config if len(remoteRead) > 0 { - cfg = append(cfg, cg.generateRemoteReadConfig(remoteRead, store)) + cfg = append(cfg, cg.generateRemoteReadConfig(ctx, remoteRead, store)) } if cpf.TracingConfig != nil { @@ -1891,6 +1891,7 @@ func (cg *ConfigGenerator) generateAdditionalScrapeConfigs( } func (cg *ConfigGenerator) generateRemoteReadConfig( + ctx context.Context, remoteRead []monitoringv1.RemoteReadSpec, store *assets.Store, ) yaml.MapItem { @@ -1944,9 +1945,7 @@ func (cg *ConfigGenerator) generateRemoteReadConfig( cfg = cg.addAuthorizationToYaml(cfg, fmt.Sprintf("remoteRead/auth/%d", i), store, spec.Authorization) - if spec.ProxyURL != "" { - cfg = append(cfg, yaml.MapItem{Key: "proxy_url", Value: spec.ProxyURL}) - } + cfg = cg.addProxyConfigtoYaml(ctx, cfg, objMeta.GetNamespace(), store, spec.ProxyConfig) if spec.FollowRedirects != nil { cfg = cg.WithMinimumVersion("2.26.0").AppendMapItem(cfg, "follow_redirects", spec.FollowRedirects) @@ -1999,6 +1998,7 @@ func (cg *ConfigGenerator) addOAuth2ToYaml( } func (cg *ConfigGenerator) generateRemoteWriteConfig( + ctx context.Context, store *assets.Store, ) yaml.MapItem { cfgs := []yaml.MapSlice{} @@ -2090,9 +2090,7 @@ func (cg *ConfigGenerator) generateRemoteWriteConfig( cfg = cg.addAuthorizationToYaml(cfg, fmt.Sprintf("remoteWrite/auth/%d", i), store, spec.Authorization) - if spec.ProxyURL != "" { - cfg = append(cfg, yaml.MapItem{Key: "proxy_url", Value: spec.ProxyURL}) - } + cfg = cg.addProxyConfigtoYaml(ctx, cfg, objMeta.GetNamespace(), store, spec.ProxyConfig) cfg = cg.WithMinimumVersion("2.26.0").addSigv4ToYaml(cfg, fmt.Sprintf("remoteWrite/%d", i), store, spec.Sigv4) @@ -2122,6 +2120,10 @@ func (cg *ConfigGenerator) generateRemoteWriteConfig( cfg = cg.WithMinimumVersion("2.45.0").AppendMapItem(cfg, "azuread", azureAd) } + if spec.FollowRedirects != nil { + cfg = cg.WithMinimumVersion("2.26.0").AppendMapItem(cfg, "follow_redirects", spec.FollowRedirects) + } + if spec.EnableHttp2 != nil { cfg = cg.WithMinimumVersion("2.35.0").AppendMapItem(cfg, "enable_http2", *spec.EnableHttp2) } @@ -2434,7 +2436,7 @@ func (cg *ConfigGenerator) GenerateAgentConfiguration( // Remote write config if len(cpf.RemoteWrite) > 0 { - cfg = append(cfg, cg.generateRemoteWriteConfig(store)) + cfg = append(cfg, cg.generateRemoteWriteConfig(ctx, store)) } if cpf.TracingConfig != nil { diff --git a/pkg/prometheus/promcfg_test.go b/pkg/prometheus/promcfg_test.go index bca8b4818b..1ebfcac3b4 100644 --- a/pkg/prometheus/promcfg_test.go +++ b/pkg/prometheus/promcfg_test.go @@ -3475,12 +3475,55 @@ func TestRemoteReadConfig(t *testing.T) { }, golden: "RemoteReadConfig_v2.26.0_AuthorizationSafe.golden", }, + { + version: "v2.43.0", + remoteRead: monitoringv1.RemoteReadSpec{ + URL: "http://example.com", + ProxyConfig: monitoringv1.ProxyConfig{ + ProxyURL: ptr.To("http://no-proxy.com"), + NoProxy: ptr.To("0.0.0.0"), + ProxyFromEnvironment: ptr.To(false), + ProxyConnectHeader: map[string]v1.SecretKeySelector{ + "header": { + LocalObjectReference: v1.LocalObjectReference{ + Name: "foo", + }, + Key: "proxy-header", + }, + }, + }, + }, + golden: "RemoteReadConfig_v2.43.0_ProxyConfig.golden", + }, } { t.Run(fmt.Sprintf("version=%s", tc.version), func(t *testing.T) { p := defaultPrometheus() p.Spec.CommonPrometheusFields.Version = tc.version p.Spec.RemoteRead = []monitoringv1.RemoteReadSpec{tc.remoteRead} + c := fake.NewSimpleClientset( + &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "foo", + Namespace: "default", + }, + Data: map[string][]byte{ + "proxy-header": []byte("value"), + "token": []byte("value"), + }, + }, + ) + store := assets.NewStore(c.CoreV1(), c.CoreV1()) + store.BasicAuthAssets = map[string]assets.BasicAuthCredentials{} + store.OAuth2Assets = map[string]assets.OAuth2Credentials{ + "remoteRead/0": { + ClientID: "client-id", + ClientSecret: "client-secret", + }, + } + store.TokenAssets = map[string]assets.Token{ + "remoteRead/auth/0": assets.Token("secret"), + } cg := mustNewConfigGenerator(t, p) cfg, err := cg.GenerateServerConfiguration( context.Background(), @@ -3495,18 +3538,7 @@ func TestRemoteReadConfig(t *testing.T) { nil, nil, nil, - &assets.Store{ - BasicAuthAssets: map[string]assets.BasicAuthCredentials{}, - OAuth2Assets: map[string]assets.OAuth2Credentials{ - "remoteRead/0": { - ClientID: "client-id", - ClientSecret: "client-secret", - }, - }, - TokenAssets: map[string]assets.Token{ - "remoteRead/auth/0": assets.Token("secret"), - }, - }, + store, nil, nil, nil, @@ -3526,6 +3558,7 @@ func TestRemoteReadConfig(t *testing.T) { func TestRemoteWriteConfig(t *testing.T) { sendNativeHistograms := true enableHTTP2 := false + followRedirects := true for _, tc := range []struct { version string remoteWrite monitoringv1.RemoteWriteSpec @@ -3851,6 +3884,27 @@ func TestRemoteWriteConfig(t *testing.T) { }, golden: "RemoteWriteConfig_v2.50.0.golden", }, + { + version: "v2.43.0", + remoteWrite: monitoringv1.RemoteWriteSpec{ + URL: "http://example.com", + FollowRedirects: &followRedirects, + ProxyConfig: monitoringv1.ProxyConfig{ + ProxyURL: ptr.To("http://no-proxy.com"), + NoProxy: ptr.To("0.0.0.0"), + ProxyFromEnvironment: ptr.To(false), + ProxyConnectHeader: map[string]v1.SecretKeySelector{ + "header": { + LocalObjectReference: v1.LocalObjectReference{ + Name: "foo", + }, + Key: "proxy-header", + }, + }, + }, + }, + golden: "RemoteWriteConfig_v2.43.0_ProxyConfig.golden", + }, } { t.Run(fmt.Sprintf("version=%s", tc.version), func(t *testing.T) { p := defaultPrometheus() @@ -3858,18 +3912,31 @@ func TestRemoteWriteConfig(t *testing.T) { p.Spec.CommonPrometheusFields.RemoteWrite = []monitoringv1.RemoteWriteSpec{tc.remoteWrite} p.Spec.CommonPrometheusFields.Secrets = []string{"sigv4-secret"} - store := &assets.Store{ - BasicAuthAssets: map[string]assets.BasicAuthCredentials{}, - OAuth2Assets: map[string]assets.OAuth2Credentials{ - "remoteWrite/0": { - ClientID: "client-id", - ClientSecret: "client-secret", + c := fake.NewSimpleClientset( + &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "foo", + Namespace: "default", + }, + Data: map[string][]byte{ + "proxy-header": []byte("value"), + "token": []byte("value"), }, }, - TokenAssets: map[string]assets.Token{ - "remoteWrite/auth/0": assets.Token("secret"), + ) + + store := assets.NewStore(c.CoreV1(), c.CoreV1()) + store.BasicAuthAssets = map[string]assets.BasicAuthCredentials{} + store.OAuth2Assets = map[string]assets.OAuth2Credentials{ + "remoteWrite/0": { + ClientID: "client-id", + ClientSecret: "client-secret", }, } + store.TokenAssets = map[string]assets.Token{ + "remoteWrite/auth/0": assets.Token("secret"), + } + if tc.remoteWrite.Sigv4 != nil && tc.remoteWrite.Sigv4.AccessKey != nil { store.SigV4Assets = map[string]assets.SigV4Credentials{ "remoteWrite/0": { diff --git a/pkg/prometheus/testdata/RemoteReadConfig_v2.43.0_ProxyConfig.golden b/pkg/prometheus/testdata/RemoteReadConfig_v2.43.0_ProxyConfig.golden new file mode 100644 index 0000000000..20e8f6835c --- /dev/null +++ b/pkg/prometheus/testdata/RemoteReadConfig_v2.43.0_ProxyConfig.golden @@ -0,0 +1,15 @@ +global: + evaluation_interval: 30s + scrape_interval: 30s + external_labels: + prometheus: default/test + prometheus_replica: $(POD_NAME) +scrape_configs: [] +remote_read: +- url: http://example.com + remote_timeout: 30s + proxy_url: http://no-proxy.com + no_proxy: 0.0.0.0 + proxy_from_environment: false + proxy_connect_header: + header: value diff --git a/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfig.golden b/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfig.golden new file mode 100644 index 0000000000..a2c6291c65 --- /dev/null +++ b/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfig.golden @@ -0,0 +1,16 @@ +global: + evaluation_interval: 30s + scrape_interval: 30s + external_labels: + prometheus: default/test + prometheus_replica: $(POD_NAME) +scrape_configs: [] +remote_write: +- url: http://example.com + remote_timeout: 30s + proxy_url: http://no-proxy.com + no_proxy: 0.0.0.0 + proxy_from_environment: false + proxy_connect_header: + header: value + follow_redirects: true From ad1888c679b4b49cfad7656e2e1b1d3b6bbd764a Mon Sep 17 00:00:00 2001 From: dongjiang1989 Date: Wed, 15 May 2024 20:40:00 +0800 Subject: [PATCH 2/7] update by make generate Signed-off-by: dongjiang1989 --- Documentation/api.md | 4 +- bundle.yaml | 126 +++++++++--------- ...onitoring.coreos.com_prometheusagents.yaml | 42 +++--- .../monitoring.coreos.com_prometheuses.yaml | 84 ++++++------ ...onitoring.coreos.com_prometheusagents.yaml | 42 +++--- .../monitoring.coreos.com_prometheuses.yaml | 84 ++++++------ .../prometheusagents-crd.json | 39 +++--- .../prometheus-operator/prometheuses-crd.json | 78 ++++++----- .../monitoring/v1/remotereadspec.go | 4 +- .../monitoring/v1/remotewritespec.go | 4 +- pkg/prometheus/promcfg_test.go | 24 ++-- ...emoteReadConfig_v2.43.0_ProxyConfig.golden | 3 +- ...moteWriteConfig_v2.43.0_ProxyConfig.golden | 3 +- 13 files changed, 285 insertions(+), 252 deletions(-) diff --git a/Documentation/api.md b/Documentation/api.md index a6f4b5ed56..cd0c485298 100644 --- a/Documentation/api.md +++ b/Documentation/api.md @@ -12700,7 +12700,7 @@ If unset, Prometheus uses its default value.

proxyConnectHeader
-map[string]k8s.io/api/core/v1.SecretKeySelector +map[string][]k8s.io/api/core/v1.SecretKeySelector @@ -13015,7 +13015,7 @@ If unset, Prometheus uses its default value.

proxyConnectHeader
-map[string]k8s.io/api/core/v1.SecretKeySelector +map[string][]k8s.io/api/core/v1.SecretKeySelector diff --git a/bundle.yaml b/bundle.yaml index 543add8b8c..07e3bdee1b 100644 --- a/bundle.yaml +++ b/bundle.yaml @@ -20553,26 +20553,28 @@ spec: type: object proxyConnectHeader: additionalProperties: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array description: |- ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. @@ -30682,26 +30684,28 @@ spec: type: object proxyConnectHeader: additionalProperties: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array description: |- ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. @@ -31245,26 +31249,28 @@ spec: type: object proxyConnectHeader: additionalProperties: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array description: |- ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. diff --git a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml index 4881313b14..bee704044f 100644 --- a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml +++ b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml @@ -5061,26 +5061,28 @@ spec: type: object proxyConnectHeader: additionalProperties: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array description: |- ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. diff --git a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml index a84258c6b9..ff5785345b 100644 --- a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml +++ b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml @@ -5622,26 +5622,28 @@ spec: type: object proxyConnectHeader: additionalProperties: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array description: |- ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. @@ -6185,26 +6187,28 @@ spec: type: object proxyConnectHeader: additionalProperties: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array description: |- ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. diff --git a/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml b/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml index 50635dbf3a..047008760c 100644 --- a/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml +++ b/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml @@ -5062,26 +5062,28 @@ spec: type: object proxyConnectHeader: additionalProperties: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array description: |- ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. diff --git a/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml b/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml index 8184c60c0d..822012019b 100644 --- a/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +++ b/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml @@ -5623,26 +5623,28 @@ spec: type: object proxyConnectHeader: additionalProperties: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array description: |- ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. @@ -6186,26 +6188,28 @@ spec: type: object proxyConnectHeader: additionalProperties: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array description: |- ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. diff --git a/jsonnet/prometheus-operator/prometheusagents-crd.json b/jsonnet/prometheus-operator/prometheusagents-crd.json index db157428c9..5876e80d1e 100644 --- a/jsonnet/prometheus-operator/prometheusagents-crd.json +++ b/jsonnet/prometheus-operator/prometheusagents-crd.json @@ -4339,26 +4339,29 @@ }, "proxyConnectHeader": { "additionalProperties": { - "description": "SecretKeySelector selects a key of a Secret.", - "properties": { - "key": { - "description": "The key of the secret to select from. Must be a valid secret key.", - "type": "string" - }, - "name": { - "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", - "type": "string" + "items": { + "description": "SecretKeySelector selects a key of a Secret.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } }, - "optional": { - "description": "Specify whether the Secret or its key must be defined", - "type": "boolean" - } + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" }, - "required": [ - "key" - ], - "type": "object", - "x-kubernetes-map-type": "atomic" + "type": "array" }, "description": "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0.", "type": "object", diff --git a/jsonnet/prometheus-operator/prometheuses-crd.json b/jsonnet/prometheus-operator/prometheuses-crd.json index 4a2874e2cd..b8d133d01a 100644 --- a/jsonnet/prometheus-operator/prometheuses-crd.json +++ b/jsonnet/prometheus-operator/prometheuses-crd.json @@ -4811,26 +4811,29 @@ }, "proxyConnectHeader": { "additionalProperties": { - "description": "SecretKeySelector selects a key of a Secret.", - "properties": { - "key": { - "description": "The key of the secret to select from. Must be a valid secret key.", - "type": "string" - }, - "name": { - "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", - "type": "string" + "items": { + "description": "SecretKeySelector selects a key of a Secret.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } }, - "optional": { - "description": "Specify whether the Secret or its key must be defined", - "type": "boolean" - } + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" }, - "required": [ - "key" - ], - "type": "object", - "x-kubernetes-map-type": "atomic" + "type": "array" }, "description": "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0.", "type": "object", @@ -5334,26 +5337,29 @@ }, "proxyConnectHeader": { "additionalProperties": { - "description": "SecretKeySelector selects a key of a Secret.", - "properties": { - "key": { - "description": "The key of the secret to select from. Must be a valid secret key.", - "type": "string" - }, - "name": { - "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", - "type": "string" + "items": { + "description": "SecretKeySelector selects a key of a Secret.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } }, - "optional": { - "description": "Specify whether the Secret or its key must be defined", - "type": "boolean" - } + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" }, - "required": [ - "key" - ], - "type": "object", - "x-kubernetes-map-type": "atomic" + "type": "array" }, "description": "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0.", "type": "object", diff --git a/pkg/client/applyconfiguration/monitoring/v1/remotereadspec.go b/pkg/client/applyconfiguration/monitoring/v1/remotereadspec.go index 4c5cb06fd8..1c4dd930ab 100644 --- a/pkg/client/applyconfiguration/monitoring/v1/remotereadspec.go +++ b/pkg/client/applyconfiguration/monitoring/v1/remotereadspec.go @@ -183,9 +183,9 @@ func (b *RemoteReadSpecApplyConfiguration) WithProxyFromEnvironment(value bool) // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, the entries provided by each call will be put on the ProxyConnectHeader field, // overwriting an existing map entries in ProxyConnectHeader field with the same key. -func (b *RemoteReadSpecApplyConfiguration) WithProxyConnectHeader(entries map[string]corev1.SecretKeySelector) *RemoteReadSpecApplyConfiguration { +func (b *RemoteReadSpecApplyConfiguration) WithProxyConnectHeader(entries map[string][]corev1.SecretKeySelector) *RemoteReadSpecApplyConfiguration { if b.ProxyConnectHeader == nil && len(entries) > 0 { - b.ProxyConnectHeader = make(map[string]corev1.SecretKeySelector, len(entries)) + b.ProxyConnectHeader = make(map[string][]corev1.SecretKeySelector, len(entries)) } for k, v := range entries { b.ProxyConnectHeader[k] = v diff --git a/pkg/client/applyconfiguration/monitoring/v1/remotewritespec.go b/pkg/client/applyconfiguration/monitoring/v1/remotewritespec.go index eb478627a1..5aa71de811 100644 --- a/pkg/client/applyconfiguration/monitoring/v1/remotewritespec.go +++ b/pkg/client/applyconfiguration/monitoring/v1/remotewritespec.go @@ -211,9 +211,9 @@ func (b *RemoteWriteSpecApplyConfiguration) WithProxyFromEnvironment(value bool) // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, the entries provided by each call will be put on the ProxyConnectHeader field, // overwriting an existing map entries in ProxyConnectHeader field with the same key. -func (b *RemoteWriteSpecApplyConfiguration) WithProxyConnectHeader(entries map[string]corev1.SecretKeySelector) *RemoteWriteSpecApplyConfiguration { +func (b *RemoteWriteSpecApplyConfiguration) WithProxyConnectHeader(entries map[string][]corev1.SecretKeySelector) *RemoteWriteSpecApplyConfiguration { if b.ProxyConnectHeader == nil && len(entries) > 0 { - b.ProxyConnectHeader = make(map[string]corev1.SecretKeySelector, len(entries)) + b.ProxyConnectHeader = make(map[string][]corev1.SecretKeySelector, len(entries)) } for k, v := range entries { b.ProxyConnectHeader[k] = v diff --git a/pkg/prometheus/promcfg_test.go b/pkg/prometheus/promcfg_test.go index 5d5141ff30..6f65c166be 100644 --- a/pkg/prometheus/promcfg_test.go +++ b/pkg/prometheus/promcfg_test.go @@ -3587,12 +3587,14 @@ func TestRemoteReadConfig(t *testing.T) { ProxyURL: ptr.To("http://no-proxy.com"), NoProxy: ptr.To("0.0.0.0"), ProxyFromEnvironment: ptr.To(false), - ProxyConnectHeader: map[string]v1.SecretKeySelector{ + ProxyConnectHeader: map[string][]v1.SecretKeySelector{ "header": { - LocalObjectReference: v1.LocalObjectReference{ - Name: "foo", + { + LocalObjectReference: v1.LocalObjectReference{ + Name: "foo", + }, + Key: "proxy-header", }, - Key: "proxy-header", }, }, }, @@ -3624,7 +3626,7 @@ func TestRemoteReadConfig(t *testing.T) { "client_secret": []byte("client-secret"), }, }, - &v1.Secret{ + &v1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: "foo", Namespace: "default", @@ -4022,12 +4024,14 @@ func TestRemoteWriteConfig(t *testing.T) { ProxyURL: ptr.To("http://no-proxy.com"), NoProxy: ptr.To("0.0.0.0"), ProxyFromEnvironment: ptr.To(false), - ProxyConnectHeader: map[string]v1.SecretKeySelector{ + ProxyConnectHeader: map[string][]v1.SecretKeySelector{ "header": { - LocalObjectReference: v1.LocalObjectReference{ - Name: "foo", + { + LocalObjectReference: v1.LocalObjectReference{ + Name: "foo", + }, + Key: "proxy-header", }, - Key: "proxy-header", }, }, }, @@ -4051,7 +4055,7 @@ func TestRemoteWriteConfig(t *testing.T) { "client_id": "client-id", }, }, - &v1.Secret{ + &v1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: "foo", Namespace: "default", diff --git a/pkg/prometheus/testdata/RemoteReadConfig_v2.43.0_ProxyConfig.golden b/pkg/prometheus/testdata/RemoteReadConfig_v2.43.0_ProxyConfig.golden index 20e8f6835c..9567a5b656 100644 --- a/pkg/prometheus/testdata/RemoteReadConfig_v2.43.0_ProxyConfig.golden +++ b/pkg/prometheus/testdata/RemoteReadConfig_v2.43.0_ProxyConfig.golden @@ -12,4 +12,5 @@ remote_read: no_proxy: 0.0.0.0 proxy_from_environment: false proxy_connect_header: - header: value + header: + - value diff --git a/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfig.golden b/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfig.golden index a2c6291c65..ec73c528e1 100644 --- a/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfig.golden +++ b/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfig.golden @@ -12,5 +12,6 @@ remote_write: no_proxy: 0.0.0.0 proxy_from_environment: false proxy_connect_header: - header: value + header: + - value follow_redirects: true From b3d198484f24dc56159ba760f199c0f781f70ba6 Mon Sep 17 00:00:00 2001 From: dongjiang1989 Date: Thu, 6 Jun 2024 09:59:28 +0800 Subject: [PATCH 3/7] update make generate Signed-off-by: dongjiang1989 --- bundle.yaml | 21 ++++++++++++-- ...onitoring.coreos.com_prometheusagents.yaml | 7 ++++- .../monitoring.coreos.com_prometheuses.yaml | 14 ++++++++-- ...onitoring.coreos.com_prometheusagents.yaml | 7 ++++- .../monitoring.coreos.com_prometheuses.yaml | 14 ++++++++-- .../prometheusagents-crd.json | 3 +- .../prometheus-operator/prometheuses-crd.json | 6 ++-- pkg/prometheus/promcfg_test.go | 28 +++++++++---------- 8 files changed, 74 insertions(+), 26 deletions(-) diff --git a/bundle.yaml b/bundle.yaml index c7f7614160..6755a165de 100644 --- a/bundle.yaml +++ b/bundle.yaml @@ -22333,10 +22333,15 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: description: Specify whether the Secret or its key must @@ -33280,10 +33285,15 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: description: Specify whether the Secret or its key must @@ -33921,10 +33931,15 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: description: Specify whether the Secret or its key must diff --git a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml index bbc122f177..f22be21f81 100644 --- a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml +++ b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheusagents.yaml @@ -5409,10 +5409,15 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: description: Specify whether the Secret or its key must diff --git a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml index 1bbae5f7d7..115eda933c 100644 --- a/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml +++ b/example/prometheus-operator-crd-full/monitoring.coreos.com_prometheuses.yaml @@ -6094,10 +6094,15 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: description: Specify whether the Secret or its key must @@ -6735,10 +6740,15 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: description: Specify whether the Secret or its key must diff --git a/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml b/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml index 7a898e965a..2f804ab2ab 100644 --- a/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml +++ b/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml @@ -5410,10 +5410,15 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: description: Specify whether the Secret or its key must diff --git a/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml b/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml index 85a0ce8db7..25bb195a22 100644 --- a/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +++ b/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml @@ -6095,10 +6095,15 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: description: Specify whether the Secret or its key must @@ -6736,10 +6741,15 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: description: Specify whether the Secret or its key must diff --git a/jsonnet/prometheus-operator/prometheusagents-crd.json b/jsonnet/prometheus-operator/prometheusagents-crd.json index 969b151e7b..fd053c2053 100644 --- a/jsonnet/prometheus-operator/prometheusagents-crd.json +++ b/jsonnet/prometheus-operator/prometheusagents-crd.json @@ -4529,7 +4529,8 @@ "type": "string" }, "name": { - "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.", "type": "string" }, "optional": { diff --git a/jsonnet/prometheus-operator/prometheuses-crd.json b/jsonnet/prometheus-operator/prometheuses-crd.json index b3831aaea3..0a4006d577 100644 --- a/jsonnet/prometheus-operator/prometheuses-crd.json +++ b/jsonnet/prometheus-operator/prometheuses-crd.json @@ -5062,7 +5062,8 @@ "type": "string" }, "name": { - "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.", "type": "string" }, "optional": { @@ -5611,7 +5612,8 @@ "type": "string" }, "name": { - "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", + "default": "", + "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.", "type": "string" }, "optional": { diff --git a/pkg/prometheus/promcfg_test.go b/pkg/prometheus/promcfg_test.go index e474c944ff..33a5604748 100644 --- a/pkg/prometheus/promcfg_test.go +++ b/pkg/prometheus/promcfg_test.go @@ -3693,6 +3693,15 @@ func TestRemoteReadConfig(t *testing.T) { "client_secret": []byte("client-secret"), }, }, + &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "auth", + Namespace: "default", + }, + Data: map[string][]byte{ + "bearer": []byte("secret"), + }, + }, &v1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: "foo", @@ -3740,7 +3749,7 @@ func TestRemoteWriteConfig(t *testing.T) { sendNativeHistograms := true enableHTTP2 := false followRedirects := true - for _, tc := range []struct { + for i, tc := range []struct { version string remoteWrite monitoringv1.RemoteWriteSpec golden string @@ -4165,19 +4174,10 @@ func TestRemoteWriteConfig(t *testing.T) { "client_secret": []byte("client-secret"), }, }, - ) - store.TokenAssets = map[string]assets.Token{ - "remoteWrite/auth/0": assets.Token("secret"), - } - store.TokenAssets = map[string]assets.Token{ - "remoteWrite/auth/0": assets.Token("secret"), - } - - if tc.remoteWrite.Sigv4 != nil && tc.remoteWrite.Sigv4.AccessKey != nil { - store.SigV4Assets = map[string]assets.SigV4Credentials{ - "remoteWrite/0": { - AccessKeyID: "access-key", - SecretKeyID: "secret-key", + &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "auth", + Namespace: "default", }, Data: map[string][]byte{ "token": []byte("secret"), From f778fa1a1563dd16e4641407013dacf89ef81bf2 Mon Sep 17 00:00:00 2001 From: dongjiang1989 Date: Tue, 11 Jun 2024 15:09:08 +0800 Subject: [PATCH 4/7] update by code review Signed-off-by: dongjiang1989 --- pkg/assets/store.go | 18 +++++++ pkg/assets/store_test.go | 98 +++++++++++++++++++++++++++++++++++++++ pkg/prometheus/promcfg.go | 40 ++++++++-------- pkg/prometheus/store.go | 8 ++++ 4 files changed, 143 insertions(+), 21 deletions(-) diff --git a/pkg/assets/store.go b/pkg/assets/store.go index 42fc6e4626..779317d7e1 100644 --- a/pkg/assets/store.go +++ b/pkg/assets/store.go @@ -185,6 +185,24 @@ func (s *StoreBuilder) AddBasicAuth(ctx context.Context, ns string, ba *monitori return nil } +// AddProxyConfig processes the given *ProxyConfig and adds the referenced credentials to the store. +func (s *StoreBuilder) AddProxyConfig(ctx context.Context, ns string, pc monitoringv1.ProxyConfig) error { + if len(pc.ProxyConnectHeader) <= 0 { + return nil + } + + for k, v := range pc.ProxyConnectHeader { + for _, v1 := range v { + _, err := s.GetSecretKey(ctx, ns, v1) + if err != nil { + return fmt.Errorf("failed to get proxy config connect header: %s %w", k, err) + } + } + } + + return nil +} + // AddOAuth2 processes the given *OAuth2 and adds the referenced credentials to the store. func (s *StoreBuilder) AddOAuth2(ctx context.Context, ns string, oauth2 *monitoringv1.OAuth2) error { if oauth2 == nil { diff --git a/pkg/assets/store_test.go b/pkg/assets/store_test.go index 95d24ead4b..392fdfdce9 100644 --- a/pkg/assets/store_test.go +++ b/pkg/assets/store_test.go @@ -285,6 +285,104 @@ func TestAddBasicAuth(t *testing.T) { } } +func TestProxyCongfig(t *testing.T) { + c := fake.NewSimpleClientset( + &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "secret", + Namespace: "ns1", + }, + Data: map[string][]byte{ + "proxyA": []byte("proxyA"), + "proxyB": []byte("proxyB"), + "proxyC": []byte("proxyC"), + }, + }, + ) + + for _, tc := range []struct { + ns string + selectedName string + selectedKey string + selectedValue string + + err bool + }{ + { + ns: "ns1", + selectedName: "secret", + selectedKey: "proxyA", + selectedValue: "proxyA", + err: false, + }, + { + // Wrong selected name. + ns: "ns1", + selectedName: "proxyA", + selectedKey: "proxyA", + selectedValue: "proxyA", + err: true, + }, + { + // Wrong namespace. + ns: "ns2", + selectedName: "secret", + selectedKey: "proxyA", + selectedValue: "proxyA", + err: true, + }, + { + // Wrong not found selected key. + ns: "ns1", + selectedName: "secret", + selectedKey: "proxyD", + selectedValue: "proxyD", + err: true, + }, + } { + + t.Run("", func(t *testing.T) { + store := NewStoreBuilder(c.CoreV1(), c.CoreV1()) + + proxyConfig := monitoringv1.ProxyConfig{ + ProxyConnectHeader: map[string][]v1.SecretKeySelector{ + "header": { + { + LocalObjectReference: v1.LocalObjectReference{ + Name: tc.selectedName, + }, + Key: tc.selectedKey, + }, + }, + }, + } + + err := store.AddProxyConfig(context.Background(), tc.ns, proxyConfig) + + if tc.err { + if err == nil { + t.Fatal("expecting error, got no error") + } + return + } + + if err != nil { + t.Fatalf("expecting no error, got %q", err) + } + + b, err := store.ForNamespace(tc.ns).GetSecretKey(proxyConfig.ProxyConnectHeader["header"][0]) + if err != nil { + t.Fatalf("expecting no error, got %s", err) + } + + if string(b) != tc.selectedValue { + t.Fatalf("expecting value %q, got %q", tc.selectedValue, string(b)) + } + }) + } + +} + func TestAddTLSConfig(t *testing.T) { c := fake.NewSimpleClientset( &v1.ConfigMap{ diff --git a/pkg/prometheus/promcfg.go b/pkg/prometheus/promcfg.go index 7bef68d573..d3c2157a1f 100644 --- a/pkg/prometheus/promcfg.go +++ b/pkg/prometheus/promcfg.go @@ -592,10 +592,9 @@ func (cg *ConfigGenerator) buildExternalLabels() yaml.MapSlice { } func (cg *ConfigGenerator) addProxyConfigtoYaml( - ctx context.Context, cfg yaml.MapSlice, namespace string, - store *assets.StoreBuilder, + store assets.StoreGetter, proxyConfig monitoringv1.ProxyConfig, ) yaml.MapSlice { if reflect.ValueOf(proxyConfig).IsZero() { @@ -622,8 +621,8 @@ func (cg *ConfigGenerator) addProxyConfigtoYaml( for k, v := range proxyConfig.ProxyConnectHeader { proxyConnectHeader[k] = []string{} for _, s := range v { - value, _ := store.GetSecretKey(ctx, namespace, s) - proxyConnectHeader[k] = append(proxyConnectHeader[k], value) + value, _ := store.GetSecretKey(s) + proxyConnectHeader[k] = append(proxyConnectHeader[k], string(value)) } } @@ -739,7 +738,7 @@ func (cg *ConfigGenerator) GenerateServerConfiguration( // Remote read config if len(remoteRead) > 0 { - cfg = append(cfg, cg.generateRemoteReadConfig(ctx, remoteRead, store)) + cfg = append(cfg, cg.generateRemoteReadConfig(remoteRead, store)) } if cpf.TracingConfig != nil { @@ -1949,7 +1948,6 @@ func (cg *ConfigGenerator) generateAdditionalScrapeConfigs( } func (cg *ConfigGenerator) generateRemoteReadConfig( - ctx context.Context, remoteRead []monitoringv1.RemoteReadSpec, store *assets.StoreBuilder, ) yaml.MapItem { @@ -2004,7 +2002,7 @@ func (cg *ConfigGenerator) generateRemoteReadConfig( cfg = cg.addAuthorizationToYaml(cfg, s, spec.Authorization) - cfg = cg.addProxyConfigtoYaml(ctx, cfg, objMeta.GetNamespace(), store, spec.ProxyConfig) + cfg = cg.addProxyConfigtoYaml(cfg, objMeta.GetNamespace(), s, spec.ProxyConfig) if spec.FollowRedirects != nil { cfg = cg.WithMinimumVersion("2.26.0").AppendMapItem(cfg, "follow_redirects", spec.FollowRedirects) @@ -2156,7 +2154,7 @@ func (cg *ConfigGenerator) generateRemoteWriteConfig( cfg = cg.addAuthorizationToYaml(cfg, s, spec.Authorization) - cfg = cg.addProxyConfigtoYaml(ctx, cfg, objMeta.GetNamespace(), store, spec.ProxyConfig) + cfg = cg.addProxyConfigtoYaml(cfg, objMeta.GetNamespace(), s, spec.ProxyConfig) cfg = cg.WithMinimumVersion("2.26.0").addSigv4ToYaml(cfg, fmt.Sprintf("remoteWrite/%d", i), s, spec.Sigv4) @@ -2630,7 +2628,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( cfg = append(cfg, yaml.MapItem{Key: "scheme", Value: strings.ToLower(*sc.Spec.Scheme)}) } - cfg = cg.addProxyConfigtoYaml(ctx, cfg, sc.GetNamespace(), store, sc.Spec.ProxyConfig) + cfg = cg.addProxyConfigtoYaml(cfg, sc.GetNamespace(), s, sc.Spec.ProxyConfig) cfg = cg.addBasicAuthToYaml(cfg, s, sc.Spec.BasicAuth) @@ -2720,7 +2718,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = addSafeTLStoYaml(configs[i], sc.Namespace, *config.TLSConfig) } - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) } cfg = append(cfg, yaml.MapItem{ Key: "http_sd_configs", @@ -2749,7 +2747,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) if config.FollowRedirects != nil { configs[i] = append(configs[i], yaml.MapItem{ @@ -2935,7 +2933,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( }) } - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) if config.FollowRedirects != nil { configs[i] = append(configs[i], yaml.MapItem{ @@ -3362,7 +3360,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( for i, config := range sc.Spec.DigitalOceanSDConfigs { configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], store.ForNamespace(sc.GetNamespace()), config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) if config.FollowRedirects != nil { configs[i] = append(configs[i], yaml.MapItem{ @@ -3409,7 +3407,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "server", @@ -3469,7 +3467,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) if config.FollowRedirects != nil { configs[i] = append(configs[i], yaml.MapItem{ @@ -3517,7 +3515,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( s := store.ForNamespace(sc.Namespace) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = append(configs[i], yaml.MapItem{ @@ -3600,7 +3598,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( s := store.ForNamespace(sc.Namespace) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) if config.TLSConfig != nil { configs[i] = addSafeTLStoYaml(configs[i], sc.GetNamespace(), *config.TLSConfig) @@ -3665,7 +3663,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "role", @@ -3719,7 +3717,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "server", @@ -3793,7 +3791,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "host", @@ -3873,7 +3871,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "url", diff --git a/pkg/prometheus/store.go b/pkg/prometheus/store.go index d3ba27ffc7..d856015e8e 100644 --- a/pkg/prometheus/store.go +++ b/pkg/prometheus/store.go @@ -52,6 +52,10 @@ func AddRemoteWritesToStore(ctx context.Context, store *assets.StoreBuilder, nam if err := store.AddAzureOAuth(ctx, namespace, remote.AzureAD); err != nil { return fmt.Errorf("remote write %d: %w", i, err) } + + if err := store.AddProxyConfig(ctx, namespace, remote.ProxyConfig); err != nil { + return fmt.Errorf("remote write %d: %w", i, err) + } } return nil @@ -74,6 +78,10 @@ func AddRemoteReadsToStore(ctx context.Context, store *assets.StoreBuilder, name if err := store.AddAuthorizationCredentials(ctx, namespace, remote.Authorization); err != nil { return fmt.Errorf("remote read %d: %w", i, err) } + + if err := store.AddProxyConfig(ctx, namespace, remote.ProxyConfig); err != nil { + return fmt.Errorf("remote read %d: %w", i, err) + } } return nil From 52dbd02282cc146d735c6c382485b197f466aa12 Mon Sep 17 00:00:00 2001 From: dongjiang1989 Date: Tue, 11 Jun 2024 15:19:05 +0800 Subject: [PATCH 5/7] fix golangci-lint Signed-off-by: dongjiang1989 --- pkg/prometheus/promcfg.go | 36 +++++++++++++++++------------------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/pkg/prometheus/promcfg.go b/pkg/prometheus/promcfg.go index d3c2157a1f..7e89da07e6 100644 --- a/pkg/prometheus/promcfg.go +++ b/pkg/prometheus/promcfg.go @@ -593,7 +593,6 @@ func (cg *ConfigGenerator) buildExternalLabels() yaml.MapSlice { func (cg *ConfigGenerator) addProxyConfigtoYaml( cfg yaml.MapSlice, - namespace string, store assets.StoreGetter, proxyConfig monitoringv1.ProxyConfig, ) yaml.MapSlice { @@ -733,7 +732,7 @@ func (cg *ConfigGenerator) GenerateServerConfiguration( // Remote write config if len(cpf.RemoteWrite) > 0 { - cfg = append(cfg, cg.generateRemoteWriteConfig(ctx, store)) + cfg = append(cfg, cg.generateRemoteWriteConfig(store)) } // Remote read config @@ -2002,7 +2001,7 @@ func (cg *ConfigGenerator) generateRemoteReadConfig( cfg = cg.addAuthorizationToYaml(cfg, s, spec.Authorization) - cfg = cg.addProxyConfigtoYaml(cfg, objMeta.GetNamespace(), s, spec.ProxyConfig) + cfg = cg.addProxyConfigtoYaml(cfg, s, spec.ProxyConfig) if spec.FollowRedirects != nil { cfg = cg.WithMinimumVersion("2.26.0").AppendMapItem(cfg, "follow_redirects", spec.FollowRedirects) @@ -2061,7 +2060,6 @@ func (cg *ConfigGenerator) addOAuth2ToYaml( } func (cg *ConfigGenerator) generateRemoteWriteConfig( - ctx context.Context, store *assets.StoreBuilder, ) yaml.MapItem { cfgs := []yaml.MapSlice{} @@ -2154,7 +2152,7 @@ func (cg *ConfigGenerator) generateRemoteWriteConfig( cfg = cg.addAuthorizationToYaml(cfg, s, spec.Authorization) - cfg = cg.addProxyConfigtoYaml(cfg, objMeta.GetNamespace(), s, spec.ProxyConfig) + cfg = cg.addProxyConfigtoYaml(cfg, s, spec.ProxyConfig) cfg = cg.WithMinimumVersion("2.26.0").addSigv4ToYaml(cfg, fmt.Sprintf("remoteWrite/%d", i), s, spec.Sigv4) @@ -2511,7 +2509,7 @@ func (cg *ConfigGenerator) GenerateAgentConfiguration( // Remote write config if len(cpf.RemoteWrite) > 0 { - cfg = append(cfg, cg.generateRemoteWriteConfig(ctx, store)) + cfg = append(cfg, cg.generateRemoteWriteConfig(store)) } if cpf.TracingConfig != nil { @@ -2628,7 +2626,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( cfg = append(cfg, yaml.MapItem{Key: "scheme", Value: strings.ToLower(*sc.Spec.Scheme)}) } - cfg = cg.addProxyConfigtoYaml(cfg, sc.GetNamespace(), s, sc.Spec.ProxyConfig) + cfg = cg.addProxyConfigtoYaml(cfg, s, sc.Spec.ProxyConfig) cfg = cg.addBasicAuthToYaml(cfg, s, sc.Spec.BasicAuth) @@ -2718,7 +2716,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = addSafeTLStoYaml(configs[i], sc.Namespace, *config.TLSConfig) } - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) } cfg = append(cfg, yaml.MapItem{ Key: "http_sd_configs", @@ -2747,7 +2745,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) if config.FollowRedirects != nil { configs[i] = append(configs[i], yaml.MapItem{ @@ -2933,7 +2931,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( }) } - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) if config.FollowRedirects != nil { configs[i] = append(configs[i], yaml.MapItem{ @@ -3360,7 +3358,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( for i, config := range sc.Spec.DigitalOceanSDConfigs { configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], store.ForNamespace(sc.GetNamespace()), config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) if config.FollowRedirects != nil { configs[i] = append(configs[i], yaml.MapItem{ @@ -3407,7 +3405,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "server", @@ -3467,7 +3465,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) if config.FollowRedirects != nil { configs[i] = append(configs[i], yaml.MapItem{ @@ -3515,7 +3513,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( s := store.ForNamespace(sc.Namespace) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = append(configs[i], yaml.MapItem{ @@ -3598,7 +3596,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( s := store.ForNamespace(sc.Namespace) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) if config.TLSConfig != nil { configs[i] = addSafeTLStoYaml(configs[i], sc.GetNamespace(), *config.TLSConfig) @@ -3663,7 +3661,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "role", @@ -3717,7 +3715,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "server", @@ -3791,7 +3789,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "host", @@ -3871,7 +3869,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) - configs[i] = cg.addProxyConfigtoYaml(configs[i], sc.GetNamespace(), s, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) configs[i] = append(configs[i], yaml.MapItem{ Key: "url", From ee30390b086660601524fc9e07e9d524ba647555 Mon Sep 17 00:00:00 2001 From: dongjiang1989 Date: Fri, 14 Jun 2024 16:45:54 +0800 Subject: [PATCH 6/7] fix addProxyConfigtoYaml Signed-off-by: dongjiang1989 --- pkg/prometheus/promcfg.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/prometheus/promcfg.go b/pkg/prometheus/promcfg.go index 0248e83a60..3d36671ce7 100644 --- a/pkg/prometheus/promcfg.go +++ b/pkg/prometheus/promcfg.go @@ -3933,7 +3933,7 @@ func (cg *ConfigGenerator) generateScrapeConfig( s := store.ForNamespace(sc.Namespace) configs[i] = cg.addBasicAuthToYaml(configs[i], s, config.BasicAuth) configs[i] = cg.addSafeAuthorizationToYaml(configs[i], s, config.Authorization) - configs[i] = cg.addProxyConfigtoYaml(ctx, configs[i], sc.GetNamespace(), store, config.ProxyConfig) + configs[i] = cg.addProxyConfigtoYaml(configs[i], s, config.ProxyConfig) configs[i] = cg.addOAuth2ToYaml(configs[i], s, config.OAuth2) if config.Region != nil { From 2581ad9cea889780e8647df5257ff04f43cdf4ff Mon Sep 17 00:00:00 2001 From: dongjiang1989 Date: Mon, 17 Jun 2024 15:15:11 +0800 Subject: [PATCH 7/7] update unittest cases Signed-off-by: dongjiang1989 --- pkg/prometheus/promcfg_test.go | 39 +++++++++++++++++++ ...g_v2.43.0_ProxyConfigWithMutiValues.golden | 18 +++++++++ 2 files changed, 57 insertions(+) create mode 100644 pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfigWithMutiValues.golden diff --git a/pkg/prometheus/promcfg_test.go b/pkg/prometheus/promcfg_test.go index 285b454b1b..f7a99837df 100644 --- a/pkg/prometheus/promcfg_test.go +++ b/pkg/prometheus/promcfg_test.go @@ -4138,6 +4138,35 @@ func TestRemoteWriteConfig(t *testing.T) { }, golden: "RemoteWriteConfig_v2.43.0_ProxyConfig.golden", }, + { + version: "v2.43.0", + remoteWrite: monitoringv1.RemoteWriteSpec{ + URL: "http://example.com", + FollowRedirects: &followRedirects, + ProxyConfig: monitoringv1.ProxyConfig{ + ProxyURL: ptr.To("http://no-proxy.com"), + NoProxy: ptr.To("0.0.0.0"), + ProxyFromEnvironment: ptr.To(false), + ProxyConnectHeader: map[string][]v1.SecretKeySelector{ + "header": { + { + LocalObjectReference: v1.LocalObjectReference{ + Name: "foo", + }, + Key: "proxy-header", + }, + { + LocalObjectReference: v1.LocalObjectReference{ + Name: "bar", + }, + Key: "proxy-header", + }, + }, + }, + }, + }, + golden: "RemoteWriteConfig_v2.43.0_ProxyConfigWithMutiValues.golden", + }, } { t.Run(fmt.Sprintf("i=%d,version=%s", i, tc.version), func(t *testing.T) { p := defaultPrometheus() @@ -4165,6 +4194,16 @@ func TestRemoteWriteConfig(t *testing.T) { "token": []byte("value"), }, }, + &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "bar", + Namespace: "default", + }, + Data: map[string][]byte{ + "proxy-header": []byte("value1"), + "token": []byte("value1"), + }, + }, &v1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: "oauth2", diff --git a/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfigWithMutiValues.golden b/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfigWithMutiValues.golden new file mode 100644 index 0000000000..9cba42095f --- /dev/null +++ b/pkg/prometheus/testdata/RemoteWriteConfig_v2.43.0_ProxyConfigWithMutiValues.golden @@ -0,0 +1,18 @@ +global: + evaluation_interval: 30s + scrape_interval: 30s + external_labels: + prometheus: default/test + prometheus_replica: $(POD_NAME) +scrape_configs: [] +remote_write: +- url: http://example.com + remote_timeout: 30s + proxy_url: http://no-proxy.com + no_proxy: 0.0.0.0 + proxy_from_environment: false + proxy_connect_header: + header: + - value + - value1 + follow_redirects: true