-
Notifications
You must be signed in to change notification settings - Fork 131
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add dynamic layers to tigera infra layer in SG EV-3506 #2639
Conversation
@@ -331,16 +331,25 @@ func (r *ReconcileConnection) Reconcile(ctx context.Context, request reconcile.R | |||
} | |||
} | |||
|
|||
optionaUILayerNamespaces := []string{render.GuardianNamespace} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this needs a comment explaining why these are optional and what a UI layer is at all.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added a comment and updated the variable name as sgLayerTigeraNameSpaces
pkg/render/manager.go
Outdated
@@ -942,25 +944,27 @@ func managerUserSpecificSettingsGroup() *v3.UISettingsGroup { | |||
// all of the tigera namespaces. | |||
// | |||
// Calico Enterprise only | |||
func managerClusterWideTigeraLayer() *v3.UISettings { | |||
func managerClusterWideTigeraLayer(namespace []string) *v3.UISettings { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: "namespace" is singular, but it's a slice of multiple elements.
This should be called something like additionalNamespaces
or something like that.
Alternatively, remove namespaces
from this function altogether and callers just need to pass the full list of namespaces they need.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done. Passing the full list from the calling controllers.
pkg/render/manager.go
Outdated
"tigera-operator", | ||
"tigera-packetcapture", | ||
"tigera-policy-recommendation", | ||
"tigera-prometheus", | ||
"tigera-system", | ||
"calico-system", | ||
} | ||
|
||
for _, ns := range namespace { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's the behavior if there are duplicates in this slice?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Replaced the slice with map[string]bool to avoid duplicates
@@ -331,16 +331,29 @@ func (r *ReconcileConnection) Reconcile(ctx context.Context, request reconcile.R | |||
} | |||
} | |||
|
|||
// Populate a list of namespaces to be displayed in the service graph Tigera infrastructure layer. | |||
sgLayerTigeraNameSpaces := render.DefaultSGLayerTigeraNamespaces() | |||
if !sgLayerTigeraNameSpaces[render.GuardianNamespace] { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think there is no need for the if statement and we can simply set it to true or am I missing something?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this applies to all of these if-statements in the PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
} | ||
amz, err := utils.GetAmazonCloudIntegration(ctx, r.Client) | ||
if err != nil { | ||
log.Error(err, "Failed to fetch GetAmazonCloudIntegration info") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: 2 spaces "to fetch"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
sgLayerTigeraNameSpaces[render.GuardianNamespace] = true | ||
} | ||
amz, err := utils.GetAmazonCloudIntegration(ctx, r.Client) | ||
if err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If there is no AmazonCloudIntegration in the cluster, then err will not be nil. I think you want to filter out the NotFound error. If NotFound then we do nothing. If it is another error, we need to SetDegraded()
If there is no error, then AmazonCloudIntegration is in the cluster and we can set sgLayerTigeraNameSpaces[render.AmazonCloudIntegrationNamespace] = true
. No need for an if-statement to see if it is already in the map.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
@rene-dekker Addressed the review comments. |
@@ -359,6 +359,10 @@ func (r *ReconcileManager) Reconcile(ctx context.Context, request reconcile.Requ | |||
trustedSecretNames = append(trustedSecretNames, render.ComplianceServerCertSecret) | |||
} | |||
|
|||
// Populate a list of namespaces to be displayed in the service graph Tigera infrastructure layer. | |||
sgLayerTigeraNameSpaces := render.DefaultSGLayerTigeraNamespaces() | |||
sgLayerTigeraNameSpaces[render.ManagerNamespace] = true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just realize that compliance is an optional namespace as well. The CR is already fetched in this controller.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
…506 (#2649) * Add dynamic layers to tigera infra layer in SG * Return reconcile on error for getamazoncloud integration config
…yer in SG EV-3506 (tigera#2649)" This reverts commit e139e32.
…yer in SG EV-3506 (tigera#2649)" This reverts commit e139e32.
Revert "Cherry-pick #2639 Add dynamic layers to tigera infra layer in SG EV-3506"
Description
Issue: https://tigera.atlassian.net/browse/EV-3506
Changes:
Service graph Layer should display any all the namespace created by the product.
Added a changes to dynamically populate namespace that applicable for cluster type
Standalone cluster/Management cluster:
Managed cluster:
Testing:
Management cluster: with dex enabled
![image](https://private-user-images.githubusercontent.com/102720382/239106263-b22de4a0-ad76-49a5-9c51-2ef45cefe58f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk5OTk1MTgsIm5iZiI6MTcxOTk5OTIxOCwicGF0aCI6Ii8xMDI3MjAzODIvMjM5MTA2MjYzLWIyMmRlNGEwLWFkNzYtNDlhNS05YzUxLTJlZjQ1Y2VmZTU4Zi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNzAzJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDcwM1QwOTMzMzhaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT0yOGYwZGViNzgyY2UxNDUzNzFkMzE0N2RkZjhhNjQwYWIyNmU2MmZhMTA1MDU5ZWUxMzM2ZmViMDgxYWZmMDFlJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.ZT1vxi8ULOs_zRfav5esJIhfYbPAja8T4BTFZiraZ8s)
Managed cluster:
![image](https://private-user-images.githubusercontent.com/102720382/239104798-b4c48191-e9ff-4a74-b71c-78b3f8a889cd.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk5OTk1MTgsIm5iZiI6MTcxOTk5OTIxOCwicGF0aCI6Ii8xMDI3MjAzODIvMjM5MTA0Nzk4LWI0YzQ4MTkxLWU5ZmYtNGE3NC1iNzFjLTc4YjNmOGE4ODljZC5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNzAzJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDcwM1QwOTMzMzhaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT03OTAxMmRiNjg2YmIwZjZhMzExNjg1ZjE0ZWFlNzVkYTY5Y2Q2Zjg5NWY5OTVmMmZiNDc3YWMxNjk1OWRiNjJhJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.XVZmNz3YmwaLlr_hK3SAP2jM43B4CoVHwl3O4ULAjhM)
For PR author
make gen-files
make gen-versions
For PR reviewers
A note for code reviewers - all pull requests must have the following:
kind/bug
if this is a bugfix.kind/enhancement
if this is a a new feature.enterprise
if this PR applies to Calico Enterprise only.