Revert "Implement periodic gathering as a job in tech preview (opensh…

…ift#787)" (openshift#798) This reverts commit bb72dd0.
tremes · Jun 23, 2023 · cd80172 · cd80172
1 parent bb72dd0
commit cd80172
Show file tree

Hide file tree

Showing 67 changed files with 467 additions and 5,305 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -66,7 +66,7 @@ linters:
   enable:
     - bodyclose
     - deadcode
-    #- depguard
+    - depguard
     - dogsled
     - dupl
     - errcheck

diff --git a/cmd/insights-operator/main.go b/cmd/insights-operator/main.go
@@ -60,7 +60,6 @@ func NewOperatorCommand() *cobra.Command {
 	cmd.AddCommand(start.NewOperator())
 	cmd.AddCommand(start.NewReceiver())
 	cmd.AddCommand(start.NewGather())
-	cmd.AddCommand(start.NewGatherAndUpload())
 
 	return cmd
 }
diff --git a/cmd/obfuscate-archive/main.go b/cmd/obfuscate-archive/main.go
@@ -10,7 +10,6 @@ import (
 	"strings"
 
 	configv1 "github.com/openshift/api/config/v1"
-	"github.com/openshift/api/insights/v1alpha1"
 	"github.com/openshift/insights-operator/pkg/anonymization"
 	"github.com/openshift/insights-operator/pkg/gather"
 	"github.com/openshift/insights-operator/pkg/record"
@@ -62,7 +61,7 @@ func obfuscateArchive(path string) (string, error) {
 		return "", err
 	}
 
-	anonymizer, err := anonymization.NewAnonymizer(clusterBaseDomain, networks, nil, nil, v1alpha1.ObfuscateNetworking)
+	anonymizer, err := anonymization.NewAnonymizer(clusterBaseDomain, networks, nil, nil, nil)
 	if err != nil {
 		return "", err
 	}

diff --git a/manifests/03-clusterrole.yaml b/manifests/03-clusterrole.yaml
@@ -43,19 +43,6 @@ metadata:
     include.release.openshift.io/single-node-developer: "true"
     capability.openshift.io/name: Insights
 rules:
-  - apiGroups:
-      - "insights.openshift.io"
-    resources:
-      - datagathers
-      - datagathers/status
-    verbs:
-      - create
-      - get
-      - update
-      - patch
-      - list
-      - delete
-      - watch
   - apiGroups:
       - "operator.openshift.io"
     resources:
@@ -390,22 +377,6 @@ rules:
       - pods
     verbs:
       - get
-  - apiGroups:
-      - batch
-    resources:
-      - jobs
-    verbs:
-      - create
-      - get
-      - list 
-      - delete
-  - apiGroups:
-      - apps
-    resources:
-      - deployments
-    verbs:
-      - get
-
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding

diff --git a/manifests/05-prometheus_role.yaml → manifests/03-prometheus_role.yaml b/manifests/05-prometheus_role.yaml → manifests/03-prometheus_role.yaml
diff --git a/manifests/04-datagather-insights-crd.yaml b/manifests/04-datagather-insights-crd.yaml
diff --git a/manifests/03-serviceaccount.yaml → manifests/04-serviceaccount.yaml b/manifests/03-serviceaccount.yaml → manifests/04-serviceaccount.yaml
diff --git a/...ests/06-deployment-ibm-cloud-managed.yaml → ...ests/05-deployment-ibm-cloud-managed.yaml b/...ests/06-deployment-ibm-cloud-managed.yaml → ...ests/05-deployment-ibm-cloud-managed.yaml
diff --git a/manifests/06-deployment.yaml → manifests/05-deployment.yaml b/manifests/06-deployment.yaml → manifests/05-deployment.yaml
diff --git a/manifests/03-operator-crd.yaml → manifests/08-operator-crd.yaml b/manifests/03-operator-crd.yaml → manifests/08-operator-crd.yaml
diff --git a/manifests/04-operator-cr.yaml → manifests/09-operator-cr.yaml b/manifests/04-operator-cr.yaml → manifests/09-operator-cr.yaml
diff --git a/manifests/08-prometheus_rule.yaml → manifests/10-prometheus_rule.yaml b/manifests/08-prometheus_rule.yaml → manifests/10-prometheus_rule.yaml
diff --git a/manifests/09-servicemonitor.yaml → manifests/11-servicemonitor.yaml b/manifests/09-servicemonitor.yaml → manifests/11-servicemonitor.yaml
diff --git a/pkg/anonymization/anonymizer.go b/pkg/anonymization/anonymizer.go
@@ -33,7 +33,7 @@ import (
 	"sync"
 
 	configv1 "github.com/openshift/api/config/v1"
-	"github.com/openshift/api/insights/v1alpha1"
+	"github.com/openshift/api/config/v1alpha1"
 	networkv1 "github.com/openshift/api/network/v1"
 	configv1client "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1"
 	networkv1client "github.com/openshift/client-go/network/clientset/versioned/typed/network/v1"
@@ -88,7 +88,7 @@ type Anonymizer struct {
 	ipNetworkRegex     *regexp.Regexp
 	secretsClient      corev1client.SecretInterface
 	secretConfigurator configobserver.Configurator
-	dataPolicy         v1alpha1.DataPolicy
+	apiConfigurator    configobserver.InsightsDataGatherObserver
 	configClient       configv1client.ConfigV1Interface
 	networkClient      networkv1client.NetworkV1Interface
 	gatherKubeClient   kubernetes.Interface
@@ -104,7 +104,7 @@ func NewAnonymizer(clusterBaseDomain string,
 	networks []string,
 	secretsClient corev1client.SecretInterface,
 	secretConfigurator configobserver.Configurator,
-	dataPolicy v1alpha1.DataPolicy) (*Anonymizer, error) {
+	apiConfigurator configobserver.InsightsDataGatherObserver) (*Anonymizer, error) {
 	cidrs, err := k8snet.ParseCIDRs(networks)
 	if err != nil {
 		return nil, err
@@ -126,7 +126,7 @@ func NewAnonymizer(clusterBaseDomain string,
 		ipNetworkRegex:     regexp.MustCompile(Ipv4AddressOrNetworkRegex),
 		secretsClient:      secretsClient,
 		secretConfigurator: secretConfigurator,
-		dataPolicy:         dataPolicy,
+		apiConfigurator:    apiConfigurator,
 	}, nil
 }
 
@@ -138,14 +138,14 @@ func NewAnonymizerFromConfigClient(
 	configClient configv1client.ConfigV1Interface,
 	networkClient networkv1client.NetworkV1Interface,
 	secretConfigurator configobserver.Configurator,
-	dataPolicy v1alpha1.DataPolicy,
+	apiConfigurator configobserver.InsightsDataGatherObserver,
 ) (*Anonymizer, error) {
 	baseDomain, err := utils.GetClusterBaseDomain(ctx, configClient)
 	if err != nil {
 		return nil, err
 	}
 	secretsClient := kubeClient.CoreV1().Secrets(secretNamespace)
-	a, err := NewAnonymizer(baseDomain, []string{}, secretsClient, secretConfigurator, dataPolicy)
+	a, err := NewAnonymizer(baseDomain, []string{}, secretsClient, secretConfigurator, apiConfigurator)
 	if err != nil {
 		return nil, err
 	}
@@ -322,7 +322,7 @@ func NewAnonymizerFromConfig(
 	gatherProtoKubeConfig *rest.Config,
 	protoKubeConfig *rest.Config,
 	secretConfigurator configobserver.Configurator,
-	dataPolicy v1alpha1.DataPolicy,
+	apiConfigurator configobserver.InsightsDataGatherObserver,
 ) (*Anonymizer, error) {
 	kubeClient, err := kubernetes.NewForConfig(protoKubeConfig)
 	if err != nil {
@@ -344,7 +344,7 @@ func NewAnonymizerFromConfig(
 		return nil, err
 	}
 
-	return NewAnonymizerFromConfigClient(ctx, kubeClient, gatherKubeClient, configClient, networkClient, secretConfigurator, dataPolicy)
+	return NewAnonymizerFromConfigClient(ctx, kubeClient, gatherKubeClient, configClient, networkClient, secretConfigurator, apiConfigurator)
 }
 
 // AnonymizeMemoryRecord takes record.MemoryRecord, removes the sensitive data from it and returns the same object
@@ -484,8 +484,8 @@ func (anonymizer *Anonymizer) IsObfuscationEnabled() bool {
 	if anonymizer.secretConfigurator.Config().EnableGlobalObfuscation {
 		return true
 	}
-	if anonymizer.dataPolicy != "" {
-		return anonymizer.dataPolicy == v1alpha1.ObfuscateNetworking
+	if anonymizer.apiConfigurator != nil {
+		return *anonymizer.apiConfigurator.GatherDataPolicy() == v1alpha1.ObfuscateNetworking
 	}
 	return false
 }

diff --git a/pkg/anonymization/anonymizer_test.go b/pkg/anonymization/anonymizer_test.go
@@ -7,7 +7,7 @@ import (
 	"testing"
 
 	configv1 "github.com/openshift/api/config/v1"
-	"github.com/openshift/api/insights/v1alpha1"
+	"github.com/openshift/api/config/v1alpha1"
 	networkv1 "github.com/openshift/api/network/v1"
 	configfake "github.com/openshift/client-go/config/clientset/versioned/fake"
 	networkfake "github.com/openshift/client-go/network/clientset/versioned/fake"
@@ -123,8 +123,11 @@ func getAnonymizer(t *testing.T) *Anonymizer {
 	mockSecretConfigurator := config.NewMockSecretConfigurator(&config.Controller{
 		EnableGlobalObfuscation: true,
 	})
+	mockAPIConfigurator := config.NewMockAPIConfigurator(&v1alpha1.GatherConfig{
+		DataPolicy: v1alpha1.ObfuscateNetworking,
+	})
 	anonymizer, err := NewAnonymizer(clusterBaseDomain,
-		networks, kubefake.NewSimpleClientset().CoreV1().Secrets(secretNamespace), mockSecretConfigurator, v1alpha1.ObfuscateNetworking)
+		networks, kubefake.NewSimpleClientset().CoreV1().Secrets(secretNamespace), mockSecretConfigurator, mockAPIConfigurator)
 	assert.NoError(t, err)
 
 	return anonymizer
@@ -329,7 +332,10 @@ func TestAnonymizer_NewAnonymizerFromConfigClient(t *testing.T) {
 		networkClient,
 		config.NewMockSecretConfigurator(&config.Controller{
 			EnableGlobalObfuscation: true,
-		}), v1alpha1.ObfuscateNetworking,
+		}),
+		config.NewMockAPIConfigurator(&v1alpha1.GatherConfig{
+			DataPolicy: v1alpha1.ObfuscateNetworking,
+		}),
 	)
 	assert.NoError(t, err)
 	assert.NotNil(t, anonymizer)

diff --git a/pkg/authorizer/clusterauthorizer/clusterauthorizer_test.go b/pkg/authorizer/clusterauthorizer/clusterauthorizer_test.go
@@ -100,7 +100,7 @@ func Test_Proxy(tt *testing.T) {
 			co2 := &config.MockSecretConfigurator{Conf: &config.Controller{HTTPConfig: tc.HTTPConfig}}
 			a := Authorizer{proxyFromEnvironment: nonCachedProxyFromEnvironment(), configurator: co2}
 			p := a.NewSystemOrConfiguredProxy()
-			req := httptest.NewRequest("GET", tc.RequestURL, http.NoBody)
+			req := httptest.NewRequest("GET", tc.RequestURL, nil)
 			urlRec, err := p(req)
 
 			if err != nil {

diff --git a/pkg/cmd/start/start.go b/pkg/cmd/start/start.go
@@ -25,11 +25,7 @@ import (
 	"github.com/openshift/insights-operator/pkg/controller"
 )
 
-const (
-	serviceCACertPath    = "/var/run/configmaps/service-ca-bundle/service-ca.crt"
-	pbContentType        = "application/vnd.kubernetes.protobuf"
-	pbAcceptContentTypes = "application/vnd.kubernetes.protobuf,application/json"
-)
+const serviceCACertPath = "/var/run/configmaps/service-ca-bundle/service-ca.crt"
 
 // NewOperator create the commad for running the Insights Operator.
 func NewOperator() *cobra.Command {
@@ -82,29 +78,6 @@ func NewGather() *cobra.Command {
 	return cmd
 }
 
-func NewGatherAndUpload() *cobra.Command {
-	operator := &controller.GatherJob{
-		Controller: config.Controller{
-			ConditionalGathererEndpoint: "https://console.redhat.com/api/gathering/gathering_rules",
-			StoragePath:                 "/var/lib/insights-operator",
-			Interval:                    2 * time.Hour,
-			Endpoint:                    "https://console.redhat.com/api/ingress/v1/upload",
-			ReportEndpoint:              "https://console.redhat.com/api/insights-results-aggregator/v2/cluster/%s/reports",
-			ReportPullingDelay:          60 * time.Second,
-			ReportMinRetryTime:          10 * time.Second,
-			ReportPullingTimeout:        30 * time.Minute,
-		},
-	}
-	cfg := controllercmd.NewControllerCommandConfig("openshift-insights-operator", version.Get(), nil)
-	cmd := &cobra.Command{
-		Use:   "gather-and-upload",
-		Short: "Runs the data gathering as job, uploads the data, waits for Insights analysis report and ends",
-		Run:   runGatherAndUpload(operator, cfg),
-	}
-	cmd.Flags().AddFlagSet(cfg.NewCommand().Flags())
-	return cmd
-}
-
 // Starts a single gather, main responsibility is loading in the necessary configs.
 func runGather(operator *controller.GatherJob, cfg *controllercmd.ControllerCommandConfig) func(cmd *cobra.Command, args []string) {
 	return func(cmd *cobra.Command, args []string) {
@@ -142,8 +115,8 @@ func runGather(operator *controller.GatherJob, cfg *controllercmd.ControllerComm
 			}
 		}
 		protoConfig := rest.CopyConfig(clientConfig)
-		protoConfig.AcceptContentTypes = pbAcceptContentTypes
-		protoConfig.ContentType = pbContentType
+		protoConfig.AcceptContentTypes = "application/vnd.kubernetes.protobuf,application/json"
+		protoConfig.ContentType = "application/vnd.kubernetes.protobuf"
 
 		ctx, cancel := context.WithTimeout(context.Background(), operator.Interval)
 
@@ -246,52 +219,3 @@ func runOperator(operator *controller.Operator, cfg *controllercmd.ControllerCom
 		}
 	}
 }
-
-// Starts a single gather, main responsibility is loading in the necessary configs.
-func runGatherAndUpload(operator *controller.GatherJob,
-	cfg *controllercmd.ControllerCommandConfig) func(cmd *cobra.Command, args []string) {
-	return func(cmd *cobra.Command, args []string) {
-		if configArg := cmd.Flags().Lookup("config").Value.String(); len(configArg) == 0 {
-			klog.Exit("error: --config is required")
-		}
-		unstructured, _, _, err := cfg.Config()
-		if err != nil {
-			klog.Exit(err)
-		}
-		cont, err := config.LoadConfig(operator.Controller, unstructured.Object, config.ToDisconnectedController)
-		if err != nil {
-			klog.Exit(err)
-		}
-		operator.Controller = cont
-
-		var clientConfig *rest.Config
-		if kubeConfigPath := cmd.Flags().Lookup("kubeconfig").Value.String(); len(kubeConfigPath) > 0 {
-			kubeConfigBytes, err := os.ReadFile(kubeConfigPath) //nolint: govet
-			if err != nil {
-				klog.Exit(err)
-			}
-			kubeConfig, err := clientcmd.NewClientConfigFromBytes(kubeConfigBytes)
-			if err != nil {
-				klog.Exit(err)
-			}
-			clientConfig, err = kubeConfig.ClientConfig()
-			if err != nil {
-				klog.Exit(err)
-			}
-		} else {
-			clientConfig, err = rest.InClusterConfig()
-			if err != nil {
-				klog.Exit(err)
-			}
-		}
-		protoConfig := rest.CopyConfig(clientConfig)
-		protoConfig.AcceptContentTypes = pbAcceptContentTypes
-		protoConfig.ContentType = pbContentType
-
-		err = operator.GatherAndUpload(clientConfig, protoConfig)
-		if err != nil {
-			klog.Exit(err)
-		}
-		os.Exit(0)
-	}
-}
diff --git a/pkg/config/configobserver/insighgtsdatagather_observer.go b/pkg/config/configobserver/insighgtsdatagather_observer.go
@@ -56,7 +56,7 @@ func NewInsightsDataGatherObserver(kubeConfig *rest.Config,
 	return c, nil
 }
 
-func (i *insightsDataGatherController) sync(ctx context.Context, _ factory.SyncContext) error {
+func (i *insightsDataGatherController) sync(ctx context.Context, scx factory.SyncContext) error {
 	insightDataGatherConf, err := i.configV1Alpha1Cli.InsightsDataGathers().Get(ctx, "cluster", metav1.GetOptions{})
 	if err != nil {
 		return err