diff --git a/Makefile b/Makefile index 1ed0a4e31e..50d3d19cae 100644 --- a/Makefile +++ b/Makefile @@ -564,7 +564,7 @@ docs: echo $(PWD) docker run -it -p 3000:3000 -v $(PWD):/retina -w /retina/ node:20-alpine sh ./site/start-dev.sh -.PHONY: docs-pod +.PHONY: docs-prod docs-prod: docker run -i -p 3000:3000 -v $(PWD):/retina -w /retina/ node:20-alpine npm install --prefix site && npm run build --prefix site diff --git a/deploy/hubble/manifests/controller/helm/retina/templates/agent/configmap.yaml b/deploy/hubble/manifests/controller/helm/retina/templates/agent/configmap.yaml index 704cf5a9c5..0dd67890c4 100644 --- a/deploy/hubble/manifests/controller/helm/retina/templates/agent/configmap.yaml +++ b/deploy/hubble/manifests/controller/helm/retina/templates/agent/configmap.yaml @@ -132,7 +132,7 @@ data: metricsInterval: {{ .Values.metricsInterval }} metricsIntervalDuration: {{ .Values.metricsIntervalDuration }} enableTelemetry: {{ .Values.enableTelemetry }} - enablePodLevel: {{ .Values.enablePodLevel }} + enablePodLevel: false remoteContext: {{ .Values.remoteContext }} bypassLookupIPOfInterest: {{ .Values.bypassLookupIPOfInterest }} {{- end}} diff --git a/deploy/hubble/manifests/controller/helm/retina/values.yaml b/deploy/hubble/manifests/controller/helm/retina/values.yaml index 0717e0b500..5d93b8e6e3 100644 --- a/deploy/hubble/manifests/controller/helm/retina/values.yaml +++ b/deploy/hubble/manifests/controller/helm/retina/values.yaml @@ -90,7 +90,7 @@ logLevel: info enabledPlugin_linux: '["linuxutil","packetforward","packetparser","dns", "dropreason"]' enabledPlugin_win: '["hnsstats"]' -enableTelemetry: true +enableTelemetry: false # Interval, in duration, to scrape/publish metrics. metricsIntervalDuration: "10s" diff --git a/deploy/legacy/manifests/controller/helm/retina/templates/daemonset.yaml b/deploy/legacy/manifests/controller/helm/retina/templates/daemonset.yaml index f4e44332e0..f222ccc2fa 100644 --- a/deploy/legacy/manifests/controller/helm/retina/templates/daemonset.yaml +++ b/deploy/legacy/manifests/controller/helm/retina/templates/daemonset.yaml @@ -203,7 +203,13 @@ spec: containerPort: {{ .Values.retinaPort }} workingDir: $env:CONTAINER_SANDBOX_MOUNT_POINT command: - - controller.exe --config ./retina/config.yaml + - powershell.exe + - -command + {{- if semverCompare ">=1.28" .Capabilities.KubeVersion.GitVersion }} + - $env:CONTAINER_SANDBOX_MOUNT_POINT/controller.exe --config ./retina/config.yaml + {{- else }} + - .\setkubeconfigpath.ps1; ./controller.exe --config ./retina/config.yaml --kubeconfig ./kubeconfig + {{- end }} env: - name: POD_NAME valueFrom: diff --git a/hack/tools/go.mod b/hack/tools/go.mod index cb1f6e01fb..8058f02578 100644 --- a/hack/tools/go.mod +++ b/hack/tools/go.mod @@ -4,7 +4,7 @@ go 1.22.1 toolchain go1.23.4 require ( - github.com/golangci/golangci-lint v1.63.0 + github.com/golangci/golangci-lint v1.63.3 github.com/goreleaser/goreleaser v1.26.2 github.com/onsi/ginkgo v1.16.5 go.uber.org/mock v0.5.0 @@ -207,7 +207,6 @@ require ( github.com/golangci/go-printf-func-name v0.1.0 // indirect github.com/golangci/gofmt v0.0.0-20241223200906-057b0627d9b9 // indirect github.com/golangci/misspell v0.6.0 // indirect - github.com/golangci/modinfo v0.3.4 // indirect github.com/golangci/plugin-module-register v0.1.1 // indirect github.com/golangci/revgrep v0.5.3 // indirect github.com/golangci/unconvert v0.0.0-20240309020433-c5143eacb3ed // indirect @@ -280,11 +279,11 @@ require ( github.com/kylelemons/godebug v1.1.0 // indirect github.com/kyoh86/exportloopref v0.1.11 // indirect github.com/lasiar/canonicalheader v1.1.2 // indirect - github.com/ldez/exptostd v0.3.0 // indirect + github.com/ldez/exptostd v0.3.1 // indirect github.com/ldez/gomoddirectives v0.6.0 // indirect github.com/ldez/grignotin v0.7.0 // indirect github.com/ldez/tagliatelle v0.7.1 // indirect - github.com/ldez/usetesting v0.4.1 // indirect + github.com/ldez/usetesting v0.4.2 // indirect github.com/leonklingele/grouper v1.1.2 // indirect github.com/letsencrypt/boulder v0.0.0-20231026200631-000cd05d5491 // indirect github.com/lucasb-eyer/go-colorful v1.2.0 // indirect diff --git a/hack/tools/go.sum b/hack/tools/go.sum index af8ea8483b..8ef6a53a3b 100644 --- a/hack/tools/go.sum +++ b/hack/tools/go.sum @@ -495,12 +495,10 @@ github.com/golangci/go-printf-func-name v0.1.0 h1:dVokQP+NMTO7jwO4bwsRwLWeudOVUP github.com/golangci/go-printf-func-name v0.1.0/go.mod h1:wqhWFH5mUdJQhweRnldEywnR5021wTdZSNgwYceV14s= github.com/golangci/gofmt v0.0.0-20241223200906-057b0627d9b9 h1:t5wybL6RtO83VwoMOb7U/Peqe3gGKQlPIC66wXmnkvM= github.com/golangci/gofmt v0.0.0-20241223200906-057b0627d9b9/go.mod h1:Ag3L7sh7E28qAp/5xnpMMTuGYqxLZoSaEHZDkZB1RgU= -github.com/golangci/golangci-lint v1.63.0 h1:4HZnKnU9nA08TQpzpl5Ngrr79B/tEvv0UJVZ92K0k1k= -github.com/golangci/golangci-lint v1.63.0/go.mod h1:yZsr57ibOW/1CAtgo/R4+H0QqDmLZtRSCOvyc8QBHf8= +github.com/golangci/golangci-lint v1.63.3 h1:Q/UZqLRuqo3mmwA/EN2pq9y+JV4S2IqmqrS3t855ZMc= +github.com/golangci/golangci-lint v1.63.3/go.mod h1:Hx0B7Lg5/NXbaOHem8+KU+ZUIzMI6zNj/7tFwdnn10I= github.com/golangci/misspell v0.6.0 h1:JCle2HUTNWirNlDIAUO44hUsKhOFqGPoC4LZxlaSXDs= github.com/golangci/misspell v0.6.0/go.mod h1:keMNyY6R9isGaSAu+4Q8NMBwMPkh15Gtc8UCVoDtAWo= -github.com/golangci/modinfo v0.3.4 h1:oU5huX3fbxqQXdfspamej74DFX0kyGLkw1ppvXoJ8GA= -github.com/golangci/modinfo v0.3.4/go.mod h1:wytF1M5xl9u0ij8YSvhkEVPP3M5Mc7XLl1pxH3B2aUM= github.com/golangci/plugin-module-register v0.1.1 h1:TCmesur25LnyJkpsVrupv1Cdzo+2f7zX0H6Jkw1Ol6c= github.com/golangci/plugin-module-register v0.1.1/go.mod h1:TTpqoB6KkwOJMV8u7+NyXMrkwwESJLOkfl9TxR1DGFc= github.com/golangci/revgrep v0.5.3 h1:3tL7c1XBMtWHHqVpS5ChmiAAoe4PF/d5+ULzV9sLAzs= @@ -722,16 +720,16 @@ github.com/kyoh86/exportloopref v0.1.11 h1:1Z0bcmTypkL3Q4k+IDHMWTcnCliEZcaPiIe0/ github.com/kyoh86/exportloopref v0.1.11/go.mod h1:qkV4UF1zGl6EkF1ox8L5t9SwyeBAZ3qLMd6up458uqA= github.com/lasiar/canonicalheader v1.1.2 h1:vZ5uqwvDbyJCnMhmFYimgMZnJMjwljN5VGY0VKbMXb4= github.com/lasiar/canonicalheader v1.1.2/go.mod h1:qJCeLFS0G/QlLQ506T+Fk/fWMa2VmBUiEI2cuMK4djI= -github.com/ldez/exptostd v0.3.0 h1:iKdMtUedzov89jDvuwmo0qpo+ARpZJg9hMp3428WwNg= -github.com/ldez/exptostd v0.3.0/go.mod h1:iZBRYaUmcW5jwCR3KROEZ1KivQQp6PHXbDPk9hqJKCQ= +github.com/ldez/exptostd v0.3.1 h1:90yWWoAKMFHeovTK8uzBms9Ppp8Du/xQ20DRO26Ymrw= +github.com/ldez/exptostd v0.3.1/go.mod h1:iZBRYaUmcW5jwCR3KROEZ1KivQQp6PHXbDPk9hqJKCQ= github.com/ldez/gomoddirectives v0.6.0 h1:Jyf1ZdTeiIB4dd+2n4qw+g4aI9IJ6JyfOZ8BityWvnA= github.com/ldez/gomoddirectives v0.6.0/go.mod h1:TuwOGYoPAoENDWQpe8DMqEm5nIfjrxZXmxX/CExWyZ4= github.com/ldez/grignotin v0.7.0 h1:vh0dI32WhHaq6LLPZ38g7WxXuZ1+RzyrJ7iPG9JMa8c= github.com/ldez/grignotin v0.7.0/go.mod h1:uaVTr0SoZ1KBii33c47O1M8Jp3OP3YDwhZCmzT9GHEk= github.com/ldez/tagliatelle v0.7.1 h1:bTgKjjc2sQcsgPiT902+aadvMjCeMHrY7ly2XKFORIk= github.com/ldez/tagliatelle v0.7.1/go.mod h1:3zjxUpsNB2aEZScWiZTHrAXOl1x25t3cRmzfK1mlo2I= -github.com/ldez/usetesting v0.4.1 h1:T/4Bk3YDX6XUBtdNDDFymlr5GBekKA4j7HUtrv1YaaI= -github.com/ldez/usetesting v0.4.1/go.mod h1:eEs46T3PpQ+9RgN9VjpY6qWdiw2/QmfiDeWmdZdrjIQ= +github.com/ldez/usetesting v0.4.2 h1:J2WwbrFGk3wx4cZwSMiCQQ00kjGR0+tuuyW0Lqm4lwA= +github.com/ldez/usetesting v0.4.2/go.mod h1:eEs46T3PpQ+9RgN9VjpY6qWdiw2/QmfiDeWmdZdrjIQ= github.com/leonklingele/grouper v1.1.2 h1:o1ARBDLOmmasUaNDesWqWCIFH3u7hoFlM84YrjT3mIY= github.com/leonklingele/grouper v1.1.2/go.mod h1:6D0M/HVkhs2yRKRFZUoGjeDy7EZTfFBE9gl4kjmIGkA= github.com/letsencrypt/boulder v0.0.0-20231026200631-000cd05d5491 h1:WGrKdjHtWC67RX96eTkYD2f53NDHhrq/7robWTAfk4s= diff --git a/pkg/capture/crd_to_job_test.go b/pkg/capture/crd_to_job_test.go index 143f2ad7b5..73989e4374 100644 --- a/pkg/capture/crd_to_job_test.go +++ b/pkg/capture/crd_to_job_test.go @@ -820,6 +820,10 @@ func Test_CaptureToPodTranslator_ValidateCapture(t *testing.T) { } } +func isIgnorableEnvVar(envVar corev1.EnvVar) bool { + return envVar.Name == captureConstants.CaptureStartTimestampEnvKey +} + func Test_CaptureToPodTranslator_TranslateCaptureToJobs(t *testing.T) { captureName := "capture-test" hostPath := "/tmp/capture" @@ -1719,6 +1723,15 @@ func Test_CaptureToPodTranslator_TranslateCaptureToJobs(t *testing.T) { job.Spec.Template.Spec.Containers[0].VolumeMounts = tt.volumeMounts job.Spec.Template.Spec.Volumes = tt.volumes + for _, env := range tt.podEnv { + if env.Name == captureConstants.CaptureStartTimestampEnvKey { + _, err := file.StringToTimestamp(env.Value) + if err != nil { + t.Errorf("TranslateCaptureToJobs() error with capture timestamp: %v", err) + } + } + } + if tt.isWindows { containerAdministrator := "NT AUTHORITY\\SYSTEM" useHostProcess := true @@ -1736,7 +1749,15 @@ func Test_CaptureToPodTranslator_TranslateCaptureToJobs(t *testing.T) { job.Spec.Template.Spec.Containers[0].Command = []string{captureConstants.CaptureContainerEntrypointWin} } - cmpOption := cmpopts.SortSlices(func(enVar1, enVar2 corev1.EnvVar) bool { return enVar1.Name < enVar2.Name }) + cmpOption := cmp.Options{ + cmpopts.SortSlices(func(enVar1, enVar2 corev1.EnvVar) bool { return enVar1.Name < enVar2.Name }), + cmp.Comparer(func(x, y corev1.EnvVar) bool { + if isIgnorableEnvVar(x) || isIgnorableEnvVar(y) { + return true + } + return x.Name == y.Name && x.Value == y.Value + }), + } if diff := cmp.Diff([]*batchv1.Job{job}, jobs, cmpOption); diff != "" { t.Errorf("TranslateCaptureToJobs() mismatch (-want, +got):\n%s", diff) diff --git a/test/goldpinger/deployment.yaml b/test/goldpinger/deployment.yaml index 8da9761ee1..151b459cca 100644 --- a/test/goldpinger/deployment.yaml +++ b/test/goldpinger/deployment.yaml @@ -73,7 +73,7 @@ spec: fieldPath: status.podIP - name: HOSTS_TO_RESOLVE value: "1.1.1.1 8.8.8.8 www.bing.com" - image: "docker.io/bloomberg/goldpinger:v3.9.0" + image: "mcr.microsoft.com/aks/e2e/bloomberg-goldpinger:v3.7.0" securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/test/scale/example-deployment.yaml b/test/scale/example-deployment.yaml index ed41a01251..ae0c30f3ad 100644 --- a/test/scale/example-deployment.yaml +++ b/test/scale/example-deployment.yaml @@ -43,7 +43,7 @@ spec: valueFrom: fieldRef: fieldPath: status.podIP - image: "docker.io/bloomberg/goldpinger:v3.9.0" + image: "mcr.microsoft.com/aks/e2e/bloomberg-goldpinger:v3.7.0" imagePullPolicy: Always securityContext: allowPrivilegeEscalation: false diff --git a/test/trafficgen/kapinger.yaml b/test/trafficgen/kapinger.yaml index c8274ac70b..b1476447e5 100644 --- a/test/trafficgen/kapinger.yaml +++ b/test/trafficgen/kapinger.yaml @@ -98,7 +98,7 @@ spec: serviceAccountName: kapinger-sa containers: - name: kapinger - image: ghcr.io/microsoft/retina/kapinger:latest + image: acnpublic.azurecr.io/kapinger:20241009.5 resources: limits: memory: 20Mi diff --git a/windows/kubeconfigtemplate.yaml b/windows/kubeconfigtemplate.yaml index 21a6c054f2..49e6c8ad50 100644 --- a/windows/kubeconfigtemplate.yaml +++ b/windows/kubeconfigtemplate.yaml @@ -9,7 +9,7 @@ contexts: - name: azure-retina-windows@kubernetes context: cluster: kubernetes - namespace: {{ .Values.namespace }} + namespace: kube-system user: azure-retina-windows current-context: azure-retina-windows@kubernetes users: diff --git a/windows/manifests/windows.yaml b/windows/manifests/windows.yaml index 4fd7cb2d5a..62c78ba49c 100644 --- a/windows/manifests/windows.yaml +++ b/windows/manifests/windows.yaml @@ -4,7 +4,7 @@ metadata: labels: app: retina name: retina-win - namespace: {{ .Values.namespace }} + namespace: kube-system annotations: prometheus.io/port: "10093" prometheus.io/scrape: "true" @@ -62,7 +62,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: retina-config-win - namespace: {{ .Values.namespace }} + namespace: kube-system data: config.yaml: |- apiServer: