From 2ae20872bf81afe54d02ebc9092788fd255efc81 Mon Sep 17 00:00:00 2001 From: Ramon Quitales Date: Tue, 1 Oct 2024 15:45:37 -0700 Subject: [PATCH 1/8] feat: expose metrics server with k8s service This commit exposes the metrics server of the global prometheus registry. The default port is now set to :8443, with secureMetrics now defaulting to `true`. --- go.mod | 23 +++++++++++ go.sum | 41 +++++++++++++++++++ operator/cmd/main.go | 40 ++++++++++++++---- operator/config/default/kustomization.yaml | 6 +++ .../config/default/manager_metrics_patch.yaml | 4 ++ operator/config/default/metrics_service.yaml | 15 +++++++ operator/config/manager/manager.yaml | 1 - operator/config/rbac/kustomization.yaml | 4 +- operator/config/rbac/metrics_auth_role.yaml | 17 ++++++++ .../rbac/metrics_auth_role_binding.yaml | 12 ++++++ operator/config/rbac/metrics_reader_role.yaml | 9 ++++ 11 files changed, 161 insertions(+), 11 deletions(-) create mode 100644 operator/config/default/manager_metrics_patch.yaml create mode 100644 operator/config/default/metrics_service.yaml create mode 100644 operator/config/rbac/metrics_auth_role.yaml create mode 100644 operator/config/rbac/metrics_auth_role_binding.yaml create mode 100644 operator/config/rbac/metrics_reader_role.yaml diff --git a/go.mod b/go.mod index ecff2d06..93c49fb1 100644 --- a/go.mod +++ b/go.mod @@ -29,6 +29,29 @@ require ( sigs.k8s.io/controller-runtime v0.18.4 ) +require ( + github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect + github.com/blang/semver/v4 v4.0.0 // indirect + github.com/cenkalti/backoff/v4 v4.2.1 // indirect + github.com/felixge/httpsnoop v1.0.3 // indirect + github.com/go-logr/stdr v1.2.2 // indirect + github.com/google/cel-go v0.17.8 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect + github.com/stoewer/go-strcase v1.2.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 // indirect + go.opentelemetry.io/otel v1.19.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0 // indirect + go.opentelemetry.io/otel/metric v1.19.0 // indirect + go.opentelemetry.io/otel/sdk v1.19.0 // indirect + go.opentelemetry.io/otel/trace v1.19.0 // indirect + go.opentelemetry.io/proto/otlp v1.0.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157 // indirect + k8s.io/apiserver v0.30.1 // indirect + k8s.io/component-base v0.30.1 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 // indirect +) + // Replace digest lib to master to gather access to BLAKE3. // xref: https://github.com/opencontainers/go-digest/pull/66 replace github.com/opencontainers/go-digest => github.com/opencontainers/go-digest v1.0.1-0.20220411205349-bde1400a84be diff --git a/go.sum b/go.sum index ce2c0f8d..379d7312 100644 --- a/go.sum +++ b/go.sum @@ -17,6 +17,8 @@ github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7l github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= +github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df h1:7RFfzj4SSt6nnvCPbCqijJi1nWCd+TqAT3bYCStRC18= +github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df/go.mod h1:pSwJ0fSY5KhvocuWSx4fz3BA8OrA1bQn+K1Eli3BRwM= github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= @@ -30,7 +32,11 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= +github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= +github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= +github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= +github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -75,6 +81,8 @@ github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= +github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= +github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fluxcd/pkg/apis/acl v0.3.0 h1:UOrKkBTOJK+OlZX7n8rWt2rdBmDCoTK+f5TY2LcZi8A= github.com/fluxcd/pkg/apis/acl v0.3.0/go.mod h1:WVF9XjSMVBZuU+HTTiSebGAWMgM7IYexFLyVWbK9bNY= github.com/fluxcd/pkg/apis/meta v1.5.0 h1:/G82d2Az5D9op3F+wJUpD8jw/eTV0suM6P7+cSURoUM= @@ -102,8 +110,11 @@ github.com/go-git/go-git/v5 v5.12.0 h1:7Md+ndsjrzZxbddRDZjF14qK+NN56sy6wkqaVrjZt github.com/go-git/go-git/v5 v5.12.0/go.mod h1:FTM9VKtnI2m65hNI/TenDDDnUf2Q9FHnXYjuz9i5OEY= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= @@ -129,6 +140,8 @@ github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5y github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/google/cel-go v0.17.8 h1:j9m730pMZt1Fc4oKhCLUHfjj6527LuhYcYw0Rl8gqto= +github.com/google/cel-go v0.17.8/go.mod h1:HXZKzB0LXqer5lHHgfWAnlYwJaQBDKMjxjulNQzhwhY= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -144,6 +157,8 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 h1:UH//fgunKIs4JdUbpDl1VZCDaL56wXCB/5+wF6uHfaI= github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod h1:g5qyo/la0ALbONm6Vbp88Yd8NsDy6rZz+RcrMPxvld8= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 h1:YBftPWNWd4WwGqtY2yeZL2ef8rHAxPBD8KFhJpmcqms= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0/go.mod h1:YN5jB8ie0yfIUg6VvR9Kz84aCaG7AsGZnLjhHbUqwPg= github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 h1:MJG/KsmcqMwFAkh8mTnAwhyKoB+sTAnY4CACC110tbU= github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645/go.mod h1:6iZfnjpejD4L/4DwD7NryNaJyCQdzwWwH2MWhCA90Kw= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -289,6 +304,8 @@ github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU= +github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= @@ -322,6 +339,22 @@ github.com/zeebo/blake3 v0.2.3 h1:TFoLXsjeXqRNFxSbk35Dk4YtszE/MQQGK10BH4ptoTg= github.com/zeebo/blake3 v0.2.3/go.mod h1:mjJjZpnsyIVtVgTOSpJ9vmRE4wgDeyt2HU3qXvvKCaQ= github.com/zeebo/pcg v1.0.1 h1:lyqfGeWiv4ahac6ttHs+I5hwtH/+1mrhlCtVNQM2kHo= github.com/zeebo/pcg v1.0.1/go.mod h1:09F0S9iiKrwn9rlI5yjLkmrug154/YRW6KnnXVDM/l4= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 h1:KfYpVmrjI7JuToy5k8XV3nkapjWx48k4E4JOtVstzQI= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0/go.mod h1:SeQhzAEccGVZVEy7aH87Nh0km+utSpo1pTv6eMMop48= +go.opentelemetry.io/otel v1.19.0 h1:MuS/TNf4/j4IXsZuJegVzI1cwut7Qc00344rgH7p8bs= +go.opentelemetry.io/otel v1.19.0/go.mod h1:i0QyjOq3UPoTzff0PJB2N66fb4S0+rSbSB15/oyH9fY= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 h1:Mne5On7VWdx7omSrSSZvM4Kw7cS7NQkOOmLcgscI51U= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0/go.mod h1:IPtUMKL4O3tH5y+iXVyAXqpAwMuzC1IrxVS81rummfE= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0 h1:3d+S281UTjM+AbF31XSOYn1qXn3BgIdWl8HNEpx08Jk= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0/go.mod h1:0+KuTDyKL4gjKCF75pHOX4wuzYDUZYfAQdSu43o+Z2I= +go.opentelemetry.io/otel/metric v1.19.0 h1:aTzpGtV0ar9wlV4Sna9sdJyII5jTVJEvKETPiOKwvpE= +go.opentelemetry.io/otel/metric v1.19.0/go.mod h1:L5rUsV9kM1IxCj1MmSdS+JQAcVm319EUrDVLrt7jqt8= +go.opentelemetry.io/otel/sdk v1.19.0 h1:6USY6zH+L8uMH8L3t1enZPR3WFEmSTADlqldyHtJi3o= +go.opentelemetry.io/otel/sdk v1.19.0/go.mod h1:NedEbbS4w3C6zElbLdPJKOpJQOrGUJ+GfzpjUvI0v1A= +go.opentelemetry.io/otel/trace v1.19.0 h1:DFVQmlVbfVeOuBRrwdtaehRrWiL1JoVs9CPIQ1Dzxpg= +go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= +go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= +go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -459,6 +492,8 @@ google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157 h1:7whR9kGa5LUwFtpLm2ArCEejtnxlGeLbAyjFY8sGNFw= +google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157/go.mod h1:99sLkeliLXfdj2J75X3Ho+rrVCaJze0uwN7zDDkjPVU= google.golang.org/genproto/googleapis/rpc v0.0.0-20240528184218-531527333157 h1:Zy9XzmMEflZ/MAaA7vNcoebnRAld7FsPW1EeBB7V0m8= google.golang.org/genproto/googleapis/rpc v0.0.0-20240528184218-531527333157/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= @@ -497,8 +532,12 @@ k8s.io/apiextensions-apiserver v0.30.1 h1:4fAJZ9985BmpJG6PkoxVRpXv9vmPUOVzl614xa k8s.io/apiextensions-apiserver v0.30.1/go.mod h1:R4GuSrlhgq43oRY9sF2IToFh7PVlF1JjfWdoG3pixk4= k8s.io/apimachinery v0.30.1 h1:ZQStsEfo4n65yAdlGTfP/uSHMQSoYzU/oeEbkmF7P2U= k8s.io/apimachinery v0.30.1/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/apiserver v0.30.1 h1:BEWEe8bzS12nMtDKXzCF5Q5ovp6LjjYkSp8qOPk8LZ8= +k8s.io/apiserver v0.30.1/go.mod h1:i87ZnQ+/PGAmSbD/iEKM68bm1D5reX8fO4Ito4B01mo= k8s.io/client-go v0.30.1 h1:uC/Ir6A3R46wdkgCV3vbLyNOYyCJ8oZnjtJGKfytl/Q= k8s.io/client-go v0.30.1/go.mod h1:wrAqLNs2trwiCH/wxxmT/x3hKVH9PuV0GGW0oDoHVqc= +k8s.io/component-base v0.30.1 h1:bvAtlPh1UrdaZL20D9+sWxsJljMi0QZ3Lmw+kmZAaxQ= +k8s.io/component-base v0.30.1/go.mod h1:e/X9kDiOebwlI41AvBHuWdqFriSRrX50CdwA9TFaHLI= k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20240411171206-dc4e619f62f3 h1:SbdLaI6mM6ffDSJCadEaD4IkuPzepLDGlkd2xV0t1uA= @@ -511,6 +550,8 @@ lukechampine.com/frand v1.4.2 h1:RzFIpOvkMXuPMBb9maa4ND4wjBn71E1Jpf8BzJHMaVw= lukechampine.com/frand v1.4.2/go.mod h1:4S/TM2ZgrKejMcKMbeLjISpJMO+/eZ1zu3vYX9dtj3s= pgregory.net/rapid v0.5.5 h1:jkgx1TjbQPD/feRoK+S/mXw9e1uj6WilpHrXJowi6oA= pgregory.net/rapid v0.5.5/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 h1:/U5vjBbQn3RChhv7P11uhYvCSm5G2GaIi5AIGBS6r4c= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0/go.mod h1:z7+wmGM2dfIiLRfrC6jb5kV2Mq/sK1ZP303cxzkV5Y4= sigs.k8s.io/controller-runtime v0.18.4 h1:87+guW1zhvuPLh1PHybKdYFLU0YJp4FhJRmiHvm5BZw= sigs.k8s.io/controller-runtime v0.18.4/go.mod h1:TVoGrfdpbA9VRFaRnKgk9P5/atA0pMwq+f+msb9M8Sg= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= diff --git a/operator/cmd/main.go b/operator/cmd/main.go index 0f2be5e0..01a82a7d 100644 --- a/operator/cmd/main.go +++ b/operator/cmd/main.go @@ -36,6 +36,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" + "sigs.k8s.io/controller-runtime/pkg/metrics/filters" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" "sigs.k8s.io/controller-runtime/pkg/webhook" @@ -74,13 +75,14 @@ func main() { programFSAdvAddr string ) - flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.") + flag.StringVar(&metricsAddr, "metrics-bind-address", "0", "The address the metric endpoint binds to. "+ + "Use :8443 for HTTPS or :8080 for HTTP, or leave as 0 to disable the metrics service.") flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.") flag.BoolVar(&enableLeaderElection, "leader-elect", false, "Enable leader election for controller manager. "+ "Enabling this will ensure there is only one active controller manager.") - flag.BoolVar(&secureMetrics, "metrics-secure", false, - "If set the metrics endpoint is served securely") + flag.BoolVar(&secureMetrics, "metrics-secure", true, + "If set, the metrics endpoint is served securely via HTTPS. Use --metrics-secure=false to use HTTP instead.") flag.BoolVar(&enableHTTP2, "enable-http2", false, "If set, HTTP/2 will be enabled for the metrics and webhook servers") flag.StringVar(&programFSAddr, "program-fs-addr", envOrDefault("PROGRAM_FS_ADDR", ":9090"), @@ -119,13 +121,33 @@ func main() { TLSOpts: tlsOpts, }) + // Metrics endpoint is enabled in 'config/default/kustomization.yaml'. The Metrics options configure the server. + // More info: + // - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.19.0/pkg/metrics/server + // - https://book.kubebuilder.io/reference/metrics.html + metricsServerOptions := metricsserver.Options{ + BindAddress: metricsAddr, + SecureServing: secureMetrics, + // TODO(user): TLSOpts is used to allow configuring the TLS config used for the server. If certificates are + // not provided, self-signed certificates will be generated by default. This option is not recommended for + // production environments as self-signed certificates do not offer the same level of trust and security + // as certificates issued by a trusted Certificate Authority (CA). The primary risk is potentially allowing + // unauthorized access to sensitive metrics data. Consider replacing with CertDir, CertName, and KeyName + // to provide certificates, ensuring the server communicates using trusted and secure certificates. + TLSOpts: tlsOpts, + } + + if secureMetrics { + // FilterProvider is used to protect the metrics endpoint with authn/authz. + // These configurations ensure that only authorized users and service accounts + // can access the metrics endpoint. The RBAC are configured in 'config/rbac/kustomization.yaml'. More info: + // https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.19.0/pkg/metrics/filters#WithAuthenticationAndAuthorization + metricsServerOptions.FilterProvider = filters.WithAuthenticationAndAuthorization + } + mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{ - Scheme: scheme, - Metrics: metricsserver.Options{ - BindAddress: metricsAddr, - SecureServing: secureMetrics, - TLSOpts: tlsOpts, - }, + Scheme: scheme, + Metrics: metricsServerOptions, WebhookServer: webhookServer, HealthProbeBindAddress: probeAddr, LeaderElection: enableLeaderElection, diff --git a/operator/config/default/kustomization.yaml b/operator/config/default/kustomization.yaml index 07b62e83..85caaa1b 100644 --- a/operator/config/default/kustomization.yaml +++ b/operator/config/default/kustomization.yaml @@ -3,3 +3,9 @@ resources: - ../crd - ../rbac - ../manager + - metrics_service.yaml + +patches: +- path: manager_metrics_patch.yaml + target: + kind: Deployment \ No newline at end of file diff --git a/operator/config/default/manager_metrics_patch.yaml b/operator/config/default/manager_metrics_patch.yaml new file mode 100644 index 00000000..2aaef653 --- /dev/null +++ b/operator/config/default/manager_metrics_patch.yaml @@ -0,0 +1,4 @@ +# This patch adds the args to allow exposing the metrics endpoint using HTTPS +- op: add + path: /spec/template/spec/containers/0/args/0 + value: --metrics-bind-address=:8443 diff --git a/operator/config/default/metrics_service.yaml b/operator/config/default/metrics_service.yaml new file mode 100644 index 00000000..ef414742 --- /dev/null +++ b/operator/config/default/metrics_service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: controller-manager-metrics-service + namespace: system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: 8443 + selector: + control-plane: controller-manager diff --git a/operator/config/manager/manager.yaml b/operator/config/manager/manager.yaml index d72b2532..6e408c3e 100644 --- a/operator/config/manager/manager.yaml +++ b/operator/config/manager/manager.yaml @@ -43,7 +43,6 @@ spec: - /manager - --leader-elect - --health-probe-bind-address=:8081 - - --metrics-bind-address=:8383 - --program-fs-adv-addr=pulumi-kubernetes-operator.$(POD_NAMESPACE).svc.cluster.local:80 - --zap-log-level=error - --zap-time-encoding=iso8601 diff --git a/operator/config/rbac/kustomization.yaml b/operator/config/rbac/kustomization.yaml index 712ae264..9f640410 100644 --- a/operator/config/rbac/kustomization.yaml +++ b/operator/config/rbac/kustomization.yaml @@ -6,4 +6,6 @@ resources: - leader_election_role_binding.yaml - edit.yaml - view.yaml - \ No newline at end of file + - metrics_auth_role.yaml + - metrics_auth_role_binding.yaml + - metrics_reader_role.yaml \ No newline at end of file diff --git a/operator/config/rbac/metrics_auth_role.yaml b/operator/config/rbac/metrics_auth_role.yaml new file mode 100644 index 00000000..32d2e4ec --- /dev/null +++ b/operator/config/rbac/metrics_auth_role.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: metrics-auth-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create diff --git a/operator/config/rbac/metrics_auth_role_binding.yaml b/operator/config/rbac/metrics_auth_role_binding.yaml new file mode 100644 index 00000000..e775d67f --- /dev/null +++ b/operator/config/rbac/metrics_auth_role_binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: metrics-auth-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: metrics-auth-role +subjects: +- kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/operator/config/rbac/metrics_reader_role.yaml b/operator/config/rbac/metrics_reader_role.yaml new file mode 100644 index 00000000..51a75db4 --- /dev/null +++ b/operator/config/rbac/metrics_reader_role.yaml @@ -0,0 +1,9 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: metrics-reader +rules: +- nonResourceURLs: + - "/metrics" + verbs: + - get From c8aba3ecaf73b803fc8df68cdf95a60047074a14 Mon Sep 17 00:00:00 2001 From: Ramon Quitales Date: Fri, 4 Oct 2024 10:36:19 -0700 Subject: [PATCH 2/8] refactor: rename metrics go files --- .../controller/pulumi/metrics_program.go | 2 ++ .../pulumi/{metrics.go => metrics_stack.go} | 17 +++++------------ 2 files changed, 7 insertions(+), 12 deletions(-) rename operator/internal/controller/pulumi/{metrics.go => metrics_stack.go} (85%) diff --git a/operator/internal/controller/pulumi/metrics_program.go b/operator/internal/controller/pulumi/metrics_program.go index cfccc322..6557a549 100644 --- a/operator/internal/controller/pulumi/metrics_program.go +++ b/operator/internal/controller/pulumi/metrics_program.go @@ -19,10 +19,12 @@ func init() { metrics.Registry.MustRegister(numPrograms) } +// newProgramCallback is a callback that is called when a new Program object is created. func newProgramCallback(_ any) { numPrograms.Inc() } +// updateProgramCallback is a callback that is called when a Program object is updated. func deleteProgramCallback(_ any) { numStacks.Dec() } diff --git a/operator/internal/controller/pulumi/metrics.go b/operator/internal/controller/pulumi/metrics_stack.go similarity index 85% rename from operator/internal/controller/pulumi/metrics.go rename to operator/internal/controller/pulumi/metrics_stack.go index b8f02bcd..4c10e69b 100644 --- a/operator/internal/controller/pulumi/metrics.go +++ b/operator/internal/controller/pulumi/metrics_stack.go @@ -10,13 +10,6 @@ import ( ) var ( - numStacks prometheus.Gauge - numStacksFailing *prometheus.GaugeVec -) - -func initMetrics() []prometheus.Collector { - var collectors []prometheus.Collector - numStacks = prometheus.NewGauge(prometheus.GaugeOpts{ Name: "stacks_active", Help: "Number of stacks currently tracked by the Pulumi Kubernetes Operator", @@ -28,20 +21,19 @@ func initMetrics() []prometheus.Collector { }, []string{"namespace", "name"}, ) - - collectors = append(collectors, numStacks, numStacksFailing) - return collectors -} +) func init() { // Register custom metrics with the global prometheus registry - metrics.Registry.MustRegister(initMetrics()...) + metrics.Registry.MustRegister(numStacks, numStacksFailing) } +// newStackCallback is a callback that is called when a new Stack object is created. func newStackCallback(obj interface{}) { numStacks.Inc() } +// updateStackCallback is a callback that is called when a Stack object is updated. func updateStackCallback(oldObj, newObj interface{}) { oldStack, ok := oldObj.(*pulumiv1.Stack) if !ok { @@ -64,6 +56,7 @@ func updateStackCallback(oldObj, newObj interface{}) { } } +// deleteStackCallback is a callback that is called when a Stack object is deleted. func deleteStackCallback(oldObj interface{}) { numStacks.Dec() oldStack, ok := oldObj.(*pulumiv1.Stack) From e1c8b3976f86d2137cb4e3f9fc40c60d527e356c Mon Sep 17 00:00:00 2001 From: Ramon Quitales Date: Fri, 4 Oct 2024 11:24:15 -0700 Subject: [PATCH 3/8] add stack_reconciling metric --- .../controller/pulumi/metrics_stack.go | 48 +++++++++++++++---- 1 file changed, 40 insertions(+), 8 deletions(-) diff --git a/operator/internal/controller/pulumi/metrics_stack.go b/operator/internal/controller/pulumi/metrics_stack.go index 4c10e69b..d84b788a 100644 --- a/operator/internal/controller/pulumi/metrics_stack.go +++ b/operator/internal/controller/pulumi/metrics_stack.go @@ -6,6 +6,7 @@ import ( "github.com/prometheus/client_golang/prometheus" "github.com/pulumi/pulumi-kubernetes-operator/v2/operator/api/pulumi/shared" pulumiv1 "github.com/pulumi/pulumi-kubernetes-operator/v2/operator/api/pulumi/v1" + apimeta "k8s.io/apimachinery/pkg/api/meta" "sigs.k8s.io/controller-runtime/pkg/metrics" ) @@ -14,6 +15,7 @@ var ( Name: "stacks_active", Help: "Number of stacks currently tracked by the Pulumi Kubernetes Operator", }) + numStacksFailing = prometheus.NewGaugeVec( prometheus.GaugeOpts{ Name: "stacks_failing", @@ -21,6 +23,14 @@ var ( }, []string{"namespace", "name"}, ) + + numStacksReconciling = prometheus.NewGaugeVec( + prometheus.GaugeOpts{ + Name: "stacks_reconciling", + Help: "Number of stacks currently registered where the last reconcile is in progress", + }, + []string{"namespace", "name"}, + ) ) func init() { @@ -29,12 +39,12 @@ func init() { } // newStackCallback is a callback that is called when a new Stack object is created. -func newStackCallback(obj interface{}) { +func newStackCallback(obj any) { numStacks.Inc() } // updateStackCallback is a callback that is called when a Stack object is updated. -func updateStackCallback(oldObj, newObj interface{}) { +func updateStackCallback(oldObj, newObj any) { oldStack, ok := oldObj.(*pulumiv1.Stack) if !ok { return @@ -45,19 +55,41 @@ func updateStackCallback(oldObj, newObj interface{}) { return } - // transition to failure - if newStack.Status.LastUpdate != nil && newStack.Status.LastUpdate.State == shared.FailedStackStateMessage { - numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(1) + updateStackFailureMetrics(oldStack, newStack) + updateStackReconcilingMetrics(oldStack, newStack) +} + +func updateStackFailureMetrics(oldStack, newStack *pulumiv1.Stack) { + if newStack.Status.LastUpdate == nil { + return } - // transition to success from failure - if newStack.Status.LastUpdate != nil && newStack.Status.LastUpdate.State == shared.SucceededStackStateMessage { + switch newStack.Status.LastUpdate.State { + case shared.FailedStackStateMessage: + numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(1) + case shared.SucceededStackStateMessage: numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(0) } } +func updateStackReconcilingMetrics(oldStack, newStack *pulumiv1.Stack) { + // Handle transition to reconciling state. + isReconciling := apimeta.IsStatusConditionTrue(newStack.Status.Conditions, pulumiv1.ReconcilingCondition) && + apimeta.IsStatusConditionFalse(oldStack.Status.Conditions, pulumiv1.ReconcilingCondition) + if isReconciling { + numStacksReconciling.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(1) + } + + // Handle transition to not reconciling state. + finishedReconciling := apimeta.IsStatusConditionFalse(newStack.Status.Conditions, pulumiv1.ReconcilingCondition) && + apimeta.IsStatusConditionTrue(oldStack.Status.Conditions, pulumiv1.ReconcilingCondition) + if finishedReconciling { + numStacksReconciling.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(0) + } +} + // deleteStackCallback is a callback that is called when a Stack object is deleted. -func deleteStackCallback(oldObj interface{}) { +func deleteStackCallback(oldObj any) { numStacks.Dec() oldStack, ok := oldObj.(*pulumiv1.Stack) if !ok { From 5781c8db00b9775d9a84fb95f328abe94c1a4661 Mon Sep 17 00:00:00 2001 From: Ramon Quitales Date: Fri, 4 Oct 2024 12:23:06 -0700 Subject: [PATCH 4/8] add unit tests to stack metrics --- .../controller/pulumi/metrics_stack.go | 47 ++-- .../controller/pulumi/metrics_stack_test.go | 200 ++++++++++++++++++ 2 files changed, 219 insertions(+), 28 deletions(-) create mode 100644 operator/internal/controller/pulumi/metrics_stack_test.go diff --git a/operator/internal/controller/pulumi/metrics_stack.go b/operator/internal/controller/pulumi/metrics_stack.go index d84b788a..811b5917 100644 --- a/operator/internal/controller/pulumi/metrics_stack.go +++ b/operator/internal/controller/pulumi/metrics_stack.go @@ -44,47 +44,37 @@ func newStackCallback(obj any) { } // updateStackCallback is a callback that is called when a Stack object is updated. -func updateStackCallback(oldObj, newObj any) { - oldStack, ok := oldObj.(*pulumiv1.Stack) - if !ok { - return - } - +func updateStackCallback(_, newObj any) { newStack, ok := newObj.(*pulumiv1.Stack) if !ok { return } - updateStackFailureMetrics(oldStack, newStack) - updateStackReconcilingMetrics(oldStack, newStack) + // We always set the gauge to 1 or 0, so we don't need to worry about the previous value. There should be minimal + // overhead in setting the gauge to the same value. + updateStackFailureMetrics(newStack) + updateStackReconcilingMetrics(newStack) } -func updateStackFailureMetrics(oldStack, newStack *pulumiv1.Stack) { +func updateStackFailureMetrics(newStack *pulumiv1.Stack) { if newStack.Status.LastUpdate == nil { return } switch newStack.Status.LastUpdate.State { case shared.FailedStackStateMessage: - numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(1) + numStacksFailing.With(prometheus.Labels{"namespace": newStack.Namespace, "name": newStack.Name}).Set(1) case shared.SucceededStackStateMessage: - numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(0) + numStacksFailing.With(prometheus.Labels{"namespace": newStack.Namespace, "name": newStack.Name}).Set(0) } } -func updateStackReconcilingMetrics(oldStack, newStack *pulumiv1.Stack) { - // Handle transition to reconciling state. - isReconciling := apimeta.IsStatusConditionTrue(newStack.Status.Conditions, pulumiv1.ReconcilingCondition) && - apimeta.IsStatusConditionFalse(oldStack.Status.Conditions, pulumiv1.ReconcilingCondition) - if isReconciling { - numStacksReconciling.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(1) - } - - // Handle transition to not reconciling state. - finishedReconciling := apimeta.IsStatusConditionFalse(newStack.Status.Conditions, pulumiv1.ReconcilingCondition) && - apimeta.IsStatusConditionTrue(oldStack.Status.Conditions, pulumiv1.ReconcilingCondition) - if finishedReconciling { - numStacksReconciling.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(0) +func updateStackReconcilingMetrics(newStack *pulumiv1.Stack) { + switch apimeta.IsStatusConditionTrue(newStack.Status.Conditions, pulumiv1.ReconcilingCondition) { + case true: + numStacksReconciling.With(prometheus.Labels{"namespace": newStack.Namespace, "name": newStack.Name}).Set(1) + case false: + numStacksReconciling.With(prometheus.Labels{"namespace": newStack.Namespace, "name": newStack.Name}).Set(0) } } @@ -95,8 +85,9 @@ func deleteStackCallback(oldObj any) { if !ok { return } - // assume that if there was a status recorded, this gauge exists - if oldStack.Status.LastUpdate != nil { - numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(0) - } + + // Reset any gauge metrics associated with the old stack. + numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(0) + numStacksReconciling.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(0) + } diff --git a/operator/internal/controller/pulumi/metrics_stack_test.go b/operator/internal/controller/pulumi/metrics_stack_test.go new file mode 100644 index 00000000..ea9f49d6 --- /dev/null +++ b/operator/internal/controller/pulumi/metrics_stack_test.go @@ -0,0 +1,200 @@ +// Copyright 2016-2024, Pulumi Corporation. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package pulumi + +import ( + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + "github.com/prometheus/client_golang/prometheus" + "github.com/prometheus/client_golang/prometheus/testutil" + "github.com/pulumi/pulumi-kubernetes-operator/v2/operator/api/pulumi/shared" + pulumiv1 "github.com/pulumi/pulumi-kubernetes-operator/v2/operator/api/pulumi/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +var _ = Describe("Stack Metrics", func() { + var ( + oldStack *pulumiv1.Stack + newStack *pulumiv1.Stack + ) + + Context("when a new stack is created", Ordered, func() { + BeforeAll(func() { + // Reset the metrics + numStacks.Set(0) + numStacksFailing.Reset() + numStacksReconciling.Reset() + + // Create a new stack object + newStack = &pulumiv1.Stack{} + }) + + It("should increment the numStacks metric", func() { + // Call the newStackCallback function + newStackCallback(newStack) + + // Check if the numStacks metric has been incremented + expected := 1.0 + actual := testutil.ToFloat64(numStacks) + Expect(actual).To(Equal(expected)) + }) + + It("should increment the numStacks metric again if another stack is created", func() { + // Call the newStackCallback function + newStackCallback(newStack) + + // Check if the numStacks metric has been incremented + expected := 2.0 + actual := testutil.ToFloat64(numStacks) + Expect(actual).To(Equal(expected)) + }) + }) + + Context("when a stack is updated", func() { + BeforeEach(func() { + // Create old and new stack objects for updateStackCallback. The new stack should be in a reconciling state. + oldStack = &pulumiv1.Stack{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "test", + Name: "test", + }, + } + newStack = &pulumiv1.Stack{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "test", + Name: "test", + }, + } + numStacks.Set(0) + numStacksFailing.Reset() + numStacksReconciling.Reset() + }) + + Describe("when testing the stacks_failing metric", Ordered, func() { + BeforeAll(func() { + // Set the new stack to a failed state + newStack.Status.MarkStalledCondition("reason", "message") + newStack.Status.LastUpdate = &shared.StackUpdateState{ + State: shared.FailedStackStateMessage, + } + + oldStack.Status.MarkReadyCondition() + }) + + It("should update the numStacksFailing metric to 1 when the stack update fails", func() { + // Call the updateStackCallback function + updateStackCallback(oldStack, newStack) + + // Check if the numStacksFailing metric has been updated + expectedFailing := 1.0 + actualFailing := testutil.ToFloat64(numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name})) + Expect(actualFailing).To(Equal(expectedFailing)) + }) + + It("should reset the numStacksFailing metric when the stack update succeeds", func() { + // Update the stack objects to be in a succeeded state. + newStack.Status.MarkReadyCondition() + newStack.Status.LastUpdate = &shared.StackUpdateState{ + State: shared.SucceededStackStateMessage, + } + oldStack.Status.MarkStalledCondition("reason", "message") + oldStack.Status.LastUpdate = &shared.StackUpdateState{ + State: shared.FailedStackStateMessage, + } + // Call the updateStackCallback function + updateStackCallback(oldStack, newStack) + + // Check if the numStacksFailing metric has been updated + expectedFailing := 0.0 + actualFailing := testutil.ToFloat64(numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name})) + Expect(actualFailing).To(Equal(expectedFailing)) + }) + }) + + Describe("when testing the stacks_reconciling metric", Ordered, func() { + BeforeAll(func() { + // Set the new stack to a failed state + newStack.Status.MarkReconcilingCondition("reason", "message") + oldStack.Status.MarkReadyCondition() + }) + + It("should update the numStackReconciling metric to 1 when the stack is reconciling", func() { + // Call the updateStackCallback function + updateStackCallback(oldStack, newStack) + + // Check if the numStacksReconciling metric has been updated + expectedReconciling := 1.0 + actualReconciling := testutil.ToFloat64(numStacksReconciling.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name})) + Expect(actualReconciling).To(Equal(expectedReconciling)) + }) + + It("should reset the numStackReconciling metric when the stack is finished reconciling", func() { + // Update the stack objects to be in a succeeded state. + newStack.Status.MarkReadyCondition() + oldStack.Status.MarkReconcilingCondition("reason", "message") + // Call the updateStackCallback function + updateStackCallback(oldStack, newStack) + + // Check if the numStacksReconciling metric has been updated + expectedReconciling := 0.0 + actualReconciling := testutil.ToFloat64(numStacksReconciling.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name})) + Expect(actualReconciling).To(Equal(expectedReconciling)) + }) + }) + }) + + Context("when a stack is deleted", func() { + BeforeEach(func() { + // Set the metrics + numStacks.Set(1) + numStacksFailing.With(prometheus.Labels{"namespace": "test", "name": "test"}).Set(1) + numStacksReconciling.With(prometheus.Labels{"namespace": "test", "name": "test"}).Set(1) + + // Create an old stack object for deleteStackCallback + oldStack = &pulumiv1.Stack{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "test", + Name: "test", + }, + Status: pulumiv1.StackStatus{ + LastUpdate: &shared.StackUpdateState{ + State: shared.SucceededStackStateMessage, + }, + }, + } + }) + + It("should decrement the numStacks metric and reset the numStacksFailing and numStacksReconciling metrics", func() { + // Call the deleteStackCallback function + deleteStackCallback(oldStack) + + // Check if the numStacks metric has been decremented + expected := 0.0 + actual := testutil.ToFloat64(numStacks) + Expect(actual).To(Equal(expected)) + + // Check if the numStacksFailing metric has been decremented + expectedFailing := 0.0 + actualFailing := testutil.ToFloat64(numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name})) + Expect(actualFailing).To(Equal(expectedFailing)) + + // Check if the numStacksReconciling metric has been decremented + expectedReconciling := 0.0 + actualReconciling := testutil.ToFloat64(numStacksReconciling.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name})) + Expect(actualReconciling).To(Equal(expectedReconciling)) + }) + }) +}) From deeb7b20d8bf0038a3f2da0aa48e8fc9761598fc Mon Sep 17 00:00:00 2001 From: Ramon Quitales Date: Fri, 4 Oct 2024 12:53:53 -0700 Subject: [PATCH 5/8] add program metrics test --- .../controller/pulumi/metrics_program.go | 7 ++- .../controller/pulumi/metrics_program_test.go | 52 +++++++++++++++++++ .../controller/pulumi/metrics_stack.go | 6 ++- .../controller/pulumi/metrics_stack_test.go | 29 ++++++++++- operator/internal/controller/pulumi/utils.go | 15 ++++++ 5 files changed, 105 insertions(+), 4 deletions(-) create mode 100644 operator/internal/controller/pulumi/metrics_program_test.go diff --git a/operator/internal/controller/pulumi/metrics_program.go b/operator/internal/controller/pulumi/metrics_program.go index 6557a549..c338d3d8 100644 --- a/operator/internal/controller/pulumi/metrics_program.go +++ b/operator/internal/controller/pulumi/metrics_program.go @@ -26,5 +26,10 @@ func newProgramCallback(_ any) { // updateProgramCallback is a callback that is called when a Program object is updated. func deleteProgramCallback(_ any) { - numStacks.Dec() + numPrograms.Dec() + + val, err := getGaugeValue(numPrograms) + if err == nil && val < 0 { + numPrograms.Set(0) + } } diff --git a/operator/internal/controller/pulumi/metrics_program_test.go b/operator/internal/controller/pulumi/metrics_program_test.go new file mode 100644 index 00000000..24b4e301 --- /dev/null +++ b/operator/internal/controller/pulumi/metrics_program_test.go @@ -0,0 +1,52 @@ +// Copyright 2016-2024, Pulumi Corporation. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package pulumi + +import ( + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + "github.com/prometheus/client_golang/prometheus/testutil" +) + +var _ = Describe("Program Metrics", Ordered, func() { + BeforeAll(func() { + numPrograms.Set(0) + }) + + It("should increment the programs_active metric when a new Program is created", func() { + newProgramCallback(nil) + Expect(testutil.ToFloat64(numPrograms)).To(Equal(1.0)) + }) + + It("should increment the programs_active metric when another Program is created", func() { + newProgramCallback(nil) + Expect(testutil.ToFloat64(numPrograms)).To(Equal(2.0)) + }) + + It("should decrement the programs_active metric when a Program is deleted", func() { + deleteProgramCallback(nil) + Expect(testutil.ToFloat64(numPrograms)).To(Equal(1.0)) + }) + + It("should decrement the programs_active metric when another Program is deleted", func() { + deleteProgramCallback(nil) + Expect(testutil.ToFloat64(numPrograms)).To(Equal(0.0)) + }) + + It("should not decrement the programs_active metric when a Program is deleted and the metric is already at 0", func() { + deleteProgramCallback(nil) + Expect(testutil.ToFloat64(numPrograms)).To(Equal(0.0)) + }) +}) diff --git a/operator/internal/controller/pulumi/metrics_stack.go b/operator/internal/controller/pulumi/metrics_stack.go index 811b5917..771e0daa 100644 --- a/operator/internal/controller/pulumi/metrics_stack.go +++ b/operator/internal/controller/pulumi/metrics_stack.go @@ -81,6 +81,11 @@ func updateStackReconcilingMetrics(newStack *pulumiv1.Stack) { // deleteStackCallback is a callback that is called when a Stack object is deleted. func deleteStackCallback(oldObj any) { numStacks.Dec() + val, err := getGaugeValue(numStacks) + if err == nil && val < 0 { + numStacks.Set(0) + } + oldStack, ok := oldObj.(*pulumiv1.Stack) if !ok { return @@ -89,5 +94,4 @@ func deleteStackCallback(oldObj any) { // Reset any gauge metrics associated with the old stack. numStacksFailing.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(0) numStacksReconciling.With(prometheus.Labels{"namespace": oldStack.Namespace, "name": oldStack.Name}).Set(0) - } diff --git a/operator/internal/controller/pulumi/metrics_stack_test.go b/operator/internal/controller/pulumi/metrics_stack_test.go index ea9f49d6..b97646ab 100644 --- a/operator/internal/controller/pulumi/metrics_stack_test.go +++ b/operator/internal/controller/pulumi/metrics_stack_test.go @@ -43,7 +43,6 @@ var _ = Describe("Stack Metrics", func() { }) It("should increment the numStacks metric", func() { - // Call the newStackCallback function newStackCallback(newStack) // Check if the numStacks metric has been incremented @@ -53,7 +52,6 @@ var _ = Describe("Stack Metrics", func() { }) It("should increment the numStacks metric again if another stack is created", func() { - // Call the newStackCallback function newStackCallback(newStack) // Check if the numStacks metric has been incremented @@ -61,6 +59,33 @@ var _ = Describe("Stack Metrics", func() { actual := testutil.ToFloat64(numStacks) Expect(actual).To(Equal(expected)) }) + + It("should decrement the numStacks metric if a stack is deleted", func() { + deleteStackCallback(newStack) + + // Check if the numStacks metric has been decremented + expected := 1.0 + actual := testutil.ToFloat64(numStacks) + Expect(actual).To(Equal(expected)) + }) + + It("should decrement the numStacks metric again if another stack is deleted", func() { + deleteStackCallback(newStack) + + // Check if the numStacks metric has been decremented + expected := 0.0 + actual := testutil.ToFloat64(numStacks) + Expect(actual).To(Equal(expected)) + }) + + It("should not decrement the numStacks metric if a stack is deleted and the metric is already at 0", func() { + deleteStackCallback(newStack) + + // Check if the numStacks metric has been decremented + expected := 0.0 + actual := testutil.ToFloat64(numStacks) + Expect(actual).To(Equal(expected)) + }) }) Context("when a stack is updated", func() { diff --git a/operator/internal/controller/pulumi/utils.go b/operator/internal/controller/pulumi/utils.go index 69f9b261..d6547931 100644 --- a/operator/internal/controller/pulumi/utils.go +++ b/operator/internal/controller/pulumi/utils.go @@ -16,6 +16,11 @@ limitations under the License. package pulumi +import ( + "github.com/prometheus/client_golang/prometheus" + dto "github.com/prometheus/client_model/go" +) + func exactlyOneOf(these ...bool) bool { var found bool for _, b := range these { @@ -26,3 +31,13 @@ func exactlyOneOf(these ...bool) bool { } return found } + +// getGaugeValue returns the value of a gauge metric. This is useful to check that a gauge +// does not go into negative values. +func getGaugeValue(metric prometheus.Gauge) (float64, error) { + var m = &dto.Metric{} + if err := metric.Write(m); err != nil { + return 0, err + } + return m.Gauge.GetValue(), nil +} From 2cd018c1aba21d8579041ddb44cc2429c2fff10a Mon Sep 17 00:00:00 2001 From: Ramon Quitales Date: Fri, 4 Oct 2024 13:08:03 -0700 Subject: [PATCH 6/8] add metrics to documentation --- docs/metrics.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/metrics.md b/docs/metrics.md index 45e7d8a4..99f555f2 100644 --- a/docs/metrics.md +++ b/docs/metrics.md @@ -22,6 +22,8 @@ The current implementation explicitly emits the following metrics: 1. `stacks_active` - a `gauge` time series that reports the number of currently registered stacks managed by the system 2. `stacks_failing` - a set of `gauge` time series, labelled by namespace, that gives the number of stacks currently failing (`stack.status.lastUpdate.state` is `failed`) +3. `stacks_reconciling` - a set of `gauge` time series, labelled by namespace, that gives the number of stacks currently reconciling (`stack.status.conditions` contains a Condition of type `Reconciling` that is `True`) +4. `programs_active` - a `gauge` time series that reports the number of currently registered programs managed by the system In addition, we find tracking the following metrics emitted by the controller-runtime would be useful to track: From 3554cd5d9e79c79efdafedba450e605510109d26 Mon Sep 17 00:00:00 2001 From: Ramon Quitales Date: Mon, 7 Oct 2024 15:37:52 -0700 Subject: [PATCH 7/8] fix go mod files to combine require blocks --- go.mod | 79 ++++++++++++++++++++++++++++------------------------------ go.sum | 34 ++++++++++++------------- 2 files changed, 54 insertions(+), 59 deletions(-) diff --git a/go.mod b/go.mod index 93c49fb1..464ceb56 100644 --- a/go.mod +++ b/go.mod @@ -7,6 +7,7 @@ require ( github.com/fluxcd/pkg/http/fetch v0.11.0 github.com/fluxcd/source-controller/api v1.3.0 github.com/go-git/go-git/v5 v5.12.0 + github.com/go-logr/logr v1.4.1 github.com/gogo/protobuf v1.3.2 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 github.com/mitchellh/go-ps v1.0.0 @@ -14,6 +15,8 @@ require ( github.com/onsi/gomega v1.33.1 github.com/opencontainers/go-digest v1.0.0 github.com/operator-framework/operator-lib v0.14.0 + github.com/prometheus/client_golang v1.19.0 + github.com/prometheus/client_model v0.6.1 github.com/pulumi/pulumi/sdk/v3 v3.127.1-0.20240801092425-22d28187db0a github.com/spf13/cobra v1.8.1 github.com/stretchr/testify v1.9.0 @@ -22,40 +25,15 @@ require ( google.golang.org/grpc v1.65.0 google.golang.org/protobuf v1.34.2 k8s.io/api v0.30.1 + k8s.io/apiextensions-apiserver v0.30.1 k8s.io/apimachinery v0.30.1 k8s.io/client-go v0.30.1 k8s.io/kubernetes v1.30.3 k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 sigs.k8s.io/controller-runtime v0.18.4 + sigs.k8s.io/yaml v1.4.0 ) -require ( - github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect - github.com/blang/semver/v4 v4.0.0 // indirect - github.com/cenkalti/backoff/v4 v4.2.1 // indirect - github.com/felixge/httpsnoop v1.0.3 // indirect - github.com/go-logr/stdr v1.2.2 // indirect - github.com/google/cel-go v0.17.8 // indirect - github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect - github.com/stoewer/go-strcase v1.2.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 // indirect - go.opentelemetry.io/otel v1.19.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0 // indirect - go.opentelemetry.io/otel/metric v1.19.0 // indirect - go.opentelemetry.io/otel/sdk v1.19.0 // indirect - go.opentelemetry.io/otel/trace v1.19.0 // indirect - go.opentelemetry.io/proto/otlp v1.0.0 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157 // indirect - k8s.io/apiserver v0.30.1 // indirect - k8s.io/component-base v0.30.1 // indirect - sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 // indirect -) - -// Replace digest lib to master to gather access to BLAKE3. -// xref: https://github.com/opencontainers/go-digest/pull/66 -replace github.com/opencontainers/go-digest => github.com/opencontainers/go-digest v1.0.1-0.20220411205349-bde1400a84be - require ( dario.cat/mergo v1.0.0 // indirect github.com/BurntSushi/toml v1.2.1 // indirect @@ -63,10 +41,13 @@ require ( github.com/ProtonMail/go-crypto v1.0.0 // indirect github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da // indirect github.com/agext/levenshtein v1.2.3 // indirect + github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect github.com/atotto/clipboard v0.1.4 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect github.com/beorn7/perks v1.0.1 // indirect + github.com/blang/semver/v4 v4.0.0 // indirect + github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/charmbracelet/bubbles v0.16.1 // indirect github.com/charmbracelet/bubbletea v0.25.0 // indirect @@ -75,32 +56,35 @@ require ( github.com/cloudflare/circl v1.3.7 // indirect github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect - github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect + github.com/davecgh/go-spew v1.1.1 // indirect github.com/djherbis/times v1.5.0 // indirect - github.com/emicklei/go-restful/v3 v3.12.0 // indirect + github.com/emicklei/go-restful/v3 v3.11.2 // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/felixge/httpsnoop v1.0.3 // indirect github.com/fluxcd/pkg/apis/acl v0.3.0 // indirect github.com/fluxcd/pkg/apis/meta v1.5.0 // indirect github.com/fluxcd/pkg/tar v0.7.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.5.0 // indirect - github.com/go-logr/logr v1.4.1 + github.com/go-logr/stdr v1.2.2 // indirect github.com/go-logr/zapr v1.3.0 // indirect - github.com/go-openapi/jsonpointer v0.21.0 // indirect - github.com/go-openapi/jsonreference v0.21.0 // indirect - github.com/go-openapi/swag v0.23.0 // indirect + github.com/go-openapi/jsonpointer v0.20.2 // indirect + github.com/go-openapi/jsonreference v0.20.4 // indirect + github.com/go-openapi/swag v0.22.9 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/golang/glog v1.2.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect + github.com/google/cel-go v0.17.8 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect github.com/google/uuid v1.6.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect @@ -135,11 +119,9 @@ require ( github.com/pjbgf/sha1cd v0.3.0 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pkg/term v1.1.0 // indirect - github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/prometheus/client_golang v1.19.0 - github.com/prometheus/client_model v0.6.1 // indirect - github.com/prometheus/common v0.53.0 // indirect - github.com/prometheus/procfs v0.14.0 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/prometheus/common v0.48.0 // indirect + github.com/prometheus/procfs v0.12.0 // indirect github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect github.com/pulumi/esc v0.9.1 // indirect github.com/rivo/uniseg v0.4.4 // indirect @@ -149,6 +131,7 @@ require ( github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect github.com/skeema/knownhosts v1.2.2 // indirect github.com/spf13/pflag v1.0.5 // indirect + github.com/stoewer/go-strcase v1.2.0 // indirect github.com/texttheater/golang-levenshtein v1.0.1 // indirect github.com/tweekmonster/luser v0.0.0-20161003172636-3fa38070dbd7 // indirect github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect @@ -156,6 +139,14 @@ require ( github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/zclconf/go-cty v1.13.2 // indirect github.com/zeebo/blake3 v0.2.3 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 // indirect + go.opentelemetry.io/otel v1.19.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0 // indirect + go.opentelemetry.io/otel/metric v1.19.0 // indirect + go.opentelemetry.io/otel/sdk v1.19.0 // indirect + go.opentelemetry.io/otel/trace v1.19.0 // indirect + go.opentelemetry.io/proto/otlp v1.0.0 // indirect go.uber.org/atomic v1.9.0 // indirect go.uber.org/multierr v1.11.0 // indirect golang.org/x/crypto v0.24.0 // indirect @@ -170,17 +161,23 @@ require ( golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.22.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240528184218-531527333157 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.30.1 + k8s.io/apiserver v0.30.1 // indirect + k8s.io/component-base v0.30.1 // indirect k8s.io/klog/v2 v2.120.1 // indirect - k8s.io/kube-openapi v0.0.0-20240411171206-dc4e619f62f3 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect lukechampine.com/frand v1.4.2 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect - sigs.k8s.io/yaml v1.4.0 ) + +// Replace digest lib to master to gather access to BLAKE3. +// xref: https://github.com/opencontainers/go-digest/pull/66 +replace github.com/opencontainers/go-digest => github.com/opencontainers/go-digest v1.0.1-0.20220411205349-bde1400a84be diff --git a/go.sum b/go.sum index 379d7312..92f4bd33 100644 --- a/go.sum +++ b/go.sum @@ -59,15 +59,14 @@ github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= -github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/djherbis/times v1.5.0 h1:79myA211VwPhFTqUk8xehWrsEO+zcIZj0zT8mXPVARU= github.com/djherbis/times v1.5.0/go.mod h1:5q7FDLvbNg1L/KaBmPcWlVR9NmoKo3+ucqUA3ijQhA0= github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU= github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= -github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= -github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.2 h1:1onLa9DcsMYO9P+CXaL0dStDqQ2EHHXLiz+BtnqkLAU= +github.com/emicklei/go-restful/v3 v3.11.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -117,12 +116,12 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= -github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= -github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= -github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= -github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= -github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-openapi/jsonpointer v0.20.2 h1:mQc3nmndL8ZBzStEo3JYF8wzmeWffDH4VbXz58sAx6Q= +github.com/go-openapi/jsonpointer v0.20.2/go.mod h1:bHen+N0u1KEO3YlmqOjTT9Adn1RfD91Ar825/PuiRVs= +github.com/go-openapi/jsonreference v0.20.4 h1:bKlDxQxQJgwpUSgOENiMPzCTBVuc7vTdXSSgNeAhojU= +github.com/go-openapi/jsonreference v0.20.4/go.mod h1:5pZJyJP2MnYCpoeoMAql78cCHauHj0V9Lhc506VOpw4= +github.com/go-openapi/swag v0.22.9 h1:XX2DssF+mQKM2DHsbgZK74y/zj4mo9I99+89xUmuZCE= +github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/XNLXVVwE= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= @@ -263,18 +262,17 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/term v1.1.0 h1:xIAAdCMh3QIAy+5FrE8Ad8XoDhEU4ufwbaSozViP9kk= github.com/pkg/term v1.1.0/go.mod h1:E25nymQcrSllhX42Ok8MRm1+hyBdHY0dCeiKZ9jpNGw= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= -github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU= github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.53.0 h1:U2pL9w9nmJwJDa4qqLQ3ZaePJ6ZTwt7cMD3AG3+aLCE= -github.com/prometheus/common v0.53.0/go.mod h1:BrxBKv3FWBIGXw89Mg1AeBq7FSyRzXWI3l3e7W3RN5U= -github.com/prometheus/procfs v0.14.0 h1:Lw4VdGGoKEZilJsayHf0B+9YgLGREba2C6xr+Fdfq6s= -github.com/prometheus/procfs v0.14.0/go.mod h1:XL+Iwz8k8ZabyZfMFHPiilCniixqQarAy5Mu67pHlNQ= +github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE= +github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc= +github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435cARxCW6q9gc0S/Yxz7Mkd38pOb0= github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.9.1 h1:HH5eEv8sgyxSpY5a8yePyqFXzA8cvBvapfH8457+mIs= @@ -540,8 +538,8 @@ k8s.io/component-base v0.30.1 h1:bvAtlPh1UrdaZL20D9+sWxsJljMi0QZ3Lmw+kmZAaxQ= k8s.io/component-base v0.30.1/go.mod h1:e/X9kDiOebwlI41AvBHuWdqFriSRrX50CdwA9TFaHLI= k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20240411171206-dc4e619f62f3 h1:SbdLaI6mM6ffDSJCadEaD4IkuPzepLDGlkd2xV0t1uA= -k8s.io/kube-openapi v0.0.0-20240411171206-dc4e619f62f3/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= k8s.io/kubernetes v1.30.3 h1:A0qoXI1YQNzrQZiff33y5zWxYHFT/HeZRK98/sRDJI0= k8s.io/kubernetes v1.30.3/go.mod h1:yPbIk3MhmhGigX62FLJm+CphNtjxqCvAIFQXup6RKS0= k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 h1:jgGTlFYnhF1PM1Ax/lAlxUPE+KfCIXHaathvJg1C3ak= From 2bc40eefdfacc1f860e8f44360b25a51c3c916a2 Mon Sep 17 00:00:00 2001 From: Ramon Quitales Date: Tue, 8 Oct 2024 11:57:53 -0700 Subject: [PATCH 8/8] fix: change rel position of kustomize container args patch val --- operator/config/default/manager_metrics_patch.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/operator/config/default/manager_metrics_patch.yaml b/operator/config/default/manager_metrics_patch.yaml index 2aaef653..86e888d9 100644 --- a/operator/config/default/manager_metrics_patch.yaml +++ b/operator/config/default/manager_metrics_patch.yaml @@ -1,4 +1,4 @@ # This patch adds the args to allow exposing the metrics endpoint using HTTPS - op: add - path: /spec/template/spec/containers/0/args/0 + path: /spec/template/spec/containers/0/args/1 value: --metrics-bind-address=:8443