From 8c662e2218409dbf62bf5687c5986b1ff0ea072a Mon Sep 17 00:00:00 2001
From: drivebyer <yang.wu@daocloud.io>
Date: Mon, 16 Oct 2023 14:21:39 +0800
Subject: [PATCH] [Fix] : redis exporter mismatch environment

Signed-off-by: drivebyer <yang.wu@daocloud.io>
---
 k8sutils/statefulset.go      | 69 ++++++++++++++-----------------
 k8sutils/statefulset_test.go | 79 +++++++++++++++++++++---------------
 2 files changed, 77 insertions(+), 71 deletions(-)

diff --git a/k8sutils/statefulset.go b/k8sutils/statefulset.go
index 9c2d4cf8c..69c77985a 100644
--- a/k8sutils/statefulset.go
+++ b/k8sutils/statefulset.go
@@ -343,12 +343,10 @@ func generateContainerDef(name string, containerParams containerParameters, clus
 			SecurityContext: containerParams.SecurityContext,
 			Env: getEnvironmentVariables(
 				containerParams.Role,
-				false,
 				containerParams.EnabledPassword,
 				containerParams.SecretName,
 				containerParams.SecretKey,
 				containerParams.PersistenceEnabled,
-				containerParams.RedisExporterEnv,
 				containerParams.TLSConfig,
 				containerParams.ACLConfig,
 				containerParams.EnvVars,
@@ -463,19 +461,8 @@ func enableRedisMonitoring(params containerParameters) corev1.Container {
 		Name:            redisExporterContainer,
 		Image:           params.RedisExporterImage,
 		ImagePullPolicy: params.RedisExporterImagePullPolicy,
-		Env: getEnvironmentVariables(
-			params.Role,
-			true,
-			params.EnabledPassword,
-			params.SecretName,
-			params.SecretKey,
-			params.PersistenceEnabled,
-			params.RedisExporterEnv,
-			params.TLSConfig,
-			params.ACLConfig,
-			params.EnvVars,
-		),
-		VolumeMounts: getVolumeMount("", nil, false, false, nil, params.AdditionalMountPath, params.TLSConfig, params.ACLConfig), // We need/want the tls-certs but we DON'T need the PVC (if one is available)
+		Env:             getExporterEnvironmentVariables(params.TLSConfig, params.RedisExporterEnv),
+		VolumeMounts:    getVolumeMount("", nil, false, false, nil, params.AdditionalMountPath, params.TLSConfig, params.ACLConfig), // We need/want the tls-certs but we DON'T need the PVC (if one is available)
 		Ports: []corev1.ContainerPort{
 			{
 				Name:          redisExporterPortName,
@@ -490,6 +477,32 @@ func enableRedisMonitoring(params containerParameters) corev1.Container {
 	return exporterDefinition
 }
 
+func getExporterEnvironmentVariables(tlsConfig *redisv1beta2.TLSConfig, env *[]corev1.EnvVar) []corev1.EnvVar {
+	var envVars []corev1.EnvVar
+	if tlsConfig != nil {
+		envVars = append(envVars, corev1.EnvVar{
+			Name:  "REDIS_EXPORTER_TLS_CLIENT_KEY_FILE",
+			Value: "/tls/tls.key",
+		})
+		envVars = append(envVars, corev1.EnvVar{
+			Name:  "REDIS_EXPORTER_TLS_CLIENT_CERT_FILE",
+			Value: "/tls/tls.crt",
+		})
+		envVars = append(envVars, corev1.EnvVar{
+			Name:  "REDIS_EXPORTER_TLS_CA_CERT_FILE",
+			Value: "/tls/ca.crt",
+		})
+		envVars = append(envVars, corev1.EnvVar{
+			Name:  "REDIS_EXPORTER_SKIP_TLS_VERIFICATION",
+			Value: "true",
+		})
+	}
+	if env != nil {
+		envVars = append(envVars, *env...)
+	}
+	return envVars
+}
+
 // getVolumeMount gives information about persistence mount
 func getVolumeMount(name string, persistenceEnabled *bool, clusterMode bool, nodeConfVolume bool, externalConfig *string, mountpath []corev1.VolumeMount, tlsConfig *redisv1beta2.TLSConfig, aclConfig *redisv1beta2.ACLConfig) []corev1.VolumeMount {
 	var VolumeMounts []corev1.VolumeMount
@@ -556,8 +569,8 @@ func getProbeInfo(probe *commonapi.Probe) *corev1.Probe {
 }
 
 // getEnvironmentVariables returns all the required Environment Variables
-func getEnvironmentVariables(role string, enabledMetric bool, enabledPassword *bool, secretName *string,
-	secretKey *string, persistenceEnabled *bool, exporterEnvVar *[]corev1.EnvVar, tlsConfig *redisv1beta2.TLSConfig,
+func getEnvironmentVariables(role string, enabledPassword *bool, secretName *string,
+	secretKey *string, persistenceEnabled *bool, tlsConfig *redisv1beta2.TLSConfig,
 	aclConfig *redisv1beta2.ACLConfig, envVar *[]corev1.EnvVar) []corev1.EnvVar {
 	envVars := []corev1.EnvVar{
 		{Name: "SERVER_MODE", Value: role},
@@ -573,24 +586,6 @@ func getEnvironmentVariables(role string, enabledMetric bool, enabledPassword *b
 
 	if tlsConfig != nil {
 		envVars = append(envVars, GenerateTLSEnvironmentVariables(tlsConfig)...)
-		if enabledMetric {
-			envVars = append(envVars, corev1.EnvVar{
-				Name:  "REDIS_EXPORTER_TLS_CLIENT_KEY_FILE",
-				Value: "/tls/tls.key",
-			})
-			envVars = append(envVars, corev1.EnvVar{
-				Name:  "REDIS_EXPORTER_TLS_CLIENT_CERT_FILE",
-				Value: "/tls/tls.crt",
-			})
-			envVars = append(envVars, corev1.EnvVar{
-				Name:  "REDIS_EXPORTER_TLS_CA_CERT_FILE",
-				Value: "/tls/ca.crt",
-			})
-			envVars = append(envVars, corev1.EnvVar{
-				Name:  "REDIS_EXPORTER_SKIP_TLS_VERIFICATION",
-				Value: "true",
-			})
-		}
 	}
 
 	if aclConfig != nil {
@@ -622,10 +617,6 @@ func getEnvironmentVariables(role string, enabledMetric bool, enabledPassword *b
 		envVars = append(envVars, corev1.EnvVar{Name: "PERSISTENCE_ENABLED", Value: "true"})
 	}
 
-	if exporterEnvVar != nil {
-		envVars = append(envVars, *exporterEnvVar...)
-	}
-
 	if envVar != nil {
 		envVars = append(envVars, *envVar...)
 	}
diff --git a/k8sutils/statefulset_test.go b/k8sutils/statefulset_test.go
index 1bb954166..09a39ced9 100644
--- a/k8sutils/statefulset_test.go
+++ b/k8sutils/statefulset_test.go
@@ -222,12 +222,10 @@ func TestGetEnvironmentVariables(t *testing.T) {
 	tests := []struct {
 		name                string
 		role                string
-		enabledMetric       bool
 		enabledPassword     *bool
 		secretName          *string
 		secretKey           *string
 		persistenceEnabled  *bool
-		exporterEnvVar      *[]corev1.EnvVar
 		tlsConfig           *redisv1beta2.TLSConfig
 		aclConfig           *redisv1beta2.ACLConfig
 		envVar              *[]corev1.EnvVar
@@ -236,14 +234,10 @@ func TestGetEnvironmentVariables(t *testing.T) {
 		{
 			name:               "Test with role sentinel, metrics true, password true, persistence true, exporter env, tls enabled, acl enabled and env var",
 			role:               "sentinel",
-			enabledMetric:      true,
 			enabledPassword:    pointer.Bool(true),
 			secretName:         pointer.String("test-secret"),
 			secretKey:          pointer.String("test-key"),
 			persistenceEnabled: pointer.Bool(true),
-			exporterEnvVar: &[]corev1.EnvVar{
-				{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
-			},
 			tlsConfig: &redisv1beta2.TLSConfig{
 				TLSConfig: common.TLSConfig{
 					CaKeyFile:   "test_ca.crt",
@@ -266,10 +260,6 @@ func TestGetEnvironmentVariables(t *testing.T) {
 				{Name: "ACL_MODE", Value: "true"},
 				{Name: "PERSISTENCE_ENABLED", Value: "true"},
 				{Name: "REDIS_ADDR", Value: "redis://localhost:26379"},
-				{Name: "REDIS_EXPORTER_SKIP_TLS_VERIFICATION", Value: "true"},
-				{Name: "REDIS_EXPORTER_TLS_CA_CERT_FILE", Value: "/tls/ca.crt"},
-				{Name: "REDIS_EXPORTER_TLS_CLIENT_CERT_FILE", Value: "/tls/tls.crt"},
-				{Name: "REDIS_EXPORTER_TLS_CLIENT_KEY_FILE", Value: "/tls/tls.key"},
 				{Name: "TLS_MODE", Value: "true"},
 				{Name: "REDIS_TLS_CA_KEY", Value: path.Join("/tls/", "test_ca.crt")},
 				{Name: "REDIS_TLS_CERT", Value: path.Join("/tls/", "test_tls.crt")},
@@ -285,18 +275,15 @@ func TestGetEnvironmentVariables(t *testing.T) {
 				{Name: "SERVER_MODE", Value: "sentinel"},
 				{Name: "SETUP_MODE", Value: "sentinel"},
 				{Name: "TEST_ENV", Value: "test-value"},
-				{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
 			},
 		},
 		{
 			name:               "Test with role redis, metrics false, password nil, persistence nil, exporter nil, tls nil, acl nil and nil env var",
 			role:               "redis",
-			enabledMetric:      false,
 			enabledPassword:    nil,
 			secretName:         nil,
 			secretKey:          nil,
 			persistenceEnabled: nil,
-			exporterEnvVar:     nil,
 			tlsConfig:          nil,
 			aclConfig:          nil,
 			envVar:             nil,
@@ -309,12 +296,10 @@ func TestGetEnvironmentVariables(t *testing.T) {
 		{
 			name:               "Test with role redis, metrics false, password nil, persistence false, exporter nil, tls nil, acl nil and nil env var",
 			role:               "sentinel",
-			enabledMetric:      false,
 			enabledPassword:    nil,
 			secretName:         nil,
 			secretKey:          nil,
 			persistenceEnabled: pointer.Bool(false),
-			exporterEnvVar:     nil,
 			tlsConfig:          nil,
 			aclConfig:          nil,
 			envVar:             nil,
@@ -327,16 +312,12 @@ func TestGetEnvironmentVariables(t *testing.T) {
 		{
 			name:               "Test with role cluster, metrics true, password true, persistence true, exporter env, tls nil, acl enabled and env var",
 			role:               "cluster",
-			enabledMetric:      true,
 			enabledPassword:    pointer.Bool(true),
 			secretName:         pointer.String("test-secret"),
 			secretKey:          pointer.String("test-key"),
 			persistenceEnabled: pointer.Bool(true),
-			exporterEnvVar: &[]corev1.EnvVar{
-				{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
-			},
-			tlsConfig: nil,
-			aclConfig: &redisv1beta2.ACLConfig{},
+			tlsConfig:          nil,
+			aclConfig:          &redisv1beta2.ACLConfig{},
 			envVar: &[]corev1.EnvVar{
 				{Name: "TEST_ENV", Value: "test-value"},
 			},
@@ -355,36 +336,70 @@ func TestGetEnvironmentVariables(t *testing.T) {
 				{Name: "SERVER_MODE", Value: "cluster"},
 				{Name: "SETUP_MODE", Value: "cluster"},
 				{Name: "TEST_ENV", Value: "test-value"},
-				{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
 			},
 		},
 		{
 			name:               "Test with cluster role and only metrics enabled",
 			role:               "cluster",
-			enabledMetric:      true,
 			enabledPassword:    nil,
 			secretName:         nil,
 			secretKey:          nil,
 			persistenceEnabled: nil,
-			exporterEnvVar: &[]corev1.EnvVar{
-				{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
-			},
-			tlsConfig: nil,
-			aclConfig: nil,
-			envVar:    nil,
+			tlsConfig:          nil,
+			aclConfig:          nil,
+			envVar:             nil,
 			expectedEnvironment: []corev1.EnvVar{
 				{Name: "REDIS_ADDR", Value: "redis://localhost:6379"},
 				{Name: "SERVER_MODE", Value: "cluster"},
 				{Name: "SETUP_MODE", Value: "cluster"},
-				{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
 			},
 		},
 	}
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			actualEnvironment := getEnvironmentVariables(tt.role, tt.enabledMetric, tt.enabledPassword, tt.secretName,
-				tt.secretKey, tt.persistenceEnabled, tt.exporterEnvVar, tt.tlsConfig, tt.aclConfig, tt.envVar)
+			actualEnvironment := getEnvironmentVariables(tt.role, tt.enabledPassword, tt.secretName,
+				tt.secretKey, tt.persistenceEnabled, tt.tlsConfig, tt.aclConfig, tt.envVar)
+
+			assert.ElementsMatch(t, tt.expectedEnvironment, actualEnvironment)
+		})
+	}
+}
+
+func Test_getExporterEnvironmentVariables(t *testing.T) {
+	tests := []struct {
+		name                string
+		tlsConfig           *redisv1beta2.TLSConfig
+		envVar              *[]corev1.EnvVar
+		expectedEnvironment []corev1.EnvVar
+	}{
+		{
+			name: "Test with tls enabled and env var",
+			tlsConfig: &redisv1beta2.TLSConfig{
+				TLSConfig: common.TLSConfig{
+					CaKeyFile:   "test_ca.crt",
+					CertKeyFile: "test_tls.crt",
+					KeyFile:     "test_tls.key",
+					Secret: corev1.SecretVolumeSource{
+						SecretName: "tls-secret",
+					},
+				},
+			},
+			envVar: &[]corev1.EnvVar{
+				{Name: "TEST_ENV", Value: "test-value"},
+			},
+			expectedEnvironment: []corev1.EnvVar{
+				{Name: "REDIS_EXPORTER_TLS_CLIENT_KEY_FILE", Value: "/tls/tls.key"},
+				{Name: "REDIS_EXPORTER_TLS_CLIENT_CERT_FILE", Value: "/tls/tls.crt"},
+				{Name: "REDIS_EXPORTER_TLS_CA_CERT_FILE", Value: "/tls/ca.crt"},
+				{Name: "REDIS_EXPORTER_SKIP_TLS_VERIFICATION", Value: "true"},
+				{Name: "TEST_ENV", Value: "test-value"},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			actualEnvironment := getExporterEnvironmentVariables(tt.tlsConfig, tt.envVar)
 
 			assert.ElementsMatch(t, tt.expectedEnvironment, actualEnvironment)
 		})