Merge branch 'main' into remove-module-status-feature-flag

kyma-project · Sep 18, 2024 · 8383612 · 8383612
2 parents b64a0e6 + 3d537e1
commit 8383612
Show file tree

Hide file tree

Showing 21 changed files with 223 additions and 67 deletions.
diff --git a/.github/workflows/branch-integration.yml b/.github/workflows/branch-integration.yml
@@ -7,7 +7,10 @@ on:
       - "release-*"
     paths-ignore:
       - 'docs/**'
-      - '**.md'
+      - 'dependencies/**'
+      - '**/*.md'
+      - 'OWNERS'
+      - 'CODEOWNERS'
   workflow_dispatch:
 
 jobs:

diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml
@@ -6,12 +6,24 @@ on:
     branches:
       - "main"
       - "release-[0-9]+.[0-9]+"
+    paths-ignore:
+      - 'docs/**'
+      - 'dependencies/**'
+      - '**/*.md'
+      - 'OWNERS'
+      - 'CODEOWNERS'
   push:
     branches:
       - "main"
       - "release-[0-9]+.[0-9]+"
     tags:
       - "[0-9]+.[0-9]+.[0-9]+"
+    paths-ignore:
+      - 'docs/**'
+      - 'dependencies/**'
+      - '**/*.md'
+      - 'OWNERS'
+      - 'CODEOWNERS'
 jobs:
   envs:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/build-telemetry-self-monitor-image.yml b/.github/workflows/build-telemetry-self-monitor-image.yml
@@ -0,0 +1,73 @@
+name: Telemetry Self Monitor Image Builder
+
+on:
+  pull_request_target:
+    paths:
+      - "dependencies/telemetry-self-monitor/**"
+    types: [ opened, edited, synchronize, reopened, ready_for_review ]
+  push:
+    branches:
+      - main
+    paths:
+      - "dependencies/telemetry-self-monitor/**"
+  workflow_dispatch:
+
+jobs:
+  envs:
+    runs-on: ubuntu-latest
+    outputs:
+      build-args: ${{ steps.prepare-envs.outputs.build-args }}
+      build-tag: ${{ steps.build-tag.outputs.build-tag || '' }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Fetch new env file
+        run: |
+          git fetch origin ${{ github.event.pull_request.head.sha }}
+          git checkout ${{ github.event.pull_request.head.sha }} --no-overlay -- dependencies/telemetry-self-monitor/envs
+        if: github.event_name == 'pull_request_target'
+
+      - name: Prepare Envs
+        id: prepare-envs
+        run: |
+          {
+          # this creates a multiline string with the envs. 
+          # Everything between `build-args<<BUILD_ARGS` and BUILD_ARGS will be content of the build-args variable.
+          echo 'build-args<<BUILD_ARGS'
+          cat dependencies/telemetry-self-monitor/envs
+          echo BUILD_ARGS
+
+          } >> "$GITHUB_OUTPUT"
+
+      - name: load envs into output
+        id: load-envs
+        run: |
+          cat dependencies/telemetry-self-monitor/envs >> "$GITHUB_OUTPUT"
+
+      - name: get commit short sha
+        id: get-short-sha
+        run: echo "short-sha=$(git rev-parse --short $GITHUB_SHA)" >> $GITHUB_OUTPUT
+
+      - name: build image tag
+        id: build-tag
+        run: echo "build-tag=${{ steps.load-envs.outputs.PROMETHEUS_VERSION }}-${{ steps.get-short-sha.outputs.short-sha }}" >> $GITHUB_OUTPUT
+        if: github.event_name == 'push'
+
+  build-image:
+    needs: envs
+    uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main
+    with:
+      name: tpi/telemetry-self-monitor
+      dockerfile: Dockerfile
+      context: dependencies/telemetry-self-monitor
+      build-args: ${{ needs.envs.outputs.build-args }}
+      tags: ${{ needs.envs.outputs.build-tag }}
+  list-images:
+    needs: build-image
+    runs-on: ubuntu-latest
+    steps:
+      - name: List images
+        run: |
+          echo "${{ needs.build-image.outputs.images }}"
diff --git a/.github/workflows/pr-integration.yml b/.github/workflows/pr-integration.yml
@@ -28,6 +28,7 @@ jobs:
         with:
           files_ignore: |
             docs/**
+            dependencies/**
             **/*.md
             OWNERS
             CODEOWNERS

diff --git a/.github/workflows/pr-lifecycle.yml b/.github/workflows/pr-lifecycle.yml
@@ -25,6 +25,7 @@ jobs:
         with:
           files_ignore: |
             docs/**
+            dependencies/**
             **/*.md
             OWNERS
             CODEOWNERS

diff --git a/.golangci.yaml b/.golangci.yaml
@@ -124,6 +124,8 @@ linters-settings:
         alias: ctrlpredicate
       - pkg: "github.com/kyma-project/telemetry-manager/internal/reconciler/commonstatus/stubs"
         alias: commonStatusStubs
+      - pkg: "k8s.io/client-go/testing"
+        alias: clienttesting
   errcheck:
     check-type-assertions: true # Reports type assertions: `a := b.(SomeStruct)`.
     check-blank: true # Report assignment of errors to blank identifier: `num, _ := strconv.Atoi(numStr)`.

diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,5 @@
 # Build the manager binary
-FROM europe-docker.pkg.dev/kyma-project/prod/external/library/golang:1.22.5-alpine AS builder
+FROM europe-docker.pkg.dev/kyma-project/prod/external/library/golang:1.23.1-alpine3.20 AS builder
 
 WORKDIR /telemetry-manager-workspace
 # Copy the Go Modules manifests

diff --git a/controllers/telemetry/logpipeline_controller.go b/controllers/telemetry/logpipeline_controller.go
@@ -24,6 +24,8 @@ import (
 	rbacv1 "k8s.io/api/rbac/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/client-go/discovery"
+	"k8s.io/client-go/rest"
 	ctrl "sigs.k8s.io/controller-runtime"
 	ctrlbuilder "sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -65,14 +67,14 @@ type LogPipelineControllerConfig struct {
 	PriorityClassName      string
 	SelfMonitorName        string
 	TelemetryNamespace     string
+	RestConfig             *rest.Config
 }
 
 func NewLogPipelineController(client client.Client, reconcileTriggerChan <-chan event.GenericEvent, config LogPipelineControllerConfig) (*LogPipelineController, error) {
 	flowHealthProber, err := prober.NewLogPipelineProber(types.NamespacedName{Name: config.SelfMonitorName, Namespace: config.TelemetryNamespace})
 	if err != nil {
 		return nil, err
 	}
-
 	reconcilerCfg := logpipeline.Config{
 		SectionsConfigMap:     types.NamespacedName{Name: "telemetry-fluent-bit-sections", Namespace: config.TelemetryNamespace},
 		FilesConfigMap:        types.NamespacedName{Name: "telemetry-fluent-bit-files", Namespace: config.TelemetryNamespace},
@@ -99,12 +101,16 @@ func NewLogPipelineController(client client.Client, reconcileTriggerChan <-chan
 		SecretRefValidator: &secretref.Validator{Client: client},
 	}
 
+	discoveryClient, err := discovery.NewDiscoveryClientForConfig(config.RestConfig)
+	if err != nil {
+		return nil, err
+	}
 	reconciler := logpipeline.New(
 		client,
 		reconcilerCfg,
 		&workloadstatus.DaemonSetProber{Client: client},
 		flowHealthProber,
-		istiostatus.NewChecker(client),
+		istiostatus.NewChecker(discoveryClient),
 		overrides.New(client, overrides.HandlerConfig{SystemNamespace: config.TelemetryNamespace}),
 		pipelineValidator,
 		&conditions.ErrorToMessageConverter{},

diff --git a/controllers/telemetry/metricpipeline_controller.go b/controllers/telemetry/metricpipeline_controller.go
@@ -26,6 +26,8 @@ import (
 	rbacv1 "k8s.io/api/rbac/v1"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/client-go/discovery"
+	"k8s.io/client-go/rest"
 	ctrl "sigs.k8s.io/controller-runtime"
 	ctrlbuilder "sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -62,7 +64,7 @@ type MetricPipelineController struct {
 
 type MetricPipelineControllerConfig struct {
 	metricpipeline.Config
-
+	RestConfig         *rest.Config
 	SelfMonitorName    string
 	TelemetryNamespace string
 }
@@ -85,6 +87,10 @@ func NewMetricPipelineController(client client.Client, reconcileTriggerChan <-ch
 	agentRBAC := otelcollector.MakeMetricAgentRBAC(types.NamespacedName{Name: config.Agent.BaseName, Namespace: config.Agent.Namespace})
 	gatewayRBAC := otelcollector.MakeMetricGatewayRBAC(types.NamespacedName{Name: config.Gateway.BaseName, Namespace: config.Gateway.Namespace})
 
+	discoveryClient, err := discovery.NewDiscoveryClientForConfig(config.RestConfig)
+	if err != nil {
+		return nil, err
+	}
 	reconciler := metricpipeline.New(
 		client,
 		config.Config,
@@ -99,7 +105,7 @@ func NewMetricPipelineController(client client.Client, reconcileTriggerChan <-ch
 		&otelcollector.GatewayApplierDeleter{Config: config.Gateway, RBAC: gatewayRBAC},
 		&gateway.Builder{Reader: client},
 		&workloadstatus.DeploymentProber{Client: client},
-		istiostatus.NewChecker(client),
+		istiostatus.NewChecker(discoveryClient),
 		overrides.New(client, overrides.HandlerConfig{SystemNamespace: config.TelemetryNamespace}),
 		pipelineLock,
 		pipelineValidator,

diff --git a/controllers/telemetry/tracepipeline_controller.go b/controllers/telemetry/tracepipeline_controller.go
@@ -25,6 +25,8 @@ import (
 	networkingv1 "k8s.io/api/networking/v1"
 	rbacv1 "k8s.io/api/rbac/v1"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/client-go/discovery"
+	"k8s.io/client-go/rest"
 	ctrl "sigs.k8s.io/controller-runtime"
 	ctrlbuilder "sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -60,7 +62,7 @@ type TracePipelineController struct {
 
 type TracePipelineControllerConfig struct {
 	tracepipeline.Config
-
+	RestConfig         *rest.Config
 	SelfMonitorName    string
 	TelemetryNamespace string
 }
@@ -81,15 +83,18 @@ func NewTracePipelineController(client client.Client, reconcileTriggerChan <-cha
 	}
 
 	gatewayRBAC := otelcollector.MakeTraceGatewayRBAC(types.NamespacedName{Name: config.Gateway.BaseName, Namespace: config.Gateway.Namespace})
-
+	discoveryClient, err := discovery.NewDiscoveryClientForConfig(config.RestConfig)
+	if err != nil {
+		return nil, err
+	}
 	reconciler := tracepipeline.New(
 		client,
 		config.Config,
 		flowHealthProber,
 		&otelcollector.GatewayApplierDeleter{Config: config.Gateway, RBAC: gatewayRBAC},
 		&gateway.Builder{Reader: client},
 		&workloadstatus.DeploymentProber{Client: client},
-		istiostatus.NewChecker(client),
+		istiostatus.NewChecker(discoveryClient),
 		overrides.New(client, overrides.HandlerConfig{SystemNamespace: config.TelemetryNamespace}),
 		pipelineLock,
 		pipelineValidator,

diff --git a/dependencies/telemetry-self-monitor/Dockerfile b/dependencies/telemetry-self-monitor/Dockerfile
@@ -0,0 +1,33 @@
+ARG ALPINE_VERSION
+
+FROM node:alpine${ALPINE_VERSION} as builder
+
+ARG PROMETHEUS_VERSION
+
+RUN apk add --no-cache git make musl-dev go curl bash
+RUN apk --no-cache upgrade
+
+# Configure Go
+ENV GOROOT /usr/lib/go
+ENV GOPATH /go
+ENV PATH /go/bin:$PATH
+
+
+RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin
+WORKDIR /
+RUN curl -LO https://github.com/prometheus/prometheus/archive/refs/tags/v${PROMETHEUS_VERSION}.tar.gz
+RUN tar xvzf v${PROMETHEUS_VERSION}.tar.gz
+RUN mv /prometheus-${PROMETHEUS_VERSION} /prometheus
+
+WORKDIR /prometheus
+COPY plugins.yml plugins.yml
+RUN make build
+
+FROM scratch
+
+COPY --from=builder /prometheus/prometheus /bin/prometheus
+
+USER       nobody
+EXPOSE     9090
+
+ENTRYPOINT [ "/bin/prometheus" ]
diff --git a/dependencies/telemetry-self-monitor/README.md b/dependencies/telemetry-self-monitor/README.md
@@ -0,0 +1,12 @@
+# Telemetry Self Monitor Docker Image
+
+The container image is built based on the latest [Prometheus LTS image](https://prometheus.io/docs/introduction/release-cycle/).
+
+Additionally, there is a [plugins.yml](./plugins.yml) file, which contains the list of the required plugins. 
+
+## Build locally
+
+To build the image locally with the versions taken from the `envs` file, run:
+```
+docker build -t telemetry-self-monitor:local --build-arg PROMETHEUS_VERSION=XXX --build-arg ALPINE_VERSION=XXX .
+```
diff --git a/dependencies/telemetry-self-monitor/envs b/dependencies/telemetry-self-monitor/envs
@@ -0,0 +1,2 @@
+PROMETHEUS_VERSION=2.53.2
+ALPINE_VERSION=3.20
diff --git a/dependencies/telemetry-self-monitor/plugins.yml b/dependencies/telemetry-self-monitor/plugins.yml
@@ -0,0 +1 @@
+- github.com/prometheus/prometheus/discovery/kubernetes
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/kyma-project/telemetry-manager
 
-go 1.22.5
+go 1.23.1
 
 require (
 	github.com/go-logr/logr v1.4.2

diff --git a/internal/istiostatus/istio_status_checker.go b/internal/istiostatus/istio_status_checker.go
@@ -2,36 +2,33 @@ package istiostatus
 
 import (
 	"context"
-	"slices"
 	"strings"
 
-	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
-	"sigs.k8s.io/controller-runtime/pkg/client"
+	"k8s.io/client-go/discovery"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 )
 
 type Checker struct {
-	client client.Reader
+	discovery discovery.DiscoveryInterface
 }
 
-const peerAuthenticationIstioCRD = "peerauthentications.security.istio.io"
-
-func NewChecker(client client.Reader) *Checker {
-	return &Checker{
-		client: client,
-	}
-
+func NewChecker(d discovery.DiscoveryInterface) *Checker {
+	return &Checker{discovery: d}
 }
 
 // IsIstioActive checks if Istio is active on the cluster based on the presence of Istio CRDs
 func (isc *Checker) IsIstioActive(ctx context.Context) bool {
-	var crdList apiextensionsv1.CustomResourceDefinitionList
-	if err := isc.client.List(ctx, &crdList); err != nil {
-		logf.FromContext(ctx).Error(err, "Unable to list CRDs to check Istio status")
-		return false
+
+	groupList, err := isc.discovery.ServerGroups()
+	if err != nil {
+		logf.FromContext(ctx).Error(err, "error getting group list from server")
+	}
+
+	for _, group := range groupList.Groups {
+		if strings.Contains(group.Name, ".istio.io") {
+			return true
+		}
 	}
+	return false
 
-	return slices.ContainsFunc(crdList.Items, func(crd apiextensionsv1.CustomResourceDefinition) bool {
-		return strings.EqualFold(crd.GetName(), peerAuthenticationIstioCRD)
-	})
 }