diff --git a/LICENSE-3rdparty.csv b/LICENSE-3rdparty.csv index 074c2d407..12a5345a8 100644 --- a/LICENSE-3rdparty.csv +++ b/LICENSE-3rdparty.csv @@ -25,9 +25,13 @@ core,github.com/DataDog/viper,MIT core,github.com/DataDog/zstd,BSD-3-Clause core,github.com/Masterminds/semver,MIT core,github.com/Masterminds/semver/v3,MIT +core,github.com/antlr4-go/antlr/v4,BSD-3-Clause +core,github.com/asaskevich/govalidator,MIT core,github.com/benbjohnson/clock,MIT core,github.com/beorn7/perks/quantile,MIT +core,github.com/blang/semver/v4,MIT core,github.com/cenkalti/backoff,MIT +core,github.com/cenkalti/backoff/v4,MIT core,github.com/cespare/xxhash/v2,MIT core,github.com/cihub/seelog,BSD-3-Clause core,github.com/davecgh/go-spew/spew,ISC @@ -35,9 +39,11 @@ core,github.com/dustin/go-humanize,MIT core,github.com/ebitengine/purego,Apache-2.0 core,github.com/emicklei/go-restful/v3,MIT core,github.com/evanphx/json-patch/v5,BSD-3-Clause +core,github.com/felixge/httpsnoop,MIT core,github.com/fsnotify/fsnotify,BSD-3-Clause core,github.com/fxamacker/cbor/v2,MIT core,github.com/go-logr/logr,Apache-2.0 +core,github.com/go-logr/stdr,Apache-2.0 core,github.com/go-logr/zapr,Apache-2.0 core,github.com/go-openapi/jsonpointer,Apache-2.0 core,github.com/go-openapi/jsonreference,Apache-2.0 @@ -46,6 +52,7 @@ core,github.com/gobwas/glob,MIT core,github.com/gogo/protobuf,BSD-3-Clause core,github.com/golang/groupcache/lru,Apache-2.0 core,github.com/golang/protobuf,BSD-3-Clause +core,github.com/google/cel-go,Apache-2.0 core,github.com/google/gnostic-models,Apache-2.0 core,github.com/google/go-cmp/cmp,BSD-3-Clause core,github.com/google/gofuzz,Apache-2.0 @@ -53,6 +60,7 @@ core,github.com/google/pprof/profile,Apache-2.0 core,github.com/google/uuid,BSD-3-Clause core,github.com/grpc-ecosystem/go-grpc-middleware,Apache-2.0 core,github.com/grpc-ecosystem/grpc-gateway,BSD-3-Clause +core,github.com/grpc-ecosystem/grpc-gateway/v2,BSD-3-Clause core,github.com/hashicorp/hcl,MPL-2.0 core,github.com/imdario/mergo,BSD-3-Clause core,github.com/josharian/intern,MIT @@ -83,14 +91,24 @@ core,github.com/shirou/gopsutil/v3,BSD-3-Clause core,github.com/spaolacci/murmur3,BSD-3-Clause core,github.com/spf13/afero,Apache-2.0 core,github.com/spf13/cast,MIT +core,github.com/spf13/cobra,Apache-2.0 core,github.com/spf13/jwalterweatherman,MIT core,github.com/spf13/pflag,BSD-3-Clause +core,github.com/stoewer/go-strcase,MIT core,github.com/stretchr/objx,MIT core,github.com/stretchr/testify,MIT core,github.com/tinylib/msgp/msgp,MIT core,github.com/x448/float16,MIT core,github.com/zorkian/go-datadog-api,BSD-3-Clause core,go.etcd.io/bbolt,MIT +core,go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp,Apache-2.0 +core,go.opentelemetry.io/otel,Apache-2.0 +core,go.opentelemetry.io/otel/exporters/otlp/otlptrace,Apache-2.0 +core,go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc,Apache-2.0 +core,go.opentelemetry.io/otel/metric,Apache-2.0 +core,go.opentelemetry.io/otel/sdk,Apache-2.0 +core,go.opentelemetry.io/otel/trace,Apache-2.0 +core,go.opentelemetry.io/proto/otlp,Apache-2.0 core,go.uber.org/atomic,MIT core,go.uber.org/multierr,MIT core,go.uber.org/zap,MIT @@ -98,6 +116,7 @@ core,golang.org/x/exp,BSD-3-Clause core,golang.org/x/mod/semver,BSD-3-Clause core,golang.org/x/net,BSD-3-Clause core,golang.org/x/oauth2,BSD-3-Clause +core,golang.org/x/sync/singleflight,BSD-3-Clause core,golang.org/x/sys/unix,BSD-3-Clause core,golang.org/x/term,BSD-3-Clause core,golang.org/x/text,BSD-3-Clause @@ -105,7 +124,7 @@ core,golang.org/x/time/rate,BSD-3-Clause core,golang.org/x/xerrors,BSD-3-Clause core,gomodules.xyz/jsonpatch/v2,Apache-2.0 core,google.golang.org/genproto/googleapis/api,Apache-2.0 -core,google.golang.org/genproto/googleapis/rpc/status,Apache-2.0 +core,google.golang.org/genproto/googleapis/rpc,Apache-2.0 core,google.golang.org/genproto/protobuf/field_mask,Apache-2.0 core,google.golang.org/grpc,Apache-2.0 core,google.golang.org/protobuf,BSD-3-Clause @@ -117,14 +136,19 @@ core,k8s.io/api,Apache-2.0 core,k8s.io/apiextensions-apiserver/pkg/apis/apiextensions,Apache-2.0 core,k8s.io/apimachinery/pkg,Apache-2.0 core,k8s.io/apimachinery/third_party/forked/golang,BSD-3-Clause +core,k8s.io/apiserver,Apache-2.0 core,k8s.io/client-go,Apache-2.0 +core,k8s.io/component-base,Apache-2.0 core,k8s.io/klog/v2,Apache-2.0 core,k8s.io/kube-aggregator/pkg/apis/apiregistration,Apache-2.0 core,k8s.io/kube-openapi/pkg,Apache-2.0 core,k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json,BSD-3-Clause +core,k8s.io/kube-openapi/pkg/validation/errors,Apache-2.0 core,k8s.io/kube-openapi/pkg/validation/spec,Apache-2.0 +core,k8s.io/kube-openapi/pkg/validation/strfmt,Apache-2.0 core,k8s.io/utils,Apache-2.0 -core,k8s.io/utils/internal/third_party/forked/golang/net,BSD-3-Clause +core,k8s.io/utils/internal/third_party/forked/golang,BSD-3-Clause +core,sigs.k8s.io/apiserver-network-proxy/konnectivity-client,Apache-2.0 core,sigs.k8s.io/controller-runtime,Apache-2.0 core,sigs.k8s.io/json,Apache-2.0 core,sigs.k8s.io/structured-merge-diff/v4,Apache-2.0 diff --git a/api/datadoghq/common/const.go b/api/datadoghq/common/const.go index 4572bae7f..8faba335e 100644 --- a/api/datadoghq/common/const.go +++ b/api/datadoghq/common/const.go @@ -5,146 +5,12 @@ package common -// TODO move most of these constants out of common - -// This file tracks constants related to setting up the Datadog Agents +// This file tracks common constants used across API versions +// // Labels const ( // AgentDeploymentNameLabelKey label key use to link a Resource to a DatadogAgent AgentDeploymentNameLabelKey = "agent.datadoghq.com/name" // AgentDeploymentComponentLabelKey label key use to know with component is it AgentDeploymentComponentLabelKey = "agent.datadoghq.com/component" - // MD5AgentDeploymentProviderLabelKey label key is used to identify which provider is being used - MD5AgentDeploymentProviderLabelKey = "agent.datadoghq.com/provider" - // MD5AgentDeploymentAnnotationKey annotation key used on a Resource in order to identify which AgentDeployment have been used to generate it. - MD5AgentDeploymentAnnotationKey = "agent.datadoghq.com/agentspechash" - // MD5ChecksumAnnotationKey annotation key is used to identify customConfig configurations - MD5ChecksumAnnotationKey = "checksum/%s-custom-config" -) - -// Annotations -const ( - SystemProbeAppArmorAnnotationKey = "container.apparmor.security.beta.kubernetes.io/system-probe" - SystemProbeAppArmorAnnotationValue = "unconfined" - - AgentAppArmorAnnotationKey = "container.apparmor.security.beta.kubernetes.io/agent" - AgentAppArmorAnnotationValue = "unconfined" -) - -// Datadog volume names and mount paths -const ( - ConfdVolumeName = "confd" - ConfdVolumePath = "/conf.d" - ConfigVolumeName = "config" - ConfigVolumePath = "/etc/datadog-agent" - ChecksdVolumeName = "checksd" - ChecksdVolumePath = "/checks.d" - - HostRootVolumeName = "hostroot" - HostRootHostPath = "/" - HostRootMountPath = "/host/root" - - GroupVolumeName = "group" - GroupHostPath = "/etc/group" - GroupMountPath = "/etc/group" - - PasswdVolumeName = "passwd" - PasswdHostPath = "/etc/passwd" - PasswdMountPath = "/etc/passwd" - - ProcdirVolumeName = "procdir" - ProcdirHostPath = "/proc" - ProcdirMountPath = "/host/proc" - - CgroupsVolumeName = "cgroups" - CgroupsHostPath = "/sys/fs/cgroup" - CgroupsMountPath = "/host/sys/fs/cgroup" - - SystemProbeOSReleaseDirVolumeName = "host-osrelease" - SystemProbeOSReleaseDirVolumePath = "/etc/os-release" - SystemProbeOSReleaseDirMountPath = "/host/etc/os-release" - - SystemProbeSocketVolumeName = "sysprobe-socket-dir" - SystemProbeSocketVolumePath = "/var/run/sysprobe" - - DebugfsVolumeName = "debugfs" - // same path on host and container - DebugfsPath = "/sys/kernel/debug" - - ModulesVolumeName = "modules" - // same path on host and container - ModulesVolumePath = "/lib/modules" - - SrcVolumeName = "src" - // same path on host and container - SrcVolumePath = "/usr/src" - - AgentCustomConfigVolumePath = "/etc/datadog-agent/datadog.yaml" - SystemProbeConfigVolumePath = "/etc/datadog-agent/system-probe.yaml" - OtelCustomConfigVolumePath = "/etc/datadog-agent/otel-config.yaml" - - LogDatadogVolumeName = "logdatadog" - LogDatadogVolumePath = "/var/log/datadog" - DefaultLogTempStoragePath = "/var/lib/datadog-agent/logs" - TmpVolumeName = "tmp" - TmpVolumePath = "/tmp" - CertificatesVolumeName = "certificates" - CertificatesVolumePath = "/etc/datadog-agent/certificates" - AuthVolumeName = "datadog-agent-auth" - AuthVolumePath = "/etc/datadog-agent/auth" - InstallInfoVolumeName = "installinfo" - InstallInfoVolumeSubPath = "install_info" - InstallInfoVolumePath = "/etc/datadog-agent/install_info" - InstallInfoVolumeReadOnly = true - - DogstatsdHostPortName = "dogstatsdport" - DogstatsdHostPortHostPort = 8125 - DogstatsdSocketVolumeName = "dsdsocket" - DogstatsdAPMSocketHostPath = "/var/run/datadog" - DogstatsdSocketLocalPath = "/var/run/datadog" - DogstatsdSocketName = "dsd.socket" - - HostCriSocketPathPrefix = "/host" - CriSocketVolumeName = "runtimesocketdir" - RuntimeDirVolumePath = "/var/run" - - KubeletAgentCAPath = "/var/run/host-kubelet-ca.crt" - KubeletCAVolumeName = "kubelet-ca" - - APMSocketName = "apm.socket" - - ExternalMetricsAPIServiceName = "v1beta1.external.metrics.k8s.io" - - SeccompSecurityVolumeName = "datadog-agent-security" - SeccompSecurityVolumePath = "/etc/config" - SeccompRootVolumeName = "seccomp-root" - SeccompRootVolumePath = "/host/var/lib/kubelet/seccomp" - SeccompRootPath = "/var/lib/kubelet/seccomp" - SystemProbeSeccompKey = "system-probe-seccomp.json" - SystemProbeAgentSecurityConfigMapSuffixName = "system-probe-seccomp" - SystemProbeSeccompProfileName = "system-probe" - - AppArmorAnnotationKey = "container.apparmor.security.beta.kubernetes.io" - - AgentCustomConfigVolumeName = "custom-datadog-yaml" - ClusterAgentCustomConfigVolumeName = "custom-cluster-agent-yaml" - - FIPSProxyCustomConfigVolumeName = "fips-proxy-cfg" - FIPSProxyCustomConfigFileName = "datadog-fips-proxy.cfg" - FIPSProxyCustomConfigMapName = "%s-fips-config" - FIPSProxyCustomConfigMountPath = "/etc/datadog-fips-proxy/datadog-fips-proxy.cfg" -) - -const ( - // FieldPathSpecNodeName used as FieldPath for selecting the NodeName - FieldPathSpecNodeName = "spec.nodeName" - - // FieldPathStatusHostIP used as FieldPath to retrieve the host ip - FieldPathStatusHostIP = "status.hostIP" - - // FieldPathStatusPodIP used as FieldPath to retrieve the pod ip - FieldPathStatusPodIP = "status.podIP" - - // FieldPathMetaName used as FieldPath to retrieve the pod name - FieldPathMetaName = "metadata.name" ) diff --git a/api/datadoghq/common/envvar.go b/api/datadoghq/common/envvar.go index b25e2ff8c..f01e82580 100644 --- a/api/datadoghq/common/envvar.go +++ b/api/datadoghq/common/envvar.go @@ -5,193 +5,6 @@ package common -// TODO move most of these out of common - -// Datadog env var names -const ( - DatadogHost = "DATADOG_HOST" - DDAdmissionControllerAgentSidecarEnabled = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_ENABLED" - DDAdmissionControllerAgentSidecarClusterAgentEnabled = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_CLUSTER_AGENT_ENABLED" - DDAdmissionControllerAgentSidecarProvider = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_PROVIDER" - DDAdmissionControllerAgentSidecarRegistry = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_CONTAINER_REGISTRY" - DDAdmissionControllerAgentSidecarImageName = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_IMAGE_NAME" - DDAdmissionControllerAgentSidecarImageTag = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_IMAGE_TAG" - DDAdmissionControllerAgentSidecarSelectors = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_SELECTORS" - DDAdmissionControllerAgentSidecarProfiles = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_PROFILES" - DDAdmissionControllerEnabled = "DD_ADMISSION_CONTROLLER_ENABLED" - DDAdmissionControllerValidationEnabled = "DD_ADMISSION_CONTROLLER_VALIDATION_ENABLED" - DDAdmissionControllerMutationEnabled = "DD_ADMISSION_CONTROLLER_MUTATION_ENABLED" - DDAdmissionControllerInjectConfig = "DD_ADMISSION_CONTROLLER_INJECT_CONFIG_ENABLED" - DDAdmissionControllerInjectConfigMode = "DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE" - DDAdmissionControllerInjectTags = "DD_ADMISSION_CONTROLLER_INJECT_TAGS_ENABLED" - DDAdmissionControllerLocalServiceName = "DD_ADMISSION_CONTROLLER_INJECT_CONFIG_LOCAL_SERVICE_NAME" - DDAdmissionControllerMutateUnlabelled = "DD_ADMISSION_CONTROLLER_MUTATE_UNLABELLED" - DDAdmissionControllerServiceName = "DD_ADMISSION_CONTROLLER_SERVICE_NAME" - DDAdmissionControllerFailurePolicy = "DD_ADMISSION_CONTROLLER_FAILURE_POLICY" - DDAdmissionControllerWebhookName = "DD_ADMISSION_CONTROLLER_WEBHOOK_NAME" - DDAdmissionControllerRegistryName = "DD_ADMISSION_CONTROLLER_CONTAINER_REGISTRY" - DDAdmissionControllerCWSInstrumentationEnabled = "DD_ADMISSION_CONTROLLER_CWS_INSTRUMENTATION_ENABLED" - DDAdmissionControllerCWSInstrumentationMode = "DD_ADMISSION_CONTROLLER_CWS_INSTRUMENTATION_MODE" - DDAdmissionControllerAppsecEnabled = "DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_APPSEC_ENABLED" - DDAdmissionControllerAppsecSCAEnabled = "DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_APPSEC_SCA_ENABLED" - DDAdmissionControllerIASTEnabled = "DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_IAST_ENABLED" - DDAPIKey = "DD_API_KEY" - DDAPMEnabled = "DD_APM_ENABLED" - DDAPMInstrumentationInstallTime = "DD_INSTRUMENTATION_INSTALL_TIME" - DDAPMInstrumentationInstallId = "DD_INSTRUMENTATION_INSTALL_ID" - DDAPMInstrumentationInstallType = "DD_INSTRUMENTATION_INSTALL_TYPE" - DDAPMNonLocalTraffic = "DD_APM_NON_LOCAL_TRAFFIC" - DDAPMReceiverPort = "DD_APM_RECEIVER_PORT" - DDAPMReceiverSocket = "DD_APM_RECEIVER_SOCKET" - DDAPMInstrumentationEnabled = "DD_APM_INSTRUMENTATION_ENABLED" - DDAPMInstrumentationEnabledNamespaces = "DD_APM_INSTRUMENTATION_ENABLED_NAMESPACES" - DDAPMInstrumentationDisabledNamespaces = "DD_APM_INSTRUMENTATION_DISABLED_NAMESPACES" - DDAPMInstrumentationLibVersions = "DD_APM_INSTRUMENTATION_LIB_VERSIONS" - DDAppKey = "DD_APP_KEY" - DDAuthTokenFilePath = "DD_AUTH_TOKEN_FILE_PATH" - DDChecksTagCardinality = "DD_CHECKS_TAG_CARDINALITY" - DDClcRunnerEnabled = "DD_CLC_RUNNER_ENABLED" - DDClcRunnerHost = "DD_CLC_RUNNER_HOST" - DDClcRunnerID = "DD_CLC_RUNNER_ID" - DDClusterAgentAuthToken = "DD_CLUSTER_AGENT_AUTH_TOKEN" - DDClusterAgentEnabled = "DD_CLUSTER_AGENT_ENABLED" - DDClusterAgentKubeServiceName = "DD_CLUSTER_AGENT_KUBERNETES_SERVICE_NAME" - DDClusterAgentServiceAccountName = "DD_CLUSTER_AGENT_SERVICE_ACCOUNT_NAME" - DDClusterAgentTokenName = "DD_CLUSTER_AGENT_TOKEN_NAME" - DDClusterChecksEnabled = "DD_CLUSTER_CHECKS_ENABLED" - DDClusterName = "DD_CLUSTER_NAME" - DDCollectKubernetesEvents = "DD_COLLECT_KUBERNETES_EVENTS" - DDComplianceConfigCheckInterval = "DD_COMPLIANCE_CONFIG_CHECK_INTERVAL" - DDComplianceConfigDir = "DD_COMPLIANCE_CONFIG_DIR" - DDComplianceConfigEnabled = "DD_COMPLIANCE_CONFIG_ENABLED" - DDComplianceHostBenchmarksEnabled = "DD_COMPLIANCE_HOST_BENCHMARKS_ENABLED" - DDContainerCollectionEnabled = "DD_PROCESS_CONFIG_CONTAINER_COLLECTION_ENABLED" - DDCriSocketPath = "DD_CRI_SOCKET_PATH" - DDddURL = "DD_DD_URL" - DDURL = "DD_URL" - DDDogstatsdEnabled = "DD_USE_DOGSTATSD" - DDDogstatsdMapperProfiles = "DD_DOGSTATSD_MAPPER_PROFILES" - DDDogstatsdNonLocalTraffic = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" - DDDogstatsdOriginDetection = "DD_DOGSTATSD_ORIGIN_DETECTION" - DDDogstatsdOriginDetectionClient = "DD_DOGSTATSD_ORIGIN_DETECTION_CLIENT" - DDDogstatsdTagCardinality = "DD_DOGSTATSD_TAG_CARDINALITY" - DDDogstatsdPort = "DD_DOGSTATSD_PORT" - DDDogstatsdSocket = "DD_DOGSTATSD_SOCKET" - DDEnableMetadataCollection = "DD_ENABLE_METADATA_COLLECTION" - DDEnableOOMKillEnvVar = "DD_SYSTEM_PROBE_CONFIG_ENABLE_OOM_KILL" - DDEnableTCPQueueLengthEnvVar = "DD_SYSTEM_PROBE_CONFIG_ENABLE_TCP_QUEUE_LENGTH" - DDEnableEBPFCheckEnvVar = "DD_EBPF_CHECK_ENABLED" - DDExternalMetricsProviderAPIKey = "DD_EXTERNAL_METRICS_PROVIDER_API_KEY" - DDExternalMetricsProviderAppKey = "DD_EXTERNAL_METRICS_PROVIDER_APP_KEY" - DDExternalMetricsProviderEndpoint = "DD_EXTERNAL_METRICS_PROVIDER_ENDPOINT" - DDExternalMetricsProviderEnabled = "DD_EXTERNAL_METRICS_PROVIDER_ENABLED" - DDExternalMetricsProviderPort = "DD_EXTERNAL_METRICS_PROVIDER_PORT" - DDExternalMetricsProviderUseDatadogMetric = "DD_EXTERNAL_METRICS_PROVIDER_USE_DATADOGMETRIC_CRD" - DDExternalMetricsProviderWPAController = "DD_EXTERNAL_METRICS_PROVIDER_WPA_CONTROLLER" - DDAutoscalingWorkloadEnabled = "DD_AUTOSCALING_WORKLOAD_ENABLED" - DDExtraConfigProviders = "DD_EXTRA_CONFIG_PROVIDERS" - DDExtraListeners = "DD_EXTRA_LISTENERS" - DDFIPSEnabled = "DD_FIPS_ENABLED" - DDFIPSPortRangeStart = "DD_FIPS_PORT_RANGE_START" - DDFIPSUseHTTPS = "DD_FIPS_HTTPS" - DDFIPSLocalAddress = "DD_FIPS_LOCAL_ADDRESS" - DDHealthPort = "DD_HEALTH_PORT" - DDHostname = "DD_HOSTNAME" - DDHostRootEnvVar = "HOST_ROOT" - DDIgnoreAutoConf = "DD_IGNORE_AUTOCONF" - DDKubeletCAPath = "DD_KUBELET_CLIENT_CA" - DDKubeletHost = "DD_KUBERNETES_KUBELET_HOST" - DDKubeletTLSVerify = "DD_KUBELET_TLS_VERIFY" - DDKubeResourcesNamespace = "DD_KUBE_RESOURCES_NAMESPACE" - DDKubeStateMetricsCoreConfigMap = "DD_KUBE_STATE_METRICS_CORE_CONFIGMAP_NAME" - DDKubeStateMetricsCoreEnabled = "DD_KUBE_STATE_METRICS_CORE_ENABLED" - DDLanguageDetectionEnabled = "DD_LANGUAGE_DETECTION_ENABLED" - DDLeaderElection = "DD_LEADER_ELECTION" - DDLeaderLeaseName = "DD_LEADER_LEASE_NAME" - DDLogLevel = "DD_LOG_LEVEL" - DDLogsConfigContainerCollectAll = "DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL" - DDLogsConfigOpenFilesLimit = "DD_LOGS_CONFIG_OPEN_FILES_LIMIT" - DDLogsContainerCollectUsingFiles = "DD_LOGS_CONFIG_K8S_CONTAINER_USE_FILE" - DDLogsEnabled = "DD_LOGS_ENABLED" - DDNamespaceLabelsAsTags = "DD_KUBERNETES_NAMESPACE_LABELS_AS_TAGS" - DDNamespaceAnnotationsAsTags = "DD_KUBERNETES_NAMESPACE_ANNOTATIONS_AS_TAGS" - DDNodeLabelsAsTags = "DD_KUBERNETES_NODE_LABELS_AS_TAGS" - DDKubernetesResourcesLabelsAsTags = "DD_KUBERNETES_RESOURCES_LABELS_AS_TAGS" - DDKubernetesResourcesAnnotationsAsTags = "DD_KUBERNETES_RESOURCES_ANNOTATIONS_AS_TAGS" - DDOrchestratorExplorerEnabled = "DD_ORCHESTRATOR_EXPLORER_ENABLED" - DDOrchestratorExplorerExtraTags = "DD_ORCHESTRATOR_EXPLORER_EXTRA_TAGS" - DDOrchestratorExplorerDDUrl = "DD_ORCHESTRATOR_EXPLORER_ORCHESTRATOR_DD_URL" - DDOrchestratorExplorerAdditionalEndpoints = "DD_ORCHESTRATOR_ADDITIONAL_ENDPOINTS" - DDOrchestratorExplorerContainerScrubbingEnabled = "DD_ORCHESTRATOR_EXPLORER_CONTAINER_SCRUBBING_ENABLED" - DDOriginDetectionUnified = "DD_ORIGIN_DETECTION_UNIFIED" - DDPodAnnotationsAsTags = "DD_KUBERNETES_POD_ANNOTATIONS_AS_TAGS" - DDPodLabelsAsTags = "DD_KUBERNETES_POD_LABELS_AS_TAGS" - DDPodName = "DD_POD_NAME" - DDPPMReceiverSocket = "DD_APM_RECEIVER_SOCKET" - DDProcessCollectionEnabled = "DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED" - DDProcessConfigScrubArgs = "DD_PROCESS_CONFIG_SCRUB_ARGS" - DDProcessConfigStripArgs = "DD_PROCESS_CONFIG_STRIP_PROC_ARGUMENTS" - DDProcessDiscoveryEnabled = "DD_PROCESS_CONFIG_PROCESS_DISCOVERY_ENABLED" - DDProcessConfigRunInCoreAgent = "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED" - DDPrometheusScrapeChecks = "DD_PROMETHEUS_SCRAPE_CHECKS" - DDPrometheusScrapeEnabled = "DD_PROMETHEUS_SCRAPE_ENABLED" - DDPrometheusScrapeServiceEndpoints = "DD_PROMETHEUS_SCRAPE_SERVICE_ENDPOINTS" - DDPrometheusScrapeVersion = "DD_PROMETHEUS_SCRAPE_VERSION" - DDRemoteConfigurationEnabled = "DD_REMOTE_CONFIGURATION_ENABLED" - DDRuntimeSecurityConfigEnabled = "DD_RUNTIME_SECURITY_CONFIG_ENABLED" - DDRuntimeSecurityConfigPoliciesDir = "DD_RUNTIME_SECURITY_CONFIG_POLICIES_DIR" - DDRuntimeSecurityConfigRemoteTaggerEnabled = "DD_RUNTIME_SECURITY_CONFIG_REMOTE_TAGGER" - DDRuntimeSecurityConfigSocket = "DD_RUNTIME_SECURITY_CONFIG_SOCKET" - DDRuntimeSecurityConfigSyscallMonitorEnabled = "DD_RUNTIME_SECURITY_CONFIG_SYSCALL_MONITOR_ENABLED" - DDRuntimeSecurityConfigNetworkEnabled = "DD_RUNTIME_SECURITY_CONFIG_NETWORK_ENABLED" - DDRuntimeSecurityConfigActivityDumpEnabled = "DD_RUNTIME_SECURITY_CONFIG_ACTIVITY_DUMP_ENABLED" - DDRuntimeSecurityConfigRemoteConfigurationEnabled = "DD_RUNTIME_SECURITY_CONFIG_REMOTE_CONFIGURATION_ENABLED" - DDContainerImageEnabled = "DD_CONTAINER_IMAGE_ENABLED" - DDSBOMEnabled = "DD_SBOM_ENABLED" - DDSBOMContainerImageEnabled = "DD_SBOM_CONTAINER_IMAGE_ENABLED" - DDSBOMContainerImageAnalyzers = "DD_SBOM_CONTAINER_IMAGE_ANALYZERS" - DDSBOMContainerUseMount = "DD_SBOM_CONTAINER_IMAGE_USE_MOUNT" - DDSBOMContainerOverlayFSDirectScan = "DD_SBOM_CONTAINER_IMAGE_OVERLAYFS_DIRECT_SCAN" - DDSBOMHostEnabled = "DD_SBOM_HOST_ENABLED" - DDSBOMHostAnalyzers = "DD_SBOM_HOST_ANALYZERS" - DDSecretBackendCommand = "DD_SECRET_BACKEND_COMMAND" - DDSecretBackendArguments = "DD_SECRET_BACKEND_ARGUMENTS" - DDSecretBackendTimeout = "DD_SECRET_BACKEND_TIMEOUT" - DDServiceDiscoveryEnabled = "DD_DISCOVERY_ENABLED" - DDSite = "DD_SITE" - DDSystemProbeAgentEnabled = "DD_SYSTEM_PROBE_ENABLED" - DDSystemProbeBPFDebugEnabled = DDSystemProbeEnvPrefix + "BPF_DEBUG" - DDSystemProbeCollectDNSStatsEnabled = "DD_COLLECT_DNS_STATS" - DDSystemProbeConntrackEnabled = DDSystemProbeEnvPrefix + "ENABLE_CONNTRACK" - DDSystemProbeDebugPort = DDSystemProbeEnvPrefix + "DEBUG_PORT" - DDSystemProbeEnabled = "DD_SYSTEM_PROBE_ENABLED" - DDSystemProbeEnvPrefix = "DD_SYSTEM_PROBE_CONFIG_" - DDSystemProbeExternal = "DD_SYSTEM_PROBE_EXTERNAL" - DDSystemProbeNPMEnabled = "DD_SYSTEM_PROBE_NETWORK_ENABLED" - DDSystemProbeServiceMonitoringEnabled = "DD_SYSTEM_PROBE_SERVICE_MONITORING_ENABLED" - DDSystemProbeSocket = "DD_SYSPROBE_SOCKET" - DDSystemProbeOOMKillEnabled = DDSystemProbeEnvPrefix + "ENABLE_OOM_KILL" - DDSystemProbeTCPQueueLengthEnabled = DDSystemProbeEnvPrefix + "ENABLE_TCP_QUEUE_LENGTH" - DDTags = "DD_TAGS" - DockerHost = "DOCKER_HOST" - - DDOTLPgRPCEndpoint = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" - DDOTLPHTTPEndpoint = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" - - // KubernetesEnvvarName Env var used by the Datadog Agent container entrypoint - // to add kubelet config provider and listener - KubernetesEnvVar = "KUBERNETES" - - ClusterChecksConfigProvider = "clusterchecks" - - EnvVarTrueValue = "true" - EnvVarFalseValue = "false" - - // InstallInfoToolVersion is used by the Operator to override the tool - // version value in the Agent's install info - InstallInfoToolVersion = "DD_TOOL_VERSION" -) - // DatadogAgentProfile env var names const ( CreateStrategyEnabled = "DD_DAP_CREATE_STRATEGY_ENABLED" diff --git a/api/datadoghq/v1alpha1/datadogagent_types.go b/api/datadoghq/v1alpha1/datadogagent_types.go deleted file mode 100644 index 05228b7e4..000000000 --- a/api/datadoghq/v1alpha1/datadogagent_types.go +++ /dev/null @@ -1,18 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package v1alpha1 - -// TODO move these to a different file - -// DatadogAgentConditionType type use to represent a DatadogAgent condition. -type DatadogAgentConditionType string - -const ( - // DatadogMetricsActive forwarding metrics and events to Datadog is active. - DatadogMetricsActive DatadogAgentConditionType = "ActiveDatadogMetrics" - // DatadogMetricsError cannot forward deployment metrics and events to Datadog. - DatadogMetricsError DatadogAgentConditionType = "DatadogMetricsError" -) diff --git a/api/datadoghq/v1alpha1/datadogagentprofile_types.go b/api/datadoghq/v1alpha1/datadogagentprofile_types.go index 2413d2e85..74534e950 100644 --- a/api/datadoghq/v1alpha1/datadogagentprofile_types.go +++ b/api/datadoghq/v1alpha1/datadogagentprofile_types.go @@ -54,6 +54,12 @@ type Override struct { // +optional PriorityClassName *string `json:"priorityClassName,omitempty"` + // If specified, indicates the pod's RuntimeClass kubelet should use to run the pod. + // If the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase. + // If no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled. + // +optional + RuntimeClassName *string `json:"runtimeClassName,omitempty"` + // The deployment strategy to use to replace existing pods with new ones. // Valid types are `RollingUpdate` or `OnDelete` for DaemonSets // +optional diff --git a/api/datadoghq/v1alpha1/datadogpodautoscaler_types.go b/api/datadoghq/v1alpha1/datadogpodautoscaler_types.go index 4500d4eed..b442ccd7c 100644 --- a/api/datadoghq/v1alpha1/datadogpodautoscaler_types.go +++ b/api/datadoghq/v1alpha1/datadogpodautoscaler_types.go @@ -191,6 +191,13 @@ type DatadogPodAutoscalerScalingPolicy struct { // +listType=atomic // +optional Rules []DatadogPodAutoscalerScalingRule `json:"rules,omitempty"` + + // StabilizationWindowSeconds is the number of seconds the controller should lookback at previous recommendations + // before deciding to apply a new one. Defaults to 0. + // +optional + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=1800 + StabilizationWindowSeconds int32 `json:"stabilizationWindowSeconds,omitempty"` } // DatadogPodAutoscalerScalingRuleType defines how scaling rule value should be interpreted. diff --git a/api/datadoghq/v1alpha1/zz_generated.deepcopy.go b/api/datadoghq/v1alpha1/zz_generated.deepcopy.go index 490cdf21b..ed91413b6 100644 --- a/api/datadoghq/v1alpha1/zz_generated.deepcopy.go +++ b/api/datadoghq/v1alpha1/zz_generated.deepcopy.go @@ -1696,6 +1696,11 @@ func (in *Override) DeepCopyInto(out *Override) { *out = new(string) **out = **in } + if in.RuntimeClassName != nil { + in, out := &in.RuntimeClassName, &out.RuntimeClassName + *out = new(string) + **out = **in + } if in.UpdateStrategy != nil { in, out := &in.UpdateStrategy, &out.UpdateStrategy *out = new(common.UpdateStrategy) diff --git a/api/datadoghq/v2alpha1/condition.go b/api/datadoghq/v2alpha1/condition.go index e86322476..d2a69cabf 100644 --- a/api/datadoghq/v2alpha1/condition.go +++ b/api/datadoghq/v2alpha1/condition.go @@ -1,10 +1,13 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + package v2alpha1 import ( "fmt" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" - appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -124,7 +127,7 @@ func UpdateDeploymentStatus(dep *appsv1.Deployment, depStatus *DeploymentStatus, return depStatus } - if hash, ok := dep.Annotations[apicommon.MD5AgentDeploymentAnnotationKey]; ok { + if hash, ok := dep.Annotations[MD5AgentDeploymentAnnotationKey]; ok { depStatus.CurrentHash = hash } if updateTime != nil { @@ -186,7 +189,7 @@ func UpdateDaemonSetStatus(ds *appsv1.DaemonSet, dsStatus []*DaemonSetStatus, up if updateTime != nil { newStatus.LastUpdate = updateTime } - if hash, ok := ds.Annotations[apicommon.MD5AgentDeploymentAnnotationKey]; ok { + if hash, ok := ds.Annotations[MD5AgentDeploymentAnnotationKey]; ok { newStatus.CurrentHash = hash } @@ -236,7 +239,7 @@ func UpdateExtendedDaemonSetStatus(eds *edsdatadoghqv1alpha1.ExtendedDaemonSet, if updateTime != nil { newStatus.LastUpdate = updateTime } - if hash, ok := eds.Annotations[apicommon.MD5AgentDeploymentAnnotationKey]; ok { + if hash, ok := eds.Annotations[MD5AgentDeploymentAnnotationKey]; ok { newStatus.CurrentHash = hash } @@ -325,3 +328,13 @@ func assignNumeralState(state string) int { return 0 } } + +// DatadogForwarderConditionType type use to represent a Datadog Metrics Forwarder condition. +type DatadogForwarderConditionType string + +const ( + // DatadogMetricsActive forwarding metrics and events to Datadog is active. + DatadogMetricsActive DatadogForwarderConditionType = "ActiveDatadogMetrics" + // DatadogMetricsError cannot forward deployment metrics and events to Datadog. + DatadogMetricsError DatadogForwarderConditionType = "DatadogMetricsError" +) diff --git a/api/datadoghq/v2alpha1/condition_test.go b/api/datadoghq/v2alpha1/condition_test.go index ac63f0cd1..d24ffd98d 100644 --- a/api/datadoghq/v2alpha1/condition_test.go +++ b/api/datadoghq/v2alpha1/condition_test.go @@ -1,3 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + package v2alpha1 import ( diff --git a/api/datadoghq/v2alpha1/const.go b/api/datadoghq/v2alpha1/const.go index 3c26823cb..ef52fb674 100644 --- a/api/datadoghq/v2alpha1/const.go +++ b/api/datadoghq/v2alpha1/const.go @@ -5,10 +5,9 @@ package v2alpha1 -// This file tracks constants closely related to the DatadogAgent CRD +// This file tracks constants related to the DatadogAgent CRD const ( - // ClusterAgentReconcileConditionType ReconcileConditionType for Cluster Agent component ClusterAgentReconcileConditionType = "ClusterAgentReconcile" // AgentReconcileConditionType ReconcileConditionType for Agent component @@ -25,59 +24,6 @@ const ( // ExtraChecksdConfigMapName is the name of the ConfigMap storing Custom Checksd data ExtraChecksdConfigMapName = "%s-extra-checksd" - // DefaultAgentHealthPort default agent health port - DefaultAgentHealthPort int32 = 5555 - - // Liveness probe default config - DefaultLivenessProbeInitialDelaySeconds int32 = 15 - DefaultLivenessProbePeriodSeconds int32 = 15 - DefaultLivenessProbeTimeoutSeconds int32 = 5 - DefaultLivenessProbeSuccessThreshold int32 = 1 - DefaultLivenessProbeFailureThreshold int32 = 6 - DefaultLivenessProbeHTTPPath = "/live" - - // Readiness probe default config - DefaultReadinessProbeInitialDelaySeconds int32 = 15 - DefaultReadinessProbePeriodSeconds int32 = 15 - DefaultReadinessProbeTimeoutSeconds int32 = 5 - DefaultReadinessProbeSuccessThreshold int32 = 1 - DefaultReadinessProbeFailureThreshold int32 = 6 - DefaultReadinessProbeHTTPPath = "/ready" - - // Startup probe default config - DefaultStartupProbeInitialDelaySeconds int32 = 15 - DefaultStartupProbePeriodSeconds int32 = 15 - DefaultStartupProbeTimeoutSeconds int32 = 5 - DefaultStartupProbeSuccessThreshold int32 = 1 - DefaultStartupProbeFailureThreshold int32 = 6 - DefaultStartupProbeHTTPPath = "/startup" - - // Agent Data plane default liveness/readiness probe configs - DefaultADPLivenessProbeInitialDelaySeconds int32 = 5 - DefaultADPLivenessProbePeriodSeconds int32 = 5 - DefaultADPLivenessProbeTimeoutSeconds int32 = 5 - DefaultADPLivenessProbeSuccessThreshold int32 = 1 - DefaultADPLivenessProbeFailureThreshold int32 = 12 - - DefaultADPReadinessProbeInitialDelaySeconds int32 = 5 - DefaultADPReadinessProbePeriodSeconds int32 = 5 - DefaultADPReadinessProbeTimeoutSeconds int32 = 5 - DefaultADPReadinessProbeSuccessThreshold int32 = 1 - DefaultADPReadinessProbeFailureThreshold int32 = 12 - - DefaultADPHealthPort = 5100 - - // DefaultApmPort default apm port - DefaultApmPort = 8126 - // DefaultApmPortName default apm port name - DefaultApmPortName = "traceport" - - // DefaultAgentResourceSuffix use as suffix for agent resource naming - DefaultAgentResourceSuffix = "agent" - // DefaultClusterAgentResourceSuffix use as suffix for cluster-agent resource naming - DefaultClusterAgentResourceSuffix = "cluster-agent" - // DefaultClusterChecksRunnerResourceSuffix use as suffix for cluster-checks-runner resource naming - DefaultClusterChecksRunnerResourceSuffix = "cluster-checks-runner" // DefaultMetricsServerResourceSuffix use as suffix for cluster-agent metrics-server resource naming DefaultMetricsServerResourceSuffix = "cluster-agent-metrics-server" // DefaultAPPKeyKey default app-key key (use in secret for instance). @@ -98,12 +44,12 @@ const ( DefaultAdmissionControllerTargetPort = 8000 // DefaultAdmissionControllerWebhookName default admission controller webhook name DefaultAdmissionControllerWebhookName string = "datadog-webhook" - // DefaultDogstatsdOriginDetection default Origin Detection - // DefaultDogstatsdOriginDetection = "false" // CELENE NOT USED! // DefaultDogstatsdPort default dogstatsd port DefaultDogstatsdPort = 8125 // DefaultDogstatsdPortName default dogstatsd port name DefaultDogstatsdPortName = "dogstatsdport" + // DefaultOTelAgentConf default otel agent ConfigMap name + DefaultOTelAgentConf string = "otel-agent-config" // DefaultKubeStateMetricsCoreConf default ksm core ConfigMap name DefaultKubeStateMetricsCoreConf string = "kube-state-metrics-core-config" // DefaultOrchestratorExplorerConf default orchestrator explorer ConfigMap name @@ -133,3 +79,141 @@ const ( EndpointsChecksConfigProvider = "endpointschecks" ClusterAndEndpointsConfigProviders = "clusterchecks endpointschecks" ) + +// Labels +const ( + // MD5AgentDeploymentProviderLabelKey label key is used to identify which provider is being used + MD5AgentDeploymentProviderLabelKey = "agent.datadoghq.com/provider" + // MD5AgentDeploymentAnnotationKey annotation key used on a Resource in order to identify which AgentDeployment have been used to generate it. + MD5AgentDeploymentAnnotationKey = "agent.datadoghq.com/agentspechash" + // MD5ChecksumAnnotationKey annotation key is used to identify customConfig configurations + MD5ChecksumAnnotationKey = "checksum/%s-custom-config" +) + +// Annotations +const ( + AppArmorAnnotationKey = "container.apparmor.security.beta.kubernetes.io" + + SystemProbeAppArmorAnnotationKey = "container.apparmor.security.beta.kubernetes.io/system-probe" + SystemProbeAppArmorAnnotationValue = "unconfined" + + AgentAppArmorAnnotationKey = "container.apparmor.security.beta.kubernetes.io/agent" + AgentAppArmorAnnotationValue = "unconfined" +) + +// Volumes and paths +const ( + ConfdVolumeName = "confd" + ConfdVolumePath = "/conf.d" + ConfigVolumeName = "config" + ConfigVolumePath = "/etc/datadog-agent" + ChecksdVolumeName = "checksd" + ChecksdVolumePath = "/checks.d" + + HostRootVolumeName = "hostroot" + HostRootHostPath = "/" + HostRootMountPath = "/host/root" + + GroupVolumeName = "group" + GroupHostPath = "/etc/group" + GroupMountPath = "/etc/group" + + PasswdVolumeName = "passwd" + PasswdHostPath = "/etc/passwd" + PasswdMountPath = "/etc/passwd" + + ProcdirVolumeName = "procdir" + ProcdirHostPath = "/proc" + ProcdirMountPath = "/host/proc" + + CgroupsVolumeName = "cgroups" + CgroupsHostPath = "/sys/fs/cgroup" + CgroupsMountPath = "/host/sys/fs/cgroup" + + SystemProbeOSReleaseDirVolumeName = "host-osrelease" + SystemProbeOSReleaseDirVolumePath = "/etc/os-release" + SystemProbeOSReleaseDirMountPath = "/host/etc/os-release" + + SystemProbeSocketVolumeName = "sysprobe-socket-dir" + SystemProbeSocketVolumePath = "/var/run/sysprobe" + + DebugfsVolumeName = "debugfs" + // same path on host and container + DebugfsPath = "/sys/kernel/debug" + + ModulesVolumeName = "modules" + // same path on host and container + ModulesVolumePath = "/lib/modules" + + SrcVolumeName = "src" + // same path on host and container + SrcVolumePath = "/usr/src" + + AgentCustomConfigVolumePath = "/etc/datadog-agent/datadog.yaml" + SystemProbeConfigVolumePath = "/etc/datadog-agent/system-probe.yaml" + OtelCustomConfigVolumePath = "/etc/datadog-agent/otel-config.yaml" + + LogDatadogVolumeName = "logdatadog" + LogDatadogVolumePath = "/var/log/datadog" + DefaultLogTempStoragePath = "/var/lib/datadog-agent/logs" + TmpVolumeName = "tmp" + TmpVolumePath = "/tmp" + CertificatesVolumeName = "certificates" + CertificatesVolumePath = "/etc/datadog-agent/certificates" + AuthVolumeName = "datadog-agent-auth" + AuthVolumePath = "/etc/datadog-agent/auth" + InstallInfoVolumeName = "installinfo" + InstallInfoVolumeSubPath = "install_info" + InstallInfoVolumePath = "/etc/datadog-agent/install_info" + InstallInfoVolumeReadOnly = true + + DogstatsdHostPortName = "dogstatsdport" + DogstatsdHostPortHostPort = 8125 + DogstatsdSocketVolumeName = "dsdsocket" + DogstatsdAPMSocketHostPath = "/var/run/datadog" + DogstatsdSocketLocalPath = "/var/run/datadog" + DogstatsdSocketName = "dsd.socket" + + HostCriSocketPathPrefix = "/host" + CriSocketVolumeName = "runtimesocketdir" + RuntimeDirVolumePath = "/var/run" + + KubeletAgentCAPath = "/var/run/host-kubelet-ca.crt" + KubeletCAVolumeName = "kubelet-ca" + + APMSocketName = "apm.socket" + + ExternalMetricsAPIServiceName = "v1beta1.external.metrics.k8s.io" + + SeccompSecurityVolumeName = "datadog-agent-security" + SeccompSecurityVolumePath = "/etc/config" + SeccompRootVolumeName = "seccomp-root" + SeccompRootVolumePath = "/host/var/lib/kubelet/seccomp" + SeccompRootPath = "/var/lib/kubelet/seccomp" + SystemProbeSeccompKey = "system-probe-seccomp.json" + SystemProbeAgentSecurityConfigMapSuffixName = "system-probe-seccomp" + SystemProbeSeccompProfileName = "system-probe" + + AgentCustomConfigVolumeName = "custom-datadog-yaml" + ClusterAgentCustomConfigVolumeName = "custom-cluster-agent-yaml" + + FIPSProxyCustomConfigVolumeName = "fips-proxy-cfg" + FIPSProxyCustomConfigFileName = "datadog-fips-proxy.cfg" + FIPSProxyCustomConfigMapName = "%s-fips-config" + FIPSProxyCustomConfigMountPath = "/etc/datadog-fips-proxy/datadog-fips-proxy.cfg" +) + +// Field paths +const ( + // FieldPathSpecNodeName used as FieldPath for selecting the NodeName + FieldPathSpecNodeName = "spec.nodeName" + + // FieldPathStatusHostIP used as FieldPath to retrieve the host ip + FieldPathStatusHostIP = "status.hostIP" + + // FieldPathStatusPodIP used as FieldPath to retrieve the pod ip + FieldPathStatusPodIP = "status.podIP" + + // FieldPathMetaName used as FieldPath to retrieve the pod name + FieldPathMetaName = "metadata.name" +) diff --git a/api/datadoghq/v2alpha1/datadogagent_types.go b/api/datadoghq/v2alpha1/datadogagent_types.go index 1c1187105..5a0a39a51 100644 --- a/api/datadoghq/v2alpha1/datadogagent_types.go +++ b/api/datadoghq/v2alpha1/datadogagent_types.go @@ -44,6 +44,8 @@ type DatadogAgentSpec struct { type DatadogFeatures struct { // Application-level features + // OtelCollector configuration. + OtelCollector *OtelCollectorFeatureConfig `json:"otelCollector,omitempty"` // LogCollection configuration. LogCollection *LogCollectionFeatureConfig `json:"logCollection,omitempty"` // LiveProcessCollection configuration. @@ -682,6 +684,51 @@ type KubeStateMetricsCoreFeatureConfig struct { Conf *CustomConfig `json:"conf,omitempty"` } +// OtelCollectorFeatureConfig contains the configuration for the otel-agent. +// +k8s:openapi-gen=true +type OtelCollectorFeatureConfig struct { + // Enabled enables the OTel Agent. + // Default: true + // +optional + Enabled *bool `json:"enabled,omitempty"` + + // Conf overrides the configuration for the default Kubernetes State Metrics Core check. + // This must point to a ConfigMap containing a valid cluster check configuration. + // When passing a configmap, file name *must* be otel-config.yaml. + // +optional + Conf *CustomConfig `json:"conf,omitempty"` + + // Ports contains the ports for the otel-agent. + // Defaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317 + // or 4318 manually is *only* supported if name match default names (otel-grpc, otel-http). + // If not, this will lead to a port conflict. + // This limitation will be lifted once annotations support is removed. + // +optional + Ports []*corev1.ContainerPort `json:"ports,omitempty"` + + // OTelCollector Config Relevant to the Core agent + // +optional + CoreConfig *CoreConfig `json:"coreConfig,omitempty"` +} + +// CoreConfig exposes the otel collector configs relevant to the core agent. +// +k8s:openapi-gen=true +type CoreConfig struct { + // Enabled marks otelcollector as enabled in core agent. + // +optional + Enabled *bool `json:"enabled,omitempty"` + + // +optional + // Extension URL provides the URL of the ddflareextension to + // the core agent. + ExtensionURL *string `json:"extension_url,omitempty"` + + // +optional + // Extension URL provides the timout of the ddflareextension to + // the core agent. + ExtensionTimeout *int `json:"extension_timeout,omitempty"` +} + // AdmissionControllerFeatureConfig contains the Admission Controller feature configuration. // The Admission Controller runs in the Cluster Agent. type AdmissionControllerFeatureConfig struct { @@ -729,6 +776,10 @@ type AdmissionControllerFeatureConfig struct { // +optional Registry *string `json:"registry,omitempty"` + // KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration. + // +optional + KubernetesAdmissionEvents *KubernetesAdmissionEventsConfig `json:"kubernetesAdmissionEvents,omitempty"` + // CWSInstrumentation holds the CWS Instrumentation endpoint configuration // +optional CWSInstrumentation *CWSInstrumentationConfig `json:"cwsInstrumentation,omitempty"` @@ -809,6 +860,13 @@ type Profile struct { ResourceRequirements *corev1.ResourceRequirements `json:"resources,omitempty"` } +type KubernetesAdmissionEventsConfig struct { + // Enable the Kubernetes Admission Events feature. + // Default: false + // +optional + Enabled *bool `json:"enabled,omitempty"` +} + // CWSInstrumentationConfig contains the configuration of the CWS Instrumentation admission controller endpoint. type CWSInstrumentationConfig struct { // Enable the CWS Instrumentation admission controller endpoint. @@ -1539,6 +1597,12 @@ type DatadogAgentComponentOverride struct { // the pod priority is default, or zero if there is no default. PriorityClassName *string `json:"priorityClassName,omitempty"` + // If specified, indicates the pod's RuntimeClass kubelet should use to run the pod. + // If the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase. + // If no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled. + // +optional + RuntimeClassName *string `json:"runtimeClassName,omitempty"` + // If specified, the pod's scheduling constraints. // +optional Affinity *corev1.Affinity `json:"affinity,omitempty"` diff --git a/api/datadoghq/v2alpha1/envvar.go b/api/datadoghq/v2alpha1/envvar.go new file mode 100644 index 000000000..dee11f317 --- /dev/null +++ b/api/datadoghq/v2alpha1/envvar.go @@ -0,0 +1,74 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package v2alpha1 + +const ( + DDAPIKey = "DD_API_KEY" + DDAppKey = "DD_APP_KEY" + DDddURL = "DD_DD_URL" + DDURL = "DD_URL" + DDSite = "DD_SITE" + DDLogLevel = "DD_LOG_LEVEL" + DDClusterName = "DD_CLUSTER_NAME" + + DDAPMEnabled = "DD_APM_ENABLED" + DDAPMInstrumentationInstallTime = "DD_INSTRUMENTATION_INSTALL_TIME" + DDAPMInstrumentationInstallId = "DD_INSTRUMENTATION_INSTALL_ID" + DDAPMInstrumentationInstallType = "DD_INSTRUMENTATION_INSTALL_TYPE" + DDAuthTokenFilePath = "DD_AUTH_TOKEN_FILE_PATH" + DDChecksTagCardinality = "DD_CHECKS_TAG_CARDINALITY" + DDClcRunnerEnabled = "DD_CLC_RUNNER_ENABLED" + DDClcRunnerHost = "DD_CLC_RUNNER_HOST" + DDClcRunnerID = "DD_CLC_RUNNER_ID" + DDClusterAgentEnabled = "DD_CLUSTER_AGENT_ENABLED" + DDClusterAgentKubeServiceName = "DD_CLUSTER_AGENT_KUBERNETES_SERVICE_NAME" + DDClusterAgentTokenName = "DD_CLUSTER_AGENT_TOKEN_NAME" + DDContainerCollectionEnabled = "DD_PROCESS_CONFIG_CONTAINER_COLLECTION_ENABLED" + DDContainerImageEnabled = "DD_CONTAINER_IMAGE_ENABLED" + DDCriSocketPath = "DD_CRI_SOCKET_PATH" + DDDogstatsdEnabled = "DD_USE_DOGSTATSD" + DDEnableMetadataCollection = "DD_ENABLE_METADATA_COLLECTION" + DDFIPSEnabled = "DD_FIPS_ENABLED" + DDFIPSPortRangeStart = "DD_FIPS_PORT_RANGE_START" + DDFIPSUseHTTPS = "DD_FIPS_HTTPS" + DDFIPSLocalAddress = "DD_FIPS_LOCAL_ADDRESS" + DDHealthPort = "DD_HEALTH_PORT" + DDHostname = "DD_HOSTNAME" + DDHostRootEnvVar = "HOST_ROOT" + DDKubeletCAPath = "DD_KUBELET_CLIENT_CA" + DDKubeletHost = "DD_KUBERNETES_KUBELET_HOST" + DDKubeletTLSVerify = "DD_KUBELET_TLS_VERIFY" + DDKubeResourcesNamespace = "DD_KUBE_RESOURCES_NAMESPACE" + DDKubernetesResourcesLabelsAsTags = "DD_KUBERNETES_RESOURCES_LABELS_AS_TAGS" + DDKubernetesResourcesAnnotationsAsTags = "DD_KUBERNETES_RESOURCES_ANNOTATIONS_AS_TAGS" + DDLeaderElection = "DD_LEADER_ELECTION" + DDLogsEnabled = "DD_LOGS_ENABLED" + DDNamespaceLabelsAsTags = "DD_KUBERNETES_NAMESPACE_LABELS_AS_TAGS" + DDNamespaceAnnotationsAsTags = "DD_KUBERNETES_NAMESPACE_ANNOTATIONS_AS_TAGS" + DDNodeLabelsAsTags = "DD_KUBERNETES_NODE_LABELS_AS_TAGS" + DDOriginDetectionUnified = "DD_ORIGIN_DETECTION_UNIFIED" + DDPodAnnotationsAsTags = "DD_KUBERNETES_POD_ANNOTATIONS_AS_TAGS" + DDPodLabelsAsTags = "DD_KUBERNETES_POD_LABELS_AS_TAGS" + DDPodName = "DD_POD_NAME" + DDProcessCollectionEnabled = "DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED" + DDProcessConfigRunInCoreAgent = "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED" + DDSecretBackendCommand = "DD_SECRET_BACKEND_COMMAND" + DDSecretBackendArguments = "DD_SECRET_BACKEND_ARGUMENTS" + DDSecretBackendTimeout = "DD_SECRET_BACKEND_TIMEOUT" + DDSystemProbeEnabled = "DD_SYSTEM_PROBE_ENABLED" + DDSystemProbeExternal = "DD_SYSTEM_PROBE_EXTERNAL" + DDSystemProbeSocket = "DD_SYSPROBE_SOCKET" + DDTags = "DD_TAGS" + // otelcollector core agent configs + DDOtelCollectorCoreConfigEnabled = "DD_OTELCOLLECTOR_ENABLED" + DDOtelCollectorCoreConfigExtensionURL = "DD_OTELCOLLECTOR_EXTENSION_URL" + DDOtelCollectorCoreConfigExtensionTimeout = "DD_OTELCOLLECTOR_EXTENSION_TIMEOUT" + + DockerHost = "DOCKER_HOST" + // KubernetesEnvvarName Env var used by the Datadog Agent container entrypoint + // to add kubelet config provider and listener + KubernetesEnvVar = "KUBERNETES" +) diff --git a/api/datadoghq/v2alpha1/zz_generated.deepcopy.go b/api/datadoghq/v2alpha1/zz_generated.deepcopy.go index 2e038d625..a36ac9778 100644 --- a/api/datadoghq/v2alpha1/zz_generated.deepcopy.go +++ b/api/datadoghq/v2alpha1/zz_generated.deepcopy.go @@ -194,6 +194,11 @@ func (in *AdmissionControllerFeatureConfig) DeepCopyInto(out *AdmissionControlle *out = new(string) **out = **in } + if in.KubernetesAdmissionEvents != nil { + in, out := &in.KubernetesAdmissionEvents, &out.KubernetesAdmissionEvents + *out = new(KubernetesAdmissionEventsConfig) + (*in).DeepCopyInto(*out) + } if in.CWSInstrumentation != nil { in, out := &in.CWSInstrumentation, &out.CWSInstrumentation *out = new(CWSInstrumentationConfig) @@ -594,6 +599,36 @@ func (in *ConfigMapConfig) DeepCopy() *ConfigMapConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CoreConfig) DeepCopyInto(out *CoreConfig) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ExtensionURL != nil { + in, out := &in.ExtensionURL, &out.ExtensionURL + *out = new(string) + **out = **in + } + if in.ExtensionTimeout != nil { + in, out := &in.ExtensionTimeout, &out.ExtensionTimeout + *out = new(int) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CoreConfig. +func (in *CoreConfig) DeepCopy() *CoreConfig { + if in == nil { + return nil + } + out := new(CoreConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CustomConfig) DeepCopyInto(out *CustomConfig) { *out = *in @@ -769,6 +804,11 @@ func (in *DatadogAgentComponentOverride) DeepCopyInto(out *DatadogAgentComponent *out = new(string) **out = **in } + if in.RuntimeClassName != nil { + in, out := &in.RuntimeClassName, &out.RuntimeClassName + *out = new(string) + **out = **in + } if in.Affinity != nil { in, out := &in.Affinity, &out.Affinity *out = new(corev1.Affinity) @@ -1097,6 +1137,11 @@ func (in *DatadogCredentials) DeepCopy() *DatadogCredentials { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DatadogFeatures) DeepCopyInto(out *DatadogFeatures) { *out = *in + if in.OtelCollector != nil { + in, out := &in.OtelCollector, &out.OtelCollector + *out = new(OtelCollectorFeatureConfig) + (*in).DeepCopyInto(*out) + } if in.LogCollection != nil { in, out := &in.LogCollection, &out.LogCollection *out = new(LogCollectionFeatureConfig) @@ -1805,6 +1850,26 @@ func (in *KubeletConfig) DeepCopy() *KubeletConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesAdmissionEventsConfig) DeepCopyInto(out *KubernetesAdmissionEventsConfig) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesAdmissionEventsConfig. +func (in *KubernetesAdmissionEventsConfig) DeepCopy() *KubernetesAdmissionEventsConfig { + if in == nil { + return nil + } + out := new(KubernetesAdmissionEventsConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LanguageDetectionConfig) DeepCopyInto(out *LanguageDetectionConfig) { *out = *in @@ -2241,6 +2306,47 @@ func (in *OriginDetectionUnified) DeepCopy() *OriginDetectionUnified { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OtelCollectorFeatureConfig) DeepCopyInto(out *OtelCollectorFeatureConfig) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Conf != nil { + in, out := &in.Conf, &out.Conf + *out = new(CustomConfig) + (*in).DeepCopyInto(*out) + } + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]*corev1.ContainerPort, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(corev1.ContainerPort) + **out = **in + } + } + } + if in.CoreConfig != nil { + in, out := &in.CoreConfig, &out.CoreConfig + *out = new(CoreConfig) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OtelCollectorFeatureConfig. +func (in *OtelCollectorFeatureConfig) DeepCopy() *OtelCollectorFeatureConfig { + if in == nil { + return nil + } + out := new(OtelCollectorFeatureConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProcessDiscoveryFeatureConfig) DeepCopyInto(out *ProcessDiscoveryFeatureConfig) { *out = *in diff --git a/api/datadoghq/v2alpha1/zz_generated.openapi.go b/api/datadoghq/v2alpha1/zz_generated.openapi.go index 813a4d3b1..0568f4e9f 100644 --- a/api/datadoghq/v2alpha1/zz_generated.openapi.go +++ b/api/datadoghq/v2alpha1/zz_generated.openapi.go @@ -18,6 +18,7 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CSPMHostBenchmarksConfig": schema_datadog_operator_api_datadoghq_v2alpha1_CSPMHostBenchmarksConfig(ref), + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CoreConfig": schema_datadog_operator_api_datadoghq_v2alpha1_CoreConfig(ref), "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CustomConfig": schema_datadog_operator_api_datadoghq_v2alpha1_CustomConfig(ref), "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.DaemonSetStatus": schema_datadog_operator_api_datadoghq_v2alpha1_DaemonSetStatus(ref), "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.DatadogAgent": schema_datadog_operator_api_datadoghq_v2alpha1_DatadogAgent(ref), @@ -40,6 +41,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OTLPProtocolsConfig": schema_datadog_operator_api_datadoghq_v2alpha1_OTLPProtocolsConfig(ref), "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OTLPReceiverConfig": schema_datadog_operator_api_datadoghq_v2alpha1_OTLPReceiverConfig(ref), "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OrchestratorExplorerFeatureConfig": schema_datadog_operator_api_datadoghq_v2alpha1_OrchestratorExplorerFeatureConfig(ref), + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OtelCollectorFeatureConfig": schema_datadog_operator_api_datadoghq_v2alpha1_OtelCollectorFeatureConfig(ref), "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.PrometheusScrapeFeatureConfig": schema_datadog_operator_api_datadoghq_v2alpha1_PrometheusScrapeFeatureConfig(ref), "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.RemoteConfigConfiguration": schema_datadog_operator_api_datadoghq_v2alpha1_RemoteConfigConfiguration(ref), "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.SeccompConfig": schema_datadog_operator_api_datadoghq_v2alpha1_SeccompConfig(ref), @@ -69,6 +71,40 @@ func schema_datadog_operator_api_datadoghq_v2alpha1_CSPMHostBenchmarksConfig(ref } } +func schema_datadog_operator_api_datadoghq_v2alpha1_CoreConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "CoreConfig exposes the otel collector configs relevant to the core agent.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "enabled": { + SchemaProps: spec.SchemaProps{ + Description: "Enabled marks otelcollector as enabled in core agent.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "extension_url": { + SchemaProps: spec.SchemaProps{ + Description: "Extension URL provides the URL of the ddflareextension to the core agent.", + Type: []string{"string"}, + Format: "", + }, + }, + "extension_timeout": { + SchemaProps: spec.SchemaProps{ + Description: "Extension URL provides the timout of the ddflareextension to the core agent.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + } +} + func schema_datadog_operator_api_datadoghq_v2alpha1_CustomConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -525,6 +561,12 @@ func schema_datadog_operator_api_datadoghq_v2alpha1_DatadogFeatures(ref common.R Description: "DatadogFeatures are features running on the Agent and Cluster Agent.", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "otelCollector": { + SchemaProps: spec.SchemaProps{ + Description: "OtelCollector configuration.", + Ref: ref("github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OtelCollectorFeatureConfig"), + }, + }, "logCollection": { SchemaProps: spec.SchemaProps{ Description: "LogCollection configuration.", @@ -691,7 +733,7 @@ func schema_datadog_operator_api_datadoghq_v2alpha1_DatadogFeatures(ref common.R }, }, Dependencies: []string{ - "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.APMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ASMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.AdmissionControllerFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.AutoscalingFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CSPMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CWSFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ClusterChecksFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.DogstatsdFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.EBPFCheckFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.EventCollectionFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ExternalMetricsServerFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.HelmCheckFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.KubeStateMetricsCoreFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.LiveContainerCollectionFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.LiveProcessCollectionFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.LogCollectionFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.NPMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OOMKillFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OTLPFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OrchestratorExplorerFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ProcessDiscoveryFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.PrometheusScrapeFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.RemoteConfigurationFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.SBOMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ServiceDiscoveryFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.TCPQueueLengthFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.USMFeatureConfig"}, + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.APMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ASMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.AdmissionControllerFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.AutoscalingFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CSPMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CWSFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ClusterChecksFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.DogstatsdFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.EBPFCheckFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.EventCollectionFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ExternalMetricsServerFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.HelmCheckFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.KubeStateMetricsCoreFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.LiveContainerCollectionFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.LiveProcessCollectionFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.LogCollectionFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.NPMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OOMKillFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OTLPFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OrchestratorExplorerFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.OtelCollectorFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ProcessDiscoveryFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.PrometheusScrapeFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.RemoteConfigurationFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.SBOMFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.ServiceDiscoveryFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.TCPQueueLengthFeatureConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.USMFeatureConfig"}, } } @@ -1355,6 +1397,53 @@ func schema_datadog_operator_api_datadoghq_v2alpha1_OrchestratorExplorerFeatureC } } +func schema_datadog_operator_api_datadoghq_v2alpha1_OtelCollectorFeatureConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "OtelCollectorFeatureConfig contains the configuration for the otel-agent.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "enabled": { + SchemaProps: spec.SchemaProps{ + Description: "Enabled enables the OTel Agent. Default: true", + Type: []string{"boolean"}, + Format: "", + }, + }, + "conf": { + SchemaProps: spec.SchemaProps{ + Description: "Conf overrides the configuration for the default Kubernetes State Metrics Core check. This must point to a ConfigMap containing a valid cluster check configuration. When passing a configmap, file name *must* be otel-config.yaml.", + Ref: ref("github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CustomConfig"), + }, + }, + "ports": { + SchemaProps: spec.SchemaProps{ + Description: "Ports contains the ports for the otel-agent. Defaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317 or 4318 manually is *only* supported if name match default names (otel-grpc, otel-http). If not, this will lead to a port conflict. This limitation will be lifted once annotations support is removed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/api/core/v1.ContainerPort"), + }, + }, + }, + }, + }, + "coreConfig": { + SchemaProps: spec.SchemaProps{ + Description: "OTelCollector Config Relevant to the Core agent", + Ref: ref("github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CoreConfig"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CoreConfig", "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1.CustomConfig", "k8s.io/api/core/v1.ContainerPort"}, + } +} + func schema_datadog_operator_api_datadoghq_v2alpha1_PrometheusScrapeFeatureConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/bundle/manifests/datadog-operator.clusterserviceversion.yaml b/bundle/manifests/datadog-operator.clusterserviceversion.yaml index 193bb5445..22c49e068 100644 --- a/bundle/manifests/datadog-operator.clusterserviceversion.yaml +++ b/bundle/manifests/datadog-operator.clusterserviceversion.yaml @@ -183,12 +183,12 @@ metadata: ] capabilities: Full Lifecycle categories: Monitoring, Logging & Tracing - createdAt: "2024-11-08 16:22:29" + createdAt: "2024-12-20 08:37:18" description: Datadog provides a modern monitoring and analytics platform. Gather metrics, logs and traces for full observability of your Kubernetes cluster with Datadog Operator. operators.operatorframework.io/builder: operator-sdk-v1.34.1 operators.operatorframework.io/project_layout: go.kubebuilder.io/v4 repository: https://github.com/DataDog/datadog-operator - containerImage: gcr.io/datadoghq/operator:1.10.0 + containerImage: gcr.io/datadoghq/operator:1.11.1 support: Datadog, Inc. features.operators.openshift.io/disconnected: "true" features.operators.openshift.io/fips-compliant: "false" @@ -197,12 +197,12 @@ metadata: features.operators.openshift.io/token-auth-aws: "false" features.operators.openshift.io/token-auth-azure: "false" features.operators.openshift.io/token-auth-gcp: "false" - olm.skipRange: '>=1.7.0 <1.10.0' + olm.skipRange: '>=1.7.0 <1.11.1' labels: operatorframework.io/arch.amd64: supported operatorframework.io/arch.arm64: supported operatorframework.io/os.linux: supported - name: datadog-operator.v1.10.0 + name: datadog-operator.v1.11.1 namespace: placeholder spec: apiservicedefinitions: {} @@ -254,9 +254,6 @@ spec: - rules: - nonResourceURLs: - /metrics - verbs: - - get - - nonResourceURLs: - /metrics/slis verbs: - get @@ -264,26 +261,8 @@ spec: - "" resources: - componentstatuses - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - deployments + - namespaces verbs: - get - list @@ -291,19 +270,13 @@ spec: - apiGroups: - "" resources: + - configmaps - endpoints - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - events + - pods + - secrets + - serviceaccounts + - services verbs: - create - delete @@ -316,17 +289,13 @@ spec: - "" resources: - limitranges + - persistentvolumeclaims + - persistentvolumes + - replicationcontrollers + - resourcequotas verbs: - list - watch - - apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - list - - watch - apiGroups: - "" resources: @@ -340,102 +309,11 @@ spec: - "" resources: - nodes/metrics - verbs: - - get - - apiGroups: - - "" - resources: - nodes/proxy - verbs: - - get - - apiGroups: - - "" - resources: - nodes/spec - verbs: - - get - - apiGroups: - - "" - resources: - nodes/stats verbs: - get - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - list - - watch - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - list - - watch - - apiGroups: - - "" - resources: - - pods - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - replicationcontrollers - verbs: - - list - - watch - - apiGroups: - - "" - resources: - - resourcequotas - verbs: - - list - - watch - - apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - services - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - '*' resources: @@ -452,6 +330,7 @@ spec: - '*' - apiGroups: - apiextensions.k8s.io + - extensions resources: - customresourcedefinitions verbs: @@ -469,17 +348,6 @@ spec: - apps resources: - daemonsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps - resources: - deployments verbs: - create @@ -493,6 +361,7 @@ spec: - apps resources: - replicasets + - statefulsets verbs: - get - list @@ -504,14 +373,6 @@ spec: verbs: - list - watch - - apiGroups: - - apps - resources: - - statefulsets - verbs: - - get - - list - - watch - apiGroups: - apps - extensions @@ -529,30 +390,6 @@ spec: verbs: - create - get - - apiGroups: - - authorization.k8s.io - resources: - - clusterrolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - authorization.k8s.io - resources: - - clusterroles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - authorization.k8s.io resources: @@ -562,18 +399,18 @@ spec: - apiGroups: - authorization.k8s.io resources: - - rolebindings + - subjectaccessreviews verbs: - create - - delete - get - - list - - patch - - update - - watch - apiGroups: - authorization.k8s.io + - rbac.authorization.k8s.io + - roles.rbac.authorization.k8s.io resources: + - clusterrolebindings + - clusterroles + - rolebindings - roles verbs: - create @@ -583,13 +420,6 @@ spec: - patch - update - watch - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - - get - apiGroups: - autoscaling resources: @@ -608,13 +438,6 @@ spec: - batch resources: - cronjobs - verbs: - - get - - list - - watch - - apiGroups: - - batch - resources: - jobs verbs: - get @@ -655,70 +478,15 @@ spec: - datadoghq.com resources: - datadogagentprofiles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - datadoghq.com - resources: - datadogagentprofiles/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - datadoghq.com - resources: - - datadogagentprofiles/status - verbs: - - get - - patch - - update - - apiGroups: - - datadoghq.com - resources: - datadogagents - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - datadoghq.com - resources: - datadogagents/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - datadoghq.com - resources: - - datadogagents/status - verbs: - - get - - patch - - update - - apiGroups: - - datadoghq.com - resources: - datadogdashboards + - datadogmonitors + - datadogmonitors/finalizers + - datadogslos + - datadogslos/finalizers + - extendeddaemonsets verbs: - create - delete @@ -730,13 +498,11 @@ spec: - apiGroups: - datadoghq.com resources: - - datadogdashboards/finalizers - verbs: - - update - - apiGroups: - - datadoghq.com - resources: + - datadogagentprofiles/status + - datadogagents/status - datadogdashboards/status + - datadogmonitors/status + - datadogslos/status verbs: - get - patch @@ -744,112 +510,32 @@ spec: - apiGroups: - datadoghq.com resources: - - datadogmetrics - verbs: - - create - - delete - - list - - watch - - apiGroups: - - datadoghq.com - resources: + - datadogdashboards/finalizers - datadogmetrics/status verbs: - update - apiGroups: - datadoghq.com resources: - - datadogmonitors - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - datadoghq.com - resources: - - datadogmonitors/finalizers + - datadogmetrics verbs: - create - delete - - get - list - - patch - - update - watch - - apiGroups: - - datadoghq.com - resources: - - datadogmonitors/status - verbs: - - get - - patch - - update - apiGroups: - datadoghq.com resources: - datadogpodautoscalers - verbs: - - '*' - - apiGroups: - - datadoghq.com - resources: - datadogpodautoscalers/status verbs: - '*' - - apiGroups: - - datadoghq.com - resources: - - datadogslos - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - datadoghq.com - resources: - - datadogslos/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - datadoghq.com - resources: - - datadogslos/status - verbs: - - get - - patch - - update - apiGroups: - datadoghq.com resources: - extendeddaemonsetreplicasets verbs: - get - - apiGroups: - - datadoghq.com - resources: - - extendeddaemonsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - datadoghq.com resources: @@ -858,13 +544,6 @@ spec: - get - list - watch - - apiGroups: - - extensions - resources: - - customresourcedefinitions - verbs: - - list - - watch - apiGroups: - external.metrics.k8s.io resources: @@ -904,14 +583,6 @@ spec: - patch - update - watch - - apiGroups: - - policy - resources: - - podsecuritypolicies - verbs: - - get - - list - - watch - apiGroups: - quota.openshift.io resources: @@ -919,102 +590,6 @@ spec: verbs: - get - list - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterrolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterroles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - rbac.authorization.k8s.io - resources: - - rolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - rbac.authorization.k8s.io - resources: - - roles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - roles.rbac.authorization.k8s.io - resources: - - clusterrolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - roles.rbac.authorization.k8s.io - resources: - - clusterroles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - roles.rbac.authorization.k8s.io - resources: - - rolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - roles.rbac.authorization.k8s.io - resources: - - roles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - security.openshift.io resourceNames: @@ -1085,7 +660,7 @@ spec: fieldPath: metadata.annotations['olm.targetNamespaces'] - name: DD_TOOL_VERSION value: redhat - image: gcr.io/datadoghq/operator:1.10.0 + image: gcr.io/datadoghq/operator:1.11.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -1183,5 +758,5 @@ spec: minKubeVersion: 1.16.0 provider: name: Datadog - version: 1.10.0 - replaces: datadog-operator.v1.9.0 + version: 1.11.1 + replaces: datadog-operator.v1.10.0 diff --git a/bundle/manifests/datadoghq.com_datadogagentprofiles.yaml b/bundle/manifests/datadoghq.com_datadogagentprofiles.yaml index 53edfa0d2..9f842c899 100644 --- a/bundle/manifests/datadoghq.com_datadogagentprofiles.yaml +++ b/bundle/manifests/datadoghq.com_datadogagentprofiles.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 creationTimestamp: null name: datadogagentprofiles.datadoghq.com spec: @@ -95,10 +95,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -162,10 +165,13 @@ spec: key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -194,11 +200,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry @@ -210,6 +214,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -325,6 +335,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator @@ -343,16 +354,8 @@ spec: description: Conditions represents the latest available observations of a DatadogAgentProfile's current state. items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -393,12 +396,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/bundle/manifests/datadoghq.com_datadogagents.yaml b/bundle/manifests/datadoghq.com_datadogagents.yaml index 39dd2a0e1..1357855ca 100644 --- a/bundle/manifests/datadoghq.com_datadogagents.yaml +++ b/bundle/manifests/datadoghq.com_datadogagents.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 creationTimestamp: null name: datadogagents.datadoghq.com spec: @@ -90,16 +90,12 @@ spec: type: boolean name: description: |- - Define the image to use: - Use "gcr.io/datadoghq/agent:latest" for Datadog Agent 7. - Use "datadog/dogstatsd:latest" for standalone Datadog Agent DogStatsD 7. - Use "gcr.io/datadoghq/cluster-agent:latest" for Datadog Cluster Agent. - Use "agent" with the registry and tag configurations for /agent:. - Use "cluster-agent" with the registry and tag configurations for /cluster-agent:. - If the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`, - and `global.registry` values are ignored. - Otherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values; - image string is created using default registry unless `global.registry` is configured. + Defines the Agent image name for the pod. You can provide this as: + * - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD. + The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled. + * : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored. + * /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified + like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored. type: string pullPolicy: description: |- @@ -116,10 +112,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -171,10 +170,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -238,10 +240,13 @@ spec: secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -268,11 +273,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one @@ -284,6 +287,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -368,11 +377,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -414,11 +425,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -462,6 +475,16 @@ spec: MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled="true"'. Default: false type: boolean + mutation: + description: Mutation contains Admission Controller mutation + configurations. + properties: + enabled: + description: |- + Enabled enables the Admission Controller mutation webhook. + Default: true + type: boolean + type: object registry: description: Registry defines an image registry for the admission controller. @@ -470,6 +493,16 @@ spec: description: ServiceName corresponds to the webhook service name. type: string + validation: + description: Validation contains Admission Controller validation + configurations. + properties: + enabled: + description: |- + Enabled enables the Admission Controller validation webhook. + Default: true + type: boolean + type: object webhookName: description: |- WebhookName is a custom name for the MutatingWebhookConfiguration. @@ -1486,6 +1519,15 @@ spec: type: boolean type: object type: object + serviceDiscovery: + description: ServiceDiscovery + properties: + enabled: + description: |- + Enables the service discovery check. + Default: false + type: boolean + type: object tcpQueueLength: description: TCPQueueLength configuration. properties: @@ -1508,6 +1550,13 @@ spec: global: description: Global settings to configure the agents properties: + checksTagCardinality: + description: |- + ChecksTagCardinality configures tag cardinality for the metrics collected by integrations (`low`, `orchestrator` or `high`). + See also: https://docs.datadoghq.com/getting_started/tagging/assigning_tags/?tab=containerizedenvironments#tags-cardinality. + Not set by default to avoid overriding existing DD_CHECKS_TAG_CARDINALITY configurations, the default value in the Agent is low. + Ref: https://github.com/DataDog/datadog-agent/blob/856cf4a66142ce91fd4f8a278149436eb971184a/pkg/config/setup/config.go#L625. + type: string clusterAgentToken: description: ClusterAgentToken is the token for communication between the NodeAgent and ClusterAgent. @@ -1678,10 +1727,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -1741,10 +1793,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1834,16 +1889,12 @@ spec: type: boolean name: description: |- - Define the image to use: - Use "gcr.io/datadoghq/agent:latest" for Datadog Agent 7. - Use "datadog/dogstatsd:latest" for standalone Datadog Agent DogStatsD 7. - Use "gcr.io/datadoghq/cluster-agent:latest" for Datadog Cluster Agent. - Use "agent" with the registry and tag configurations for /agent:. - Use "cluster-agent" with the registry and tag configurations for /cluster-agent:. - If the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`, - and `global.registry` values are ignored. - Otherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values; - image string is created using default registry unless `global.registry` is configured. + Defines the Agent image name for the pod. You can provide this as: + * - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD. + The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled. + * : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored. + * /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified + like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored. type: string pullPolicy: description: |- @@ -1860,10 +1911,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1900,11 +1954,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1915,6 +1967,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -1972,10 +2030,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -2034,10 +2095,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -2159,11 +2223,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2222,6 +2288,13 @@ spec: Use 'docker.io/datadog' for DockerHub. Default: 'gcr.io/datadoghq' type: string + runProcessChecksInCoreAgent: + description: |- + Configure whether the Process Agent or core Agent collects process and/or container information (Linux only). + The Process Agent container won't spin up if there are no other running checks as a result. + (Requires Agent 7.57.0+) + Default: 'false' + type: boolean secretBackend: description: |- Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management @@ -2263,6 +2336,9 @@ spec: type: string type: array x-kubernetes-list-type: set + required: + - namespace + - secrets type: object type: array x-kubernetes-list-type: atomic @@ -2352,11 +2428,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -2384,11 +2462,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic weight: @@ -2402,6 +2482,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -2446,11 +2527,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -2478,14 +2561,17 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object @@ -2517,8 +2603,9 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list @@ -2547,11 +2634,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2562,6 +2651,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -2597,11 +2716,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2621,6 +2742,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -2643,6 +2765,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -2662,8 +2785,9 @@ spec: a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of @@ -2692,11 +2816,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2707,6 +2833,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -2742,11 +2898,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2766,6 +2924,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -2778,6 +2937,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: description: Describes pod anti-affinity scheduling rules @@ -2805,8 +2965,9 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list @@ -2835,11 +2996,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2850,6 +3013,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -2885,11 +3078,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2909,6 +3104,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -2931,6 +3127,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the anti-affinity requirements specified by this field are not met at @@ -2950,8 +3147,9 @@ spec: a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of @@ -2980,11 +3178,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2995,6 +3195,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -3030,11 +3260,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -3054,6 +3286,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -3066,6 +3299,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object annotations: @@ -3133,10 +3367,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3197,10 +3434,13 @@ spec: from. Must be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3240,6 +3480,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -3257,11 +3498,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -3296,6 +3537,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3401,6 +3643,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -3418,11 +3661,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -3457,6 +3700,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3548,11 +3792,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry @@ -3564,6 +3806,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -3673,6 +3921,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -3686,6 +3958,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -3693,6 +3966,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -3704,7 +3978,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -3786,7 +4060,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -3827,6 +4100,160 @@ spec: type: string type: object type: object + startupProbe: + description: Configure the Startup Probe of the container + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a + GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + default: "" + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to + perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object volumeMounts: description: Specify additional volume mounts in the container. items: @@ -3844,6 +4271,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -3853,6 +4282,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -3878,9 +4326,13 @@ spec: description: |- Configure the basic configurations for each Agent container. Valid Agent container names are: `agent`, `cluster-agent`, `init-config`, `init-volume`, `process-agent`, `seccomp-setup`, - `security-agent`, `system-probe`, `trace-agent`, and `all`. - Configuration under `all` applies to all configured containers. + `security-agent`, `system-probe`, and `trace-agent`. type: object + createPodDisruptionBudget: + description: |- + Set CreatePodDisruptionBudget to true to create a PodDisruptionBudget for this component. + Not applicable for the Node Agent. A Cluster Agent PDB is set with 1 minimum available pod, and a Cluster Checks Runner PDB is set with 1 maximum unavailable pod. + type: boolean createRbac: description: Set CreateRbac to false to prevent automatic creation of Role/ClusterRole for this component @@ -3963,6 +4415,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic options: description: |- A list of DNS resolver options. @@ -3980,6 +4433,7 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic searches: description: |- A list of DNS search domains for host-name lookup. @@ -3988,6 +4442,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object dnsPolicy: description: |- @@ -4034,10 +4489,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or @@ -4097,10 +4555,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -4130,10 +4591,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be @@ -4149,10 +4613,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -4291,16 +4758,12 @@ spec: type: boolean name: description: |- - Define the image to use: - Use "gcr.io/datadoghq/agent:latest" for Datadog Agent 7. - Use "datadog/dogstatsd:latest" for standalone Datadog Agent DogStatsD 7. - Use "gcr.io/datadoghq/cluster-agent:latest" for Datadog Cluster Agent. - Use "agent" with the registry and tag configurations for /agent:. - Use "cluster-agent" with the registry and tag configurations for /cluster-agent:. - If the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`, - and `global.registry` values are ignored. - Otherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values; - image string is created using default registry unless `global.registry` is configured. + Defines the Agent image name for the pod. You can provide this as: + * - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD. + The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled. + * : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored. + * /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified + like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored. type: string pullPolicy: description: |- @@ -4317,10 +4780,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4345,9 +4811,8 @@ spec: additionalProperties: type: string description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + A map of key-value pairs. For this pod to run on a specific node, the node must have these key-value pairs as labels. + See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ type: object priorityClassName: description: |- @@ -4365,18 +4830,39 @@ spec: securityContext: description: Pod-level SecurityContext. properties: + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by the containers in this pod. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object fsGroup: description: |- A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. format: int64 @@ -4463,7 +4949,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -4473,17 +4958,28 @@ spec: type: object supplementalGroups: description: |- - A list of groups applied to the first process run in each container, in addition - to the container's primary GID, the fsGroup (if specified), and group memberships - defined in the container image for the uid of the container process. If unspecified, - no additional groups are added to any container. Note that group memberships - defined in the container image for the uid of the container process are still effective, - even if they are not included in this list. + A list of groups applied to the first process run in each container, in + addition to the container's primary GID and fsGroup (if specified). If + the SupplementalGroupsPolicy feature is enabled, the + supplementalGroupsPolicy field determines whether these are in addition + to or instead of any group memberships defined in the container image. + If unspecified, no additional groups are added, though group memberships + defined in the container image may still be used, depending on the + supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows. items: format: int64 type: integer type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + description: |- + Defines how supplemental groups of the first container processes are calculated. + Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + and the container runtime must implement support for this feature. + Note that this field cannot be set when spec.os.name is windows. + type: string sysctls: description: |- Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported @@ -4503,6 +4999,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic windowsOptions: description: |- The Windows specific settings applied to all containers. @@ -4638,7 +5135,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -4678,6 +5174,7 @@ spec: blob storage type: string fsType: + default: ext4 description: |- fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. @@ -4691,6 +5188,7 @@ spec: to shared' type: string readOnly: + default: false description: |- readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. @@ -4730,6 +5228,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is @@ -4752,10 +5251,13 @@ spec: More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4791,10 +5293,13 @@ spec: to OpenStack. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4859,11 +5364,15 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -4896,10 +5405,13 @@ spec: secret object contains more than one secret, all secret references are passed. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4943,8 +5455,8 @@ spec: properties: fieldRef: description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' + pod: only annotations, labels, name, namespace + and uid are supported.' properties: apiVersion: description: Version of the schema the FieldPath @@ -5004,6 +5516,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: description: |- @@ -5037,7 +5550,6 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -5048,17 +5560,14 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). - Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -5072,7 +5581,6 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -5082,11 +5590,9 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - Required, must not be nil. properties: metadata: @@ -5109,6 +5615,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: |- dataSource field can be used to specify either: @@ -5197,34 +5704,6 @@ spec: status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -5281,11 +5760,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -5301,6 +5782,21 @@ spec: storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string volumeMode: description: |- volumeMode defines what type of volume is required by the claim. @@ -5325,7 +5821,6 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -5342,6 +5837,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: description: |- wwids Optional: FC volume world wide identifiers (wwids) @@ -5349,6 +5845,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: description: |- @@ -5385,10 +5882,13 @@ spec: scripts. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -5422,7 +5922,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -5503,9 +6002,6 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- - TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - mount host directories as read/write. properties: path: description: |- @@ -5522,6 +6018,41 @@ spec: required: - path type: object + image: + description: |- + image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + The volume is resolved at pod startup depending on which PullPolicy value is provided: + + - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + + The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + The volume will be mounted read-only (ro) and non-executable files (noexec). + Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + properties: + pullPolicy: + description: |- + Policy for pulling OCI objects. Possible values are: + Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + type: string + reference: + description: |- + Required: Image or artifact reference to be used. + Behaves in the same way as pod.spec.containers[*].image. + Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + type: object iscsi: description: |- iscsi represents an ISCSI Disk resource that is attached to a @@ -5542,7 +6073,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -5554,6 +6084,7 @@ spec: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: + default: default description: |- iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). @@ -5569,6 +6100,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic readOnly: description: |- readOnly here will force the ReadOnly setting in VolumeMounts. @@ -5579,10 +6111,13 @@ spec: target and initiator authentication properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -5701,11 +6236,108 @@ spec: format: int32 type: integer sources: - description: sources is the list of volume projections + description: |- + sources is the list of volume projections. Each entry in this list + handles one source. items: - description: Projection that may be projected along - with other supported volume types + description: |- + Projection that may be projected along with other supported volume types. + Exactly one of these fields must be set. properties: + clusterTrustBundle: + description: |- + ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + of ClusterTrustBundle objects in an auto-updating file. + + Alpha, gated by the ClusterTrustBundleProjection feature gate. + + ClusterTrustBundle objects can either be selected by name, or by the + combination of signer name and a label selector. + + Kubelet performs aggressive normalization of the PEM contents written + into the pod filesystem. Esoteric PEM features such as inter-block + comments and block headers are stripped. Certificates are deduplicated. + The ordering of certificates within the file is arbitrary, and Kubelet + may change the order over time. + properties: + labelSelector: + description: |- + Select all ClusterTrustBundles that match this label selector. Only has + effect if signerName is set. Mutually-exclusive with name. If unset, + interpreted as "match nothing". If set but empty, interpreted as "match + everything". + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + name: + description: |- + Select a single ClusterTrustBundle by object name. Mutually-exclusive + with signerName and labelSelector. + type: string + optional: + description: |- + If true, don't block pod startup if the referenced ClusterTrustBundle(s) + aren't available. If using name, then the named ClusterTrustBundle is + allowed not to exist. If using signerName, then the combination of + signerName and labelSelector is allowed to match zero + ClusterTrustBundles. + type: boolean + path: + description: Relative path from the volume + root to write the bundle. + type: string + signerName: + description: |- + Select all ClusterTrustBundles that match this signer name. + Mutually-exclusive with name. The contents of all selected + ClusterTrustBundles will be unified and deduplicated. + type: string + required: + - path + type: object configMap: description: configMap information about the configMap data to project @@ -5748,11 +6380,15 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the @@ -5775,7 +6411,8 @@ spec: fieldRef: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace are supported.' + labels, name, namespace and uid + are supported.' properties: apiVersion: description: Version of the schema @@ -5841,6 +6478,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret @@ -5884,11 +6522,15 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether @@ -5927,6 +6569,7 @@ spec: type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the @@ -5977,7 +6620,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -5985,6 +6627,7 @@ spec: More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string keyring: + default: /etc/ceph/keyring description: |- keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. @@ -5997,7 +6640,9 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic pool: + default: rbd description: |- pool is the rados pool name. Default is rbd. @@ -6017,14 +6662,18 @@ spec: More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic user: + default: admin description: |- user is the rados user name. Default is admin. @@ -6039,6 +6688,7 @@ spec: attached and mounted on Kubernetes nodes. properties: fsType: + default: xfs description: |- fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. @@ -6064,10 +6714,13 @@ spec: sensitive information. If this is not provided, Login operation will fail. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6076,6 +6729,7 @@ spec: with Gateway, default false type: boolean storageMode: + default: ThinProvisioned description: |- storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. @@ -6152,6 +6806,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined @@ -6183,10 +6838,13 @@ spec: credentials. If not specified, default values will be attempted. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6452,16 +7110,8 @@ spec: description: Conditions Represents the latest available observations of a DatadogAgent's current state. items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -6502,12 +7152,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -6563,16 +7208,12 @@ spec: type: boolean name: description: |- - Define the image to use: - Use "gcr.io/datadoghq/agent:latest" for Datadog Agent 7. - Use "datadog/dogstatsd:latest" for standalone Datadog Agent DogStatsD 7. - Use "gcr.io/datadoghq/cluster-agent:latest" for Datadog Cluster Agent. - Use "agent" with the registry and tag configurations for /agent:. - Use "cluster-agent" with the registry and tag configurations for /cluster-agent:. - If the name is the full image string—`:` or `/:`, then `tag`, `jmxEnabled`, - and `global.registry` values are ignored. - Otherwise, image string is created by overriding default settings with supplied `name`, `tag`, and `jmxEnabled` values; - image string is created using default registry unless `global.registry` is configured. + Defines the Agent image name for the pod. You can provide this as: + * - use agent for the Datadog Agent, cluster-agent for the Datadog Cluster Agent, or dogstatsd for DogStatsD. + The full image string is derived from global.registry, [key].image.tag, and [key].image.jmxEnabled. + * : - For example, agent:latest. The registry is derived from global.registry. [key].image.tag and [key].image.jmxEnabled are ignored. + * /: - For example, gcr.io/datadoghq/agent:latest. If the full image string is specified + like this, then global.registry, [key].image.tag, and [key].image.jmxEnabled are ignored. type: string pullPolicy: description: |- @@ -6589,10 +7230,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6645,10 +7289,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the @@ -6715,10 +7362,13 @@ spec: secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the @@ -6745,11 +7395,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references @@ -6761,6 +7409,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -6845,11 +7499,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -6891,11 +7547,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -6939,6 +7597,16 @@ spec: MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled="true"'. Default: false type: boolean + mutation: + description: Mutation contains Admission Controller mutation + configurations. + properties: + enabled: + description: |- + Enabled enables the Admission Controller mutation webhook. + Default: true + type: boolean + type: object registry: description: Registry defines an image registry for the admission controller. @@ -6947,6 +7615,16 @@ spec: description: ServiceName corresponds to the webhook service name. type: string + validation: + description: Validation contains Admission Controller + validation configurations. + properties: + enabled: + description: |- + Enabled enables the Admission Controller validation webhook. + Default: true + type: boolean + type: object webhookName: description: |- WebhookName is a custom name for the MutatingWebhookConfiguration. @@ -7973,6 +8651,15 @@ spec: type: boolean type: object type: object + serviceDiscovery: + description: ServiceDiscovery + properties: + enabled: + description: |- + Enables the service discovery check. + Default: false + type: boolean + type: object tcpQueueLength: description: TCPQueueLength configuration. properties: diff --git a/bundle/manifests/datadoghq.com_datadogdashboards.yaml b/bundle/manifests/datadoghq.com_datadogdashboards.yaml index 107aa2591..d86e04c61 100644 --- a/bundle/manifests/datadoghq.com_datadogdashboards.yaml +++ b/bundle/manifests/datadoghq.com_datadogdashboards.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 creationTimestamp: null name: datadogdashboards.datadoghq.com spec: @@ -169,16 +169,8 @@ spec: description: Conditions represents the latest available observations of the state of a DatadogDashboard. items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -219,12 +211,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/bundle/manifests/datadoghq.com_datadogmetrics.yaml b/bundle/manifests/datadoghq.com_datadogmetrics.yaml index 4bf315b08..471e467d5 100644 --- a/bundle/manifests/datadoghq.com_datadogmetrics.yaml +++ b/bundle/manifests/datadoghq.com_datadogmetrics.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 creationTimestamp: null name: datadogmetrics.datadoghq.com spec: diff --git a/bundle/manifests/datadoghq.com_datadogmonitors.yaml b/bundle/manifests/datadoghq.com_datadogmonitors.yaml index 5c0870f53..8aa79a9bf 100644 --- a/bundle/manifests/datadoghq.com_datadogmonitors.yaml +++ b/bundle/manifests/datadoghq.com_datadogmonitors.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 creationTimestamp: null name: datadogmonitors.datadoghq.com spec: diff --git a/bundle/manifests/datadoghq.com_datadogpodautoscalers.yaml b/bundle/manifests/datadoghq.com_datadogpodautoscalers.yaml index 1686358b5..c37e23c9a 100644 --- a/bundle/manifests/datadoghq.com_datadogpodautoscalers.yaml +++ b/bundle/manifests/datadoghq.com_datadogpodautoscalers.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 creationTimestamp: null name: datadogpodautoscalers.datadoghq.com spec: diff --git a/bundle/manifests/datadoghq.com_datadogslos.yaml b/bundle/manifests/datadoghq.com_datadogslos.yaml index 735e8e54a..e01cc684e 100644 --- a/bundle/manifests/datadoghq.com_datadogslos.yaml +++ b/bundle/manifests/datadoghq.com_datadogslos.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 creationTimestamp: null name: datadogslos.datadoghq.com spec: @@ -150,16 +150,8 @@ spec: description: Conditions represents the latest available observations of the state of a DatadogSLO. items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -200,12 +192,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/check-operator.Dockerfile b/check-operator.Dockerfile index ab377851f..d2c80f466 100644 --- a/check-operator.Dockerfile +++ b/check-operator.Dockerfile @@ -20,7 +20,7 @@ ARG LDFLAGS ARG GOARCH RUN CGO_ENABLED=0 GOOS=linux GOARCH=${GOARCH} GO111MODULE=on go build -a -ldflags "${LDFLAGS}" -o check-operator cmd/check-operator/main.go -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest +FROM registry.access.redhat.com/ubi9/ubi-minimal:latest WORKDIR / COPY --from=builder /workspace/check-operator . USER 1001 diff --git a/cmd/main.go b/cmd/main.go index 5fe587c12..089aa3e75 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -24,6 +24,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" ctrlzap "sigs.k8s.io/controller-runtime/pkg/log/zap" "sigs.k8s.io/controller-runtime/pkg/manager" + "sigs.k8s.io/controller-runtime/pkg/metrics/filters" "go.uber.org/zap" "go.uber.org/zap/zapcore" @@ -93,6 +94,7 @@ const ( type options struct { // Observability options metricsAddr string + secureMetrics bool profilingEnabled bool logLevel *zapcore.Level logEncoder string @@ -123,7 +125,6 @@ type options struct { introspectionEnabled bool datadogAgentProfileEnabled bool remoteConfigEnabled bool - otelAgentEnabled bool datadogDashboardEnabled bool // Secret Backend options @@ -134,6 +135,7 @@ type options struct { func (opts *options) Parse() { // Observability flags flag.StringVar(&opts.metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.") + flag.BoolVar(&opts.secureMetrics, "metrics-secure", false, "If true, the metrics endpoint is served securely via HTTPS. Use false to use HTTP instead.") flag.BoolVar(&opts.profilingEnabled, "profiling-enabled", false, "Enable Datadog profile in the Datadog Operator process.") opts.logLevel = zap.LevelFlag("loglevel", zapcore.InfoLevel, "Set log level") flag.StringVar(&opts.logEncoder, "logEncoder", "json", "log encoding ('json' or 'console')") @@ -157,7 +159,6 @@ func (opts *options) Parse() { flag.BoolVar(&opts.introspectionEnabled, "introspectionEnabled", false, "Enable introspection (beta)") flag.BoolVar(&opts.datadogAgentProfileEnabled, "datadogAgentProfileEnabled", false, "Enable DatadogAgentProfile controller (beta)") flag.BoolVar(&opts.remoteConfigEnabled, "remoteConfigEnabled", false, "Enable RemoteConfig capabilities in the Operator (beta)") - flag.BoolVar(&opts.otelAgentEnabled, "otelAgentEnabled", false, "Enable the OTel agent container (beta)") flag.BoolVar(&opts.datadogDashboardEnabled, "datadogDashboardEnabled", false, "Enable the DatadogDashboard controller") // ExtendedDaemonset configuration @@ -230,14 +231,23 @@ func run(opts *options) error { renewDeadline := opts.leaderElectionLeaseDuration / 2 retryPeriod := opts.leaderElectionLeaseDuration / 4 + metricsServerOptions := metricsserver.Options{ + BindAddress: opts.metricsAddr, + SecureServing: opts.secureMetrics, + ExtraHandlers: debug.GetExtraMetricHandlers(), + } + + if opts.secureMetrics { + // FilterProvider is used to protect the metrics endpoint with authn/authz. + metricsServerOptions.FilterProvider = filters.WithAuthenticationAndAuthorization + } + restConfig := ctrl.GetConfigOrDie() restConfig.UserAgent = "datadog-operator" mgr, err := ctrl.NewManager(restConfig, ctrl.Options{ - Scheme: scheme, - Metrics: metricsserver.Options{ - BindAddress: opts.metricsAddr, - ExtraHandlers: debug.GetExtraMetricHandlers(), - }, HealthProbeBindAddress: ":8081", + Scheme: scheme, + Metrics: metricsServerOptions, + HealthProbeBindAddress: ":8081", LeaderElection: opts.enableLeaderElection, LeaderElectionID: "datadog-operator-lock", LeaderElectionResourceLock: resourcelock.LeasesResourceLock, @@ -301,7 +311,6 @@ func run(opts *options) error { V2APIEnabled: true, IntrospectionEnabled: opts.introspectionEnabled, DatadogAgentProfileEnabled: opts.datadogAgentProfileEnabled, - OtelAgentEnabled: opts.otelAgentEnabled, DatadogDashboardEnabled: opts.datadogDashboardEnabled, } diff --git a/config/crd/bases/v1/datadoghq.com_datadogagentprofiles.yaml b/config/crd/bases/v1/datadoghq.com_datadogagentprofiles.yaml index 5c4ed60b7..d0e4501c5 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagentprofiles.yaml +++ b/config/crd/bases/v1/datadoghq.com_datadogagentprofiles.yaml @@ -254,6 +254,12 @@ spec: If not specified, the pod priority will be default or zero if there is no default. type: string + runtimeClassName: + description: |- + If specified, indicates the pod's RuntimeClass kubelet should use to run the pod. + If the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase. + If no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled. + type: string updateStrategy: description: |- The deployment strategy to use to replace existing pods with new ones. diff --git a/config/crd/bases/v1/datadoghq.com_datadogagentprofiles_v1alpha1.json b/config/crd/bases/v1/datadoghq.com_datadogagentprofiles_v1alpha1.json index 14c8026cb..dbbf7f0bf 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagentprofiles_v1alpha1.json +++ b/config/crd/bases/v1/datadoghq.com_datadogagentprofiles_v1alpha1.json @@ -242,6 +242,10 @@ "description": "If specified, indicates the pod's priority. \"system-node-critical\" and\n\"system-cluster-critical\" are two special keywords which indicate the\nhighest priorities with the former being the highest priority. Any other\nname must be defined by creating a PriorityClass object with that name.\nIf not specified, the pod priority will be default or zero if there is no\ndefault.", "type": "string" }, + "runtimeClassName": { + "description": "If specified, indicates the pod's RuntimeClass kubelet should use to run the pod.\nIf the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase.\nIf no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled.", + "type": "string" + }, "updateStrategy": { "additionalProperties": false, "description": "The deployment strategy to use to replace existing pods with new ones.\nValid types are `RollingUpdate` or `OnDelete` for DaemonSets", diff --git a/config/crd/bases/v1/datadoghq.com_datadogagents.yaml b/config/crd/bases/v1/datadoghq.com_datadogagents.yaml index 01c9cc545..ee4066cf2 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagents.yaml +++ b/config/crd/bases/v1/datadoghq.com_datadogagents.yaml @@ -435,6 +435,15 @@ spec: failurePolicy: description: FailurePolicy determines how unrecognized and timeout errors are handled. type: string + kubernetesAdmissionEvents: + description: KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration. + properties: + enabled: + description: |- + Enable the Kubernetes Admission Events feature. + Default: false + type: boolean + type: object mutateUnlabelled: description: |- MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled="true"'. @@ -1284,6 +1293,125 @@ spec: Default: true type: boolean type: object + otelCollector: + description: OtelCollector configuration. + properties: + conf: + description: |- + Conf overrides the configuration for the default Kubernetes State Metrics Core check. + This must point to a ConfigMap containing a valid cluster check configuration. + When passing a configmap, file name *must* be otel-config.yaml. + properties: + configData: + description: ConfigData corresponds to the configuration file content. + type: string + configMap: + description: ConfigMap references an existing ConfigMap with the configuration file content. + properties: + items: + description: Items maps a ConfigMap data `key` to a file `path` mount. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + name: + description: Name is the name of the ConfigMap. + type: string + type: object + type: object + coreConfig: + description: OTelCollector Config Relevant to the Core agent + properties: + enabled: + description: Enabled marks otelcollector as enabled in core agent. + type: boolean + extension_timeout: + description: |- + Extension URL provides the timout of the ddflareextension to + the core agent. + type: integer + extension_url: + description: |- + Extension URL provides the URL of the ddflareextension to + the core agent. + type: string + type: object + enabled: + description: |- + Enabled enables the OTel Agent. + Default: true + type: boolean + ports: + description: |- + Ports contains the ports for the otel-agent. + Defaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317 + or 4318 manually is *only* supported if name match default names (otel-grpc, otel-http). + If not, this will lead to a port conflict. + This limitation will be lifted once annotations support is removed. + items: + description: ContainerPort represents a network port in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + type: object otlp: description: OTLP ingest configuration properties: @@ -4572,6 +4700,12 @@ spec: Not applicable for a DaemonSet/ExtendedDaemonSet deployment format: int32 type: integer + runtimeClassName: + description: |- + If specified, indicates the pod's RuntimeClass kubelet should use to run the pod. + If the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase. + If no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled. + type: string securityContext: description: Pod-level SecurityContext. properties: @@ -7164,6 +7298,15 @@ spec: failurePolicy: description: FailurePolicy determines how unrecognized and timeout errors are handled. type: string + kubernetesAdmissionEvents: + description: KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration. + properties: + enabled: + description: |- + Enable the Kubernetes Admission Events feature. + Default: false + type: boolean + type: object mutateUnlabelled: description: |- MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled="true"'. @@ -8013,6 +8156,125 @@ spec: Default: true type: boolean type: object + otelCollector: + description: OtelCollector configuration. + properties: + conf: + description: |- + Conf overrides the configuration for the default Kubernetes State Metrics Core check. + This must point to a ConfigMap containing a valid cluster check configuration. + When passing a configmap, file name *must* be otel-config.yaml. + properties: + configData: + description: ConfigData corresponds to the configuration file content. + type: string + configMap: + description: ConfigMap references an existing ConfigMap with the configuration file content. + properties: + items: + description: Items maps a ConfigMap data `key` to a file `path` mount. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + name: + description: Name is the name of the ConfigMap. + type: string + type: object + type: object + coreConfig: + description: OTelCollector Config Relevant to the Core agent + properties: + enabled: + description: Enabled marks otelcollector as enabled in core agent. + type: boolean + extension_timeout: + description: |- + Extension URL provides the timout of the ddflareextension to + the core agent. + type: integer + extension_url: + description: |- + Extension URL provides the URL of the ddflareextension to + the core agent. + type: string + type: object + enabled: + description: |- + Enabled enables the OTel Agent. + Default: true + type: boolean + ports: + description: |- + Ports contains the ports for the otel-agent. + Defaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317 + or 4318 manually is *only* supported if name match default names (otel-grpc, otel-http). + If not, this will lead to a port conflict. + This limitation will be lifted once annotations support is removed. + items: + description: ContainerPort represents a network port in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + type: object otlp: description: OTLP ingest configuration properties: diff --git a/config/crd/bases/v1/datadoghq.com_datadogagents_v2alpha1.json b/config/crd/bases/v1/datadoghq.com_datadogagents_v2alpha1.json index a89741b9d..944437b60 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagents_v2alpha1.json +++ b/config/crd/bases/v1/datadoghq.com_datadogagents_v2alpha1.json @@ -430,6 +430,17 @@ "description": "FailurePolicy determines how unrecognized and timeout errors are handled.", "type": "string" }, + "kubernetesAdmissionEvents": { + "additionalProperties": false, + "description": "KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration.", + "properties": { + "enabled": { + "description": "Enable the Kubernetes Admission Events feature.\nDefault: false", + "type": "boolean" + } + }, + "type": "object" + }, "mutateUnlabelled": { "description": "MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled=\"true\"'.\nDefault: false", "type": "boolean" @@ -1330,6 +1341,127 @@ }, "type": "object" }, + "otelCollector": { + "additionalProperties": false, + "description": "OtelCollector configuration.", + "properties": { + "conf": { + "additionalProperties": false, + "description": "Conf overrides the configuration for the default Kubernetes State Metrics Core check.\nThis must point to a ConfigMap containing a valid cluster check configuration.\nWhen passing a configmap, file name *must* be otel-config.yaml.", + "properties": { + "configData": { + "description": "ConfigData corresponds to the configuration file content.", + "type": "string" + }, + "configMap": { + "additionalProperties": false, + "description": "ConfigMap references an existing ConfigMap with the configuration file content.", + "properties": { + "items": { + "description": "Items maps a ConfigMap data `key` to a file `path` mount.", + "items": { + "additionalProperties": false, + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "key" + ], + "x-kubernetes-list-type": "map" + }, + "name": { + "description": "Name is the name of the ConfigMap.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "coreConfig": { + "additionalProperties": false, + "description": "OTelCollector Config Relevant to the Core agent", + "properties": { + "enabled": { + "description": "Enabled marks otelcollector as enabled in core agent.", + "type": "boolean" + }, + "extension_timeout": { + "description": "Extension URL provides the timout of the ddflareextension to\nthe core agent.", + "type": "integer" + }, + "extension_url": { + "description": "Extension URL provides the URL of the ddflareextension to\nthe core agent.", + "type": "string" + } + }, + "type": "object" + }, + "enabled": { + "description": "Enabled enables the OTel Agent.\nDefault: true", + "type": "boolean" + }, + "ports": { + "description": "Ports contains the ports for the otel-agent.\nDefaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317\nor 4318 manually is *only* supported if name match default names (otel-grpc, otel-http).\nIf not, this will lead to a port conflict.\nThis limitation will be lifted once annotations support is removed.", + "items": { + "additionalProperties": false, + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 \u003c x \u003c 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 \u003c x \u003c 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, "otlp": { "additionalProperties": false, "description": "OTLP ingest configuration", @@ -4639,6 +4771,10 @@ "format": "int32", "type": "integer" }, + "runtimeClassName": { + "description": "If specified, indicates the pod's RuntimeClass kubelet should use to run the pod.\nIf the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase.\nIf no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled.", + "type": "string" + }, "securityContext": { "additionalProperties": false, "description": "Pod-level SecurityContext.", @@ -7099,6 +7235,17 @@ "description": "FailurePolicy determines how unrecognized and timeout errors are handled.", "type": "string" }, + "kubernetesAdmissionEvents": { + "additionalProperties": false, + "description": "KubernetesAdmissionEvents holds the Kubernetes Admission Events configuration.", + "properties": { + "enabled": { + "description": "Enable the Kubernetes Admission Events feature.\nDefault: false", + "type": "boolean" + } + }, + "type": "object" + }, "mutateUnlabelled": { "description": "MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled=\"true\"'.\nDefault: false", "type": "boolean" @@ -7999,6 +8146,127 @@ }, "type": "object" }, + "otelCollector": { + "additionalProperties": false, + "description": "OtelCollector configuration.", + "properties": { + "conf": { + "additionalProperties": false, + "description": "Conf overrides the configuration for the default Kubernetes State Metrics Core check.\nThis must point to a ConfigMap containing a valid cluster check configuration.\nWhen passing a configmap, file name *must* be otel-config.yaml.", + "properties": { + "configData": { + "description": "ConfigData corresponds to the configuration file content.", + "type": "string" + }, + "configMap": { + "additionalProperties": false, + "description": "ConfigMap references an existing ConfigMap with the configuration file content.", + "properties": { + "items": { + "description": "Items maps a ConfigMap data `key` to a file `path` mount.", + "items": { + "additionalProperties": false, + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "key" + ], + "x-kubernetes-list-type": "map" + }, + "name": { + "description": "Name is the name of the ConfigMap.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "coreConfig": { + "additionalProperties": false, + "description": "OTelCollector Config Relevant to the Core agent", + "properties": { + "enabled": { + "description": "Enabled marks otelcollector as enabled in core agent.", + "type": "boolean" + }, + "extension_timeout": { + "description": "Extension URL provides the timout of the ddflareextension to\nthe core agent.", + "type": "integer" + }, + "extension_url": { + "description": "Extension URL provides the URL of the ddflareextension to\nthe core agent.", + "type": "string" + } + }, + "type": "object" + }, + "enabled": { + "description": "Enabled enables the OTel Agent.\nDefault: true", + "type": "boolean" + }, + "ports": { + "description": "Ports contains the ports for the otel-agent.\nDefaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317\nor 4318 manually is *only* supported if name match default names (otel-grpc, otel-http).\nIf not, this will lead to a port conflict.\nThis limitation will be lifted once annotations support is removed.", + "items": { + "additionalProperties": false, + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 \u003c x \u003c 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 \u003c x \u003c 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, "otlp": { "additionalProperties": false, "description": "OTLP ingest configuration", diff --git a/config/crd/bases/v1/datadoghq.com_datadogpodautoscalers.yaml b/config/crd/bases/v1/datadoghq.com_datadogpodautoscalers.yaml index 148d84206..5a30875db 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogpodautoscalers.yaml +++ b/config/crd/bases/v1/datadoghq.com_datadogpodautoscalers.yaml @@ -225,6 +225,14 @@ spec: type: object type: array x-kubernetes-list-type: atomic + stabilizationWindowSeconds: + description: |- + StabilizationWindowSeconds is the number of seconds the controller should lookback at previous recommendations + before deciding to apply a new one. Defaults to 0. + format: int32 + maximum: 1800 + minimum: 0 + type: integer strategy: description: |- Strategy is used to specify which policy should be used. @@ -291,6 +299,14 @@ spec: type: object type: array x-kubernetes-list-type: atomic + stabilizationWindowSeconds: + description: |- + StabilizationWindowSeconds is the number of seconds the controller should lookback at previous recommendations + before deciding to apply a new one. Defaults to 0. + format: int32 + maximum: 1800 + minimum: 0 + type: integer strategy: description: |- Strategy is used to specify which policy should be used. diff --git a/config/crd/bases/v1/datadoghq.com_datadogpodautoscalers_v1alpha1.json b/config/crd/bases/v1/datadoghq.com_datadogpodautoscalers_v1alpha1.json index 4bd00a7d7..984898c87 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogpodautoscalers_v1alpha1.json +++ b/config/crd/bases/v1/datadoghq.com_datadogpodautoscalers_v1alpha1.json @@ -263,6 +263,13 @@ "type": "array", "x-kubernetes-list-type": "atomic" }, + "stabilizationWindowSeconds": { + "description": "StabilizationWindowSeconds is the number of seconds the controller should lookback at previous recommendations\nbefore deciding to apply a new one. Defaults to 0.", + "format": "int32", + "maximum": 1800, + "minimum": 0, + "type": "integer" + }, "strategy": { "description": "Strategy is used to specify which policy should be used.\nIf not set, the default value Max is used.", "enum": [ @@ -340,6 +347,13 @@ "type": "array", "x-kubernetes-list-type": "atomic" }, + "stabilizationWindowSeconds": { + "description": "StabilizationWindowSeconds is the number of seconds the controller should lookback at previous recommendations\nbefore deciding to apply a new one. Defaults to 0.", + "format": "int32", + "maximum": 1800, + "minimum": 0, + "type": "integer" + }, "strategy": { "description": "Strategy is used to specify which policy should be used.\nIf not set, the default value Max is used.", "enum": [ diff --git a/config/crd/bases/v1beta1/datadoghq.com_datadogpodautoscalers.yaml b/config/crd/bases/v1beta1/datadoghq.com_datadogpodautoscalers.yaml index 377924183..2eca96e63 100644 --- a/config/crd/bases/v1beta1/datadoghq.com_datadogpodautoscalers.yaml +++ b/config/crd/bases/v1beta1/datadoghq.com_datadogpodautoscalers.yaml @@ -200,6 +200,11 @@ spec: type: object type: array x-kubernetes-list-type: atomic + stabilizationWindowSeconds: + description: StabilizationWindowSeconds is used to specify the number of seconds to lookback to stabilize new recommendations before deciding to apply a new one. Defaults to 0. + format: int32 + minimum: 0 + type: integer strategy: description: Strategy is used to specify which policy should be used. If not set, the default value Max is used. enum: @@ -256,6 +261,11 @@ spec: type: object type: array x-kubernetes-list-type: atomic + stabilizationWindowSeconds: + description: StabilizationWindowSeconds is used to specify the number of seconds to lookback to stabilize new recommendations. Defaults to 0. + format: int32 + minimum: 0 + type: integer strategy: description: Strategy is used to specify which policy should be used. If not set, the default value Max is used. enum: diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 702be8701..267f62b41 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -24,12 +24,15 @@ resources: #- ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus +# [METRICS] Expose the controller manager metrics service. +#- metrics_service.yaml #patches: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -#- path: manager_auth_proxy_patch.yaml +# [METRICS] The following patch will enable the metrics endpoint using HTTPS and the port :8443. +# More info: https://book.kubebuilder.io/reference/metrics +#- path: manager_metrics_patch.yaml +# target: +# kind: Deployment # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml #- path: manager_webhook_patch.yaml diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml deleted file mode 100644 index 02b5c2f4f..000000000 --- a/config/default/manager_auth_proxy_patch.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# This patch inject a sidecar container which is a HTTP proxy for the -# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: manager - namespace: system -spec: - template: - spec: - containers: - - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=10" - ports: - - containerPort: 8443 - name: https - - name: manager - args: - - "--metrics-addr=127.0.0.1:8080" - - "--enable-leader-election" diff --git a/config/default/manager_metrics_patch.yaml b/config/default/manager_metrics_patch.yaml new file mode 100644 index 000000000..07d1b5444 --- /dev/null +++ b/config/default/manager_metrics_patch.yaml @@ -0,0 +1,4 @@ +# This patch adds the args to allow exposing the metrics endpoint using HTTPS +- op: add + path: /spec/template/spec/containers/0/args/0 + value: --metrics-addr=:8443 diff --git a/config/rbac/auth_proxy_service.yaml b/config/default/metrics_service.yaml similarity index 86% rename from config/rbac/auth_proxy_service.yaml rename to config/default/metrics_service.yaml index 6cf656be1..ef4147424 100644 --- a/config/rbac/auth_proxy_service.yaml +++ b/config/default/metrics_service.yaml @@ -9,6 +9,7 @@ spec: ports: - name: https port: 8443 - targetPort: https + protocol: TCP + targetPort: 8443 selector: control-plane: controller-manager diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 962660140..58b7c4148 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -3,6 +3,6 @@ resources: images: - name: controller newName: gcr.io/datadoghq/operator - newTag: 1.10.0 + newTag: 1.11.1 apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 312196f0e..9158f9cd7 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -22,6 +22,7 @@ spec: metadata: labels: app.kubernetes.io/name: datadog-operator + control-plane: controller-manager annotations: ad.datadoghq.com/manager.check_names: '["openmetrics"]' ad.datadoghq.com/manager.init_configs: '[{}]' diff --git a/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 7d62534c5..000000000 --- a/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: metrics-reader -rules: -- nonResourceURLs: ["/metrics"] - verbs: ["get"] diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 9de348943..711b0f70c 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -4,12 +4,12 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -#- auth_proxy_service.yaml -#- auth_proxy_role.yaml -#- auth_proxy_role_binding.yaml -#- auth_proxy_client_clusterrole.yaml +# The following RBAC configurations are used to protect +# the metrics endpoint with authn/authz. These configurations +# ensure that only authorized users and service accounts +# can access the metrics endpoint. +# - metrics_auth_role.yaml +# - metrics_auth_role_binding.yaml +# - metrics_reader_role.yaml apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization \ No newline at end of file diff --git a/config/rbac/auth_proxy_role.yaml b/config/rbac/metrics_auth_role.yaml similarity index 50% rename from config/rbac/auth_proxy_role.yaml rename to config/rbac/metrics_auth_role.yaml index 618f5e417..32d2e4ec6 100644 --- a/config/rbac/auth_proxy_role.yaml +++ b/config/rbac/metrics_auth_role.yaml @@ -1,13 +1,17 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: proxy-role + name: metrics-auth-role rules: -- apiGroups: ["authentication.k8s.io"] +- apiGroups: + - authentication.k8s.io resources: - tokenreviews - verbs: ["create"] -- apiGroups: ["authorization.k8s.io"] + verbs: + - create +- apiGroups: + - authorization.k8s.io resources: - subjectaccessreviews - verbs: ["create"] + verbs: + - create diff --git a/config/rbac/auth_proxy_role_binding.yaml b/config/rbac/metrics_auth_role_binding.yaml similarity index 69% rename from config/rbac/auth_proxy_role_binding.yaml rename to config/rbac/metrics_auth_role_binding.yaml index 48ed1e4b8..e775d67ff 100644 --- a/config/rbac/auth_proxy_role_binding.yaml +++ b/config/rbac/metrics_auth_role_binding.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: proxy-rolebinding + name: metrics-auth-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: proxy-role + name: metrics-auth-role subjects: - kind: ServiceAccount - name: default + name: controller-manager namespace: system diff --git a/config/rbac/metrics_reader_role.yaml b/config/rbac/metrics_reader_role.yaml new file mode 100644 index 000000000..51a75db47 --- /dev/null +++ b/config/rbac/metrics_reader_role.yaml @@ -0,0 +1,9 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: metrics-reader +rules: +- nonResourceURLs: + - "/metrics" + verbs: + - get diff --git a/config/test-v1/kustomization.yaml b/config/test-v1/kustomization.yaml index c38863cde..869ebd6a6 100644 --- a/config/test-v1/kustomization.yaml +++ b/config/test-v1/kustomization.yaml @@ -43,11 +43,6 @@ resources: # namespace: system # version: v1 -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -#- path: manager_auth_proxy_patch.yaml - # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml #- path: manager_webhook_patch.yaml diff --git a/config/test-v1/manager_auth_proxy_patch.yaml b/config/test-v1/manager_auth_proxy_patch.yaml deleted file mode 100644 index 02b5c2f4f..000000000 --- a/config/test-v1/manager_auth_proxy_patch.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# This patch inject a sidecar container which is a HTTP proxy for the -# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: manager - namespace: system -spec: - template: - spec: - containers: - - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=10" - ports: - - containerPort: 8443 - name: https - - name: manager - args: - - "--metrics-addr=127.0.0.1:8080" - - "--enable-leader-election" diff --git a/docs/configuration.v2alpha1.md b/docs/configuration.v2alpha1.md index c99072725..121c51d52 100644 --- a/docs/configuration.v2alpha1.md +++ b/docs/configuration.v2alpha1.md @@ -49,6 +49,7 @@ spec: | features.admissionController.cwsInstrumentation.mode | Defines the behavior of the CWS Instrumentation endpoint, and can be either "init_container" or "remote_copy". Default: "remote_copy" | | features.admissionController.enabled | Enables the Admission Controller. Default: true | | features.admissionController.failurePolicy | FailurePolicy determines how unrecognized and timeout errors are handled. | +| features.admissionController.kubernetesAdmissionEvents.enabled | Enable the Kubernetes Admission Events feature. Default: false | | features.admissionController.mutateUnlabelled | MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled="true"'. Default: false | | features.admissionController.mutation.enabled | Enables the Admission Controller mutation webhook. Default: true | | features.admissionController.registry | Defines an image registry for the admission controller. | @@ -141,6 +142,14 @@ spec: | features.orchestratorExplorer.enabled | Enables the Orchestrator Explorer. Default: true | | features.orchestratorExplorer.extraTags | Additional tags to associate with the collected data in the form of `a b c`. This is a Cluster Agent option distinct from DD_TAGS that is used in the Orchestrator Explorer. | | features.orchestratorExplorer.scrubContainers | ScrubContainers enables scrubbing of sensitive container data (passwords, tokens, etc. ). Default: true | +| features.otelCollector.conf.configData | ConfigData corresponds to the configuration file content. | +| features.otelCollector.conf.configMap.items | Maps a ConfigMap data `key` to a file `path` mount. | +| features.otelCollector.conf.configMap.name | Is the name of the ConfigMap. | +| features.otelCollector.coreConfig.enabled | Marks otelcollector as enabled in core agent. | +| features.otelCollector.coreConfig.extension_timeout | Extension URL provides the timout of the ddflareextension to the core agent. | +| features.otelCollector.coreConfig.extension_url | Extension URL provides the URL of the ddflareextension to the core agent. | +| features.otelCollector.enabled | Enables the OTel Agent. Default: true | +| features.otelCollector.ports | Contains the ports for the otel-agent. Defaults: otel-grpc:4317 / otel-http:4318. Note: setting 4317 or 4318 manually is *only* supported if name match default names (otel-grpc, otel-http). If not, this will lead to a port conflict. This limitation will be lifted once annotations support is removed. | | features.otlp.receiver.protocols.grpc.enabled | Enable the OTLP/gRPC endpoint. Host port is enabled by default and can be disabled. | | features.otlp.receiver.protocols.grpc.endpoint | For OTLP/gRPC. gRPC supports several naming schemes: https://github.com/grpc/grpc/blob/master/doc/naming.md The Datadog Operator supports only 'host:port' (usually `0.0.0.0:port`). Default: `0.0.0.0:4317`. | | features.otlp.receiver.protocols.grpc.hostPortConfig.enabled | Enables host port configuration | @@ -396,6 +405,7 @@ In the table, `spec.override.nodeAgent.image.name` and `spec.override.nodeAgent. | [key].nodeSelector `map[string]string` | A map of key-value pairs. For this pod to run on a specific node, the node must have these key-value pairs as labels. See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | | [key].priorityClassName | If specified, indicates the pod's priority. "system-node-critical" and "system-cluster-critical" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority is default, or zero if there is no default. | | [key].replicas | Number of the replicas. Not applicable for a DaemonSet/ExtendedDaemonSet deployment | +| [key].runtimeClassName | If specified, indicates the pod's RuntimeClass kubelet should use to run the pod. If the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase. If no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled. | | [key].securityContext.appArmorProfile.localhostProfile | localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost". | | [key].securityContext.appArmorProfile.type | type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement. | | [key].securityContext.fsGroup | A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. | diff --git a/docs/datadog_agent_profiles.md b/docs/datadog_agent_profiles.md index 74e4cff32..2c020cf96 100644 --- a/docs/datadog_agent_profiles.md +++ b/docs/datadog_agent_profiles.md @@ -67,3 +67,4 @@ DAP is disabled by default. To enable DAP using the [datadog-operator helm chart | override.[nodeAgent].containers.[\*].env | v1.8.0 | | override.[nodeAgent].labels | v1.8.0 | | override.[nodeAgent].updateStrategy | v1.9.0 | +| override.[nodeAgent].runtimeClassName | v1.12.0 | diff --git a/docs/secret_management.md b/docs/secret_management.md index 267d5b8b2..3c6894baf 100644 --- a/docs/secret_management.md +++ b/docs/secret_management.md @@ -23,9 +23,9 @@ spec: The credentials provided here will be stored in a Secret created by the Operator. By properly setting the `RBAC` on the `DatadogAgent` CRD, one can limit who is able to see those credentials. -## 2. Use secret(s) references +## 2. Use Secret(s) references -Another solution is to provide the name of the secret(s) that contains the credentials: +Another solution is to provide the name of the Secret(s) that contains the credentials: ```yaml apiVersion: datadoghq.com/v2alpha1 @@ -44,7 +44,7 @@ spec: # ... ``` -Create the secret(s) before applying the DatadogAgent manifest, or the deployment will fail. +Create the Secret(s) before applying the DatadogAgent manifest, or the deployment will fail. ```yaml apiVersion: v1 @@ -65,7 +65,7 @@ data: **Note:** -It is possible to use the same secret to store both credentials: +It is possible to use the same Secret to store both credentials: ```yaml --- @@ -110,15 +110,15 @@ success #### Using the secret helper -Kubernetes supports exposing secrets as files inside a pod, and we provide a helper script in the Datadog Operator image to read the secrets from files. +Kubernetes supports exposing Secrets as files inside a pod, and we provide a helper script in the Datadog Operator image to read the Secrets from files. -First, mount the secret in the Operator container, for instance at `/etc/secret-volume`. Then install or update the Datadog Operator deployment with the `.Values.secretBackend.command` parameter set to `/readsecret.sh` and the `.Values.secretBackend.arguments` parameter set to `/etc/secret-volume`. +First, mount the Secret in the Operator container, for instance at `/etc/secret-volume`. Then install or update the Datadog Operator deployment with the `.Values.secretBackend.command` parameter set to `/readsecret.sh` and the `.Values.secretBackend.arguments` parameter set to `/etc/secret-volume`. **Note:** This secret helper requires Datadog Operator v0.5.0+ -### How to deploy the agent components using the secret backend feature with DatadogAgent +### How to deploy Agent components using the secret backend feature with the DatadogAgent (Operator 1.11+) -If using a custom script, create a Datadog Agent (or Cluster Agent) image following the example for the Datadog Operator above. Then, to activate the secret backend feature in the `DatadogAgent` configuration, the `spec.credentials.useSecretBackend` parameter should be set to `true`. +If using a custom script, create a Datadog Agent (or Cluster Agent) image following the example for the Datadog Operator above, and specify credentials using `ENC[]`. ```yaml apiVersion: datadoghq.com/v2alpha1 @@ -133,7 +133,7 @@ spec: # ... ``` -Then inside the `spec.agent` configuration, the secret backend command can be specified by adding a new environment variable: "DD_SECRET_BACKEND_COMMAND". +The secret backend command can be specified in the `spec.global.secretBackend.command`: ```yaml apiVersion: datadoghq.com/v2alpha1 @@ -141,45 +141,17 @@ kind: DatadogAgent metadata: name: datadog spec: + global: + secretBackend: + command: "/my-secret-backend.sh" # ... - override: - nodeAgent: - containers: - agent: - env: - - name: DD_SECRET_BACKEND_COMMAND - value: "/my-secret-backend.sh" ``` -If the "Cluster Agent" and the "Cluster Check Runner" are also deployed, the environment variable needs to be added also in the other environment variables configuration. - -```yaml -apiVersion: datadoghq.com/v2alpha1 -kind: DatadogAgent -metadata: - name: datadog -spec: - # ... - override: - clusterAgent: - # ... - containers: - cluster-agent: - env: - - name: DD_SECRET_BACKEND_COMMAND - value: "/my-secret-backend.sh" - clusterChecksRunner: - # ... - containers: - agent: - env: - - name: DD_SECRET_BACKEND_COMMAND - value: "/my-secret-backend.sh" -``` +The environment variable `DD_SECRET_BACKEND_COMMAND` from this configuration is automatically applied to all the deployed components: node Agent, Cluster Agent, and Cluster Checks Runners. Ensure the image you are using for all the components includes your command. -As in the Datadog Operator, the Datadog Agent image includes a helper function `readsecret.sh` that can be used to read mounted secrets. After creating the secret and setting the volume mount (in any container that requires it), set the `DD_SECRET_BACKEND_COMMAND` and `DD_SECRET_BACKEND_ARGUMENTS` environmental variables. +For convenience, the Datadog Agent and its sibling Cluster Agent images already include a `readsecret_multiple_providers.sh` [helper function][2] that can be used to read from both files as well as Kubernetes Secrets. After creating the Secret, set `spec.global.secretBackend.command` to `"/readsecret_multiple_providers.sh"`. -For instance, to use the secret backend for the Agent and Cluster Agent, create a secret called "test-secret": +For instance, to use the secret backend for the Agent and Cluster Agent, create a Secret called "test-secret": `kubectl create secret generic test-secret --from-literal=api_key='' --from-literal=app_key=''` @@ -192,68 +164,55 @@ metadata: name: datadog spec: global: - credentials: - apiKey: ENC[api_key] - appKey: ENC[app_key] - override: - nodeAgent: - env: - - name: DD_SECRET_BACKEND_COMMAND - value: "/readsecret.sh" - - name: DD_SECRET_BACKEND_ARGUMENTS - value: "/etc/secret-volume" - containers: - agent: - volumeMounts: - - name: secret-volume - mountPath: "/etc/secret-volume" - volumes: - - name: secret-volume - secret: - secretName: test-secret - clusterAgent: - containers: - cluster-agent: - env: - - name: DD_SECRET_BACKEND_COMMAND - value: "/readsecret.sh" - - name: DD_SECRET_BACKEND_ARGUMENTS - value: "/etc/secret-volume" - volumeMounts: - - name: secret-volume - mountPath: "/etc/secret-volume" - volumes: - - name: secret-volume - secret: - secretName: test-secret -``` - -The Datadog Agent also includes a script that can be used to read secrets from files mounted from Kubernetes secrets, or directly from Kubernetes secrets. This script can be used by setting `DD_SECRET_BACKEND_COMMAND` to `/readsecret_multiple_providers.sh`. An example of how to configure the DatadogAgent spec is provided below. For more details, see [Secrets Management][2]. - -```yaml -apiVersion: datadoghq.com/v2alpha1 -kind: DatadogAgent -metadata: - name: datadog -spec: - global: + secretBackend: + command: "/readsecret_multiple_providers.sh" credentials: apiKey: ENC[k8s_secret@default/test-secret/api_key] appKey: ENC[k8s_secret@default/test-secret/app_key] - override: - nodeAgent: - env: - - name: DD_SECRET_BACKEND_COMMAND - value: "/readsecret_multiple_providers.sh" ``` **Remarks:** -* For the "Agent" and "Cluster Agent", others options exist to configure secret backend command: +* The `"/readsecret_multiple_providers.sh"` helper enables the Agent to directly read Kubernetes Secrets across both its own and other namespaces. Ensure that the associated ServiceAccount has the necessary permissions by assigning the appropriate Roles and RoleBindings, which can be set manually or using the following options: + * `global.secretBackend.enableGlobalPermissions`: Determines if a ClusterRole is created that enables the Agents to read **all** Kubernetes Secrets. + ```yaml + apiVersion: datadoghq.com/v2alpha1 + kind: DatadogAgent + metadata: + name: datadog + spec: + global: + secretBackend: + command: "/readsecret_multiple_providers.sh" + enableGlobalPermissions: true + # ... + ``` + * `global.secretBackend.roles`: Replaces `enableGlobalPermissions`, detailing the list of namespace/secrets to which the Agents should have access. + ```yaml + apiVersion: datadoghq.com/v2alpha1 + kind: DatadogAgent + metadata: + name: datadog + spec: + global: + secretBackend: + command: "/readsecret_multiple_providers.sh" + roles: + - namespace: rabbitmq-system + secrets: + - "rabbitmqcluster-sample-default-user" + # ... + ``` + In this example, a Role is created granting read access to the Secret `rabbitmqcluster-sample-default-user` in the `rabbitmq-system` namespace. + + **Note**: Each namespace in the `roles` list must also be configured in the `WATCH_NAMESPACE` or `DD_AGENT_WATCH_NAMESPACE` environment variable on the **Datadog Operator** deployment. + - * **DD_SECRET_BACKEND_ARGUMENTS**: those arguments will be specified to the command when the agent executes the secret backend command. - * **DD_SECRET_BACKEND_OUTPUT_MAX_SIZE**: maximum output size of the secret backend command. The default value is 1048576 (1Mb). - * **DD_SECRET_BACKEND_TIMEOUT**: secret backend execution timeout in second. The default value is 5 seconds. +* For the Agent and Cluster Agent, there are other configuration options for the secret backend command: + * `global.secretBackend.args`: these arguments are supplied to the command when the Agent executes the secret backend command. + * `global.secretBackend.timeout`: secret backend execution timeout in seconds. The default value is 30 seconds. +* For versions prior to Operator 1.11, `spec.global.secretBackend` is unavailable. You should follow [these instructions][3] instead. [1]: https://docs.datadoghq.com/agent/guide/secrets-management [2]: https://docs.datadoghq.com/agent/guide/secrets-management/?tab=linux#script-for-reading-from-multiple-secret-providers +[3]: https://github.com/DataDog/datadog-operator/blob/2bbda7adace27de3d397b3d76d87fbd49fa304e3/docs/secret_management.md#how-to-deploy-the-agent-components-using-the-secret-backend-feature-with-datadogagent diff --git a/examples/datadogagent/datadog-agent-with-otel-agent-annotations.yaml b/examples/datadogagent/datadog-agent-with-otel-agent-annotations.yaml new file mode 100644 index 000000000..e4970e7d4 --- /dev/null +++ b/examples/datadogagent/datadog-agent-with-otel-agent-annotations.yaml @@ -0,0 +1,89 @@ +apiVersion: datadoghq.com/v2alpha1 +kind: DatadogAgent +metadata: + annotations: + # Note: annotations support is temporary and will be removed in the future. + # Please use otelCollector Feature instead. + agent.datadoghq.com/otel-agent-enabled: "true" + name: datadog +spec: + global: + credentials: + apiKey: + override: + nodeAgent: + customConfigurations: + otel-config.yaml: + configMap: + name: my-datadog-otel-config + items: + - key: otel-config.yaml + path: otel-config.yaml +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: my-datadog-otel-config + labels: + app.kubernetes.io/name: "my-datadog" + app.kubernetes.io/version: "7" +data: + otel-config.yaml: |- + receivers: + prometheus: + config: + scrape_configs: + - job_name: "otel-agent" + scrape_interval: 10s + static_configs: + - targets: ["0.0.0.0:8888"] + otlp: + protocols: + grpc: + endpoint: 0.0.0.0:4317 + http: + endpoint: 0.0.0.0:4318 + exporters: + debug: + verbosity: detailed + datadog: + api: + key: ${env:DD_API_KEY} + processors: + infraattributes: + cardinality: 2 + probabilistic_sampler: + hash_seed: 22 + sampling_percentage: 15.3 + batch: + timeout: 10s + connectors: + datadog/connector: + traces: + compute_top_level_by_span_kind: true + peer_tags_aggregation: true + compute_stats_by_span_kind: true + extensions: + health_check: + service: + extensions: [health_check] + telemetry: + logs: + level: debug + pipelines: + traces: + receivers: [otlp] + processors: [batch] + exporters: [datadog/connector] + traces/sampled: + receivers: [otlp] + processors: [probabilistic_sampler, infraattributes, batch] + exporters: [datadog] + metrics: + receivers: [otlp, datadog/connector, prometheus] + processors: [infraattributes, batch] + exporters: [datadog] + logs: + receivers: [otlp] + processors: [infraattributes, batch] + exporters: [datadog] \ No newline at end of file diff --git a/examples/datadogagent/datadog-agent-with-otel-agent-configmap.yaml b/examples/datadogagent/datadog-agent-with-otel-agent-configmap.yaml new file mode 100644 index 000000000..9ac53828d --- /dev/null +++ b/examples/datadogagent/datadog-agent-with-otel-agent-configmap.yaml @@ -0,0 +1,58 @@ +apiVersion: datadoghq.com/v2alpha1 +kind: DatadogAgent +metadata: + name: datadog +spec: + global: + credentials: + apiKey: + features: + otelCollector: + enabled: true + ports: + - containerPort: 4317 + name: otel-grpc + - containerPort: 4318 + name: otel-http + conf: + configMap: + name: custom-config-map +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: custom-config-map + namespace: system +data: + # must be named otel-config.yaml. + otel-config.yaml: |- + receivers: + otlp: + protocols: + grpc: + endpoint: 0.0.0.0:4317 + http: + endpoint: 0.0.0.0:4318 + exporters: + debug: + verbosity: detailed + datadog: + api: + key: ${env:DD_API_KEY} + processors: + batch: + connectors: + service: + pipelines: + traces: + receivers: [otlp] + processors: [batch] + exporters: [datadog] + metrics: + receivers: [otlp] + processors: [batch] + exporters: [datadog] + logs: + receivers: [otlp] + processors: [batch] + exporters: [datadog] diff --git a/examples/datadogagent/datadog-agent-with-otel-agent.yaml b/examples/datadogagent/datadog-agent-with-otel-agent.yaml new file mode 100644 index 000000000..6f4236e35 --- /dev/null +++ b/examples/datadogagent/datadog-agent-with-otel-agent.yaml @@ -0,0 +1,48 @@ +apiVersion: datadoghq.com/v2alpha1 +kind: DatadogAgent +metadata: + name: datadog +spec: + global: + credentials: + apiKey: + features: + otelCollector: + enabled: true + ports: + - containerPort: 4317 + name: otel-grpc + - containerPort: 4318 + name: otel-http + conf: + configData: |- + receivers: + otlp: + protocols: + grpc: + endpoint: 0.0.0.0:4317 + http: + endpoint: 0.0.0.0:4318 + exporters: + debug: + verbosity: detailed + datadog: + api: + key: ${env:DD_API_KEY} + processors: + batch: + connectors: + service: + pipelines: + traces: + receivers: [otlp] + processors: [batch] + exporters: [datadog] + metrics: + receivers: [otlp] + processors: [batch] + exporters: [datadog] + logs: + receivers: [otlp] + processors: [batch] + exporters: [datadog] diff --git a/go.mod b/go.mod index 43f484ffb..ee0b9c75e 100644 --- a/go.mod +++ b/go.mod @@ -72,9 +72,12 @@ require ( github.com/Masterminds/semver v1.5.0 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect github.com/andybalholm/brotli v1.0.6 // indirect + github.com/antlr4-go/antlr/v4 v4.13.0 // indirect + github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect github.com/benbjohnson/clock v1.3.5 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/blang/semver/v4 v4.0.0 // indirect + github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect @@ -83,9 +86,11 @@ require ( github.com/ebitengine/purego v0.6.0-alpha.5 // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-errors/errors v1.4.2 // indirect + github.com/go-logr/stdr v1.2.2 // indirect github.com/go-logr/zapr v1.3.0 // indirect github.com/go-ole/go-ole v1.2.6 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect @@ -97,6 +102,7 @@ require ( github.com/golang/protobuf v1.5.4 // indirect github.com/golang/snappy v0.0.4 // indirect github.com/google/btree v1.0.1 // indirect + github.com/google/cel-go v0.20.1 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af // indirect @@ -105,6 +111,7 @@ require ( github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 // indirect github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect github.com/hashicorp/hcl v1.0.1-vault-5 // indirect github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect @@ -149,6 +156,7 @@ require ( github.com/spf13/afero v1.11.0 // indirect github.com/spf13/cast v1.6.0 // indirect github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/stoewer/go-strcase v1.2.0 // indirect github.com/stretchr/objx v0.5.2 // indirect github.com/tinylib/msgp v1.1.8 // indirect github.com/tklauser/go-sysconf v0.3.12 // indirect @@ -159,6 +167,14 @@ require ( github.com/xlab/treeprint v1.2.0 // indirect github.com/yusufpapurcu/wmi v1.2.3 // indirect go.etcd.io/bbolt v1.3.9 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect + go.opentelemetry.io/otel v1.28.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 // indirect + go.opentelemetry.io/otel/metric v1.28.0 // indirect + go.opentelemetry.io/otel/sdk v1.28.0 // indirect + go.opentelemetry.io/otel/trace v1.28.0 // indirect + go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect go.uber.org/atomic v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect @@ -180,9 +196,12 @@ require ( gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect + k8s.io/apiserver v0.31.1 // indirect + k8s.io/component-base v0.31.1 // indirect k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70 // indirect k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect modernc.org/sqlite v1.29.5 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/kustomize/api v0.17.2 // indirect sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect diff --git a/go.sum b/go.sum index 6e8170a0b..593524c07 100644 --- a/go.sum +++ b/go.sum @@ -70,9 +70,13 @@ github.com/andybalholm/brotli v1.0.6 h1:Yf9fFpf49Zrxb9NlQaluyE92/+X7UVHlhMNJN2sx github.com/andybalholm/brotli v1.0.6/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/antihax/optional v0.0.0-20180407024304-ca021399b1a6/go.mod h1:V8iCPQYkqmusNa815XgQio277wI47sdRh1dUOLdyC6Q= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/antlr4-go/antlr/v4 v4.13.0 h1:lxCg3LAv+EUK6t1i0y1V6/SLeUi0eKEKdhQAlS8TVTI= +github.com/antlr4-go/antlr/v4 v4.13.0/go.mod h1:pfChB/xh/Unjila75QW7+VU4TSnWnnk9UTnmpPaOR2g= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/benbjohnson/clock v1.3.5 h1:VvXlSJBzZpA/zum6Sj74hxwYI2DIxRWuNIoXAzHZz5o= github.com/benbjohnson/clock v1.3.5/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -83,6 +87,8 @@ github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -136,6 +142,8 @@ github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCv github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= @@ -152,8 +160,11 @@ github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2 github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= @@ -207,6 +218,8 @@ github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEW github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= +github.com/google/cel-go v0.20.1 h1:nDx9r8S3L4pE61eDdt8igGj8rf5kjYR3ILxWIpWNi84= +github.com/google/cel-go v0.20.1/go.mod h1:kWcIzTsPX0zmQ+H3TirHstLLf9ep5QTsZBN9u4dOYLg= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -247,6 +260,8 @@ github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t github.com/grpc-ecosystem/grpc-gateway v1.13.0/go.mod h1:8XEsbTttt/W+VvjtQhLACqCisSPWTxCZ7sBRjU6iH9c= github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 h1:bkypFPDjIYGfCYD5mRBvpqxfYX1YCS1PXdKYWi8FsN0= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0/go.mod h1:P+Lt/0by1T8bfcF3z737NnSbmxQAppXMRziHUxPOC8k= github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b h1:wDUNC2eKiL35DbLvsDhiblTUXHxcOPwQSCzi7xpQUN4= github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b/go.mod h1:VzxiSdG6j1pi7rwGm/xYI5RbtpBgM8sARDXlvEvxlu0= github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 h1:UpiO20jno/eV1eVZcxqWnUohyKRe1g8FPV/xH1s/2qs= @@ -457,6 +472,8 @@ github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.6.2/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfDi5k= +github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU= +github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= @@ -509,6 +526,22 @@ github.com/zorkian/go-datadog-api v2.30.0+incompatible/go.mod h1:PkXwHX9CUQa/FpB go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.9 h1:8x7aARPEXiXbHmtUwAIv7eV2fQFHrLLavdiJ3uzJXoI= go.etcd.io/bbolt v1.3.9/go.mod h1:zaO32+Ti0PK1ivdPtgMESzuzL2VPoIG1PCQNvOdo/dE= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 h1:4K4tsIXefpVJtvA/8srF4V4y0akAoPHkIslgAkjixJA= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0/go.mod h1:jjdQuTGVsXV4vSs+CJ2qYDeDPf9yIJV23qlIzBm73Vg= +go.opentelemetry.io/otel v1.28.0 h1:/SqNcYk+idO0CxKEUOtKQClMK/MimZihKYMruSMViUo= +go.opentelemetry.io/otel v1.28.0/go.mod h1:q68ijF8Fc8CnMHKyzqL6akLO46ePnjkgfIMIjUIX9z4= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 h1:3Q/xZUyC1BBkualc9ROb4G8qkH90LXEIICcs5zv1OYY= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0/go.mod h1:s75jGIWA9OfCMzF0xr+ZgfrB5FEbbV7UuYo32ahUiFI= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 h1:qFffATk0X+HD+f1Z8lswGiOQYKHRlzfmdJm0wEaVrFA= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0/go.mod h1:MOiCmryaYtc+V0Ei+Tx9o5S1ZjA7kzLucuVuyzBZloQ= +go.opentelemetry.io/otel/metric v1.28.0 h1:f0HGvSl1KRAU1DLgLGFjrwVyismPlnuU6JD6bOeuA5Q= +go.opentelemetry.io/otel/metric v1.28.0/go.mod h1:Fb1eVBFZmLVTMb6PPohq3TO9IIhUisDsbJoL/+uQW4s= +go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE= +go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg= +go.opentelemetry.io/otel/trace v1.28.0 h1:GhQ9cUuQGmNDd5BTCP2dAvv75RdMxEfTmYejp+lkx9g= +go.opentelemetry.io/otel/trace v1.28.0/go.mod h1:jPyXzNPg6da9+38HEwElrQiHlVMTnVfM3/yv2OlIHaI= +go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= +go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= @@ -747,10 +780,14 @@ k8s.io/apiextensions-apiserver v0.31.1 h1:L+hwULvXx+nvTYX/MKM3kKMZyei+UiSXQWciX/ k8s.io/apiextensions-apiserver v0.31.1/go.mod h1:tWMPR3sgW+jsl2xm9v7lAyRF1rYEK71i9G5dRtkknoQ= k8s.io/apimachinery v0.31.1 h1:mhcUBbj7KUjaVhyXILglcVjuS4nYXiwC+KKFBgIVy7U= k8s.io/apimachinery v0.31.1/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/apiserver v0.31.1 h1:Sars5ejQDCRBY5f7R3QFHdqN3s61nhkpaX8/k1iEw1c= +k8s.io/apiserver v0.31.1/go.mod h1:lzDhpeToamVZJmmFlaLwdYZwd7zB+WYRYIboqA1kGxM= k8s.io/cli-runtime v0.31.1 h1:/ZmKhmZ6hNqDM+yf9s3Y4KEYakNXUn5sod2LWGGwCuk= k8s.io/cli-runtime v0.31.1/go.mod h1:pKv1cDIaq7ehWGuXQ+A//1OIF+7DI+xudXtExMCbe9U= k8s.io/client-go v0.31.1 h1:f0ugtWSbWpxHR7sjVpQwuvw9a3ZKLXX0u0itkFXufb0= k8s.io/client-go v0.31.1/go.mod h1:sKI8871MJN2OyeqRlmA4W4KM9KBdBUpDLu/43eGemCg= +k8s.io/component-base v0.31.1 h1:UpOepcrX3rQ3ab5NB6g5iP0tvsgJWzxTyAo20sgYSy8= +k8s.io/component-base v0.31.1/go.mod h1:WGeaw7t/kTsqpVTaCoVEtillbqAhF2/JgvO0LDOMa0w= k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70 h1:NGrVE502P0s0/1hudf8zjgwki1X/TByhmAoILTarmzo= k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70/go.mod h1:VH3AT8AaQOqiGjMF9p0/IM1Dj+82ZwjfxUP1IxaHE+8= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= @@ -777,6 +814,8 @@ modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA= modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0= modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y= modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3 h1:2770sDpzrjjsAtVhSeUFseziht227YAWYHLGNM8QPwY= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= sigs.k8s.io/controller-runtime v0.19.0 h1:nWVM7aq+Il2ABxwiCizrVDSlmDcshi9llbaFbC0ji/Q= sigs.k8s.io/controller-runtime v0.19.0/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= diff --git a/hack/publish-community-bundles.sh b/hack/publish-community-bundles.sh index e9e581acf..f17a242ce 100755 --- a/hack/publish-community-bundles.sh +++ b/hack/publish-community-bundles.sh @@ -68,7 +68,7 @@ do certified-operators) ORG="redhat-openshift-ecosystem" OPERATOR_SUBPATH="datadog-operator-certified" - BUNDLE_NAME="bundle-redhat" + BUNDLE_NAME="bundle-redhat-certified" ;; redhat-marketplace-operators) ORG="redhat-openshift-ecosystem" diff --git a/internal/controller/datadogagent/common/utils.go b/internal/controller/datadogagent/common/utils.go index 91f2b8877..6cb0a9e3d 100644 --- a/internal/controller/datadogagent/common/utils.go +++ b/internal/controller/datadogagent/common/utils.go @@ -12,6 +12,7 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/DataDog/datadog-operator/pkg/utils" @@ -76,7 +77,7 @@ func GetAgentVersion(dda metav1.Object) string { // GetDefaultSeccompConfigMapName returns the default seccomp configmap name based on the DatadogAgent name func GetDefaultSeccompConfigMapName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), apicommon.SystemProbeAgentSecurityConfigMapSuffixName) + return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.SystemProbeAgentSecurityConfigMapSuffixName) } // GetAgentVersionFromImage returns the Agent version based on the AgentImageConfig @@ -120,7 +121,7 @@ const ( func GetAgentLocalServiceSelector(dda metav1.Object) map[string]string { return map[string]string{ kubernetes.AppKubernetesPartOfLabelKey: object.NewPartOfLabelValue(dda).String(), - apicommon.AgentDeploymentComponentLabelKey: v2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, } } diff --git a/internal/controller/datadogagent/common/volumes.go b/internal/controller/datadogagent/common/volumes.go index ea306af12..82b529f68 100644 --- a/internal/controller/datadogagent/common/volumes.go +++ b/internal/controller/datadogagent/common/volumes.go @@ -11,7 +11,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" ) // This file contains definitions of volumes used in the agent specs @@ -19,7 +19,7 @@ import ( // GetVolumeForConfig return the volume that contains the agent config func GetVolumeForConfig() corev1.Volume { return corev1.Volume{ - Name: apicommon.ConfigVolumeName, + Name: v2alpha1.ConfigVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -29,7 +29,7 @@ func GetVolumeForConfig() corev1.Volume { // GetVolumeForConfd return the volume that contains the agent confd config files func GetVolumeForConfd() corev1.Volume { return corev1.Volume{ - Name: apicommon.ConfdVolumeName, + Name: v2alpha1.ConfdVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -39,7 +39,7 @@ func GetVolumeForConfd() corev1.Volume { // GetVolumeForChecksd return the volume that contains the agent confd config files func GetVolumeForChecksd() corev1.Volume { return corev1.Volume{ - Name: apicommon.ChecksdVolumeName, + Name: v2alpha1.ChecksdVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -59,7 +59,7 @@ func GetVolumeForRmCorechecks() corev1.Volume { // GetVolumeForAuth return the Volume container authentication information func GetVolumeForAuth() corev1.Volume { return corev1.Volume{ - Name: apicommon.AuthVolumeName, + Name: v2alpha1.AuthVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -69,7 +69,7 @@ func GetVolumeForAuth() corev1.Volume { // GetVolumeForLogs return the Volume that should container generated logs func GetVolumeForLogs() corev1.Volume { return corev1.Volume{ - Name: apicommon.LogDatadogVolumeName, + Name: v2alpha1.LogDatadogVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -79,7 +79,7 @@ func GetVolumeForLogs() corev1.Volume { // GetVolumeInstallInfo return the Volume that should install-info file func GetVolumeInstallInfo(owner metav1.Object) corev1.Volume { return corev1.Volume{ - Name: apicommon.InstallInfoVolumeName, + Name: v2alpha1.InstallInfoVolumeName, VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ @@ -93,10 +93,10 @@ func GetVolumeInstallInfo(owner metav1.Object) corev1.Volume { // GetVolumeForProc returns the volume with /proc func GetVolumeForProc() corev1.Volume { return corev1.Volume{ - Name: apicommon.ProcdirVolumeName, + Name: v2alpha1.ProcdirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ProcdirHostPath, + Path: v2alpha1.ProcdirHostPath, }, }, } @@ -105,7 +105,7 @@ func GetVolumeForProc() corev1.Volume { // GetVolumeForCgroups returns the volume that contains the cgroup directory func GetVolumeForCgroups() corev1.Volume { return corev1.Volume{ - Name: apicommon.CgroupsVolumeName, + Name: v2alpha1.CgroupsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ Path: "/sys/fs/cgroup", @@ -117,7 +117,7 @@ func GetVolumeForCgroups() corev1.Volume { // GetVolumeForDogstatsd returns the volume with the Dogstatsd socket func GetVolumeForDogstatsd() corev1.Volume { return corev1.Volume{ - Name: apicommon.DogstatsdSocketVolumeName, + Name: v2alpha1.DogstatsdSocketVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -132,16 +132,16 @@ func GetInstallInfoConfigMapName(dda metav1.Object) string { // GetVolumeMountForConfig return the VolumeMount that contains the agent config func GetVolumeMountForConfig() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.ConfigVolumeName, - MountPath: apicommon.ConfigVolumePath, + Name: v2alpha1.ConfigVolumeName, + MountPath: v2alpha1.ConfigVolumePath, } } // GetVolumeMountForConfd return the VolumeMount that contains the agent confd config files func GetVolumeMountForConfd() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.ConfdVolumeName, - MountPath: apicommon.ConfdVolumePath, + Name: v2alpha1.ConfdVolumeName, + MountPath: v2alpha1.ConfdVolumePath, ReadOnly: true, } } @@ -149,8 +149,8 @@ func GetVolumeMountForConfd() corev1.VolumeMount { // GetVolumeMountForChecksd return the VolumeMount that contains the agent checksd config files func GetVolumeMountForChecksd() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.ChecksdVolumeName, - MountPath: apicommon.ChecksdVolumePath, + Name: v2alpha1.ChecksdVolumeName, + MountPath: v2alpha1.ChecksdVolumePath, ReadOnly: true, } } @@ -159,15 +159,15 @@ func GetVolumeMountForChecksd() corev1.VolumeMount { func GetVolumeMountForRmCorechecks() corev1.VolumeMount { return corev1.VolumeMount{ Name: "remove-corechecks", - MountPath: fmt.Sprintf("%s/%s", apicommon.ConfigVolumePath, "conf.d"), + MountPath: fmt.Sprintf("%s/%s", v2alpha1.ConfigVolumePath, "conf.d"), } } // GetVolumeMountForAuth returns the VolumeMount that contains the authentication information func GetVolumeMountForAuth(readOnly bool) corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.AuthVolumeName, - MountPath: apicommon.AuthVolumePath, + Name: v2alpha1.AuthVolumeName, + MountPath: v2alpha1.AuthVolumePath, ReadOnly: readOnly, } } @@ -175,8 +175,8 @@ func GetVolumeMountForAuth(readOnly bool) corev1.VolumeMount { // GetVolumeMountForLogs return the VolumeMount for the container generated logs func GetVolumeMountForLogs() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.LogDatadogVolumeName, - MountPath: apicommon.LogDatadogVolumePath, + Name: v2alpha1.LogDatadogVolumeName, + MountPath: v2alpha1.LogDatadogVolumePath, ReadOnly: false, } } @@ -184,7 +184,7 @@ func GetVolumeMountForLogs() corev1.VolumeMount { // GetVolumeForTmp return the Volume use for /tmp func GetVolumeForTmp() corev1.Volume { return corev1.Volume{ - Name: apicommon.TmpVolumeName, + Name: v2alpha1.TmpVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -194,8 +194,8 @@ func GetVolumeForTmp() corev1.Volume { // GetVolumeMountForTmp return the VolumeMount for /tmp func GetVolumeMountForTmp() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.TmpVolumeName, - MountPath: apicommon.TmpVolumePath, + Name: v2alpha1.TmpVolumeName, + MountPath: v2alpha1.TmpVolumePath, ReadOnly: false, } } @@ -203,7 +203,7 @@ func GetVolumeMountForTmp() corev1.VolumeMount { // GetVolumeForCertificates return the Volume use to store certificates func GetVolumeForCertificates() corev1.Volume { return corev1.Volume{ - Name: apicommon.CertificatesVolumeName, + Name: v2alpha1.CertificatesVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -213,8 +213,8 @@ func GetVolumeForCertificates() corev1.Volume { // GetVolumeMountForCertificates return the VolumeMount use to store certificates func GetVolumeMountForCertificates() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.CertificatesVolumeName, - MountPath: apicommon.CertificatesVolumePath, + Name: v2alpha1.CertificatesVolumeName, + MountPath: v2alpha1.CertificatesVolumePath, ReadOnly: false, } } @@ -222,18 +222,18 @@ func GetVolumeMountForCertificates() corev1.VolumeMount { // GetVolumeMountForInstallInfo return the VolumeMount that contains the agent install-info file func GetVolumeMountForInstallInfo() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.InstallInfoVolumeName, - MountPath: apicommon.InstallInfoVolumePath, - SubPath: apicommon.InstallInfoVolumeSubPath, - ReadOnly: apicommon.InstallInfoVolumeReadOnly, + Name: v2alpha1.InstallInfoVolumeName, + MountPath: v2alpha1.InstallInfoVolumePath, + SubPath: v2alpha1.InstallInfoVolumeSubPath, + ReadOnly: v2alpha1.InstallInfoVolumeReadOnly, } } // GetVolumeMountForProc returns the VolumeMount that contains /proc func GetVolumeMountForProc() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.ProcdirVolumeName, - MountPath: apicommon.ProcdirMountPath, + Name: v2alpha1.ProcdirVolumeName, + MountPath: v2alpha1.ProcdirMountPath, ReadOnly: true, } } @@ -241,8 +241,8 @@ func GetVolumeMountForProc() corev1.VolumeMount { // GetVolumeMountForCgroups returns the VolumeMount that contains the cgroups info func GetVolumeMountForCgroups() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.CgroupsVolumeName, - MountPath: apicommon.CgroupsMountPath, + Name: v2alpha1.CgroupsVolumeName, + MountPath: v2alpha1.CgroupsMountPath, ReadOnly: true, } } @@ -250,8 +250,8 @@ func GetVolumeMountForCgroups() corev1.VolumeMount { // GetVolumeMountForDogstatsdSocket returns the VolumeMount with the Dogstatsd socket func GetVolumeMountForDogstatsdSocket(readOnly bool) corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.DogstatsdSocketVolumeName, - MountPath: apicommon.DogstatsdSocketLocalPath, + Name: v2alpha1.DogstatsdSocketVolumeName, + MountPath: v2alpha1.DogstatsdSocketLocalPath, ReadOnly: readOnly, } } @@ -259,10 +259,10 @@ func GetVolumeMountForDogstatsdSocket(readOnly bool) corev1.VolumeMount { // GetVolumeForRuntimeSocket returns the Volume for the runtime socket func GetVolumeForRuntimeSocket() corev1.Volume { return corev1.Volume{ - Name: apicommon.CriSocketVolumeName, + Name: v2alpha1.CriSocketVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.RuntimeDirVolumePath, + Path: v2alpha1.RuntimeDirVolumePath, }, }, } @@ -271,8 +271,8 @@ func GetVolumeForRuntimeSocket() corev1.Volume { // GetVolumeMountForRuntimeSocket returns the VolumeMount with the runtime socket func GetVolumeMountForRuntimeSocket(readOnly bool) corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.CriSocketVolumeName, - MountPath: apicommon.HostCriSocketPathPrefix + apicommon.RuntimeDirVolumePath, + Name: v2alpha1.CriSocketVolumeName, + MountPath: v2alpha1.HostCriSocketPathPrefix + v2alpha1.RuntimeDirVolumePath, ReadOnly: readOnly, } } @@ -280,15 +280,15 @@ func GetVolumeMountForRuntimeSocket(readOnly bool) corev1.VolumeMount { // GetVolumeMountForSecurity returns the VolumeMount for datadog-agent-security func GetVolumeMountForSecurity() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.SeccompSecurityVolumeName, - MountPath: apicommon.SeccompSecurityVolumePath, + Name: v2alpha1.SeccompSecurityVolumeName, + MountPath: v2alpha1.SeccompSecurityVolumePath, } } // GetVolumeForSecurity returns the Volume for datadog-agent-security func GetVolumeForSecurity(owner metav1.Object) corev1.Volume { return corev1.Volume{ - Name: apicommon.SeccompSecurityVolumeName, + Name: v2alpha1.SeccompSecurityVolumeName, VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ @@ -302,18 +302,18 @@ func GetVolumeForSecurity(owner metav1.Object) corev1.Volume { // GetVolumeMountForSeccomp returns the VolumeMount for seccomp root func GetVolumeMountForSeccomp() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.SeccompRootVolumeName, - MountPath: apicommon.SeccompRootVolumePath, + Name: v2alpha1.SeccompRootVolumeName, + MountPath: v2alpha1.SeccompRootVolumePath, } } // GetVolumeForSeccomp returns the volume for seccomp root func GetVolumeForSeccomp() corev1.Volume { return corev1.Volume{ - Name: apicommon.SeccompRootVolumeName, + Name: v2alpha1.SeccompRootVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.SeccompRootPath, + Path: v2alpha1.SeccompRootPath, }, }, } diff --git a/internal/controller/datadogagent/component/agent/default.go b/internal/controller/datadogagent/component/agent/default.go index e16a9bb01..3eaa40fd4 100644 --- a/internal/controller/datadogagent/component/agent/default.go +++ b/internal/controller/datadogagent/component/agent/default.go @@ -18,6 +18,7 @@ import ( componentdca "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/clusteragent" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils" "github.com/DataDog/datadog-operator/pkg/defaulting" @@ -28,7 +29,7 @@ import ( // NewDefaultAgentDaemonset return a new default agent DaemonSet func NewDefaultAgentDaemonset(dda metav1.Object, edsOptions *ExtendedDaemonsetOptions, agentComponent feature.RequiredComponent) *appsv1.DaemonSet { - daemonset := NewDaemonset(dda, edsOptions, v2alpha1.DefaultAgentResourceSuffix, GetAgentName(dda), common.GetAgentVersion(dda), nil) + daemonset := NewDaemonset(dda, edsOptions, constants.DefaultAgentResourceSuffix, GetAgentName(dda), common.GetAgentVersion(dda), nil) podTemplate := NewDefaultAgentPodTemplateSpec(dda, agentComponent, daemonset.GetLabels()) daemonset.Spec.Template = *podTemplate return daemonset @@ -36,7 +37,7 @@ func NewDefaultAgentDaemonset(dda metav1.Object, edsOptions *ExtendedDaemonsetOp // NewDefaultAgentExtendedDaemonset return a new default agent DaemonSet func NewDefaultAgentExtendedDaemonset(dda metav1.Object, edsOptions *ExtendedDaemonsetOptions, agentComponent feature.RequiredComponent) *edsv1alpha1.ExtendedDaemonSet { - edsDaemonset := NewExtendedDaemonset(dda, edsOptions, v2alpha1.DefaultAgentResourceSuffix, GetAgentName(dda), common.GetAgentVersion(dda), nil) + edsDaemonset := NewExtendedDaemonset(dda, edsOptions, constants.DefaultAgentResourceSuffix, GetAgentName(dda), common.GetAgentVersion(dda), nil) edsDaemonset.Spec.Template = *NewDefaultAgentPodTemplateSpec(dda, agentComponent, edsDaemonset.GetLabels()) return edsDaemonset } @@ -88,22 +89,28 @@ func DefaultCapabilitiesForSystemProbe() []corev1.Capability { // GetAgentName return the Agent name based on the DatadogAgent info func GetAgentName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultAgentResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultAgentResourceSuffix) } // GetAgentRoleName returns the name of the role for the Agent func GetAgentRoleName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultAgentResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultAgentResourceSuffix) } func getDefaultServiceAccountName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultAgentResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultAgentResourceSuffix) } func agentImage() string { return fmt.Sprintf("%s/%s:%s", v2alpha1.DefaultImageRegistry, v2alpha1.DefaultAgentImageName, defaulting.AgentLatestVersion) } +func otelAgentImage() string { + // todo(mackjmr): make this dynamic once we have otel agent image which releases with regular agent. + return fmt.Sprintf("%s:%s", defaulting.AgentDevImageName, defaulting.OTelAgentNightlyTag) + +} + func initContainers(dda metav1.Object, requiredContainers []apicommon.AgentContainerName) []corev1.Container { initContainers := []corev1.Container{ initVolumeContainer(), @@ -124,9 +131,9 @@ func agentSingleContainer(dda metav1.Object) []corev1.Container { Image: agentImage(), Env: envVarsForCoreAgent(dda), VolumeMounts: volumeMountsForCoreAgent(), - LivenessProbe: v2alpha1.GetDefaultLivenessProbe(), - ReadinessProbe: v2alpha1.GetDefaultReadinessProbe(), - StartupProbe: v2alpha1.GetDefaultStartupProbe(), + LivenessProbe: constants.GetDefaultLivenessProbe(), + ReadinessProbe: constants.GetDefaultReadinessProbe(), + StartupProbe: constants.GetDefaultStartupProbe(), } containers := []corev1.Container{ @@ -168,9 +175,9 @@ func coreAgentContainer(dda metav1.Object) corev1.Container { Command: []string{"agent", "run"}, Env: envVarsForCoreAgent(dda), VolumeMounts: volumeMountsForCoreAgent(), - LivenessProbe: v2alpha1.GetDefaultLivenessProbe(), - ReadinessProbe: v2alpha1.GetDefaultReadinessProbe(), - StartupProbe: v2alpha1.GetDefaultStartupProbe(), + LivenessProbe: constants.GetDefaultLivenessProbe(), + ReadinessProbe: constants.GetDefaultReadinessProbe(), + StartupProbe: constants.GetDefaultStartupProbe(), } } @@ -180,11 +187,11 @@ func traceAgentContainer(dda metav1.Object) corev1.Container { Image: agentImage(), Command: []string{ "trace-agent", - fmt.Sprintf("--config=%s", apicommon.AgentCustomConfigVolumePath), + fmt.Sprintf("--config=%s", v2alpha1.AgentCustomConfigVolumePath), }, Env: envVarsForTraceAgent(dda), VolumeMounts: volumeMountsForTraceAgent(), - LivenessProbe: v2alpha1.GetDefaultTraceAgentProbe(), + LivenessProbe: constants.GetDefaultTraceAgentProbe(), } } @@ -193,33 +200,38 @@ func processAgentContainer(dda metav1.Object) corev1.Container { Name: string(apicommon.ProcessAgentContainerName), Image: agentImage(), Command: []string{ - "process-agent", fmt.Sprintf("--config=%s", apicommon.AgentCustomConfigVolumePath), - fmt.Sprintf("--sysprobe-config=%s", apicommon.SystemProbeConfigVolumePath), + "process-agent", fmt.Sprintf("--config=%s", v2alpha1.AgentCustomConfigVolumePath), + fmt.Sprintf("--sysprobe-config=%s", v2alpha1.SystemProbeConfigVolumePath), }, Env: commonEnvVars(dda), VolumeMounts: volumeMountsForProcessAgent(), } } -func otelAgentContainer(dda metav1.Object) corev1.Container { +func otelAgentContainer(_ metav1.Object) corev1.Container { return corev1.Container{ Name: string(apicommon.OtelAgent), - Image: agentImage(), + Image: otelAgentImage(), Command: []string{ - "/otel-agent", - fmt.Sprintf("--config=%s", apicommon.OtelCustomConfigVolumePath), + "otel-agent", + "--config=" + v2alpha1.OtelCustomConfigVolumePath, + "--core-config=" + v2alpha1.AgentCustomConfigVolumePath, + "--sync-delay=30s", }, - Env: envVarsForOtelAgent(dda), + Env: []corev1.EnvVar{}, VolumeMounts: volumeMountsForOtelAgent(), + // todo(mackjmr): remove once support for annotations is removed. + // the otel-agent feature adds these ports if none are supplied by + // the user. Ports: []corev1.ContainerPort{ { - Name: "grpc", + Name: "otel-grpc", ContainerPort: 4317, HostPort: 4317, Protocol: corev1.ProtocolTCP, }, { - Name: "http", + Name: "otel-http", ContainerPort: 4318, HostPort: 4318, Protocol: corev1.ProtocolTCP, @@ -234,7 +246,7 @@ func securityAgentContainer(dda metav1.Object) corev1.Container { Image: agentImage(), Command: []string{ "security-agent", - "start", fmt.Sprintf("-c=%s", apicommon.AgentCustomConfigVolumePath), + "start", fmt.Sprintf("-c=%s", v2alpha1.AgentCustomConfigVolumePath), }, Env: envVarsForSecurityAgent(dda), VolumeMounts: volumeMountsForSecurityAgent(), @@ -247,14 +259,14 @@ func systemProbeContainer(dda metav1.Object) corev1.Container { Image: agentImage(), Command: []string{ "system-probe", - fmt.Sprintf("--config=%s", apicommon.SystemProbeConfigVolumePath), + fmt.Sprintf("--config=%s", v2alpha1.SystemProbeConfigVolumePath), }, Env: commonEnvVars(dda), VolumeMounts: volumeMountsForSystemProbe(), SecurityContext: &corev1.SecurityContext{ SeccompProfile: &corev1.SeccompProfile{ Type: corev1.SeccompProfileTypeLocalhost, - LocalhostProfile: apiutils.NewStringPointer(apicommon.SystemProbeSeccompProfileName), + LocalhostProfile: apiutils.NewStringPointer(v2alpha1.SystemProbeSeccompProfileName), }, }, } @@ -267,12 +279,12 @@ func agentDataPlaneContainer(dda metav1.Object) corev1.Container { Command: []string{ "agent-data-plane", "run", - fmt.Sprintf("--config=%s", apicommon.AgentCustomConfigVolumePath), + fmt.Sprintf("--config=%s", v2alpha1.AgentCustomConfigVolumePath), }, Env: commonEnvVars(dda), VolumeMounts: volumeMountsForAgentDataPlane(), - LivenessProbe: v2alpha1.GetDefaultAgentDataPlaneLivenessProbe(), - ReadinessProbe: v2alpha1.GetDefaultAgentDataPlaneReadinessProbe(), + LivenessProbe: constants.GetDefaultAgentDataPlaneLivenessProbe(), + ReadinessProbe: constants.GetDefaultAgentDataPlaneReadinessProbe(), } } @@ -284,7 +296,7 @@ func initVolumeContainer() corev1.Container { Args: []string{"cp -vnr /etc/datadog-agent /opt"}, VolumeMounts: []corev1.VolumeMount{ { - Name: apicommon.ConfigVolumeName, + Name: v2alpha1.ConfigVolumeName, MountPath: "/opt/datadog-agent", }, }, @@ -310,8 +322,8 @@ func initSeccompSetupContainer() corev1.Container { Image: agentImage(), Command: []string{ "cp", - fmt.Sprintf("%s/%s", apicommon.SeccompSecurityVolumePath, apicommon.SystemProbeSeccompKey), - fmt.Sprintf("%s/%s", apicommon.SeccompRootVolumePath, apicommon.SystemProbeSeccompProfileName), + fmt.Sprintf("%s/%s", v2alpha1.SeccompSecurityVolumePath, v2alpha1.SystemProbeSeccompKey), + fmt.Sprintf("%s/%s", v2alpha1.SeccompRootVolumePath, v2alpha1.SystemProbeSeccompProfileName), }, VolumeMounts: volumeMountsForSeccompSetup(), } @@ -320,26 +332,26 @@ func initSeccompSetupContainer() corev1.Container { func commonEnvVars(dda metav1.Object) []corev1.EnvVar { return []corev1.EnvVar{ { - Name: apicommon.KubernetesEnvVar, + Name: v2alpha1.KubernetesEnvVar, Value: "yes", }, { - Name: apicommon.DDClusterAgentEnabled, + Name: v2alpha1.DDClusterAgentEnabled, Value: strconv.FormatBool(true), }, { - Name: apicommon.DDClusterAgentKubeServiceName, + Name: v2alpha1.DDClusterAgentKubeServiceName, Value: componentdca.GetClusterAgentServiceName(dda), }, { - Name: apicommon.DDClusterAgentTokenName, + Name: v2alpha1.DDClusterAgentTokenName, Value: v2alpha1.GetDefaultDCATokenSecretName(dda), }, { - Name: apicommon.DDKubeletHost, + Name: v2alpha1.DDKubeletHost, ValueFrom: &corev1.EnvVarSource{ FieldRef: &corev1.ObjectFieldSelector{ - FieldPath: apicommon.FieldPathStatusHostIP, + FieldPath: v2alpha1.FieldPathStatusHostIP, }, }, }, @@ -349,18 +361,18 @@ func commonEnvVars(dda metav1.Object) []corev1.EnvVar { func envVarsForCoreAgent(dda metav1.Object) []corev1.EnvVar { envs := []corev1.EnvVar{ { - Name: apicommon.DDHealthPort, - Value: strconv.Itoa(int(v2alpha1.DefaultAgentHealthPort)), + Name: v2alpha1.DDHealthPort, + Value: strconv.Itoa(int(constants.DefaultAgentHealthPort)), }, { - Name: apicommon.DDLeaderElection, - Value: apicommon.EnvVarTrueValue, + Name: v2alpha1.DDLeaderElection, + Value: "true", }, { // we want to default it in 7.49.0 // but in 7.50.0 it will be already defaulted in the agent process. - Name: apicommon.DDContainerImageEnabled, - Value: apicommon.EnvVarTrueValue, + Name: v2alpha1.DDContainerImageEnabled, + Value: "true", }, } @@ -370,15 +382,15 @@ func envVarsForCoreAgent(dda metav1.Object) []corev1.EnvVar { func envVarsForTraceAgent(dda metav1.Object) []corev1.EnvVar { envs := []corev1.EnvVar{ { - Name: apicommon.DDAPMInstrumentationInstallId, + Name: v2alpha1.DDAPMInstrumentationInstallId, Value: utils.GetDatadogAgentResourceUID(dda), }, { - Name: apicommon.DDAPMInstrumentationInstallTime, + Name: v2alpha1.DDAPMInstrumentationInstallTime, Value: utils.GetDatadogAgentResourceCreationTime(dda), }, { - Name: apicommon.DDAPMInstrumentationInstallType, + Name: v2alpha1.DDAPMInstrumentationInstallType, Value: common.DefaultAgentInstallType, }, } @@ -390,21 +402,13 @@ func envVarsForSecurityAgent(dda metav1.Object) []corev1.EnvVar { envs := []corev1.EnvVar{ { Name: "HOST_ROOT", - Value: apicommon.HostRootMountPath, + Value: v2alpha1.HostRootMountPath, }, } return append(envs, commonEnvVars(dda)...) } -func envVarsForOtelAgent(dda metav1.Object) []corev1.EnvVar { - envs := []corev1.EnvVar{ - // TODO: add additional env vars here - } - - return append(envs, commonEnvVars(dda)...) -} - func volumeMountsForInitConfig() []corev1.VolumeMount { return []corev1.VolumeMount{ common.GetVolumeMountForLogs(), @@ -507,13 +511,9 @@ func volumeMountsForSeccompSetup() []corev1.VolumeMount { func volumeMountsForOtelAgent() []corev1.VolumeMount { return []corev1.VolumeMount{ - // TODO: add/remove volume mounts common.GetVolumeMountForLogs(), - common.GetVolumeMountForAuth(true), common.GetVolumeMountForConfig(), - common.GetVolumeMountForDogstatsdSocket(false), - common.GetVolumeMountForRuntimeSocket(true), - common.GetVolumeMountForProc(), + common.GetVolumeMountForAuth(true), } } diff --git a/internal/controller/datadogagent/component/clusteragent/default.go b/internal/controller/datadogagent/component/clusteragent/default.go index 73503a86e..3bf1a8347 100644 --- a/internal/controller/datadogagent/component/clusteragent/default.go +++ b/internal/controller/datadogagent/component/clusteragent/default.go @@ -19,23 +19,24 @@ import ( apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/common" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils" "github.com/DataDog/datadog-operator/pkg/defaulting" ) // GetClusterAgentServiceName return the Cluster-Agent service name based on the DatadogAgent name func GetClusterAgentServiceName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultClusterAgentResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultClusterAgentResourceSuffix) } // GetClusterAgentPodDisruptionBudgetName return the Cluster-Agent PodDisruptionBudget name based on the DatadogAgent name func GetClusterAgentPodDisruptionBudgetName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s-pdb", dda.GetName(), v2alpha1.DefaultClusterAgentResourceSuffix) + return fmt.Sprintf("%s-%s-pdb", dda.GetName(), constants.DefaultClusterAgentResourceSuffix) } // GetClusterAgentName return the Cluster-Agent name based on the DatadogAgent name func GetClusterAgentName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultClusterAgentResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultClusterAgentResourceSuffix) } // GetClusterAgentVersion return the Cluster-Agent version based on the DatadogAgent info @@ -46,17 +47,17 @@ func GetClusterAgentVersion(dda metav1.Object) string { // GetClusterAgentRbacResourcesName return the Cluster-Agent RBAC resource name func GetClusterAgentRbacResourcesName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultClusterAgentResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultClusterAgentResourceSuffix) } // getDefaultServiceAccountName return the default Cluster-Agent ServiceAccountName func getDefaultServiceAccountName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultClusterAgentResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultClusterAgentResourceSuffix) } // NewDefaultClusterAgentDeployment return a new default cluster-agent deployment func NewDefaultClusterAgentDeployment(dda metav1.Object) *appsv1.Deployment { - deployment := common.NewDeployment(dda, v2alpha1.DefaultClusterAgentResourceSuffix, GetClusterAgentName(dda), GetClusterAgentVersion(dda), nil) + deployment := common.NewDeployment(dda, constants.DefaultClusterAgentResourceSuffix, GetClusterAgentName(dda), GetClusterAgentVersion(dda), nil) podTemplate := NewDefaultClusterAgentPodTemplateSpec(dda) for key, val := range deployment.GetLabels() { podTemplate.Labels[key] = val @@ -126,9 +127,9 @@ func defaultPodSpec(dda metav1.Object, volumes []corev1.Volume, volumeMounts []c }, Env: envVars, VolumeMounts: volumeMounts, - LivenessProbe: v2alpha1.GetDefaultLivenessProbe(), - ReadinessProbe: v2alpha1.GetDefaultReadinessProbe(), - StartupProbe: v2alpha1.GetDefaultStartupProbe(), + LivenessProbe: constants.GetDefaultLivenessProbe(), + ReadinessProbe: constants.GetDefaultReadinessProbe(), + StartupProbe: constants.GetDefaultStartupProbe(), Command: nil, Args: nil, SecurityContext: &corev1.SecurityContext{ @@ -151,7 +152,7 @@ func defaultPodSpec(dda metav1.Object, volumes []corev1.Volume, volumeMounts []c func defaultEnvVars(dda metav1.Object) []corev1.EnvVar { envVars := []corev1.EnvVar{ { - Name: apicommon.DDPodName, + Name: v2alpha1.DDPodName, ValueFrom: &corev1.EnvVarSource{ FieldRef: &corev1.ObjectFieldSelector{ FieldPath: "metadata.name", @@ -159,36 +160,36 @@ func defaultEnvVars(dda metav1.Object) []corev1.EnvVar { }, }, { - Name: apicommon.DDClusterAgentKubeServiceName, + Name: v2alpha1.DDClusterAgentKubeServiceName, Value: GetClusterAgentServiceName(dda), }, { - Name: apicommon.DDKubeResourcesNamespace, + Name: v2alpha1.DDKubeResourcesNamespace, Value: utils.GetDatadogAgentResourceNamespace(dda), }, { - Name: apicommon.DDLeaderElection, + Name: v2alpha1.DDLeaderElection, Value: "true", }, { - Name: apicommon.DDHealthPort, - Value: strconv.Itoa(int(v2alpha1.DefaultAgentHealthPort)), + Name: v2alpha1.DDHealthPort, + Value: strconv.Itoa(int(constants.DefaultAgentHealthPort)), }, { - Name: apicommon.DDAPMInstrumentationInstallId, + Name: v2alpha1.DDAPMInstrumentationInstallId, Value: utils.GetDatadogAgentResourceUID(dda), }, { - Name: apicommon.DDAPMInstrumentationInstallTime, + Name: v2alpha1.DDAPMInstrumentationInstallTime, Value: utils.GetDatadogAgentResourceCreationTime(dda), }, { - Name: apicommon.DDAPMInstrumentationInstallType, + Name: v2alpha1.DDAPMInstrumentationInstallType, Value: common.DefaultAgentInstallType, }, { - Name: apicommon.DDAuthTokenFilePath, - Value: filepath.Join(apicommon.AuthVolumePath, "token"), + Name: v2alpha1.DDAuthTokenFilePath, + Value: filepath.Join(v2alpha1.AuthVolumePath, "token"), }, } @@ -207,7 +208,7 @@ func DefaultAffinity() *corev1.Affinity { PodAffinityTerm: corev1.PodAffinityTerm{ LabelSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: v2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, }, }, TopologyKey: "kubernetes.io/hostname", diff --git a/internal/controller/datadogagent/component/clusteragent/default_test.go b/internal/controller/datadogagent/component/clusteragent/default_test.go index 567fb7d09..d208c71c7 100644 --- a/internal/controller/datadogagent/component/clusteragent/default_test.go +++ b/internal/controller/datadogagent/component/clusteragent/default_test.go @@ -9,11 +9,13 @@ import ( datadoghqv2alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/common" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/defaulting" "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/stretchr/testify/assert" corev1 "k8s.io/api/core/v1" + policyv1 "k8s.io/api/policy/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" ) @@ -46,7 +48,7 @@ func Test_getPodDisruptionBudget(t *testing.T) { Namespace: "some-namespace", }, } - testpdb := GetClusterAgentPodDisruptionBudget(&dda) + testpdb := GetClusterAgentPodDisruptionBudget(&dda, false).(*policyv1.PodDisruptionBudget) assert.Equal(t, "my-datadog-agent-cluster-agent-pdb", testpdb.Name) assert.Equal(t, intstr.FromInt(pdbMinAvailableInstances), *testpdb.Spec.MinAvailable) assert.Nil(t, testpdb.Spec.MaxUnavailable) @@ -221,7 +223,7 @@ func clusterAgentDefaultEnvVars(dda *datadoghqv2alpha1.DatadogAgent) []corev1.En }, { Name: "DD_CLUSTER_AGENT_KUBERNETES_SERVICE_NAME", - Value: fmt.Sprintf("%s-%s", testDdaName, datadoghqv2alpha1.DefaultClusterAgentResourceSuffix), + Value: fmt.Sprintf("%s-%s", testDdaName, constants.DefaultClusterAgentResourceSuffix), }, { Name: "DD_LEADER_ELECTION", diff --git a/internal/controller/datadogagent/component/clusteragent/utils.go b/internal/controller/datadogagent/component/clusteragent/utils.go index b608c621c..eefeb2a24 100644 --- a/internal/controller/datadogagent/component/clusteragent/utils.go +++ b/internal/controller/datadogagent/component/clusteragent/utils.go @@ -13,9 +13,12 @@ import ( "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" + "sigs.k8s.io/controller-runtime/pkg/client" + "github.com/DataDog/datadog-operator/pkg/constants" corev1 "k8s.io/api/core/v1" policyv1 "k8s.io/api/policy/v1" + policyv1beta1 "k8s.io/api/policy/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/apimachinery/pkg/version" @@ -27,7 +30,7 @@ const ( // GetClusterAgentService returns the Cluster-Agent service func GetClusterAgentService(dda metav1.Object) *corev1.Service { - labels := object.GetDefaultLabels(dda, v2alpha1.DefaultClusterAgentResourceSuffix, GetClusterAgentVersion(dda)) + labels := object.GetDefaultLabels(dda, constants.DefaultClusterAgentResourceSuffix, GetClusterAgentVersion(dda)) annotations := object.GetDefaultAnnotations(dda) service := &corev1.Service{ @@ -41,7 +44,7 @@ func GetClusterAgentService(dda metav1.Object) *corev1.Service { Type: corev1.ServiceTypeClusterIP, Selector: map[string]string{ apicommon.AgentDeploymentNameLabelKey: dda.GetName(), - apicommon.AgentDeploymentComponentLabelKey: v2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, }, Ports: []corev1.ServicePort{ { @@ -58,13 +61,27 @@ func GetClusterAgentService(dda metav1.Object) *corev1.Service { return service } -func GetClusterAgentPodDisruptionBudget(dda metav1.Object) *policyv1.PodDisruptionBudget { +func GetClusterAgentPodDisruptionBudget(dda metav1.Object, useV1BetaPDB bool) client.Object { // labels and annotations minAvailableStr := intstr.FromInt(pdbMinAvailableInstances) matchLabels := map[string]string{ apicommon.AgentDeploymentNameLabelKey: dda.GetName(), - apicommon.AgentDeploymentComponentLabelKey: v2alpha1.DefaultClusterAgentResourceSuffix} - pdb := &policyv1.PodDisruptionBudget{ + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix} + if useV1BetaPDB { + return &policyv1beta1.PodDisruptionBudget{ + ObjectMeta: metav1.ObjectMeta{ + Name: GetClusterAgentPodDisruptionBudgetName(dda), + Namespace: dda.GetNamespace(), + }, + Spec: policyv1beta1.PodDisruptionBudgetSpec{ + MinAvailable: &minAvailableStr, + Selector: &metav1.LabelSelector{ + MatchLabels: matchLabels, + }, + }, + } + } + return &policyv1.PodDisruptionBudget{ ObjectMeta: metav1.ObjectMeta{ Name: GetClusterAgentPodDisruptionBudgetName(dda), Namespace: dda.GetNamespace(), @@ -76,7 +93,6 @@ func GetClusterAgentPodDisruptionBudget(dda metav1.Object) *policyv1.PodDisrupti }, }, } - return pdb } // GetMetricsServerServiceName returns the external metrics provider service name @@ -86,7 +102,7 @@ func GetMetricsServerServiceName(dda metav1.Object) string { // GetMetricsServerAPIServiceName returns the external metrics provider apiservice name func GetMetricsServerAPIServiceName() string { - return apicommon.ExternalMetricsAPIServiceName + return v2alpha1.ExternalMetricsAPIServiceName } // GetDefaultExternalMetricSecretName returns the external metrics provider secret name diff --git a/internal/controller/datadogagent/component/clusterchecksrunner/default.go b/internal/controller/datadogagent/component/clusterchecksrunner/default.go index f554834db..58287c260 100644 --- a/internal/controller/datadogagent/component/clusterchecksrunner/default.go +++ b/internal/controller/datadogagent/component/clusterchecksrunner/default.go @@ -12,14 +12,17 @@ import ( appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" policyv1 "k8s.io/api/policy/v1" + policyv1beta1 "k8s.io/api/policy/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" + "sigs.k8s.io/controller-runtime/pkg/client" apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/common" componentdca "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/clusteragent" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/defaulting" ) @@ -29,12 +32,12 @@ const ( // GetClusterChecksRunnerName return the Cluster-Checks-Runner name based on the DatadogAgent name func GetClusterChecksRunnerName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultClusterChecksRunnerResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultClusterChecksRunnerResourceSuffix) } // NewDefaultClusterChecksRunnerDeployment return a new default cluster-checks-runner deployment func NewDefaultClusterChecksRunnerDeployment(dda metav1.Object) *appsv1.Deployment { - deployment := common.NewDeployment(dda, v2alpha1.DefaultClusterChecksRunnerResourceSuffix, GetClusterChecksRunnerName(dda), common.GetAgentVersion(dda), nil) + deployment := common.NewDeployment(dda, constants.DefaultClusterChecksRunnerResourceSuffix, GetClusterChecksRunnerName(dda), common.GetAgentVersion(dda), nil) podTemplate := NewDefaultClusterChecksRunnerPodTemplateSpec(dda) for key, val := range deployment.GetLabels() { @@ -89,15 +92,29 @@ func NewDefaultClusterChecksRunnerPodTemplateSpec(dda metav1.Object) *corev1.Pod } func GetClusterChecksRunnerPodDisruptionBudgetName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s-pdb", dda.GetName(), v2alpha1.DefaultClusterChecksRunnerResourceSuffix) + return fmt.Sprintf("%s-%s-pdb", dda.GetName(), constants.DefaultClusterChecksRunnerResourceSuffix) } -func GetClusterChecksRunnerPodDisruptionBudget(dda metav1.Object) *policyv1.PodDisruptionBudget { +func GetClusterChecksRunnerPodDisruptionBudget(dda metav1.Object, useV1BetaPDB bool) client.Object { maxUnavailableStr := intstr.FromInt(pdbMaxUnavailableInstances) matchLabels := map[string]string{ apicommon.AgentDeploymentNameLabelKey: dda.GetName(), - apicommon.AgentDeploymentComponentLabelKey: v2alpha1.DefaultClusterChecksRunnerResourceSuffix} - pdb := &policyv1.PodDisruptionBudget{ + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterChecksRunnerResourceSuffix} + if useV1BetaPDB { + return &policyv1beta1.PodDisruptionBudget{ + ObjectMeta: metav1.ObjectMeta{ + Name: GetClusterChecksRunnerPodDisruptionBudgetName(dda), + Namespace: dda.GetNamespace(), + }, + Spec: policyv1beta1.PodDisruptionBudgetSpec{ + MaxUnavailable: &maxUnavailableStr, + Selector: &metav1.LabelSelector{ + MatchLabels: matchLabels, + }, + }, + } + } + return &policyv1.PodDisruptionBudget{ ObjectMeta: metav1.ObjectMeta{ Name: GetClusterChecksRunnerPodDisruptionBudgetName(dda), Namespace: dda.GetNamespace(), @@ -109,12 +126,11 @@ func GetClusterChecksRunnerPodDisruptionBudget(dda metav1.Object) *policyv1.PodD }, }, } - return pdb } // getDefaultServiceAccountName return the default Cluster-Agent ServiceAccountName func getDefaultServiceAccountName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultClusterChecksRunnerResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultClusterChecksRunnerResourceSuffix) } func clusterChecksRunnerImage() string { @@ -145,9 +161,9 @@ func defaultPodSpec(dda metav1.Object, volumes []corev1.Volume, volumeMounts []c Args: []string{ "agent run", }, - LivenessProbe: v2alpha1.GetDefaultLivenessProbe(), - ReadinessProbe: v2alpha1.GetDefaultReadinessProbe(), - StartupProbe: v2alpha1.GetDefaultStartupProbe(), + LivenessProbe: constants.GetDefaultLivenessProbe(), + ReadinessProbe: constants.GetDefaultReadinessProbe(), + StartupProbe: constants.GetDefaultStartupProbe(), SecurityContext: &corev1.SecurityContext{ ReadOnlyRootFilesystem: apiutils.NewBoolPointer(true), AllowPrivilegeEscalation: apiutils.NewBoolPointer(false), @@ -167,70 +183,70 @@ func defaultPodSpec(dda metav1.Object, volumes []corev1.Volume, volumeMounts []c func defaultEnvVars(dda metav1.Object) []corev1.EnvVar { envVars := []corev1.EnvVar{ { - Name: apicommon.DDClusterAgentKubeServiceName, + Name: v2alpha1.DDClusterAgentKubeServiceName, Value: componentdca.GetClusterAgentServiceName(dda), }, { - Name: apicommon.DDClusterAgentEnabled, + Name: v2alpha1.DDClusterAgentEnabled, Value: "true", }, { - Name: apicommon.DDHealthPort, - Value: strconv.Itoa(int(v2alpha1.DefaultAgentHealthPort)), + Name: v2alpha1.DDHealthPort, + Value: strconv.Itoa(int(constants.DefaultAgentHealthPort)), }, { - Name: apicommon.KubernetesEnvVar, + Name: v2alpha1.KubernetesEnvVar, Value: "yes", }, { - Name: apicommon.DDEnableMetadataCollection, + Name: v2alpha1.DDEnableMetadataCollection, Value: "false", }, { - Name: apicommon.DDClcRunnerEnabled, + Name: v2alpha1.DDClcRunnerEnabled, Value: "true", }, { - Name: apicommon.DDClcRunnerHost, + Name: v2alpha1.DDClcRunnerHost, ValueFrom: &corev1.EnvVarSource{ FieldRef: &corev1.ObjectFieldSelector{ - FieldPath: apicommon.FieldPathStatusPodIP, + FieldPath: v2alpha1.FieldPathStatusPodIP, }, }, }, { - Name: apicommon.DDClcRunnerID, + Name: v2alpha1.DDClcRunnerID, ValueFrom: &corev1.EnvVarSource{ FieldRef: &corev1.ObjectFieldSelector{ - FieldPath: apicommon.FieldPathMetaName, + FieldPath: v2alpha1.FieldPathMetaName, }, }, }, { - Name: apicommon.DDDogstatsdEnabled, + Name: v2alpha1.DDDogstatsdEnabled, Value: "false", }, { - Name: apicommon.DDProcessCollectionEnabled, + Name: v2alpha1.DDProcessCollectionEnabled, Value: "false", }, { - Name: apicommon.DDContainerCollectionEnabled, + Name: v2alpha1.DDContainerCollectionEnabled, Value: "true", }, { - Name: apicommon.DDLogsEnabled, + Name: v2alpha1.DDLogsEnabled, Value: "false", }, { - Name: apicommon.DDAPMEnabled, + Name: v2alpha1.DDAPMEnabled, Value: "false", }, { - Name: apicommon.DDHostname, + Name: v2alpha1.DDHostname, ValueFrom: &corev1.EnvVarSource{ FieldRef: &corev1.ObjectFieldSelector{ - FieldPath: apicommon.FieldPathSpecNodeName, + FieldPath: v2alpha1.FieldPathSpecNodeName, }, }, }, @@ -251,7 +267,7 @@ func DefaultAffinity() *corev1.Affinity { PodAffinityTerm: corev1.PodAffinityTerm{ LabelSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: v2alpha1.DefaultClusterChecksRunnerResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterChecksRunnerResourceSuffix, }, }, TopologyKey: "kubernetes.io/hostname", diff --git a/internal/controller/datadogagent/component/clusterchecksrunner/default_test.go b/internal/controller/datadogagent/component/clusterchecksrunner/default_test.go index eb1177de9..0b43ec1cc 100644 --- a/internal/controller/datadogagent/component/clusterchecksrunner/default_test.go +++ b/internal/controller/datadogagent/component/clusterchecksrunner/default_test.go @@ -10,6 +10,7 @@ import ( "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/stretchr/testify/assert" + policyv1 "k8s.io/api/policy/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" ) @@ -32,7 +33,7 @@ func Test_getPodDisruptionBudget(t *testing.T) { Namespace: "some-namespace", }, } - testpdb := GetClusterChecksRunnerPodDisruptionBudget(&dda) + testpdb := GetClusterChecksRunnerPodDisruptionBudget(&dda, false).(*policyv1.PodDisruptionBudget) assert.Equal(t, "my-datadog-agent-cluster-checks-runner-pdb", testpdb.Name) assert.Equal(t, intstr.FromInt(pdbMaxUnavailableInstances), *testpdb.Spec.MaxUnavailable) assert.Nil(t, testpdb.Spec.MinAvailable) diff --git a/internal/controller/datadogagent/controller.go b/internal/controller/datadogagent/controller.go index d498e6bef..7c29bdd31 100644 --- a/internal/controller/datadogagent/controller.go +++ b/internal/controller/datadogagent/controller.go @@ -42,6 +42,7 @@ import ( _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/npm" _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/oomkill" _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/orchestratorexplorer" + _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/otelcollector" _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/otlp" _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/processdiscovery" _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/prometheusscrape" @@ -63,7 +64,6 @@ type ReconcilerOptions struct { OperatorMetricsEnabled bool IntrospectionEnabled bool DatadogAgentProfileEnabled bool - OtelAgentEnabled bool } // Reconciler is the internal reconciler for Datadog Agent @@ -107,7 +107,6 @@ func reconcilerOptionsToFeatureOptions(opts *ReconcilerOptions, logger logr.Logg return &feature.Options{ SupportExtendedDaemonset: opts.ExtendedDaemonsetOptions.Enabled, Logger: logger, - OtelAgentEnabled: opts.OtelAgentEnabled, } } diff --git a/internal/controller/datadogagent/controller_reconcile_agent.go b/internal/controller/datadogagent/controller_reconcile_agent.go index 26b856673..54fcdb42d 100644 --- a/internal/controller/datadogagent/controller_reconcile_agent.go +++ b/internal/controller/datadogagent/controller_reconcile_agent.go @@ -17,6 +17,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/override" "github.com/DataDog/datadog-operator/pkg/agentprofile" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/datadog" "github.com/DataDog/datadog-operator/pkg/kubernetes" edsv1alpha1 "github.com/DataDog/extendeddaemonset/api/v1alpha1" @@ -92,7 +93,7 @@ func (r *Reconciler) reconcileV2Agent(logger logr.Logger, requiredComponents fea overrideFromProvider := kubernetes.ComponentOverrideFromProvider(overrideName, provider, providerList) componentOverrides = append(componentOverrides, &overrideFromProvider) } else { - eds.Labels[apicommon.MD5AgentDeploymentProviderLabelKey] = kubernetes.LegacyProvider + eds.Labels[datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey] = kubernetes.LegacyProvider } for _, componentOverride := range componentOverrides { @@ -167,7 +168,7 @@ func (r *Reconciler) reconcileV2Agent(logger logr.Logger, requiredComponents fea overrideFromProvider := kubernetes.ComponentOverrideFromProvider(overrideName, provider, providerList) componentOverrides = append(componentOverrides, &overrideFromProvider) } else { - daemonset.Labels[apicommon.MD5AgentDeploymentProviderLabelKey] = kubernetes.LegacyProvider + daemonset.Labels[datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey] = kubernetes.LegacyProvider } for _, componentOverride := range componentOverrides { @@ -347,7 +348,7 @@ func (r *Reconciler) cleanupPodsForProfilesThatNoLongerApply(ctx context.Context ctx, agentPods, client.MatchingLabels(map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, }), client.InNamespace(ddaNamespace), ) @@ -394,7 +395,7 @@ func (r *Reconciler) cleanupPodsForProfilesThatNoLongerApply(ctx context.Context func (r *Reconciler) cleanupExtraneousDaemonSets(ctx context.Context, logger logr.Logger, dda *datadoghqv2alpha1.DatadogAgent, newStatus *datadoghqv2alpha1.DatadogAgentStatus, providerList map[string]struct{}, profiles []v1alpha1.DatadogAgentProfile) error { matchLabels := client.MatchingLabels{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", } diff --git a/internal/controller/datadogagent/controller_reconcile_agent_test.go b/internal/controller/datadogagent/controller_reconcile_agent_test.go index 9a28fdbcb..4cc45bdd4 100644 --- a/internal/controller/datadogagent/controller_reconcile_agent_test.go +++ b/internal/controller/datadogagent/controller_reconcile_agent_test.go @@ -10,6 +10,7 @@ import ( apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/agent" "github.com/DataDog/datadog-operator/pkg/agentprofile" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/kubernetes" edsdatadoghqv1alpha1 "github.com/DataDog/extendeddaemonset/api/v1alpha1" @@ -268,7 +269,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "dda-foo-agent", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -286,7 +287,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent", ResourceVersion: "999", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -303,7 +304,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "dda-foo-agent", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -322,7 +323,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent", ResourceVersion: "999", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -339,9 +340,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -367,9 +368,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -387,9 +388,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -416,9 +417,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -435,7 +436,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }}, }, @@ -444,7 +445,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -454,9 +455,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -482,9 +483,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -502,7 +503,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -512,7 +513,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -522,9 +523,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -533,9 +534,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -544,9 +545,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -572,9 +573,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -588,9 +589,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -607,7 +608,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }}, }, @@ -616,9 +617,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }}, }, &appsv1.DaemonSet{ @@ -626,7 +627,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -636,9 +637,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -664,9 +665,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -684,7 +685,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -694,7 +695,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -704,9 +705,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -715,9 +716,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -726,9 +727,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -757,9 +758,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -776,7 +777,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }}, }, @@ -785,7 +786,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -795,9 +796,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -829,7 +830,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", @@ -840,7 +841,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", @@ -859,7 +860,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -869,7 +870,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -879,9 +880,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -890,9 +891,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -901,9 +902,9 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -912,7 +913,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -945,7 +946,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", @@ -960,7 +961,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", @@ -993,8 +994,8 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -1036,8 +1037,8 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -1077,8 +1078,8 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -1087,8 +1088,8 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, }, }, }, @@ -1097,8 +1098,8 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, }, @@ -1107,7 +1108,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, }, }, }, @@ -1139,7 +1140,7 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1", Namespace: "ns-1", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, }, ResourceVersion: "999", }, @@ -1149,8 +1150,8 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -1174,8 +1175,8 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "datadog-agent-with-profile-ns-1-profile-1-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, ResourceVersion: "999", }, @@ -1192,8 +1193,8 @@ func Test_cleanupExtraneousDaemonSets(t *testing.T) { Name: "dda-foo-agent-gke-cos", Namespace: "ns-1", Labels: map[string]string{ - apicommon.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + datadoghqv2alpha1.MD5AgentDeploymentProviderLabelKey: gkeCosProvider, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, }, ResourceVersion: "999", }, diff --git a/internal/controller/datadogagent/controller_reconcile_ccr.go b/internal/controller/datadogagent/controller_reconcile_ccr.go index dff82d3e7..59742be38 100644 --- a/internal/controller/datadogagent/controller_reconcile_ccr.go +++ b/internal/controller/datadogagent/controller_reconcile_ccr.go @@ -15,6 +15,7 @@ import ( componentccr "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/clusterchecksrunner" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/override" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/datadog" "github.com/DataDog/datadog-operator/pkg/kubernetes" @@ -125,7 +126,7 @@ func deleteStatusWithClusterChecksRunner(newStatus *datadoghqv2alpha1.DatadogAge // cleanupOldCCRDeployments deletes CCR deployments when a CCR Deployment's name is changed using clusterChecksRunner name override func (r *Reconciler) cleanupOldCCRDeployments(ctx context.Context, logger logr.Logger, dda *datadoghqv2alpha1.DatadogAgent, newStatus *datadoghqv2alpha1.DatadogAgentStatus) error { matchLabels := client.MatchingLabels{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterChecksRunnerResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterChecksRunnerResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", } deploymentName := getDeploymentNameFromCCR(dda) diff --git a/internal/controller/datadogagent/controller_reconcile_ccr_test.go b/internal/controller/datadogagent/controller_reconcile_ccr_test.go index 7151931c3..a9345798e 100644 --- a/internal/controller/datadogagent/controller_reconcile_ccr_test.go +++ b/internal/controller/datadogagent/controller_reconcile_ccr_test.go @@ -7,6 +7,7 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" datadoghqv2alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/stretchr/testify/assert" appsv1 "k8s.io/api/apps/v1" @@ -97,7 +98,7 @@ func Test_cleanupOldCCRDeployments(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "dda-foo-cluster-checks-runner", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterChecksRunnerResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterChecksRunnerResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -110,7 +111,7 @@ func Test_cleanupOldCCRDeployments(t *testing.T) { Name: "dda-foo-cluster-checks-runner", ResourceVersion: "999", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterChecksRunnerResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterChecksRunnerResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -126,7 +127,7 @@ func Test_cleanupOldCCRDeployments(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "dda-foo-cluster-checks-runner", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterChecksRunnerResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterChecksRunnerResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -135,7 +136,7 @@ func Test_cleanupOldCCRDeployments(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "foo-ccr", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterChecksRunnerResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterChecksRunnerResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -144,7 +145,7 @@ func Test_cleanupOldCCRDeployments(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "bar-ccr", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterChecksRunnerResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterChecksRunnerResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -157,7 +158,7 @@ func Test_cleanupOldCCRDeployments(t *testing.T) { Name: "dda-foo-cluster-checks-runner", ResourceVersion: "999", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterChecksRunnerResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterChecksRunnerResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, diff --git a/internal/controller/datadogagent/controller_reconcile_dca.go b/internal/controller/datadogagent/controller_reconcile_dca.go index 48528c8c9..3b78145da 100644 --- a/internal/controller/datadogagent/controller_reconcile_dca.go +++ b/internal/controller/datadogagent/controller_reconcile_dca.go @@ -15,6 +15,7 @@ import ( componentdca "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/clusteragent" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/override" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/datadog" "github.com/DataDog/datadog-operator/pkg/kubernetes" @@ -138,7 +139,7 @@ func (r *Reconciler) cleanupV2ClusterAgent(logger logr.Logger, dda *datadoghqv2a // cleanupOldDCADeployments deletes DCA deployments when a DCA Deployment's name is changed using clusterAgent name override func (r *Reconciler) cleanupOldDCADeployments(ctx context.Context, logger logr.Logger, dda *datadoghqv2alpha1.DatadogAgent, resourcesManager feature.ResourceManagers, newStatus *datadoghqv2alpha1.DatadogAgentStatus) error { matchLabels := client.MatchingLabels{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", } deploymentName := getDeploymentNameFromDCA(dda) diff --git a/internal/controller/datadogagent/controller_reconcile_dca_test.go b/internal/controller/datadogagent/controller_reconcile_dca_test.go index 0c43a730b..718115ec8 100644 --- a/internal/controller/datadogagent/controller_reconcile_dca_test.go +++ b/internal/controller/datadogagent/controller_reconcile_dca_test.go @@ -7,8 +7,10 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" datadoghqv2alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/defaults" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/store" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/stretchr/testify/assert" appsv1 "k8s.io/api/apps/v1" @@ -99,7 +101,7 @@ func Test_cleanupOldDCADeployments(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "dda-foo-cluster-agent", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -112,7 +114,7 @@ func Test_cleanupOldDCADeployments(t *testing.T) { Name: "dda-foo-cluster-agent", ResourceVersion: "999", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -128,7 +130,7 @@ func Test_cleanupOldDCADeployments(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "dda-foo-cluster-agent", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -137,7 +139,7 @@ func Test_cleanupOldDCADeployments(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "foo-dca", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -146,7 +148,7 @@ func Test_cleanupOldDCADeployments(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "bar-dca", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -159,7 +161,7 @@ func Test_cleanupOldDCADeployments(t *testing.T) { Name: "dda-foo-cluster-agent", ResourceVersion: "999", Labels: map[string]string{ - apicommon.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, kubernetes.AppKubernetesManageByLabelKey: "datadog-operator", }, }, @@ -248,7 +250,7 @@ func Test_cleanupOldDCADeployments(t *testing.T) { Scheme: r.scheme, } instance := &datadoghqv2alpha1.DatadogAgent{} - datadoghqv2alpha1.DefaultDatadogAgent(instance.DeepCopy()) + defaults.DefaultDatadogAgent(instance.DeepCopy()) depsStore := store.NewStore(instance, storeOptions) resourcesManager := feature.NewResourceManagers(depsStore) diff --git a/internal/controller/datadogagent/controller_reconcile_v2.go b/internal/controller/datadogagent/controller_reconcile_v2.go index ee893fb15..de2c05f3a 100644 --- a/internal/controller/datadogagent/controller_reconcile_v2.go +++ b/internal/controller/datadogagent/controller_reconcile_v2.go @@ -12,6 +12,7 @@ import ( datadoghqv1alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v1alpha1" datadoghqv2alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/defaults" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/override" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/store" @@ -87,7 +88,7 @@ func (r *Reconciler) internalReconcileV2(ctx context.Context, request reconcile. // Set default values for GlobalConfig and Features instanceCopy := instance.DeepCopy() - datadoghqv2alpha1.DefaultDatadogAgent(instanceCopy) + defaults.DefaultDatadogAgent(instanceCopy) return r.reconcileInstanceV2(ctx, reqLogger, instanceCopy) } diff --git a/internal/controller/datadogagent/controller_v2_test.go b/internal/controller/datadogagent/controller_v2_test.go index f7b5b533a..ad22ec921 100644 --- a/internal/controller/datadogagent/controller_v2_test.go +++ b/internal/controller/datadogagent/controller_v2_test.go @@ -15,11 +15,11 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" componentagent "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/agent" - testutils "github.com/DataDog/datadog-operator/internal/controller/datadogagent/testutils" + agenttestutils "github.com/DataDog/datadog-operator/internal/controller/datadogagent/testutils" "github.com/DataDog/datadog-operator/pkg/kubernetes" + "github.com/DataDog/datadog-operator/pkg/testutils" assert "github.com/stretchr/testify/require" appsv1 "k8s.io/api/apps/v1" @@ -61,7 +61,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { logf.SetLogger(zap.New(zap.UseDevMode(true))) // Register operator types with the runtime scheme. - s := testutils.TestScheme() + s := agenttestutils.TestScheme() defaultRequeueDuration := 15 * time.Second @@ -83,7 +83,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). Build() _ = c.Create(context.TODO(), dda) }, @@ -110,7 +110,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithSingleContainerStrategy(false). Build() _ = c.Create(context.TODO(), dda) @@ -138,7 +138,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithSingleContainerStrategy(true). Build() _ = c.Create(context.TODO(), dda) @@ -164,7 +164,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithSingleContainerStrategy(false). Build() @@ -193,7 +193,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithSingleContainerStrategy(true). Build() @@ -220,7 +220,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithCWSEnabled(true). WithSingleContainerStrategy(false). @@ -252,7 +252,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithCWSEnabled(true). WithSingleContainerStrategy(true). @@ -285,7 +285,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithOOMKillEnabled(true). WithSingleContainerStrategy(false). @@ -316,7 +316,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithOOMKillEnabled(true). WithSingleContainerStrategy(true). @@ -350,7 +350,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { fipsConfig := v2alpha1.FIPSConfig{ Enabled: apiutils.NewBoolPointer(true), } - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithFIPS(fipsConfig). Build() _ = c.Create(context.TODO(), dda) @@ -379,7 +379,7 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithComponentOverride(v2alpha1.ClusterAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ CreatePodDisruptionBudget: apiutils.NewBoolPointer(true), }). @@ -448,7 +448,7 @@ func Test_Introspection(t *testing.T) { logf.SetLogger(zap.New(zap.UseDevMode(true))) // Register operator types with the runtime scheme. - s := testutils.TestScheme() + s := agenttestutils.TestScheme() defaultRequeueDuration := 15 * time.Second @@ -470,7 +470,7 @@ func Test_Introspection(t *testing.T) { args: args{ request: newRequest(resourcesNamespace, resourcesName), loadFunc: func(c client.Client) { - dda := v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ Affinity: &corev1.Affinity{ PodAntiAffinity: &corev1.PodAntiAffinity{ @@ -581,7 +581,7 @@ func verifyDaemonsetContainers(c client.Client, resourcesNamespace, dsName strin func verifyDaemonsetNames(t *testing.T, c client.Client, resourcesNamespace, dsName string, expectedDSNames []string) error { daemonSetList := appsv1.DaemonSetList{} - if err := c.List(context.TODO(), &daemonSetList, client.HasLabels{apicommon.MD5AgentDeploymentProviderLabelKey}); err != nil { + if err := c.List(context.TODO(), &daemonSetList, client.HasLabels{v2alpha1.MD5AgentDeploymentProviderLabelKey}); err != nil { return err } diff --git a/api/datadoghq/v2alpha1/datadogagent_default.go b/internal/controller/datadogagent/defaults/datadogagent_default.go similarity index 78% rename from api/datadoghq/v2alpha1/datadogagent_default.go rename to internal/controller/datadogagent/defaults/datadogagent_default.go index ccaf1602d..1ebe56970 100644 --- a/api/datadoghq/v2alpha1/datadogagent_default.go +++ b/internal/controller/datadogagent/defaults/datadogagent_default.go @@ -3,10 +3,10 @@ // This product includes software developed at Datadog (https://www.datadoghq.com/). // Copyright 2016-present Datadog, Inc. -package v2alpha1 +package defaults import ( - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/pkg/defaulting" ) @@ -26,6 +26,7 @@ const ( defaultLogPodLogsPath string = "/var/log/pods" defaultLogContainerSymlinksPath string = "/var/log/containers" + defaultOtelCollectorEnabled bool = false defaultLiveProcessCollectionEnabled bool = false defaultLiveContainerCollectionEnabled bool = true defaultProcessDiscoveryEnabled bool = true @@ -42,7 +43,7 @@ const ( defaultAPMHostPortEnabled bool = false defaultAPMHostPort int32 = 8126 defaultAPMSocketEnabled bool = true - defaultAPMSocketHostPath string = apicommon.DogstatsdAPMSocketHostPath + "/" + apicommon.APMSocketName + defaultAPMSocketHostPath string = v2alpha1.DogstatsdAPMSocketHostPath + "/" + v2alpha1.APMSocketName defaultAPMSingleStepInstrEnabled bool = false defaultLanguageDetectionEnabled bool = true defaultCSPMEnabled bool = false @@ -61,7 +62,7 @@ const ( defaultDogstatsdOriginDetectionEnabled bool = false defaultDogstatsdHostPortEnabled bool = false defaultDogstatsdSocketEnabled bool = true - defaultDogstatsdHostSocketPath string = apicommon.DogstatsdAPMSocketHostPath + "/" + apicommon.DogstatsdSocketName + defaultDogstatsdHostSocketPath string = v2alpha1.DogstatsdAPMSocketHostPath + "/" + v2alpha1.DogstatsdSocketName defaultOTLPGRPCEnabled bool = false defaultOTLPGRPCHostPortEnabled bool = true @@ -80,6 +81,9 @@ const ( defaultAdmissionControllerMutationEnabled bool = true defaultAdmissionControllerMutateUnlabelled bool = false defaultAdmissionServiceName string = "datadog-admission-controller" + + defaultAdmissionControllerKubernetesAdmissionEventsEnabled bool = false + // DefaultAdmissionControllerCWSInstrumentationEnabled default CWS Instrumentation enabled value DefaultAdmissionControllerCWSInstrumentationEnabled bool = false // DefaultAdmissionControllerCWSInstrumentationMode default CWS Instrumentation mode @@ -110,7 +114,7 @@ const ( // defaultKubeletAgentCAPath = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" // defaultKubeletAgentCAPathHostPathSet = "/var/run/host-kubelet-ca.crt" - defaultContainerStrategy = OptimizedContainerStrategy + defaultContainerStrategy = v2alpha1.OptimizedContainerStrategy defaultHelmCheckEnabled bool = false defaultHelmCheckCollectEvents bool = false @@ -125,16 +129,16 @@ const ( ) // DefaultDatadogAgent defaults the DatadogAgentSpec GlobalConfig and Features. -func DefaultDatadogAgent(dda *DatadogAgent) { +func DefaultDatadogAgent(dda *v2alpha1.DatadogAgent) { defaultGlobalConfig(&dda.Spec) defaultFeaturesConfig(&dda.Spec) } // defaultGlobalConfig sets default values in DatadogAgentSpec.Global. -func defaultGlobalConfig(ddaSpec *DatadogAgentSpec) { +func defaultGlobalConfig(ddaSpec *v2alpha1.DatadogAgentSpec) { if ddaSpec.Global == nil { - ddaSpec.Global = &GlobalConfig{} + ddaSpec.Global = &v2alpha1.GlobalConfig{} } if ddaSpec.Global.Site == nil { @@ -144,15 +148,15 @@ func defaultGlobalConfig(ddaSpec *DatadogAgentSpec) { if ddaSpec.Global.Registry == nil { switch *ddaSpec.Global.Site { case defaultEuropeSite: - ddaSpec.Global.Registry = apiutils.NewStringPointer(DefaultEuropeImageRegistry) + ddaSpec.Global.Registry = apiutils.NewStringPointer(v2alpha1.DefaultEuropeImageRegistry) case defaultAsiaSite: - ddaSpec.Global.Registry = apiutils.NewStringPointer(DefaultAsiaImageRegistry) + ddaSpec.Global.Registry = apiutils.NewStringPointer(v2alpha1.DefaultAsiaImageRegistry) case defaultAzureSite: - ddaSpec.Global.Registry = apiutils.NewStringPointer(DefaultAzureImageRegistry) + ddaSpec.Global.Registry = apiutils.NewStringPointer(v2alpha1.DefaultAzureImageRegistry) case defaultGovSite: - ddaSpec.Global.Registry = apiutils.NewStringPointer(DefaultGovImageRegistry) + ddaSpec.Global.Registry = apiutils.NewStringPointer(v2alpha1.DefaultGovImageRegistry) default: - ddaSpec.Global.Registry = apiutils.NewStringPointer(DefaultImageRegistry) + ddaSpec.Global.Registry = apiutils.NewStringPointer(v2alpha1.DefaultImageRegistry) } } @@ -166,13 +170,13 @@ func defaultGlobalConfig(ddaSpec *DatadogAgentSpec) { } if ddaSpec.Global.FIPS == nil { - ddaSpec.Global.FIPS = &FIPSConfig{} + ddaSpec.Global.FIPS = &v2alpha1.FIPSConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Global.FIPS.Enabled, defaultFIPSEnabled) if *ddaSpec.Global.FIPS.Enabled { if ddaSpec.Global.FIPS.Image == nil { - ddaSpec.Global.FIPS.Image = &AgentImageConfig{} + ddaSpec.Global.FIPS.Image = &v2alpha1.AgentImageConfig{} } if ddaSpec.Global.FIPS.Image.Name == "" { ddaSpec.Global.FIPS.Image.Name = defaultFIPSImageName @@ -191,14 +195,14 @@ func defaultGlobalConfig(ddaSpec *DatadogAgentSpec) { // defaultFeaturesConfig sets default values in DatadogAgentSpec.Features. // Note: many default values are set in the Datadog Agent code and are not set here. -func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { +func defaultFeaturesConfig(ddaSpec *v2alpha1.DatadogAgentSpec) { if ddaSpec.Features == nil { - ddaSpec.Features = &DatadogFeatures{} + ddaSpec.Features = &v2alpha1.DatadogFeatures{} } // LogsCollection Feature if ddaSpec.Features.LogCollection == nil { - ddaSpec.Features.LogCollection = &LogCollectionFeatureConfig{} + ddaSpec.Features.LogCollection = &v2alpha1.LogCollectionFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.LogCollection.Enabled, defaultLogCollectionEnabled) @@ -211,61 +215,67 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { apiutils.DefaultStringIfUnset(&ddaSpec.Features.LogCollection.ContainerSymlinksPath, defaultLogContainerSymlinksPath) - apiutils.DefaultStringIfUnset(&ddaSpec.Features.LogCollection.TempStoragePath, apicommon.DefaultLogTempStoragePath) + apiutils.DefaultStringIfUnset(&ddaSpec.Features.LogCollection.TempStoragePath, v2alpha1.DefaultLogTempStoragePath) } // LiveContainerCollection Feature if ddaSpec.Features.LiveContainerCollection == nil { - ddaSpec.Features.LiveContainerCollection = &LiveContainerCollectionFeatureConfig{} + ddaSpec.Features.LiveContainerCollection = &v2alpha1.LiveContainerCollectionFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.LiveContainerCollection.Enabled, defaultLiveContainerCollectionEnabled) + // OTelCollector Feature + if ddaSpec.Features.OtelCollector == nil { + ddaSpec.Features.OtelCollector = &v2alpha1.OtelCollectorFeatureConfig{} + } + apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.OtelCollector.Enabled, defaultOtelCollectorEnabled) + // LiveProcessCollection Feature if ddaSpec.Features.LiveProcessCollection == nil { - ddaSpec.Features.LiveProcessCollection = &LiveProcessCollectionFeatureConfig{} + ddaSpec.Features.LiveProcessCollection = &v2alpha1.LiveProcessCollectionFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.LiveProcessCollection.Enabled, defaultLiveProcessCollectionEnabled) // ProcessDiscovery Feature if ddaSpec.Features.ProcessDiscovery == nil { - ddaSpec.Features.ProcessDiscovery = &ProcessDiscoveryFeatureConfig{} + ddaSpec.Features.ProcessDiscovery = &v2alpha1.ProcessDiscoveryFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.ProcessDiscovery.Enabled, defaultProcessDiscoveryEnabled) // OOMKill Feature if ddaSpec.Features.OOMKill == nil { - ddaSpec.Features.OOMKill = &OOMKillFeatureConfig{} + ddaSpec.Features.OOMKill = &v2alpha1.OOMKillFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.OOMKill.Enabled, defaultOOMKillEnabled) // TCPQueueLength Feature if ddaSpec.Features.TCPQueueLength == nil { - ddaSpec.Features.TCPQueueLength = &TCPQueueLengthFeatureConfig{} + ddaSpec.Features.TCPQueueLength = &v2alpha1.TCPQueueLengthFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.TCPQueueLength.Enabled, defaultTCPQueueLengthEnabled) // EBPFCheck Feature if ddaSpec.Features.EBPFCheck == nil { - ddaSpec.Features.EBPFCheck = &EBPFCheckFeatureConfig{} + ddaSpec.Features.EBPFCheck = &v2alpha1.EBPFCheckFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.EBPFCheck.Enabled, defaultEBPFCheckEnabled) if ddaSpec.Features.ServiceDiscovery == nil { - ddaSpec.Features.ServiceDiscovery = &ServiceDiscoveryFeatureConfig{} + ddaSpec.Features.ServiceDiscovery = &v2alpha1.ServiceDiscoveryFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.ServiceDiscovery.Enabled, defaultServiceDiscoveryEnabled) // APM Feature // APM is enabled by default if ddaSpec.Features.APM == nil { - ddaSpec.Features.APM = &APMFeatureConfig{} + ddaSpec.Features.APM = &v2alpha1.APMFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.APM.Enabled, defaultAPMEnabled) if *ddaSpec.Features.APM.Enabled { if ddaSpec.Features.APM.HostPortConfig == nil { - ddaSpec.Features.APM.HostPortConfig = &HostPortConfig{} + ddaSpec.Features.APM.HostPortConfig = &v2alpha1.HostPortConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.APM.HostPortConfig.Enabled, defaultAPMHostPortEnabled) @@ -273,7 +283,7 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { apiutils.DefaultInt32IfUnset(&ddaSpec.Features.APM.HostPortConfig.Port, defaultAPMHostPort) if ddaSpec.Features.APM.UnixDomainSocketConfig == nil { - ddaSpec.Features.APM.UnixDomainSocketConfig = &UnixDomainSocketConfig{} + ddaSpec.Features.APM.UnixDomainSocketConfig = &v2alpha1.UnixDomainSocketConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.APM.UnixDomainSocketConfig.Enabled, defaultAPMSocketEnabled) @@ -281,11 +291,11 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { apiutils.DefaultStringIfUnset(&ddaSpec.Features.APM.UnixDomainSocketConfig.Path, defaultAPMSocketHostPath) if ddaSpec.Features.APM.SingleStepInstrumentation == nil { - ddaSpec.Features.APM.SingleStepInstrumentation = &SingleStepInstrumentation{} + ddaSpec.Features.APM.SingleStepInstrumentation = &v2alpha1.SingleStepInstrumentation{} } if ddaSpec.Features.APM.SingleStepInstrumentation.LanguageDetection == nil { - ddaSpec.Features.APM.SingleStepInstrumentation.LanguageDetection = &LanguageDetectionConfig{} + ddaSpec.Features.APM.SingleStepInstrumentation.LanguageDetection = &v2alpha1.LanguageDetectionConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.APM.SingleStepInstrumentation.Enabled, defaultAPMSingleStepInstrEnabled) @@ -294,49 +304,49 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // ASM Features if ddaSpec.Features.ASM == nil { - ddaSpec.Features.ASM = &ASMFeatureConfig{} + ddaSpec.Features.ASM = &v2alpha1.ASMFeatureConfig{} } if ddaSpec.Features.ASM.Threats == nil { - ddaSpec.Features.ASM.Threats = &ASMThreatsConfig{} + ddaSpec.Features.ASM.Threats = &v2alpha1.ASMThreatsConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.ASM.Threats.Enabled, defaultAdmissionASMThreatsEnabled) if ddaSpec.Features.ASM.SCA == nil { - ddaSpec.Features.ASM.SCA = &ASMSCAConfig{} + ddaSpec.Features.ASM.SCA = &v2alpha1.ASMSCAConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.ASM.SCA.Enabled, defaultAdmissionASMSCAEnabled) if ddaSpec.Features.ASM.IAST == nil { - ddaSpec.Features.ASM.IAST = &ASMIASTConfig{} + ddaSpec.Features.ASM.IAST = &v2alpha1.ASMIASTConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.ASM.IAST.Enabled, defaultAdmissionASMIASTEnabled) // CSPM (Cloud Security Posture Management) Feature if ddaSpec.Features.CSPM == nil { - ddaSpec.Features.CSPM = &CSPMFeatureConfig{} + ddaSpec.Features.CSPM = &v2alpha1.CSPMFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.CSPM.Enabled, defaultCSPMEnabled) if *ddaSpec.Features.CSPM.Enabled { if ddaSpec.Features.CSPM.HostBenchmarks == nil { - ddaSpec.Features.CSPM.HostBenchmarks = &CSPMHostBenchmarksConfig{} + ddaSpec.Features.CSPM.HostBenchmarks = &v2alpha1.CSPMHostBenchmarksConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.CSPM.HostBenchmarks.Enabled, defaultCSPMHostBenchmarksEnabled) } // CWS (Cloud Workload Security) Feature if ddaSpec.Features.CWS == nil { - ddaSpec.Features.CWS = &CWSFeatureConfig{} + ddaSpec.Features.CWS = &v2alpha1.CWSFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.CWS.Enabled, defaultCWSEnabled) if *ddaSpec.Features.CWS.Enabled { if ddaSpec.Features.CWS.Network == nil { - ddaSpec.Features.CWS.Network = &CWSNetworkConfig{} + ddaSpec.Features.CWS.Network = &v2alpha1.CWSNetworkConfig{} } if ddaSpec.Features.CWS.SecurityProfiles == nil { - ddaSpec.Features.CWS.SecurityProfiles = &CWSSecurityProfilesConfig{} + ddaSpec.Features.CWS.SecurityProfiles = &v2alpha1.CWSSecurityProfilesConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.CWS.SyscallMonitorEnabled, defaultCWSSyscallMonitorEnabled) @@ -346,7 +356,7 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // NPM (Network Performance Monitoring) Feature if ddaSpec.Features.NPM == nil { - ddaSpec.Features.NPM = &NPMFeatureConfig{} + ddaSpec.Features.NPM = &v2alpha1.NPMFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.NPM.Enabled, defaultNPMEnabled) @@ -357,28 +367,28 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // USM (Universal Service Monitoring) Feature if ddaSpec.Features.USM == nil { - ddaSpec.Features.USM = &USMFeatureConfig{} + ddaSpec.Features.USM = &v2alpha1.USMFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.USM.Enabled, defaultUSMEnabled) // Dogstatsd Feature if ddaSpec.Features.Dogstatsd == nil { - ddaSpec.Features.Dogstatsd = &DogstatsdFeatureConfig{} + ddaSpec.Features.Dogstatsd = &v2alpha1.DogstatsdFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.Dogstatsd.OriginDetectionEnabled, defaultDogstatsdOriginDetectionEnabled) if ddaSpec.Features.Dogstatsd.HostPortConfig == nil { - ddaSpec.Features.Dogstatsd.HostPortConfig = &HostPortConfig{ + ddaSpec.Features.Dogstatsd.HostPortConfig = &v2alpha1.HostPortConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled), } } if *ddaSpec.Features.Dogstatsd.HostPortConfig.Enabled { - apiutils.DefaultInt32IfUnset(&ddaSpec.Features.Dogstatsd.HostPortConfig.Port, DefaultDogstatsdPort) + apiutils.DefaultInt32IfUnset(&ddaSpec.Features.Dogstatsd.HostPortConfig.Port, v2alpha1.DefaultDogstatsdPort) } if ddaSpec.Features.Dogstatsd.UnixDomainSocketConfig == nil { - ddaSpec.Features.Dogstatsd.UnixDomainSocketConfig = &UnixDomainSocketConfig{} + ddaSpec.Features.Dogstatsd.UnixDomainSocketConfig = &v2alpha1.UnixDomainSocketConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.Dogstatsd.UnixDomainSocketConfig.Enabled, defaultDogstatsdSocketEnabled) @@ -388,18 +398,18 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // OTLP ingest feature if ddaSpec.Features.OTLP == nil { - ddaSpec.Features.OTLP = &OTLPFeatureConfig{} + ddaSpec.Features.OTLP = &v2alpha1.OTLPFeatureConfig{} } if ddaSpec.Features.OTLP.Receiver.Protocols.GRPC == nil { - ddaSpec.Features.OTLP.Receiver.Protocols.GRPC = &OTLPGRPCConfig{} + ddaSpec.Features.OTLP.Receiver.Protocols.GRPC = &v2alpha1.OTLPGRPCConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.OTLP.Receiver.Protocols.GRPC.Enabled, defaultOTLPGRPCEnabled) if apiutils.BoolValue(ddaSpec.Features.OTLP.Receiver.Protocols.GRPC.Enabled) { if ddaSpec.Features.OTLP.Receiver.Protocols.GRPC.HostPortConfig == nil { - ddaSpec.Features.OTLP.Receiver.Protocols.GRPC.HostPortConfig = &HostPortConfig{} + ddaSpec.Features.OTLP.Receiver.Protocols.GRPC.HostPortConfig = &v2alpha1.HostPortConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.OTLP.Receiver.Protocols.GRPC.HostPortConfig.Enabled, defaultOTLPGRPCHostPortEnabled) } @@ -407,14 +417,14 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { apiutils.DefaultStringIfUnset(&ddaSpec.Features.OTLP.Receiver.Protocols.GRPC.Endpoint, defaultOTLPGRPCEndpoint) if ddaSpec.Features.OTLP.Receiver.Protocols.HTTP == nil { - ddaSpec.Features.OTLP.Receiver.Protocols.HTTP = &OTLPHTTPConfig{} + ddaSpec.Features.OTLP.Receiver.Protocols.HTTP = &v2alpha1.OTLPHTTPConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.OTLP.Receiver.Protocols.HTTP.Enabled, defaultOTLPHTTPEnabled) if apiutils.BoolValue(ddaSpec.Features.OTLP.Receiver.Protocols.HTTP.Enabled) { if ddaSpec.Features.OTLP.Receiver.Protocols.HTTP.HostPortConfig == nil { - ddaSpec.Features.OTLP.Receiver.Protocols.HTTP.HostPortConfig = &HostPortConfig{} + ddaSpec.Features.OTLP.Receiver.Protocols.HTTP.HostPortConfig = &v2alpha1.HostPortConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.OTLP.Receiver.Protocols.HTTP.HostPortConfig.Enabled, defaultOTLPHTTPHostPortEnabled) } @@ -423,7 +433,7 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // RemoteConfiguration feature if ddaSpec.Features.RemoteConfiguration == nil { - ddaSpec.Features.RemoteConfiguration = &RemoteConfigurationFeatureConfig{} + ddaSpec.Features.RemoteConfiguration = &v2alpha1.RemoteConfigurationFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.RemoteConfiguration.Enabled, defaultRemoteConfigurationEnabled) @@ -431,11 +441,11 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // EventCollection Feature if ddaSpec.Features.EventCollection == nil { - ddaSpec.Features.EventCollection = &EventCollectionFeatureConfig{} + ddaSpec.Features.EventCollection = &v2alpha1.EventCollectionFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.EventCollection.CollectKubernetesEvents, defaultCollectKubernetesEvents) if apiutils.BoolValue(ddaSpec.Features.EventCollection.UnbundleEvents) && ddaSpec.Features.EventCollection.CollectedEventTypes == nil { - ddaSpec.Features.EventCollection.CollectedEventTypes = []EventTypes{ + ddaSpec.Features.EventCollection.CollectedEventTypes = []v2alpha1.EventTypes{ { Kind: "Pod", Reasons: []string{"Failed", "BackOff", "Unhealthy", "FailedScheduling", "FailedMount", "FailedAttachVolume"}, @@ -453,7 +463,7 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // OrchestratorExplorer check Feature if ddaSpec.Features.OrchestratorExplorer == nil { - ddaSpec.Features.OrchestratorExplorer = &OrchestratorExplorerFeatureConfig{} + ddaSpec.Features.OrchestratorExplorer = &v2alpha1.OrchestratorExplorerFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.OrchestratorExplorer.Enabled, defaultOrchestratorExplorerEnabled) @@ -463,13 +473,13 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // KubeStateMetricsCore check Feature if ddaSpec.Features.KubeStateMetricsCore == nil { - ddaSpec.Features.KubeStateMetricsCore = &KubeStateMetricsCoreFeatureConfig{} + ddaSpec.Features.KubeStateMetricsCore = &v2alpha1.KubeStateMetricsCoreFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.KubeStateMetricsCore.Enabled, defaultKubeStateMetricsCoreEnabled) // AdmissionController Feature if ddaSpec.Features.AdmissionController == nil { - ddaSpec.Features.AdmissionController = &AdmissionControllerFeatureConfig{} + ddaSpec.Features.AdmissionController = &v2alpha1.AdmissionControllerFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.AdmissionController.Enabled, defaultAdmissionControllerEnabled) @@ -481,13 +491,13 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // AdmissionControllerValidation Feature if ddaSpec.Features.AdmissionController.Validation == nil { - ddaSpec.Features.AdmissionController.Validation = &AdmissionControllerValidationConfig{} + ddaSpec.Features.AdmissionController.Validation = &v2alpha1.AdmissionControllerValidationConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.AdmissionController.Validation.Enabled, defaultAdmissionControllerValidationEnabled) // AdmissionControllerMutation Feature if ddaSpec.Features.AdmissionController.Mutation == nil { - ddaSpec.Features.AdmissionController.Mutation = &AdmissionControllerMutationConfig{} + ddaSpec.Features.AdmissionController.Mutation = &v2alpha1.AdmissionControllerMutationConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.AdmissionController.Mutation.Enabled, defaultAdmissionControllerMutationEnabled) @@ -496,9 +506,15 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { apiutils.DefaultBooleanIfUnset(&agentSidecarInjection.ClusterAgentCommunicationEnabled, defaultAdmissionControllerAgentSidecarClusterAgentEnabled) } + // K8s Admission Events in AdmissonController Feature + if ddaSpec.Features.AdmissionController.KubernetesAdmissionEvents == nil { + ddaSpec.Features.AdmissionController.KubernetesAdmissionEvents = &v2alpha1.KubernetesAdmissionEventsConfig{} + } + apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.AdmissionController.KubernetesAdmissionEvents.Enabled, defaultAdmissionControllerKubernetesAdmissionEventsEnabled) + // CWS Instrumentation in AdmissionController Feature if ddaSpec.Features.AdmissionController.CWSInstrumentation == nil { - ddaSpec.Features.AdmissionController.CWSInstrumentation = &CWSInstrumentationConfig{} + ddaSpec.Features.AdmissionController.CWSInstrumentation = &v2alpha1.CWSInstrumentationConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.AdmissionController.CWSInstrumentation.Enabled, DefaultAdmissionControllerCWSInstrumentationEnabled) @@ -508,7 +524,7 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // ExternalMetricsServer Feature if ddaSpec.Features.ExternalMetricsServer == nil { - ddaSpec.Features.ExternalMetricsServer = &ExternalMetricsServerFeatureConfig{} + ddaSpec.Features.ExternalMetricsServer = &v2alpha1.ExternalMetricsServerFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.ExternalMetricsServer.Enabled, defaultExternalMetricsServerEnabled) @@ -520,7 +536,7 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // ClusterChecks Feature if ddaSpec.Features.ClusterChecks == nil { - ddaSpec.Features.ClusterChecks = &ClusterChecksFeatureConfig{} + ddaSpec.Features.ClusterChecks = &v2alpha1.ClusterChecksFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.ClusterChecks.Enabled, defaultClusterChecksEnabled) @@ -530,7 +546,7 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // PrometheusScrape Feature if ddaSpec.Features.PrometheusScrape == nil { - ddaSpec.Features.PrometheusScrape = &PrometheusScrapeFeatureConfig{} + ddaSpec.Features.PrometheusScrape = &v2alpha1.PrometheusScrapeFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.PrometheusScrape.Enabled, defaultPrometheusScrapeEnabled) @@ -541,7 +557,7 @@ func defaultFeaturesConfig(ddaSpec *DatadogAgentSpec) { // Helm Check Feature if ddaSpec.Features.HelmCheck == nil { - ddaSpec.Features.HelmCheck = &HelmCheckFeatureConfig{} + ddaSpec.Features.HelmCheck = &v2alpha1.HelmCheckFeatureConfig{} } apiutils.DefaultBooleanIfUnset(&ddaSpec.Features.HelmCheck.Enabled, defaultHelmCheckEnabled) diff --git a/api/datadoghq/v2alpha1/datadogagent_default_test.go b/internal/controller/datadogagent/defaults/datadogagent_default_test.go similarity index 52% rename from api/datadoghq/v2alpha1/datadogagent_default_test.go rename to internal/controller/datadogagent/defaults/datadogagent_default_test.go index ee4b32bbe..98d61fd6b 100644 --- a/api/datadoghq/v2alpha1/datadogagent_default_test.go +++ b/internal/controller/datadogagent/defaults/datadogagent_default_test.go @@ -3,12 +3,12 @@ // This product includes software developed at Datadog (https://www.datadoghq.com/). // Copyright 2016-present Datadog, Inc. -package v2alpha1 +package defaults import ( "testing" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/google/go-cmp/cmp" @@ -23,112 +23,112 @@ const ( func Test_defaultGlobal(t *testing.T) { tests := []struct { name string - ddaSpec *DatadogAgentSpec - want *DatadogAgentSpec + ddaSpec *v2alpha1.DatadogAgentSpec + want *v2alpha1.DatadogAgentSpec }{ { name: "global is nil", - ddaSpec: &DatadogAgentSpec{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ Global: nil, }, - want: &DatadogAgentSpec{ - Global: &GlobalConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ Site: apiutils.NewStringPointer(defaultSite), - Registry: apiutils.NewStringPointer(DefaultImageRegistry), + Registry: apiutils.NewStringPointer(v2alpha1.DefaultImageRegistry), LogLevel: apiutils.NewStringPointer(defaultLogLevel), }, }, }, { name: "test registry defaulting based on site - EU", - ddaSpec: &DatadogAgentSpec{ - Global: &GlobalConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ Site: apiutils.NewStringPointer(defaultEuropeSite), }, }, - want: &DatadogAgentSpec{ - Global: &GlobalConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ Site: apiutils.NewStringPointer(defaultEuropeSite), - Registry: apiutils.NewStringPointer(DefaultEuropeImageRegistry), + Registry: apiutils.NewStringPointer(v2alpha1.DefaultEuropeImageRegistry), LogLevel: apiutils.NewStringPointer(defaultLogLevel), }, }, }, { name: "test registry defaulting based on site - Asia", - ddaSpec: &DatadogAgentSpec{ - Global: &GlobalConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ Site: apiutils.NewStringPointer(defaultAsiaSite), }, }, - want: &DatadogAgentSpec{ - Global: &GlobalConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ Site: apiutils.NewStringPointer(defaultAsiaSite), - Registry: apiutils.NewStringPointer(DefaultAsiaImageRegistry), + Registry: apiutils.NewStringPointer(v2alpha1.DefaultAsiaImageRegistry), LogLevel: apiutils.NewStringPointer(defaultLogLevel), }, }, }, { name: "test registry defaulting based on site - Azure", - ddaSpec: &DatadogAgentSpec{ - Global: &GlobalConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ Site: apiutils.NewStringPointer(defaultAzureSite), }, }, - want: &DatadogAgentSpec{ - Global: &GlobalConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ Site: apiutils.NewStringPointer(defaultAzureSite), - Registry: apiutils.NewStringPointer(DefaultAzureImageRegistry), + Registry: apiutils.NewStringPointer(v2alpha1.DefaultAzureImageRegistry), LogLevel: apiutils.NewStringPointer(defaultLogLevel), }, }, }, { name: "test registry defaulting based on site - Gov", - ddaSpec: &DatadogAgentSpec{ - Global: &GlobalConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ Site: apiutils.NewStringPointer(defaultGovSite), }, }, - want: &DatadogAgentSpec{ - Global: &GlobalConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ Site: apiutils.NewStringPointer(defaultGovSite), - Registry: apiutils.NewStringPointer(DefaultGovImageRegistry), + Registry: apiutils.NewStringPointer(v2alpha1.DefaultGovImageRegistry), LogLevel: apiutils.NewStringPointer(defaultLogLevel), }, }, }, { name: "test FIPS defaulting - disabled", - ddaSpec: &DatadogAgentSpec{ - Global: &GlobalConfig{}, + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{}, }, - want: &DatadogAgentSpec{ - Global: &GlobalConfig{ - FIPS: &FIPSConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ + FIPS: &v2alpha1.FIPSConfig{ Enabled: apiutils.NewBoolPointer(defaultFIPSEnabled), }, Site: apiutils.NewStringPointer(defaultSite), - Registry: apiutils.NewStringPointer(DefaultImageRegistry), + Registry: apiutils.NewStringPointer(v2alpha1.DefaultImageRegistry), LogLevel: apiutils.NewStringPointer(defaultLogLevel), }, }, }, { name: "test FIPS defaulting - enabled", - ddaSpec: &DatadogAgentSpec{ - Global: &GlobalConfig{ - FIPS: &FIPSConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ + FIPS: &v2alpha1.FIPSConfig{ Enabled: apiutils.NewBoolPointer(true), }, }, }, - want: &DatadogAgentSpec{ - Global: &GlobalConfig{ - FIPS: &FIPSConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Global: &v2alpha1.GlobalConfig{ + FIPS: &v2alpha1.FIPSConfig{ Enabled: apiutils.NewBoolPointer(true), - Image: &AgentImageConfig{ + Image: &v2alpha1.AgentImageConfig{ Name: defaultFIPSImageName, Tag: defaultFIPSImageTag, }, @@ -138,7 +138,7 @@ func Test_defaultGlobal(t *testing.T) { UseHTTPS: apiutils.NewBoolPointer(defaultFIPSUseHTTPS), }, Site: apiutils.NewStringPointer(defaultSite), - Registry: apiutils.NewStringPointer(DefaultImageRegistry), + Registry: apiutils.NewStringPointer(v2alpha1.DefaultImageRegistry), LogLevel: apiutils.NewStringPointer(defaultLogLevel), }, }, @@ -164,136 +164,142 @@ func Test_defaultGlobal(t *testing.T) { func Test_defaultFeatures(t *testing.T) { tests := []struct { name string - ddaSpec *DatadogAgentSpec - want *DatadogAgentSpec + ddaSpec *v2alpha1.DatadogAgentSpec + want *v2alpha1.DatadogAgentSpec }{ { name: "all features are nil", - ddaSpec: &DatadogAgentSpec{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ Features: nil, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -301,199 +307,208 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "all features are disabled", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{Enabled: apiutils.NewBoolPointer(valueFalse)}, - HTTP: &OTLPHTTPConfig{Enabled: apiutils.NewBoolPointer(valueFalse)}, + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{Enabled: apiutils.NewBoolPointer(valueFalse)}, + HTTP: &v2alpha1.OTLPHTTPConfig{Enabled: apiutils.NewBoolPointer(valueFalse)}, }}}, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(valueFalse), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), - Validation: &AdmissionControllerValidationConfig{Enabled: apiutils.NewBoolPointer(valueFalse)}, - Mutation: &AdmissionControllerMutationConfig{Enabled: apiutils.NewBoolPointer(valueFalse)}, + Validation: &v2alpha1.AdmissionControllerValidationConfig{Enabled: apiutils.NewBoolPointer(valueFalse)}, + Mutation: &v2alpha1.AdmissionControllerMutationConfig{Enabled: apiutils.NewBoolPointer(valueFalse)}, }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(valueFalse), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ + Enabled: apiutils.NewBoolPointer(valueFalse), + }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueFalse), }, }, @@ -501,135 +516,141 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "liveProcess is enabled", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -637,140 +658,146 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "logCollection is enabled", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), ContainerCollectUsingFiles: apiutils.NewBoolPointer(defaultLogContainerCollectUsingFiles), ContainerLogsPath: apiutils.NewStringPointer(defaultLogContainerLogsPath), PodLogsPath: apiutils.NewStringPointer(defaultLogPodLogsPath), ContainerSymlinksPath: apiutils.NewStringPointer(defaultLogContainerSymlinksPath), - TempStoragePath: apiutils.NewStringPointer(apicommon.DefaultLogTempStoragePath), + TempStoragePath: apiutils.NewStringPointer(v2alpha1.DefaultLogTempStoragePath), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -778,135 +805,141 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "APM is enabled", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - APM: &APMFeatureConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -914,137 +947,143 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "NPM is enabled", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - NPM: &NPMFeatureConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), EnableConntrack: apiutils.NewBoolPointer(defaultNPMEnableConntrack), CollectDNSStats: apiutils.NewBoolPointer(defaultNPMCollectDNSStats), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -1052,142 +1091,148 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "OTLP is enabled", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(true), Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(true), Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCHostPortEnabled)}, + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCHostPortEnabled)}, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCHostPortEnabled)}, + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCHostPortEnabled)}, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -1195,138 +1240,144 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "ExternalMetricsServer is enabled", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), RegisterAPIService: apiutils.NewBoolPointer(defaultRegisterAPIService), UseDatadogMetrics: apiutils.NewBoolPointer(defaultDatadogMetricsEnabled), Port: apiutils.NewInt32Pointer(defaultMetricsProviderPort), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -1334,135 +1385,141 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "ClusterChecks feature with a field set, but \"enabled\" field not set", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - ClusterChecks: &ClusterChecksFeatureConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(valueFalse), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -1470,147 +1527,156 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "Admission controller enabled unset, other fields set", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - AdmissionController: &AdmissionControllerFeatureConfig{ - Validation: &AdmissionControllerValidationConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(true), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(true), }, MutateUnlabelled: apiutils.NewBoolPointer(true), AgentCommunicationMode: apiutils.NewStringPointer("socket"), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(true), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(valueTrue), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), AgentCommunicationMode: apiutils.NewStringPointer("socket"), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), Mode: apiutils.NewStringPointer(DefaultAdmissionControllerCWSInstrumentationMode), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -1618,136 +1684,284 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "Orchestrator explorer enabled unset, other fields set", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ CustomResources: []string{"datadoghq.com/v1alpha1/datadogmetrics"}, }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), CustomResources: []string{"datadoghq.com/v1alpha1/datadogmetrics"}, }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), + }, + }, + }, + }, + { + name: "OTel Collector is enabled", + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(valueTrue), + }, + }, + }, + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), + }, + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), + }, + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), + }, + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), + }, + OOMKill: &v2alpha1.OOMKillFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), + }, + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), + }, + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), + }, + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), + }, + APM: &v2alpha1.APMFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), + HostPortConfig: &v2alpha1.HostPortConfig{ + Port: apiutils.NewInt32Pointer(defaultAPMHostPort), + Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), + }, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ + Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), + Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), + }, + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ + Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + }, + }, + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(valueTrue), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), + }, + SCA: &v2alpha1.ASMSCAConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), + }, + IAST: &v2alpha1.ASMIASTConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), + }, + }, + CSPM: &v2alpha1.CSPMFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), + }, + CWS: &v2alpha1.CWSFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), + }, + NPM: &v2alpha1.NPMFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), + }, + USM: &v2alpha1.USMFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), + }, + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ + OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ + Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), + Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), + }, + }, + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ + Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), + HostPortConfig: nil, + Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), + }, + HTTP: &v2alpha1.OTLPHTTPConfig{ + Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), + HostPortConfig: nil, + Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), + }, + }}}, + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), + }, + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ + CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), + }, + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), + ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), + }, + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), + }, + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), + }, + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), + UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), + }, + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), + Validation: &v2alpha1.AdmissionControllerValidationConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), + }, + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), + }, + MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), + ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ + Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), + }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, + }, + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), + }, + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -1756,156 +1970,162 @@ func Test_defaultFeatures(t *testing.T) { { // This test sets same defaults as the one with `Features: nil`; and leaves other configs as empty structs. name: "all feature configs are empty structs, configures defaults where applicable, leaves others empty", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{}, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{}, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{}, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{}, - OOMKill: &OOMKillFeatureConfig{}, - TCPQueueLength: &TCPQueueLengthFeatureConfig{}, - EBPFCheck: &EBPFCheckFeatureConfig{}, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{}, - APM: &APMFeatureConfig{}, - ASM: &ASMFeatureConfig{}, - CSPM: &CSPMFeatureConfig{}, - CWS: &CWSFeatureConfig{}, - NPM: &NPMFeatureConfig{}, - USM: &USMFeatureConfig{}, - OTLP: &OTLPFeatureConfig{}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{}, - EventCollection: &EventCollectionFeatureConfig{}, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{}, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{}, - AdmissionController: &AdmissionControllerFeatureConfig{}, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{}, - ClusterChecks: &ClusterChecksFeatureConfig{}, - PrometheusScrape: &PrometheusScrapeFeatureConfig{}, - HelmCheck: &HelmCheckFeatureConfig{}, + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{}, + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{}, + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{}, + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{}, + OOMKill: &v2alpha1.OOMKillFeatureConfig{}, + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{}, + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{}, + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{}, + APM: &v2alpha1.APMFeatureConfig{}, + ASM: &v2alpha1.ASMFeatureConfig{}, + CSPM: &v2alpha1.CSPMFeatureConfig{}, + CWS: &v2alpha1.CWSFeatureConfig{}, + NPM: &v2alpha1.NPMFeatureConfig{}, + USM: &v2alpha1.USMFeatureConfig{}, + OTLP: &v2alpha1.OTLPFeatureConfig{}, + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{}, + EventCollection: &v2alpha1.EventCollectionFeatureConfig{}, + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{}, + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{}, + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{}, + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{}, + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{}, + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{}, + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{}, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMEnabled), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSEnabled), }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, @@ -1913,148 +2133,156 @@ func Test_defaultFeatures(t *testing.T) { }, { name: "CSPM and CWS are enabled", - ddaSpec: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - CSPM: &CSPMFeatureConfig{ + ddaSpec: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), }, }, }, - want: &DatadogAgentSpec{ - Features: &DatadogFeatures{ - LogCollection: &LogCollectionFeatureConfig{ + want: &v2alpha1.DatadogAgentSpec{ + Features: &v2alpha1.DatadogFeatures{ + LogCollection: &v2alpha1.LogCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLogCollectionEnabled), }, - LiveProcessCollection: &LiveProcessCollectionFeatureConfig{ + LiveProcessCollection: &v2alpha1.LiveProcessCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveProcessCollectionEnabled), }, - LiveContainerCollection: &LiveContainerCollectionFeatureConfig{ + LiveContainerCollection: &v2alpha1.LiveContainerCollectionFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultLiveContainerCollectionEnabled), }, - ProcessDiscovery: &ProcessDiscoveryFeatureConfig{ + ProcessDiscovery: &v2alpha1.ProcessDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultProcessDiscoveryEnabled), }, - OOMKill: &OOMKillFeatureConfig{ + OOMKill: &v2alpha1.OOMKillFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOOMKillEnabled), }, - TCPQueueLength: &TCPQueueLengthFeatureConfig{ + TCPQueueLength: &v2alpha1.TCPQueueLengthFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultTCPQueueLengthEnabled), }, - EBPFCheck: &EBPFCheckFeatureConfig{ + EBPFCheck: &v2alpha1.EBPFCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultEBPFCheckEnabled), }, - ServiceDiscovery: &ServiceDiscoveryFeatureConfig{ + ServiceDiscovery: &v2alpha1.ServiceDiscoveryFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultServiceDiscoveryEnabled), }, - APM: &APMFeatureConfig{ + APM: &v2alpha1.APMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMEnabled), - HostPortConfig: &HostPortConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{ Port: apiutils.NewInt32Pointer(defaultAPMHostPort), Enabled: apiutils.NewBoolPointer(defaultAPMHostPortEnabled), }, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultAPMSocketEnabled), Path: apiutils.NewStringPointer(defaultAPMSocketHostPath), }, - SingleStepInstrumentation: &SingleStepInstrumentation{ + SingleStepInstrumentation: &v2alpha1.SingleStepInstrumentation{ Enabled: apiutils.NewBoolPointer(defaultAPMSingleStepInstrEnabled), - LanguageDetection: &LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, + LanguageDetection: &v2alpha1.LanguageDetectionConfig{Enabled: apiutils.NewBoolPointer(defaultLanguageDetectionEnabled)}, }, }, - ASM: &ASMFeatureConfig{ - Threats: &ASMThreatsConfig{ + OtelCollector: &v2alpha1.OtelCollectorFeatureConfig{ + Enabled: apiutils.NewBoolPointer(defaultOtelCollectorEnabled), + }, + ASM: &v2alpha1.ASMFeatureConfig{ + Threats: &v2alpha1.ASMThreatsConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMThreatsEnabled), }, - SCA: &ASMSCAConfig{ + SCA: &v2alpha1.ASMSCAConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMSCAEnabled), }, - IAST: &ASMIASTConfig{ + IAST: &v2alpha1.ASMIASTConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionASMIASTEnabled), }, }, - CSPM: &CSPMFeatureConfig{ + CSPM: &v2alpha1.CSPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), - HostBenchmarks: &CSPMHostBenchmarksConfig{ + HostBenchmarks: &v2alpha1.CSPMHostBenchmarksConfig{ Enabled: apiutils.NewBoolPointer(defaultCSPMHostBenchmarksEnabled), }, }, - CWS: &CWSFeatureConfig{ + CWS: &v2alpha1.CWSFeatureConfig{ Enabled: apiutils.NewBoolPointer(valueTrue), SyscallMonitorEnabled: apiutils.NewBoolPointer(defaultCWSSyscallMonitorEnabled), - Network: &CWSNetworkConfig{ + Network: &v2alpha1.CWSNetworkConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSNetworkEnabled), }, - SecurityProfiles: &CWSSecurityProfilesConfig{ + SecurityProfiles: &v2alpha1.CWSSecurityProfilesConfig{ Enabled: apiutils.NewBoolPointer(defaultCWSSecurityProfilesEnabled), }, }, - NPM: &NPMFeatureConfig{ + NPM: &v2alpha1.NPMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultNPMEnabled), }, - USM: &USMFeatureConfig{ + USM: &v2alpha1.USMFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultUSMEnabled), }, - Dogstatsd: &DogstatsdFeatureConfig{ + Dogstatsd: &v2alpha1.DogstatsdFeatureConfig{ OriginDetectionEnabled: apiutils.NewBoolPointer(defaultDogstatsdOriginDetectionEnabled), - HostPortConfig: &HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, - UnixDomainSocketConfig: &UnixDomainSocketConfig{ + HostPortConfig: &v2alpha1.HostPortConfig{Enabled: apiutils.NewBoolPointer(defaultDogstatsdHostPortEnabled)}, + UnixDomainSocketConfig: &v2alpha1.UnixDomainSocketConfig{ Enabled: apiutils.NewBoolPointer(defaultDogstatsdSocketEnabled), Path: apiutils.NewStringPointer(defaultDogstatsdHostSocketPath), }, }, - OTLP: &OTLPFeatureConfig{Receiver: OTLPReceiverConfig{Protocols: OTLPProtocolsConfig{ - GRPC: &OTLPGRPCConfig{ + OTLP: &v2alpha1.OTLPFeatureConfig{Receiver: v2alpha1.OTLPReceiverConfig{Protocols: v2alpha1.OTLPProtocolsConfig{ + GRPC: &v2alpha1.OTLPGRPCConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPGRPCEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPGRPCEndpoint), }, - HTTP: &OTLPHTTPConfig{ + HTTP: &v2alpha1.OTLPHTTPConfig{ Enabled: apiutils.NewBoolPointer(defaultOTLPHTTPEnabled), HostPortConfig: nil, Endpoint: apiutils.NewStringPointer(defaultOTLPHTTPEndpoint), }, - }}}, - RemoteConfiguration: &RemoteConfigurationFeatureConfig{ + }, + }, + }, + RemoteConfiguration: &v2alpha1.RemoteConfigurationFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultRemoteConfigurationEnabled), }, - EventCollection: &EventCollectionFeatureConfig{ + EventCollection: &v2alpha1.EventCollectionFeatureConfig{ CollectKubernetesEvents: apiutils.NewBoolPointer(defaultCollectKubernetesEvents), }, - OrchestratorExplorer: &OrchestratorExplorerFeatureConfig{ + OrchestratorExplorer: &v2alpha1.OrchestratorExplorerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultOrchestratorExplorerEnabled), ScrubContainers: apiutils.NewBoolPointer(defaultOrchestratorExplorerScrubContainers), }, - ExternalMetricsServer: &ExternalMetricsServerFeatureConfig{ + ExternalMetricsServer: &v2alpha1.ExternalMetricsServerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultExternalMetricsServerEnabled), }, - KubeStateMetricsCore: &KubeStateMetricsCoreFeatureConfig{ + KubeStateMetricsCore: &v2alpha1.KubeStateMetricsCoreFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultKubeStateMetricsCoreEnabled), }, - ClusterChecks: &ClusterChecksFeatureConfig{ + ClusterChecks: &v2alpha1.ClusterChecksFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultClusterChecksEnabled), UseClusterChecksRunners: apiutils.NewBoolPointer(defaultUseClusterChecksRunners), }, - AdmissionController: &AdmissionControllerFeatureConfig{ + AdmissionController: &v2alpha1.AdmissionControllerFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerEnabled), - Validation: &AdmissionControllerValidationConfig{ + Validation: &v2alpha1.AdmissionControllerValidationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerValidationEnabled), }, - Mutation: &AdmissionControllerMutationConfig{ + Mutation: &v2alpha1.AdmissionControllerMutationConfig{ Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerMutationEnabled), }, MutateUnlabelled: apiutils.NewBoolPointer(defaultAdmissionControllerMutateUnlabelled), ServiceName: apiutils.NewStringPointer(defaultAdmissionServiceName), - CWSInstrumentation: &CWSInstrumentationConfig{ + CWSInstrumentation: &v2alpha1.CWSInstrumentationConfig{ Enabled: apiutils.NewBoolPointer(DefaultAdmissionControllerCWSInstrumentationEnabled), }, + KubernetesAdmissionEvents: &v2alpha1.KubernetesAdmissionEventsConfig{ + Enabled: apiutils.NewBoolPointer(defaultAdmissionControllerKubernetesAdmissionEventsEnabled), + }, }, - PrometheusScrape: &PrometheusScrapeFeatureConfig{ + PrometheusScrape: &v2alpha1.PrometheusScrapeFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultPrometheusScrapeEnabled), }, - HelmCheck: &HelmCheckFeatureConfig{ + HelmCheck: &v2alpha1.HelmCheckFeatureConfig{ Enabled: apiutils.NewBoolPointer(defaultHelmCheckEnabled), }, }, diff --git a/internal/controller/datadogagent/feature/admissioncontroller/envvar.go b/internal/controller/datadogagent/feature/admissioncontroller/envvar.go new file mode 100644 index 000000000..da94b900b --- /dev/null +++ b/internal/controller/datadogagent/feature/admissioncontroller/envvar.go @@ -0,0 +1,32 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package admissioncontroller + +const ( + DDAdmissionControllerAgentSidecarEnabled = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_ENABLED" + DDAdmissionControllerAgentSidecarClusterAgentEnabled = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_CLUSTER_AGENT_ENABLED" + DDAdmissionControllerAgentSidecarProvider = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_PROVIDER" + DDAdmissionControllerAgentSidecarRegistry = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_CONTAINER_REGISTRY" + DDAdmissionControllerAgentSidecarImageName = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_IMAGE_NAME" + DDAdmissionControllerAgentSidecarImageTag = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_IMAGE_TAG" + DDAdmissionControllerAgentSidecarSelectors = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_SELECTORS" + DDAdmissionControllerAgentSidecarProfiles = "DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_PROFILES" + DDAdmissionControllerEnabled = "DD_ADMISSION_CONTROLLER_ENABLED" + DDAdmissionControllerValidationEnabled = "DD_ADMISSION_CONTROLLER_VALIDATION_ENABLED" + DDAdmissionControllerMutationEnabled = "DD_ADMISSION_CONTROLLER_MUTATION_ENABLED" + DDAdmissionControllerInjectConfig = "DD_ADMISSION_CONTROLLER_INJECT_CONFIG_ENABLED" + DDAdmissionControllerInjectConfigMode = "DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE" + DDAdmissionControllerInjectTags = "DD_ADMISSION_CONTROLLER_INJECT_TAGS_ENABLED" + DDAdmissionControllerLocalServiceName = "DD_ADMISSION_CONTROLLER_INJECT_CONFIG_LOCAL_SERVICE_NAME" + DDAdmissionControllerMutateUnlabelled = "DD_ADMISSION_CONTROLLER_MUTATE_UNLABELLED" + DDAdmissionControllerServiceName = "DD_ADMISSION_CONTROLLER_SERVICE_NAME" + DDAdmissionControllerFailurePolicy = "DD_ADMISSION_CONTROLLER_FAILURE_POLICY" + DDAdmissionControllerWebhookName = "DD_ADMISSION_CONTROLLER_WEBHOOK_NAME" + DDAdmissionControllerRegistryName = "DD_ADMISSION_CONTROLLER_CONTAINER_REGISTRY" + DDAdmissionControllerCWSInstrumentationEnabled = "DD_ADMISSION_CONTROLLER_CWS_INSTRUMENTATION_ENABLED" + DDAdmissionControllerCWSInstrumentationMode = "DD_ADMISSION_CONTROLLER_CWS_INSTRUMENTATION_MODE" + DDAdmissionControllerKubernetesAdmissionEventsEnabled = "DD_ADMISSION_CONTROLLER_KUBERNETES_ADMISSION_EVENTS_ENABLED" +) diff --git a/internal/controller/datadogagent/feature/admissioncontroller/feature.go b/internal/controller/datadogagent/feature/admissioncontroller/feature.go index 3bf2ce501..9d72a7b33 100644 --- a/internal/controller/datadogagent/feature/admissioncontroller/feature.go +++ b/internal/controller/datadogagent/feature/admissioncontroller/feature.go @@ -16,6 +16,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/objects" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" cilium "github.com/DataDog/datadog-operator/pkg/cilium/v1" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/defaulting" corev1 "k8s.io/api/core/v1" @@ -48,6 +49,8 @@ type admissionControllerFeature struct { cwsInstrumentationEnabled bool cwsInstrumentationMode string + + kubernetesAdmissionEvents *KubernetesAdmissionEventConfig } type ValidationConfig struct { @@ -69,6 +72,10 @@ type AgentSidecarInjectionConfig struct { profiles []*v2alpha1.Profile } +type KubernetesAdmissionEventConfig struct { + enabled bool +} + func buildAdmissionControllerFeature(options *feature.Options) feature.Feature { return &admissionControllerFeature{} } @@ -86,7 +93,7 @@ func shouldEnablesidecarInjection(sidecarInjectionConf *v2alpha1.AgentSidecarInj func (f *admissionControllerFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp feature.RequiredComponents) { f.owner = dda - f.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) + f.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) ac := dda.Spec.Features.AdmissionController @@ -122,7 +129,7 @@ func (f *admissionControllerFeature) Configure(dda *v2alpha1.DatadogAgent) (reqC } // otherwise don't set to fall back to default agent setting `hostip` } - f.localServiceName = v2alpha1.GetLocalAgentServiceName(dda) + f.localServiceName = constants.GetLocalAgentServiceName(dda) reqComp = feature.RequiredComponents{ ClusterAgent: feature.RequiredComponent{IsRequired: apiutils.NewBoolPointer(true)}, } @@ -140,7 +147,11 @@ func (f *admissionControllerFeature) Configure(dda *v2alpha1.DatadogAgent) (reqC f.cwsInstrumentationMode = apiutils.StringValue(ac.CWSInstrumentation.Mode) } - _, f.networkPolicy = v2alpha1.IsNetworkPolicyEnabled(dda) + if ac.KubernetesAdmissionEvents != nil && apiutils.BoolValue(ac.KubernetesAdmissionEvents.Enabled) { + f.kubernetesAdmissionEvents = &KubernetesAdmissionEventConfig{enabled: true} + } + + _, f.networkPolicy = constants.IsNetworkPolicyEnabled(dda) sidecarConfig := dda.Spec.Features.AdmissionController.AgentSidecarInjection if shouldEnablesidecarInjection(sidecarConfig) { @@ -230,7 +241,7 @@ func (f *admissionControllerFeature) ManageDependencies(managers feature.Resourc // service selector := map[string]string{ apicommon.AgentDeploymentNameLabelKey: f.owner.GetName(), - apicommon.AgentDeploymentComponentLabelKey: v2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, } port := []corev1.ServicePort{ { @@ -308,111 +319,118 @@ func (f *admissionControllerFeature) ManageDependencies(managers feature.Resourc func (f *admissionControllerFeature) ManageClusterAgent(managers feature.PodTemplateManagers) error { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerEnabled, + Name: DDAdmissionControllerEnabled, Value: "true", }) if f.validationWebhookConfig != nil { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerValidationEnabled, + Name: DDAdmissionControllerValidationEnabled, Value: apiutils.BoolToString(&f.validationWebhookConfig.enabled), }) } if f.mutationWebhookConfig != nil { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerMutationEnabled, + Name: DDAdmissionControllerMutationEnabled, Value: apiutils.BoolToString(&f.mutationWebhookConfig.enabled), }) } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerMutateUnlabelled, + Name: DDAdmissionControllerMutateUnlabelled, Value: apiutils.BoolToString(&f.mutateUnlabelled), }) if f.registry != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerRegistryName, + Name: DDAdmissionControllerRegistryName, Value: f.registry, }) } if f.serviceName != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerServiceName, + Name: DDAdmissionControllerServiceName, Value: f.serviceName, }) } if f.cwsInstrumentationEnabled { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerCWSInstrumentationEnabled, + Name: DDAdmissionControllerCWSInstrumentationEnabled, Value: apiutils.BoolToString(&f.cwsInstrumentationEnabled), }) managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerCWSInstrumentationMode, + Name: DDAdmissionControllerCWSInstrumentationMode, Value: f.cwsInstrumentationMode, }) } + if f.kubernetesAdmissionEvents != nil { + managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ + Name: DDAdmissionControllerKubernetesAdmissionEventsEnabled, + Value: apiutils.BoolToString(&f.kubernetesAdmissionEvents.enabled), + }) + } + if f.agentCommunicationMode != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerInjectConfigMode, + Name: DDAdmissionControllerInjectConfigMode, Value: f.agentCommunicationMode, }) } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerLocalServiceName, + Name: DDAdmissionControllerLocalServiceName, Value: f.localServiceName, }) if f.failurePolicy != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerFailurePolicy, + Name: DDAdmissionControllerFailurePolicy, Value: f.failurePolicy, }) } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerWebhookName, + Name: DDAdmissionControllerWebhookName, Value: f.webhookName, }) if f.agentSidecarConfig != nil { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarEnabled, + Name: DDAdmissionControllerAgentSidecarEnabled, Value: apiutils.BoolToString(&f.agentSidecarConfig.enabled), }) managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarClusterAgentEnabled, + Name: DDAdmissionControllerAgentSidecarClusterAgentEnabled, Value: apiutils.BoolToString(&f.agentSidecarConfig.clusterAgentCommunicationEnabled), }) if f.agentSidecarConfig.provider != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarProvider, + Name: DDAdmissionControllerAgentSidecarProvider, Value: f.agentSidecarConfig.provider, }) } if f.agentSidecarConfig.registry != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarRegistry, + Name: DDAdmissionControllerAgentSidecarRegistry, Value: f.agentSidecarConfig.registry, }) } if f.agentSidecarConfig.imageName != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarImageName, + Name: DDAdmissionControllerAgentSidecarImageName, Value: f.agentSidecarConfig.imageName, }) } if f.agentSidecarConfig.imageTag != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarImageTag, + Name: DDAdmissionControllerAgentSidecarImageTag, Value: f.agentSidecarConfig.imageTag, }) } @@ -423,7 +441,7 @@ func (f *admissionControllerFeature) ManageClusterAgent(managers feature.PodTemp return err } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarSelectors, + Name: DDAdmissionControllerAgentSidecarSelectors, Value: string(selectorsJSON), }) } @@ -434,7 +452,7 @@ func (f *admissionControllerFeature) ManageClusterAgent(managers feature.PodTemp return err } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarProfiles, + Name: DDAdmissionControllerAgentSidecarProfiles, Value: string(profilesJSON), }) } diff --git a/internal/controller/datadogagent/feature/admissioncontroller/feature_test.go b/internal/controller/datadogagent/feature/admissioncontroller/feature_test.go index 2642822e3..80eaeabd4 100644 --- a/internal/controller/datadogagent/feature/admissioncontroller/feature_test.go +++ b/internal/controller/datadogagent/feature/admissioncontroller/feature_test.go @@ -9,12 +9,12 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" defaulting "github.com/DataDog/datadog-operator/pkg/defaulting" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -25,13 +25,13 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "Admission Controller not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). Build(), WantConfigure: false, }, { Name: "Admission Controller enabled with basic setup", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). Build(), WantConfigure: true, @@ -40,7 +40,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with validation and mutation enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithAdmissionControllerValidationEnabled(true). WithAdmissionControllerMutationEnabled(true). @@ -51,7 +51,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission controller enabled, cwsInstrumentation enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithCWSInstrumentationEnabled(true). WithCWSInstrumentationMode("test-mode"). @@ -62,7 +62,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with overriding registry", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithRegistry("testRegistry"). Build(), @@ -72,7 +72,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with custom registry in global config, override with feature config", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithAdmissionControllerRegistry("featureRegistry"). WithRegistry("globalRegistry"). @@ -83,7 +83,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with apm uds", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithAPMEnabled(true). WithAPMUDSEnabled(true, "testHostPath"). @@ -94,7 +94,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with DSD uds", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithDogstatsdUnixDomainSocketConfigEnabled(true). Build(), @@ -104,7 +104,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with sidecar basic setup", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithSidecarInjectionEnabled(true). Build(), @@ -114,7 +114,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with sidecar injection adding global registry", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithSidecarInjectionEnabled(true). WithRegistry("globalRegistry"). @@ -125,7 +125,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with sidecar injection adding both sidecar and global registry", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithSidecarInjectionEnabled(true). WithRegistry("globalRegistry"). @@ -137,7 +137,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with sidecar injection adding test sidecar image and tag", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithSidecarInjectionEnabled(true). WithSidecarInjectionImageName("testAgentImage"). @@ -149,7 +149,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with sidecar injection adding global image and tag", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithSidecarInjectionEnabled(true). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ @@ -167,7 +167,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with sidecar injection adding both global and sidecar image and tag", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithSidecarInjectionEnabled(true). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ @@ -185,7 +185,7 @@ func Test_admissionControllerFeature_Configure(t *testing.T) { }, { Name: "Admission Controller enabled with sidecar injection with selector and profile", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithSidecarInjectionEnabled(true). WithSidecarInjectionSelectors("testKey", "testValue"). @@ -208,56 +208,56 @@ func testDCAResources(acm string, registry string, cwsInstrumentationEnabled boo agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommon.ClusterAgentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDAdmissionControllerEnabled, + Name: DDAdmissionControllerEnabled, Value: "true", }, { - Name: apicommon.DDAdmissionControllerValidationEnabled, + Name: DDAdmissionControllerValidationEnabled, Value: "true", }, { - Name: apicommon.DDAdmissionControllerMutationEnabled, + Name: DDAdmissionControllerMutationEnabled, Value: "true", }, { - Name: apicommon.DDAdmissionControllerMutateUnlabelled, + Name: DDAdmissionControllerMutateUnlabelled, Value: "true", }, { - Name: apicommon.DDAdmissionControllerServiceName, + Name: DDAdmissionControllerServiceName, Value: "testServiceName", }, { - Name: apicommon.DDAdmissionControllerLocalServiceName, + Name: DDAdmissionControllerLocalServiceName, Value: "-agent", }, { - Name: apicommon.DDAdmissionControllerWebhookName, + Name: DDAdmissionControllerWebhookName, Value: "datadog-webhook", }, } if cwsInstrumentationEnabled { expectedAgentEnvs = append(expectedAgentEnvs, []*corev1.EnvVar{ { - Name: apicommon.DDAdmissionControllerCWSInstrumentationEnabled, + Name: DDAdmissionControllerCWSInstrumentationEnabled, Value: apiutils.BoolToString(&cwsInstrumentationEnabled), }, { - Name: apicommon.DDAdmissionControllerCWSInstrumentationMode, + Name: DDAdmissionControllerCWSInstrumentationMode, Value: "test-mode", }, }...) } if acm != "" { acmEnv := corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerInjectConfigMode, + Name: DDAdmissionControllerInjectConfigMode, Value: acm, } expectedAgentEnvs = append(expectedAgentEnvs, &acmEnv) } if registry != "" { registryEnv := corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerRegistryName, + Name: DDAdmissionControllerRegistryName, Value: registry, } expectedAgentEnvs = append(expectedAgentEnvs, ®istryEnv) @@ -276,26 +276,26 @@ func testDCAResources(acm string, registry string, cwsInstrumentationEnabled boo func getACEnvVars(validation, mutation bool, acm, registry string, cws bool) []*corev1.EnvVar { envVars := []*corev1.EnvVar{ { - Name: apicommon.DDAdmissionControllerEnabled, + Name: DDAdmissionControllerEnabled, Value: "true", }, { - Name: apicommon.DDAdmissionControllerMutateUnlabelled, + Name: DDAdmissionControllerMutateUnlabelled, Value: "false", }, { - Name: apicommon.DDAdmissionControllerLocalServiceName, + Name: DDAdmissionControllerLocalServiceName, Value: "-agent", }, { - Name: apicommon.DDAdmissionControllerWebhookName, + Name: DDAdmissionControllerWebhookName, Value: "datadog-webhook", }, } if validation { validationEnv := corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerValidationEnabled, + Name: DDAdmissionControllerValidationEnabled, Value: apiutils.BoolToString(&validation), } envVars = append(envVars, &validationEnv) @@ -303,7 +303,7 @@ func getACEnvVars(validation, mutation bool, acm, registry string, cws bool) []* if mutation { mutationEnv := corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerMutationEnabled, + Name: DDAdmissionControllerMutationEnabled, Value: apiutils.BoolToString(&mutation), } envVars = append(envVars, &mutationEnv) @@ -311,14 +311,14 @@ func getACEnvVars(validation, mutation bool, acm, registry string, cws bool) []* if acm != "" { acmEnv := corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerInjectConfigMode, + Name: DDAdmissionControllerInjectConfigMode, Value: acm, } envVars = append(envVars, &acmEnv) } if registry != "" { registryEnv := corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerRegistryName, + Name: DDAdmissionControllerRegistryName, Value: registry, } envVars = append(envVars, ®istryEnv) @@ -327,11 +327,11 @@ func getACEnvVars(validation, mutation bool, acm, registry string, cws bool) []* if cws { cwsEnv := []corev1.EnvVar{ { - Name: apicommon.DDAdmissionControllerCWSInstrumentationEnabled, + Name: DDAdmissionControllerCWSInstrumentationEnabled, Value: apiutils.BoolToString(&cws), }, { - Name: apicommon.DDAdmissionControllerCWSInstrumentationMode, + Name: DDAdmissionControllerCWSInstrumentationMode, Value: "test-mode", }, } @@ -369,36 +369,36 @@ func sidecarHelperFunc(admissionControllerConfig, sidecarConfig []*corev1.EnvVar func getSidecarEnvVars(imageName, imageTag, registry string, selectors, profiles bool) []*corev1.EnvVar { envVars := []*corev1.EnvVar{ { - Name: apicommon.DDAdmissionControllerAgentSidecarEnabled, + Name: DDAdmissionControllerAgentSidecarEnabled, Value: "true", }, { - Name: apicommon.DDAdmissionControllerAgentSidecarClusterAgentEnabled, + Name: DDAdmissionControllerAgentSidecarClusterAgentEnabled, Value: "true", }, { - Name: apicommon.DDAdmissionControllerAgentSidecarProvider, + Name: DDAdmissionControllerAgentSidecarProvider, Value: "fargate", }, { - Name: apicommon.DDAdmissionControllerAgentSidecarImageName, + Name: DDAdmissionControllerAgentSidecarImageName, Value: imageName, }, { - Name: apicommon.DDAdmissionControllerAgentSidecarImageTag, + Name: DDAdmissionControllerAgentSidecarImageTag, Value: imageTag, }, } if registry != "" { registryEnv := corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarRegistry, + Name: DDAdmissionControllerAgentSidecarRegistry, Value: registry, } envVars = append(envVars, ®istryEnv) } if selectors { selectorEnv := corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarSelectors, + Name: DDAdmissionControllerAgentSidecarSelectors, Value: "[{\"namespaceSelector\":{\"matchLabels\":{\"testKey\":\"testValue\"}},\"objectSelector\":{\"matchLabels\":{\"testKey\":\"testValue\"}}}]", } envVars = append(envVars, &selectorEnv) @@ -406,7 +406,7 @@ func getSidecarEnvVars(imageName, imageTag, registry string, selectors, profiles if profiles { profileEnv := corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAgentSidecarProfiles, + Name: DDAdmissionControllerAgentSidecarProfiles, Value: "[{\"env\":[{\"name\":\"testName\",\"value\":\"testValue\"}],\"resources\":{\"requests\":{\"cpu\":\"500m\",\"memory\":\"1Gi\"}}}]", } envVars = append(envVars, &profileEnv) diff --git a/internal/controller/datadogagent/feature/admissioncontroller/rbac.go b/internal/controller/datadogagent/feature/admissioncontroller/rbac.go index d6b938061..6a7aa6da0 100644 --- a/internal/controller/datadogagent/feature/admissioncontroller/rbac.go +++ b/internal/controller/datadogagent/feature/admissioncontroller/rbac.go @@ -31,6 +31,7 @@ func getRBACClusterPolicyRules(webhookName string, cwsInstrumentationEnabled boo rbac.ListVerb, rbac.WatchVerb, rbac.UpdateVerb, + rbac.DeleteVerb, }, }, // ExtendedDaemonsetReplicaSets diff --git a/internal/controller/datadogagent/feature/apm/envvar.go b/internal/controller/datadogagent/feature/apm/envvar.go new file mode 100644 index 000000000..1eba11cd5 --- /dev/null +++ b/internal/controller/datadogagent/feature/apm/envvar.go @@ -0,0 +1,17 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package apm + +const ( + DDAPMNonLocalTraffic = "DD_APM_NON_LOCAL_TRAFFIC" + DDAPMReceiverPort = "DD_APM_RECEIVER_PORT" + DDAPMReceiverSocket = "DD_APM_RECEIVER_SOCKET" + DDAPMInstrumentationEnabled = "DD_APM_INSTRUMENTATION_ENABLED" + DDAPMInstrumentationEnabledNamespaces = "DD_APM_INSTRUMENTATION_ENABLED_NAMESPACES" + DDAPMInstrumentationDisabledNamespaces = "DD_APM_INSTRUMENTATION_DISABLED_NAMESPACES" + DDAPMInstrumentationLibVersions = "DD_APM_INSTRUMENTATION_LIB_VERSIONS" + DDLanguageDetectionEnabled = "DD_LANGUAGE_DETECTION_ENABLED" +) diff --git a/internal/controller/datadogagent/feature/apm/feature.go b/internal/controller/datadogagent/feature/apm/feature.go index 0c5e57d84..00b74d7e5 100644 --- a/internal/controller/datadogagent/feature/apm/feature.go +++ b/internal/controller/datadogagent/feature/apm/feature.go @@ -26,6 +26,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/merger" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/volume" cilium "github.com/DataDog/datadog-operator/pkg/cilium/v1" + "github.com/DataDog/datadog-operator/pkg/constants" ) func init() { @@ -103,13 +104,13 @@ func (f *apmFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp feature.Requ f.owner = dda apm := dda.Spec.Features.APM if shouldEnableAPM(apm) { - f.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) - f.useHostNetwork = v2alpha1.IsHostNetworkEnabled(dda, v2alpha1.NodeAgentComponentName) + f.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) + f.useHostNetwork = constants.IsHostNetworkEnabled(dda, v2alpha1.NodeAgentComponentName) // hostPort defaults to 'false' in the defaulting code f.hostPortEnabled = apiutils.BoolValue(apm.HostPortConfig.Enabled) f.hostPortHostPort = *apm.HostPortConfig.Port if f.hostPortEnabled { - if enabled, flavor := v2alpha1.IsNetworkPolicyEnabled(dda); enabled { + if enabled, flavor := constants.IsNetworkPolicyEnabled(dda); enabled { if flavor == v2alpha1.NetworkPolicyFlavorCilium { f.createCiliumNetworkPolicy = true } else { @@ -124,7 +125,7 @@ func (f *apmFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp feature.Requ if dda.Spec.Global.LocalService != nil { f.forceEnableLocalService = apiutils.BoolValue(dda.Spec.Global.LocalService.ForceEnableLocalService) } - f.localServiceName = v2alpha1.GetLocalAgentServiceName(dda) + f.localServiceName = constants.GetLocalAgentServiceName(dda) reqComp = feature.RequiredComponents{ Agent: feature.RequiredComponent{ @@ -177,9 +178,9 @@ func (f *apmFeature) ManageDependencies(managers feature.ResourceManagers, compo if common.ShouldCreateAgentLocalService(platformInfo.GetVersionInfo(), f.forceEnableLocalService) { apmPort := &corev1.ServicePort{ Protocol: corev1.ProtocolTCP, - TargetPort: intstr.FromInt(int(v2alpha1.DefaultApmPort)), - Port: v2alpha1.DefaultApmPort, - Name: v2alpha1.DefaultApmPortName, + TargetPort: intstr.FromInt(int(constants.DefaultApmPort)), + Port: constants.DefaultApmPort, + Name: constants.DefaultApmPortName, } if f.hostPortEnabled { apmPort.Port = f.hostPortHostPort @@ -267,13 +268,13 @@ func (f *apmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er return fmt.Errorf("`spec.features.apm.instrumentation.enabledNamespaces` and `spec.features.apm.instrumentation.disabledNamespaces` cannot be set together") } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAPMInstrumentationEnabled, + Name: DDAPMInstrumentationEnabled, Value: apiutils.BoolToString(&f.singleStepInstrumentation.enabled), }) if f.shouldEnableLanguageDetection() { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLanguageDetectionEnabled, + Name: DDLanguageDetectionEnabled, Value: "true", }) } @@ -284,7 +285,7 @@ func (f *apmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er return err } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAPMInstrumentationDisabledNamespaces, + Name: DDAPMInstrumentationDisabledNamespaces, Value: string(ns), }) } @@ -294,7 +295,7 @@ func (f *apmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er return err } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAPMInstrumentationEnabledNamespaces, + Name: DDAPMInstrumentationEnabledNamespaces, Value: string(ns), }) } @@ -304,7 +305,7 @@ func (f *apmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er return err } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAPMInstrumentationLibVersions, + Name: DDAPMInstrumentationLibVersions, Value: string(libs), }) } @@ -331,30 +332,30 @@ func (f *apmFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi func (f *apmFeature) manageNodeAgent(agentContainerName apicommon.AgentContainerName, managers feature.PodTemplateManagers, provider string) error { managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAPMEnabled, + Name: v2alpha1.DDAPMEnabled, Value: "true", }) // udp apmPort := &corev1.ContainerPort{ - Name: v2alpha1.DefaultApmPortName, - ContainerPort: v2alpha1.DefaultApmPort, + Name: constants.DefaultApmPortName, + ContainerPort: constants.DefaultApmPort, Protocol: corev1.ProtocolTCP, } if f.hostPortEnabled { apmPort.HostPort = f.hostPortHostPort - receiverPortEnvVarValue := v2alpha1.DefaultApmPort + receiverPortEnvVarValue := constants.DefaultApmPort // if using host network, host port should be set and needs to match container port if f.useHostNetwork { apmPort.ContainerPort = f.hostPortHostPort receiverPortEnvVarValue = int(f.hostPortHostPort) } managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAPMNonLocalTraffic, + Name: DDAPMNonLocalTraffic, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAPMReceiverPort, + Name: DDAPMReceiverPort, Value: strconv.Itoa(receiverPortEnvVarValue), }) } @@ -365,19 +366,19 @@ func (f *apmFeature) manageNodeAgent(agentContainerName apicommon.AgentContainer // Enable language detection in core agent managers.EnvVar().AddEnvVarToContainer(apicommon.CoreAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLanguageDetectionEnabled, + Name: DDLanguageDetectionEnabled, Value: "true", }) // Enable language detection in process agent managers.EnvVar().AddEnvVarToContainer(apicommon.ProcessAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLanguageDetectionEnabled, + Name: DDLanguageDetectionEnabled, Value: "true", }) // Always add this envvar to Core and Process containers runInCoreAgentEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: apiutils.BoolToString(&f.processCheckRunsInCoreAgent), } managers.EnvVar().AddEnvVarToContainer(apicommon.ProcessAgentContainerName, runInCoreAgentEnvVar) @@ -389,7 +390,7 @@ func (f *apmFeature) manageNodeAgent(agentContainerName apicommon.AgentContainer udsHostFolder := filepath.Dir(f.udsHostFilepath) sockName := filepath.Base(f.udsHostFilepath) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAPMReceiverSocket, + Name: DDAPMReceiverSocket, Value: filepath.Join(apmSocketVolumeLocalPath, sockName), }) socketVol, socketVolMount := volume.GetVolumes(apmSocketVolumeName, udsHostFolder, apmSocketVolumeLocalPath, false) diff --git a/internal/controller/datadogagent/feature/apm/feature_test.go b/internal/controller/datadogagent/feature/apm/feature_test.go index ea0d3673c..a85b8629e 100644 --- a/internal/controller/datadogagent/feature/apm/feature_test.go +++ b/internal/controller/datadogagent/feature/apm/feature_test.go @@ -11,7 +11,6 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" "github.com/DataDog/datadog-operator/api/utils" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" @@ -19,6 +18,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/store" "github.com/DataDog/datadog-operator/pkg/kubernetes" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -26,8 +26,8 @@ import ( ) const ( - apmSocketHostPath = apicommon.DogstatsdAPMSocketHostPath + "/" + apicommon.APMSocketName - apmSocketLocalPath = apmSocketVolumeLocalPath + "/" + apicommon.APMSocketName + apmSocketHostPath = v2alpha1.DogstatsdAPMSocketHostPath + "/" + v2alpha1.APMSocketName + apmSocketLocalPath = apmSocketVolumeLocalPath + "/" + v2alpha1.APMSocketName ) func TestShouldEnableAPM(t *testing.T) { @@ -78,14 +78,14 @@ func TestAPMFeature(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "apm not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(false). Build(), WantConfigure: false, }, { Name: "apm not enabled with single container strategy", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(false). WithSingleContainerStrategy(true). Build(), @@ -93,7 +93,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, use uds", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(false, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -103,7 +103,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, use uds with single container strategy", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(false, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -114,7 +114,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, use uds and host port", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -124,7 +124,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, use uds and host port with single container strategy", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -135,7 +135,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, use uds and custom host port", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(1234)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -145,7 +145,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, use uds and custom host port with single container strategy", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(1234)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -156,7 +156,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, use uds and host port enabled but no custom host port", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, nil). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -166,7 +166,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, use uds and host port enabled but no custom host port with single container strategy", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, nil). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -177,7 +177,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, host port enabled host network", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, nil). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ @@ -189,7 +189,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, host port enabled host network with single container strategy", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, nil). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ @@ -202,7 +202,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, custom host port host network", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(1234)). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ @@ -214,7 +214,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "apm enabled, custom host port host network with single container strategy", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(1234)). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ @@ -227,7 +227,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "basic apm single step instrumentation", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -240,7 +240,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "error apm single step instrumentation without language detection", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -264,7 +264,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "step instrumentation precedence", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(false). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -275,7 +275,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "step instrumentation w/o AC", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -289,7 +289,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "single step instrumentation namespace specific", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -301,7 +301,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "single step instrumentation with language detection enabled, process check runs in process agent", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -320,7 +320,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "single step instrumentation without language detection enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -339,7 +339,7 @@ func TestAPMFeature(t *testing.T) { }, { Name: "single step instrumentation with language detection enabled, process check runs in core agent", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithAPMHostPortEnabled(true, apiutils.NewInt32Pointer(8126)). WithAPMUDSEnabled(true, apmSocketHostPath). @@ -375,19 +375,19 @@ func testTraceAgentEnabled(containerName apicommon.AgentContainerName) *test.Com agentEnvs := mgr.EnvVarMgr.EnvVarsByC[containerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDAPMEnabled, + Name: v2alpha1.DDAPMEnabled, Value: "true", }, { - Name: apicommon.DDAPMNonLocalTraffic, + Name: DDAPMNonLocalTraffic, Value: "true", }, { - Name: apicommon.DDAPMReceiverPort, + Name: DDAPMReceiverPort, Value: "8126", }, { - Name: apicommon.DDAPMReceiverSocket, + Name: DDAPMReceiverSocket, Value: apmSocketLocalPath, }, } @@ -408,15 +408,15 @@ func testAgentHostPortOnly() *test.ComponentTest { agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommon.TraceAgentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDAPMEnabled, + Name: v2alpha1.DDAPMEnabled, Value: "true", }, { - Name: apicommon.DDAPMNonLocalTraffic, + Name: DDAPMNonLocalTraffic, Value: "true", }, { - Name: apicommon.DDAPMReceiverPort, + Name: DDAPMReceiverPort, Value: "8126", }, } @@ -452,11 +452,11 @@ func testAgentUDSOnly(agentContainerName apicommon.AgentContainerName) *test.Com agentEnvs := mgr.EnvVarMgr.EnvVarsByC[agentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDAPMEnabled, + Name: v2alpha1.DDAPMEnabled, Value: "true", }, { - Name: apicommon.DDAPMReceiverSocket, + Name: DDAPMReceiverSocket, Value: apmSocketLocalPath, }, } @@ -487,7 +487,7 @@ func testAgentUDSOnly(agentContainerName apicommon.AgentContainerName) *test.Com Name: apmSocketVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DogstatsdAPMSocketHostPath, + Path: v2alpha1.DogstatsdAPMSocketHostPath, Type: &volType, }, }, @@ -524,15 +524,15 @@ func testAPMInstrumentationFull() *test.ComponentTest { agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommon.ClusterAgentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDAPMInstrumentationEnabled, + Name: DDAPMInstrumentationEnabled, Value: "true", }, { - Name: apicommon.DDAPMInstrumentationDisabledNamespaces, + Name: DDAPMInstrumentationDisabledNamespaces, Value: "[\"foo\",\"bar\"]", }, { - Name: apicommon.DDAPMInstrumentationLibVersions, + Name: DDAPMInstrumentationLibVersions, Value: "{\"java\":\"1.2.4\"}", }, } @@ -570,15 +570,15 @@ func testAPMInstrumentationNamespaces() *test.ComponentTest { agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommon.ClusterAgentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDAPMInstrumentationEnabled, + Name: DDAPMInstrumentationEnabled, Value: "false", }, { - Name: apicommon.DDAPMInstrumentationEnabledNamespaces, + Name: DDAPMInstrumentationEnabledNamespaces, Value: "[\"foo\",\"bar\"]", }, { - Name: apicommon.DDAPMInstrumentationLibVersions, + Name: DDAPMInstrumentationLibVersions, Value: "{\"java\":\"1.2.4\"}", }, } @@ -599,7 +599,7 @@ func testAPMInstrumentation() *test.ComponentTest { agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommon.ClusterAgentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDAPMInstrumentationEnabled, + Name: DDAPMInstrumentationEnabled, Value: "true", }, } @@ -621,11 +621,11 @@ func testAPMInstrumentationWithLanguageDetectionEnabledForClusterAgent() *test.C clusterAgentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommon.ClusterAgentContainerName] expectedClusterAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDAPMInstrumentationEnabled, + Name: DDAPMInstrumentationEnabled, Value: "true", }, { - Name: apicommon.DDLanguageDetectionEnabled, + Name: DDLanguageDetectionEnabled, Value: "true", }, } @@ -650,11 +650,11 @@ func testAPMInstrumentationWithLanguageDetectionForNodeAgent(languageDetectionEn if languageDetectionEnabled { expectedEnvVars = []*corev1.EnvVar{ { - Name: apicommon.DDLanguageDetectionEnabled, + Name: DDLanguageDetectionEnabled, Value: "true", }, { - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: utils.BoolToString(&processChecksInCoreAgent), }, } @@ -690,19 +690,19 @@ func testAgentHostPortUDS(agentContainerName apicommon.AgentContainerName, hostP agentEnvs := mgr.EnvVarMgr.EnvVarsByC[agentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDAPMEnabled, + Name: v2alpha1.DDAPMEnabled, Value: "true", }, { - Name: apicommon.DDAPMNonLocalTraffic, + Name: DDAPMNonLocalTraffic, Value: "true", }, { - Name: apicommon.DDAPMReceiverPort, + Name: DDAPMReceiverPort, Value: strconv.Itoa(int(receiverPortValue)), }, { - Name: apicommon.DDAPMReceiverSocket, + Name: DDAPMReceiverSocket, Value: apmSocketLocalPath, }, } @@ -733,7 +733,7 @@ func testAgentHostPortUDS(agentContainerName apicommon.AgentContainerName, hostP Name: apmSocketVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DogstatsdAPMSocketHostPath, + Path: v2alpha1.DogstatsdAPMSocketHostPath, Type: &volType, }, }, diff --git a/internal/controller/datadogagent/feature/asm/envvar.go b/internal/controller/datadogagent/feature/asm/envvar.go new file mode 100644 index 000000000..9b1d78d31 --- /dev/null +++ b/internal/controller/datadogagent/feature/asm/envvar.go @@ -0,0 +1,12 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package asm + +const ( + DDAdmissionControllerAppsecEnabled = "DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_APPSEC_ENABLED" + DDAdmissionControllerAppsecSCAEnabled = "DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_APPSEC_SCA_ENABLED" + DDAdmissionControllerIASTEnabled = "DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_IAST_ENABLED" +) diff --git a/internal/controller/datadogagent/feature/asm/feature.go b/internal/controller/datadogagent/feature/asm/feature.go index 2f73a5910..bc22dc852 100644 --- a/internal/controller/datadogagent/feature/asm/feature.go +++ b/internal/controller/datadogagent/feature/asm/feature.go @@ -83,7 +83,7 @@ func (f *asmFeature) ManageDependencies(_ feature.ResourceManagers, _ feature.Re func (f *asmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) error { if f.threatsEnabled { if err := managers.EnvVar().AddEnvVarToContainerWithMergeFunc(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAppsecEnabled, + Name: DDAdmissionControllerAppsecEnabled, Value: "true", }, merger.IgnoreNewEnvVarMergeFunction); err != nil { return err @@ -92,7 +92,7 @@ func (f *asmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er if f.iastEnabled { if err := managers.EnvVar().AddEnvVarToContainerWithMergeFunc(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerIASTEnabled, + Name: DDAdmissionControllerIASTEnabled, Value: "true", }, merger.IgnoreNewEnvVarMergeFunction); err != nil { return err @@ -101,7 +101,7 @@ func (f *asmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er if f.scaEnabled { if err := managers.EnvVar().AddEnvVarToContainerWithMergeFunc(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAdmissionControllerAppsecSCAEnabled, + Name: DDAdmissionControllerAppsecSCAEnabled, Value: "true", }, merger.IgnoreNewEnvVarMergeFunction); err != nil { return err diff --git a/internal/controller/datadogagent/feature/asm/feature_test.go b/internal/controller/datadogagent/feature/asm/feature_test.go index a9da36f43..fd4a3e329 100644 --- a/internal/controller/datadogagent/feature/asm/feature_test.go +++ b/internal/controller/datadogagent/feature/asm/feature_test.go @@ -9,10 +9,10 @@ import ( "testing" apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/stretchr/testify/require" corev1 "k8s.io/api/core/v1" @@ -52,7 +52,7 @@ func TestASMFeature(t *testing.T) { test.FeatureTestSuite{ { Name: "ASM not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithASMEnabled(false, false, false). Build(), @@ -60,17 +60,17 @@ func TestASMFeature(t *testing.T) { }, { Name: "ASM Threats enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithASMEnabled(true, false, false). Build(), WantConfigure: true, - ClusterAgent: assertEnv(envVar{name: apicommon.DDAdmissionControllerAppsecEnabled, value: "true", present: true}), + ClusterAgent: assertEnv(envVar{name: DDAdmissionControllerAppsecEnabled, value: "true", present: true}), }, { Name: "ASM Threats enabled, admission controller not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(false). WithASMEnabled(true, false, false). Build(), @@ -79,7 +79,7 @@ func TestASMFeature(t *testing.T) { }, { Name: "ASM Threats enabled, admission controller not configured", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithASMEnabled(true, false, false). Build(), @@ -87,27 +87,27 @@ func TestASMFeature(t *testing.T) { }, { Name: "ASM SCA enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithASMEnabled(false, true, false). WithAdmissionControllerEnabled(true). Build(), WantConfigure: true, - ClusterAgent: assertEnv(envVar{name: apicommon.DDAdmissionControllerAppsecSCAEnabled, value: "true", present: true}), + ClusterAgent: assertEnv(envVar{name: DDAdmissionControllerAppsecSCAEnabled, value: "true", present: true}), }, { Name: "ASM IAST enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithASMEnabled(false, false, true). WithAdmissionControllerEnabled(true). Build(), WantConfigure: true, - ClusterAgent: assertEnv(envVar{name: apicommon.DDAdmissionControllerIASTEnabled, value: "true", present: true}), + ClusterAgent: assertEnv(envVar{name: DDAdmissionControllerIASTEnabled, value: "true", present: true}), }, { Name: "ASM all enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithAdmissionControllerEnabled(true). WithASMEnabled(true, true, true). Build(), @@ -115,15 +115,15 @@ func TestASMFeature(t *testing.T) { WantConfigure: true, ClusterAgent: assertEnv( envVar{ - name: apicommon.DDAdmissionControllerAppsecEnabled, + name: DDAdmissionControllerAppsecEnabled, value: "true", present: true, }, envVar{ - name: apicommon.DDAdmissionControllerAppsecSCAEnabled, + name: DDAdmissionControllerAppsecSCAEnabled, value: "true", present: true, }, envVar{ - name: apicommon.DDAdmissionControllerIASTEnabled, + name: DDAdmissionControllerIASTEnabled, value: "true", present: true, }), diff --git a/internal/controller/datadogagent/feature/autoscaling/envvar.go b/internal/controller/datadogagent/feature/autoscaling/envvar.go new file mode 100644 index 000000000..8eb8d740c --- /dev/null +++ b/internal/controller/datadogagent/feature/autoscaling/envvar.go @@ -0,0 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package autoscaling + +const DDAutoscalingWorkloadEnabled = "DD_AUTOSCALING_WORKLOAD_ENABLED" diff --git a/internal/controller/datadogagent/feature/autoscaling/feature.go b/internal/controller/datadogagent/feature/autoscaling/feature.go index 0c9a0d40e..2ce02f175 100644 --- a/internal/controller/datadogagent/feature/autoscaling/feature.go +++ b/internal/controller/datadogagent/feature/autoscaling/feature.go @@ -12,6 +12,7 @@ import ( "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" componentdca "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/clusteragent" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/go-logr/logr" @@ -63,7 +64,7 @@ func (f *autoscalingFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp feat admission := dda.Spec.Features.AdmissionController f.admissionControllerActivated = apiutils.BoolValue(admission.Enabled) - f.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) + f.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) return feature.RequiredComponents{ ClusterAgent: feature.RequiredComponent{IsRequired: apiutils.NewBoolPointer(true)}, @@ -85,7 +86,7 @@ func (f *autoscalingFeature) ManageDependencies(managers feature.ResourceManager // It should do nothing if the feature doesn't need to configure it. func (f *autoscalingFeature) ManageClusterAgent(managers feature.PodTemplateManagers) error { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDAutoscalingWorkloadEnabled, + Name: DDAutoscalingWorkloadEnabled, Value: "true", }) diff --git a/internal/controller/datadogagent/feature/autoscaling/feature_test.go b/internal/controller/datadogagent/feature/autoscaling/feature_test.go index 31e84e97c..625e629ba 100644 --- a/internal/controller/datadogagent/feature/autoscaling/feature_test.go +++ b/internal/controller/datadogagent/feature/autoscaling/feature_test.go @@ -152,7 +152,7 @@ func testDCAResources(enabled bool) *test.ComponentTest { if enabled { expectedAgentEnvs = append(expectedAgentEnvs, &corev1.EnvVar{ - Name: apicommon.DDAutoscalingWorkloadEnabled, + Name: DDAutoscalingWorkloadEnabled, Value: "true", }, ) diff --git a/internal/controller/datadogagent/feature/clusterchecks/const.go b/internal/controller/datadogagent/feature/clusterchecks/const.go new file mode 100644 index 000000000..42342bb81 --- /dev/null +++ b/internal/controller/datadogagent/feature/clusterchecks/const.go @@ -0,0 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package clusterchecks + +const ClusterChecksConfigProvider = "clusterchecks" diff --git a/internal/controller/datadogagent/feature/clusterchecks/envvar.go b/internal/controller/datadogagent/feature/clusterchecks/envvar.go new file mode 100644 index 000000000..34d717b88 --- /dev/null +++ b/internal/controller/datadogagent/feature/clusterchecks/envvar.go @@ -0,0 +1,12 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package clusterchecks + +const ( + DDClusterChecksEnabled = "DD_CLUSTER_CHECKS_ENABLED" + DDExtraConfigProviders = "DD_EXTRA_CONFIG_PROVIDERS" + DDExtraListeners = "DD_EXTRA_LISTENERS" +) diff --git a/internal/controller/datadogagent/feature/clusterchecks/feature.go b/internal/controller/datadogagent/feature/clusterchecks/feature.go index 168c56ebd..fd780132e 100644 --- a/internal/controller/datadogagent/feature/clusterchecks/feature.go +++ b/internal/controller/datadogagent/feature/clusterchecks/feature.go @@ -13,6 +13,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" cilium "github.com/DataDog/datadog-operator/pkg/cilium/v1" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/go-logr/logr" @@ -60,7 +61,7 @@ func (f *clusterChecksFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp fe f.updateConfigHash(dda) f.owner = dda - if enabled, flavor := v2alpha1.IsNetworkPolicyEnabled(dda); enabled { + if enabled, flavor := constants.IsNetworkPolicyEnabled(dda); enabled { if flavor == v2alpha1.NetworkPolicyFlavorCilium { f.createCiliumNetworkPolicy = true } else { @@ -140,7 +141,7 @@ func (f *clusterChecksFeature) ManageClusterAgent(managers feature.PodTemplateMa managers.EnvVar().AddEnvVarToContainer( apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDClusterChecksEnabled, + Name: DDClusterChecksEnabled, Value: "true", }, ) @@ -148,7 +149,7 @@ func (f *clusterChecksFeature) ManageClusterAgent(managers feature.PodTemplateMa managers.EnvVar().AddEnvVarToContainer( apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDExtraConfigProviders, + Name: DDExtraConfigProviders, Value: v2alpha1.KubeServicesAndEndpointsConfigProviders, }, ) @@ -156,7 +157,7 @@ func (f *clusterChecksFeature) ManageClusterAgent(managers feature.PodTemplateMa managers.EnvVar().AddEnvVarToContainer( apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDExtraListeners, + Name: DDExtraListeners, Value: v2alpha1.KubeServicesAndEndpointsListeners, }, ) @@ -186,7 +187,7 @@ func (f *clusterChecksFeature) manageNodeAgent(agentContainerName apicommon.Agen managers.EnvVar().AddEnvVarToContainer( agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDExtraConfigProviders, + Name: DDExtraConfigProviders, Value: v2alpha1.EndpointsChecksConfigProvider, }, ) @@ -194,7 +195,7 @@ func (f *clusterChecksFeature) manageNodeAgent(agentContainerName apicommon.Agen managers.EnvVar().AddEnvVarToContainer( agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDExtraConfigProviders, + Name: DDExtraConfigProviders, Value: v2alpha1.ClusterAndEndpointsConfigProviders, }, ) @@ -208,7 +209,7 @@ func (f *clusterChecksFeature) ManageClusterChecksRunner(managers feature.PodTem managers.EnvVar().AddEnvVarToContainer( apicommon.ClusterChecksRunnersContainerName, &corev1.EnvVar{ - Name: apicommon.DDClusterChecksEnabled, + Name: DDClusterChecksEnabled, Value: "true", }, ) @@ -216,8 +217,8 @@ func (f *clusterChecksFeature) ManageClusterChecksRunner(managers feature.PodTem managers.EnvVar().AddEnvVarToContainer( apicommon.ClusterChecksRunnersContainerName, &corev1.EnvVar{ - Name: apicommon.DDExtraConfigProviders, - Value: apicommon.ClusterChecksConfigProvider, + Name: DDExtraConfigProviders, + Value: ClusterChecksConfigProvider, }, ) } diff --git a/internal/controller/datadogagent/feature/clusterchecks/feature_test.go b/internal/controller/datadogagent/feature/clusterchecks/feature_test.go index 2a87930b6..f1eaf1055 100644 --- a/internal/controller/datadogagent/feature/clusterchecks/feature_test.go +++ b/internal/controller/datadogagent/feature/clusterchecks/feature_test.go @@ -15,11 +15,11 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -41,7 +41,7 @@ func TestClusterChecksFeature(t *testing.T) { }, { Name: "cluster checks not enabled and runners not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(false). WithClusterChecksUseCLCEnabled(false). Build(), @@ -50,7 +50,7 @@ func TestClusterChecksFeature(t *testing.T) { }, { Name: "cluster checks not enabled and runners enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(false). WithClusterChecksUseCLCEnabled(true). Build(), @@ -59,7 +59,7 @@ func TestClusterChecksFeature(t *testing.T) { }, { Name: "cluster checks enabled and runners not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(true). WithClusterChecksUseCLCEnabled(false). Build(), @@ -69,7 +69,7 @@ func TestClusterChecksFeature(t *testing.T) { }, { Name: "cluster checks enabled and runners not enabled with single container strategy", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(true). WithClusterChecksUseCLCEnabled(false). WithSingleContainerStrategy(true). @@ -80,7 +80,7 @@ func TestClusterChecksFeature(t *testing.T) { }, { Name: "cluster checks enabled and runners enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(true). WithClusterChecksUseCLCEnabled(true). Build(), @@ -91,7 +91,7 @@ func TestClusterChecksFeature(t *testing.T) { }, { Name: "cluster checks enabled and runners enabled with single container strategy", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(true). WithClusterChecksUseCLCEnabled(true). WithSingleContainerStrategy(true). @@ -110,7 +110,7 @@ func TestClusterAgentChecksumsDifferentForDifferentConfig(t *testing.T) { logf.SetLogger(zap.New(zap.UseDevMode(true))) logger := logf.Log.WithName("checksum unique") - annotationKey := fmt.Sprintf(apicommon.MD5ChecksumAnnotationKey, feature.ClusterChecksIDType) + annotationKey := fmt.Sprintf(v2alpha1.MD5ChecksumAnnotationKey, feature.ClusterChecksIDType) feature := buildClusterChecksFeature(&feature.Options{ Logger: logger, }) @@ -126,19 +126,19 @@ func TestClusterAgentChecksumsDifferentForDifferentConfig(t *testing.T) { }, }, }, - v2alpha1test.NewDatadogAgentBuilder(). + testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(false). WithClusterChecksUseCLCEnabled(false). Build(), - v2alpha1test.NewDatadogAgentBuilder(). + testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(false). WithClusterChecksUseCLCEnabled(true). Build(), - v2alpha1test.NewDatadogAgentBuilder(). + testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(true). WithClusterChecksUseCLCEnabled(false). Build(), - v2alpha1test.NewDatadogAgentBuilder(). + testutils.NewDatadogAgentBuilder(). WithClusterChecksEnabled(true). WithClusterChecksUseCLCEnabled(true). Build(), @@ -166,15 +166,15 @@ func wantClusterAgentHasExpectedEnvs(t testing.TB, mgrInterface feature.PodTempl clusterAgentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommon.ClusterAgentContainerName] expectedClusterAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDClusterChecksEnabled, + Name: DDClusterChecksEnabled, Value: "true", }, { - Name: apicommon.DDExtraConfigProviders, + Name: DDExtraConfigProviders, Value: v2alpha1.KubeServicesAndEndpointsConfigProviders, }, { - Name: apicommon.DDExtraListeners, + Name: DDExtraListeners, Value: v2alpha1.KubeServicesAndEndpointsListeners, }, } @@ -188,7 +188,7 @@ func wantClusterAgentHasExpectedEnvs(t testing.TB, mgrInterface feature.PodTempl func wantClusterAgentHasNonEmptyChecksumAnnotation(t testing.TB, mgrInterface feature.PodTemplateManagers) { mgr := mgrInterface.(*fake.PodTemplateManagers) - annotationKey := fmt.Sprintf(apicommon.MD5ChecksumAnnotationKey, feature.ClusterChecksIDType) + annotationKey := fmt.Sprintf(v2alpha1.MD5ChecksumAnnotationKey, feature.ClusterChecksIDType) annotations := mgr.AnnotationMgr.Annotations assert.NotEmpty(t, annotations[annotationKey]) } @@ -201,12 +201,12 @@ func testClusterChecksRunnerHasExpectedEnvs() *test.ComponentTest { clusterRunnerEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommon.ClusterChecksRunnersContainerName] expectedClusterRunnerEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDClusterChecksEnabled, + Name: DDClusterChecksEnabled, Value: "true", }, { - Name: apicommon.DDExtraConfigProviders, - Value: apicommon.ClusterChecksConfigProvider, + Name: DDExtraConfigProviders, + Value: ClusterChecksConfigProvider, }, } @@ -227,7 +227,7 @@ func testAgentHasExpectedEnvsWithRunners(agentContainerName apicommon.AgentConta agentEnvs := mgr.EnvVarMgr.EnvVarsByC[agentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDExtraConfigProviders, + Name: DDExtraConfigProviders, Value: v2alpha1.EndpointsChecksConfigProvider, }, } @@ -249,7 +249,7 @@ func testAgentHasExpectedEnvsWithNoRunners(agentContainerName apicommon.AgentCon agentEnvs := mgr.EnvVarMgr.EnvVarsByC[agentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDExtraConfigProviders, + Name: DDExtraConfigProviders, Value: v2alpha1.ClusterAndEndpointsConfigProviders, }, } diff --git a/internal/controller/datadogagent/feature/cspm/envvar.go b/internal/controller/datadogagent/feature/cspm/envvar.go new file mode 100644 index 000000000..627ac8232 --- /dev/null +++ b/internal/controller/datadogagent/feature/cspm/envvar.go @@ -0,0 +1,13 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package cspm + +const ( + DDComplianceConfigDir = "DD_COMPLIANCE_CONFIG_DIR" + DDComplianceConfigCheckInterval = "DD_COMPLIANCE_CONFIG_CHECK_INTERVAL" + DDComplianceConfigEnabled = "DD_COMPLIANCE_CONFIG_ENABLED" + DDComplianceHostBenchmarksEnabled = "DD_COMPLIANCE_HOST_BENCHMARKS_ENABLED" +) diff --git a/internal/controller/datadogagent/feature/cspm/feature.go b/internal/controller/datadogagent/feature/cspm/feature.go index 8216cbaa7..e97d48fb4 100644 --- a/internal/controller/datadogagent/feature/cspm/feature.go +++ b/internal/controller/datadogagent/feature/cspm/feature.go @@ -15,6 +15,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/configmap" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/volume" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/kubernetes" @@ -71,7 +72,7 @@ func (f *cspmFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp feature.Req if cspmConfig != nil && apiutils.BoolValue(cspmConfig.Enabled) { f.enable = true - f.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) + f.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) if cspmConfig.CheckInterval != nil { f.checkInterval = strconv.FormatInt(cspmConfig.CheckInterval.Nanoseconds(), 10) @@ -88,7 +89,7 @@ func (f *cspmFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp feature.Req f.customConfigAnnotationValue = hash f.customConfigAnnotationKey = object.GetChecksumAnnotationKey(feature.CSPMIDType) } - f.configMapName = v2alpha1.GetConfName(dda, f.customConfig, v2alpha1.DefaultCSPMConf) + f.configMapName = constants.GetConfName(dda, f.customConfig, v2alpha1.DefaultCSPMConf) if cspmConfig.HostBenchmarks != nil && apiutils.BoolValue(cspmConfig.HostBenchmarks.Enabled) { f.hostBenchmarksEnabled = true @@ -199,14 +200,14 @@ func (f *cspmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) e } enabledEnvVar := &corev1.EnvVar{ - Name: apicommon.DDComplianceConfigEnabled, + Name: DDComplianceConfigEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, enabledEnvVar) if f.checkInterval != "" { intervalEnvVar := &corev1.EnvVar{ - Name: apicommon.DDComplianceConfigCheckInterval, + Name: DDComplianceConfigCheckInterval, Value: f.checkInterval, } managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, intervalEnvVar) @@ -291,53 +292,53 @@ func (f *cspmFeature) ManageNodeAgent(managers feature.PodTemplateManagers, prov } // cgroups volume mount - cgroupsVol, cgroupsVolMount := volume.GetVolumes(apicommon.CgroupsVolumeName, apicommon.CgroupsHostPath, apicommon.CgroupsMountPath, true) + cgroupsVol, cgroupsVolMount := volume.GetVolumes(v2alpha1.CgroupsVolumeName, v2alpha1.CgroupsHostPath, v2alpha1.CgroupsMountPath, true) volMountMgr.AddVolumeMountToContainer(&cgroupsVolMount, apicommon.SecurityAgentContainerName) VolMgr.AddVolume(&cgroupsVol) // passwd volume mount - passwdVol, passwdVolMount := volume.GetVolumes(apicommon.PasswdVolumeName, apicommon.PasswdHostPath, apicommon.PasswdMountPath, true) + passwdVol, passwdVolMount := volume.GetVolumes(v2alpha1.PasswdVolumeName, v2alpha1.PasswdHostPath, v2alpha1.PasswdMountPath, true) volMountMgr.AddVolumeMountToContainer(&passwdVolMount, apicommon.SecurityAgentContainerName) VolMgr.AddVolume(&passwdVol) // procdir volume mount - procdirVol, procdirVolMount := volume.GetVolumes(apicommon.ProcdirVolumeName, apicommon.ProcdirHostPath, apicommon.ProcdirMountPath, true) + procdirVol, procdirVolMount := volume.GetVolumes(v2alpha1.ProcdirVolumeName, v2alpha1.ProcdirHostPath, v2alpha1.ProcdirMountPath, true) volMountMgr.AddVolumeMountToContainer(&procdirVolMount, apicommon.SecurityAgentContainerName) VolMgr.AddVolume(&procdirVol) // host root volume mount - hostRootVol, hostRootVolMount := volume.GetVolumes(apicommon.HostRootVolumeName, apicommon.HostRootHostPath, apicommon.HostRootMountPath, true) + hostRootVol, hostRootVolMount := volume.GetVolumes(v2alpha1.HostRootVolumeName, v2alpha1.HostRootHostPath, v2alpha1.HostRootMountPath, true) volMountMgr.AddVolumeMountToContainer(&hostRootVolMount, apicommon.SecurityAgentContainerName) VolMgr.AddVolume(&hostRootVol) // group volume mount - groupVol, groupVolMount := volume.GetVolumes(apicommon.GroupVolumeName, apicommon.GroupHostPath, apicommon.GroupMountPath, true) + groupVol, groupVolMount := volume.GetVolumes(v2alpha1.GroupVolumeName, v2alpha1.GroupHostPath, v2alpha1.GroupMountPath, true) volMountMgr.AddVolumeMountToContainer(&groupVolMount, apicommon.SecurityAgentContainerName) VolMgr.AddVolume(&groupVol) // env vars enabledEnvVar := &corev1.EnvVar{ - Name: apicommon.DDComplianceConfigEnabled, + Name: DDComplianceConfigEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainers([]apicommon.AgentContainerName{apicommon.CoreAgentContainerName, apicommon.SecurityAgentContainerName}, enabledEnvVar) hostRootEnvVar := &corev1.EnvVar{ - Name: apicommon.DDHostRootEnvVar, - Value: apicommon.HostRootMountPath, + Name: v2alpha1.DDHostRootEnvVar, + Value: v2alpha1.HostRootMountPath, } managers.EnvVar().AddEnvVarToContainer(apicommon.SecurityAgentContainerName, hostRootEnvVar) if f.checkInterval != "" { intervalEnvVar := &corev1.EnvVar{ - Name: apicommon.DDComplianceConfigCheckInterval, + Name: DDComplianceConfigCheckInterval, Value: f.checkInterval, } managers.EnvVar().AddEnvVarToContainer(apicommon.SecurityAgentContainerName, intervalEnvVar) } hostBenchmarksEnabledEnvVar := &corev1.EnvVar{ - Name: apicommon.DDComplianceHostBenchmarksEnabled, + Name: DDComplianceHostBenchmarksEnabled, Value: apiutils.BoolToString(&f.hostBenchmarksEnabled), } managers.EnvVar().AddEnvVarToContainer(apicommon.SecurityAgentContainerName, hostBenchmarksEnabledEnvVar) diff --git a/internal/controller/datadogagent/feature/cspm/feature_test.go b/internal/controller/datadogagent/feature/cspm/feature_test.go index 3c670804e..45de5c1c9 100644 --- a/internal/controller/datadogagent/feature/cspm/feature_test.go +++ b/internal/controller/datadogagent/feature/cspm/feature_test.go @@ -92,11 +92,11 @@ func cspmClusterAgentWantFunc() *test.ComponentTest { want := []*corev1.EnvVar{ { - Name: apicommon.DDComplianceConfigEnabled, + Name: DDComplianceConfigEnabled, Value: "true", }, { - Name: apicommon.DDComplianceConfigCheckInterval, + Name: DDComplianceConfigCheckInterval, Value: "1200000000000", }, } @@ -134,7 +134,7 @@ func cspmClusterAgentWantFunc() *test.ComponentTest { hash, err := comparison.GenerateMD5ForSpec(customConfig) assert.NoError(t, err) wantAnnotations := map[string]string{ - fmt.Sprintf(apicommon.MD5ChecksumAnnotationKey, feature.CSPMIDType): hash, + fmt.Sprintf(v2alpha1.MD5ChecksumAnnotationKey, feature.CSPMIDType): hash, } annotations := mgr.AnnotationMgr.Annotations assert.True(t, apiutils.IsEqualStruct(annotations, wantAnnotations), "Annotations \ndiff = %s", cmp.Diff(annotations, wantAnnotations)) @@ -150,19 +150,19 @@ func cspmAgentNodeWantFunc() *test.ComponentTest { want := []*corev1.EnvVar{ { - Name: apicommon.DDComplianceConfigEnabled, + Name: DDComplianceConfigEnabled, Value: "true", }, { - Name: apicommon.DDHostRootEnvVar, - Value: apicommon.HostRootMountPath, + Name: v2alpha1.DDHostRootEnvVar, + Value: v2alpha1.HostRootMountPath, }, { - Name: apicommon.DDComplianceConfigCheckInterval, + Name: DDComplianceConfigCheckInterval, Value: "1200000000000", }, { - Name: apicommon.DDComplianceHostBenchmarksEnabled, + Name: DDComplianceHostBenchmarksEnabled, Value: "true", }, } @@ -178,28 +178,28 @@ func cspmAgentNodeWantFunc() *test.ComponentTest { ReadOnly: true, }, { - Name: apicommon.CgroupsVolumeName, - MountPath: apicommon.CgroupsMountPath, + Name: v2alpha1.CgroupsVolumeName, + MountPath: v2alpha1.CgroupsMountPath, ReadOnly: true, }, { - Name: apicommon.PasswdVolumeName, - MountPath: apicommon.PasswdMountPath, + Name: v2alpha1.PasswdVolumeName, + MountPath: v2alpha1.PasswdMountPath, ReadOnly: true, }, { - Name: apicommon.ProcdirVolumeName, - MountPath: apicommon.ProcdirMountPath, + Name: v2alpha1.ProcdirVolumeName, + MountPath: v2alpha1.ProcdirMountPath, ReadOnly: true, }, { - Name: apicommon.HostRootVolumeName, - MountPath: apicommon.HostRootMountPath, + Name: v2alpha1.HostRootVolumeName, + MountPath: v2alpha1.HostRootMountPath, ReadOnly: true, }, { - Name: apicommon.GroupVolumeName, - MountPath: apicommon.GroupMountPath, + Name: v2alpha1.GroupVolumeName, + MountPath: v2alpha1.GroupMountPath, ReadOnly: true, }, } @@ -227,42 +227,42 @@ func cspmAgentNodeWantFunc() *test.ComponentTest { }, }, { - Name: apicommon.CgroupsVolumeName, + Name: v2alpha1.CgroupsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.CgroupsHostPath, + Path: v2alpha1.CgroupsHostPath, }, }, }, { - Name: apicommon.PasswdVolumeName, + Name: v2alpha1.PasswdVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.PasswdHostPath, + Path: v2alpha1.PasswdHostPath, }, }, }, { - Name: apicommon.ProcdirVolumeName, + Name: v2alpha1.ProcdirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ProcdirHostPath, + Path: v2alpha1.ProcdirHostPath, }, }, }, { - Name: apicommon.HostRootVolumeName, + Name: v2alpha1.HostRootVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.HostRootHostPath, + Path: v2alpha1.HostRootHostPath, }, }, }, { - Name: apicommon.GroupVolumeName, + Name: v2alpha1.GroupVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.GroupHostPath, + Path: v2alpha1.GroupHostPath, }, }, }, @@ -275,7 +275,7 @@ func cspmAgentNodeWantFunc() *test.ComponentTest { hash, err := comparison.GenerateMD5ForSpec(customConfig) assert.NoError(t, err) wantAnnotations := map[string]string{ - fmt.Sprintf(apicommon.MD5ChecksumAnnotationKey, feature.CSPMIDType): hash, + fmt.Sprintf(v2alpha1.MD5ChecksumAnnotationKey, feature.CSPMIDType): hash, } annotations := mgr.AnnotationMgr.Annotations assert.True(t, apiutils.IsEqualStruct(annotations, wantAnnotations), "Annotations \ndiff = %s", cmp.Diff(annotations, wantAnnotations)) diff --git a/internal/controller/datadogagent/feature/cws/envvar.go b/internal/controller/datadogagent/feature/cws/envvar.go new file mode 100644 index 000000000..8a1269ba3 --- /dev/null +++ b/internal/controller/datadogagent/feature/cws/envvar.go @@ -0,0 +1,17 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package cws + +const ( + DDRuntimeSecurityConfigEnabled = "DD_RUNTIME_SECURITY_CONFIG_ENABLED" + DDRuntimeSecurityConfigPoliciesDir = "DD_RUNTIME_SECURITY_CONFIG_POLICIES_DIR" + DDRuntimeSecurityConfigRemoteTaggerEnabled = "DD_RUNTIME_SECURITY_CONFIG_REMOTE_TAGGER" + DDRuntimeSecurityConfigSocket = "DD_RUNTIME_SECURITY_CONFIG_SOCKET" + DDRuntimeSecurityConfigSyscallMonitorEnabled = "DD_RUNTIME_SECURITY_CONFIG_SYSCALL_MONITOR_ENABLED" + DDRuntimeSecurityConfigNetworkEnabled = "DD_RUNTIME_SECURITY_CONFIG_NETWORK_ENABLED" + DDRuntimeSecurityConfigActivityDumpEnabled = "DD_RUNTIME_SECURITY_CONFIG_ACTIVITY_DUMP_ENABLED" + DDRuntimeSecurityConfigRemoteConfigurationEnabled = "DD_RUNTIME_SECURITY_CONFIG_REMOTE_CONFIGURATION_ENABLED" +) diff --git a/internal/controller/datadogagent/feature/cws/feature.go b/internal/controller/datadogagent/feature/cws/feature.go index 03d35aa15..2d05eb42f 100644 --- a/internal/controller/datadogagent/feature/cws/feature.go +++ b/internal/controller/datadogagent/feature/cws/feature.go @@ -16,6 +16,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/agent" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/configmap" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/go-logr/logr" @@ -85,7 +86,7 @@ func (f *cwsFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp feature.Requ f.customConfigAnnotationValue = hash f.customConfigAnnotationKey = object.GetChecksumAnnotationKey(feature.CWSIDType) } - f.configMapName = v2alpha1.GetConfName(dda, f.customConfig, v2alpha1.DefaultCWSConf) + f.configMapName = constants.GetConfName(dda, f.customConfig, v2alpha1.DefaultCWSConf) if cwsConfig.Network != nil { f.networkEnabled = apiutils.BoolValue(cwsConfig.Network.Enabled) @@ -175,7 +176,7 @@ func (f *cwsFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplate // It should do nothing if the feature doesn't need to configure it. func (f *cwsFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { // annotations - managers.Annotation().AddAnnotation(apicommon.SystemProbeAppArmorAnnotationKey, apicommon.SystemProbeAppArmorAnnotationValue) + managers.Annotation().AddAnnotation(v2alpha1.SystemProbeAppArmorAnnotationKey, v2alpha1.SystemProbeAppArmorAnnotationValue) // security context capabilities managers.SecurityContext().AddCapabilitiesToContainer(agent.DefaultCapabilitiesForSystemProbe(), apicommon.SystemProbeContainerName) @@ -190,20 +191,20 @@ func (f *cwsFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi } enabledEnvVar := &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigEnabled, + Name: DDRuntimeSecurityConfigEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainers(containersForEnvVars, enabledEnvVar) runtimeSocketEnvVar := &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigSocket, - Value: filepath.Join(apicommon.SystemProbeSocketVolumePath, "runtime-security.sock"), + Name: DDRuntimeSecurityConfigSocket, + Value: filepath.Join(v2alpha1.SystemProbeSocketVolumePath, "runtime-security.sock"), } managers.EnvVar().AddEnvVarToContainers(containersForEnvVars, runtimeSocketEnvVar) if f.syscallMonitorEnabled { monitorEnvVar := &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigSyscallMonitorEnabled, + Name: DDRuntimeSecurityConfigSyscallMonitorEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainers(containersForEnvVars, monitorEnvVar) @@ -211,7 +212,7 @@ func (f *cwsFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi if f.networkEnabled { networkEnvVar := &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigNetworkEnabled, + Name: DDRuntimeSecurityConfigNetworkEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainer(apicommon.SystemProbeContainerName, networkEnvVar) @@ -219,7 +220,7 @@ func (f *cwsFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi if f.activityDumpEnabled { adEnvVar := &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigActivityDumpEnabled, + Name: DDRuntimeSecurityConfigActivityDumpEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainer(apicommon.SystemProbeContainerName, adEnvVar) @@ -227,21 +228,21 @@ func (f *cwsFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi if f.remoteConfigurationEnabled { rcEnvVar := &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigRemoteConfigurationEnabled, + Name: DDRuntimeSecurityConfigRemoteConfigurationEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainer(apicommon.SystemProbeContainerName, rcEnvVar) } policiesDirEnvVar := &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigPoliciesDir, + Name: DDRuntimeSecurityConfigPoliciesDir, Value: securityAgentRuntimePoliciesDirVolumePath, } managers.EnvVar().AddEnvVarToContainer(apicommon.SystemProbeContainerName, policiesDirEnvVar) hostRootEnvVar := &corev1.EnvVar{ - Name: apicommon.DDHostRootEnvVar, - Value: apicommon.HostRootMountPath, + Name: v2alpha1.DDHostRootEnvVar, + Value: v2alpha1.HostRootMountPath, } managers.EnvVar().AddEnvVarToContainer(apicommon.SecurityAgentContainerName, hostRootEnvVar) @@ -249,7 +250,7 @@ func (f *cwsFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi volMgr := managers.Volume() // debugfs volume mount - debugfsVol, debugfsVolMount := volume.GetVolumes(apicommon.DebugfsVolumeName, apicommon.DebugfsPath, apicommon.DebugfsPath, false) + debugfsVol, debugfsVolMount := volume.GetVolumes(v2alpha1.DebugfsVolumeName, v2alpha1.DebugfsPath, v2alpha1.DebugfsPath, false) volMountMgr.AddVolumeMountToContainer(&debugfsVolMount, apicommon.SystemProbeContainerName) volMgr.AddVolume(&debugfsVol) @@ -264,10 +265,10 @@ func (f *cwsFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi volMgr.AddVolume(&securityfsVol) // socket volume mount (needs write perms for the system probe container but not the others) - socketVol, socketVolMount := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, false) + socketVol, socketVolMount := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, false) volMountMgr.AddVolumeMountToContainer(&socketVolMount, apicommon.SystemProbeContainerName) - _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, true) + _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, true) managers.VolumeMount().AddVolumeMountToContainers( &socketVolMountReadOnly, []apicommon.AgentContainerName{ @@ -278,27 +279,27 @@ func (f *cwsFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi volMgr.AddVolume(&socketVol) // procdir volume mount - procdirVol, procdirVolMount := volume.GetVolumes(apicommon.ProcdirVolumeName, apicommon.ProcdirHostPath, apicommon.ProcdirMountPath, true) + procdirVol, procdirVolMount := volume.GetVolumes(v2alpha1.ProcdirVolumeName, v2alpha1.ProcdirHostPath, v2alpha1.ProcdirMountPath, true) volMountMgr.AddVolumeMountToContainer(&procdirVolMount, apicommon.SystemProbeContainerName) volMgr.AddVolume(&procdirVol) // passwd volume mount - passwdVol, passwdVolMount := volume.GetVolumes(apicommon.PasswdVolumeName, apicommon.PasswdHostPath, apicommon.PasswdMountPath, true) + passwdVol, passwdVolMount := volume.GetVolumes(v2alpha1.PasswdVolumeName, v2alpha1.PasswdHostPath, v2alpha1.PasswdMountPath, true) volMountMgr.AddVolumeMountToContainer(&passwdVolMount, apicommon.SystemProbeContainerName) volMgr.AddVolume(&passwdVol) // group volume mount - groupVol, groupVolMount := volume.GetVolumes(apicommon.GroupVolumeName, apicommon.GroupHostPath, apicommon.GroupMountPath, true) + groupVol, groupVolMount := volume.GetVolumes(v2alpha1.GroupVolumeName, v2alpha1.GroupHostPath, v2alpha1.GroupMountPath, true) volMountMgr.AddVolumeMountToContainer(&groupVolMount, apicommon.SystemProbeContainerName) volMgr.AddVolume(&groupVol) // osRelease volume mount - osReleaseVol, osReleaseVolMount := volume.GetVolumes(apicommon.SystemProbeOSReleaseDirVolumeName, apicommon.SystemProbeOSReleaseDirVolumePath, apicommon.SystemProbeOSReleaseDirMountPath, true) + osReleaseVol, osReleaseVolMount := volume.GetVolumes(v2alpha1.SystemProbeOSReleaseDirVolumeName, v2alpha1.SystemProbeOSReleaseDirVolumePath, v2alpha1.SystemProbeOSReleaseDirMountPath, true) volMountMgr.AddVolumeMountToContainer(&osReleaseVolMount, apicommon.SystemProbeContainerName) volMgr.AddVolume(&osReleaseVol) // hostroot volume mount - hostrootVol, hostrootVolMount := volume.GetVolumes(apicommon.HostRootVolumeName, apicommon.HostRootHostPath, apicommon.HostRootMountPath, true) + hostrootVol, hostrootVolMount := volume.GetVolumes(v2alpha1.HostRootVolumeName, v2alpha1.HostRootHostPath, v2alpha1.HostRootMountPath, true) volMountMgr.AddVolumeMountToContainer(&hostrootVolMount, apicommon.SecurityAgentContainerName) volMgr.AddVolume(&hostrootVol) diff --git a/internal/controller/datadogagent/feature/cws/feature_test.go b/internal/controller/datadogagent/feature/cws/feature_test.go index d30b1328b..d6634117f 100644 --- a/internal/controller/datadogagent/feature/cws/feature_test.go +++ b/internal/controller/datadogagent/feature/cws/feature_test.go @@ -111,37 +111,37 @@ func cwsAgentNodeWantFunc(withSubFeatures bool) *test.ComponentTest { securityWant := []*corev1.EnvVar{ { - Name: apicommon.DDRuntimeSecurityConfigEnabled, + Name: DDRuntimeSecurityConfigEnabled, Value: "true", }, { - Name: apicommon.DDRuntimeSecurityConfigSocket, + Name: DDRuntimeSecurityConfigSocket, Value: "/var/run/sysprobe/runtime-security.sock", }, { - Name: apicommon.DDRuntimeSecurityConfigSyscallMonitorEnabled, + Name: DDRuntimeSecurityConfigSyscallMonitorEnabled, Value: "true", }, { - Name: apicommon.DDHostRootEnvVar, - Value: apicommon.HostRootMountPath, + Name: v2alpha1.DDHostRootEnvVar, + Value: v2alpha1.HostRootMountPath, }, { - Name: apicommon.DDRuntimeSecurityConfigPoliciesDir, + Name: DDRuntimeSecurityConfigPoliciesDir, Value: securityAgentRuntimePoliciesDirVolumePath, }, } sysProbeWant := []*corev1.EnvVar{ { - Name: apicommon.DDRuntimeSecurityConfigEnabled, + Name: DDRuntimeSecurityConfigEnabled, Value: "true", }, { - Name: apicommon.DDRuntimeSecurityConfigSocket, + Name: DDRuntimeSecurityConfigSocket, Value: "/var/run/sysprobe/runtime-security.sock", }, { - Name: apicommon.DDRuntimeSecurityConfigSyscallMonitorEnabled, + Name: DDRuntimeSecurityConfigSyscallMonitorEnabled, Value: "true", }, } @@ -149,15 +149,15 @@ func cwsAgentNodeWantFunc(withSubFeatures bool) *test.ComponentTest { sysProbeWant = append( sysProbeWant, &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigNetworkEnabled, + Name: DDRuntimeSecurityConfigNetworkEnabled, Value: "true", }, &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigActivityDumpEnabled, + Name: DDRuntimeSecurityConfigActivityDumpEnabled, Value: "true", }, &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigRemoteConfigurationEnabled, + Name: DDRuntimeSecurityConfigRemoteConfigurationEnabled, Value: "true", }, ) @@ -165,7 +165,7 @@ func cwsAgentNodeWantFunc(withSubFeatures bool) *test.ComponentTest { sysProbeWant = append( sysProbeWant, &corev1.EnvVar{ - Name: apicommon.DDRuntimeSecurityConfigPoliciesDir, + Name: DDRuntimeSecurityConfigPoliciesDir, Value: securityAgentRuntimePoliciesDirVolumePath, }, ) @@ -178,13 +178,13 @@ func cwsAgentNodeWantFunc(withSubFeatures bool) *test.ComponentTest { // check volume mounts securityWantVolumeMount := []corev1.VolumeMount{ { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: true, }, { - Name: apicommon.HostRootVolumeName, - MountPath: apicommon.HostRootMountPath, + Name: v2alpha1.HostRootVolumeName, + MountPath: v2alpha1.HostRootMountPath, ReadOnly: true, }, { @@ -195,8 +195,8 @@ func cwsAgentNodeWantFunc(withSubFeatures bool) *test.ComponentTest { } sysprobeWantVolumeMount := []corev1.VolumeMount{ { - Name: apicommon.DebugfsVolumeName, - MountPath: apicommon.DebugfsPath, + Name: v2alpha1.DebugfsVolumeName, + MountPath: v2alpha1.DebugfsPath, ReadOnly: false, }, { @@ -210,28 +210,28 @@ func cwsAgentNodeWantFunc(withSubFeatures bool) *test.ComponentTest { ReadOnly: true, }, { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: false, }, { - Name: apicommon.ProcdirVolumeName, - MountPath: apicommon.ProcdirMountPath, + Name: v2alpha1.ProcdirVolumeName, + MountPath: v2alpha1.ProcdirMountPath, ReadOnly: true, }, { - Name: apicommon.PasswdVolumeName, - MountPath: apicommon.PasswdMountPath, + Name: v2alpha1.PasswdVolumeName, + MountPath: v2alpha1.PasswdMountPath, ReadOnly: true, }, { - Name: apicommon.GroupVolumeName, - MountPath: apicommon.GroupMountPath, + Name: v2alpha1.GroupVolumeName, + MountPath: v2alpha1.GroupMountPath, ReadOnly: true, }, { - Name: apicommon.SystemProbeOSReleaseDirVolumeName, - MountPath: apicommon.SystemProbeOSReleaseDirMountPath, + Name: v2alpha1.SystemProbeOSReleaseDirVolumeName, + MountPath: v2alpha1.SystemProbeOSReleaseDirMountPath, ReadOnly: true, }, { @@ -249,10 +249,10 @@ func cwsAgentNodeWantFunc(withSubFeatures bool) *test.ComponentTest { // check volumes wantVolumes := []corev1.Volume{ { - Name: apicommon.DebugfsVolumeName, + Name: v2alpha1.DebugfsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DebugfsPath, + Path: v2alpha1.DebugfsPath, }, }, }, @@ -273,48 +273,48 @@ func cwsAgentNodeWantFunc(withSubFeatures bool) *test.ComponentTest { }, }, { - Name: apicommon.SystemProbeSocketVolumeName, + Name: v2alpha1.SystemProbeSocketVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, }, { - Name: apicommon.ProcdirVolumeName, + Name: v2alpha1.ProcdirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ProcdirHostPath, + Path: v2alpha1.ProcdirHostPath, }, }, }, { - Name: apicommon.PasswdVolumeName, + Name: v2alpha1.PasswdVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.PasswdHostPath, + Path: v2alpha1.PasswdHostPath, }, }, }, { - Name: apicommon.GroupVolumeName, + Name: v2alpha1.GroupVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.GroupHostPath, + Path: v2alpha1.GroupHostPath, }, }, }, { - Name: apicommon.SystemProbeOSReleaseDirVolumeName, + Name: v2alpha1.SystemProbeOSReleaseDirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.SystemProbeOSReleaseDirVolumePath, + Path: v2alpha1.SystemProbeOSReleaseDirVolumePath, }, }, }, { - Name: apicommon.HostRootVolumeName, + Name: v2alpha1.HostRootVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.HostRootHostPath, + Path: v2alpha1.HostRootHostPath, }, }, }, @@ -355,8 +355,8 @@ func cwsAgentNodeWantFunc(withSubFeatures bool) *test.ComponentTest { hash, err := comparison.GenerateMD5ForSpec(customConfig) assert.NoError(t, err) wantAnnotations := map[string]string{ - fmt.Sprintf(apicommon.MD5ChecksumAnnotationKey, feature.CWSIDType): hash, - apicommon.SystemProbeAppArmorAnnotationKey: apicommon.SystemProbeAppArmorAnnotationValue, + fmt.Sprintf(v2alpha1.MD5ChecksumAnnotationKey, feature.CWSIDType): hash, + v2alpha1.SystemProbeAppArmorAnnotationKey: v2alpha1.SystemProbeAppArmorAnnotationValue, } annotations := mgr.AnnotationMgr.Annotations assert.True(t, apiutils.IsEqualStruct(annotations, wantAnnotations), "Annotations \ndiff = %s", cmp.Diff(annotations, wantAnnotations)) diff --git a/internal/controller/datadogagent/feature/dogstatsd/envvar.go b/internal/controller/datadogagent/feature/dogstatsd/envvar.go new file mode 100644 index 000000000..dc7f7b3fd --- /dev/null +++ b/internal/controller/datadogagent/feature/dogstatsd/envvar.go @@ -0,0 +1,16 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package dogstatsd + +const ( + DDDogstatsdMapperProfiles = "DD_DOGSTATSD_MAPPER_PROFILES" + DDDogstatsdNonLocalTraffic = "DD_DOGSTATSD_NON_LOCAL_TRAFFIC" + DDDogstatsdOriginDetection = "DD_DOGSTATSD_ORIGIN_DETECTION" + DDDogstatsdOriginDetectionClient = "DD_DOGSTATSD_ORIGIN_DETECTION_CLIENT" + DDDogstatsdTagCardinality = "DD_DOGSTATSD_TAG_CARDINALITY" + DDDogstatsdPort = "DD_DOGSTATSD_PORT" + DDDogstatsdSocket = "DD_DOGSTATSD_SOCKET" +) diff --git a/internal/controller/datadogagent/feature/dogstatsd/feature.go b/internal/controller/datadogagent/feature/dogstatsd/feature.go index 180cf41f0..cb0fd7080 100644 --- a/internal/controller/datadogagent/feature/dogstatsd/feature.go +++ b/internal/controller/datadogagent/feature/dogstatsd/feature.go @@ -21,6 +21,7 @@ import ( featureutils "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/merger" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/volume" + "github.com/DataDog/datadog-operator/pkg/constants" ) func init() { @@ -80,7 +81,7 @@ func (f *dogstatsdFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp featur if dogstatsd.TagCardinality != nil { f.tagCardinality = *dogstatsd.TagCardinality } - f.useHostNetwork = v2alpha1.IsHostNetworkEnabled(dda, v2alpha1.NodeAgentComponentName) + f.useHostNetwork = constants.IsHostNetworkEnabled(dda, v2alpha1.NodeAgentComponentName) if dogstatsd.MapperProfiles != nil { f.mapperProfiles = dogstatsd.MapperProfiles } @@ -88,7 +89,7 @@ func (f *dogstatsdFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp featur if dda.Spec.Global.LocalService != nil { f.forceEnableLocalService = apiutils.BoolValue(dda.Spec.Global.LocalService.ForceEnableLocalService) } - f.localServiceName = v2alpha1.GetLocalAgentServiceName(dda) + f.localServiceName = constants.GetLocalAgentServiceName(dda) f.adpEnabled = featureutils.HasAgentDataPlaneAnnotation(dda) @@ -117,7 +118,7 @@ func (f *dogstatsdFeature) ManageDependencies(managers feature.ResourceManagers, } if f.hostPortEnabled { dsdPort.Port = f.hostPortHostPort - dsdPort.Name = apicommon.DogstatsdHostPortName + dsdPort.Name = v2alpha1.DogstatsdHostPortName if f.useHostNetwork { dsdPort.TargetPort = intstr.FromInt(int(f.hostPortHostPort)) } @@ -150,7 +151,7 @@ func (f *dogstatsdFeature) ManageSingleContainerNodeAgent(managers feature.PodTe // Cluster Checks Runner. if f.adpEnabled { managers.EnvVar().AddEnvVarToContainer(apicommon.CoreAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDDogstatsdEnabled, + Name: v2alpha1.DDDogstatsdEnabled, Value: "false", }) } @@ -174,7 +175,7 @@ func (f *dogstatsdFeature) ManageNodeAgent(managers feature.PodTemplateManagers, f.manageNodeAgent(apicommon.AgentDataPlaneContainerName, managers, provider) managers.EnvVar().AddEnvVarToContainer(apicommon.CoreAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDDogstatsdEnabled, + Name: v2alpha1.DDDogstatsdEnabled, Value: "false", }) } else { @@ -205,11 +206,11 @@ func (f *dogstatsdFeature) manageNodeAgent(agentContainerName apicommon.AgentCon } managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ // defaults to 8125 in datadog-agent code - Name: apicommon.DDDogstatsdPort, + Name: DDDogstatsdPort, Value: strconv.Itoa(dsdPortEnvVarValue), }) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDDogstatsdNonLocalTraffic, + Name: DDDogstatsdNonLocalTraffic, Value: "true", }) } @@ -219,25 +220,25 @@ func (f *dogstatsdFeature) manageNodeAgent(agentContainerName apicommon.AgentCon if f.udsEnabled { udsHostFolder := filepath.Dir(f.udsHostFilepath) sockName := filepath.Base(f.udsHostFilepath) - socketVol, socketVolMount := volume.GetVolumes(apicommon.DogstatsdSocketVolumeName, udsHostFolder, apicommon.DogstatsdSocketLocalPath, false) + socketVol, socketVolMount := volume.GetVolumes(v2alpha1.DogstatsdSocketVolumeName, udsHostFolder, v2alpha1.DogstatsdSocketLocalPath, false) volType := corev1.HostPathDirectoryOrCreate // We need to create the directory on the host if it does not exist. socketVol.VolumeSource.HostPath.Type = &volType managers.VolumeMount().AddVolumeMountToContainerWithMergeFunc(&socketVolMount, agentContainerName, merger.OverrideCurrentVolumeMountMergeFunction) managers.Volume().AddVolume(&socketVol) managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDDogstatsdSocket, - Value: filepath.Join(apicommon.DogstatsdSocketLocalPath, sockName), + Name: DDDogstatsdSocket, + Value: filepath.Join(v2alpha1.DogstatsdSocketLocalPath, sockName), }) } if f.originDetectionEnabled { managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDDogstatsdOriginDetection, + Name: DDDogstatsdOriginDetection, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDDogstatsdOriginDetectionClient, + Name: DDDogstatsdOriginDetectionClient, Value: "true", }) if f.udsEnabled { @@ -247,7 +248,7 @@ func (f *dogstatsdFeature) manageNodeAgent(agentContainerName apicommon.AgentCon // The value validation happens at the Agent level - if the lower(string) is not `low`, `orchestrator` or `high`, the Agent defaults to `low`. if f.tagCardinality != "" { managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDDogstatsdTagCardinality, + Name: DDDogstatsdTagCardinality, Value: f.tagCardinality, }) } @@ -258,7 +259,7 @@ func (f *dogstatsdFeature) manageNodeAgent(agentContainerName apicommon.AgentCon // configdata if f.mapperProfiles.ConfigData != nil { managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDDogstatsdMapperProfiles, + Name: DDDogstatsdMapperProfiles, Value: apiutils.YAMLToJSONString(*f.mapperProfiles.ConfigData), }) // ignore configmap if configdata is set @@ -270,7 +271,7 @@ func (f *dogstatsdFeature) manageNodeAgent(agentContainerName apicommon.AgentCon cmSelector.Name = f.mapperProfiles.ConfigMap.Name cmSelector.Key = f.mapperProfiles.ConfigMap.Items[0].Key managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDDogstatsdMapperProfiles, + Name: DDDogstatsdMapperProfiles, ValueFrom: &corev1.EnvVarSource{ConfigMapKeyRef: &cmSelector}, }) } diff --git a/internal/controller/datadogagent/feature/dogstatsd/feature_test.go b/internal/controller/datadogagent/feature/dogstatsd/feature_test.go index 8bbc3d052..c61933c4e 100644 --- a/internal/controller/datadogagent/feature/dogstatsd/feature_test.go +++ b/internal/controller/datadogagent/feature/dogstatsd/feature_test.go @@ -11,11 +11,11 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -40,7 +40,7 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "dogstatsd udp hostport enabled", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdHostPortEnabled(true).BuildWithDefaults(), WantConfigure: true, Agent: test.NewDefaultComponentTest().WithWantFunc( @@ -51,7 +51,7 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "udp host network", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdHostPortEnabled(true). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ HostNetwork: apiutils.NewBoolPointer(true), @@ -63,18 +63,18 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { // custom udp envvar wantCustomUDPEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDDogstatsdPort, + Name: DDDogstatsdPort, Value: "8125", }, { - Name: apicommon.DDDogstatsdNonLocalTraffic, + Name: DDDogstatsdNonLocalTraffic, Value: "true", }, } customPorts := []*corev1.ContainerPort{ { - Name: apicommon.DogstatsdHostPortName, + Name: v2alpha1.DogstatsdHostPortName, HostPort: 8125, ContainerPort: 8125, Protocol: corev1.ProtocolUDP, @@ -88,7 +88,7 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "udp host network custom host port", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdHostPortEnabled(true). WithDogstatsdHostPortConfig(1234). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ @@ -101,18 +101,18 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { // custom udp envvar wantCustomUDPEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDDogstatsdPort, + Name: DDDogstatsdPort, Value: "1234", }, { - Name: apicommon.DDDogstatsdNonLocalTraffic, + Name: DDDogstatsdNonLocalTraffic, Value: "true", }, } customPorts := []*corev1.ContainerPort{ { - Name: apicommon.DogstatsdHostPortName, + Name: v2alpha1.DogstatsdHostPortName, HostPort: 1234, ContainerPort: 1234, Protocol: corev1.ProtocolUDP, @@ -126,7 +126,7 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "udp custom host port", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdHostPortEnabled(true). WithDogstatsdHostPortConfig(1234).BuildWithDefaults(), WantConfigure: true, @@ -135,20 +135,20 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { // custom udp envvar wantCustomUDPEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDDogstatsdPort, + Name: DDDogstatsdPort, Value: "8125", }, { - Name: apicommon.DDDogstatsdNonLocalTraffic, + Name: DDDogstatsdNonLocalTraffic, Value: "true", }, } customPorts := []*corev1.ContainerPort{ { - Name: apicommon.DogstatsdHostPortName, + Name: v2alpha1.DogstatsdHostPortName, HostPort: 1234, - ContainerPort: apicommon.DogstatsdHostPortHostPort, + ContainerPort: v2alpha1.DogstatsdHostPortHostPort, Protocol: corev1.ProtocolUDP, }, } @@ -160,7 +160,7 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "udp host port enabled no custom host port", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdHostPortEnabled(true). BuildWithDefaults(), WantConfigure: true, @@ -169,18 +169,18 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { // custom udp envvar wantCustomUDPEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDDogstatsdPort, + Name: DDDogstatsdPort, Value: "8125", }, { - Name: apicommon.DDDogstatsdNonLocalTraffic, + Name: DDDogstatsdNonLocalTraffic, Value: "true", }, } customPorts := []*corev1.ContainerPort{ { - Name: apicommon.DogstatsdHostPortName, + Name: v2alpha1.DogstatsdHostPortName, HostPort: 8125, ContainerPort: v2alpha1.DefaultDogstatsdPort, Protocol: corev1.ProtocolUDP, @@ -194,7 +194,7 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "udp origin detection enabled", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdHostPortEnabled(true). WithDogstatsdOriginDetectionEnabled(true).BuildWithDefaults(), WantConfigure: true, @@ -207,7 +207,7 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "uds disabled", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdUnixDomainSocketConfigEnabled(false).BuildWithDefaults(), WantConfigure: true, Agent: test.NewDefaultComponentTest().WithWantFunc( @@ -218,21 +218,21 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "uds custom host filepath", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdUnixDomainSocketConfigPath(customPath).BuildWithDefaults(), WantConfigure: true, Agent: test.NewDefaultComponentTest().WithWantFunc( func(t testing.TB, mgrInterface feature.PodTemplateManagers) { customVolumeMounts := []*corev1.VolumeMount{ { - Name: apicommon.DogstatsdSocketVolumeName, - MountPath: apicommon.DogstatsdSocketLocalPath, + Name: v2alpha1.DogstatsdSocketVolumeName, + MountPath: v2alpha1.DogstatsdSocketLocalPath, ReadOnly: false, }, } customVolumes := []*corev1.Volume{ { - Name: apicommon.DogstatsdSocketVolumeName, + Name: v2alpha1.DogstatsdSocketVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ Path: customVolumePath, @@ -249,7 +249,7 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "uds origin detection", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdOriginDetectionEnabled(true).BuildWithDefaults(), WantConfigure: true, Agent: test.NewDefaultComponentTest().WithWantFunc( @@ -262,14 +262,14 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "mapper profiles", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdMapperProfiles(customMapperProfilesConf).BuildWithDefaults(), WantConfigure: true, Agent: test.NewDefaultComponentTest().WithWantFunc( func(t testing.TB, mgrInterface feature.PodTemplateManagers) { // mapper profiles envvar mapperProfilesEnvVar := corev1.EnvVar{ - Name: apicommon.DDDogstatsdMapperProfiles, + Name: DDDogstatsdMapperProfiles, Value: customMapperProfilesJSON, } @@ -279,14 +279,14 @@ func Test_DogstatsdFeature_Configure(t *testing.T) { }, { Name: "udp origin detection enabled, orchestrator tag cardinality", - DDA: v2alpha1test.NewDefaultDatadogAgentBuilder(). + DDA: testutils.NewDefaultDatadogAgentBuilder(). WithDogstatsdHostPortEnabled(true). WithDogstatsdTagCardinality("orchestrator").BuildWithDefaults(), WantConfigure: true, Agent: test.NewDefaultComponentTest().WithWantFunc( func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantTagCardinalityEnvVar := corev1.EnvVar{ - Name: apicommon.DDDogstatsdTagCardinality, + Name: DDDogstatsdTagCardinality, Value: "orchestrator", } customEnvVars := append(getWantUDPEnvVars(), getOriginDetectionEnvVar(), getOriginDetectionClientEnvVar(), &wantTagCardinalityEnvVar) @@ -307,9 +307,9 @@ func getVolType() *corev1.HostPathType { func getWantHostPorts() []*corev1.ContainerPort { wantHostPorts := []*corev1.ContainerPort{ { - Name: apicommon.DogstatsdHostPortName, - HostPort: apicommon.DogstatsdHostPortHostPort, - ContainerPort: apicommon.DogstatsdHostPortHostPort, + Name: v2alpha1.DogstatsdHostPortName, + HostPort: v2alpha1.DogstatsdHostPortHostPort, + ContainerPort: v2alpha1.DogstatsdHostPortHostPort, Protocol: corev1.ProtocolUDP, }, } @@ -319,8 +319,8 @@ func getWantHostPorts() []*corev1.ContainerPort { func getWantContainerPorts() []*corev1.ContainerPort { wantContainerPorts := []*corev1.ContainerPort{ { - Name: apicommon.DogstatsdHostPortName, - ContainerPort: apicommon.DogstatsdHostPortHostPort, + Name: v2alpha1.DogstatsdHostPortName, + ContainerPort: v2alpha1.DogstatsdHostPortHostPort, Protocol: corev1.ProtocolUDP, }, } @@ -329,7 +329,7 @@ func getWantContainerPorts() []*corev1.ContainerPort { func getOriginDetectionEnvVar() *corev1.EnvVar { originDetectionEnvVar := corev1.EnvVar{ - Name: apicommon.DDDogstatsdOriginDetection, + Name: DDDogstatsdOriginDetection, Value: "true", } return &originDetectionEnvVar @@ -337,7 +337,7 @@ func getOriginDetectionEnvVar() *corev1.EnvVar { func getOriginDetectionClientEnvVar() *corev1.EnvVar { originDetectionClientEnvVar := corev1.EnvVar{ - Name: apicommon.DDDogstatsdOriginDetectionClient, + Name: DDDogstatsdOriginDetectionClient, Value: "true", } return &originDetectionClientEnvVar @@ -346,8 +346,8 @@ func getOriginDetectionClientEnvVar() *corev1.EnvVar { func getCustomEnvVar() []*corev1.EnvVar { customEnvVar := []*corev1.EnvVar{ { - Name: apicommon.DDDogstatsdSocket, - Value: apicommon.DogstatsdSocketLocalPath + "/" + customSock, + Name: DDDogstatsdSocket, + Value: v2alpha1.DogstatsdSocketLocalPath + "/" + customSock, }, } return customEnvVar @@ -356,8 +356,8 @@ func getCustomEnvVar() []*corev1.EnvVar { func getWantUDSEnvVars() []*corev1.EnvVar { wantUDSEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDDogstatsdSocket, - Value: apicommon.DogstatsdSocketLocalPath + "/" + apicommon.DogstatsdSocketName, + Name: DDDogstatsdSocket, + Value: v2alpha1.DogstatsdSocketLocalPath + "/" + v2alpha1.DogstatsdSocketName, }, } return wantUDSEnvVars @@ -366,11 +366,11 @@ func getWantUDSEnvVars() []*corev1.EnvVar { func getWantUDPEnvVars() []*corev1.EnvVar { wantUDPEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDDogstatsdPort, + Name: DDDogstatsdPort, Value: strconv.Itoa(v2alpha1.DefaultDogstatsdPort), }, { - Name: apicommon.DDDogstatsdNonLocalTraffic, + Name: DDDogstatsdNonLocalTraffic, Value: "true", }, } @@ -381,10 +381,10 @@ func getWantVolumes() []*corev1.Volume { volType := corev1.HostPathDirectoryOrCreate wantVolumes := []*corev1.Volume{ { - Name: apicommon.DogstatsdSocketVolumeName, + Name: v2alpha1.DogstatsdSocketVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DogstatsdAPMSocketHostPath, + Path: v2alpha1.DogstatsdAPMSocketHostPath, Type: &volType, }, }, @@ -396,8 +396,8 @@ func getWantVolumes() []*corev1.Volume { func getWantVolumeMounts() []*corev1.VolumeMount { wantVolumeMounts := []*corev1.VolumeMount{ { - Name: apicommon.DogstatsdSocketVolumeName, - MountPath: apicommon.DogstatsdSocketLocalPath, + Name: v2alpha1.DogstatsdSocketVolumeName, + MountPath: v2alpha1.DogstatsdSocketLocalPath, ReadOnly: false, }, } diff --git a/internal/controller/datadogagent/feature/ebpfcheck/envvar.go b/internal/controller/datadogagent/feature/ebpfcheck/envvar.go new file mode 100644 index 000000000..edd313bec --- /dev/null +++ b/internal/controller/datadogagent/feature/ebpfcheck/envvar.go @@ -0,0 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package ebpfcheck + +const DDEnableEBPFCheckEnvVar = "DD_EBPF_CHECK_ENABLED" diff --git a/internal/controller/datadogagent/feature/ebpfcheck/feature.go b/internal/controller/datadogagent/feature/ebpfcheck/feature.go index 89d46893c..0a9bcc2b4 100644 --- a/internal/controller/datadogagent/feature/ebpfcheck/feature.go +++ b/internal/controller/datadogagent/feature/ebpfcheck/feature.go @@ -1,3 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + package ebpfcheck import ( @@ -62,21 +67,21 @@ func (f *ebpfCheckFeature) ManageNodeAgent(managers feature.PodTemplateManagers, managers.SecurityContext().AddCapabilitiesToContainer(agent.DefaultCapabilitiesForSystemProbe(), apicommon.SystemProbeContainerName) // debugfs volume mount - debugfsVol, debugfsVolMount := volume.GetVolumes(apicommon.DebugfsVolumeName, apicommon.DebugfsPath, apicommon.DebugfsPath, false) + debugfsVol, debugfsVolMount := volume.GetVolumes(v2alpha1.DebugfsVolumeName, v2alpha1.DebugfsPath, v2alpha1.DebugfsPath, false) managers.Volume().AddVolume(&debugfsVol) managers.VolumeMount().AddVolumeMountToContainers(&debugfsVolMount, []apicommon.AgentContainerName{apicommon.SystemProbeContainerName}) // socket volume mount (needs write perms for the system probe container but not the others) - socketVol, socketVolMount := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, false) + socketVol, socketVolMount := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, false) managers.Volume().AddVolume(&socketVol) managers.VolumeMount().AddVolumeMountToContainer(&socketVolMount, apicommon.SystemProbeContainerName) - _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, true) + _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, true) managers.VolumeMount().AddVolumeMountToContainer(&socketVolMountReadOnly, apicommon.CoreAgentContainerName) // env vars enableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDEnableEBPFCheckEnvVar, + Name: DDEnableEBPFCheckEnvVar, Value: "true", } @@ -84,7 +89,7 @@ func (f *ebpfCheckFeature) ManageNodeAgent(managers feature.PodTemplateManagers, managers.EnvVar().AddEnvVarToInitContainer(apicommon.InitConfigContainerName, enableEnvVar) socketEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, } diff --git a/internal/controller/datadogagent/feature/ebpfcheck/feature_test.go b/internal/controller/datadogagent/feature/ebpfcheck/feature_test.go index c91543cf5..0efbedd37 100644 --- a/internal/controller/datadogagent/feature/ebpfcheck/feature_test.go +++ b/internal/controller/datadogagent/feature/ebpfcheck/feature_test.go @@ -1,3 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + package ebpfcheck import ( @@ -46,21 +51,21 @@ func Test_ebpfCheckFeature_Configure(t *testing.T) { // check volume mounts wantCoreAgentVolMounts := []corev1.VolumeMount{ { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: true, }, } wantSystemProbeVolMounts := []corev1.VolumeMount{ { - Name: apicommon.DebugfsVolumeName, - MountPath: apicommon.DebugfsPath, + Name: v2alpha1.DebugfsVolumeName, + MountPath: v2alpha1.DebugfsPath, ReadOnly: false, }, { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: false, }, } @@ -74,15 +79,15 @@ func Test_ebpfCheckFeature_Configure(t *testing.T) { // check volumes wantVolumes := []corev1.Volume{ { - Name: apicommon.DebugfsVolumeName, + Name: v2alpha1.DebugfsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DebugfsPath, + Path: v2alpha1.DebugfsPath, }, }, }, { - Name: apicommon.SystemProbeSocketVolumeName, + Name: v2alpha1.SystemProbeSocketVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -95,11 +100,11 @@ func Test_ebpfCheckFeature_Configure(t *testing.T) { // check env vars wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDEnableEBPFCheckEnvVar, + Name: DDEnableEBPFCheckEnvVar, Value: "true", }, { - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, }, } diff --git a/internal/controller/datadogagent/feature/enabledefault/envvar.go b/internal/controller/datadogagent/feature/enabledefault/envvar.go new file mode 100644 index 000000000..01948b3fd --- /dev/null +++ b/internal/controller/datadogagent/feature/enabledefault/envvar.go @@ -0,0 +1,15 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package enabledefault + +const ( + DDClusterAgentAuthToken = "DD_CLUSTER_AGENT_AUTH_TOKEN" + DDClusterAgentServiceAccountName = "DD_CLUSTER_AGENT_SERVICE_ACCOUNT_NAME" + + // InstallInfoToolVersion is used by the Operator to override the tool + // version value in the Agent's install info + InstallInfoToolVersion = "DD_TOOL_VERSION" +) diff --git a/internal/controller/datadogagent/feature/enabledefault/feature.go b/internal/controller/datadogagent/feature/enabledefault/feature.go index 762decf48..779033b3a 100644 --- a/internal/controller/datadogagent/feature/enabledefault/feature.go +++ b/internal/controller/datadogagent/feature/enabledefault/feature.go @@ -19,6 +19,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" featureutils "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/DataDog/datadog-operator/pkg/version" @@ -52,7 +53,6 @@ func buildDefaultFeature(options *feature.Options) feature.Feature { if options != nil { dF.logger = options.Logger - dF.otelAgentEnabled = options.OtelAgentEnabled } return dF @@ -68,7 +68,6 @@ type defaultFeature struct { clusterChecksRunner clusterChecksRunnerConfig logger logr.Logger disableNonResourceRules bool - otelAgentEnabled bool adpEnabled bool customConfigAnnotationKey string @@ -126,17 +125,13 @@ func (f *defaultFeature) Configure(dda *v2alpha1.DatadogAgent) feature.RequiredC trueValue := true f.owner = dda - f.clusterAgent.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) - f.agent.serviceAccountName = v2alpha1.GetAgentServiceAccount(dda) - f.clusterChecksRunner.serviceAccountName = v2alpha1.GetClusterChecksRunnerServiceAccount(dda) + f.clusterAgent.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) + f.agent.serviceAccountName = constants.GetAgentServiceAccount(dda) + f.clusterChecksRunner.serviceAccountName = constants.GetClusterChecksRunnerServiceAccount(dda) - f.clusterAgent.serviceAccountAnnotations = v2alpha1.GetClusterAgentServiceAccountAnnotations(dda) - f.agent.serviceAccountAnnotations = v2alpha1.GetAgentServiceAccountAnnotations(dda) - f.clusterChecksRunner.serviceAccountAnnotations = v2alpha1.GetClusterChecksRunnerServiceAccountAnnotations(dda) - - if dda.ObjectMeta.Annotations != nil { - f.otelAgentEnabled = f.otelAgentEnabled || featureutils.HasOtelAgentAnnotation(dda) - } + f.clusterAgent.serviceAccountAnnotations = constants.GetClusterAgentServiceAccountAnnotations(dda) + f.agent.serviceAccountAnnotations = constants.GetAgentServiceAccountAnnotations(dda) + f.clusterChecksRunner.serviceAccountAnnotations = constants.GetClusterChecksRunnerServiceAccountAnnotations(dda) if dda.ObjectMeta.Annotations != nil { f.adpEnabled = featureutils.HasAgentDataPlaneAnnotation(dda) @@ -216,7 +211,7 @@ func (f *defaultFeature) Configure(dda *v2alpha1.DatadogAgent) feature.RequiredC // feature. // // NOTE: This is a temporary solution until the OTel Agent is fully integrated into the Operator via a dedicated feature. - if f.otelAgentEnabled { + if dda.ObjectMeta.Annotations != nil && featureutils.HasOtelAgentAnnotation(dda) { agentContainers = append(agentContainers, apicommon.OtelAgent) } @@ -405,7 +400,7 @@ func (f *defaultFeature) ManageClusterAgent(managers feature.PodTemplateManagers managers.Annotation().AddAnnotation(f.customConfigAnnotationKey, f.customConfigAnnotationValue) } managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDClusterAgentServiceAccountName, + Name: DDClusterAgentServiceAccountName, Value: f.clusterAgent.serviceAccountName, }) managers.EnvVar().AddEnvVar(&corev1.EnvVar{ @@ -457,17 +452,17 @@ func (f *defaultFeature) ManageClusterChecksRunner(managers feature.PodTemplateM func (f *defaultFeature) addDefaultCommonEnvs(managers feature.PodTemplateManagers) { if f.dcaTokenInfo.token.SecretName != "" { - tokenEnvVar := common.BuildEnvVarFromSource(apicommon.DDClusterAgentAuthToken, common.BuildEnvVarFromSecret(f.dcaTokenInfo.token.SecretName, f.dcaTokenInfo.token.SecretKey)) + tokenEnvVar := common.BuildEnvVarFromSource(DDClusterAgentAuthToken, common.BuildEnvVarFromSecret(f.dcaTokenInfo.token.SecretName, f.dcaTokenInfo.token.SecretKey)) managers.EnvVar().AddEnvVar(tokenEnvVar) } if f.credentialsInfo.apiKey.SecretName != "" { - apiKeyEnvVar := common.BuildEnvVarFromSource(apicommon.DDAPIKey, common.BuildEnvVarFromSecret(f.credentialsInfo.apiKey.SecretName, f.credentialsInfo.apiKey.SecretKey)) + apiKeyEnvVar := common.BuildEnvVarFromSource(v2alpha1.DDAPIKey, common.BuildEnvVarFromSecret(f.credentialsInfo.apiKey.SecretName, f.credentialsInfo.apiKey.SecretKey)) managers.EnvVar().AddEnvVar(apiKeyEnvVar) } if f.credentialsInfo.appKey.SecretName != "" { - appKeyEnvVar := common.BuildEnvVarFromSource(apicommon.DDAppKey, common.BuildEnvVarFromSecret(f.credentialsInfo.appKey.SecretName, f.credentialsInfo.appKey.SecretKey)) + appKeyEnvVar := common.BuildEnvVarFromSource(v2alpha1.DDAppKey, common.BuildEnvVarFromSecret(f.credentialsInfo.appKey.SecretName, f.credentialsInfo.appKey.SecretKey)) managers.EnvVar().AddEnvVar(appKeyEnvVar) } @@ -477,7 +472,7 @@ func (f *defaultFeature) addDefaultCommonEnvs(managers feature.PodTemplateManage f.logger.Error(err, "Failed to unmarshal json input") } else { managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDKubernetesResourcesLabelsAsTags, + Name: v2alpha1.DDKubernetesResourcesLabelsAsTags, Value: string(kubernetesResourceLabelsAsTags), }) } @@ -489,7 +484,7 @@ func (f *defaultFeature) addDefaultCommonEnvs(managers feature.PodTemplateManage f.logger.Error(err, "Failed to unmarshal json input") } else { managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDKubernetesResourcesAnnotationsAsTags, + Name: v2alpha1.DDKubernetesResourcesAnnotationsAsTags, Value: string(kubernetesResourceAnnotationsAsTags), }) } @@ -512,7 +507,7 @@ func buildInstallInfoConfigMap(dda metav1.Object) *corev1.ConfigMap { func getInstallInfoValue() string { toolVersion := "unknown" - if envVar := os.Getenv(apicommon.InstallInfoToolVersion); envVar != "" { + if envVar := os.Getenv(InstallInfoToolVersion); envVar != "" { toolVersion = envVar } diff --git a/internal/controller/datadogagent/feature/enabledefault/feature_test.go b/internal/controller/datadogagent/feature/enabledefault/feature_test.go index c6f756e96..091fc3b55 100644 --- a/internal/controller/datadogagent/feature/enabledefault/feature_test.go +++ b/internal/controller/datadogagent/feature/enabledefault/feature_test.go @@ -16,10 +16,10 @@ import ( corev1 "k8s.io/api/core/v1" apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" ) type InstallInfoData struct { @@ -52,7 +52,7 @@ func Test_getInstallInfoValue(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - t.Setenv(apicommon.InstallInfoToolVersion, tt.toolVersionEnvVarValue) + t.Setenv(InstallInfoToolVersion, tt.toolVersionEnvVarValue) installInfo := InstallInfoData{} test := getInstallInfoValue() @@ -71,7 +71,7 @@ func Test_defaultFeature_ManageClusterAgent(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "Manage Cluster Agent service account name env variable", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithName("datadog"). WithEventCollectionKubernetesEvents(true). Build(), @@ -88,7 +88,7 @@ func defaultFeatureManageClusterAgentWantFunc(t testing.TB, mgrInterface feature dcaEnvVars := mgr.EnvVarMgr.EnvVarsByC[apicommon.AllContainers] want := &corev1.EnvVar{ - Name: apicommon.DDClusterAgentServiceAccountName, + Name: DDClusterAgentServiceAccountName, Value: "datadog-cluster-agent", } wantJSON, err := json.Marshal(want) diff --git a/internal/controller/datadogagent/feature/enabledefault/rbac.go b/internal/controller/datadogagent/feature/enabledefault/rbac.go index cb7872d82..0b0819f63 100644 --- a/internal/controller/datadogagent/feature/enabledefault/rbac.go +++ b/internal/controller/datadogagent/feature/enabledefault/rbac.go @@ -9,8 +9,8 @@ import ( "fmt" "strings" - "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/common" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils" "github.com/DataDog/datadog-operator/pkg/kubernetes/rbac" @@ -186,7 +186,7 @@ func getLeaderElectionPolicyRuleDCA(dda metav1.Object) []rbacv1.PolicyRule { // getCCRRbacResourcesName returns the Cluster Checks Runner RBAC resource name func getCCRRbacResourcesName(dda metav1.Object) string { - return fmt.Sprintf("%s-%s", dda.GetName(), v2alpha1.DefaultClusterChecksRunnerResourceSuffix) + return fmt.Sprintf("%s-%s", dda.GetName(), constants.DefaultClusterChecksRunnerResourceSuffix) } // getDefaultClusterChecksRunnerClusterRolePolicyRules returns the default Cluster Role Policy Rules for the Cluster Checks Runner diff --git a/internal/controller/datadogagent/feature/enabledefault/utils_test.go b/internal/controller/datadogagent/feature/enabledefault/utils_test.go index 99495cd82..e3036ec4a 100644 --- a/internal/controller/datadogagent/feature/enabledefault/utils_test.go +++ b/internal/controller/datadogagent/feature/enabledefault/utils_test.go @@ -9,7 +9,7 @@ import ( "testing" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/stretchr/testify/assert" ) @@ -36,7 +36,7 @@ func Test_getDaemonSetNameFromDatadogAgent(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - dda := v2alpha1test.NewDatadogAgentBuilder(). + dda := testutils.NewDatadogAgentBuilder(). WithName(tt.ddaName). WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ Name: &tt.overrideAgentName, @@ -71,7 +71,7 @@ func Test_getDeploymentNameFromDatadogAgent(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - dda := v2alpha1test.NewDatadogAgentBuilder(). + dda := testutils.NewDatadogAgentBuilder(). WithName(tt.ddaName). WithComponentOverride(v2alpha1.ClusterAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ Name: &tt.overrideClusterAgentName, diff --git a/internal/controller/datadogagent/feature/eventcollection/envvar.go b/internal/controller/datadogagent/feature/eventcollection/envvar.go new file mode 100644 index 000000000..e9ee07768 --- /dev/null +++ b/internal/controller/datadogagent/feature/eventcollection/envvar.go @@ -0,0 +1,11 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package eventcollection + +const ( + DDLeaderLeaseName = "DD_LEADER_LEASE_NAME" + DDCollectKubernetesEvents = "DD_COLLECT_KUBERNETES_EVENTS" +) diff --git a/internal/controller/datadogagent/feature/eventcollection/feature.go b/internal/controller/datadogagent/feature/eventcollection/feature.go index 61671e177..7931ffae2 100644 --- a/internal/controller/datadogagent/feature/eventcollection/feature.go +++ b/internal/controller/datadogagent/feature/eventcollection/feature.go @@ -20,6 +20,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/volume" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/kubernetes" @@ -69,12 +70,12 @@ func (f *eventCollectionFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp // v2alpha1 configures event collection using the cluster agent only // leader election is enabled by default if dda.Spec.Features != nil && dda.Spec.Features.EventCollection != nil && apiutils.BoolValue(dda.Spec.Features.EventCollection.CollectKubernetesEvents) { - f.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) + f.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) f.rbacSuffix = common.ClusterAgentSuffix if apiutils.BoolValue(dda.Spec.Features.EventCollection.UnbundleEvents) { if len(dda.Spec.Features.EventCollection.CollectedEventTypes) > 0 { - f.configMapName = v2alpha1.GetConfName(dda, nil, v2alpha1.DefaultKubeAPIServerConf) + f.configMapName = constants.GetConfName(dda, nil, v2alpha1.DefaultKubeAPIServerConf) f.unbundleEvents = *dda.Spec.Features.EventCollection.UnbundleEvents f.unbundleEventTypes = dda.Spec.Features.EventCollection.CollectedEventTypes } else { @@ -143,22 +144,22 @@ func (f *eventCollectionFeature) ManageDependencies(managers feature.ResourceMan func (f *eventCollectionFeature) ManageClusterAgent(managers feature.PodTemplateManagers) error { // Env vars managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDCollectKubernetesEvents, + Name: DDCollectKubernetesEvents, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLeaderElection, + Name: v2alpha1.DDLeaderElection, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLeaderLeaseName, + Name: DDLeaderLeaseName, Value: utils.GetDatadogLeaderElectionResourceName(f.owner), }) managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDClusterAgentTokenName, + Name: v2alpha1.DDClusterAgentTokenName, Value: v2alpha1.GetDefaultDCATokenSecretName(f.owner), }) @@ -167,7 +168,7 @@ func (f *eventCollectionFeature) ManageClusterAgent(managers feature.PodTemplate vol := volume.GetBasicVolume(f.configMapName, kubernetesAPIServerCheckConfigVolumeName) volMount := corev1.VolumeMount{ Name: kubernetesAPIServerCheckConfigVolumeName, - MountPath: fmt.Sprintf("%s%s/%s", apicommon.ConfigVolumePath, apicommon.ConfdVolumePath, kubeAPIServerConfigFolderName), + MountPath: fmt.Sprintf("%s%s/%s", v2alpha1.ConfigVolumePath, v2alpha1.ConfdVolumePath, kubeAPIServerConfigFolderName), ReadOnly: true, } @@ -200,22 +201,22 @@ func (f *eventCollectionFeature) ManageNodeAgent(managers feature.PodTemplateMan func (f *eventCollectionFeature) manageNodeAgent(agentContainerName apicommon.AgentContainerName, managers feature.PodTemplateManagers, _ string) error { managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDCollectKubernetesEvents, + Name: DDCollectKubernetesEvents, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLeaderElection, + Name: v2alpha1.DDLeaderElection, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLeaderLeaseName, + Name: DDLeaderLeaseName, Value: utils.GetDatadogLeaderElectionResourceName(f.owner), }) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDClusterAgentTokenName, + Name: v2alpha1.DDClusterAgentTokenName, Value: v2alpha1.GetDefaultDCATokenSecretName(f.owner), }) diff --git a/internal/controller/datadogagent/feature/eventcollection/feature_test.go b/internal/controller/datadogagent/feature/eventcollection/feature_test.go index 3cc570d76..b5cf6aefe 100644 --- a/internal/controller/datadogagent/feature/eventcollection/feature_test.go +++ b/internal/controller/datadogagent/feature/eventcollection/feature_test.go @@ -12,13 +12,13 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/store" "github.com/DataDog/datadog-operator/pkg/kubernetes" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -28,14 +28,14 @@ func Test_eventCollectionFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "Event Collection not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithEventCollectionKubernetesEvents(false). Build(), WantConfigure: false, }, { Name: "Event Collection enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithName("ddaDCA"). WithEventCollectionKubernetesEvents(true). Build(), @@ -44,7 +44,7 @@ func Test_eventCollectionFeature_Configure(t *testing.T) { }, { Name: "Unbundle event enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithName("ddaDCA"). WithEventCollectionKubernetesEvents(true). WithEventCollectionUnbundleEvents(true, []v2alpha1.EventTypes{ @@ -73,19 +73,19 @@ func eventCollectionClusterAgentWantFunc(t testing.TB, mgrInterface feature.PodT want := []*corev1.EnvVar{ { - Name: apicommon.DDCollectKubernetesEvents, + Name: DDCollectKubernetesEvents, Value: "true", }, { - Name: apicommon.DDLeaderElection, + Name: v2alpha1.DDLeaderElection, Value: "true", }, { - Name: apicommon.DDLeaderLeaseName, + Name: DDLeaderLeaseName, Value: "ddaDCA-leader-election", }, { - Name: apicommon.DDClusterAgentTokenName, + Name: v2alpha1.DDClusterAgentTokenName, Value: "ddaDCA-token", }, } diff --git a/internal/controller/datadogagent/feature/externalmetrics/envvar.go b/internal/controller/datadogagent/feature/externalmetrics/envvar.go new file mode 100644 index 000000000..233721c33 --- /dev/null +++ b/internal/controller/datadogagent/feature/externalmetrics/envvar.go @@ -0,0 +1,16 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package externalmetrics + +const ( + DDExternalMetricsProviderAPIKey = "DD_EXTERNAL_METRICS_PROVIDER_API_KEY" + DDExternalMetricsProviderAppKey = "DD_EXTERNAL_METRICS_PROVIDER_APP_KEY" + DDExternalMetricsProviderEndpoint = "DD_EXTERNAL_METRICS_PROVIDER_ENDPOINT" + DDExternalMetricsProviderEnabled = "DD_EXTERNAL_METRICS_PROVIDER_ENABLED" + DDExternalMetricsProviderPort = "DD_EXTERNAL_METRICS_PROVIDER_PORT" + DDExternalMetricsProviderUseDatadogMetric = "DD_EXTERNAL_METRICS_PROVIDER_USE_DATADOGMETRIC_CRD" + DDExternalMetricsProviderWPAController = "DD_EXTERNAL_METRICS_PROVIDER_WPA_CONTROLLER" +) diff --git a/internal/controller/datadogagent/feature/externalmetrics/feature.go b/internal/controller/datadogagent/feature/externalmetrics/feature.go index b39a80362..d73ab8f32 100644 --- a/internal/controller/datadogagent/feature/externalmetrics/feature.go +++ b/internal/controller/datadogagent/feature/externalmetrics/feature.go @@ -17,6 +17,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/objects" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" cilium "github.com/DataDog/datadog-operator/pkg/cilium/v1" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/kubernetes/rbac" "github.com/go-logr/logr" @@ -89,8 +90,8 @@ func (f *externalMetricsFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp creds := em.Endpoint.Credentials if creds != nil { f.keySecret = make(map[string]secret) - if !v2alpha1.CheckAPIKeySufficiency(creds, apicommon.DDExternalMetricsProviderAPIKey) || - !v2alpha1.CheckAppKeySufficiency(creds, apicommon.DDExternalMetricsProviderAppKey) { + if !v2alpha1.CheckAPIKeySufficiency(creds, DDExternalMetricsProviderAPIKey) || + !v2alpha1.CheckAppKeySufficiency(creds, DDExternalMetricsProviderAppKey) { // for one of api or app keys, neither secrets nor external metrics key env vars // are defined, so store key data to create secret later for keyType, keyData := range v2alpha1.GetKeysFromCredentials(creds) { @@ -122,9 +123,9 @@ func (f *externalMetricsFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp } } - f.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) + f.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) - if enabled, flavor := v2alpha1.IsNetworkPolicyEnabled(dda); enabled { + if enabled, flavor := constants.IsNetworkPolicyEnabled(dda); enabled { if flavor == v2alpha1.NetworkPolicyFlavorCilium { f.createCiliumNetworkPolicy = true } else { @@ -154,7 +155,7 @@ func (f *externalMetricsFeature) ManageDependencies(managers feature.ResourceMan } selector := map[string]string{ apicommon.AgentDeploymentNameLabelKey: f.owner.GetName(), - apicommon.AgentDeploymentComponentLabelKey: v2alpha1.DefaultClusterAgentResourceSuffix, + apicommon.AgentDeploymentComponentLabelKey: constants.DefaultClusterAgentResourceSuffix, } serviceName := componentdca.GetMetricsServerServiceName(f.owner) if err := managers.ServiceManager().AddService(serviceName, ns, selector, emPorts, nil); err != nil { @@ -261,25 +262,25 @@ func (f *externalMetricsFeature) ManageDependencies(managers feature.ResourceMan // It should do nothing if the feature doesn't need to configure it. func (f *externalMetricsFeature) ManageClusterAgent(managers feature.PodTemplateManagers) error { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDExternalMetricsProviderEnabled, + Name: DDExternalMetricsProviderEnabled, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDExternalMetricsProviderPort, + Name: DDExternalMetricsProviderPort, Value: strconv.FormatInt(int64(f.port), 10), }) managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDExternalMetricsProviderUseDatadogMetric, + Name: DDExternalMetricsProviderUseDatadogMetric, Value: apiutils.BoolToString(&f.useDDM), }) managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDExternalMetricsProviderWPAController, + Name: DDExternalMetricsProviderWPAController, Value: apiutils.BoolToString(&f.useWPA), }) if f.url != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDExternalMetricsProviderEndpoint, + Name: DDExternalMetricsProviderEndpoint, Value: f.url, }) } @@ -291,13 +292,13 @@ func (f *externalMetricsFeature) ManageClusterAgent(managers feature.PodTemplate // api key from existing secret if s.name != "" { apiKeyEnvVar = common.BuildEnvVarFromSource( - apicommon.DDExternalMetricsProviderAPIKey, + DDExternalMetricsProviderAPIKey, common.BuildEnvVarFromSecret(s.name, s.key), ) } else { // api key from secret created by operator apiKeyEnvVar = common.BuildEnvVarFromSource( - apicommon.DDExternalMetricsProviderAPIKey, + DDExternalMetricsProviderAPIKey, common.BuildEnvVarFromSecret(componentdca.GetDefaultExternalMetricSecretName(f.owner), v2alpha1.DefaultAPIKeyKey), ) } @@ -309,13 +310,13 @@ func (f *externalMetricsFeature) ManageClusterAgent(managers feature.PodTemplate // app key from existing secret if s.name != "" { appKeyEnvVar = common.BuildEnvVarFromSource( - apicommon.DDExternalMetricsProviderAppKey, + DDExternalMetricsProviderAppKey, common.BuildEnvVarFromSecret(s.name, s.key), ) } else { // api key from secret created by operator appKeyEnvVar = common.BuildEnvVarFromSource( - apicommon.DDExternalMetricsProviderAppKey, + DDExternalMetricsProviderAppKey, common.BuildEnvVarFromSecret(componentdca.GetDefaultExternalMetricSecretName(f.owner), v2alpha1.DefaultAPPKeyKey), ) } diff --git a/internal/controller/datadogagent/feature/externalmetrics/feature_test.go b/internal/controller/datadogagent/feature/externalmetrics/feature_test.go index 97ed4c4ab..fe011c0bf 100644 --- a/internal/controller/datadogagent/feature/externalmetrics/feature_test.go +++ b/internal/controller/datadogagent/feature/externalmetrics/feature_test.go @@ -130,26 +130,26 @@ func testDCAResources(useDDM, wpaController, keySecrets bool) *test.ComponentTes agentEnvs := mgr.EnvVarMgr.EnvVarsByC[apicommon.ClusterAgentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDExternalMetricsProviderEnabled, + Name: DDExternalMetricsProviderEnabled, Value: "true", }, { - Name: apicommon.DDExternalMetricsProviderPort, + Name: DDExternalMetricsProviderPort, Value: "8443", }, { - Name: apicommon.DDExternalMetricsProviderUseDatadogMetric, + Name: DDExternalMetricsProviderUseDatadogMetric, Value: apiutils.BoolToString(&useDDM), }, { - Name: apicommon.DDExternalMetricsProviderWPAController, + Name: DDExternalMetricsProviderWPAController, Value: apiutils.BoolToString(&wpaController), }, } if keySecrets { secretEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDExternalMetricsProviderAPIKey, + Name: DDExternalMetricsProviderAPIKey, ValueFrom: &corev1.EnvVarSource{ SecretKeyRef: &corev1.SecretKeySelector{ LocalObjectReference: corev1.LocalObjectReference{ @@ -160,7 +160,7 @@ func testDCAResources(useDDM, wpaController, keySecrets bool) *test.ComponentTes }, }, { - Name: apicommon.DDExternalMetricsProviderAppKey, + Name: DDExternalMetricsProviderAppKey, ValueFrom: &corev1.EnvVarSource{ SecretKeyRef: &corev1.SecretKeySelector{ LocalObjectReference: corev1.LocalObjectReference{ diff --git a/internal/controller/datadogagent/feature/helmcheck/feature.go b/internal/controller/datadogagent/feature/helmcheck/feature.go index 7b16acf07..6706a36dd 100644 --- a/internal/controller/datadogagent/feature/helmcheck/feature.go +++ b/internal/controller/datadogagent/feature/helmcheck/feature.go @@ -19,6 +19,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/volume" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/kubernetes" ) @@ -75,12 +76,12 @@ func (f *helmCheckFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp featur f.configMapName = fmt.Sprintf("%s-%s", f.owner.GetName(), v2alpha1.DefaultHelmCheckConf) f.collectEvents = apiutils.BoolValue(helmCheck.CollectEvents) f.valuesAsTags = helmCheck.ValuesAsTags - f.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) + f.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) - if v2alpha1.IsClusterChecksEnabled(dda) && v2alpha1.IsCCREnabled(dda) { + if constants.IsClusterChecksEnabled(dda) && constants.IsCCREnabled(dda) { f.runInClusterChecksRunner = true f.rbacSuffix = common.ChecksRunnerSuffix - f.serviceAccountName = v2alpha1.GetClusterChecksRunnerServiceAccount(dda) + f.serviceAccountName = constants.GetClusterChecksRunnerServiceAccount(dda) reqComp.ClusterChecksRunner.IsRequired = apiutils.NewBoolPointer(true) } @@ -136,7 +137,7 @@ func (f *helmCheckFeature) ManageClusterAgent(managers feature.PodTemplateManage vol = volume.GetBasicVolume(f.configMapName, helmCheckConfigVolumeName) volMount = corev1.VolumeMount{ Name: helmCheckConfigVolumeName, - MountPath: fmt.Sprintf("%s%s/%s", apicommon.ConfigVolumePath, apicommon.ConfdVolumePath, helmCheckFolderName), + MountPath: fmt.Sprintf("%s%s/%s", v2alpha1.ConfigVolumePath, v2alpha1.ConfdVolumePath, helmCheckFolderName), ReadOnly: true, } diff --git a/internal/controller/datadogagent/feature/helmcheck/feature_test.go b/internal/controller/datadogagent/feature/helmcheck/feature_test.go index 0e9e911fa..093514854 100644 --- a/internal/controller/datadogagent/feature/helmcheck/feature_test.go +++ b/internal/controller/datadogagent/feature/helmcheck/feature_test.go @@ -18,7 +18,6 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" @@ -27,6 +26,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/store" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/kubernetes" + "github.com/DataDog/datadog-operator/pkg/testutils" ) const resourcesName = "foo" @@ -38,14 +38,14 @@ func Test_helmCheckFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "Helm check disabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithHelmCheckEnabled(false). Build(), WantConfigure: false, }, { Name: "Helm check enabled", - DDA: v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + DDA: testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithHelmCheckEnabled(true). WithHelmCheckCollectEvents(true). WithHelmCheckValuesAsTags(valuesAsTags). @@ -56,7 +56,7 @@ func Test_helmCheckFeature_Configure(t *testing.T) { }, { Name: "Helm check enabled and runs on cluster checks runner", - DDA: v2alpha1test.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). + DDA: testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithHelmCheckEnabled(true). WithHelmCheckCollectEvents(true). WithHelmCheckValuesAsTags(valuesAsTags). @@ -195,7 +195,7 @@ instances: assert.NoError(t, err) wantAnnotations := map[string]string{ - fmt.Sprintf(apicommon.MD5ChecksumAnnotationKey, feature.HelmCheckIDType): hash, + fmt.Sprintf(v2alpha1.MD5ChecksumAnnotationKey, feature.HelmCheckIDType): hash, } annotations := mgr.AnnotationMgr.Annotations diff --git a/internal/controller/datadogagent/feature/ids.go b/internal/controller/datadogagent/feature/ids.go index 812a00a7b..b395d720d 100644 --- a/internal/controller/datadogagent/feature/ids.go +++ b/internal/controller/datadogagent/feature/ids.go @@ -25,6 +25,8 @@ const ( LiveContainerIDType = "live_container" // LiveProcessIDType Live Process feature. LiveProcessIDType = "live_process" + // OtelAgentIDType Otel Agent feature. + OtelAgentIDType = "otel_agent" // ProcessDiscoveryIDType Process Discovery feature. ProcessDiscoveryIDType = "process_discovery" // KubernetesAPIServerIDType Kube APIServer feature. diff --git a/internal/controller/datadogagent/feature/kubernetesstatecore/envvar.go b/internal/controller/datadogagent/feature/kubernetesstatecore/envvar.go new file mode 100644 index 000000000..0841128e5 --- /dev/null +++ b/internal/controller/datadogagent/feature/kubernetesstatecore/envvar.go @@ -0,0 +1,12 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package kubernetesstatecore + +const ( + DDKubeStateMetricsCoreConfigMap = "DD_KUBE_STATE_METRICS_CORE_CONFIGMAP_NAME" + DDKubeStateMetricsCoreEnabled = "DD_KUBE_STATE_METRICS_CORE_ENABLED" + DDIgnoreAutoConf = "DD_IGNORE_AUTOCONF" +) diff --git a/internal/controller/datadogagent/feature/kubernetesstatecore/feature.go b/internal/controller/datadogagent/feature/kubernetesstatecore/feature.go index 7e29eb0c7..fc39c1001 100644 --- a/internal/controller/datadogagent/feature/kubernetesstatecore/feature.go +++ b/internal/controller/datadogagent/feature/kubernetesstatecore/feature.go @@ -16,6 +16,7 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/DataDog/datadog-operator/pkg/utils" @@ -83,13 +84,13 @@ func (f *ksmFeature) Configure(dda *v2alpha1.DatadogAgent) feature.RequiredCompo f.collectAPIServiceMetrics = true f.collectCRDMetrics = true - f.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) + f.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) // This check will only run in the Cluster Checks Runners or Cluster Agent (not the Node Agent) if dda.Spec.Features.ClusterChecks != nil && apiutils.BoolValue(dda.Spec.Features.ClusterChecks.Enabled) && apiutils.BoolValue(dda.Spec.Features.ClusterChecks.UseClusterChecksRunners) { f.runInClusterChecksRunner = true f.rbacSuffix = common.ChecksRunnerSuffix - f.serviceAccountName = v2alpha1.GetClusterChecksRunnerServiceAccount(dda) + f.serviceAccountName = constants.GetClusterChecksRunnerServiceAccount(dda) output.ClusterChecksRunner.IsRequired = apiutils.NewBoolPointer(true) if ccrOverride, ok := dda.Spec.Override[v2alpha1.ClusterChecksRunnerComponentName]; ok { @@ -119,7 +120,7 @@ func (f *ksmFeature) Configure(dda *v2alpha1.DatadogAgent) feature.RequiredCompo f.customConfigAnnotationKey = object.GetChecksumAnnotationKey(feature.KubernetesStateCoreIDType) } - f.configConfigMapName = v2alpha1.GetConfName(dda, f.customConfig, v2alpha1.DefaultKubeStateMetricsCoreConf) + f.configConfigMapName = constants.GetConfName(dda, f.customConfig, v2alpha1.DefaultKubeStateMetricsCoreConf) } return output @@ -182,7 +183,7 @@ func (f *ksmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er vol = volume.GetBasicVolume(f.configConfigMapName, ksmCoreVolumeName) volMount = corev1.VolumeMount{ Name: ksmCoreVolumeName, - MountPath: fmt.Sprintf("%s%s/%s", apicommon.ConfigVolumePath, apicommon.ConfdVolumePath, ksmCoreCheckFolderName), + MountPath: fmt.Sprintf("%s%s/%s", v2alpha1.ConfigVolumePath, v2alpha1.ConfdVolumePath, ksmCoreCheckFolderName), ReadOnly: true, } } @@ -193,12 +194,12 @@ func (f *ksmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er managers.Volume().AddVolume(&vol) managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDKubeStateMetricsCoreEnabled, + Name: DDKubeStateMetricsCoreEnabled, Value: "true", }) managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDKubeStateMetricsCoreConfigMap, + Name: DDKubeStateMetricsCoreConfigMap, Value: f.configConfigMapName, }) @@ -211,7 +212,7 @@ func (f *ksmFeature) ManageClusterAgent(managers feature.PodTemplateManagers) er func (f *ksmFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { // Remove ksm v1 conf if the cluster checks are enabled and the ksm core is enabled ignoreAutoConf := &corev1.EnvVar{ - Name: apicommon.DDIgnoreAutoConf, + Name: DDIgnoreAutoConf, Value: "kubernetes_state", } @@ -223,7 +224,7 @@ func (f *ksmFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplate func (f *ksmFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { // Remove ksm v1 conf if the cluster checks are enabled and the ksm core is enabled ignoreAutoConf := &corev1.EnvVar{ - Name: apicommon.DDIgnoreAutoConf, + Name: DDIgnoreAutoConf, Value: "kubernetes_state", } diff --git a/internal/controller/datadogagent/feature/kubernetesstatecore/feature_test.go b/internal/controller/datadogagent/feature/kubernetesstatecore/feature_test.go index 207ad0971..6e07188f2 100644 --- a/internal/controller/datadogagent/feature/kubernetesstatecore/feature_test.go +++ b/internal/controller/datadogagent/feature/kubernetesstatecore/feature_test.go @@ -11,13 +11,13 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" mergerfake "github.com/DataDog/datadog-operator/internal/controller/datadogagent/merger/fake" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -36,14 +36,14 @@ func Test_ksmFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "ksm-core not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithKSMEnabled(false). Build(), WantConfigure: false, }, { Name: "ksm-core not enabled with single agent container", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithKSMEnabled(false). WithSingleContainerStrategy(true). Build(), @@ -51,7 +51,7 @@ func Test_ksmFeature_Configure(t *testing.T) { }, { Name: "ksm-core enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithKSMEnabled(true). Build(), WantConfigure: true, @@ -60,7 +60,7 @@ func Test_ksmFeature_Configure(t *testing.T) { }, { Name: "ksm-core enabled with single agent container", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithKSMEnabled(true). WithSingleContainerStrategy(true). Build(), @@ -70,7 +70,7 @@ func Test_ksmFeature_Configure(t *testing.T) { }, { Name: "ksm-core enabled, custom config", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithKSMEnabled(true). WithKSMCustomConf(customData). Build(), @@ -80,7 +80,7 @@ func Test_ksmFeature_Configure(t *testing.T) { }, { Name: "ksm-core enabled, custom config with single agent container", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithKSMEnabled(true). WithKSMCustomConf(customData). WithSingleContainerStrategy(true). @@ -102,11 +102,11 @@ func ksmClusterAgentWantFunc(hasCustomConfig bool) *test.ComponentTest { want := []*corev1.EnvVar{ { - Name: apicommon.DDKubeStateMetricsCoreEnabled, + Name: DDKubeStateMetricsCoreEnabled, Value: "true", }, { - Name: apicommon.DDKubeStateMetricsCoreConfigMap, + Name: DDKubeStateMetricsCoreConfigMap, Value: "-kube-state-metrics-core-config", }, } @@ -119,7 +119,7 @@ func ksmClusterAgentWantFunc(hasCustomConfig bool) *test.ComponentTest { hash, err := comparison.GenerateMD5ForSpec(&customConfig) assert.NoError(t, err) wantAnnotations := map[string]string{ - fmt.Sprintf(apicommon.MD5ChecksumAnnotationKey, feature.KubernetesStateCoreIDType): hash, + fmt.Sprintf(v2alpha1.MD5ChecksumAnnotationKey, feature.KubernetesStateCoreIDType): hash, } annotations := mgr.AnnotationMgr.Annotations assert.True(t, apiutils.IsEqualStruct(annotations, wantAnnotations), "Annotations \ndiff = %s", cmp.Diff(annotations, wantAnnotations)) @@ -142,7 +142,7 @@ func ksmAgentWantFunc(t testing.TB, mgrInterface feature.PodTemplateManagers, ag want := []*corev1.EnvVar{ { - Name: apicommon.DDIgnoreAutoConf, + Name: DDIgnoreAutoConf, Value: "kubernetes_state", }, } diff --git a/internal/controller/datadogagent/feature/livecontainer/feature.go b/internal/controller/datadogagent/feature/livecontainer/feature.go index 8e7d403d2..6af550e22 100644 --- a/internal/controller/datadogagent/feature/livecontainer/feature.go +++ b/internal/controller/datadogagent/feature/livecontainer/feature.go @@ -80,7 +80,7 @@ func (f *liveContainerFeature) ManageClusterAgent(managers feature.PodTemplateMa // It should do nothing if the feature doesn't need to configure it. func (f *liveContainerFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { runInCoreAgentEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: apiutils.BoolToString(&f.runInCoreAgent), } managers.EnvVar().AddEnvVarToContainer(apicommon.UnprivilegedSingleAgentContainerName, runInCoreAgentEnvVar) @@ -93,7 +93,7 @@ func (f *liveContainerFeature) ManageSingleContainerNodeAgent(managers feature.P func (f *liveContainerFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { // Always add this envvar to Core and Process containers runInCoreAgentEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: apiutils.BoolToString(&f.runInCoreAgent), } managers.EnvVar().AddEnvVarToContainer(apicommon.ProcessAgentContainerName, runInCoreAgentEnvVar) @@ -110,17 +110,17 @@ func (f *liveContainerFeature) ManageNodeAgent(managers feature.PodTemplateManag func (f *liveContainerFeature) manageNodeAgent(agentContainerName apicommon.AgentContainerName, managers feature.PodTemplateManagers, provider string) error { // cgroups volume mount - cgroupsVol, cgroupsVolMount := volume.GetVolumes(apicommon.CgroupsVolumeName, apicommon.CgroupsHostPath, apicommon.CgroupsMountPath, true) + cgroupsVol, cgroupsVolMount := volume.GetVolumes(v2alpha1.CgroupsVolumeName, v2alpha1.CgroupsHostPath, v2alpha1.CgroupsMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&cgroupsVolMount, agentContainerName) managers.Volume().AddVolume(&cgroupsVol) // procdir volume mount - procdirVol, procdirVolMount := volume.GetVolumes(apicommon.ProcdirVolumeName, apicommon.ProcdirHostPath, apicommon.ProcdirMountPath, true) + procdirVol, procdirVolMount := volume.GetVolumes(v2alpha1.ProcdirVolumeName, v2alpha1.ProcdirHostPath, v2alpha1.ProcdirMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&procdirVolMount, agentContainerName) managers.Volume().AddVolume(&procdirVol) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDContainerCollectionEnabled, + Name: v2alpha1.DDContainerCollectionEnabled, Value: "true", }) diff --git a/internal/controller/datadogagent/feature/livecontainer/feature_test.go b/internal/controller/datadogagent/feature/livecontainer/feature_test.go index c17777480..5a0f8aa4c 100644 --- a/internal/controller/datadogagent/feature/livecontainer/feature_test.go +++ b/internal/controller/datadogagent/feature/livecontainer/feature_test.go @@ -10,12 +10,12 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" "github.com/DataDog/datadog-operator/api/utils" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -26,7 +26,7 @@ func TestLiveContainerFeature(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "live container collection enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveContainerCollectionEnabled(true). Build(), WantConfigure: true, @@ -34,7 +34,7 @@ func TestLiveContainerFeature(t *testing.T) { }, { Name: "live container collection enabled with single container", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveContainerCollectionEnabled(true). WithSingleContainerStrategy(true). Build(), @@ -43,7 +43,7 @@ func TestLiveContainerFeature(t *testing.T) { }, { Name: "live container collection enabled on core agent via env var", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveContainerCollectionEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -58,7 +58,7 @@ func TestLiveContainerFeature(t *testing.T) { }, { Name: "live container collection enabled on core agent via spec", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveContainerCollectionEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -73,7 +73,7 @@ func TestLiveContainerFeature(t *testing.T) { }, { Name: "live container collection enabled in core agent via spec without min version", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveContainerCollectionEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -88,7 +88,7 @@ func TestLiveContainerFeature(t *testing.T) { }, { Name: "live container collection disabled on core agent via env var override", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveContainerCollectionEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -115,11 +115,11 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor agentEnvs := mgr.EnvVarMgr.EnvVarsByC[agentContainerName] expectedAgentEnvs := []*corev1.EnvVar{ { - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: utils.BoolToString(&runInCoreAgent), }, { - Name: apicommon.DDContainerCollectionEnabled, + Name: v2alpha1.DDContainerCollectionEnabled, Value: "true", }, } @@ -133,13 +133,13 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor agentVolumeMounts := mgr.VolumeMountMgr.VolumeMountsByC[agentContainerName] expectedVolumeMounts := []corev1.VolumeMount{ { - Name: apicommon.CgroupsVolumeName, - MountPath: apicommon.CgroupsMountPath, + Name: v2alpha1.CgroupsVolumeName, + MountPath: v2alpha1.CgroupsMountPath, ReadOnly: true, }, { - Name: apicommon.ProcdirVolumeName, - MountPath: apicommon.ProcdirMountPath, + Name: v2alpha1.ProcdirVolumeName, + MountPath: v2alpha1.ProcdirMountPath, ReadOnly: true, }, } @@ -152,18 +152,18 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor agentVolumes := mgr.VolumeMgr.Volumes expectedVolumes := []corev1.Volume{ { - Name: apicommon.CgroupsVolumeName, + Name: v2alpha1.CgroupsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.CgroupsHostPath, + Path: v2alpha1.CgroupsHostPath, }, }, }, { - Name: apicommon.ProcdirVolumeName, + Name: v2alpha1.ProcdirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ProcdirHostPath, + Path: v2alpha1.ProcdirHostPath, }, }, }, diff --git a/internal/controller/datadogagent/feature/liveprocess/envvar.go b/internal/controller/datadogagent/feature/liveprocess/envvar.go new file mode 100644 index 000000000..4073d10b3 --- /dev/null +++ b/internal/controller/datadogagent/feature/liveprocess/envvar.go @@ -0,0 +1,11 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package liveprocess + +const ( + DDProcessConfigScrubArgs = "DD_PROCESS_CONFIG_SCRUB_ARGS" + DDProcessConfigStripArgs = "DD_PROCESS_CONFIG_STRIP_PROC_ARGUMENTS" +) diff --git a/internal/controller/datadogagent/feature/liveprocess/feature.go b/internal/controller/datadogagent/feature/liveprocess/feature.go index 1a3f06b85..ce44ffc15 100644 --- a/internal/controller/datadogagent/feature/liveprocess/feature.go +++ b/internal/controller/datadogagent/feature/liveprocess/feature.go @@ -88,7 +88,7 @@ func (f *liveProcessFeature) ManageClusterAgent(managers feature.PodTemplateMana // It should do nothing if the feature doesn't need to configure it. func (f *liveProcessFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { runInCoreAgentEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: apiutils.BoolToString(&f.runInCoreAgent), } managers.EnvVar().AddEnvVarToContainer(apicommon.UnprivilegedSingleAgentContainerName, runInCoreAgentEnvVar) @@ -101,7 +101,7 @@ func (f *liveProcessFeature) ManageSingleContainerNodeAgent(managers feature.Pod func (f *liveProcessFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { // Always add this envvar to Core and Process containers runInCoreAgentEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: apiutils.BoolToString(&f.runInCoreAgent), } managers.EnvVar().AddEnvVarToContainer(apicommon.ProcessAgentContainerName, runInCoreAgentEnvVar) @@ -118,22 +118,22 @@ func (f *liveProcessFeature) ManageNodeAgent(managers feature.PodTemplateManager func (f *liveProcessFeature) manageNodeAgent(agentContainerName apicommon.AgentContainerName, managers feature.PodTemplateManagers, provider string) error { // passwd volume mount - passwdVol, passwdVolMount := volume.GetVolumes(apicommon.PasswdVolumeName, apicommon.PasswdHostPath, apicommon.PasswdMountPath, true) + passwdVol, passwdVolMount := volume.GetVolumes(v2alpha1.PasswdVolumeName, v2alpha1.PasswdHostPath, v2alpha1.PasswdMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&passwdVolMount, agentContainerName) managers.Volume().AddVolume(&passwdVol) // cgroups volume mount - cgroupsVol, cgroupsVolMount := volume.GetVolumes(apicommon.CgroupsVolumeName, apicommon.CgroupsHostPath, apicommon.CgroupsMountPath, true) + cgroupsVol, cgroupsVolMount := volume.GetVolumes(v2alpha1.CgroupsVolumeName, v2alpha1.CgroupsHostPath, v2alpha1.CgroupsMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&cgroupsVolMount, agentContainerName) managers.Volume().AddVolume(&cgroupsVol) // procdir volume mount - procdirVol, procdirVolMount := volume.GetVolumes(apicommon.ProcdirVolumeName, apicommon.ProcdirHostPath, apicommon.ProcdirMountPath, true) + procdirVol, procdirVolMount := volume.GetVolumes(v2alpha1.ProcdirVolumeName, v2alpha1.ProcdirHostPath, v2alpha1.ProcdirMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&procdirVolMount, agentContainerName) managers.Volume().AddVolume(&procdirVol) enableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessCollectionEnabled, + Name: v2alpha1.DDProcessCollectionEnabled, Value: "true", } @@ -141,7 +141,7 @@ func (f *liveProcessFeature) manageNodeAgent(agentContainerName apicommon.AgentC if f.scrubArgs != nil { scrubArgsEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessConfigScrubArgs, + Name: DDProcessConfigScrubArgs, Value: apiutils.BoolToString(f.scrubArgs), } managers.EnvVar().AddEnvVarToContainer(agentContainerName, scrubArgsEnvVar) @@ -149,7 +149,7 @@ func (f *liveProcessFeature) manageNodeAgent(agentContainerName apicommon.AgentC if f.stripArgs != nil { stripArgsEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessConfigStripArgs, + Name: DDProcessConfigStripArgs, Value: apiutils.BoolToString(f.stripArgs), } managers.EnvVar().AddEnvVarToContainer(agentContainerName, stripArgsEnvVar) diff --git a/internal/controller/datadogagent/feature/liveprocess/feature_test.go b/internal/controller/datadogagent/feature/liveprocess/feature_test.go index c38a33d06..4553c84fd 100644 --- a/internal/controller/datadogagent/feature/liveprocess/feature_test.go +++ b/internal/controller/datadogagent/feature/liveprocess/feature_test.go @@ -10,12 +10,12 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" "github.com/DataDog/datadog-operator/api/utils" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -26,14 +26,14 @@ func Test_liveProcessFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "live process collection not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveProcessEnabled(false). Build(), WantConfigure: false, }, { Name: "live process collection enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveProcessEnabled(true). Build(), WantConfigure: true, @@ -41,7 +41,7 @@ func Test_liveProcessFeature_Configure(t *testing.T) { }, { Name: "live process collection enabled with scrub and strip args", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveProcessEnabled(true). WithLiveProcessScrubStrip(true, true). Build(), @@ -50,7 +50,7 @@ func Test_liveProcessFeature_Configure(t *testing.T) { }, { Name: "live process collection enabled in core agent via env vars", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveProcessEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -65,7 +65,7 @@ func Test_liveProcessFeature_Configure(t *testing.T) { }, { Name: "live process collection enabled in core agent via spec", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveProcessEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -80,7 +80,7 @@ func Test_liveProcessFeature_Configure(t *testing.T) { }, { Name: "live process collection enabled in core agent via spec without min version", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveProcessEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -95,7 +95,7 @@ func Test_liveProcessFeature_Configure(t *testing.T) { }, { Name: "live process collection disabled in core agent via env var override", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveProcessEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -111,7 +111,7 @@ func Test_liveProcessFeature_Configure(t *testing.T) { }, { Name: "live process collection enabled on single container", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLiveProcessEnabled(true). WithSingleContainerStrategy(true). Build(), @@ -131,18 +131,18 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor // check volume mounts wantVolumeMounts := []corev1.VolumeMount{ { - Name: apicommon.PasswdVolumeName, - MountPath: apicommon.PasswdMountPath, + Name: v2alpha1.PasswdVolumeName, + MountPath: v2alpha1.PasswdMountPath, ReadOnly: true, }, { - Name: apicommon.CgroupsVolumeName, - MountPath: apicommon.CgroupsMountPath, + Name: v2alpha1.CgroupsVolumeName, + MountPath: v2alpha1.CgroupsMountPath, ReadOnly: true, }, { - Name: apicommon.ProcdirVolumeName, - MountPath: apicommon.ProcdirMountPath, + Name: v2alpha1.ProcdirVolumeName, + MountPath: v2alpha1.ProcdirMountPath, ReadOnly: true, }, } @@ -153,26 +153,26 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor // check volumes wantVolumes := []corev1.Volume{ { - Name: apicommon.PasswdVolumeName, + Name: v2alpha1.PasswdVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.PasswdHostPath, + Path: v2alpha1.PasswdHostPath, }, }, }, { - Name: apicommon.CgroupsVolumeName, + Name: v2alpha1.CgroupsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.CgroupsHostPath, + Path: v2alpha1.CgroupsHostPath, }, }, }, { - Name: apicommon.ProcdirVolumeName, + Name: v2alpha1.ProcdirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ProcdirHostPath, + Path: v2alpha1.ProcdirHostPath, }, }, }, @@ -184,11 +184,11 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor // check env vars wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: utils.BoolToString(&runInCoreAgent), }, { - Name: apicommon.DDProcessCollectionEnabled, + Name: v2alpha1.DDProcessCollectionEnabled, Value: "true", }, } @@ -196,11 +196,11 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor if ScrubStripArgs { ScrubStripArgsEnvVar := []*corev1.EnvVar{ { - Name: apicommon.DDProcessConfigScrubArgs, + Name: DDProcessConfigScrubArgs, Value: "true", }, { - Name: apicommon.DDProcessConfigStripArgs, + Name: DDProcessConfigStripArgs, Value: "true", }, } diff --git a/internal/controller/datadogagent/feature/logcollection/envvar.go b/internal/controller/datadogagent/feature/logcollection/envvar.go new file mode 100644 index 000000000..3e64c7440 --- /dev/null +++ b/internal/controller/datadogagent/feature/logcollection/envvar.go @@ -0,0 +1,12 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package logcollection + +const ( + DDLogsConfigContainerCollectAll = "DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL" + DDLogsConfigOpenFilesLimit = "DD_LOGS_CONFIG_OPEN_FILES_LIMIT" + DDLogsContainerCollectUsingFiles = "DD_LOGS_CONFIG_K8S_CONTAINER_USE_FILE" +) diff --git a/internal/controller/datadogagent/feature/logcollection/feature.go b/internal/controller/datadogagent/feature/logcollection/feature.go index 41539edf9..248f590e3 100644 --- a/internal/controller/datadogagent/feature/logcollection/feature.go +++ b/internal/controller/datadogagent/feature/logcollection/feature.go @@ -130,20 +130,20 @@ func (f *logCollectionFeature) manageNodeAgent(agentContainerName apicommon.Agen // envvars managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLogsEnabled, + Name: v2alpha1.DDLogsEnabled, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLogsConfigContainerCollectAll, + Name: DDLogsConfigContainerCollectAll, Value: strconv.FormatBool(f.containerCollectAll), }) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLogsContainerCollectUsingFiles, + Name: DDLogsContainerCollectUsingFiles, Value: strconv.FormatBool(f.containerCollectUsingFiles), }) if f.openFilesLimit != 0 { managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDLogsConfigOpenFilesLimit, + Name: DDLogsConfigOpenFilesLimit, Value: strconv.FormatInt(int64(f.openFilesLimit), 10), }) } diff --git a/internal/controller/datadogagent/feature/logcollection/feature_test.go b/internal/controller/datadogagent/feature/logcollection/feature_test.go index 1f5c87d98..76caa7024 100644 --- a/internal/controller/datadogagent/feature/logcollection/feature_test.go +++ b/internal/controller/datadogagent/feature/logcollection/feature_test.go @@ -9,11 +9,12 @@ import ( "testing" apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -24,14 +25,14 @@ func Test_LogCollectionFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "log collection not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLogCollectionEnabled(false). BuildWithDefaults(), WantConfigure: false, }, { Name: "log collection enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLogCollectionEnabled(true). BuildWithDefaults(), WantConfigure: true, @@ -44,7 +45,7 @@ func Test_LogCollectionFeature_Configure(t *testing.T) { }, { Name: "container collect all enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLogCollectionEnabled(true). WithLogCollectionCollectAll(true). BuildWithDefaults(), @@ -58,7 +59,7 @@ func Test_LogCollectionFeature_Configure(t *testing.T) { }, { Name: "container collect using files disabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLogCollectionEnabled(true). WithLogCollectionCollectAll(true). WithLogCollectionLogCollectionUsingFiles(false). @@ -73,7 +74,7 @@ func Test_LogCollectionFeature_Configure(t *testing.T) { }, { Name: "open files limit set to custom value", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLogCollectionEnabled(true). WithLogCollectionOpenFilesLimit(250). BuildWithDefaults(), @@ -82,7 +83,7 @@ func Test_LogCollectionFeature_Configure(t *testing.T) { func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantEnvVars := createEnvVars("true", "false", "true") wantEnvVars = append(wantEnvVars, &corev1.EnvVar{ - Name: apicommon.DDLogsConfigOpenFilesLimit, + Name: DDLogsConfigOpenFilesLimit, Value: "250", }) assertWants(t, mgrInterface, getWantVolumeMounts(), getWantVolumes(), wantEnvVars) @@ -91,7 +92,7 @@ func Test_LogCollectionFeature_Configure(t *testing.T) { }, { Name: "custom volumes", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithLogCollectionEnabled(true). WithLogCollectionPaths("/custom/pod/logs", "/custom/container/logs", "/custom/symlink", "/custom/temp/storage"). BuildWithDefaults(), @@ -171,7 +172,7 @@ func getWantVolumes() []*corev1.Volume { Name: pointerVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DefaultLogTempStoragePath, + Path: v2alpha1.DefaultLogTempStoragePath, }, }, }, @@ -232,15 +233,15 @@ func getWantVolumeMounts() []*corev1.VolumeMount { func createEnvVars(logsEnabled, collectAllEnabled, collectUsingFilesEnabled string) []*corev1.EnvVar { return []*corev1.EnvVar{ { - Name: apicommon.DDLogsEnabled, + Name: v2alpha1.DDLogsEnabled, Value: logsEnabled, }, { - Name: apicommon.DDLogsConfigContainerCollectAll, + Name: DDLogsConfigContainerCollectAll, Value: collectAllEnabled, }, { - Name: apicommon.DDLogsContainerCollectUsingFiles, + Name: DDLogsContainerCollectUsingFiles, Value: collectUsingFilesEnabled, }, } diff --git a/internal/controller/datadogagent/feature/npm/envvar.go b/internal/controller/datadogagent/feature/npm/envvar.go new file mode 100644 index 000000000..7e2ac4fd3 --- /dev/null +++ b/internal/controller/datadogagent/feature/npm/envvar.go @@ -0,0 +1,12 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package npm + +const ( + DDSystemProbeNPMEnabled = "DD_SYSTEM_PROBE_NETWORK_ENABLED" + DDSystemProbeCollectDNSStatsEnabled = "DD_COLLECT_DNS_STATS" + DDSystemProbeConntrackEnabled = "DD_SYSTEM_PROBE_CONFIG_ENABLE_CONNTRACK" +) diff --git a/internal/controller/datadogagent/feature/npm/feature.go b/internal/controller/datadogagent/feature/npm/feature.go index a85a8aeb7..69ea564d4 100644 --- a/internal/controller/datadogagent/feature/npm/feature.go +++ b/internal/controller/datadogagent/feature/npm/feature.go @@ -88,32 +88,32 @@ func (f *npmFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplate // It should do nothing if the feature doesn't need to configure it. func (f *npmFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { // annotations - managers.Annotation().AddAnnotation(apicommon.SystemProbeAppArmorAnnotationKey, apicommon.SystemProbeAppArmorAnnotationValue) + managers.Annotation().AddAnnotation(v2alpha1.SystemProbeAppArmorAnnotationKey, v2alpha1.SystemProbeAppArmorAnnotationValue) // security context capabilities managers.SecurityContext().AddCapabilitiesToContainer(agent.DefaultCapabilitiesForSystemProbe(), apicommon.SystemProbeContainerName) // procdir volume mount - procdirVol, procdirVolMount := volume.GetVolumes(apicommon.ProcdirVolumeName, apicommon.ProcdirHostPath, apicommon.ProcdirMountPath, true) + procdirVol, procdirVolMount := volume.GetVolumes(v2alpha1.ProcdirVolumeName, v2alpha1.ProcdirHostPath, v2alpha1.ProcdirMountPath, true) managers.Volume().AddVolume(&procdirVol) managers.VolumeMount().AddVolumeMountToContainers(&procdirVolMount, []apicommon.AgentContainerName{apicommon.ProcessAgentContainerName, apicommon.SystemProbeContainerName}) // cgroups volume mount - cgroupsVol, cgroupsVolMount := volume.GetVolumes(apicommon.CgroupsVolumeName, apicommon.CgroupsHostPath, apicommon.CgroupsMountPath, true) + cgroupsVol, cgroupsVolMount := volume.GetVolumes(v2alpha1.CgroupsVolumeName, v2alpha1.CgroupsHostPath, v2alpha1.CgroupsMountPath, true) managers.Volume().AddVolume(&cgroupsVol) managers.VolumeMount().AddVolumeMountToContainers(&cgroupsVolMount, []apicommon.AgentContainerName{apicommon.ProcessAgentContainerName, apicommon.SystemProbeContainerName}) // debugfs volume mount - debugfsVol, debugfsVolMount := volume.GetVolumes(apicommon.DebugfsVolumeName, apicommon.DebugfsPath, apicommon.DebugfsPath, false) + debugfsVol, debugfsVolMount := volume.GetVolumes(v2alpha1.DebugfsVolumeName, v2alpha1.DebugfsPath, v2alpha1.DebugfsPath, false) managers.Volume().AddVolume(&debugfsVol) managers.VolumeMount().AddVolumeMountToContainers(&debugfsVolMount, []apicommon.AgentContainerName{apicommon.ProcessAgentContainerName, apicommon.SystemProbeContainerName}) // socket volume mount (needs write perms for the system probe container but not the others) - socketVol, socketVolMount := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, false) + socketVol, socketVolMount := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, false) managers.Volume().AddVolume(&socketVol) managers.VolumeMount().AddVolumeMountToContainer(&socketVolMount, apicommon.SystemProbeContainerName) - _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, true) + _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, true) managers.VolumeMount().AddVolumeMountToContainers( &socketVolMountReadOnly, []apicommon.AgentContainerName{ @@ -132,38 +132,38 @@ func (f *npmFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi } enableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeNPMEnabled, + Name: DDSystemProbeNPMEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainers(containersForEnvVars, enableEnvVar) sysProbeEnableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeEnabled, + Name: v2alpha1.DDSystemProbeEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainers(containersForEnvVars, sysProbeEnableEnvVar) socketEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, } managers.EnvVar().AddEnvVarToContainers(containersForEnvVars, socketEnvVar) collectDNSStatsEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeCollectDNSStatsEnabled, + Name: DDSystemProbeCollectDNSStatsEnabled, Value: apiutils.BoolToString(&f.collectDNSStats), } managers.EnvVar().AddEnvVarToContainers([]apicommon.AgentContainerName{apicommon.CoreAgentContainerName, apicommon.SystemProbeContainerName}, collectDNSStatsEnvVar) connTrackEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeConntrackEnabled, + Name: DDSystemProbeConntrackEnabled, Value: apiutils.BoolToString(&f.enableConntrack), } managers.EnvVar().AddEnvVarToContainers([]apicommon.AgentContainerName{apicommon.CoreAgentContainerName, apicommon.SystemProbeContainerName}, connTrackEnvVar) // env vars for Process Agent only sysProbeExternalEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeExternal, + Name: v2alpha1.DDSystemProbeExternal, Value: "true", } managers.EnvVar().AddEnvVarToContainer(apicommon.ProcessAgentContainerName, sysProbeExternalEnvVar) diff --git a/internal/controller/datadogagent/feature/npm/feature_test.go b/internal/controller/datadogagent/feature/npm/feature_test.go index d382ef558..afa5ef162 100644 --- a/internal/controller/datadogagent/feature/npm/feature_test.go +++ b/internal/controller/datadogagent/feature/npm/feature_test.go @@ -43,23 +43,23 @@ func Test_npmFeature_Configure(t *testing.T) { // check env vars sysProbeWantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDSystemProbeNPMEnabled, + Name: DDSystemProbeNPMEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeEnabled, + Name: v2alpha1.DDSystemProbeEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, }, { - Name: apicommon.DDSystemProbeCollectDNSStatsEnabled, + Name: DDSystemProbeCollectDNSStatsEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeConntrackEnabled, + Name: DDSystemProbeConntrackEnabled, Value: "false", }, } @@ -72,7 +72,7 @@ func Test_npmFeature_Configure(t *testing.T) { // check annotations wantAnnotations := make(map[string]string) - wantAnnotations[apicommon.SystemProbeAppArmorAnnotationKey] = apicommon.SystemProbeAppArmorAnnotationValue + wantAnnotations[v2alpha1.SystemProbeAppArmorAnnotationKey] = v2alpha1.SystemProbeAppArmorAnnotationValue annotations := mgr.AnnotationMgr.Annotations assert.True(t, apiutils.IsEqualStruct(annotations, wantAnnotations), "Annotations \ndiff = %s", cmp.Diff(annotations, wantAnnotations)) @@ -83,31 +83,31 @@ func Test_npmFeature_Configure(t *testing.T) { // check volume mounts wantVolumeMounts := []corev1.VolumeMount{ { - Name: apicommon.ProcdirVolumeName, - MountPath: apicommon.ProcdirMountPath, + Name: v2alpha1.ProcdirVolumeName, + MountPath: v2alpha1.ProcdirMountPath, ReadOnly: true, }, { - Name: apicommon.CgroupsVolumeName, - MountPath: apicommon.CgroupsMountPath, + Name: v2alpha1.CgroupsVolumeName, + MountPath: v2alpha1.CgroupsMountPath, ReadOnly: true, }, { - Name: apicommon.DebugfsVolumeName, - MountPath: apicommon.DebugfsPath, + Name: v2alpha1.DebugfsVolumeName, + MountPath: v2alpha1.DebugfsPath, ReadOnly: false, }, } wantProcessAgentVolMounts := append(wantVolumeMounts, corev1.VolumeMount{ - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: true, }) wantSystemProbeAgentVolMounts := append(wantVolumeMounts, corev1.VolumeMount{ - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: false, }) @@ -119,8 +119,8 @@ func Test_npmFeature_Configure(t *testing.T) { coreWantVolumeMounts := []corev1.VolumeMount{ { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: true, }, } @@ -130,31 +130,31 @@ func Test_npmFeature_Configure(t *testing.T) { // check volumes wantVolumes := []corev1.Volume{ { - Name: apicommon.ProcdirVolumeName, + Name: v2alpha1.ProcdirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ProcdirHostPath, + Path: v2alpha1.ProcdirHostPath, }, }, }, { - Name: apicommon.CgroupsVolumeName, + Name: v2alpha1.CgroupsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.CgroupsHostPath, + Path: v2alpha1.CgroupsHostPath, }, }, }, { - Name: apicommon.DebugfsVolumeName, + Name: v2alpha1.DebugfsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DebugfsPath, + Path: v2alpha1.DebugfsPath, }, }, }, { - Name: apicommon.SystemProbeSocketVolumeName, + Name: v2alpha1.SystemProbeSocketVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -167,25 +167,25 @@ func Test_npmFeature_Configure(t *testing.T) { // check env vars sysProbeWantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDSystemProbeNPMEnabled, + Name: DDSystemProbeNPMEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeEnabled, + Name: v2alpha1.DDSystemProbeEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, }, } npmFeatureEnvVar := []*corev1.EnvVar{ { - Name: apicommon.DDSystemProbeConntrackEnabled, + Name: DDSystemProbeConntrackEnabled, Value: "false", }, { - Name: apicommon.DDSystemProbeCollectDNSStatsEnabled, + Name: DDSystemProbeCollectDNSStatsEnabled, Value: "false", }, } @@ -194,7 +194,7 @@ func Test_npmFeature_Configure(t *testing.T) { assert.True(t, apiutils.IsEqualStruct(sysProbeWantEnvVarsNPM, sysProbeWantEnvVarsNPM), "System Probe envvars \ndiff = %s", cmp.Diff(systemProbeEnvVars, sysProbeWantEnvVarsNPM)) processWantEnvVars := append(sysProbeWantEnvVars, &corev1.EnvVar{ - Name: apicommon.DDSystemProbeExternal, + Name: v2alpha1.DDSystemProbeExternal, Value: "true", }) diff --git a/internal/controller/datadogagent/feature/oomkill/envvar.go b/internal/controller/datadogagent/feature/oomkill/envvar.go new file mode 100644 index 000000000..1ae71ffd2 --- /dev/null +++ b/internal/controller/datadogagent/feature/oomkill/envvar.go @@ -0,0 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package oomkill + +const DDEnableOOMKillEnvVar = "DD_SYSTEM_PROBE_CONFIG_ENABLE_OOM_KILL" diff --git a/internal/controller/datadogagent/feature/oomkill/feature.go b/internal/controller/datadogagent/feature/oomkill/feature.go index ad8e0ee48..4bf8c71f5 100644 --- a/internal/controller/datadogagent/feature/oomkill/feature.go +++ b/internal/controller/datadogagent/feature/oomkill/feature.go @@ -76,41 +76,41 @@ func (f *oomKillFeature) ManageNodeAgent(managers feature.PodTemplateManagers, p managers.SecurityContext().AddCapabilitiesToContainer(agent.DefaultCapabilitiesForSystemProbe(), apicommon.SystemProbeContainerName) // modules volume mount - modulesVol, modulesVolMount := volume.GetVolumes(apicommon.ModulesVolumeName, apicommon.ModulesVolumePath, apicommon.ModulesVolumePath, true) + modulesVol, modulesVolMount := volume.GetVolumes(v2alpha1.ModulesVolumeName, v2alpha1.ModulesVolumePath, v2alpha1.ModulesVolumePath, true) managers.VolumeMount().AddVolumeMountToContainer(&modulesVolMount, apicommon.SystemProbeContainerName) managers.Volume().AddVolume(&modulesVol) // src volume mount _, providerValue := kubernetes.GetProviderLabelKeyValue(provider) if providerValue != kubernetes.GKECosType { - srcVol, srcVolMount := volume.GetVolumes(apicommon.SrcVolumeName, apicommon.SrcVolumePath, apicommon.SrcVolumePath, true) + srcVol, srcVolMount := volume.GetVolumes(v2alpha1.SrcVolumeName, v2alpha1.SrcVolumePath, v2alpha1.SrcVolumePath, true) managers.VolumeMount().AddVolumeMountToContainer(&srcVolMount, apicommon.SystemProbeContainerName) managers.Volume().AddVolume(&srcVol) } // debugfs volume mount - debugfsVol, debugfsVolMount := volume.GetVolumes(apicommon.DebugfsVolumeName, apicommon.DebugfsPath, apicommon.DebugfsPath, false) + debugfsVol, debugfsVolMount := volume.GetVolumes(v2alpha1.DebugfsVolumeName, v2alpha1.DebugfsPath, v2alpha1.DebugfsPath, false) managers.Volume().AddVolume(&debugfsVol) managers.VolumeMount().AddVolumeMountToContainers(&debugfsVolMount, []apicommon.AgentContainerName{apicommon.ProcessAgentContainerName, apicommon.SystemProbeContainerName}) // socket volume mount (needs write perms for the system probe container but not the others) - socketVol, socketVolMount := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, false) + socketVol, socketVolMount := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, false) managers.Volume().AddVolume(&socketVol) managers.VolumeMount().AddVolumeMountToContainer(&socketVolMount, apicommon.SystemProbeContainerName) - _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, true) + _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, true) managers.VolumeMount().AddVolumeMountToContainer(&socketVolMountReadOnly, apicommon.CoreAgentContainerName) // env vars enableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDEnableOOMKillEnvVar, + Name: DDEnableOOMKillEnvVar, Value: "true", } managers.EnvVar().AddEnvVarToContainers([]apicommon.AgentContainerName{apicommon.CoreAgentContainerName, apicommon.SystemProbeContainerName}, enableEnvVar) managers.EnvVar().AddEnvVarToInitContainer(apicommon.InitConfigContainerName, enableEnvVar) sysProbeEnableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeEnabled, + Name: v2alpha1.DDSystemProbeEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainers( @@ -119,7 +119,7 @@ func (f *oomKillFeature) ManageNodeAgent(managers feature.PodTemplateManagers, p ) socketEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, } managers.EnvVar().AddEnvVarToContainers([]apicommon.AgentContainerName{apicommon.CoreAgentContainerName, apicommon.SystemProbeContainerName}, socketEnvVar) diff --git a/internal/controller/datadogagent/feature/oomkill/feature_test.go b/internal/controller/datadogagent/feature/oomkill/feature_test.go index efa661056..1bf6c9c2d 100644 --- a/internal/controller/datadogagent/feature/oomkill/feature_test.go +++ b/internal/controller/datadogagent/feature/oomkill/feature_test.go @@ -51,31 +51,31 @@ func Test_oomKillFeature_Configure(t *testing.T) { // check volume mounts wantCoreAgentVolMounts := []corev1.VolumeMount{ { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: true, }, } wantSystemProbeVolMounts := []corev1.VolumeMount{ { - Name: apicommon.ModulesVolumeName, - MountPath: apicommon.ModulesVolumePath, + Name: v2alpha1.ModulesVolumeName, + MountPath: v2alpha1.ModulesVolumePath, ReadOnly: true, }, { - Name: apicommon.SrcVolumeName, - MountPath: apicommon.SrcVolumePath, + Name: v2alpha1.SrcVolumeName, + MountPath: v2alpha1.SrcVolumePath, ReadOnly: true, }, { - Name: apicommon.DebugfsVolumeName, - MountPath: apicommon.DebugfsPath, + Name: v2alpha1.DebugfsVolumeName, + MountPath: v2alpha1.DebugfsPath, ReadOnly: false, }, { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: false, }, } @@ -89,31 +89,31 @@ func Test_oomKillFeature_Configure(t *testing.T) { // check volumes wantVolumes := []corev1.Volume{ { - Name: apicommon.ModulesVolumeName, + Name: v2alpha1.ModulesVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ModulesVolumePath, + Path: v2alpha1.ModulesVolumePath, }, }, }, { - Name: apicommon.SrcVolumeName, + Name: v2alpha1.SrcVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.SrcVolumePath, + Path: v2alpha1.SrcVolumePath, }, }, }, { - Name: apicommon.DebugfsVolumeName, + Name: v2alpha1.DebugfsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DebugfsPath, + Path: v2alpha1.DebugfsPath, }, }, }, { - Name: apicommon.SystemProbeSocketVolumeName, + Name: v2alpha1.SystemProbeSocketVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -126,15 +126,15 @@ func Test_oomKillFeature_Configure(t *testing.T) { // check env vars wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDEnableOOMKillEnvVar, + Name: DDEnableOOMKillEnvVar, Value: "true", }, { - Name: apicommon.DDSystemProbeEnabled, + Name: v2alpha1.DDSystemProbeEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, }, } diff --git a/internal/controller/datadogagent/feature/orchestratorexplorer/env.go b/internal/controller/datadogagent/feature/orchestratorexplorer/envvar.go similarity index 56% rename from internal/controller/datadogagent/feature/orchestratorexplorer/env.go rename to internal/controller/datadogagent/feature/orchestratorexplorer/envvar.go index 1aaef527e..4f2531287 100644 --- a/internal/controller/datadogagent/feature/orchestratorexplorer/env.go +++ b/internal/controller/datadogagent/feature/orchestratorexplorer/envvar.go @@ -10,18 +10,25 @@ import ( corev1 "k8s.io/api/core/v1" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" apiutils "github.com/DataDog/datadog-operator/api/utils" ) +const ( + DDOrchestratorExplorerEnabled = "DD_ORCHESTRATOR_EXPLORER_ENABLED" + DDOrchestratorExplorerExtraTags = "DD_ORCHESTRATOR_EXPLORER_EXTRA_TAGS" + DDOrchestratorExplorerDDUrl = "DD_ORCHESTRATOR_EXPLORER_ORCHESTRATOR_DD_URL" + DDOrchestratorExplorerAdditionalEndpoints = "DD_ORCHESTRATOR_ADDITIONAL_ENDPOINTS" + DDOrchestratorExplorerContainerScrubbingEnabled = "DD_ORCHESTRATOR_EXPLORER_CONTAINER_SCRUBBING_ENABLED" +) + func (f *orchestratorExplorerFeature) getEnvVars() []*corev1.EnvVar { envVarsList := []*corev1.EnvVar{ { - Name: apicommon.DDOrchestratorExplorerEnabled, + Name: DDOrchestratorExplorerEnabled, Value: "true", }, { - Name: apicommon.DDOrchestratorExplorerContainerScrubbingEnabled, + Name: DDOrchestratorExplorerContainerScrubbingEnabled, Value: apiutils.BoolToString(&f.scrubContainers), }, } @@ -29,14 +36,14 @@ func (f *orchestratorExplorerFeature) getEnvVars() []*corev1.EnvVar { if len(f.extraTags) > 0 { tags, _ := json.Marshal(f.extraTags) envVarsList = append(envVarsList, &corev1.EnvVar{ - Name: apicommon.DDOrchestratorExplorerExtraTags, + Name: DDOrchestratorExplorerExtraTags, Value: string(tags), }) } if f.ddURL != "" { envVarsList = append(envVarsList, &corev1.EnvVar{ - Name: apicommon.DDOrchestratorExplorerDDUrl, + Name: DDOrchestratorExplorerDDUrl, Value: f.ddURL, }) } diff --git a/internal/controller/datadogagent/feature/orchestratorexplorer/feature.go b/internal/controller/datadogagent/feature/orchestratorexplorer/feature.go index 7a41b10a1..5eabba5ec 100644 --- a/internal/controller/datadogagent/feature/orchestratorexplorer/feature.go +++ b/internal/controller/datadogagent/feature/orchestratorexplorer/feature.go @@ -13,6 +13,7 @@ import ( "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/DataDog/datadog-operator/pkg/utils" @@ -112,19 +113,19 @@ func (f *orchestratorExplorerFeature) Configure(dda *v2alpha1.DatadogAgent) (req } f.customResources = dda.Spec.Features.OrchestratorExplorer.CustomResources - f.configConfigMapName = v2alpha1.GetConfName(dda, f.customConfig, v2alpha1.DefaultOrchestratorExplorerConf) + f.configConfigMapName = constants.GetConfName(dda, f.customConfig, v2alpha1.DefaultOrchestratorExplorerConf) f.scrubContainers = apiutils.BoolValue(orchestratorExplorer.ScrubContainers) f.extraTags = orchestratorExplorer.ExtraTags if orchestratorExplorer.DDUrl != nil { f.ddURL = *orchestratorExplorer.DDUrl } - f.serviceAccountName = v2alpha1.GetClusterAgentServiceAccount(dda) + f.serviceAccountName = constants.GetClusterAgentServiceAccount(dda) - if v2alpha1.IsClusterChecksEnabled(dda) { - if v2alpha1.IsCCREnabled(dda) { + if constants.IsClusterChecksEnabled(dda) { + if constants.IsCCREnabled(dda) { f.runInClusterChecksRunner = true f.rbacSuffix = common.ChecksRunnerSuffix - f.serviceAccountName = v2alpha1.GetClusterChecksRunnerServiceAccount(dda) + f.serviceAccountName = constants.GetClusterChecksRunnerServiceAccount(dda) reqComp.ClusterChecksRunner.IsRequired = apiutils.NewBoolPointer(true) } } @@ -198,7 +199,7 @@ func (f *orchestratorExplorerFeature) ManageClusterAgent(managers feature.PodTem volMount = corev1.VolumeMount{ Name: orchestratorExplorerVolumeName, - MountPath: fmt.Sprintf("%s%s/%s", apicommon.ConfigVolumePath, apicommon.ConfdVolumePath, orchestratorExplorerFolderName), + MountPath: fmt.Sprintf("%s%s/%s", v2alpha1.ConfigVolumePath, v2alpha1.ConfdVolumePath, orchestratorExplorerFolderName), ReadOnly: true, } } diff --git a/internal/controller/datadogagent/feature/orchestratorexplorer/feature_test.go b/internal/controller/datadogagent/feature/orchestratorexplorer/feature_test.go index d86f4a1ce..a822abdf4 100644 --- a/internal/controller/datadogagent/feature/orchestratorexplorer/feature_test.go +++ b/internal/controller/datadogagent/feature/orchestratorexplorer/feature_test.go @@ -11,13 +11,13 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" mergerfake "github.com/DataDog/datadog-operator/internal/controller/datadogagent/merger/fake" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -33,19 +33,19 @@ instances: var expectedOrchestratorEnvsV2 = []*corev1.EnvVar{ { - Name: apicommon.DDOrchestratorExplorerEnabled, + Name: DDOrchestratorExplorerEnabled, Value: "true", }, { - Name: apicommon.DDOrchestratorExplorerContainerScrubbingEnabled, + Name: DDOrchestratorExplorerContainerScrubbingEnabled, Value: "true", }, { - Name: apicommon.DDOrchestratorExplorerExtraTags, + Name: DDOrchestratorExplorerExtraTags, Value: `["a:z","b:y","c:x"]`, }, { - Name: apicommon.DDOrchestratorExplorerDDUrl, + Name: DDOrchestratorExplorerDDUrl, Value: "https://foo.bar", }, } @@ -54,14 +54,14 @@ func Test_orchestratorExplorerFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "orchestrator explorer not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithOrchestratorExplorerEnabled(false). Build(), WantConfigure: false, }, { Name: "orchestrator explorer enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithOrchestratorExplorerEnabled(true). WithOrchestratorExplorerScrubContainers(true). WithOrchestratorExplorerExtraTags([]string{"a:z", "b:y", "c:x"}). @@ -75,7 +75,7 @@ func Test_orchestratorExplorerFeature_Configure(t *testing.T) { }, { Name: "orchestrator explorer enabled and runs on cluster checks runner", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithOrchestratorExplorerEnabled(true). WithOrchestratorExplorerScrubContainers(true). WithOrchestratorExplorerExtraTags([]string{"a:z", "b:y", "c:x"}). @@ -92,7 +92,7 @@ func Test_orchestratorExplorerFeature_Configure(t *testing.T) { }, { Name: "orchestrator explorer enabled on version requiring process agent", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithOrchestratorExplorerEnabled(true). WithOrchestratorExplorerScrubContainers(true). WithOrchestratorExplorerExtraTags([]string{"a:z", "b:y", "c:x"}). @@ -155,7 +155,7 @@ func orchestratorExplorerClusterAgentWantFuncV2() *test.ComponentTest { hash, err := comparison.GenerateMD5ForSpec(&orchExp) assert.NoError(t, err) wantAnnotations := map[string]string{ - fmt.Sprintf(apicommon.MD5ChecksumAnnotationKey, feature.OrchestratorExplorerIDType): hash, + fmt.Sprintf(v2alpha1.MD5ChecksumAnnotationKey, feature.OrchestratorExplorerIDType): hash, } annotations := mgr.AnnotationMgr.Annotations assert.True(t, apiutils.IsEqualStruct(annotations, wantAnnotations), "Annotations \ndiff = %s", cmp.Diff(annotations, wantAnnotations)) diff --git a/internal/controller/datadogagent/feature/otelcollector/configmap_test.go b/internal/controller/datadogagent/feature/otelcollector/configmap_test.go new file mode 100644 index 000000000..2a5c46aad --- /dev/null +++ b/internal/controller/datadogagent/feature/otelcollector/configmap_test.go @@ -0,0 +1,43 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package otelcollector + +import ( + "testing" + + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/otelcollector/defaultconfig" + "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func Test_buildOtelCollectorConfigMap(t *testing.T) { + // check config map + configMapWant := &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "-otel-agent-config", + }, + Data: map[string]string{ + "otel-config.yaml": defaultconfig.DefaultOtelCollectorConfig, + }, + } + + otelCollectorFeature, ok := buildOtelCollectorFeature(&feature.Options{}).(*otelCollectorFeature) + assert.True(t, ok) + + otelCollectorFeature.owner = &metav1.ObjectMeta{ + Name: "-otel-agent-config", + } + otelCollectorFeature.configMapName = "-otel-agent-config" + otelCollectorFeature.customConfig = &v2alpha1.CustomConfig{} + otelCollectorFeature.customConfig.ConfigData = &defaultconfig.DefaultOtelCollectorConfig + + configMap, err := otelCollectorFeature.buildOTelAgentCoreConfigMap() + assert.NoError(t, err) + assert.Equal(t, configMapWant, configMap) +} diff --git a/internal/controller/datadogagent/feature/otelcollector/defaultconfig/defaultconfig.go b/internal/controller/datadogagent/feature/otelcollector/defaultconfig/defaultconfig.go new file mode 100644 index 000000000..5ec9362ee --- /dev/null +++ b/internal/controller/datadogagent/feature/otelcollector/defaultconfig/defaultconfig.go @@ -0,0 +1,49 @@ +// package defaultconfig exposes the otel-agent default config +package defaultconfig + +var DefaultOtelCollectorConfig = ` +receivers: + prometheus: + config: + scrape_configs: + - job_name: "otelcol" + scrape_interval: 10s + static_configs: + - targets: ["0.0.0.0:8888"] + otlp: + protocols: + grpc: + endpoint: 0.0.0.0:4317 + http: + endpoint: 0.0.0.0:4318 +exporters: + debug: + verbosity: detailed + datadog: + api: + key: "" +processors: + infraattributes: + cardinality: 2 + batch: + timeout: 10s +connectors: + datadog/connector: + traces: + compute_top_level_by_span_kind: true + peer_tags_aggregation: true + compute_stats_by_span_kind: true +service: + pipelines: + traces: + receivers: [otlp] + processors: [infraattributes, batch] + exporters: [datadog, datadog/connector] + metrics: + receivers: [otlp, datadog/connector, prometheus] + processors: [infraattributes, batch] + exporters: [datadog] + logs: + receivers: [otlp] + processors: [infraattributes, batch] + exporters: [datadog]` diff --git a/internal/controller/datadogagent/feature/otelcollector/feature.go b/internal/controller/datadogagent/feature/otelcollector/feature.go new file mode 100644 index 000000000..69083073d --- /dev/null +++ b/internal/controller/datadogagent/feature/otelcollector/feature.go @@ -0,0 +1,213 @@ +package otelcollector + +import ( + "strconv" + "strings" + + apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" + apiutils "github.com/DataDog/datadog-operator/api/utils" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/otelcollector/defaultconfig" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/configmap" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/volume" + "github.com/DataDog/datadog-operator/pkg/constants" + "github.com/DataDog/datadog-operator/pkg/kubernetes" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +const ( + otelAgentVolumeName = "otel-agent-config-volume" + otelConfigFileName = "otel-config.yaml" +) + +func init() { + err := feature.Register(feature.OtelAgentIDType, buildOtelCollectorFeature) + if err != nil { + panic(err) + } +} + +func buildOtelCollectorFeature(options *feature.Options) feature.Feature { + return &otelCollectorFeature{} +} + +type otelCollectorFeature struct { + customConfig *v2alpha1.CustomConfig + owner metav1.Object + configMapName string + ports []*corev1.ContainerPort + coreAgentConfig coreAgentConfig +} + +type coreAgentConfig struct { + extension_timeout *int + extension_url *string + enabled *bool +} + +func (o otelCollectorFeature) ID() feature.IDType { + return feature.OtelAgentIDType +} + +func (o *otelCollectorFeature) Configure(dda *v2alpha1.DatadogAgent) feature.RequiredComponents { + o.owner = dda + if dda.Spec.Features.OtelCollector.Conf != nil { + o.customConfig = dda.Spec.Features.OtelCollector.Conf + } + o.configMapName = constants.GetConfName(dda, o.customConfig, v2alpha1.DefaultOTelAgentConf) + + if dda.Spec.Features.OtelCollector.CoreConfig != nil { + o.coreAgentConfig.enabled = dda.Spec.Features.OtelCollector.CoreConfig.Enabled + o.coreAgentConfig.extension_timeout = dda.Spec.Features.OtelCollector.CoreConfig.ExtensionTimeout + o.coreAgentConfig.extension_url = dda.Spec.Features.OtelCollector.CoreConfig.ExtensionURL + } + + if len(dda.Spec.Features.OtelCollector.Ports) == 0 { + o.ports = []*corev1.ContainerPort{ + { + Name: "otel-http", + ContainerPort: 4318, + HostPort: 4318, + Protocol: corev1.ProtocolTCP, + }, + { + Name: "otel-grpc", + ContainerPort: 4317, + HostPort: 4317, + Protocol: corev1.ProtocolTCP, + }, + } + } else { + o.ports = dda.Spec.Features.OtelCollector.Ports + } + + var reqComp feature.RequiredComponents + if apiutils.BoolValue(dda.Spec.Features.OtelCollector.Enabled) { + reqComp = feature.RequiredComponents{ + Agent: feature.RequiredComponent{ + IsRequired: apiutils.NewBoolPointer(true), + Containers: []apicommon.AgentContainerName{ + apicommon.CoreAgentContainerName, + apicommon.OtelAgent, + }, + }, + } + + } + return reqComp +} + +func (o *otelCollectorFeature) buildOTelAgentCoreConfigMap() (*corev1.ConfigMap, error) { + if o.customConfig != nil && o.customConfig.ConfigData != nil { + return configmap.BuildConfigMapConfigData(o.owner.GetNamespace(), o.customConfig.ConfigData, o.configMapName, otelConfigFileName) + } + return nil, nil +} + +func (o otelCollectorFeature) ManageDependencies(managers feature.ResourceManagers, components feature.RequiredComponents) error { + // check if an otel collector config was provided. If not, use default. + if o.customConfig == nil { + o.customConfig = &v2alpha1.CustomConfig{} + } + if o.customConfig.ConfigData == nil && o.customConfig.ConfigMap == nil { + var defaultConfig = defaultconfig.DefaultOtelCollectorConfig + for _, port := range o.ports { + if port.Name == "otel-grpc" { + defaultConfig = strings.Replace(defaultConfig, "4317", strconv.Itoa(int(port.ContainerPort)), 1) + } + if port.Name == "otel-http" { + defaultConfig = strings.Replace(defaultConfig, "4318", strconv.Itoa(int(port.ContainerPort)), 1) + } + } + o.customConfig.ConfigData = &defaultConfig + } + + // create configMap if customConfig is provided + configMap, err := o.buildOTelAgentCoreConfigMap() + if err != nil { + return err + } + + if configMap != nil { + if err := managers.Store().AddOrUpdate(kubernetes.ConfigMapKind, configMap); err != nil { + return err + } + } + return nil +} + +func (o otelCollectorFeature) ManageClusterAgent(managers feature.PodTemplateManagers) error { + return nil +} + +func (o otelCollectorFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { + var vol corev1.Volume + if o.customConfig != nil && o.customConfig.ConfigMap != nil { + // Custom config is referenced via ConfigMap + vol = volume.GetVolumeFromConfigMap( + o.customConfig.ConfigMap, + o.configMapName, + otelAgentVolumeName, + ) + } else { + // Otherwise, configMap was created in ManageDependencies (whether from CustomConfig.ConfigData or using defaults, so mount default volume) + vol = volume.GetBasicVolume(o.configMapName, otelAgentVolumeName) + } + + // create volume + managers.Volume().AddVolume(&vol) + + // [investigation needed]: When the user provides a custom config map, the file name *must be* otel-config.yaml. If we choose to allow + // any file name, we would need to update both the volume mount here, as well as the otel-agent container command. I haven't seen this + // done for other containers, which is why I think it's acceptable to force users to use the `otel-config.yaml` name. + volMount := volume.GetVolumeMountWithSubPath(otelAgentVolumeName, v2alpha1.ConfigVolumePath+"/"+otelConfigFileName, otelConfigFileName) + managers.VolumeMount().AddVolumeMountToContainer(&volMount, apicommon.OtelAgent) + + // add ports + for _, port := range o.ports { + // bind container port to host port. + port.HostPort = port.ContainerPort + managers.Port().AddPortToContainer(apicommon.OtelAgent, port) + } + + var enableEnvVar *corev1.EnvVar + if o.coreAgentConfig.enabled != nil { + if *o.coreAgentConfig.enabled { + // only need to set env var if true, as it will default to false. + enableEnvVar = &corev1.EnvVar{ + Name: v2alpha1.DDOtelCollectorCoreConfigEnabled, + Value: apiutils.BoolToString(o.coreAgentConfig.enabled), + } + managers.EnvVar().AddEnvVarToContainers([]apicommon.AgentContainerName{apicommon.CoreAgentContainerName}, enableEnvVar) + } + } else { + managers.EnvVar().AddEnvVarToContainers([]apicommon.AgentContainerName{apicommon.CoreAgentContainerName}, &corev1.EnvVar{ + Name: v2alpha1.DDOtelCollectorCoreConfigEnabled, + Value: "true", + }) + } + + if o.coreAgentConfig.extension_timeout != nil { + managers.EnvVar().AddEnvVarToContainers([]apicommon.AgentContainerName{apicommon.CoreAgentContainerName}, &corev1.EnvVar{ + Name: v2alpha1.DDOtelCollectorCoreConfigExtensionTimeout, + Value: strconv.Itoa(*o.coreAgentConfig.extension_timeout), + }) + } + if o.coreAgentConfig.extension_url != nil { + managers.EnvVar().AddEnvVarToContainers([]apicommon.AgentContainerName{apicommon.CoreAgentContainerName}, &corev1.EnvVar{ + Name: v2alpha1.DDOtelCollectorCoreConfigExtensionURL, + Value: *o.coreAgentConfig.extension_url, + }) + } + return nil +} + +func (o otelCollectorFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { + return nil +} + +func (o otelCollectorFeature) ManageClusterChecksRunner(managers feature.PodTemplateManagers) error { + return nil +} diff --git a/internal/controller/datadogagent/feature/otelcollector/feature_test.go b/internal/controller/datadogagent/feature/otelcollector/feature_test.go new file mode 100644 index 000000000..5f8c39d62 --- /dev/null +++ b/internal/controller/datadogagent/feature/otelcollector/feature_test.go @@ -0,0 +1,322 @@ +package otelcollector + +import ( + "strings" + "testing" + + apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" + apiutils "github.com/DataDog/datadog-operator/api/utils" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/otelcollector/defaultconfig" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/store" + "github.com/DataDog/datadog-operator/pkg/kubernetes" + "github.com/DataDog/datadog-operator/pkg/testutils" + + "github.com/google/go-cmp/cmp" + "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" +) + +type expectedPorts struct { + httpPort int32 + grpcPort int32 +} + +type expectedEnvVars struct { + enabled expectedEnvVar + extension_timeout expectedEnvVar + extension_url expectedEnvVar +} + +type expectedEnvVar struct { + present bool + value string +} + +var ( + defaultExpectedPorts = expectedPorts{ + httpPort: 4318, + grpcPort: 4317, + } + defaultLocalObjectReferenceName = "-otel-agent-config" + defaultExpectedEnvVars = expectedEnvVars{ + enabled: expectedEnvVar{ + present: true, + value: "true", + }, + extension_timeout: expectedEnvVar{}, + extension_url: expectedEnvVar{}, + } +) + +func Test_otelCollectorFeature_Configure(t *testing.T) { + tests := test.FeatureTestSuite{ + // disabled + { + Name: "otel agent disabled without config", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(false). + Build(), + WantConfigure: false, + }, + { + Name: "otel agent disabled with config", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(false). + WithOTelCollectorConfig(). + Build(), + WantConfigure: false, + }, + // enabled + { + Name: "otel agent enabled with config", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(true). + WithOTelCollectorConfig(). + Build(), + WantConfigure: true, + WantDependenciesFunc: testExpectedDepsCreatedCM, + Agent: testExpectedAgent(apicommon.OtelAgent, defaultExpectedPorts, defaultLocalObjectReferenceName, defaultExpectedEnvVars), + }, + { + Name: "otel agent enabled with configMap", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(true). + WithOTelCollectorConfigMap(). + Build(), + WantConfigure: true, + WantDependenciesFunc: testExpectedDepsCreatedCM, + Agent: testExpectedAgent(apicommon.OtelAgent, defaultExpectedPorts, "user-provided-config-map", defaultExpectedEnvVars), + }, + { + Name: "otel agent enabled without config", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(true). + Build(), + WantConfigure: true, + WantDependenciesFunc: testExpectedDepsCreatedCM, + Agent: testExpectedAgent(apicommon.OtelAgent, defaultExpectedPorts, defaultLocalObjectReferenceName, defaultExpectedEnvVars), + }, + { + Name: "otel agent enabled without config non default ports", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(true). + WithOTelCollectorPorts(4444, 5555). + Build(), + WantConfigure: true, + WantDependenciesFunc: testExpectedDepsCreatedCM, + Agent: testExpectedAgent(apicommon.OtelAgent, expectedPorts{ + grpcPort: 4444, + httpPort: 5555, + }, + defaultLocalObjectReferenceName, + defaultExpectedEnvVars, + ), + }, + // coreconfig + { + Name: "otel agent coreconfig enabled", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(true). + WithOTelCollectorCoreConfigEnabled(true). + Build(), + WantConfigure: true, + WantDependenciesFunc: testExpectedDepsCreatedCM, + Agent: testExpectedAgent(apicommon.OtelAgent, defaultExpectedPorts, defaultLocalObjectReferenceName, defaultExpectedEnvVars), + }, + { + Name: "otel agent coreconfig disabled", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(true). + WithOTelCollectorCoreConfigEnabled(false). + Build(), + WantConfigure: true, + WantDependenciesFunc: testExpectedDepsCreatedCM, + Agent: testExpectedAgent(apicommon.OtelAgent, defaultExpectedPorts, defaultLocalObjectReferenceName, expectedEnvVars{}), + }, + { + Name: "otel agent coreconfig extensionTimeout", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(true). + WithOTelCollectorCoreConfigEnabled(false). + WithOTelCollectorCoreConfigExtensionTimeout(13). + Build(), + WantConfigure: true, + WantDependenciesFunc: testExpectedDepsCreatedCM, + Agent: testExpectedAgent(apicommon.OtelAgent, defaultExpectedPorts, defaultLocalObjectReferenceName, expectedEnvVars{ + extension_timeout: expectedEnvVar{ + present: true, + value: "13", + }, + }), + }, + { + Name: "otel agent coreconfig extensionURL", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(true). + WithOTelCollectorCoreConfigEnabled(false). + WithOTelCollectorCoreConfigExtensionURL("https://localhost:1234"). + Build(), + WantConfigure: true, + WantDependenciesFunc: testExpectedDepsCreatedCM, + Agent: testExpectedAgent(apicommon.OtelAgent, defaultExpectedPorts, defaultLocalObjectReferenceName, expectedEnvVars{ + extension_url: expectedEnvVar{ + present: true, + value: "https://localhost:1234", + }, + }), + }, + { + Name: "otel agent coreconfig all env vars", + DDA: testutils.NewDatadogAgentBuilder(). + WithOTelCollectorEnabled(true). + WithOTelCollectorCoreConfigEnabled(true). + WithOTelCollectorCoreConfigExtensionTimeout(13). + WithOTelCollectorCoreConfigExtensionURL("https://localhost:1234"). + Build(), + WantConfigure: true, + WantDependenciesFunc: testExpectedDepsCreatedCM, + Agent: testExpectedAgent(apicommon.OtelAgent, defaultExpectedPorts, defaultLocalObjectReferenceName, expectedEnvVars{ + extension_url: expectedEnvVar{ + present: true, + value: "https://localhost:1234", + }, + extension_timeout: expectedEnvVar{ + present: true, + value: "13", + }, + enabled: expectedEnvVar{ + present: true, + value: "true", + }, + }), + }, + } + tests.Run(t, buildOtelCollectorFeature) +} + +func testExpectedAgent(agentContainerName apicommon.AgentContainerName, expectedPorts expectedPorts, localObjectReferenceName string, expectedEnvVars expectedEnvVars) *test.ComponentTest { + return test.NewDefaultComponentTest().WithWantFunc( + func(t testing.TB, mgrInterface feature.PodTemplateManagers) { + mgr := mgrInterface.(*fake.PodTemplateManagers) + // check volume mounts + wantVolumeMounts := []corev1.VolumeMount{ + { + Name: otelAgentVolumeName, + MountPath: v2alpha1.ConfigVolumePath + "/" + otelConfigFileName, + SubPath: otelConfigFileName, + ReadOnly: true, + }, + } + + agentMounts := mgr.VolumeMountMgr.VolumeMountsByC[agentContainerName] + assert.True(t, apiutils.IsEqualStruct(agentMounts, wantVolumeMounts), "%s volume mounts \ndiff = %s", agentContainerName, cmp.Diff(agentMounts, wantVolumeMounts)) + + // check volumes "otel-agent-config" + wantVolumes := []corev1.Volume{ + { + Name: otelAgentVolumeName, + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: localObjectReferenceName, + }, + }, + }, + }, + } + + volumes := mgr.VolumeMgr.Volumes + assert.True(t, apiutils.IsEqualStruct(volumes, wantVolumes), "Volumes \ndiff = %s", cmp.Diff(volumes, wantVolumes)) + + // check ports + wantPorts := []*corev1.ContainerPort{ + { + Name: "otel-http", + ContainerPort: expectedPorts.httpPort, + HostPort: expectedPorts.httpPort, + Protocol: corev1.ProtocolTCP, + }, + { + Name: "otel-grpc", + ContainerPort: expectedPorts.grpcPort, + HostPort: expectedPorts.grpcPort, + Protocol: corev1.ProtocolTCP, + }, + } + + ports := mgr.PortMgr.PortsByC[agentContainerName] + assert.Equal(t, wantPorts, ports) + + // check env vars + wantEnvVars := []*corev1.EnvVar{} + + if expectedEnvVars.enabled.present { + wantEnvVars = append(wantEnvVars, &corev1.EnvVar{ + Name: v2alpha1.DDOtelCollectorCoreConfigEnabled, + Value: expectedEnvVars.enabled.value, + }) + } + + if expectedEnvVars.extension_timeout.present { + wantEnvVars = append(wantEnvVars, &corev1.EnvVar{ + Name: v2alpha1.DDOtelCollectorCoreConfigExtensionTimeout, + Value: expectedEnvVars.extension_timeout.value, + }) + } + + if expectedEnvVars.extension_url.present { + wantEnvVars = append(wantEnvVars, &corev1.EnvVar{ + Name: v2alpha1.DDOtelCollectorCoreConfigExtensionURL, + Value: expectedEnvVars.extension_url.value, + }) + } + + if len(wantEnvVars) == 0 { + wantEnvVars = nil + } + + agentEnvVars := mgr.EnvVarMgr.EnvVarsByC[apicommon.CoreAgentContainerName] + assert.True(t, apiutils.IsEqualStruct(agentEnvVars, wantEnvVars), "Agent envvars \ndiff = %s", cmp.Diff(agentEnvVars, wantEnvVars)) + + }, + ) +} + +func testExpectedDepsCreatedCM(t testing.TB, store store.StoreClient) { + // hacky to need to hardcode test name but unaware of a better approach that doesn't require + // modifying WantDependenciesFunc definition. + if t.Name() == "Test_otelCollectorFeature_Configure/otel_agent_enabled_with_configMap" { + // configMap is provided by user, no need to create it. + _, found := store.Get(kubernetes.ConfigMapKind, "", "-otel-agent-config") + assert.False(t, found) + return + } + configMapObject, found := store.Get(kubernetes.ConfigMapKind, "", "-otel-agent-config") + assert.True(t, found) + + configMap := configMapObject.(*corev1.ConfigMap) + expectedCM := map[string]string{ + "otel-config.yaml": defaultconfig.DefaultOtelCollectorConfig} + + // validate that default ports were overriden by user provided ports in default config. hacky to need to + // hardcode test name but unaware of a better approach that doesn't require modifying WantDependenciesFunc definition. + if t.Name() == "Test_otelCollectorFeature_Configure/otel_agent_enabled_without_config_non_default_ports" { + expectedCM["otel-config.yaml"] = strings.Replace(expectedCM["otel-config.yaml"], "4317", "4444", 1) + expectedCM["otel-config.yaml"] = strings.Replace(expectedCM["otel-config.yaml"], "4318", "5555", 1) + assert.True( + t, + apiutils.IsEqualStruct(configMap.Data, expectedCM), + "ConfigMap \ndiff = %s", cmp.Diff(configMap.Data, expectedCM), + ) + return + } + assert.True( + t, + apiutils.IsEqualStruct(configMap.Data, expectedCM), + "ConfigMap \ndiff = %s", cmp.Diff(configMap.Data, expectedCM), + ) +} diff --git a/internal/controller/datadogagent/feature/otlp/envvar.go b/internal/controller/datadogagent/feature/otlp/envvar.go new file mode 100644 index 000000000..abb1ab7dd --- /dev/null +++ b/internal/controller/datadogagent/feature/otlp/envvar.go @@ -0,0 +1,11 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2022-present Datadog, Inc. + +package otlp + +const ( + DDOTLPgRPCEndpoint = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_GRPC_ENDPOINT" + DDOTLPHTTPEndpoint = "DD_OTLP_CONFIG_RECEIVER_PROTOCOLS_HTTP_ENDPOINT" +) diff --git a/internal/controller/datadogagent/feature/otlp/feature.go b/internal/controller/datadogagent/feature/otlp/feature.go index a725c8660..266b66464 100644 --- a/internal/controller/datadogagent/feature/otlp/feature.go +++ b/internal/controller/datadogagent/feature/otlp/feature.go @@ -19,6 +19,7 @@ import ( "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/pkg/cilium/v1" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/go-logr/logr" apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" @@ -111,7 +112,7 @@ func (f *otlpFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp feature.Req if dda.Spec.Global.LocalService != nil { f.forceEnableLocalService = apiutils.BoolValue(dda.Spec.Global.LocalService.ForceEnableLocalService) } - f.localServiceName = v2alpha1.GetLocalAgentServiceName(dda) + f.localServiceName = constants.GetLocalAgentServiceName(dda) if f.grpcEnabled || f.httpEnabled { reqComp = feature.RequiredComponents{ @@ -128,7 +129,7 @@ func (f *otlpFeature) Configure(dda *v2alpha1.DatadogAgent) (reqComp feature.Req } } if f.grpcEnabled || f.httpEnabled { - if enabled, flavor := v2alpha1.IsNetworkPolicyEnabled(dda); enabled { + if enabled, flavor := constants.IsNetworkPolicyEnabled(dda); enabled { if flavor == v2alpha1.NetworkPolicyFlavorCilium { f.createCiliumNetworkPolicy = true } else { @@ -370,7 +371,7 @@ func (f *otlpFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplat } } envVar := &corev1.EnvVar{ - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: f.grpcEndpoint, } managers.Port().AddPortToContainer(apicommon.UnprivilegedSingleAgentContainerName, otlpgrpcPort) @@ -395,7 +396,7 @@ func (f *otlpFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplat } } envVar := &corev1.EnvVar{ - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: f.httpEndpoint, } managers.Port().AddPortToContainer(apicommon.UnprivilegedSingleAgentContainerName, otlphttpPort) @@ -430,7 +431,7 @@ func (f *otlpFeature) ManageNodeAgent(managers feature.PodTemplateManagers, prov } } envVar := &corev1.EnvVar{ - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: f.grpcEndpoint, } managers.Port().AddPortToContainer(apicommon.CoreAgentContainerName, otlpgrpcPort) @@ -458,7 +459,7 @@ func (f *otlpFeature) ManageNodeAgent(managers feature.PodTemplateManagers, prov } } envVar := &corev1.EnvVar{ - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: f.httpEndpoint, } managers.Port().AddPortToContainer(apicommon.CoreAgentContainerName, otlphttpPort) diff --git a/internal/controller/datadogagent/feature/otlp/feature_test.go b/internal/controller/datadogagent/feature/otlp/feature_test.go index 32e4b6698..7ef81d9bf 100644 --- a/internal/controller/datadogagent/feature/otlp/feature_test.go +++ b/internal/controller/datadogagent/feature/otlp/feature_test.go @@ -10,11 +10,11 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -40,11 +40,11 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpected(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: "0.0.0.0:4317", }, { - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: "0.0.0.0:4318", }, }, @@ -80,11 +80,11 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpectedSingleContainer(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: "0.0.0.0:4317", }, { - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: "0.0.0.0:4318", }, }, @@ -120,11 +120,11 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpected(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: "0.0.0.0:4317", }, { - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: "0.0.0.0:4318", }, }, @@ -158,11 +158,11 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpectedSingleContainer(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: "0.0.0.0:4317", }, { - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: "0.0.0.0:4318", }, }, @@ -198,11 +198,11 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpected(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: "0.0.0.0:4317", }, { - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: "0.0.0.0:4318", }, }, @@ -240,11 +240,11 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpectedSingleContainer(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: "0.0.0.0:4317", }, { - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: "0.0.0.0:4318", }, }, @@ -277,7 +277,7 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpected(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: "0.0.0.0:4317", }, }, @@ -303,7 +303,7 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpectedSingleContainer(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPgRPCEndpoint, + Name: DDOTLPgRPCEndpoint, Value: "0.0.0.0:4317", }, }, @@ -330,7 +330,7 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpected(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: "somehostname:4318", }, }, @@ -358,7 +358,7 @@ func TestOTLPFeature(t *testing.T) { Agent: testExpectedSingleContainer(Expected{ EnvVars: []*corev1.EnvVar{ { - Name: apicommon.DDOTLPHTTPEndpoint, + Name: DDOTLPHTTPEndpoint, Value: "somehostname:4318", }, }, @@ -392,7 +392,7 @@ type Settings struct { } func newAgent(set Settings) *v2alpha1.DatadogAgent { - return v2alpha1test.NewDatadogAgentBuilder(). + return testutils.NewDatadogAgentBuilder(). WithOTLPGRPCSettings(set.EnabledGRPC, set.EnabledGRPCHostPort, set.CustomGRPCHostPort, set.EndpointGRPC). WithOTLPHTTPSettings(set.EnabledHTTP, set.EnabledHTTPHostPort, set.CustomHTTPHostPort, set.EndpointHTTP). WithAPMEnabled(set.APM). @@ -400,7 +400,7 @@ func newAgent(set Settings) *v2alpha1.DatadogAgent { } func newAgentSingleContainer(set Settings) *v2alpha1.DatadogAgent { - return v2alpha1test.NewDatadogAgentBuilder(). + return testutils.NewDatadogAgentBuilder(). WithOTLPGRPCSettings(set.EnabledGRPC, set.EnabledGRPCHostPort, set.CustomGRPCHostPort, set.EndpointGRPC). WithOTLPHTTPSettings(set.EnabledHTTP, set.EnabledHTTPHostPort, set.CustomHTTPHostPort, set.EndpointHTTP). WithAPMEnabled(set.APM). diff --git a/internal/controller/datadogagent/feature/processdiscovery/envvar.go b/internal/controller/datadogagent/feature/processdiscovery/envvar.go new file mode 100644 index 000000000..404a7a0b1 --- /dev/null +++ b/internal/controller/datadogagent/feature/processdiscovery/envvar.go @@ -0,0 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package processdiscovery + +const DDProcessDiscoveryEnabled = "DD_PROCESS_CONFIG_PROCESS_DISCOVERY_ENABLED" diff --git a/internal/controller/datadogagent/feature/processdiscovery/feature.go b/internal/controller/datadogagent/feature/processdiscovery/feature.go index 38bce2fe9..03be9ed02 100644 --- a/internal/controller/datadogagent/feature/processdiscovery/feature.go +++ b/internal/controller/datadogagent/feature/processdiscovery/feature.go @@ -1,3 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + package processdiscovery import ( @@ -64,7 +69,7 @@ func (p processDiscoveryFeature) ManageClusterAgent(managers feature.PodTemplate func (p processDiscoveryFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { // Always add this envvar to Core and Process containers runInCoreAgentEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: apiutils.BoolToString(&p.runInCoreAgent), } managers.EnvVar().AddEnvVarToContainer(apicommon.ProcessAgentContainerName, runInCoreAgentEnvVar) @@ -80,7 +85,7 @@ func (p processDiscoveryFeature) ManageNodeAgent(managers feature.PodTemplateMan func (p processDiscoveryFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateManagers, provider string) error { runInCoreAgentEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: apiutils.BoolToString(&p.runInCoreAgent), } managers.EnvVar().AddEnvVarToContainer(apicommon.UnprivilegedSingleAgentContainerName, runInCoreAgentEnvVar) @@ -90,22 +95,22 @@ func (p processDiscoveryFeature) ManageSingleContainerNodeAgent(managers feature func (p processDiscoveryFeature) manageNodeAgent(agentContainerName apicommon.AgentContainerName, managers feature.PodTemplateManagers, provider string) error { // passwd volume mount - passwdVol, passwdVolMount := volume.GetVolumes(apicommon.PasswdVolumeName, apicommon.PasswdHostPath, apicommon.PasswdMountPath, true) + passwdVol, passwdVolMount := volume.GetVolumes(v2alpha1.PasswdVolumeName, v2alpha1.PasswdHostPath, v2alpha1.PasswdMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&passwdVolMount, agentContainerName) managers.Volume().AddVolume(&passwdVol) // cgroups volume mount - cgroupsVol, cgroupsVolMount := volume.GetVolumes(apicommon.CgroupsVolumeName, apicommon.CgroupsHostPath, apicommon.CgroupsMountPath, true) + cgroupsVol, cgroupsVolMount := volume.GetVolumes(v2alpha1.CgroupsVolumeName, v2alpha1.CgroupsHostPath, v2alpha1.CgroupsMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&cgroupsVolMount, agentContainerName) managers.Volume().AddVolume(&cgroupsVol) // procdir volume mount - procdirVol, procdirVolMount := volume.GetVolumes(apicommon.ProcdirVolumeName, apicommon.ProcdirHostPath, apicommon.ProcdirMountPath, true) + procdirVol, procdirVolMount := volume.GetVolumes(v2alpha1.ProcdirVolumeName, v2alpha1.ProcdirHostPath, v2alpha1.ProcdirMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&procdirVolMount, agentContainerName) managers.Volume().AddVolume(&procdirVol) enableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDProcessDiscoveryEnabled, + Name: DDProcessDiscoveryEnabled, Value: "true", } diff --git a/internal/controller/datadogagent/feature/processdiscovery/feature_test.go b/internal/controller/datadogagent/feature/processdiscovery/feature_test.go index 2363d5a4e..6217bd29b 100644 --- a/internal/controller/datadogagent/feature/processdiscovery/feature_test.go +++ b/internal/controller/datadogagent/feature/processdiscovery/feature_test.go @@ -1,3 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + package processdiscovery import ( @@ -5,12 +10,12 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" "github.com/DataDog/datadog-operator/api/utils" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -21,7 +26,7 @@ func Test_processDiscoveryFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "process discovery enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithProcessDiscoveryEnabled(true). Build(), WantConfigure: true, @@ -29,21 +34,21 @@ func Test_processDiscoveryFeature_Configure(t *testing.T) { }, { Name: "process discovery disabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithProcessDiscoveryEnabled(false). Build(), WantConfigure: false, }, { Name: "process discovery config missing", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). Build(), WantConfigure: true, Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false), }, { Name: "process discovery enabled in core agent via env vars", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithProcessDiscoveryEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -58,7 +63,7 @@ func Test_processDiscoveryFeature_Configure(t *testing.T) { }, { Name: "process discovery enabled in core agent via spec", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithProcessDiscoveryEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -73,7 +78,7 @@ func Test_processDiscoveryFeature_Configure(t *testing.T) { }, { Name: "process discovery enabled in core agent via spec without min version", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithProcessDiscoveryEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -88,7 +93,7 @@ func Test_processDiscoveryFeature_Configure(t *testing.T) { }, { Name: "process discovery disabled in core agent via env var override", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithProcessDiscoveryEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, @@ -104,7 +109,7 @@ func Test_processDiscoveryFeature_Configure(t *testing.T) { }, { Name: "process discovery enabled on single container", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithProcessDiscoveryEnabled(true). WithSingleContainerStrategy(true). Build(), @@ -123,18 +128,18 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor // check volume mounts wantVolumeMounts := []corev1.VolumeMount{ { - Name: apicommon.PasswdVolumeName, - MountPath: apicommon.PasswdMountPath, + Name: v2alpha1.PasswdVolumeName, + MountPath: v2alpha1.PasswdMountPath, ReadOnly: true, }, { - Name: apicommon.CgroupsVolumeName, - MountPath: apicommon.CgroupsMountPath, + Name: v2alpha1.CgroupsVolumeName, + MountPath: v2alpha1.CgroupsMountPath, ReadOnly: true, }, { - Name: apicommon.ProcdirVolumeName, - MountPath: apicommon.ProcdirMountPath, + Name: v2alpha1.ProcdirVolumeName, + MountPath: v2alpha1.ProcdirMountPath, ReadOnly: true, }, } @@ -145,26 +150,26 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor // check volumes wantVolumes := []corev1.Volume{ { - Name: apicommon.PasswdVolumeName, + Name: v2alpha1.PasswdVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.PasswdHostPath, + Path: v2alpha1.PasswdHostPath, }, }, }, { - Name: apicommon.CgroupsVolumeName, + Name: v2alpha1.CgroupsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.CgroupsHostPath, + Path: v2alpha1.CgroupsHostPath, }, }, }, { - Name: apicommon.ProcdirVolumeName, + Name: v2alpha1.ProcdirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ProcdirHostPath, + Path: v2alpha1.ProcdirHostPath, }, }, }, @@ -176,11 +181,11 @@ func testExpectedAgent(agentContainerName apicommon.AgentContainerName, runInCor // check env vars wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDProcessConfigRunInCoreAgent, + Name: v2alpha1.DDProcessConfigRunInCoreAgent, Value: utils.BoolToString(&runInCoreAgent), }, { - Name: apicommon.DDProcessDiscoveryEnabled, + Name: DDProcessDiscoveryEnabled, Value: "true", }, } diff --git a/internal/controller/datadogagent/feature/prometheusscrape/envvar.go b/internal/controller/datadogagent/feature/prometheusscrape/envvar.go new file mode 100644 index 000000000..d0bcf3c97 --- /dev/null +++ b/internal/controller/datadogagent/feature/prometheusscrape/envvar.go @@ -0,0 +1,13 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package prometheusscrape + +const ( + DDPrometheusScrapeChecks = "DD_PROMETHEUS_SCRAPE_CHECKS" + DDPrometheusScrapeEnabled = "DD_PROMETHEUS_SCRAPE_ENABLED" + DDPrometheusScrapeServiceEndpoints = "DD_PROMETHEUS_SCRAPE_SERVICE_ENDPOINTS" + DDPrometheusScrapeVersion = "DD_PROMETHEUS_SCRAPE_VERSION" +) diff --git a/internal/controller/datadogagent/feature/prometheusscrape/feature.go b/internal/controller/datadogagent/feature/prometheusscrape/feature.go index 26ea8ab64..3a9390270 100644 --- a/internal/controller/datadogagent/feature/prometheusscrape/feature.go +++ b/internal/controller/datadogagent/feature/prometheusscrape/feature.go @@ -86,22 +86,22 @@ func (f *prometheusScrapeFeature) ManageDependencies(managers feature.ResourceMa // It should do nothing if the feature doesn't need to configure it. func (f *prometheusScrapeFeature) ManageClusterAgent(managers feature.PodTemplateManagers) error { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: strconv.FormatBool(f.enableServiceEndpoints), }) if f.additionalConfigs != "" { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDPrometheusScrapeChecks, + Name: DDPrometheusScrapeChecks, Value: apiutils.YAMLToJSONString(f.additionalConfigs), }) } if f.openmetricsVersion != 0 { managers.EnvVar().AddEnvVarToContainer(apicommon.ClusterAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDPrometheusScrapeVersion, + Name: DDPrometheusScrapeVersion, Value: strconv.Itoa(f.openmetricsVersion), }) } @@ -126,22 +126,22 @@ func (f *prometheusScrapeFeature) ManageNodeAgent(managers feature.PodTemplateMa func (f *prometheusScrapeFeature) manageNodeAgent(agentContainerName apicommon.AgentContainerName, managers feature.PodTemplateManagers, provider string) error { managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }) managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: strconv.FormatBool(f.enableServiceEndpoints), }) if f.additionalConfigs != "" { managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDPrometheusScrapeChecks, + Name: DDPrometheusScrapeChecks, Value: apiutils.YAMLToJSONString(f.additionalConfigs), }) } if f.openmetricsVersion != 0 { managers.EnvVar().AddEnvVarToContainer(agentContainerName, &corev1.EnvVar{ - Name: apicommon.DDPrometheusScrapeVersion, + Name: DDPrometheusScrapeVersion, Value: strconv.Itoa(f.openmetricsVersion), }) } diff --git a/internal/controller/datadogagent/feature/prometheusscrape/feature_test.go b/internal/controller/datadogagent/feature/prometheusscrape/feature_test.go index 2c5533b60..694ba7411 100644 --- a/internal/controller/datadogagent/feature/prometheusscrape/feature_test.go +++ b/internal/controller/datadogagent/feature/prometheusscrape/feature_test.go @@ -9,11 +9,11 @@ import ( "testing" apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -39,14 +39,14 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "Prometheus scrape not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithPrometheusScrapeEnabled(false). Build(), WantConfigure: false, }, { Name: "Prometheus scrape enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithPrometheusScrapeEnabled(true). Build(), WantConfigure: true, @@ -54,11 +54,11 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }, { - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: "false", }, } @@ -69,11 +69,11 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }, { - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: "false", }, } @@ -83,7 +83,7 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { }, { Name: "Prometheus scrape service endpoints enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithPrometheusScrapeEnabled(true). WithPrometheusScrapeServiceEndpoints(true). Build(), @@ -92,11 +92,11 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }, { - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: "true", }, } @@ -107,11 +107,11 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }, { - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: "true", }, } @@ -121,7 +121,7 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { }, { Name: "Prometheus scrape additional configs", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithPrometheusScrapeEnabled(true). WithPrometheusScrapeAdditionalConfigs(yamlConfigs). Build(), @@ -130,15 +130,15 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }, { - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: "false", }, { - Name: apicommon.DDPrometheusScrapeChecks, + Name: DDPrometheusScrapeChecks, Value: jsonConfigs, }, } @@ -149,15 +149,15 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }, { - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: "false", }, { - Name: apicommon.DDPrometheusScrapeChecks, + Name: DDPrometheusScrapeChecks, Value: jsonConfigs, }, } @@ -167,7 +167,7 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { }, { Name: "version specified", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithPrometheusScrapeEnabled(true). WithPrometheusScrapeVersion(1). Build(), @@ -176,15 +176,15 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }, { - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: "false", }, { - Name: apicommon.DDPrometheusScrapeVersion, + Name: DDPrometheusScrapeVersion, Value: "1", }, } @@ -195,15 +195,15 @@ func Test_prometheusScrapeFeature_Configure(t *testing.T) { func(t testing.TB, mgrInterface feature.PodTemplateManagers) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDPrometheusScrapeEnabled, + Name: DDPrometheusScrapeEnabled, Value: "true", }, { - Name: apicommon.DDPrometheusScrapeServiceEndpoints, + Name: DDPrometheusScrapeServiceEndpoints, Value: "false", }, { - Name: apicommon.DDPrometheusScrapeVersion, + Name: DDPrometheusScrapeVersion, Value: "1", }, } diff --git a/internal/controller/datadogagent/feature/remoteconfig/envvar.go b/internal/controller/datadogagent/feature/remoteconfig/envvar.go new file mode 100644 index 000000000..c867ced86 --- /dev/null +++ b/internal/controller/datadogagent/feature/remoteconfig/envvar.go @@ -0,0 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package remoteconfig + +const DDRemoteConfigurationEnabled = "DD_REMOTE_CONFIGURATION_ENABLED" diff --git a/internal/controller/datadogagent/feature/remoteconfig/feature.go b/internal/controller/datadogagent/feature/remoteconfig/feature.go index ae1229007..c86470bea 100644 --- a/internal/controller/datadogagent/feature/remoteconfig/feature.go +++ b/internal/controller/datadogagent/feature/remoteconfig/feature.go @@ -102,7 +102,7 @@ func (f *rcFeature) ManageDependencies(managers feature.ResourceManagers, compon // It should do nothing if the feature doesn't need to configure it. func (f *rcFeature) ManageClusterAgent(managers feature.PodTemplateManagers) error { enabledEnvVar := &corev1.EnvVar{ - Name: apicommon.DDRemoteConfigurationEnabled, + Name: DDRemoteConfigurationEnabled, Value: apiutils.BoolToString(&f.enabled), } managers.EnvVar().AddEnvVar(enabledEnvVar) @@ -129,7 +129,7 @@ func (f *rcFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplateM // It should do nothing if the feature doesn't need to configure it. func (f *rcFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { enabledEnvVar := &corev1.EnvVar{ - Name: apicommon.DDRemoteConfigurationEnabled, + Name: DDRemoteConfigurationEnabled, Value: apiutils.BoolToString(&f.enabled), } managers.EnvVar().AddEnvVar(enabledEnvVar) diff --git a/internal/controller/datadogagent/feature/remoteconfig/feature_test.go b/internal/controller/datadogagent/feature/remoteconfig/feature_test.go index be4aa3175..9f199aacb 100644 --- a/internal/controller/datadogagent/feature/remoteconfig/feature_test.go +++ b/internal/controller/datadogagent/feature/remoteconfig/feature_test.go @@ -11,11 +11,11 @@ import ( corev1 "k8s.io/api/core/v1" apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -25,7 +25,7 @@ func Test_rcFeature_Configure(t *testing.T) { tests := test.FeatureTestSuite{ { Name: "RC not enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithRemoteConfigEnabled(false). Build(), WantConfigure: true, @@ -34,7 +34,7 @@ func Test_rcFeature_Configure(t *testing.T) { }, { Name: "RC enabled", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). WithRemoteConfigEnabled(true). Build(), WantConfigure: true, @@ -43,7 +43,7 @@ func Test_rcFeature_Configure(t *testing.T) { }, { Name: "RC default (no datadogagent_default.go)", - DDA: v2alpha1test.NewDatadogAgentBuilder(). + DDA: testutils.NewDatadogAgentBuilder(). Build(), WantConfigure: true, Agent: rcAgentNodeWantFunc(false), @@ -62,7 +62,7 @@ func rcAgentNodeWantFunc(rcEnabled bool) *test.ComponentTest { // Check environment variable expectedEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDRemoteConfigurationEnabled, + Name: DDRemoteConfigurationEnabled, Value: apiutils.BoolToString(&rcEnabled), }, } @@ -80,7 +80,7 @@ func rcClusterAgentNodeWantFunc(rcEnabled bool) *test.ComponentTest { // Check environment variable expectedEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDRemoteConfigurationEnabled, + Name: DDRemoteConfigurationEnabled, Value: apiutils.BoolToString(&rcEnabled), }, } diff --git a/internal/controller/datadogagent/feature/sbom/envvar.go b/internal/controller/datadogagent/feature/sbom/envvar.go new file mode 100644 index 000000000..f11f6d9a8 --- /dev/null +++ b/internal/controller/datadogagent/feature/sbom/envvar.go @@ -0,0 +1,16 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package sbom + +const ( + DDSBOMEnabled = "DD_SBOM_ENABLED" + DDSBOMContainerImageEnabled = "DD_SBOM_CONTAINER_IMAGE_ENABLED" + DDSBOMContainerImageAnalyzers = "DD_SBOM_CONTAINER_IMAGE_ANALYZERS" + DDSBOMContainerUseMount = "DD_SBOM_CONTAINER_IMAGE_USE_MOUNT" + DDSBOMContainerOverlayFSDirectScan = "DD_SBOM_CONTAINER_IMAGE_OVERLAYFS_DIRECT_SCAN" + DDSBOMHostEnabled = "DD_SBOM_HOST_ENABLED" + DDSBOMHostAnalyzers = "DD_SBOM_HOST_ANALYZERS" +) diff --git a/internal/controller/datadogagent/feature/sbom/feature.go b/internal/controller/datadogagent/feature/sbom/feature.go index a41732caa..8a284d19b 100644 --- a/internal/controller/datadogagent/feature/sbom/feature.go +++ b/internal/controller/datadogagent/feature/sbom/feature.go @@ -144,29 +144,29 @@ func (p sbomFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplate // It should do nothing if the feature doesn't need to configure it. func (f *sbomFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDSBOMEnabled, + Name: DDSBOMEnabled, Value: apiutils.BoolToString(&f.enabled), }) managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDSBOMContainerImageEnabled, + Name: DDSBOMContainerImageEnabled, Value: apiutils.BoolToString(&f.containerImageEnabled), }) if len(f.containerImageAnalyzers) > 0 { managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDSBOMContainerImageAnalyzers, + Name: DDSBOMContainerImageAnalyzers, Value: strings.Join(f.containerImageAnalyzers, " "), }) } if f.containerImageUncompressedLayersSupport { if f.containerImageOverlayFSDirectScan { managers.EnvVar().AddEnvVarToContainer(apicommon.CoreAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDSBOMContainerOverlayFSDirectScan, + Name: DDSBOMContainerOverlayFSDirectScan, Value: "true", }) } else { managers.EnvVar().AddEnvVarToContainer(apicommon.CoreAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDSBOMContainerUseMount, + Name: DDSBOMContainerUseMount, Value: "true", }) @@ -175,7 +175,7 @@ func (f *sbomFeature) ManageNodeAgent(managers feature.PodTemplateManagers, prov apicommon.CoreAgentContainerName, ) - managers.Annotation().AddAnnotation(apicommon.AgentAppArmorAnnotationKey, apicommon.AgentAppArmorAnnotationValue) + managers.Annotation().AddAnnotation(v2alpha1.AgentAppArmorAnnotationKey, v2alpha1.AgentAppArmorAnnotationValue) } volMgr := managers.Volume() @@ -187,26 +187,26 @@ func (f *sbomFeature) ManageNodeAgent(managers feature.PodTemplateManagers, prov } managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDSBOMHostEnabled, + Name: DDSBOMHostEnabled, Value: apiutils.BoolToString(&f.hostEnabled), }) if len(f.hostAnalyzers) > 0 { managers.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDSBOMHostAnalyzers, + Name: DDSBOMHostAnalyzers, Value: strings.Join(f.hostAnalyzers, " "), }) } if f.hostEnabled { managers.EnvVar().AddEnvVarToContainer(apicommon.CoreAgentContainerName, &corev1.EnvVar{ - Name: apicommon.DDHostRootEnvVar, + Name: v2alpha1.DDHostRootEnvVar, Value: "/host", }) volMgr := managers.Volume() volMountMgr := managers.VolumeMount() - osReleaseVol, osReleaseVolMount := volume.GetVolumes(apicommon.SystemProbeOSReleaseDirVolumeName, apicommon.SystemProbeOSReleaseDirVolumePath, apicommon.SystemProbeOSReleaseDirMountPath, true) + osReleaseVol, osReleaseVolMount := volume.GetVolumes(v2alpha1.SystemProbeOSReleaseDirVolumeName, v2alpha1.SystemProbeOSReleaseDirVolumePath, v2alpha1.SystemProbeOSReleaseDirMountPath, true) volMountMgr.AddVolumeMountToContainer(&osReleaseVolMount, apicommon.CoreAgentContainerName) volMgr.AddVolume(&osReleaseVol) diff --git a/internal/controller/datadogagent/feature/sbom/feature_test.go b/internal/controller/datadogagent/feature/sbom/feature_test.go index 3c3442ffe..c9680b6e2 100644 --- a/internal/controller/datadogagent/feature/sbom/feature_test.go +++ b/internal/controller/datadogagent/feature/sbom/feature_test.go @@ -56,15 +56,15 @@ func Test_sbomFeature_Configure(t *testing.T) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDSBOMEnabled, + Name: DDSBOMEnabled, Value: "true", }, { - Name: apicommon.DDSBOMContainerImageEnabled, + Name: DDSBOMContainerImageEnabled, Value: "false", }, { - Name: apicommon.DDSBOMHostEnabled, + Name: DDSBOMHostEnabled, Value: "false", }, } @@ -78,15 +78,15 @@ func Test_sbomFeature_Configure(t *testing.T) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDSBOMEnabled, + Name: DDSBOMEnabled, Value: "true", }, { - Name: apicommon.DDSBOMContainerImageEnabled, + Name: DDSBOMContainerImageEnabled, Value: "true", }, { - Name: apicommon.DDSBOMHostEnabled, + Name: DDSBOMHostEnabled, Value: "false", }, } @@ -100,15 +100,15 @@ func Test_sbomFeature_Configure(t *testing.T) { wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDSBOMEnabled, + Name: DDSBOMEnabled, Value: "true", }, { - Name: apicommon.DDSBOMContainerImageEnabled, + Name: DDSBOMContainerImageEnabled, Value: "true", }, { - Name: apicommon.DDSBOMHostEnabled, + Name: DDSBOMHostEnabled, Value: "false", }, } @@ -118,7 +118,7 @@ func Test_sbomFeature_Configure(t *testing.T) { assert.True(t, apiutils.IsEqualStruct(nodeAgentEnvVars, wantEnvVars), "Node agent envvars \ndiff = %s", cmp.Diff(nodeAgentEnvVars, wantEnvVars)) wantEnvVars = []*corev1.EnvVar{{ - Name: apicommon.DDSBOMContainerOverlayFSDirectScan, + Name: DDSBOMContainerOverlayFSDirectScan, Value: "true", }} assert.True(t, apiutils.IsEqualStruct(nodeCoreAgentEnvVars, wantEnvVars), "Core agent envvars \ndiff = %s", cmp.Diff(nodeCoreAgentEnvVars, wantEnvVars)) @@ -129,22 +129,22 @@ func Test_sbomFeature_Configure(t *testing.T) { wantAllAgentsEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDSBOMEnabled, + Name: DDSBOMEnabled, Value: "true", }, { - Name: apicommon.DDSBOMContainerImageEnabled, + Name: DDSBOMContainerImageEnabled, Value: "false", }, { - Name: apicommon.DDSBOMHostEnabled, + Name: DDSBOMHostEnabled, Value: "true", }, } wantCoreAgentHostEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDHostRootEnvVar, + Name: v2alpha1.DDHostRootEnvVar, Value: "/host", }, } @@ -156,8 +156,8 @@ func Test_sbomFeature_Configure(t *testing.T) { wantVolumeMounts := []corev1.VolumeMount{ { - Name: apicommon.SystemProbeOSReleaseDirVolumeName, - MountPath: apicommon.SystemProbeOSReleaseDirMountPath, + Name: v2alpha1.SystemProbeOSReleaseDirVolumeName, + MountPath: v2alpha1.SystemProbeOSReleaseDirMountPath, ReadOnly: true, }, { @@ -202,10 +202,10 @@ func Test_sbomFeature_Configure(t *testing.T) { wantVolumes := []corev1.Volume{ { - Name: apicommon.SystemProbeOSReleaseDirVolumeName, + Name: v2alpha1.SystemProbeOSReleaseDirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.SystemProbeOSReleaseDirVolumePath, + Path: v2alpha1.SystemProbeOSReleaseDirVolumePath, }, }, }, diff --git a/internal/controller/datadogagent/feature/servicediscovery/envvar.go b/internal/controller/datadogagent/feature/servicediscovery/envvar.go new file mode 100644 index 000000000..013884859 --- /dev/null +++ b/internal/controller/datadogagent/feature/servicediscovery/envvar.go @@ -0,0 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package servicediscovery + +const DDServiceDiscoveryEnabled = "DD_DISCOVERY_ENABLED" diff --git a/internal/controller/datadogagent/feature/servicediscovery/feature.go b/internal/controller/datadogagent/feature/servicediscovery/feature.go index 44396d4cf..55f4d95af 100644 --- a/internal/controller/datadogagent/feature/servicediscovery/feature.go +++ b/internal/controller/datadogagent/feature/servicediscovery/feature.go @@ -1,3 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + package servicediscovery import ( @@ -56,26 +61,26 @@ func (f *serviceDiscoveryFeature) ManageClusterAgent(feature.PodTemplateManagers // It should do nothing if the feature doesn't need to configure it. func (f *serviceDiscoveryFeature) ManageNodeAgent(managers feature.PodTemplateManagers, _ string) error { // annotations - managers.Annotation().AddAnnotation(apicommon.SystemProbeAppArmorAnnotationKey, apicommon.SystemProbeAppArmorAnnotationValue) + managers.Annotation().AddAnnotation(v2alpha1.SystemProbeAppArmorAnnotationKey, v2alpha1.SystemProbeAppArmorAnnotationValue) // security context capabilities managers.SecurityContext().AddCapabilitiesToContainer(agent.DefaultCapabilitiesForSystemProbe(), apicommon.SystemProbeContainerName) // socket volume mount (needs write perms for the system probe container but not the others) - procdirVol, procdirMount := volume.GetVolumes(apicommon.ProcdirVolumeName, apicommon.ProcdirHostPath, apicommon.ProcdirMountPath, true) + procdirVol, procdirMount := volume.GetVolumes(v2alpha1.ProcdirVolumeName, v2alpha1.ProcdirHostPath, v2alpha1.ProcdirMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&procdirMount, apicommon.SystemProbeContainerName) managers.Volume().AddVolume(&procdirVol) - socketVol, socketVolMount := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, false) + socketVol, socketVolMount := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, false) managers.Volume().AddVolume(&socketVol) managers.VolumeMount().AddVolumeMountToContainer(&socketVolMount, apicommon.SystemProbeContainerName) - _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, true) + _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, true) managers.VolumeMount().AddVolumeMountToContainer(&socketVolMountReadOnly, apicommon.CoreAgentContainerName) // env vars enableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDServiceDiscoveryEnabled, + Name: DDServiceDiscoveryEnabled, Value: "true", } @@ -83,7 +88,7 @@ func (f *serviceDiscoveryFeature) ManageNodeAgent(managers feature.PodTemplateMa managers.EnvVar().AddEnvVarToInitContainer(apicommon.InitConfigContainerName, enableEnvVar) socketEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, } diff --git a/internal/controller/datadogagent/feature/servicediscovery/feature_test.go b/internal/controller/datadogagent/feature/servicediscovery/feature_test.go index cdd00f70b..177f5438b 100644 --- a/internal/controller/datadogagent/feature/servicediscovery/feature_test.go +++ b/internal/controller/datadogagent/feature/servicediscovery/feature_test.go @@ -1,3 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + package servicediscovery import ( @@ -46,21 +51,21 @@ func Test_serviceDiscoveryFeature_Configure(t *testing.T) { // check volume mounts wantCoreAgentVolMounts := []corev1.VolumeMount{ { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: true, }, } wantSystemProbeVolMounts := []corev1.VolumeMount{ { - Name: apicommon.ProcdirVolumeName, - MountPath: apicommon.ProcdirMountPath, + Name: v2alpha1.ProcdirVolumeName, + MountPath: v2alpha1.ProcdirMountPath, ReadOnly: true, }, { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: false, }, } @@ -74,15 +79,15 @@ func Test_serviceDiscoveryFeature_Configure(t *testing.T) { // check volumes wantVolumes := []corev1.Volume{ { - Name: apicommon.ProcdirVolumeName, + Name: v2alpha1.ProcdirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ProcdirHostPath, + Path: v2alpha1.ProcdirHostPath, }, }, }, { - Name: apicommon.SystemProbeSocketVolumeName, + Name: v2alpha1.SystemProbeSocketVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -95,11 +100,11 @@ func Test_serviceDiscoveryFeature_Configure(t *testing.T) { // check env vars wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDServiceDiscoveryEnabled, + Name: DDServiceDiscoveryEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, }, } diff --git a/internal/controller/datadogagent/feature/tcpqueuelength/envvar.go b/internal/controller/datadogagent/feature/tcpqueuelength/envvar.go new file mode 100644 index 000000000..64bfa85bb --- /dev/null +++ b/internal/controller/datadogagent/feature/tcpqueuelength/envvar.go @@ -0,0 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package tcpqueuelength + +const DDEnableTCPQueueLengthEnvVar = "DD_SYSTEM_PROBE_CONFIG_ENABLE_TCP_QUEUE_LENGTH" diff --git a/internal/controller/datadogagent/feature/tcpqueuelength/feature.go b/internal/controller/datadogagent/feature/tcpqueuelength/feature.go index 8fa1c557b..36c3129c5 100644 --- a/internal/controller/datadogagent/feature/tcpqueuelength/feature.go +++ b/internal/controller/datadogagent/feature/tcpqueuelength/feature.go @@ -80,34 +80,34 @@ func (f *tcpQueueLengthFeature) ManageNodeAgent(managers feature.PodTemplateMana managers.SecurityContext().AddCapabilitiesToContainer(agent.DefaultCapabilitiesForSystemProbe(), apicommon.SystemProbeContainerName) // modules volume mount - modulesVol, modulesVolMount := volume.GetVolumes(apicommon.ModulesVolumeName, apicommon.ModulesVolumePath, apicommon.ModulesVolumePath, true) + modulesVol, modulesVolMount := volume.GetVolumes(v2alpha1.ModulesVolumeName, v2alpha1.ModulesVolumePath, v2alpha1.ModulesVolumePath, true) managers.VolumeMount().AddVolumeMountToContainer(&modulesVolMount, apicommon.SystemProbeContainerName) managers.Volume().AddVolume(&modulesVol) // src volume mount _, providerValue := kubernetes.GetProviderLabelKeyValue(provider) if providerValue != kubernetes.GKECosType { - srcVol, srcVolMount := volume.GetVolumes(apicommon.SrcVolumeName, apicommon.SrcVolumePath, apicommon.SrcVolumePath, true) + srcVol, srcVolMount := volume.GetVolumes(v2alpha1.SrcVolumeName, v2alpha1.SrcVolumePath, v2alpha1.SrcVolumePath, true) managers.VolumeMount().AddVolumeMountToContainer(&srcVolMount, apicommon.SystemProbeContainerName) managers.Volume().AddVolume(&srcVol) } // debugfs volume mount - debugfsVol, debugfsVolMount := volume.GetVolumes(apicommon.DebugfsVolumeName, apicommon.DebugfsPath, apicommon.DebugfsPath, false) + debugfsVol, debugfsVolMount := volume.GetVolumes(v2alpha1.DebugfsVolumeName, v2alpha1.DebugfsPath, v2alpha1.DebugfsPath, false) managers.Volume().AddVolume(&debugfsVol) managers.VolumeMount().AddVolumeMountToContainers(&debugfsVolMount, []apicommon.AgentContainerName{apicommon.ProcessAgentContainerName, apicommon.SystemProbeContainerName}) // socket volume mount (needs write perms for the system probe container but not the others) - socketVol, socketVolMount := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, false) + socketVol, socketVolMount := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, false) managers.Volume().AddVolume(&socketVol) managers.VolumeMount().AddVolumeMountToContainer(&socketVolMount, apicommon.SystemProbeContainerName) - _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, true) + _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, true) managers.VolumeMount().AddVolumeMountToContainer(&socketVolMountReadOnly, apicommon.CoreAgentContainerName) // env vars enableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDEnableTCPQueueLengthEnvVar, + Name: DDEnableTCPQueueLengthEnvVar, Value: "true", } managers.EnvVar().AddEnvVarToContainers( @@ -117,7 +117,7 @@ func (f *tcpQueueLengthFeature) ManageNodeAgent(managers feature.PodTemplateMana managers.EnvVar().AddEnvVarToInitContainer(apicommon.InitConfigContainerName, enableEnvVar) sysProbeEnableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeEnabled, + Name: v2alpha1.DDSystemProbeEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainers( @@ -126,7 +126,7 @@ func (f *tcpQueueLengthFeature) ManageNodeAgent(managers feature.PodTemplateMana ) socketEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, } managers.EnvVar().AddEnvVarToContainers( diff --git a/internal/controller/datadogagent/feature/tcpqueuelength/feature_test.go b/internal/controller/datadogagent/feature/tcpqueuelength/feature_test.go index 25796c3ee..16e9ada4d 100644 --- a/internal/controller/datadogagent/feature/tcpqueuelength/feature_test.go +++ b/internal/controller/datadogagent/feature/tcpqueuelength/feature_test.go @@ -52,31 +52,31 @@ func Test_tcpQueueLengthFeature_Configure(t *testing.T) { // check volume mounts wantCoreAgentVolMounts := []corev1.VolumeMount{ { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: true, }, } wantSystemProbeVolMounts := []corev1.VolumeMount{ { - Name: apicommon.ModulesVolumeName, - MountPath: apicommon.ModulesVolumePath, + Name: v2alpha1.ModulesVolumeName, + MountPath: v2alpha1.ModulesVolumePath, ReadOnly: true, }, { - Name: apicommon.SrcVolumeName, - MountPath: apicommon.SrcVolumePath, + Name: v2alpha1.SrcVolumeName, + MountPath: v2alpha1.SrcVolumePath, ReadOnly: true, }, { - Name: apicommon.DebugfsVolumeName, - MountPath: apicommon.DebugfsPath, + Name: v2alpha1.DebugfsVolumeName, + MountPath: v2alpha1.DebugfsPath, ReadOnly: false, }, { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: false, }, } @@ -90,31 +90,31 @@ func Test_tcpQueueLengthFeature_Configure(t *testing.T) { // check volumes wantVolumes := []corev1.Volume{ { - Name: apicommon.ModulesVolumeName, + Name: v2alpha1.ModulesVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ModulesVolumePath, + Path: v2alpha1.ModulesVolumePath, }, }, }, { - Name: apicommon.SrcVolumeName, + Name: v2alpha1.SrcVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.SrcVolumePath, + Path: v2alpha1.SrcVolumePath, }, }, }, { - Name: apicommon.DebugfsVolumeName, + Name: v2alpha1.DebugfsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DebugfsPath, + Path: v2alpha1.DebugfsPath, }, }, }, { - Name: apicommon.SystemProbeSocketVolumeName, + Name: v2alpha1.SystemProbeSocketVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -127,15 +127,15 @@ func Test_tcpQueueLengthFeature_Configure(t *testing.T) { // check env vars wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDEnableTCPQueueLengthEnvVar, + Name: DDEnableTCPQueueLengthEnvVar, Value: "true", }, { - Name: apicommon.DDSystemProbeEnabled, + Name: v2alpha1.DDSystemProbeEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, }, } diff --git a/internal/controller/datadogagent/feature/test/factory_test.go b/internal/controller/datadogagent/feature/test/factory_test.go index 0ef867e9d..8d0491d17 100644 --- a/internal/controller/datadogagent/feature/test/factory_test.go +++ b/internal/controller/datadogagent/feature/test/factory_test.go @@ -4,7 +4,7 @@ import ( "testing" "github.com/DataDog/datadog-operator/api/datadoghq/common" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/stretchr/testify/assert" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" @@ -14,6 +14,7 @@ import ( _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/enabledefault" _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/livecontainer" _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/npm" + _ "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/otelcollector" ) func TestBuilder(t *testing.T) { @@ -29,7 +30,7 @@ func TestBuilder(t *testing.T) { // This test relies on the fact that by default Live Container feature is enabled // in the default settings which enables process agent. name: "Default DDA, Core and Process agent enabled", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). BuildWithDefaults(), wantAgentContainer: map[common.AgentContainerName]bool{ common.UnprivilegedSingleAgentContainerName: false, @@ -44,7 +45,7 @@ func TestBuilder(t *testing.T) { }, { name: "Default DDA with single container strategy, 1 single container", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithSingleContainerStrategy(true). BuildWithDefaults(), wantAgentContainer: map[common.AgentContainerName]bool{ @@ -60,7 +61,7 @@ func TestBuilder(t *testing.T) { }, { name: "APM enabled, 3 agents", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). BuildWithDefaults(), wantAgentContainer: map[common.AgentContainerName]bool{ @@ -76,7 +77,7 @@ func TestBuilder(t *testing.T) { }, { name: "APM enabled with single container strategy, 1 single container", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithSingleContainerStrategy(true). WithAPMEnabled(true). BuildWithDefaults(), @@ -93,7 +94,7 @@ func TestBuilder(t *testing.T) { }, { name: "APM, NPM enabled, 4 agents", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithNPMEnabled(true). BuildWithDefaults(), @@ -110,7 +111,7 @@ func TestBuilder(t *testing.T) { }, { name: "APM, NPM enabled with single container strategy, 4 agents", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithSingleContainerStrategy(true). WithAPMEnabled(true). WithNPMEnabled(true). @@ -128,7 +129,7 @@ func TestBuilder(t *testing.T) { }, { name: "APM, NPM, CSPM enabled, 5 agents", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithAPMEnabled(true). WithNPMEnabled(true). WithCSPMEnabled(true). @@ -146,7 +147,7 @@ func TestBuilder(t *testing.T) { }, { name: "APM, NPM, CSPM enabled with single container strategy, 5 agents", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithSingleContainerStrategy(true). WithAPMEnabled(true). WithNPMEnabled(true). @@ -165,7 +166,7 @@ func TestBuilder(t *testing.T) { }, { name: "Default DDA, default feature Option, otel-agent-enabled annotation true", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithAnnotations(map[string]string{"agent.datadoghq.com/otel-agent-enabled": "true"}). BuildWithDefaults(), wantAgentContainer: map[common.AgentContainerName]bool{ @@ -181,7 +182,7 @@ func TestBuilder(t *testing.T) { }, { name: "Default DDA, default feature Option, otel-agent-enabled annotation false", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithAnnotations(map[string]string{"agent.datadoghq.com/otel-agent-enabled": "false"}). BuildWithDefaults(), wantAgentContainer: map[common.AgentContainerName]bool{ @@ -197,12 +198,60 @@ func TestBuilder(t *testing.T) { }, { name: "Default DDA, no otel annotation, Operator option enabled", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithAnnotations(map[string]string{"agent.datadoghq.com/otel-agent-enabled": "false"}). BuildWithDefaults(), - featureOptions: feature.Options{ - OtelAgentEnabled: true, + wantAgentContainer: map[common.AgentContainerName]bool{ + common.UnprivilegedSingleAgentContainerName: false, + common.CoreAgentContainerName: true, + common.ProcessAgentContainerName: true, + common.TraceAgentContainerName: true, + common.SystemProbeContainerName: false, + common.SecurityAgentContainerName: false, + common.OtelAgent: false, + common.AgentDataPlaneContainerName: false, }, + }, + { + name: "Default DDA, otel annotation false, otel collector feature enabled", + dda: testutils.NewDatadogAgentBuilder(). + WithAnnotations(map[string]string{"agent.datadoghq.com/otel-agent-enabled": "false"}). + WithOTelCollectorEnabled(true). + BuildWithDefaults(), + wantAgentContainer: map[common.AgentContainerName]bool{ + common.UnprivilegedSingleAgentContainerName: false, + common.CoreAgentContainerName: true, + common.ProcessAgentContainerName: true, + common.TraceAgentContainerName: true, + common.SystemProbeContainerName: false, + common.SecurityAgentContainerName: false, + common.OtelAgent: true, + common.AgentDataPlaneContainerName: false, + }, + }, + { + name: "Default DDA, otel annotation true, otel collector feature disabled", + dda: testutils.NewDatadogAgentBuilder(). + WithAnnotations(map[string]string{"agent.datadoghq.com/otel-agent-enabled": "true"}). + WithOTelCollectorEnabled(false). + BuildWithDefaults(), + wantAgentContainer: map[common.AgentContainerName]bool{ + common.UnprivilegedSingleAgentContainerName: false, + common.CoreAgentContainerName: true, + common.ProcessAgentContainerName: true, + common.TraceAgentContainerName: true, + common.SystemProbeContainerName: false, + common.SecurityAgentContainerName: false, + common.OtelAgent: true, + common.AgentDataPlaneContainerName: false, + }, + }, + { + name: "Default DDA, otel annotation true, otel collector feature enabled", + dda: testutils.NewDatadogAgentBuilder(). + WithAnnotations(map[string]string{"agent.datadoghq.com/otel-agent-enabled": "true"}). + WithOTelCollectorEnabled(true). + BuildWithDefaults(), wantAgentContainer: map[common.AgentContainerName]bool{ common.UnprivilegedSingleAgentContainerName: false, common.CoreAgentContainerName: true, @@ -216,7 +265,7 @@ func TestBuilder(t *testing.T) { }, { name: "Default DDA, default feature Option, adp-enabled annotation true", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithAnnotations(map[string]string{"agent.datadoghq.com/adp-enabled": "true"}). BuildWithDefaults(), wantAgentContainer: map[common.AgentContainerName]bool{ @@ -232,7 +281,7 @@ func TestBuilder(t *testing.T) { }, { name: "Default DDA, default feature Option, adp-enabled annotation false", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithAnnotations(map[string]string{"agent.datadoghq.com/adp-enabled": "false"}). BuildWithDefaults(), wantAgentContainer: map[common.AgentContainerName]bool{ diff --git a/internal/controller/datadogagent/feature/types.go b/internal/controller/datadogagent/feature/types.go index 04767246d..c0d34f177 100644 --- a/internal/controller/datadogagent/feature/types.go +++ b/internal/controller/datadogagent/feature/types.go @@ -150,8 +150,6 @@ type Options struct { SupportExtendedDaemonset bool Logger logr.Logger - - OtelAgentEnabled bool } // BuildFunc function type used by each Feature during its factory registration. diff --git a/internal/controller/datadogagent/feature/usm/envvar.go b/internal/controller/datadogagent/feature/usm/envvar.go new file mode 100644 index 000000000..93c27fc1e --- /dev/null +++ b/internal/controller/datadogagent/feature/usm/envvar.go @@ -0,0 +1,8 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +package usm + +const DDSystemProbeServiceMonitoringEnabled = "DD_SYSTEM_PROBE_SERVICE_MONITORING_ENABLED" diff --git a/internal/controller/datadogagent/feature/usm/feature.go b/internal/controller/datadogagent/feature/usm/feature.go index 3a6f289ba..fb4e499cc 100644 --- a/internal/controller/datadogagent/feature/usm/feature.go +++ b/internal/controller/datadogagent/feature/usm/feature.go @@ -101,26 +101,26 @@ func (f *usmFeature) ManageSingleContainerNodeAgent(managers feature.PodTemplate // It should do nothing if the feature doesn't need to configure it. func (f *usmFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provider string) error { // annotations - managers.Annotation().AddAnnotation(apicommon.SystemProbeAppArmorAnnotationKey, apicommon.SystemProbeAppArmorAnnotationValue) + managers.Annotation().AddAnnotation(v2alpha1.SystemProbeAppArmorAnnotationKey, v2alpha1.SystemProbeAppArmorAnnotationValue) // security context capabilities managers.SecurityContext().AddCapabilitiesToContainer(agent.DefaultCapabilitiesForSystemProbe(), apicommon.SystemProbeContainerName) // volume mounts - procdirVol, procdirMount := volume.GetVolumes(apicommon.ProcdirVolumeName, apicommon.ProcdirHostPath, apicommon.ProcdirMountPath, true) + procdirVol, procdirMount := volume.GetVolumes(v2alpha1.ProcdirVolumeName, v2alpha1.ProcdirHostPath, v2alpha1.ProcdirMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&procdirMount, apicommon.SystemProbeContainerName) managers.Volume().AddVolume(&procdirVol) - cgroupsVol, cgroupsMount := volume.GetVolumes(apicommon.CgroupsVolumeName, apicommon.CgroupsHostPath, apicommon.CgroupsMountPath, true) + cgroupsVol, cgroupsMount := volume.GetVolumes(v2alpha1.CgroupsVolumeName, v2alpha1.CgroupsHostPath, v2alpha1.CgroupsMountPath, true) managers.VolumeMount().AddVolumeMountToContainer(&cgroupsMount, apicommon.SystemProbeContainerName) managers.Volume().AddVolume(&cgroupsVol) - debugfsVol, debugfsMount := volume.GetVolumes(apicommon.DebugfsVolumeName, apicommon.DebugfsPath, apicommon.DebugfsPath, false) + debugfsVol, debugfsMount := volume.GetVolumes(v2alpha1.DebugfsVolumeName, v2alpha1.DebugfsPath, v2alpha1.DebugfsPath, false) managers.VolumeMount().AddVolumeMountToContainer(&debugfsMount, apicommon.SystemProbeContainerName) managers.Volume().AddVolume(&debugfsVol) // socket volume mount (needs write perms for the system probe container but not the others) - socketDirVol, socketDirMount := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, false) + socketDirVol, socketDirMount := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, false) managers.VolumeMount().AddVolumeMountToContainers( &socketDirMount, []apicommon.AgentContainerName{ @@ -129,7 +129,7 @@ func (f *usmFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi ) managers.Volume().AddVolume(&socketDirVol) - _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(apicommon.SystemProbeSocketVolumeName, apicommon.SystemProbeSocketVolumePath, true) + _, socketVolMountReadOnly := volume.GetVolumesEmptyDir(v2alpha1.SystemProbeSocketVolumeName, v2alpha1.SystemProbeSocketVolumePath, true) managers.VolumeMount().AddVolumeMountToContainers( &socketVolMountReadOnly, []apicommon.AgentContainerName{ @@ -146,13 +146,13 @@ func (f *usmFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi } enabledEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeServiceMonitoringEnabled, + Name: DDSystemProbeServiceMonitoringEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainers(containersForEnvVars, enabledEnvVar) sysProbeEnableEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeEnabled, + Name: v2alpha1.DDSystemProbeEnabled, Value: "true", } managers.EnvVar().AddEnvVarToContainers( @@ -161,14 +161,14 @@ func (f *usmFeature) ManageNodeAgent(managers feature.PodTemplateManagers, provi ) sysProbeSocketEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, } managers.EnvVar().AddEnvVarToContainers(containersForEnvVars, sysProbeSocketEnvVar) // env vars for Process Agent only sysProbeExternalEnvVar := &corev1.EnvVar{ - Name: apicommon.DDSystemProbeExternal, + Name: v2alpha1.DDSystemProbeExternal, Value: "true", } managers.EnvVar().AddEnvVarToContainer(apicommon.ProcessAgentContainerName, sysProbeExternalEnvVar) diff --git a/internal/controller/datadogagent/feature/usm/feature_test.go b/internal/controller/datadogagent/feature/usm/feature_test.go index 630d12eea..40ae6bbda 100644 --- a/internal/controller/datadogagent/feature/usm/feature_test.go +++ b/internal/controller/datadogagent/feature/usm/feature_test.go @@ -41,7 +41,7 @@ func Test_usmFeature_Configure(t *testing.T) { // check annotations wantAnnotations := make(map[string]string) - wantAnnotations[apicommon.SystemProbeAppArmorAnnotationKey] = apicommon.SystemProbeAppArmorAnnotationValue + wantAnnotations[v2alpha1.SystemProbeAppArmorAnnotationKey] = v2alpha1.SystemProbeAppArmorAnnotationValue annotations := mgr.AnnotationMgr.Annotations assert.True(t, apiutils.IsEqualStruct(annotations, wantAnnotations), "Annotations \ndiff = %s", cmp.Diff(annotations, wantAnnotations)) @@ -52,23 +52,23 @@ func Test_usmFeature_Configure(t *testing.T) { // check volume mounts wantVolumeMounts := []corev1.VolumeMount{ { - Name: apicommon.ProcdirVolumeName, - MountPath: apicommon.ProcdirMountPath, + Name: v2alpha1.ProcdirVolumeName, + MountPath: v2alpha1.ProcdirMountPath, ReadOnly: true, }, { - Name: apicommon.CgroupsVolumeName, - MountPath: apicommon.CgroupsMountPath, + Name: v2alpha1.CgroupsVolumeName, + MountPath: v2alpha1.CgroupsMountPath, ReadOnly: true, }, { - Name: apicommon.DebugfsVolumeName, - MountPath: apicommon.DebugfsPath, + Name: v2alpha1.DebugfsVolumeName, + MountPath: v2alpha1.DebugfsPath, ReadOnly: false, }, { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: false, }, } @@ -78,8 +78,8 @@ func Test_usmFeature_Configure(t *testing.T) { coreWantVolumeMounts := []corev1.VolumeMount{ { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: true, }, } @@ -88,8 +88,8 @@ func Test_usmFeature_Configure(t *testing.T) { processWantVolumeMounts := []corev1.VolumeMount{ { - Name: apicommon.SystemProbeSocketVolumeName, - MountPath: apicommon.SystemProbeSocketVolumePath, + Name: v2alpha1.SystemProbeSocketVolumeName, + MountPath: v2alpha1.SystemProbeSocketVolumePath, ReadOnly: true, }, } @@ -99,31 +99,31 @@ func Test_usmFeature_Configure(t *testing.T) { // check volumes wantVolumes := []corev1.Volume{ { - Name: apicommon.ProcdirVolumeName, + Name: v2alpha1.ProcdirVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.ProcdirHostPath, + Path: v2alpha1.ProcdirHostPath, }, }, }, { - Name: apicommon.CgroupsVolumeName, + Name: v2alpha1.CgroupsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.CgroupsHostPath, + Path: v2alpha1.CgroupsHostPath, }, }, }, { - Name: apicommon.DebugfsVolumeName, + Name: v2alpha1.DebugfsVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ - Path: apicommon.DebugfsPath, + Path: v2alpha1.DebugfsPath, }, }, }, { - Name: apicommon.SystemProbeSocketVolumeName, + Name: v2alpha1.SystemProbeSocketVolumeName, VolumeSource: corev1.VolumeSource{ EmptyDir: &corev1.EmptyDirVolumeSource{}, }, @@ -136,15 +136,15 @@ func Test_usmFeature_Configure(t *testing.T) { // check env vars wantEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDSystemProbeServiceMonitoringEnabled, + Name: DDSystemProbeServiceMonitoringEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeEnabled, + Name: v2alpha1.DDSystemProbeEnabled, Value: "true", }, { - Name: apicommon.DDSystemProbeSocket, + Name: v2alpha1.DDSystemProbeSocket, Value: v2alpha1.DefaultSystemProbeSocketPath, }, } diff --git a/internal/controller/datadogagent/feature/utils/utils.go b/internal/controller/datadogagent/feature/utils/utils.go index d298f5ff9..bbe1195ff 100644 --- a/internal/controller/datadogagent/feature/utils/utils.go +++ b/internal/controller/datadogagent/feature/utils/utils.go @@ -8,7 +8,6 @@ package utils import ( "strconv" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/DataDog/datadog-operator/pkg/defaulting" "github.com/DataDog/datadog-operator/pkg/utils" @@ -35,7 +34,7 @@ func agentSupportsRunInCoreAgent(dda *v2alpha1.DatadogAgent) bool { func OverrideRunInCoreAgent(dda *v2alpha1.DatadogAgent, currentVal bool) bool { if nodeAgent, ok := dda.Spec.Override[v2alpha1.NodeAgentComponentName]; ok { for _, env := range nodeAgent.Env { - if env.Name == apicommon.DDProcessConfigRunInCoreAgent { + if env.Name == v2alpha1.DDProcessConfigRunInCoreAgent { val, err := strconv.ParseBool(env.Value) if err == nil { return val diff --git a/internal/controller/datadogagent/finalizer.go b/internal/controller/datadogagent/finalizer.go index 4b5e39370..68ed87682 100644 --- a/internal/controller/datadogagent/finalizer.go +++ b/internal/controller/datadogagent/finalizer.go @@ -10,6 +10,7 @@ import ( "fmt" datadoghqv2alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/defaults" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/override" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/store" @@ -68,7 +69,7 @@ func (r *Reconciler) finalizeDadV2(reqLogger logr.Logger, obj client.Object) err // We need to apply the defaults to be able to delete the resources // associated with those defaults. dda := obj.(*datadoghqv2alpha1.DatadogAgent).DeepCopy() - datadoghqv2alpha1.DefaultDatadogAgent(dda) + defaults.DefaultDatadogAgent(dda) if r.options.OperatorMetricsEnabled { r.forwarders.Unregister(dda) diff --git a/internal/controller/datadogagent/object/labels.go b/internal/controller/datadogagent/object/labels.go index d903706db..4675a1612 100644 --- a/internal/controller/datadogagent/object/labels.go +++ b/internal/controller/datadogagent/object/labels.go @@ -9,7 +9,7 @@ import ( "fmt" "strings" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/go-logr/logr" @@ -75,5 +75,5 @@ func GetChecksumAnnotationKey(keyName string) string { return "" } - return fmt.Sprintf(apicommon.MD5ChecksumAnnotationKey, keyName) + return fmt.Sprintf(v2alpha1.MD5ChecksumAnnotationKey, keyName) } diff --git a/internal/controller/datadogagent/object/volume/volumes.go b/internal/controller/datadogagent/object/volume/volumes.go index 2438d697a..9006b51db 100644 --- a/internal/controller/datadogagent/object/volume/volumes.go +++ b/internal/controller/datadogagent/object/volume/volumes.go @@ -12,7 +12,6 @@ import ( "gopkg.in/yaml.v2" corev1 "k8s.io/api/core/v1" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" ) @@ -70,7 +69,7 @@ func GetVolumesFromConfigMap(configMap *v2alpha1.ConfigMapConfig, volumeName, de volumeMount := corev1.VolumeMount{ Name: volumeName, - MountPath: fmt.Sprintf("%s%s/%s", apicommon.ConfigVolumePath, apicommon.ConfdVolumePath, configFolder), + MountPath: fmt.Sprintf("%s%s/%s", v2alpha1.ConfigVolumePath, v2alpha1.ConfdVolumePath, configFolder), ReadOnly: true, } return volume, volumeMount diff --git a/internal/controller/datadogagent/override/container.go b/internal/controller/datadogagent/override/container.go index ceee2364b..93b35ad7d 100644 --- a/internal/controller/datadogagent/override/container.go +++ b/internal/controller/datadogagent/override/container.go @@ -9,16 +9,17 @@ import ( "fmt" "strconv" - "github.com/DataDog/datadog-operator/api/datadoghq/common" + apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" + "github.com/DataDog/datadog-operator/pkg/constants" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/intstr" ) // Container use to override a corev1.Container with a v2alpha1.DatadogAgentGenericContainer. -func Container(containerName common.AgentContainerName, manager feature.PodTemplateManagers, override *v2alpha1.DatadogAgentGenericContainer) { +func Container(containerName apicommon.AgentContainerName, manager feature.PodTemplateManagers, override *v2alpha1.DatadogAgentGenericContainer) { if override == nil { return } @@ -53,17 +54,17 @@ func Container(containerName common.AgentContainerName, manager feature.PodTempl } } -func overrideLogLevel(containerName common.AgentContainerName, manager feature.PodTemplateManagers, logLevel string) { +func overrideLogLevel(containerName apicommon.AgentContainerName, manager feature.PodTemplateManagers, logLevel string) { manager.EnvVar().AddEnvVarToContainer( containerName, &corev1.EnvVar{ - Name: common.DDLogLevel, + Name: v2alpha1.DDLogLevel, Value: logLevel, }, ) } -func addEnvsToContainer(containerName common.AgentContainerName, manager feature.PodTemplateManagers, envs []corev1.EnvVar) { +func addEnvsToContainer(containerName apicommon.AgentContainerName, manager feature.PodTemplateManagers, envs []corev1.EnvVar) { for _, env := range envs { e := env manager.EnvVar().AddEnvVarToContainer(containerName, &e) @@ -71,21 +72,21 @@ func addEnvsToContainer(containerName common.AgentContainerName, manager feature } -func addEnvsToInitContainer(containerName common.AgentContainerName, manager feature.PodTemplateManagers, envs []corev1.EnvVar) { +func addEnvsToInitContainer(containerName apicommon.AgentContainerName, manager feature.PodTemplateManagers, envs []corev1.EnvVar) { for _, env := range envs { e := env manager.EnvVar().AddEnvVarToInitContainer(containerName, &e) } } -func addVolMountsToContainer(containerName common.AgentContainerName, manager feature.PodTemplateManagers, mounts []corev1.VolumeMount) { +func addVolMountsToContainer(containerName apicommon.AgentContainerName, manager feature.PodTemplateManagers, mounts []corev1.VolumeMount) { for _, mount := range mounts { m := mount manager.VolumeMount().AddVolumeMountToContainer(&m, containerName) } } -func addVolMountsToInitContainer(containerName common.AgentContainerName, manager feature.PodTemplateManagers, mounts []corev1.VolumeMount) { +func addVolMountsToInitContainer(containerName apicommon.AgentContainerName, manager feature.PodTemplateManagers, mounts []corev1.VolumeMount) { for _, mount := range mounts { m := mount manager.VolumeMount().AddVolumeMountToInitContainer(&m, containerName) @@ -93,11 +94,11 @@ func addVolMountsToInitContainer(containerName common.AgentContainerName, manage } } -func addHealthPort(containerName common.AgentContainerName, manager feature.PodTemplateManagers, healthPort int32) { +func addHealthPort(containerName apicommon.AgentContainerName, manager feature.PodTemplateManagers, healthPort int32) { manager.EnvVar().AddEnvVarToContainer( containerName, &corev1.EnvVar{ - Name: common.DDHealthPort, + Name: v2alpha1.DDHealthPort, Value: strconv.Itoa(int(healthPort)), }, ) @@ -167,12 +168,12 @@ func overrideInitContainer(initContainer *corev1.Container, override *v2alpha1.D } } -func overrideSeccompProfile(containerName common.AgentContainerName, manager feature.PodTemplateManagers, override *v2alpha1.DatadogAgentGenericContainer) { +func overrideSeccompProfile(containerName apicommon.AgentContainerName, manager feature.PodTemplateManagers, override *v2alpha1.DatadogAgentGenericContainer) { // NOTE: for now, only support custom Seccomp Profiles on the System Probe - if containerName == common.SystemProbeContainerName { + if containerName == apicommon.SystemProbeContainerName { if override.SeccompConfig != nil && override.SeccompConfig.CustomRootPath != nil { vol := corev1.Volume{ - Name: common.SeccompRootVolumeName, + Name: v2alpha1.SeccompRootVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ Path: *override.SeccompConfig.CustomRootPath, @@ -185,7 +186,7 @@ func overrideSeccompProfile(containerName common.AgentContainerName, manager fea // TODO support ConfigMap creation when ConfigData is used. if override.SeccompConfig != nil && override.SeccompConfig.CustomProfile != nil && override.SeccompConfig.CustomProfile.ConfigMap != nil { vol := corev1.Volume{ - Name: common.SeccompSecurityVolumeName, + Name: v2alpha1.SeccompSecurityVolumeName, VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ @@ -210,13 +211,13 @@ func overrideSeccompProfile(containerName common.AgentContainerName, manager fea } } -func overrideAppArmorProfile(containerName common.AgentContainerName, manager feature.PodTemplateManagers, override *v2alpha1.DatadogAgentGenericContainer) { +func overrideAppArmorProfile(containerName apicommon.AgentContainerName, manager feature.PodTemplateManagers, override *v2alpha1.DatadogAgentGenericContainer) { if override.AppArmorProfileName != nil { var annotation string if override.Name != nil { - annotation = fmt.Sprintf("%s/%s", common.AppArmorAnnotationKey, *override.Name) + annotation = fmt.Sprintf("%s/%s", v2alpha1.AppArmorAnnotationKey, *override.Name) } else { - annotation = fmt.Sprintf("%s/%s", common.AppArmorAnnotationKey, containerName) + annotation = fmt.Sprintf("%s/%s", v2alpha1.AppArmorAnnotationKey, containerName) } manager.Annotation().AddAnnotation(annotation, *override.AppArmorProfileName) @@ -227,8 +228,8 @@ func overrideReadinessProbe(readinessProbeOverride *corev1.Probe) *corev1.Probe // Add default httpGet probeHandler if probeHandler is not configured in readinessProbe override if !hasProbeHandler(readinessProbeOverride) { readinessProbeOverride.HTTPGet = &corev1.HTTPGetAction{ - Path: v2alpha1.DefaultReadinessProbeHTTPPath, - Port: intstr.IntOrString{IntVal: v2alpha1.DefaultAgentHealthPort}} + Path: constants.DefaultReadinessProbeHTTPPath, + Port: intstr.IntOrString{IntVal: constants.DefaultAgentHealthPort}} } return readinessProbeOverride } @@ -237,8 +238,8 @@ func overrideLivenessProbe(livenessProbeOverride *corev1.Probe) *corev1.Probe { // Add default httpGet probeHandler if probeHandler is not configured in livenessProbe override if !hasProbeHandler(livenessProbeOverride) { livenessProbeOverride.HTTPGet = &corev1.HTTPGetAction{ - Path: v2alpha1.DefaultLivenessProbeHTTPPath, - Port: intstr.IntOrString{IntVal: v2alpha1.DefaultAgentHealthPort}} + Path: constants.DefaultLivenessProbeHTTPPath, + Port: intstr.IntOrString{IntVal: constants.DefaultAgentHealthPort}} } return livenessProbeOverride } @@ -247,8 +248,8 @@ func overrideStartupProbe(startupProbeOverride *corev1.Probe) *corev1.Probe { // Add default httpGet probeHandler if probeHandler is not configured in startupProbe override if !hasProbeHandler(startupProbeOverride) { startupProbeOverride.HTTPGet = &corev1.HTTPGetAction{ - Path: v2alpha1.DefaultStartupProbeHTTPPath, - Port: intstr.IntOrString{IntVal: v2alpha1.DefaultAgentHealthPort}} + Path: constants.DefaultStartupProbeHTTPPath, + Port: intstr.IntOrString{IntVal: constants.DefaultAgentHealthPort}} } return startupProbeOverride } diff --git a/internal/controller/datadogagent/override/container_test.go b/internal/controller/datadogagent/override/container_test.go index 6799f3187..efe79fdd5 100644 --- a/internal/controller/datadogagent/override/container_test.go +++ b/internal/controller/datadogagent/override/container_test.go @@ -10,7 +10,7 @@ import ( "reflect" "testing" - "github.com/DataDog/datadog-operator/api/datadoghq/common" + apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" @@ -23,27 +23,27 @@ import ( func TestContainer(t *testing.T) { agentContainer := &corev1.Container{ - Name: string(common.CoreAgentContainerName), + Name: string(apicommon.CoreAgentContainerName), } initVolContainer := &corev1.Container{ - Name: string(common.InitVolumeContainerName), + Name: string(apicommon.InitVolumeContainerName), } initConfigContainer := &corev1.Container{ - Name: string(common.InitConfigContainerName), + Name: string(apicommon.InitConfigContainerName), } systemProbeContainer := &corev1.Container{ - Name: string(common.SystemProbeContainerName), + Name: string(apicommon.SystemProbeContainerName), } tests := []struct { name string - containerName common.AgentContainerName + containerName apicommon.AgentContainerName existingManager func() *fake.PodTemplateManagers override v2alpha1.DatadogAgentGenericContainer validateManager func(t *testing.T, manager *fake.PodTemplateManagers, containerName string) }{ { name: "override container name", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -62,7 +62,7 @@ func TestContainer(t *testing.T) { }, { name: "override log level", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -74,10 +74,10 @@ func TestContainer(t *testing.T) { LogLevel: apiutils.NewStringPointer("debug"), }, validateManager: func(t *testing.T, manager *fake.PodTemplateManagers, containerName string) { - envs := manager.EnvVarMgr.EnvVarsByC[common.CoreAgentContainerName] + envs := manager.EnvVarMgr.EnvVarsByC[apicommon.CoreAgentContainerName] expectedEnvs := []*corev1.EnvVar{ { - Name: common.DDLogLevel, + Name: v2alpha1.DDLogLevel, Value: "debug", }, } @@ -86,7 +86,7 @@ func TestContainer(t *testing.T) { }, { name: "add envs", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { manager := fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -94,7 +94,7 @@ func TestContainer(t *testing.T) { }, }) manager.EnvVar().AddEnvVarToContainer( - common.CoreAgentContainerName, + apicommon.CoreAgentContainerName, &corev1.EnvVar{ Name: "existing-env", Value: "some-val", @@ -115,7 +115,7 @@ func TestContainer(t *testing.T) { }, }, validateManager: func(t *testing.T, manager *fake.PodTemplateManagers, containerName string) { - envs := manager.EnvVarMgr.EnvVarsByC[common.CoreAgentContainerName] + envs := manager.EnvVarMgr.EnvVarsByC[apicommon.CoreAgentContainerName] expectedEnvs := []*corev1.EnvVar{ { Name: "existing-env", @@ -135,7 +135,7 @@ func TestContainer(t *testing.T) { }, { name: "add volume mounts", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { manager := fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -146,7 +146,7 @@ func TestContainer(t *testing.T) { &corev1.VolumeMount{ Name: "existing-volume-mount", }, - common.CoreAgentContainerName, + apicommon.CoreAgentContainerName, ) return manager }, @@ -161,7 +161,7 @@ func TestContainer(t *testing.T) { }, }, validateManager: func(t *testing.T, manager *fake.PodTemplateManagers, containerName string) { - mounts := manager.VolumeMountMgr.VolumeMountsByC[common.CoreAgentContainerName] + mounts := manager.VolumeMountMgr.VolumeMountsByC[apicommon.CoreAgentContainerName] expectedMounts := []*corev1.VolumeMount{ { Name: "existing-volume-mount", @@ -178,7 +178,7 @@ func TestContainer(t *testing.T) { }, { name: "override resources - when there are none defined", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -213,13 +213,13 @@ func TestContainer(t *testing.T) { }, { name: "override resources - when there are some defined", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ Containers: []corev1.Container{ { - Name: string(common.CoreAgentContainerName), + Name: string(apicommon.CoreAgentContainerName), Resources: corev1.ResourceRequirements{ Limits: map[corev1.ResourceName]resource.Quantity{ corev1.ResourceCPU: *resource.NewQuantity(2, resource.DecimalSI), // Not overridden, should be kept @@ -264,13 +264,13 @@ func TestContainer(t *testing.T) { }, { name: "override resources - when the override specifies a 0", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ Containers: []corev1.Container{ { - Name: string(common.CoreAgentContainerName), + Name: string(apicommon.CoreAgentContainerName), Resources: corev1.ResourceRequirements{ Limits: map[corev1.ResourceName]resource.Quantity{ corev1.ResourceCPU: *resource.NewQuantity(2, resource.DecimalSI), // Not overridden, should be kept @@ -312,7 +312,7 @@ func TestContainer(t *testing.T) { }, { name: "override command", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -331,7 +331,7 @@ func TestContainer(t *testing.T) { }, { name: "override args", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -350,7 +350,7 @@ func TestContainer(t *testing.T) { }, { name: "override health port", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -362,10 +362,10 @@ func TestContainer(t *testing.T) { HealthPort: apiutils.NewInt32Pointer(1234), }, validateManager: func(t *testing.T, manager *fake.PodTemplateManagers, containerName string) { - envs := manager.EnvVarMgr.EnvVarsByC[common.CoreAgentContainerName] + envs := manager.EnvVarMgr.EnvVarsByC[apicommon.CoreAgentContainerName] expectedEnvs := []*corev1.EnvVar{ { - Name: common.DDHealthPort, + Name: v2alpha1.DDHealthPort, Value: "1234", }, } @@ -374,7 +374,7 @@ func TestContainer(t *testing.T) { }, { name: "override readiness probe with default HTTPGet", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -415,7 +415,7 @@ func TestContainer(t *testing.T) { }, { name: "override readiness probe with non-HTTPGet handler", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -458,7 +458,7 @@ func TestContainer(t *testing.T) { }, { name: "override readiness probe", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -507,7 +507,7 @@ func TestContainer(t *testing.T) { }, { name: "override liveness probe with default HTTPGet", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -548,7 +548,7 @@ func TestContainer(t *testing.T) { }, { name: "override liveness probe with non-HTTPGet handler", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -591,7 +591,7 @@ func TestContainer(t *testing.T) { }, { name: "override liveness probe", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -640,7 +640,7 @@ func TestContainer(t *testing.T) { }, { name: "override startup probe with default HTTPGet", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -681,7 +681,7 @@ func TestContainer(t *testing.T) { }, { name: "override startup probe with non-HTTPGet handler", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -724,7 +724,7 @@ func TestContainer(t *testing.T) { }, { name: "override startup probe", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -773,7 +773,7 @@ func TestContainer(t *testing.T) { }, { name: "override security context", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -798,7 +798,7 @@ func TestContainer(t *testing.T) { }, { name: "override seccomp root path", - containerName: common.SystemProbeContainerName, + containerName: apicommon.SystemProbeContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -827,7 +827,7 @@ func TestContainer(t *testing.T) { }, { name: "override seccomp profile", - containerName: common.SystemProbeContainerName, + containerName: apicommon.SystemProbeContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -862,7 +862,7 @@ func TestContainer(t *testing.T) { }, { name: "override app armor profile", - containerName: common.CoreAgentContainerName, + containerName: apicommon.CoreAgentContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -874,13 +874,13 @@ func TestContainer(t *testing.T) { AppArmorProfileName: apiutils.NewStringPointer("my-app-armor-profile"), }, validateManager: func(t *testing.T, manager *fake.PodTemplateManagers, containerName string) { - annotation := fmt.Sprintf("%s/%s", common.AppArmorAnnotationKey, common.CoreAgentContainerName) + annotation := fmt.Sprintf("%s/%s", v2alpha1.AppArmorAnnotationKey, apicommon.CoreAgentContainerName) assert.Equal(t, "my-app-armor-profile", manager.AnnotationMgr.Annotations[annotation]) }, }, { name: "override initContainer name", - containerName: common.InitVolumeContainerName, + containerName: apicommon.InitVolumeContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -899,7 +899,7 @@ func TestContainer(t *testing.T) { }, { name: "add initContainer envs", - containerName: common.InitVolumeContainerName, + containerName: apicommon.InitVolumeContainerName, existingManager: func() *fake.PodTemplateManagers { manager := fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -907,7 +907,7 @@ func TestContainer(t *testing.T) { }, }) manager.EnvVar().AddEnvVarToInitContainer( - common.InitVolumeContainerName, + apicommon.InitVolumeContainerName, &corev1.EnvVar{ Name: "existing-env", Value: "some-val", @@ -928,7 +928,7 @@ func TestContainer(t *testing.T) { }, }, validateManager: func(t *testing.T, manager *fake.PodTemplateManagers, containerName string) { - envs := manager.EnvVarMgr.EnvVarsByC[common.InitVolumeContainerName] + envs := manager.EnvVarMgr.EnvVarsByC[apicommon.InitVolumeContainerName] expectedEnvs := []*corev1.EnvVar{ { Name: "existing-env", @@ -948,7 +948,7 @@ func TestContainer(t *testing.T) { }, { name: "add initContainer volume mounts", - containerName: common.InitVolumeContainerName, + containerName: apicommon.InitVolumeContainerName, existingManager: func() *fake.PodTemplateManagers { manager := fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -959,7 +959,7 @@ func TestContainer(t *testing.T) { &corev1.VolumeMount{ Name: "existing-init-container-volume-mount", }, - common.InitVolumeContainerName, + apicommon.InitVolumeContainerName, ) return manager }, @@ -974,7 +974,7 @@ func TestContainer(t *testing.T) { }, }, validateManager: func(t *testing.T, manager *fake.PodTemplateManagers, containerName string) { - mounts := manager.VolumeMountMgr.VolumeMountsByC[common.InitVolumeContainerName] + mounts := manager.VolumeMountMgr.VolumeMountsByC[apicommon.InitVolumeContainerName] expectedMounts := []*corev1.VolumeMount{ { Name: "existing-init-container-volume-mount", @@ -991,7 +991,7 @@ func TestContainer(t *testing.T) { }, { name: "override initContainer resources", - containerName: common.InitConfigContainerName, + containerName: apicommon.InitConfigContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ @@ -1030,7 +1030,7 @@ func TestContainer(t *testing.T) { }, { name: "override initContainer security context", - containerName: common.InitConfigContainerName, + containerName: apicommon.InitConfigContainerName, existingManager: func() *fake.PodTemplateManagers { return fake.NewPodTemplateManagers(t, corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ diff --git a/internal/controller/datadogagent/override/daemonset_test.go b/internal/controller/datadogagent/override/daemonset_test.go index b965259b2..9651522fc 100644 --- a/internal/controller/datadogagent/override/daemonset_test.go +++ b/internal/controller/datadogagent/override/daemonset_test.go @@ -8,7 +8,7 @@ package override import ( "testing" - "github.com/DataDog/datadog-operator/api/datadoghq/common" + apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/stretchr/testify/assert" @@ -145,9 +145,9 @@ func makeDaemonSet(strategyType *string, strategyMaxUnavailable *string, strateg func makeOverride(strategyType *string, strategyMaxUnavailable *string, strategyMaxSurge *string) v2alpha1.DatadogAgentComponentOverride { override := v2alpha1.DatadogAgentComponentOverride{ - UpdateStrategy: &common.UpdateStrategy{ + UpdateStrategy: &apicommon.UpdateStrategy{ Type: "", - RollingUpdate: &common.RollingUpdate{ + RollingUpdate: &apicommon.RollingUpdate{ MaxUnavailable: &intstr.IntOrString{}, MaxSurge: &intstr.IntOrString{}, }, diff --git a/internal/controller/datadogagent/override/dependencies.go b/internal/controller/datadogagent/override/dependencies.go index 18006de15..dc284b96a 100644 --- a/internal/controller/datadogagent/override/dependencies.go +++ b/internal/controller/datadogagent/override/dependencies.go @@ -53,15 +53,17 @@ func Dependencies(logger logr.Logger, manager feature.ResourceManagers, dda *v2a func overridePodDisruptionBudget(logger logr.Logger, manager feature.ResourceManagers, dda *v2alpha1.DatadogAgent, createPdb *bool, component v2alpha1.ComponentName) (errs []error) { if createPdb != nil && *createPdb { + platformInfo := manager.Store().GetPlatformInfo() + useV1BetaPDB := platformInfo.UseV1Beta1PDB() if component == v2alpha1.ClusterAgentComponentName { - pdb := componentdca.GetClusterAgentPodDisruptionBudget(dda) + pdb := componentdca.GetClusterAgentPodDisruptionBudget(dda, useV1BetaPDB) if err := manager.Store().AddOrUpdate(kubernetes.PodDisruptionBudgetsKind, pdb); err != nil { errs = append(errs, err) } } else if component == v2alpha1.ClusterChecksRunnerComponentName && (dda.Spec.Features.ClusterChecks.UseClusterChecksRunners == nil || *dda.Spec.Features.ClusterChecks.UseClusterChecksRunners) { - pdb := componentccr.GetClusterChecksRunnerPodDisruptionBudget(dda) + pdb := componentccr.GetClusterChecksRunnerPodDisruptionBudget(dda, useV1BetaPDB) if err := manager.Store().AddOrUpdate(kubernetes.PodDisruptionBudgetsKind, pdb); err != nil { errs = append(errs, err) } diff --git a/internal/controller/datadogagent/override/fips.go b/internal/controller/datadogagent/override/fips.go index 4ec143b0b..62fa6a2bc 100644 --- a/internal/controller/datadogagent/override/fips.go +++ b/internal/controller/datadogagent/override/fips.go @@ -16,6 +16,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/configmap" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/volume" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/kubernetes" @@ -33,19 +34,19 @@ func applyFIPSConfig(logger logr.Logger, manager feature.PodTemplateManagers, dd for _, cont := range manager.PodTemplateSpec().Spec.Containers { if cont.Name != string(apicommon.SystemProbeContainerName) { manager.EnvVar().AddEnvVarToContainer(apicommon.AgentContainerName(cont.Name), &corev1.EnvVar{ - Name: apicommon.DDFIPSEnabled, + Name: v2alpha1.DDFIPSEnabled, Value: "true", }) manager.EnvVar().AddEnvVarToContainer(apicommon.AgentContainerName(cont.Name), &corev1.EnvVar{ - Name: apicommon.DDFIPSPortRangeStart, + Name: v2alpha1.DDFIPSPortRangeStart, Value: strconv.Itoa(int(*fipsConfig.Port)), }) manager.EnvVar().AddEnvVarToContainer(apicommon.AgentContainerName(cont.Name), &corev1.EnvVar{ - Name: apicommon.DDFIPSUseHTTPS, + Name: v2alpha1.DDFIPSUseHTTPS, Value: apiutils.BoolToString(fipsConfig.UseHTTPS), }) manager.EnvVar().AddEnvVarToContainer(apicommon.AgentContainerName(cont.Name), &corev1.EnvVar{ - Name: apicommon.DDFIPSLocalAddress, + Name: v2alpha1.DDFIPSLocalAddress, Value: *fipsConfig.LocalAddress, }) } @@ -54,7 +55,7 @@ func applyFIPSConfig(logger logr.Logger, manager feature.PodTemplateManagers, dd // Configure FIPS container fipsContainer := getFIPSProxyContainer(fipsConfig) - image := v2alpha1.GetImage(fipsConfig.Image, globalConfig.Registry) + image := constants.GetImage(fipsConfig.Image, globalConfig.Registry) fipsContainer.Image = image if fipsConfig.Image.PullPolicy != nil { fipsContainer.ImagePullPolicy = *fipsConfig.Image.PullPolicy @@ -75,18 +76,18 @@ func applyFIPSConfig(logger logr.Logger, manager feature.PodTemplateManagers, dd vol := getFIPSDefaultVolume(dda.Name) if fipsConfig.CustomFIPSConfig != nil { volMount := corev1.VolumeMount{ - Name: apicommon.FIPSProxyCustomConfigVolumeName, - MountPath: apicommon.FIPSProxyCustomConfigMountPath, - SubPath: apicommon.FIPSProxyCustomConfigFileName, + Name: v2alpha1.FIPSProxyCustomConfigVolumeName, + MountPath: v2alpha1.FIPSProxyCustomConfigMountPath, + SubPath: v2alpha1.FIPSProxyCustomConfigFileName, ReadOnly: true, } // Add md5 hash annotation to component for custom config hash, err := comparison.GenerateMD5ForSpec(fipsConfig.CustomFIPSConfig) if err != nil { - logger.Error(err, "couldn't generate hash for custom config", "filename", apicommon.FIPSProxyCustomConfigFileName) + logger.Error(err, "couldn't generate hash for custom config", "filename", v2alpha1.FIPSProxyCustomConfigFileName) } - annotationKey := object.GetChecksumAnnotationKey(string(apicommon.FIPSProxyCustomConfigFileName)) + annotationKey := object.GetChecksumAnnotationKey(string(v2alpha1.FIPSProxyCustomConfigFileName)) if annotationKey != "" && hash != "" { manager.Annotation().AddAnnotation(annotationKey, hash) } @@ -95,15 +96,15 @@ func applyFIPSConfig(logger logr.Logger, manager feature.PodTemplateManagers, dd if fipsConfig.CustomFIPSConfig.ConfigMap != nil { vol = volume.GetVolumeFromConfigMap( fipsConfig.CustomFIPSConfig.ConfigMap, - fmt.Sprintf(apicommon.FIPSProxyCustomConfigMapName, dda.Name), - apicommon.FIPSProxyCustomConfigVolumeName, + fmt.Sprintf(v2alpha1.FIPSProxyCustomConfigMapName, dda.Name), + v2alpha1.FIPSProxyCustomConfigVolumeName, ) // configData } else if fipsConfig.CustomFIPSConfig.ConfigData != nil { cm, err := configmap.BuildConfigMapMulti( dda.Namespace, - map[string]string{apicommon.FIPSProxyCustomConfigFileName: *fipsConfig.CustomFIPSConfig.ConfigData}, - fmt.Sprintf(apicommon.FIPSProxyCustomConfigMapName, dda.Name), + map[string]string{v2alpha1.FIPSProxyCustomConfigFileName: *fipsConfig.CustomFIPSConfig.ConfigData}, + fmt.Sprintf(v2alpha1.FIPSProxyCustomConfigMapName, dda.Name), false, ) if err != nil { @@ -135,7 +136,7 @@ func getFIPSProxyContainer(fipsConfig *v2alpha1.FIPSConfig) corev1.Container { Ports: getFIPSPorts(fipsConfig), Env: []corev1.EnvVar{ { - Name: apicommon.DDFIPSLocalAddress, + Name: v2alpha1.DDFIPSLocalAddress, Value: *fipsConfig.LocalAddress, }, }, @@ -161,16 +162,16 @@ func getFIPSPorts(fipsConfig *v2alpha1.FIPSConfig) []corev1.ContainerPort { func getFIPSDefaultVolume(name string) corev1.Volume { return corev1.Volume{ - Name: apicommon.FIPSProxyCustomConfigVolumeName, + Name: v2alpha1.FIPSProxyCustomConfigVolumeName, VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ - Name: fmt.Sprintf(apicommon.FIPSProxyCustomConfigMapName, name), + Name: fmt.Sprintf(v2alpha1.FIPSProxyCustomConfigMapName, name), }, Items: []corev1.KeyToPath{ { - Key: apicommon.FIPSProxyCustomConfigFileName, - Path: apicommon.FIPSProxyCustomConfigFileName, + Key: v2alpha1.FIPSProxyCustomConfigFileName, + Path: v2alpha1.FIPSProxyCustomConfigFileName, }, }, }, diff --git a/internal/controller/datadogagent/override/fips_test.go b/internal/controller/datadogagent/override/fips_test.go index 3c9a27851..80f3059a5 100644 --- a/internal/controller/datadogagent/override/fips_test.go +++ b/internal/controller/datadogagent/override/fips_test.go @@ -12,12 +12,12 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/store" "github.com/DataDog/datadog-operator/pkg/kubernetes" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -72,7 +72,7 @@ defaults }{ { name: "FIPS enabled", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithFIPS(v2alpha1.FIPSConfig{ Enabled: apiutils.NewBoolPointer(true), }). @@ -101,7 +101,7 @@ defaults }, { name: "FIPS custom image", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithFIPS(v2alpha1.FIPSConfig{ Enabled: apiutils.NewBoolPointer(true), Image: &v2alpha1.AgentImageConfig{ @@ -135,7 +135,7 @@ defaults }, { name: "FIPS custom port", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithFIPS(v2alpha1.FIPSConfig{ Enabled: apiutils.NewBoolPointer(true), Port: apiutils.NewInt32Pointer(2), @@ -165,7 +165,7 @@ defaults }, { name: "FIPS custom config - config map", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithFIPS(v2alpha1.FIPSConfig{ Enabled: apiutils.NewBoolPointer(true), CustomFIPSConfig: &v2alpha1.CustomConfig{ @@ -206,7 +206,7 @@ defaults }, { name: "FIPS custom config - config data", - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithFIPS(v2alpha1.FIPSConfig{ Enabled: apiutils.NewBoolPointer(true), CustomFIPSConfig: &v2alpha1.CustomConfig{ @@ -262,19 +262,19 @@ defaults func getExpectedComponentContainerEnvVars(port int) []*corev1.EnvVar { return []*corev1.EnvVar{ { - Name: apicommon.DDFIPSEnabled, + Name: v2alpha1.DDFIPSEnabled, Value: "true", }, { - Name: apicommon.DDFIPSPortRangeStart, + Name: v2alpha1.DDFIPSPortRangeStart, Value: strconv.Itoa(port), }, { - Name: apicommon.DDFIPSUseHTTPS, + Name: v2alpha1.DDFIPSUseHTTPS, Value: "false", }, { - Name: apicommon.DDFIPSLocalAddress, + Name: v2alpha1.DDFIPSLocalAddress, Value: "127.0.0.1", }, } @@ -283,16 +283,16 @@ func getExpectedComponentContainerEnvVars(port int) []*corev1.EnvVar { func getExpectedFIPSVolume(customConfig bool) []*corev1.Volume { vol := []*corev1.Volume{ { - Name: apicommon.FIPSProxyCustomConfigVolumeName, + Name: v2alpha1.FIPSProxyCustomConfigVolumeName, VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{ - Name: fmt.Sprintf(apicommon.FIPSProxyCustomConfigMapName, ""), + Name: fmt.Sprintf(v2alpha1.FIPSProxyCustomConfigMapName, ""), }, Items: []corev1.KeyToPath{ { - Key: apicommon.FIPSProxyCustomConfigFileName, - Path: apicommon.FIPSProxyCustomConfigFileName, + Key: v2alpha1.FIPSProxyCustomConfigFileName, + Path: v2alpha1.FIPSProxyCustomConfigFileName, }, }, }, @@ -315,9 +315,9 @@ func getExpectedFIPSVolumeMounts() []*corev1.VolumeMount { func getFIPSVolumeMount() corev1.VolumeMount { return corev1.VolumeMount{ - Name: apicommon.FIPSProxyCustomConfigVolumeName, - MountPath: apicommon.FIPSProxyCustomConfigMountPath, - SubPath: apicommon.FIPSProxyCustomConfigFileName, + Name: v2alpha1.FIPSProxyCustomConfigVolumeName, + MountPath: v2alpha1.FIPSProxyCustomConfigMountPath, + SubPath: v2alpha1.FIPSProxyCustomConfigFileName, ReadOnly: true, } } @@ -325,7 +325,7 @@ func getFIPSVolumeMount() corev1.VolumeMount { func checkFIPSContainerEnvVars(t testing.TB, mgr *fake.PodTemplateManagers) { fipsEnvVars := mgr.PodTemplateSpec().Spec.Containers[3].Env expectedEnvVars := corev1.EnvVar{ - Name: apicommon.DDFIPSLocalAddress, + Name: v2alpha1.DDFIPSLocalAddress, Value: "127.0.0.1", } assert.Contains(t, fipsEnvVars, expectedEnvVars) diff --git a/internal/controller/datadogagent/override/global.go b/internal/controller/datadogagent/override/global.go index 90d0f7bff..3a1f43734 100644 --- a/internal/controller/datadogagent/override/global.go +++ b/internal/controller/datadogagent/override/global.go @@ -18,6 +18,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/objects" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/volume" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/defaulting" "github.com/DataDog/datadog-operator/pkg/kubernetes/rbac" rbacv1 "k8s.io/api/rbac/v1" @@ -50,21 +51,21 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers // ClusterName sets a unique cluster name for the deployment to easily scope monitoring data in the Datadog app. if config.ClusterName != nil { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDClusterName, + Name: v2alpha1.DDClusterName, Value: *config.ClusterName, }) } // Site is the Datadog intake site Agent data are sent to. manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDSite, + Name: v2alpha1.DDSite, Value: *config.Site, }) // Endpoint is the Datadog intake URL the Agent data are sent to. if config.Endpoint != nil && config.Endpoint.URL != nil { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDddURL, + Name: v2alpha1.DDddURL, Value: *config.Endpoint.URL, }) } @@ -90,7 +91,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers // LogLevel sets logging verbosity. This can be overridden by container. manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDLogLevel, + Name: v2alpha1.DDLogLevel, Value: *config.LogLevel, }) @@ -115,7 +116,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers dda, *config.Site, ddURL, - v2alpha1.IsHostNetworkEnabled(dda, v2alpha1.ClusterAgentComponentName), + constants.IsHostNetworkEnabled(dda, v2alpha1.ClusterAgentComponentName), dnsSelectorEndpoints, componentName, ), @@ -134,7 +135,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers logger.Error(err, "Failed to unmarshal json input") } else { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDTags, + Name: v2alpha1.DDTags, Value: string(tags), }) } @@ -153,7 +154,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers // The value validation happens at the Agent level - if the lower(string) is not `low`, `orchestrator` or `high`, the Agent defaults to `low`. // Ref: https://github.com/DataDog/datadog-agent/blob/1d08a6a9783fe271ea3813ddf9abf60244abdf2c/comp/core/tagger/taggerimpl/tagger.go#L173-L177 manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDChecksTagCardinality, + Name: v2alpha1.DDChecksTagCardinality, Value: *config.ChecksTagCardinality, }) } @@ -161,7 +162,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers if config.OriginDetectionUnified != nil && config.OriginDetectionUnified.Enabled != nil { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDOriginDetectionUnified, + Name: v2alpha1.DDOriginDetectionUnified, Value: apiutils.BoolToString(config.OriginDetectionUnified.Enabled), }) } @@ -173,7 +174,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers logger.Error(err, "Failed to unmarshal json input") } else { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDPodLabelsAsTags, + Name: v2alpha1.DDPodLabelsAsTags, Value: string(podLabelsAsTags), }) } @@ -186,7 +187,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers logger.Error(err, "Failed to unmarshal json input") } else { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDPodAnnotationsAsTags, + Name: v2alpha1.DDPodAnnotationsAsTags, Value: string(podAnnotationsAsTags), }) } @@ -199,7 +200,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers logger.Error(err, "Failed to unmarshal json input") } else { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDNodeLabelsAsTags, + Name: v2alpha1.DDNodeLabelsAsTags, Value: string(nodeLabelsAsTags), }) } @@ -212,7 +213,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers logger.Error(err, "Failed to unmarshal json input") } else { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDNamespaceLabelsAsTags, + Name: v2alpha1.DDNamespaceLabelsAsTags, Value: string(namespaceLabelsAsTags), }) } @@ -225,7 +226,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers logger.Error(err, "Failed to unmarshal json input") } else { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDNamespaceAnnotationsAsTags, + Name: v2alpha1.DDNamespaceAnnotationsAsTags, Value: string(namespaceAnnotationsAsTags), }) } @@ -237,13 +238,13 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers if config.Kubelet != nil { if config.Kubelet.Host != nil { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDKubeletHost, + Name: v2alpha1.DDKubeletHost, ValueFrom: config.Kubelet.Host, }) } if config.Kubelet.TLSVerify != nil { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDKubeletTLSVerify, + Name: v2alpha1.DDKubeletTLSVerify, Value: apiutils.BoolToString(config.Kubelet.TLSVerify), }) } @@ -254,9 +255,9 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers if config.Kubelet.AgentCAPath != "" { agentCAPath = config.Kubelet.AgentCAPath } else { - agentCAPath = apicommon.KubeletAgentCAPath + agentCAPath = v2alpha1.KubeletAgentCAPath } - kubeletVol, kubeletVolMount := volume.GetVolumes(apicommon.KubeletCAVolumeName, config.Kubelet.HostCAPath, agentCAPath, true) + kubeletVol, kubeletVolMount := volume.GetVolumes(v2alpha1.KubeletCAVolumeName, config.Kubelet.HostCAPath, agentCAPath, true) if singleContainerStrategyEnabled { manager.VolumeMount().AddVolumeMountToContainers( &kubeletVolMount, @@ -280,7 +281,7 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers } // If the HostCAPath is overridden, set the environment variable `DD_KUBELET_CLIENT_CA`. The default value in the Agent is `/var/run/secrets/kubernetes.io/serviceaccount/ca.crt`. manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDKubeletCAPath, + Name: v2alpha1.DDKubeletCAPath, Value: agentCAPath, }) } @@ -290,20 +291,20 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers var runtimeVolMount corev1.VolumeMount // Path to the docker runtime socket. if config.DockerSocketPath != nil { - dockerMountPath := filepath.Join(apicommon.HostCriSocketPathPrefix, *config.DockerSocketPath) + dockerMountPath := filepath.Join(v2alpha1.HostCriSocketPathPrefix, *config.DockerSocketPath) manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DockerHost, + Name: v2alpha1.DockerHost, Value: "unix://" + dockerMountPath, }) - runtimeVol, runtimeVolMount = volume.GetVolumes(apicommon.CriSocketVolumeName, *config.DockerSocketPath, dockerMountPath, true) + runtimeVol, runtimeVolMount = volume.GetVolumes(v2alpha1.CriSocketVolumeName, *config.DockerSocketPath, dockerMountPath, true) } else if config.CriSocketPath != nil { // Path to the container runtime socket (if different from Docker). - criSocketMountPath := filepath.Join(apicommon.HostCriSocketPathPrefix, *config.CriSocketPath) + criSocketMountPath := filepath.Join(v2alpha1.HostCriSocketPathPrefix, *config.CriSocketPath) manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDCriSocketPath, + Name: v2alpha1.DDCriSocketPath, Value: criSocketMountPath, }) - runtimeVol, runtimeVolMount = volume.GetVolumes(apicommon.CriSocketVolumeName, *config.CriSocketPath, criSocketMountPath, true) + runtimeVol, runtimeVolMount = volume.GetVolumes(v2alpha1.CriSocketVolumeName, *config.CriSocketPath, criSocketMountPath, true) } if runtimeVol.Name != "" && runtimeVolMount.Name != "" { @@ -335,20 +336,20 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers if config.SecretBackend != nil { // Set secret backend command manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDSecretBackendCommand, + Name: v2alpha1.DDSecretBackendCommand, Value: apiutils.StringValue(config.SecretBackend.Command), }) // Set secret backend arguments manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDSecretBackendArguments, + Name: v2alpha1.DDSecretBackendArguments, Value: apiutils.StringValue(config.SecretBackend.Args), }) // Set secret backend timeout if config.SecretBackend.Timeout != nil { manager.EnvVar().AddEnvVar(&corev1.EnvVar{ - Name: apicommon.DDSecretBackendTimeout, + Name: v2alpha1.DDSecretBackendTimeout, Value: strconv.FormatInt(int64(*config.SecretBackend.Timeout), 10), }) } @@ -356,11 +357,11 @@ func applyGlobalSettings(logger logr.Logger, manager feature.PodTemplateManagers var componentSaName string switch componentName { case v2alpha1.ClusterAgentComponentName: - componentSaName = v2alpha1.GetClusterAgentServiceAccount(dda) + componentSaName = constants.GetClusterAgentServiceAccount(dda) case v2alpha1.NodeAgentComponentName: - componentSaName = v2alpha1.GetAgentServiceAccount(dda) + componentSaName = constants.GetAgentServiceAccount(dda) case v2alpha1.ClusterChecksRunnerComponentName: - componentSaName = v2alpha1.GetClusterChecksRunnerServiceAccount(dda) + componentSaName = constants.GetClusterChecksRunnerServiceAccount(dda) } agentName := dda.GetName() diff --git a/internal/controller/datadogagent/override/global_test.go b/internal/controller/datadogagent/override/global_test.go index 21441418d..7137e91fa 100644 --- a/internal/controller/datadogagent/override/global_test.go +++ b/internal/controller/datadogagent/override/global_test.go @@ -9,12 +9,13 @@ import ( "fmt" "testing" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/DataDog/datadog-operator/pkg/kubernetes/rbac" + "github.com/DataDog/datadog-operator/pkg/testutils" apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/assert" @@ -67,21 +68,21 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { { name: "Kubelet volume configured", singleContainerStrategyEnabled: false, - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithGlobalKubeletConfig(hostCAPath, agentCAPath, true). WithGlobalDockerSocketPath(dockerSocketPath). BuildWithDefaults(), wantEnvVars: getExpectedEnvVars([]*corev1.EnvVar{ { - Name: apicommon.DDKubeletTLSVerify, + Name: v2alpha1.DDKubeletTLSVerify, Value: "true", }, { - Name: apicommon.DDKubeletCAPath, + Name: v2alpha1.DDKubeletCAPath, Value: agentCAPath, }, { - Name: apicommon.DockerHost, + Name: v2alpha1.DockerHost, Value: "unix:///host" + dockerSocketPath, }, }...), @@ -92,21 +93,21 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { { name: "Kubelet volume configured", singleContainerStrategyEnabled: true, - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithGlobalKubeletConfig(hostCAPath, agentCAPath, true). WithGlobalDockerSocketPath(dockerSocketPath). BuildWithDefaults(), wantEnvVars: getExpectedEnvVars([]*corev1.EnvVar{ { - Name: apicommon.DDKubeletTLSVerify, + Name: v2alpha1.DDKubeletTLSVerify, Value: "true", }, { - Name: apicommon.DDKubeletCAPath, + Name: v2alpha1.DDKubeletCAPath, Value: agentCAPath, }, { - Name: apicommon.DockerHost, + Name: v2alpha1.DockerHost, Value: "unix:///host" + dockerSocketPath, }, }...), @@ -117,11 +118,11 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { { name: "Checks tag cardinality set to orchestrator", singleContainerStrategyEnabled: false, - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithChecksTagCardinality("orchestrator"). BuildWithDefaults(), wantEnvVars: getExpectedEnvVars(&corev1.EnvVar{ - Name: apicommon.DDChecksTagCardinality, + Name: v2alpha1.DDChecksTagCardinality, Value: "orchestrator", }), wantVolumeMounts: emptyVolumeMounts, @@ -131,11 +132,11 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { { name: "Unified origin detection activated", singleContainerStrategyEnabled: false, - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithOriginDetectionUnified(true). BuildWithDefaults(), wantEnvVars: getExpectedEnvVars(&corev1.EnvVar{ - Name: apicommon.DDOriginDetectionUnified, + Name: v2alpha1.DDOriginDetectionUnified, Value: "true", }), wantVolumeMounts: emptyVolumeMounts, @@ -145,7 +146,7 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { { name: "Global environment variable configured", singleContainerStrategyEnabled: false, - dda: v2alpha1test.NewDatadogAgentBuilder(). + dda: testutils.NewDatadogAgentBuilder(). WithEnvVars([]corev1.EnvVar{ { Name: "envA", @@ -177,21 +178,21 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { dda: addNameNamespaceToDDA( ddaName, ddaNamespace, - v2alpha1test.NewDatadogAgentBuilder(). + testutils.NewDatadogAgentBuilder(). WithGlobalSecretBackendGlobalPerms(secretBackendCommand, secretBackendArgs, secretBackendTimeout). BuildWithDefaults(), ), wantEnvVars: getExpectedEnvVars([]*corev1.EnvVar{ { - Name: apicommon.DDSecretBackendCommand, + Name: v2alpha1.DDSecretBackendCommand, Value: secretBackendCommand, }, { - Name: apicommon.DDSecretBackendArguments, + Name: v2alpha1.DDSecretBackendArguments, Value: secretBackendArgs, }, { - Name: apicommon.DDSecretBackendTimeout, + Name: v2alpha1.DDSecretBackendTimeout, Value: "60", }, }...), @@ -206,21 +207,21 @@ func TestNodeAgentComponenGlobalSettings(t *testing.T) { dda: addNameNamespaceToDDA( ddaName, ddaNamespace, - v2alpha1test.NewDatadogAgentBuilder(). + testutils.NewDatadogAgentBuilder(). WithGlobalSecretBackendSpecificRoles(secretBackendCommand, secretBackendArgs, secretBackendTimeout, secretNamespace, secretNames). BuildWithDefaults(), ), wantEnvVars: getExpectedEnvVars([]*corev1.EnvVar{ { - Name: apicommon.DDSecretBackendCommand, + Name: v2alpha1.DDSecretBackendCommand, Value: secretBackendCommand, }, { - Name: apicommon.DDSecretBackendArguments, + Name: v2alpha1.DDSecretBackendArguments, Value: secretBackendArgs, }, { - Name: apicommon.DDSecretBackendTimeout, + Name: v2alpha1.DDSecretBackendTimeout, Value: "60", }, }...), @@ -283,11 +284,11 @@ func assertAllAgentSingleContainer(t testing.TB, mgrInterface feature.PodTemplat func getExpectedEnvVars(addedEnvVars ...*corev1.EnvVar) []*corev1.EnvVar { defaultEnvVars := []*corev1.EnvVar{ { - Name: apicommon.DDSite, + Name: v2alpha1.DDSite, Value: "datadoghq.com", }, { - Name: apicommon.DDLogLevel, + Name: v2alpha1.DDLogLevel, Value: "info", }, } @@ -298,7 +299,7 @@ func getExpectedEnvVars(addedEnvVars ...*corev1.EnvVar) []*corev1.EnvVar { func getExpectedVolumes() []*corev1.Volume { return []*corev1.Volume{ { - Name: apicommon.KubeletCAVolumeName, + Name: v2alpha1.KubeletCAVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ Path: hostCAPath, @@ -306,7 +307,7 @@ func getExpectedVolumes() []*corev1.Volume { }, }, { - Name: apicommon.CriSocketVolumeName, + Name: v2alpha1.CriSocketVolumeName, VolumeSource: corev1.VolumeSource{ HostPath: &corev1.HostPathVolumeSource{ Path: dockerSocketPath, @@ -319,12 +320,12 @@ func getExpectedVolumes() []*corev1.Volume { func getExpectedVolumeMounts() []*corev1.VolumeMount { return []*corev1.VolumeMount{ { - Name: apicommon.KubeletCAVolumeName, + Name: v2alpha1.KubeletCAVolumeName, MountPath: agentCAPath, ReadOnly: true, }, { - Name: apicommon.CriSocketVolumeName, + Name: v2alpha1.CriSocketVolumeName, MountPath: "/host" + dockerSocketPath, ReadOnly: true, }, @@ -369,7 +370,7 @@ func assertSecretBackendGlobalPerms(t testing.TB, resourcesManager feature.Resou expectedSubject := []rbacv1.Subject{ { Kind: "ServiceAccount", - Name: ddaName + "-" + v2alpha1.DefaultAgentResourceSuffix, + Name: ddaName + "-" + constants.DefaultAgentResourceSuffix, Namespace: ddaNamespace, }, } @@ -428,7 +429,7 @@ func assertSecretBackendSpecificPerms(t testing.TB, resourcesManager feature.Res expectedSubject := []rbacv1.Subject{ { Kind: "ServiceAccount", - Name: ddaName + "-" + v2alpha1.DefaultAgentResourceSuffix, + Name: ddaName + "-" + constants.DefaultAgentResourceSuffix, Namespace: ddaNamespace, }, } diff --git a/internal/controller/datadogagent/override/podtemplatespec.go b/internal/controller/datadogagent/override/podtemplatespec.go index b055b3378..15bc929b6 100644 --- a/internal/controller/datadogagent/override/podtemplatespec.go +++ b/internal/controller/datadogagent/override/podtemplatespec.go @@ -18,6 +18,7 @@ import ( "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/object/volume" + "github.com/DataDog/datadog-operator/pkg/constants" "github.com/DataDog/datadog-operator/pkg/controller/utils/comparison" "github.com/DataDog/datadog-operator/pkg/defaulting" ) @@ -92,7 +93,7 @@ func PodTemplateSpec(logger logr.Logger, manager feature.PodTemplateManagers, ov // If both ConfigMap and ConfigData exist, ConfigMap has higher priority. if override.ExtraConfd != nil { cmName := fmt.Sprintf(extraConfdConfigMapName, strings.ToLower((string(componentName)))) - vol := volume.GetVolumeFromMultiCustomConfig(override.ExtraConfd, apicommon.ConfdVolumeName, cmName) + vol := volume.GetVolumeFromMultiCustomConfig(override.ExtraConfd, v2alpha1.ConfdVolumeName, cmName) manager.Volume().AddVolume(&vol) // Add md5 hash annotation for custom config @@ -109,7 +110,7 @@ func PodTemplateSpec(logger logr.Logger, manager feature.PodTemplateManagers, ov // If both ConfigMap and ConfigData exist, ConfigMap has higher priority. if override.ExtraChecksd != nil { cmName := fmt.Sprintf(extraChecksdConfigMapName, strings.ToLower((string(componentName)))) - vol := volume.GetVolumeFromMultiCustomConfig(override.ExtraChecksd, apicommon.ChecksdVolumeName, cmName) + vol := volume.GetVolumeFromMultiCustomConfig(override.ExtraChecksd, v2alpha1.ChecksdVolumeName, cmName) manager.Volume().AddVolume(&vol) // Add md5 hash annotation for custom config @@ -140,6 +141,10 @@ func PodTemplateSpec(logger logr.Logger, manager feature.PodTemplateManagers, ov manager.PodTemplateSpec().Spec.PriorityClassName = *override.PriorityClassName } + if override.RuntimeClassName != nil { + manager.PodTemplateSpec().Spec.RuntimeClassName = override.RuntimeClassName + } + if override.Affinity != nil { manager.PodTemplateSpec().Spec.Affinity = mergeAffinities(manager.PodTemplateSpec().Spec.Affinity, override.Affinity) } @@ -200,7 +205,7 @@ func overrideCustomConfigVolumes(logger logr.Logger, manager feature.PodTemplate manager.VolumeMount().AddVolumeMount(&volumeMount) case v2alpha1.ClusterAgentComponentName: // For the Cluster Agent, there is only one possible config file so can use a simple volume name. - volumeName := apicommon.ClusterAgentCustomConfigVolumeName + volumeName := v2alpha1.ClusterAgentCustomConfigVolumeName vol := volume.GetVolumeFromCustomConfig(customConfig, defaultConfigMapName, volumeName) manager.Volume().AddVolume(&vol) @@ -241,7 +246,7 @@ func overrideImage(currentImg string, overrideImg *v2alpha1.AgentImageConfig) st overrideImgCopy.Tag = strings.TrimSuffix(splitName[1], defaulting.JMXTagSuffix) } - return v2alpha1.GetImage(&overrideImgCopy, ®istry) + return constants.GetImage(&overrideImgCopy, ®istry) } func mergeAffinities(affinity1 *v1.Affinity, affinity2 *v1.Affinity) *v1.Affinity { diff --git a/internal/controller/datadogagent/override/podtemplatespec_test.go b/internal/controller/datadogagent/override/podtemplatespec_test.go index 053db9747..07d438f5e 100644 --- a/internal/controller/datadogagent/override/podtemplatespec_test.go +++ b/internal/controller/datadogagent/override/podtemplatespec_test.go @@ -15,7 +15,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/log/zap" - "github.com/DataDog/datadog-operator/api/datadoghq/common" + apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/fake" @@ -420,7 +420,7 @@ func TestPodTemplateSpec(t *testing.T) { Name: "added-env-valuefrom", ValueFrom: &v1.EnvVarSource{ FieldRef: &v1.ObjectFieldSelector{ - FieldPath: common.FieldPathStatusPodIP, + FieldPath: v2alpha1.FieldPathStatusPodIP, }, }, }, @@ -440,7 +440,7 @@ func TestPodTemplateSpec(t *testing.T) { Name: "added-env-valuefrom", ValueFrom: &v1.EnvVarSource{ FieldRef: &v1.ObjectFieldSelector{ - FieldPath: common.FieldPathStatusPodIP, + FieldPath: v2alpha1.FieldPathStatusPodIP, }, }, }, @@ -492,7 +492,7 @@ func TestPodTemplateSpec(t *testing.T) { validateManager: func(t *testing.T, manager *fake.PodTemplateManagers) { found := false for _, vol := range manager.VolumeMgr.Volumes { - if vol.Name == common.ConfdVolumeName { + if vol.Name == v2alpha1.ConfdVolumeName { found = true break } @@ -515,7 +515,7 @@ func TestPodTemplateSpec(t *testing.T) { validateManager: func(t *testing.T, manager *fake.PodTemplateManagers) { found := false for _, vol := range manager.VolumeMgr.Volumes { - if vol.Name == common.ConfdVolumeName { + if vol.Name == v2alpha1.ConfdVolumeName { found = true break } @@ -538,7 +538,7 @@ func TestPodTemplateSpec(t *testing.T) { validateManager: func(t *testing.T, manager *fake.PodTemplateManagers) { found := false for _, vol := range manager.VolumeMgr.Volumes { - if vol.Name == common.ChecksdVolumeName { + if vol.Name == v2alpha1.ChecksdVolumeName { found = true break } @@ -561,7 +561,7 @@ func TestPodTemplateSpec(t *testing.T) { validateManager: func(t *testing.T, manager *fake.PodTemplateManagers) { found := false for _, vol := range manager.VolumeMgr.Volumes { - if vol.Name == common.ChecksdVolumeName { + if vol.Name == v2alpha1.ChecksdVolumeName { found = true break } @@ -576,19 +576,19 @@ func TestPodTemplateSpec(t *testing.T) { manager := fake.NewPodTemplateManagers(t, v1.PodTemplateSpec{ Spec: v1.PodSpec{ Containers: []v1.Container{ - {Name: string(common.CoreAgentContainerName)}, - {Name: string(common.ClusterAgentContainerName)}, + {Name: string(apicommon.CoreAgentContainerName)}, + {Name: string(apicommon.ClusterAgentContainerName)}, }, InitContainers: []v1.Container{ - {Name: string(common.InitConfigContainerName)}, + {Name: string(apicommon.InitConfigContainerName)}, }, }, }) manager.EnvVarMgr.AddEnvVarToContainer( - common.ClusterAgentContainerName, + apicommon.ClusterAgentContainerName, &v1.EnvVar{ - Name: common.DDLogLevel, + Name: v2alpha1.DDLogLevel, Value: "info", }, ) @@ -596,8 +596,8 @@ func TestPodTemplateSpec(t *testing.T) { return manager }, override: v2alpha1.DatadogAgentComponentOverride{ - Containers: map[common.AgentContainerName]*v2alpha1.DatadogAgentGenericContainer{ - common.ClusterAgentContainerName: { + Containers: map[apicommon.AgentContainerName]*v2alpha1.DatadogAgentGenericContainer{ + apicommon.ClusterAgentContainerName: { LogLevel: apiutils.NewStringPointer("trace"), }, }, @@ -605,8 +605,8 @@ func TestPodTemplateSpec(t *testing.T) { validateManager: func(t *testing.T, manager *fake.PodTemplateManagers) { envSet := false - for _, env := range manager.EnvVarMgr.EnvVarsByC[common.ClusterAgentContainerName] { - if env.Name == common.DDLogLevel && env.Value == "trace" { + for _, env := range manager.EnvVarMgr.EnvVarsByC[apicommon.ClusterAgentContainerName] { + if env.Name == v2alpha1.DDLogLevel && env.Value == "trace" { envSet = true break } @@ -678,6 +678,20 @@ func TestPodTemplateSpec(t *testing.T) { assert.Equal(t, "new-name", manager.PodTemplateSpec().Spec.PriorityClassName) }, }, + { + name: "override runtime class name", + existingManager: func() *fake.PodTemplateManagers { + manager := fake.NewPodTemplateManagers(t, v1.PodTemplateSpec{}) + manager.PodTemplateSpec().Spec.RuntimeClassName = apiutils.NewStringPointer("old-name") + return manager + }, + override: v2alpha1.DatadogAgentComponentOverride{ + RuntimeClassName: apiutils.NewStringPointer("new-name"), + }, + validateManager: func(t *testing.T, manager *fake.PodTemplateManagers) { + assert.Equal(t, "new-name", *manager.PodTemplateSpec().Spec.RuntimeClassName) + }, + }, { name: "override affinity", existingManager: func() *fake.PodTemplateManagers { diff --git a/internal/controller/datadogagent/testutils/client_utils.go b/internal/controller/datadogagent/testutils/client_utils.go index 86cd4cb0b..f6b94794c 100644 --- a/internal/controller/datadogagent/testutils/client_utils.go +++ b/internal/controller/datadogagent/testutils/client_utils.go @@ -12,7 +12,7 @@ import ( appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" - policyv1 "k8s.io/api/policy/v1" + policyv1 "k8s.io/api/policy/v1beta1" rbacv1 "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/kubernetes/scheme" diff --git a/internal/controller/datadogagent_controller.go b/internal/controller/datadogagent_controller.go index 2e80cdf20..031ff6c30 100644 --- a/internal/controller/datadogagent_controller.go +++ b/internal/controller/datadogagent_controller.go @@ -13,7 +13,6 @@ import ( appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" - policyv1 "k8s.io/api/policy/v1" rbacv1 "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" @@ -195,7 +194,8 @@ func (r *DatadogAgentReconciler) SetupWithManager(mgr ctrl.Manager, metricForwar Owns(&rbacv1.Role{}). Owns(&rbacv1.RoleBinding{}). Owns(&corev1.ServiceAccount{}). - Owns(&policyv1.PodDisruptionBudget{}). + // We let PlatformInfo supply PDB object based on the current API version + Owns(r.PlatformInfo.CreatePDBObject()). Owns(&networkingv1.NetworkPolicy{}) if r.Options.DatadogAgentProfileEnabled { diff --git a/internal/controller/datadogagent_controller_profiles_test.go b/internal/controller/datadogagent_controller_profiles_test.go index ddc1aa4de..4b51ba748 100644 --- a/internal/controller/datadogagent_controller_profiles_test.go +++ b/internal/controller/datadogagent_controller_profiles_test.go @@ -252,7 +252,7 @@ var _ = Describe("V2 Controller - DatadogAgentProfile", func() { Name: "two", ValueFrom: &v1.EnvVarSource{ FieldRef: &v1.ObjectFieldSelector{ - FieldPath: apicommon.FieldPathStatusPodIP, + FieldPath: v2alpha1.FieldPathStatusPodIP, }, }, }, @@ -329,7 +329,7 @@ var _ = Describe("V2 Controller - DatadogAgentProfile", func() { Name: "two", ValueFrom: &v1.EnvVarSource{ FieldRef: &v1.ObjectFieldSelector{ - FieldPath: apicommon.FieldPathStatusPodIP, + FieldPath: v2alpha1.FieldPathStatusPodIP, }, }, }, diff --git a/internal/controller/datadogmonitor/finalizer_test.go b/internal/controller/datadogmonitor/finalizer_test.go index 61898925b..93e856a97 100644 --- a/internal/controller/datadogmonitor/finalizer_test.go +++ b/internal/controller/datadogmonitor/finalizer_test.go @@ -8,11 +8,13 @@ package datadogmonitor import ( "context" "testing" + "time" "github.com/go-logr/logr" "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes/scheme" + "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/fake" "sigs.k8s.io/controller-runtime/pkg/log/zap" @@ -27,10 +29,39 @@ var ( func Test_handleFinalizer(t *testing.T) { s := scheme.Scheme s.AddKnownTypes(datadoghqv1alpha1.GroupVersion, &datadoghqv1alpha1.DatadogMonitor{}) - // metaNow := metav1.NewTime(time.Now()) + metaNow := metav1.NewTime(time.Now()) r := &Reconciler{ client: fake.NewClientBuilder(). + WithRuntimeObjects( + &datadoghqv1alpha1.DatadogMonitor{ + TypeMeta: metav1.TypeMeta{ + Kind: "DatadogMonitor", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "monitor-create", + Namespace: "foo", + }, + }, + // Fake client preventes deletion timestamp from being set, so we init the store with an object that has: + // - deletion timestamp (added by running kubectl delete) + // - finalizer (added by the reconciler at creation time (see first test case)) + // Ref: https://github.com/kubernetes-sigs/controller-runtime/commit/7a66d580c0c53504f5b509b45e9300cc18a1cc30#diff-20ecedbf30721c01c33fb67d911da11c277e29990497a600d20cb0ec7215affdR683-R686 + &datadoghqv1alpha1.DatadogMonitor{ + TypeMeta: metav1.TypeMeta{ + Kind: "DatadogMonitor", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "monitor-to-delete", + Namespace: "foo", + DeletionTimestamp: &metaNow, + Finalizers: []string{datadogMonitorFinalizer}, + }, + Status: datadoghqv1alpha1.DatadogMonitorStatus{ + Primary: false, + }, + }, + ). WithStatusSubresource(&datadoghqv1alpha1.DatadogMonitor{}).Build(), scheme: s, log: testLogger, @@ -38,51 +69,34 @@ func Test_handleFinalizer(t *testing.T) { testCases := []struct { name string - dm *datadoghqv1alpha1.DatadogMonitor + objectName string finalizerShouldExist bool }{ { - name: "a new DatadogMonitor object gets a finalizer added successfully", - dm: &datadoghqv1alpha1.DatadogMonitor{ - TypeMeta: metav1.TypeMeta{ - Kind: "DatadogMonitor", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "test monitor", - }, - }, + name: "a new DatadogMonitor object gets a finalizer added successfully", + objectName: "monitor-create", finalizerShouldExist: true, }, - // { - // name: "a new DatadogMonitor object has a deletion timestamp", - // dm: &datadoghqv1alpha1.DatadogMonitor{ - // TypeMeta: metav1.TypeMeta{ - // Kind: "DatadogMonitor", - // }, - // ObjectMeta: metav1.ObjectMeta{ - // Name: "test monitor", - // // https://github.com/kubernetes-sigs/controller-runtime/commit/7a66d580c0c53504f5b509b45e9300cc18a1cc30#diff-20ecedbf30721c01c33fb67d911da11c277e29990497a600d20cb0ec7215affdR683-R686 - // // this is getting wiped upon creation with new controller-runtime - // DeletionTimestamp: &metaNow, - // }, - // Status: datadoghqv1alpha1.DatadogMonitorStatus{ - // Primary: false, - // }, - // }, - // finalizerShouldExist: false, - // }, + { + name: "a DatadogMonitor object (with the finalizer) has a deletion timestamp", + objectName: "monitor-to-delete", + finalizerShouldExist: false, + }, } for _, test := range testCases { t.Run(test.name, func(t *testing.T) { reqLogger := testLogger.WithValues("test:", test.name) - _ = r.client.Create(context.TODO(), test.dm) - _, err := r.handleFinalizer(reqLogger, test.dm) + testMonitor := &datadoghqv1alpha1.DatadogMonitor{} + _ = r.client.Get(context.TODO(), client.ObjectKey{Namespace: "foo", Name: test.objectName}, testMonitor) + + _, err := r.handleFinalizer(reqLogger, testMonitor) + assert.NoError(t, err) if test.finalizerShouldExist { - assert.True(t, utils.ContainsString(test.dm.GetFinalizers(), datadogMonitorFinalizer)) + assert.True(t, utils.ContainsString(testMonitor.GetFinalizers(), datadogMonitorFinalizer)) } else { - assert.False(t, utils.ContainsString(test.dm.GetFinalizers(), datadogMonitorFinalizer)) + assert.False(t, utils.ContainsString(testMonitor.GetFinalizers(), datadogMonitorFinalizer)) } }) } diff --git a/internal/controller/setup.go b/internal/controller/setup.go index b7e580fc9..7f3eef8af 100644 --- a/internal/controller/setup.go +++ b/internal/controller/setup.go @@ -47,7 +47,6 @@ type SetupOptions struct { V2APIEnabled bool IntrospectionEnabled bool DatadogAgentProfileEnabled bool - OtelAgentEnabled bool DatadogDashboardEnabled bool } @@ -160,7 +159,6 @@ func startDatadogAgent(logger logr.Logger, mgr manager.Manager, pInfo kubernetes OperatorMetricsEnabled: options.OperatorMetricsEnabled, IntrospectionEnabled: options.IntrospectionEnabled, DatadogAgentProfileEnabled: options.DatadogAgentProfileEnabled, - OtelAgentEnabled: options.OtelAgentEnabled, }, }).SetupWithManager(mgr, metricForwardersMgr) } diff --git a/internal/controller/testutils/agent.go b/internal/controller/testutils/agent.go index fc4ea3288..89244d725 100644 --- a/internal/controller/testutils/agent.go +++ b/internal/controller/testutils/agent.go @@ -25,6 +25,7 @@ import ( apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" + "github.com/DataDog/datadog-operator/pkg/constants" ) // NewDatadogAgentWithoutFeatures returns an agent without any features enabled @@ -408,7 +409,7 @@ func NewDatadogAgentWithGlobalConfigSettings(namespace string, name string) v2al Kubelet: &v2alpha1.KubeletConfig{ Host: &v1.EnvVarSource{ FieldRef: &v1.ObjectFieldSelector{ - FieldPath: apicommon.FieldPathSpecNodeName, + FieldPath: v2alpha1.FieldPathSpecNodeName, }, }, TLSVerify: apiutils.NewBoolPointer(true), @@ -455,7 +456,7 @@ func NewDatadogAgentWithOverrides(namespace string, name string) v2alpha1.Datado LogLevel: apiutils.NewStringPointer("debug"), Env: []v1.EnvVar{ { - Name: apicommon.DDLogLevel, + Name: v2alpha1.DDLogLevel, Value: "debug", }, }, @@ -474,9 +475,9 @@ func NewDatadogAgentWithOverrides(namespace string, name string) v2alpha1.Datado ReadinessProbe: &v1.Probe{ ProbeHandler: v1.ProbeHandler{ HTTPGet: &v1.HTTPGetAction{ - Path: v2alpha1.DefaultLivenessProbeHTTPPath, + Path: constants.DefaultLivenessProbeHTTPPath, Port: intstr.IntOrString{ - IntVal: v2alpha1.DefaultAgentHealthPort, + IntVal: constants.DefaultAgentHealthPort, }, }, }, @@ -489,9 +490,9 @@ func NewDatadogAgentWithOverrides(namespace string, name string) v2alpha1.Datado LivenessProbe: &v1.Probe{ ProbeHandler: v1.ProbeHandler{ HTTPGet: &v1.HTTPGetAction{ - Path: v2alpha1.DefaultLivenessProbeHTTPPath, + Path: constants.DefaultLivenessProbeHTTPPath, Port: intstr.IntOrString{ - IntVal: v2alpha1.DefaultAgentHealthPort, + IntVal: constants.DefaultAgentHealthPort, }, }, }, @@ -504,9 +505,9 @@ func NewDatadogAgentWithOverrides(namespace string, name string) v2alpha1.Datado StartupProbe: &v1.Probe{ ProbeHandler: v1.ProbeHandler{ HTTPGet: &v1.HTTPGetAction{ - Path: v2alpha1.DefaultLivenessProbeHTTPPath, + Path: constants.DefaultLivenessProbeHTTPPath, Port: intstr.IntOrString{ - IntVal: v2alpha1.DefaultAgentHealthPort, + IntVal: constants.DefaultAgentHealthPort, }, }, }, diff --git a/pkg/agentprofile/agent_profile.go b/pkg/agentprofile/agent_profile.go index 7c53db872..2f1ecb723 100644 --- a/pkg/agentprofile/agent_profile.go +++ b/pkg/agentprofile/agent_profile.go @@ -183,6 +183,7 @@ func OverrideFromProfile(profile *v1alpha1.DatadogAgentProfile) v2alpha1.Datadog if nodeAgentOverride, ok := profile.Spec.Config.Override[v1alpha1.NodeAgentComponentName]; ok { profileComponentOverride.Containers = containersOverride(nodeAgentOverride) profileComponentOverride.PriorityClassName = nodeAgentOverride.PriorityClassName + profileComponentOverride.RuntimeClassName = nodeAgentOverride.RuntimeClassName profileComponentOverride.UpdateStrategy = nodeAgentOverride.UpdateStrategy } } diff --git a/pkg/agentprofile/agent_profile_test.go b/pkg/agentprofile/agent_profile_test.go index f83660e31..d6eb8c0e3 100644 --- a/pkg/agentprofile/agent_profile_test.go +++ b/pkg/agentprofile/agent_profile_test.go @@ -350,6 +350,7 @@ func TestOverrideFromProfile(t *testing.T) { }, }, PriorityClassName: apiutils.NewStringPointer("foo"), + RuntimeClassName: apiutils.NewStringPointer("bar"), UpdateStrategy: &apicommon.UpdateStrategy{ Type: "RollingUpdate", RollingUpdate: &apicommon.RollingUpdate{ @@ -718,6 +719,7 @@ func configWithAllOverrides(cpuRequest string) *v1alpha1.Config { Override: map[v1alpha1.ComponentName]*v1alpha1.Override{ v1alpha1.NodeAgentComponentName: { PriorityClassName: apiutils.NewStringPointer("foo"), + RuntimeClassName: apiutils.NewStringPointer("bar"), UpdateStrategy: &apicommon.UpdateStrategy{ Type: "RollingUpdate", RollingUpdate: &apicommon.RollingUpdate{ diff --git a/pkg/config/config.go b/pkg/config/config.go index 8e9698764..032b20398 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -24,6 +24,7 @@ import ( "github.com/DataDog/datadog-operator/api/datadoghq/common" datadoghqv1alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v1alpha1" datadoghqv2alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" + "github.com/DataDog/datadog-operator/pkg/constants" ) // These constants are only used within pkg/config @@ -105,7 +106,7 @@ func CacheOptions(logger logr.Logger, opts WatchOptions) cache.Options { Namespaces: agentNamespaces, Label: labels.SelectorFromSet(map[string]string{ - common.AgentDeploymentComponentLabelKey: datadoghqv2alpha1.DefaultAgentResourceSuffix, + common.AgentDeploymentComponentLabelKey: constants.DefaultAgentResourceSuffix, }), Transform: func(obj interface{}) (interface{}, error) { diff --git a/pkg/config/creds.go b/pkg/config/creds.go index 7e2e16696..027559baa 100644 --- a/pkg/config/creds.go +++ b/pkg/config/creds.go @@ -11,7 +11,7 @@ import ( "sync" "time" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/DataDog/datadog-operator/pkg/secrets" "k8s.io/apimachinery/pkg/util/wait" @@ -54,8 +54,8 @@ func (cm *CredentialManager) GetCredentials() (Creds, error) { return creds, nil } - apiKey := os.Getenv(apicommon.DDAPIKey) - appKey := os.Getenv(apicommon.DDAppKey) + apiKey := os.Getenv(v2alpha1.DDAPIKey) + appKey := os.Getenv(v2alpha1.DDAppKey) if apiKey == "" || appKey == "" { return Creds{}, errors.New("empty API key and/or App key") diff --git a/pkg/constants/const.go b/pkg/constants/const.go new file mode 100644 index 000000000..2ab78928f --- /dev/null +++ b/pkg/constants/const.go @@ -0,0 +1,62 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2024-present Datadog, Inc. + +package constants + +const ( + // Liveness probe default config + DefaultLivenessProbeInitialDelaySeconds int32 = 15 + DefaultLivenessProbePeriodSeconds int32 = 15 + DefaultLivenessProbeTimeoutSeconds int32 = 5 + DefaultLivenessProbeSuccessThreshold int32 = 1 + DefaultLivenessProbeFailureThreshold int32 = 6 + DefaultLivenessProbeHTTPPath = "/live" + + // Readiness probe default config + DefaultReadinessProbeInitialDelaySeconds int32 = 15 + DefaultReadinessProbePeriodSeconds int32 = 15 + DefaultReadinessProbeTimeoutSeconds int32 = 5 + DefaultReadinessProbeSuccessThreshold int32 = 1 + DefaultReadinessProbeFailureThreshold int32 = 6 + DefaultReadinessProbeHTTPPath = "/ready" + + // Startup probe default config + DefaultStartupProbeInitialDelaySeconds int32 = 15 + DefaultStartupProbePeriodSeconds int32 = 15 + DefaultStartupProbeTimeoutSeconds int32 = 5 + DefaultStartupProbeSuccessThreshold int32 = 1 + DefaultStartupProbeFailureThreshold int32 = 6 + DefaultStartupProbeHTTPPath = "/startup" + + // Agent Data plane default liveness/readiness probe configs + DefaultADPLivenessProbeInitialDelaySeconds int32 = 5 + DefaultADPLivenessProbePeriodSeconds int32 = 5 + DefaultADPLivenessProbeTimeoutSeconds int32 = 5 + DefaultADPLivenessProbeSuccessThreshold int32 = 1 + DefaultADPLivenessProbeFailureThreshold int32 = 12 + + DefaultADPReadinessProbeInitialDelaySeconds int32 = 5 + DefaultADPReadinessProbePeriodSeconds int32 = 5 + DefaultADPReadinessProbeTimeoutSeconds int32 = 5 + DefaultADPReadinessProbeSuccessThreshold int32 = 1 + DefaultADPReadinessProbeFailureThreshold int32 = 12 + + // DefaultAgentHealthPort default agent health port + DefaultAgentHealthPort int32 = 5555 + + DefaultADPHealthPort = 5100 + + // DefaultApmPort default apm port + DefaultApmPort = 8126 + // DefaultApmPortName default apm port name + DefaultApmPortName = "traceport" + + // DefaultAgentResourceSuffix use as suffix for agent resource naming + DefaultAgentResourceSuffix = "agent" + // DefaultClusterAgentResourceSuffix use as suffix for cluster-agent resource naming + DefaultClusterAgentResourceSuffix = "cluster-agent" + // DefaultClusterChecksRunnerResourceSuffix use as suffix for cluster-checks-runner resource naming + DefaultClusterChecksRunnerResourceSuffix = "cluster-checks-runner" +) diff --git a/api/datadoghq/v2alpha1/utils.go b/pkg/constants/utils.go similarity index 73% rename from api/datadoghq/v2alpha1/utils.go rename to pkg/constants/utils.go index ba3b10685..483f62349 100644 --- a/api/datadoghq/v2alpha1/utils.go +++ b/pkg/constants/utils.go @@ -3,13 +3,14 @@ // This product includes software developed at Datadog (https://www.datadoghq.com/). // Copyright 2016-present Datadog, Inc. -package v2alpha1 +package constants import ( "fmt" "github.com/DataDog/datadog-operator/pkg/defaulting" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -17,7 +18,7 @@ import ( ) // GetConfName get the name of the Configmap for a CustomConfigSpec -func GetConfName(owner metav1.Object, conf *CustomConfig, defaultName string) string { +func GetConfName(owner metav1.Object, conf *v2alpha1.CustomConfig, defaultName string) string { // `configData` and `configMap` can't be set together. // Return the default if the conf is not overridden or if it is just overridden with the ConfigData. if conf != nil && conf.ConfigMap != nil { @@ -27,61 +28,61 @@ func GetConfName(owner metav1.Object, conf *CustomConfig, defaultName string) st } // GetClusterAgentServiceAccount return the cluster-agent serviceAccountName -func GetClusterAgentServiceAccount(dda *DatadogAgent) string { +func GetClusterAgentServiceAccount(dda *v2alpha1.DatadogAgent) string { saDefault := fmt.Sprintf("%s-%s", dda.Name, DefaultClusterAgentResourceSuffix) - if dda.Spec.Override[ClusterAgentComponentName] != nil && dda.Spec.Override[ClusterAgentComponentName].ServiceAccountName != nil { - return *dda.Spec.Override[ClusterAgentComponentName].ServiceAccountName + if dda.Spec.Override[v2alpha1.ClusterAgentComponentName] != nil && dda.Spec.Override[v2alpha1.ClusterAgentComponentName].ServiceAccountName != nil { + return *dda.Spec.Override[v2alpha1.ClusterAgentComponentName].ServiceAccountName } return saDefault } // GetAgentServiceAccount returns the agent service account name -func GetAgentServiceAccount(dda *DatadogAgent) string { +func GetAgentServiceAccount(dda *v2alpha1.DatadogAgent) string { saDefault := fmt.Sprintf("%s-%s", dda.Name, DefaultAgentResourceSuffix) - if dda.Spec.Override[NodeAgentComponentName] != nil && dda.Spec.Override[NodeAgentComponentName].ServiceAccountName != nil { - return *dda.Spec.Override[NodeAgentComponentName].ServiceAccountName + if dda.Spec.Override[v2alpha1.NodeAgentComponentName] != nil && dda.Spec.Override[v2alpha1.NodeAgentComponentName].ServiceAccountName != nil { + return *dda.Spec.Override[v2alpha1.NodeAgentComponentName].ServiceAccountName } return saDefault } // GetClusterChecksRunnerServiceAccount return the cluster-checks-runner service account name -func GetClusterChecksRunnerServiceAccount(dda *DatadogAgent) string { +func GetClusterChecksRunnerServiceAccount(dda *v2alpha1.DatadogAgent) string { saDefault := fmt.Sprintf("%s-%s", dda.Name, DefaultClusterChecksRunnerResourceSuffix) - if dda.Spec.Override[ClusterChecksRunnerComponentName] != nil && dda.Spec.Override[ClusterChecksRunnerComponentName].ServiceAccountName != nil { - return *dda.Spec.Override[ClusterChecksRunnerComponentName].ServiceAccountName + if dda.Spec.Override[v2alpha1.ClusterChecksRunnerComponentName] != nil && dda.Spec.Override[v2alpha1.ClusterChecksRunnerComponentName].ServiceAccountName != nil { + return *dda.Spec.Override[v2alpha1.ClusterChecksRunnerComponentName].ServiceAccountName } return saDefault } // GetClusterAgentServiceAccountAnnotations returns the annotations for the cluster-agent service account. -func GetClusterAgentServiceAccountAnnotations(dda *DatadogAgent) map[string]string { +func GetClusterAgentServiceAccountAnnotations(dda *v2alpha1.DatadogAgent) map[string]string { defaultAnnotations := map[string]string{} - if dda.Spec.Override[ClusterAgentComponentName] != nil && dda.Spec.Override[ClusterAgentComponentName].ServiceAccountAnnotations != nil { - return dda.Spec.Override[ClusterAgentComponentName].ServiceAccountAnnotations + if dda.Spec.Override[v2alpha1.ClusterAgentComponentName] != nil && dda.Spec.Override[v2alpha1.ClusterAgentComponentName].ServiceAccountAnnotations != nil { + return dda.Spec.Override[v2alpha1.ClusterAgentComponentName].ServiceAccountAnnotations } return defaultAnnotations } // GetAgentServiceAccountAnnotations returns the annotations for the agent service account. -func GetAgentServiceAccountAnnotations(dda *DatadogAgent) map[string]string { +func GetAgentServiceAccountAnnotations(dda *v2alpha1.DatadogAgent) map[string]string { defaultAnnotations := map[string]string{} - if dda.Spec.Override[NodeAgentComponentName] != nil && dda.Spec.Override[NodeAgentComponentName].ServiceAccountAnnotations != nil { - return dda.Spec.Override[NodeAgentComponentName].ServiceAccountAnnotations + if dda.Spec.Override[v2alpha1.NodeAgentComponentName] != nil && dda.Spec.Override[v2alpha1.NodeAgentComponentName].ServiceAccountAnnotations != nil { + return dda.Spec.Override[v2alpha1.NodeAgentComponentName].ServiceAccountAnnotations } return defaultAnnotations } // GetClusterChecksRunnerServiceAccountAnnotations returns the annotations for the cluster-checks-runner service account. -func GetClusterChecksRunnerServiceAccountAnnotations(dda *DatadogAgent) map[string]string { +func GetClusterChecksRunnerServiceAccountAnnotations(dda *v2alpha1.DatadogAgent) map[string]string { defaultAnnotations := map[string]string{} - if dda.Spec.Override[ClusterChecksRunnerComponentName] != nil && dda.Spec.Override[ClusterChecksRunnerComponentName].ServiceAccountAnnotations != nil { - return dda.Spec.Override[ClusterChecksRunnerComponentName].ServiceAccountAnnotations + if dda.Spec.Override[v2alpha1.ClusterChecksRunnerComponentName] != nil && dda.Spec.Override[v2alpha1.ClusterChecksRunnerComponentName].ServiceAccountAnnotations != nil { + return dda.Spec.Override[v2alpha1.ClusterChecksRunnerComponentName].ServiceAccountAnnotations } return defaultAnnotations } // IsHostNetworkEnabled returns whether the pod should use the host's network namespace -func IsHostNetworkEnabled(dda *DatadogAgent, component ComponentName) bool { +func IsHostNetworkEnabled(dda *v2alpha1.DatadogAgent, component v2alpha1.ComponentName) bool { if dda.Spec.Override != nil { if c, ok := dda.Spec.Override[component]; ok { return apiutils.BoolValue(c.HostNetwork) @@ -91,17 +92,17 @@ func IsHostNetworkEnabled(dda *DatadogAgent, component ComponentName) bool { } // IsClusterChecksEnabled returns whether the DDA should use cluster checks -func IsClusterChecksEnabled(dda *DatadogAgent) bool { +func IsClusterChecksEnabled(dda *v2alpha1.DatadogAgent) bool { return dda.Spec.Features.ClusterChecks != nil && apiutils.BoolValue(dda.Spec.Features.ClusterChecks.Enabled) } // IsCCREnabled returns whether the DDA should use Cluster Checks Runners -func IsCCREnabled(dda *DatadogAgent) bool { +func IsCCREnabled(dda *v2alpha1.DatadogAgent) bool { return dda.Spec.Features.ClusterChecks != nil && apiutils.BoolValue(dda.Spec.Features.ClusterChecks.UseClusterChecksRunners) } // GetLocalAgentServiceName returns the name used for the local agent service -func GetLocalAgentServiceName(dda *DatadogAgent) string { +func GetLocalAgentServiceName(dda *v2alpha1.DatadogAgent) string { if dda.Spec.Global.LocalService != nil && dda.Spec.Global.LocalService.NameOverride != nil { return *dda.Spec.Global.LocalService.NameOverride } @@ -109,12 +110,12 @@ func GetLocalAgentServiceName(dda *DatadogAgent) string { } // IsNetworkPolicyEnabled returns whether a network policy should be created and which flavor to use -func IsNetworkPolicyEnabled(dda *DatadogAgent) (bool, NetworkPolicyFlavor) { +func IsNetworkPolicyEnabled(dda *v2alpha1.DatadogAgent) (bool, v2alpha1.NetworkPolicyFlavor) { if dda.Spec.Global != nil && dda.Spec.Global.NetworkPolicy != nil && apiutils.BoolValue(dda.Spec.Global.NetworkPolicy.Create) { if dda.Spec.Global.NetworkPolicy.Flavor != "" { return true, dda.Spec.Global.NetworkPolicy.Flavor } - return true, NetworkPolicyFlavorKubernetes + return true, v2alpha1.NetworkPolicyFlavorKubernetes } return false, "" } @@ -225,7 +226,7 @@ func GetDefaultAgentDataPlaneReadinessProbe() *corev1.Probe { } // GetImage builds the image string based on ImageConfig and the registry configuration. -func GetImage(imageSpec *AgentImageConfig, registry *string) string { +func GetImage(imageSpec *v2alpha1.AgentImageConfig, registry *string) string { if defaulting.IsImageNameContainsTag(imageSpec.Name) { return imageSpec.Name } diff --git a/api/datadoghq/v2alpha1/utils_test.go b/pkg/constants/utils_test.go similarity index 69% rename from api/datadoghq/v2alpha1/utils_test.go rename to pkg/constants/utils_test.go index bcef5620b..33263d21f 100644 --- a/api/datadoghq/v2alpha1/utils_test.go +++ b/pkg/constants/utils_test.go @@ -1,9 +1,8 @@ // Unless explicitly stated otherwise all files in this repository are licensed // under the Apache License Version 2.0. // This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package v2alpha1 +// Copyright 2024-present Datadog, Inc. +package constants import ( "fmt" @@ -11,6 +10,7 @@ import ( "github.com/stretchr/testify/assert" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/pkg/defaulting" @@ -21,13 +21,13 @@ func Test_GetImage(t *testing.T) { emptyRegistry := "" tests := []struct { name string - imageSpec *AgentImageConfig + imageSpec *v2alpha1.AgentImageConfig registry *string want string }{ { name: "backward compatible", - imageSpec: &AgentImageConfig{ + imageSpec: &v2alpha1.AgentImageConfig{ Name: defaulting.GetLatestAgentImage(), }, registry: nil, @@ -35,7 +35,7 @@ func Test_GetImage(t *testing.T) { }, { name: "nominal case", - imageSpec: &AgentImageConfig{ + imageSpec: &v2alpha1.AgentImageConfig{ Name: "agent", Tag: "7", }, @@ -44,7 +44,7 @@ func Test_GetImage(t *testing.T) { }, { name: "prioritize the full path", - imageSpec: &AgentImageConfig{ + imageSpec: &v2alpha1.AgentImageConfig{ Name: "docker.io/datadog/agent:7.28.1-rc.3", Tag: "latest", }, @@ -53,7 +53,7 @@ func Test_GetImage(t *testing.T) { }, { name: "default registry", - imageSpec: &AgentImageConfig{ + imageSpec: &v2alpha1.AgentImageConfig{ Name: "agent", Tag: "latest", }, @@ -62,7 +62,7 @@ func Test_GetImage(t *testing.T) { }, { name: "add jmx", - imageSpec: &AgentImageConfig{ + imageSpec: &v2alpha1.AgentImageConfig{ Name: "agent", Tag: defaulting.AgentLatestVersion, JMXEnabled: true, @@ -72,7 +72,7 @@ func Test_GetImage(t *testing.T) { }, { name: "cluster-agent", - imageSpec: &AgentImageConfig{ + imageSpec: &v2alpha1.AgentImageConfig{ Name: "cluster-agent", Tag: defaulting.ClusterAgentLatestVersion, JMXEnabled: false, @@ -82,7 +82,7 @@ func Test_GetImage(t *testing.T) { }, { name: "do not duplicate jmx", - imageSpec: &AgentImageConfig{ + imageSpec: &v2alpha1.AgentImageConfig{ Name: "agent", Tag: "latest-jmx", JMXEnabled: true, @@ -92,7 +92,7 @@ func Test_GetImage(t *testing.T) { }, { name: "do not add jmx", - imageSpec: &AgentImageConfig{ + imageSpec: &v2alpha1.AgentImageConfig{ Name: "agent", Tag: "latest-jmx", JMXEnabled: true, @@ -113,39 +113,39 @@ func TestServiceAccountNameOverride(t *testing.T) { ddaName := "test-dda" tests := []struct { name string - dda *DatadogAgent - want map[ComponentName]string + dda *v2alpha1.DatadogAgent + want map[v2alpha1.ComponentName]string }{ { name: "custom serviceaccount for dca and clc", - dda: &DatadogAgent{ + dda: &v2alpha1.DatadogAgent{ ObjectMeta: v1.ObjectMeta{ Name: ddaName, }, - Spec: DatadogAgentSpec{ - Override: map[ComponentName]*DatadogAgentComponentOverride{ - ClusterAgentComponentName: { + Spec: v2alpha1.DatadogAgentSpec{ + Override: map[v2alpha1.ComponentName]*v2alpha1.DatadogAgentComponentOverride{ + v2alpha1.ClusterAgentComponentName: { ServiceAccountName: &customServiceAccount, }, - ClusterChecksRunnerComponentName: { + v2alpha1.ClusterChecksRunnerComponentName: { ServiceAccountName: &customServiceAccount, }, }, }, }, - want: map[ComponentName]string{ - ClusterAgentComponentName: customServiceAccount, - NodeAgentComponentName: fmt.Sprintf("%s-%s", ddaName, DefaultAgentResourceSuffix), - ClusterChecksRunnerComponentName: customServiceAccount, + want: map[v2alpha1.ComponentName]string{ + v2alpha1.ClusterAgentComponentName: customServiceAccount, + v2alpha1.NodeAgentComponentName: fmt.Sprintf("%s-%s", ddaName, DefaultAgentResourceSuffix), + v2alpha1.ClusterChecksRunnerComponentName: customServiceAccount, }, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - res := map[ComponentName]string{} - res[NodeAgentComponentName] = GetAgentServiceAccount(tt.dda) - res[ClusterChecksRunnerComponentName] = GetClusterChecksRunnerServiceAccount(tt.dda) - res[ClusterAgentComponentName] = GetClusterAgentServiceAccount(tt.dda) + res := map[v2alpha1.ComponentName]string{} + res[v2alpha1.NodeAgentComponentName] = GetAgentServiceAccount(tt.dda) + res[v2alpha1.ClusterChecksRunnerComponentName] = GetClusterChecksRunnerServiceAccount(tt.dda) + res[v2alpha1.ClusterAgentComponentName] = GetClusterAgentServiceAccount(tt.dda) for name, sa := range tt.want { if res[name] != sa { t.Errorf("Service Account Override error = %v, want %v", res[name], tt.want[name]) @@ -164,40 +164,40 @@ func TestServiceAccountAnnotationOverride(t *testing.T) { ddaName := "test-dda" tests := []struct { name string - dda *DatadogAgent - want map[ComponentName]map[string]interface{} + dda *v2alpha1.DatadogAgent + want map[v2alpha1.ComponentName]map[string]interface{} }{ { name: "custom serviceaccount annotations for dda, dca and clc", - dda: &DatadogAgent{ + dda: &v2alpha1.DatadogAgent{ ObjectMeta: v1.ObjectMeta{ Name: ddaName, }, - Spec: DatadogAgentSpec{ - Override: map[ComponentName]*DatadogAgentComponentOverride{ - ClusterAgentComponentName: { + Spec: v2alpha1.DatadogAgentSpec{ + Override: map[v2alpha1.ComponentName]*v2alpha1.DatadogAgentComponentOverride{ + v2alpha1.ClusterAgentComponentName: { ServiceAccountName: &customServiceAccount, ServiceAccountAnnotations: customServiceAccountAnnotations, }, - ClusterChecksRunnerComponentName: { + v2alpha1.ClusterChecksRunnerComponentName: { ServiceAccountAnnotations: customServiceAccountAnnotations, }, - NodeAgentComponentName: { + v2alpha1.NodeAgentComponentName: { ServiceAccountAnnotations: customServiceAccountAnnotations, }, }, }, }, - want: map[ComponentName]map[string]interface{}{ - ClusterAgentComponentName: { + want: map[v2alpha1.ComponentName]map[string]interface{}{ + v2alpha1.ClusterAgentComponentName: { "name": customServiceAccount, "annotations": customServiceAccountAnnotations, }, - NodeAgentComponentName: { + v2alpha1.NodeAgentComponentName: { "name": fmt.Sprintf("%s-%s", ddaName, DefaultAgentResourceSuffix), "annotations": customServiceAccountAnnotations, }, - ClusterChecksRunnerComponentName: { + v2alpha1.ClusterChecksRunnerComponentName: { "name": fmt.Sprintf("%s-%s", ddaName, DefaultClusterChecksRunnerResourceSuffix), "annotations": customServiceAccountAnnotations, }, @@ -205,29 +205,29 @@ func TestServiceAccountAnnotationOverride(t *testing.T) { }, { name: "custom serviceaccount annotations for dca", - dda: &DatadogAgent{ + dda: &v2alpha1.DatadogAgent{ ObjectMeta: v1.ObjectMeta{ Name: ddaName, }, - Spec: DatadogAgentSpec{ - Override: map[ComponentName]*DatadogAgentComponentOverride{ - ClusterAgentComponentName: { + Spec: v2alpha1.DatadogAgentSpec{ + Override: map[v2alpha1.ComponentName]*v2alpha1.DatadogAgentComponentOverride{ + v2alpha1.ClusterAgentComponentName: { ServiceAccountName: &customServiceAccount, ServiceAccountAnnotations: customServiceAccountAnnotations, }, }, }, }, - want: map[ComponentName]map[string]interface{}{ - NodeAgentComponentName: { + want: map[v2alpha1.ComponentName]map[string]interface{}{ + v2alpha1.NodeAgentComponentName: { "name": fmt.Sprintf("%s-%s", ddaName, DefaultAgentResourceSuffix), "annotations": map[string]string{}, }, - ClusterAgentComponentName: { + v2alpha1.ClusterAgentComponentName: { "name": customServiceAccount, "annotations": customServiceAccountAnnotations, }, - ClusterChecksRunnerComponentName: { + v2alpha1.ClusterChecksRunnerComponentName: { "name": fmt.Sprintf("%s-%s", ddaName, DefaultClusterChecksRunnerResourceSuffix), "annotations": map[string]string{}, }, @@ -236,16 +236,16 @@ func TestServiceAccountAnnotationOverride(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - res := map[ComponentName]map[string]interface{}{ - NodeAgentComponentName: { + res := map[v2alpha1.ComponentName]map[string]interface{}{ + v2alpha1.NodeAgentComponentName: { "name": GetAgentServiceAccount(tt.dda), "annotations": GetAgentServiceAccountAnnotations(tt.dda), }, - ClusterChecksRunnerComponentName: { + v2alpha1.ClusterChecksRunnerComponentName: { "name": GetClusterChecksRunnerServiceAccount(tt.dda), "annotations": GetClusterChecksRunnerServiceAccountAnnotations(tt.dda), }, - ClusterAgentComponentName: { + v2alpha1.ClusterAgentComponentName: { "name": GetClusterAgentServiceAccount(tt.dda), "annotations": GetClusterAgentServiceAccountAnnotations(tt.dda), }, diff --git a/pkg/controller/utils/comparison/comparison.go b/pkg/controller/utils/comparison/comparison.go index 0f0545e02..4dfbc8d38 100644 --- a/pkg/controller/utils/comparison/comparison.go +++ b/pkg/controller/utils/comparison/comparison.go @@ -15,12 +15,12 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/DataDog/datadog-operator/api/datadoghq/common" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" ) // IsSameSpecMD5Hash used to compare the DatadogAgent.spec md5 hash with the one set in annotations func IsSameSpecMD5Hash(hash string, annotations map[string]string) bool { - return IsSameMD5Hash(hash, annotations, common.MD5AgentDeploymentAnnotationKey) + return IsSameMD5Hash(hash, annotations, v2alpha1.MD5AgentDeploymentAnnotationKey) } // IsSameMD5Hash used to compare a md5 hash with the one set in annotations @@ -50,7 +50,7 @@ func GenerateMD5ForSpec(spec interface{}) (string, error) { // SetMD5DatadogAgentGenerationAnnotation is used to set the md5 annotation key/value from spec func SetMD5DatadogAgentGenerationAnnotation(obj *metav1.ObjectMeta, spec interface{}) (string, error) { - return SetMD5GenerationAnnotation(obj, spec, common.MD5AgentDeploymentAnnotationKey) + return SetMD5GenerationAnnotation(obj, spec, v2alpha1.MD5AgentDeploymentAnnotationKey) } // SetMD5GenerationAnnotation is used to set the md5 annotation key/value from spec diff --git a/pkg/controller/utils/datadog/metrics_forwarder.go b/pkg/controller/utils/datadog/metrics_forwarder.go index 0910783f4..8c157df3f 100644 --- a/pkg/controller/utils/datadog/metrics_forwarder.go +++ b/pkg/controller/utils/datadog/metrics_forwarder.go @@ -14,7 +14,6 @@ import ( "sync" "time" - "github.com/DataDog/datadog-operator/api/datadoghq/v1alpha1" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/DataDog/datadog-operator/pkg/config" "github.com/DataDog/datadog-operator/pkg/kubernetes" @@ -669,14 +668,17 @@ func (mf *metricsForwarder) updateStatusIfNeeded(err error) { conditionStatus := true message := "Datadog metrics forwarding ok" reason := "MetricsForwardingSucceeded" + conditionType := string(v2alpha1.DatadogMetricsActive) + if err != nil { conditionStatus = false message = "Datadog metrics forwarding error" reason = "MetricsForwardingError" + conditionType = string(v2alpha1.DatadogMetricsError) } newConditionStatus := &ConditionCommon{ - ConditionType: string(v1alpha1.DatadogMetricsActive), + ConditionType: conditionType, Status: conditionStatus, LastUpdateTime: now, Message: message, diff --git a/pkg/controller/utils/datadog/metrics_forwarder_test.go b/pkg/controller/utils/datadog/metrics_forwarder_test.go index cb105d217..06e17b4b4 100644 --- a/pkg/controller/utils/datadog/metrics_forwarder_test.go +++ b/pkg/controller/utils/datadog/metrics_forwarder_test.go @@ -15,13 +15,12 @@ import ( "sync" "testing" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" - datadoghqv2alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test" + v2alpha1 "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" apiutils "github.com/DataDog/datadog-operator/api/utils" "github.com/DataDog/datadog-operator/pkg/config" "github.com/DataDog/datadog-operator/pkg/kubernetes" "github.com/DataDog/datadog-operator/pkg/secrets" + "github.com/DataDog/datadog-operator/pkg/testutils" "github.com/stretchr/testify/mock" assert "github.com/stretchr/testify/require" @@ -162,7 +161,7 @@ func TestReconcileDatadogAgent_getCredentials(t *testing.T) { client client.Client } type args struct { - dda *datadoghqv2alpha1.DatadogAgent + dda *v2alpha1.DatadogAgent loadFunc func(*metricsForwarder, *secrets.DummyDecryptor) } tests := []struct { @@ -179,14 +178,14 @@ func TestReconcileDatadogAgent_getCredentials(t *testing.T) { client: fake.NewFakeClient(), }, args: args{ - dda: test.NewDatadogAgent("foo", "bar", &datadoghqv2alpha1.GlobalConfig{ - Credentials: &datadoghqv2alpha1.DatadogCredentials{ + dda: testutils.NewDatadogAgent("foo", "bar", &v2alpha1.GlobalConfig{ + Credentials: &v2alpha1.DatadogCredentials{ APIKey: apiutils.NewStringPointer(apiKey), }, }), loadFunc: func(m *metricsForwarder, d *secrets.DummyDecryptor) { - os.Setenv(apicommon.DDAPIKey, "test123") - os.Setenv(apicommon.DDAppKey, "testabc") + os.Setenv(v2alpha1.DDAPIKey, "test123") + os.Setenv(v2alpha1.DDAppKey, "testabc") }, }, wantAPIKey: "test123", @@ -198,14 +197,14 @@ func TestReconcileDatadogAgent_getCredentials(t *testing.T) { client: fake.NewFakeClient(), }, args: args{ - dda: test.NewDatadogAgent("foo", "bar", &datadoghqv2alpha1.GlobalConfig{ - Credentials: &datadoghqv2alpha1.DatadogCredentials{ + dda: testutils.NewDatadogAgent("foo", "bar", &v2alpha1.GlobalConfig{ + Credentials: &v2alpha1.DatadogCredentials{ APIKey: apiutils.NewStringPointer(apiKey), }, }), loadFunc: func(m *metricsForwarder, d *secrets.DummyDecryptor) { - os.Unsetenv(apicommon.DDAPIKey) - os.Unsetenv(apicommon.DDAppKey) + os.Unsetenv(v2alpha1.DDAPIKey) + os.Unsetenv(v2alpha1.DDAppKey) }, }, wantAPIKey: "foundAPIKey", @@ -217,17 +216,17 @@ func TestReconcileDatadogAgent_getCredentials(t *testing.T) { client: fake.NewFakeClient(), }, args: args{ - dda: test.NewDatadogAgent("foo", "bar", &datadoghqv2alpha1.GlobalConfig{ - Credentials: &datadoghqv2alpha1.DatadogCredentials{ - APISecret: &datadoghqv2alpha1.SecretConfig{ + dda: testutils.NewDatadogAgent("foo", "bar", &v2alpha1.GlobalConfig{ + Credentials: &v2alpha1.DatadogCredentials{ + APISecret: &v2alpha1.SecretConfig{ SecretName: "datadog-creds-api", KeyName: "datadog_api_key", }, }, }), loadFunc: func(m *metricsForwarder, d *secrets.DummyDecryptor) { - os.Unsetenv(apicommon.DDAPIKey) - os.Unsetenv(apicommon.DDAppKey) + os.Unsetenv(v2alpha1.DDAPIKey) + os.Unsetenv(v2alpha1.DDAppKey) secret := &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: "datadog-creds-api", @@ -249,14 +248,14 @@ func TestReconcileDatadogAgent_getCredentials(t *testing.T) { client: fake.NewFakeClient(), }, args: args{ - dda: test.NewDatadogAgent("foo", "bar", &datadoghqv2alpha1.GlobalConfig{ - Credentials: &datadoghqv2alpha1.DatadogCredentials{ + dda: testutils.NewDatadogAgent("foo", "bar", &v2alpha1.GlobalConfig{ + Credentials: &v2alpha1.DatadogCredentials{ APIKey: apiutils.NewStringPointer(encAPIKey), }, }), loadFunc: func(m *metricsForwarder, d *secrets.DummyDecryptor) { - os.Unsetenv(apicommon.DDAPIKey) - os.Unsetenv(apicommon.DDAppKey) + os.Unsetenv(v2alpha1.DDAPIKey) + os.Unsetenv(v2alpha1.DDAppKey) m.cleanSecretsCache() m.creds.Store(encAPIKey, "cachedAPIKey") }, @@ -277,14 +276,14 @@ func TestReconcileDatadogAgent_getCredentials(t *testing.T) { client: fake.NewFakeClient(), }, args: args{ - dda: test.NewDatadogAgent("foo", "bar", &datadoghqv2alpha1.GlobalConfig{ - Credentials: &datadoghqv2alpha1.DatadogCredentials{ + dda: testutils.NewDatadogAgent("foo", "bar", &v2alpha1.GlobalConfig{ + Credentials: &v2alpha1.DatadogCredentials{ APIKey: apiutils.NewStringPointer(encAPIKey), }, }), loadFunc: func(m *metricsForwarder, d *secrets.DummyDecryptor) { - os.Unsetenv(apicommon.DDAPIKey) - os.Unsetenv(apicommon.DDAppKey) + os.Unsetenv(v2alpha1.DDAPIKey) + os.Unsetenv(v2alpha1.DDAppKey) m.cleanSecretsCache() d.On("Decrypt", []string{encAPIKey}).Once() }, @@ -306,10 +305,10 @@ func TestReconcileDatadogAgent_getCredentials(t *testing.T) { client: fake.NewFakeClient(), }, args: args{ - dda: test.NewDatadogAgent("foo", "bar", &datadoghqv2alpha1.GlobalConfig{}), + dda: testutils.NewDatadogAgent("foo", "bar", &v2alpha1.GlobalConfig{}), loadFunc: func(m *metricsForwarder, d *secrets.DummyDecryptor) { - os.Unsetenv(apicommon.DDAPIKey) - os.Unsetenv(apicommon.DDAppKey) + os.Unsetenv(v2alpha1.DDAPIKey) + os.Unsetenv(v2alpha1.DDAppKey) }, }, wantErr: true, @@ -694,7 +693,7 @@ func Test_getbaseURL(t *testing.T) { euSite := "datadoghq.eu" type args struct { - dda *datadoghqv2alpha1.DatadogAgent + dda *v2alpha1.DatadogAgent } tests := []struct { name string @@ -704,14 +703,14 @@ func Test_getbaseURL(t *testing.T) { { name: "Get default baseURL", args: args{ - dda: test.NewDatadogAgent("foo", "bar", nil), + dda: testutils.NewDatadogAgent("foo", "bar", nil), }, want: "https://api.datadoghq.com", }, { name: "Compute baseURL from site when passing Site", args: args{ - dda: test.NewDatadogAgent("foo", "bar", &datadoghqv2alpha1.GlobalConfig{ + dda: testutils.NewDatadogAgent("foo", "bar", &v2alpha1.GlobalConfig{ Site: &euSite, }), }, @@ -720,8 +719,8 @@ func Test_getbaseURL(t *testing.T) { { name: "Compute baseURL from endpoint.URL when Site is not defined", args: args{ - dda: test.NewDatadogAgent("foo", "bar", &datadoghqv2alpha1.GlobalConfig{ - Endpoint: &datadoghqv2alpha1.Endpoint{ + dda: testutils.NewDatadogAgent("foo", "bar", &v2alpha1.GlobalConfig{ + Endpoint: &v2alpha1.Endpoint{ URL: apiutils.NewStringPointer("https://test.url.com"), }, }), @@ -731,9 +730,9 @@ func Test_getbaseURL(t *testing.T) { { name: "Test that DDUrl takes precedence over Site", args: args{ - dda: test.NewDatadogAgent("foo", "bar", &datadoghqv2alpha1.GlobalConfig{ + dda: testutils.NewDatadogAgent("foo", "bar", &v2alpha1.GlobalConfig{ Site: &euSite, - Endpoint: &datadoghqv2alpha1.Endpoint{ + Endpoint: &v2alpha1.Endpoint{ URL: apiutils.NewStringPointer("https://test.url.com"), }, }), diff --git a/pkg/datadogclient/client.go b/pkg/datadogclient/client.go index 2db5c7c28..7c1d560ad 100644 --- a/pkg/datadogclient/client.go +++ b/pkg/datadogclient/client.go @@ -19,7 +19,7 @@ import ( datadogapi "github.com/DataDog/datadog-api-client-go/v2/api/datadog" datadogV1 "github.com/DataDog/datadog-api-client-go/v2/api/datadogV1" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" + "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" ) const prefix = "https://api." @@ -111,11 +111,11 @@ func setupAuth(logger logr.Logger, creds config.Creds) (context.Context, error) ) apiURL := "" - if os.Getenv(apicommon.DDddURL) != "" { - apiURL = os.Getenv(apicommon.DDddURL) - } else if os.Getenv(apicommon.DDURL) != "" { - apiURL = os.Getenv(apicommon.DDURL) - } else if site := os.Getenv(apicommon.DDSite); site != "" { + if os.Getenv(v2alpha1.DDddURL) != "" { + apiURL = os.Getenv(v2alpha1.DDddURL) + } else if os.Getenv(v2alpha1.DDURL) != "" { + apiURL = os.Getenv(v2alpha1.DDURL) + } else if site := os.Getenv(v2alpha1.DDSite); site != "" { apiURL = prefix + strings.TrimSpace(site) } diff --git a/pkg/defaulting/images.go b/pkg/defaulting/images.go index 0a1e5af07..70fcdebb0 100644 --- a/pkg/defaulting/images.go +++ b/pkg/defaulting/images.go @@ -16,9 +16,9 @@ type ContainerRegistry string const ( // AgentLatestVersion corresponds to the latest stable agent release - AgentLatestVersion = "7.59.0" + AgentLatestVersion = "7.60.0" // ClusterAgentLatestVersion corresponds to the latest stable cluster-agent release - ClusterAgentLatestVersion = "7.59.0" + ClusterAgentLatestVersion = "7.60.0" // FIPSProxyLatestVersion corresponds to the latest stable fips-proxy release FIPSProxyLatestVersion = "1.1.6" // GCRContainerRegistry corresponds to the datadoghq GCR registry @@ -30,7 +30,10 @@ const ( // DefaultImageRegistry corresponds to the datadoghq containers registry DefaultImageRegistry = GCRContainerRegistry // TODO: this is also defined elsewhere and not used; consolidate // JMXTagSuffix prefix tag for agent JMX images - JMXTagSuffix = "-jmx" + JMXTagSuffix = "-jmx" + AgentDevImageName = "datadog/agent-dev" + // Nightly dev image tag for otel agent + OTelAgentNightlyTag = "nightly-ot-beta-main" agentImageName = "agent" clusterAgentImageName = "cluster-agent" diff --git a/pkg/equality/equality.go b/pkg/equality/equality.go index aa4fce456..fe50d6a56 100644 --- a/pkg/equality/equality.go +++ b/pkg/equality/equality.go @@ -10,6 +10,7 @@ import ( corev1 "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" policyv1 "k8s.io/api/policy/v1" + policyv1beta1 "k8s.io/api/policy/v1beta1" rbacv1 "k8s.io/api/rbac/v1" apiequality "k8s.io/apimachinery/pkg/api/equality" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -181,9 +182,16 @@ func IsEqualServiceAccounts(objA, objB client.Object) bool { func IsEqualPodDisruptionBudgets(objA, objB client.Object) bool { a, okA := objA.(*policyv1.PodDisruptionBudget) b, okB := objB.(*policyv1.PodDisruptionBudget) + if okA && okB && a != nil && b != nil { return apiequality.Semantic.DeepEqual(a.Spec, b.Spec) } + ax, okA := objA.(*policyv1beta1.PodDisruptionBudget) + bx, okB := objB.(*policyv1beta1.PodDisruptionBudget) + if okA && okB && ax != nil && bx != nil { + return apiequality.Semantic.DeepEqual(ax.Spec, bx.Spec) + } + return false } diff --git a/pkg/kubernetes/objects.go b/pkg/kubernetes/objects.go index d4d356f40..7a8628055 100644 --- a/pkg/kubernetes/objects.go +++ b/pkg/kubernetes/objects.go @@ -9,7 +9,6 @@ import ( admissionregistrationv1 "k8s.io/api/admissionregistration/v1" corev1 "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" - policyv1 "k8s.io/api/policy/v1" rbacv1 "k8s.io/api/rbac/v1" apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" "sigs.k8s.io/controller-runtime/pkg/client" @@ -43,7 +42,7 @@ func ObjectFromKind(kind ObjectKind, platformInfo PlatformInfo) client.Object { case ServiceAccountsKind: return &corev1.ServiceAccount{} case PodDisruptionBudgetsKind: - return &policyv1.PodDisruptionBudget{} + return platformInfo.CreatePDBObject() case NetworkPoliciesKind: return &networkingv1.NetworkPolicy{} case CiliumNetworkPoliciesKind: diff --git a/pkg/kubernetes/objectslist.go b/pkg/kubernetes/objectslist.go index 39a638bfa..13deb20ea 100644 --- a/pkg/kubernetes/objectslist.go +++ b/pkg/kubernetes/objectslist.go @@ -9,7 +9,6 @@ import ( admissionregistrationv1 "k8s.io/api/admissionregistration/v1" corev1 "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" - policyv1 "k8s.io/api/policy/v1" rbacv1 "k8s.io/api/rbac/v1" apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" "sigs.k8s.io/controller-runtime/pkg/client" @@ -43,7 +42,7 @@ func ObjectListFromKind(kind ObjectKind, platformInfo PlatformInfo) client.Objec case ServiceAccountsKind: return &corev1.ServiceAccountList{} case PodDisruptionBudgetsKind: - return &policyv1.PodDisruptionBudgetList{} + return platformInfo.CreatePDBObjectList() case NetworkPoliciesKind: return &networkingv1.NetworkPolicyList{} case CiliumNetworkPoliciesKind: diff --git a/pkg/kubernetes/platforminfo.go b/pkg/kubernetes/platforminfo.go index 74f10f6fc..c66c120d4 100644 --- a/pkg/kubernetes/platforminfo.go +++ b/pkg/kubernetes/platforminfo.go @@ -1,8 +1,11 @@ package kubernetes import ( + policyv1 "k8s.io/api/policy/v1" + policyv1beta1 "k8s.io/api/policy/v1beta1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/version" + "sigs.k8s.io/controller-runtime/pkg/client" ) type PlatformInfo struct { @@ -58,6 +61,27 @@ func NewPlatformInfoFromVersionMaps(versionInfo *version.Info, apiPreferredVersi } } +func (platformInfo *PlatformInfo) UseV1Beta1PDB() bool { + preferredVersion := platformInfo.apiPreferredVersions["PodDisruptionBudget"] + + // If policy isn't v1beta1 version, we default to v1. + return preferredVersion == "policy/v1beta1" +} + +func (platformInfo *PlatformInfo) CreatePDBObject() client.Object { + if platformInfo.UseV1Beta1PDB() { + return &policyv1beta1.PodDisruptionBudget{} + } + return &policyv1.PodDisruptionBudget{} +} + +func (platformInfo *PlatformInfo) CreatePDBObjectList() client.ObjectList { + if platformInfo.UseV1Beta1PDB() { + return &policyv1beta1.PodDisruptionBudgetList{} + } + return &policyv1.PodDisruptionBudgetList{} +} + func (platformInfo *PlatformInfo) GetAgentResourcesKind(withCiliumResources bool) []ObjectKind { return getResourcesKind(withCiliumResources) } diff --git a/pkg/kubernetes/platforminfo_test.go b/pkg/kubernetes/platforminfo_test.go index 50d7199f4..d43d25904 100644 --- a/pkg/kubernetes/platforminfo_test.go +++ b/pkg/kubernetes/platforminfo_test.go @@ -7,6 +7,124 @@ import ( v1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) +func Test_createPlatformInfoFromAPIObjects(t *testing.T) { + tests := []struct { + name string + tag string + apiGroups []*v1.APIGroup + apiResourceList []*v1.APIResourceList + useV1Beta1PDB bool + pdbPreferredVersion string + pdbOtherVersion string + }{ + { + name: "v1 preferred, PDB v1 prferred, PDB v1beta1 not proferred", + apiGroups: []*v1.APIGroup{ + newApiGroupPointer( + v1.APIGroup{ + Name: "policy", + Versions: []v1.GroupVersionForDiscovery{ + { + GroupVersion: "policy/v1", + }, + { + GroupVersion: "policy/v1beta1", + }, + }, + PreferredVersion: v1.GroupVersionForDiscovery{ + GroupVersion: "policy/v1", + }, + }, + ), + }, + apiResourceList: createDefaultApiResourceList(), + useV1Beta1PDB: false, + pdbPreferredVersion: "policy/v1", + pdbOtherVersion: "policy/v1beta1", + }, + { + name: "v1beta1 preferred, PDB PDB v1 not proferred", + tag: "tag 1", + apiGroups: []*v1.APIGroup{ + newApiGroupPointer( + v1.APIGroup{ + Name: "policy", + Versions: []v1.GroupVersionForDiscovery{ + { + GroupVersion: "policy/v1", + }, + { + GroupVersion: "policy/v1beta1", + }, + }, + PreferredVersion: v1.GroupVersionForDiscovery{ + GroupVersion: "policy/v1beta1", + }, + }, + ), + }, + apiResourceList: createDefaultApiResourceList(), + useV1Beta1PDB: true, + pdbPreferredVersion: "policy/v1beta1", + pdbOtherVersion: "policy/v1", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + platformInfo := NewPlatformInfo(nil, tt.apiGroups, tt.apiResourceList) + assert.Equal(t, tt.useV1Beta1PDB, platformInfo.UseV1Beta1PDB()) + assert.Equal(t, tt.pdbPreferredVersion, platformInfo.apiPreferredVersions["PodDisruptionBudget"]) + assert.Equal(t, tt.pdbOtherVersion, platformInfo.apiOtherVersions["PodDisruptionBudget"]) + }) + } +} + +func Test_getPDBFlag(t *testing.T) { + tests := []struct { + name string + preferred map[string]string + other map[string]string + useV1Beta1PDB bool + }{ + { + name: "Chooses preferred version of PodDisruptionBudget", + preferred: map[string]string{ + "PodDisruptionBudget": "policy/v1", + }, + other: map[string]string{ + "PodDisruptionBudget": "policy/v1beta1", + }, + useV1Beta1PDB: false, + }, + { + name: "Chooses preferred version of PodDisruptionBudget", + preferred: map[string]string{ + "PodDisruptionBudget": "policy/v1beta1", + }, + other: map[string]string{ + "PodDisruptionBudget": "policy/v1", + }, + useV1Beta1PDB: true, + }, + { + name: "Unrecognized preferred version, defaults to v1", + preferred: map[string]string{ + "PodDisruptionBudget": "xyz", + }, + other: map[string]string{}, + useV1Beta1PDB: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + platformInfo := NewPlatformInfoFromVersionMaps(nil, tt.preferred, tt.other) + assert.Equal(t, tt.useV1Beta1PDB, platformInfo.UseV1Beta1PDB()) + }) + } +} + func Test_getDatadogAgentVersions(t *testing.T) { tests := []struct { name string @@ -92,6 +210,41 @@ func Test_getDatadogAgentVersions(t *testing.T) { } } +func createDefaultApiResourceList() []*v1.APIResourceList { + return []*v1.APIResourceList{ + newApiResourceListPointer( + v1.APIResourceList{ + GroupVersion: "policy/v1", + APIResources: []v1.APIResource{ + { + Kind: "PodDisruptionBudget", + }, + }, + }, + ), + newApiResourceListPointer( + v1.APIResourceList{ + GroupVersion: "policy/v1beta1", + APIResources: []v1.APIResource{ + { + Kind: "PodDisruptionBudget", + }, + }, + }, + ), + newApiResourceListPointer( + v1.APIResourceList{ + GroupVersion: "datadoghq/v1alpha1", + APIResources: []v1.APIResource{ + { + Kind: "DatadogAgent", + }, + }, + }, + ), + } +} + func createDatadogAgentResourceList() []*v1.APIResourceList { return []*v1.APIResourceList{ newApiResourceListPointer( @@ -124,3 +277,12 @@ func newApiGroupPointer(apiGroup v1.APIGroup) *v1.APIGroup { func newApiResourceListPointer(apiResourceList v1.APIResourceList) *v1.APIResourceList { return &apiResourceList } + +func containsObjectKind(list []ObjectKind, s ObjectKind) bool { + for _, v := range list { + if v == s { + return true + } + } + return false +} diff --git a/pkg/kubernetes/provider.go b/pkg/kubernetes/provider.go index f330f71f6..c56feed2f 100644 --- a/pkg/kubernetes/provider.go +++ b/pkg/kubernetes/provider.go @@ -12,7 +12,6 @@ import ( "github.com/go-logr/logr" corev1 "k8s.io/api/core/v1" - apicommon "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" ) @@ -167,7 +166,7 @@ func ComponentOverrideFromProvider(overrideName, provider string, providerList m return v2alpha1.DatadogAgentComponentOverride{ Name: &overrideDSName, Affinity: getProviderNodeAffinity(provider, providerList), - Labels: map[string]string{apicommon.MD5AgentDeploymentProviderLabelKey: provider}, + Labels: map[string]string{v2alpha1.MD5AgentDeploymentProviderLabelKey: provider}, } } diff --git a/pkg/remoteconfig/updater.go b/pkg/remoteconfig/updater.go index 770fd6a99..1ad21f9e5 100644 --- a/pkg/remoteconfig/updater.go +++ b/pkg/remoteconfig/updater.go @@ -28,7 +28,6 @@ import ( "github.com/DataDog/datadog-agent/pkg/config/remote/service" "github.com/DataDog/datadog-agent/pkg/remoteconfig/state" - "github.com/DataDog/datadog-operator/api/datadoghq/common" "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" "github.com/DataDog/datadog-operator/pkg/config" "github.com/DataDog/datadog-operator/pkg/version" @@ -130,8 +129,8 @@ func (r *RemoteConfigUpdater) Setup(creds config.Creds) error { return errors.New("error obtaining API key") } - site := os.Getenv(common.DDSite) // TODO support DD_URL as well - clusterName := os.Getenv(common.DDClusterName) + site := os.Getenv(v2alpha1.DDSite) // TODO support DD_URL as well + clusterName := os.Getenv(v2alpha1.DDClusterName) directorRoot := os.Getenv("DD_REMOTE_CONFIGURATION_DIRECTOR_ROOT") configRoot := os.Getenv("DD_REMOTE_CONFIGURATION_CONFIG_ROOT") endpoint := os.Getenv("DD_REMOTE_CONFIGURATION_RC_DD_URL") diff --git a/api/datadoghq/v2alpha1/test/builder.go b/pkg/testutils/builder.go similarity index 91% rename from api/datadoghq/v2alpha1/test/builder.go rename to pkg/testutils/builder.go index 260919894..28a2f4e61 100644 --- a/api/datadoghq/v2alpha1/test/builder.go +++ b/pkg/testutils/builder.go @@ -3,13 +3,14 @@ // This product includes software developed at Datadog (https://www.datadoghq.com/). // Copyright 2016-present Datadog, Inc. -package test +package testutils import ( "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1" - "github.com/DataDog/datadog-operator/api/utils" apiutils "github.com/DataDog/datadog-operator/api/utils" - defaulting "github.com/DataDog/datadog-operator/pkg/defaulting" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/defaults" + "github.com/DataDog/datadog-operator/internal/controller/datadogagent/feature/otelcollector/defaultconfig" + "github.com/DataDog/datadog-operator/pkg/defaulting" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -38,7 +39,7 @@ func NewDatadogAgentBuilder() *DatadogAgentBuilder { // NewDefaultDatadogAgentBuilder created DatadogAgent and applies defaults func NewDefaultDatadogAgentBuilder() *DatadogAgentBuilder { dda := &v2alpha1.DatadogAgent{} - v2alpha1.DefaultDatadogAgent(dda) + defaults.DefaultDatadogAgent(dda) return &DatadogAgentBuilder{ datadogAgent: *dda, @@ -62,7 +63,7 @@ func (builder *DatadogAgentBuilder) Build() *v2alpha1.DatadogAgent { // BuildWithDefaults applies defaults to current properties and returns resulting DatadogAgent func (builder *DatadogAgentBuilder) BuildWithDefaults() *v2alpha1.DatadogAgent { - v2alpha1.DefaultDatadogAgent(&builder.datadogAgent) + defaults.DefaultDatadogAgent(&builder.datadogAgent) return &builder.datadogAgent } @@ -374,6 +375,74 @@ func (builder *DatadogAgentBuilder) WithProcessDiscoveryEnabled(enabled bool) *D return builder } +// OTel Agent +func (builder *DatadogAgentBuilder) initOtelCollector() { + if builder.datadogAgent.Spec.Features.OtelCollector == nil { + builder.datadogAgent.Spec.Features.OtelCollector = &v2alpha1.OtelCollectorFeatureConfig{} + } +} + +func (builder *DatadogAgentBuilder) WithOTelCollectorEnabled(enabled bool) *DatadogAgentBuilder { + builder.initOtelCollector() + builder.datadogAgent.Spec.Features.OtelCollector.Enabled = apiutils.NewBoolPointer(enabled) + return builder +} + +func (builder *DatadogAgentBuilder) WithOTelCollectorConfig() *DatadogAgentBuilder { + builder.datadogAgent.Spec.Features.OtelCollector.Conf = &v2alpha1.CustomConfig{} + builder.datadogAgent.Spec.Features.OtelCollector.Conf.ConfigData = + apiutils.NewStringPointer(defaultconfig.DefaultOtelCollectorConfig) + return builder +} + +func (builder *DatadogAgentBuilder) WithOTelCollectorCoreConfigEnabled(enabled bool) *DatadogAgentBuilder { + if builder.datadogAgent.Spec.Features.OtelCollector.CoreConfig == nil { + builder.datadogAgent.Spec.Features.OtelCollector.CoreConfig = &v2alpha1.CoreConfig{} + } + builder.datadogAgent.Spec.Features.OtelCollector.CoreConfig.Enabled = apiutils.NewBoolPointer(enabled) + return builder +} + +func (builder *DatadogAgentBuilder) WithOTelCollectorCoreConfigExtensionTimeout(timeout int) *DatadogAgentBuilder { + if builder.datadogAgent.Spec.Features.OtelCollector.CoreConfig == nil { + builder.datadogAgent.Spec.Features.OtelCollector.CoreConfig = &v2alpha1.CoreConfig{} + } + builder.datadogAgent.Spec.Features.OtelCollector.CoreConfig.ExtensionTimeout = apiutils.NewIntPointer(timeout) + return builder +} + +func (builder *DatadogAgentBuilder) WithOTelCollectorCoreConfigExtensionURL(url string) *DatadogAgentBuilder { + if builder.datadogAgent.Spec.Features.OtelCollector.CoreConfig == nil { + builder.datadogAgent.Spec.Features.OtelCollector.CoreConfig = &v2alpha1.CoreConfig{} + } + builder.datadogAgent.Spec.Features.OtelCollector.CoreConfig.ExtensionURL = apiutils.NewStringPointer(url) + return builder +} + +func (builder *DatadogAgentBuilder) WithOTelCollectorConfigMap() *DatadogAgentBuilder { + builder.datadogAgent.Spec.Features.OtelCollector.Conf = &v2alpha1.CustomConfig{} + builder.datadogAgent.Spec.Features.OtelCollector.Conf.ConfigMap = &v2alpha1.ConfigMapConfig{ + Name: "user-provided-config-map", + } + return builder +} + +func (builder *DatadogAgentBuilder) WithOTelCollectorPorts(grpcPort int32, httpPort int32) *DatadogAgentBuilder { + builder.datadogAgent.Spec.Features.OtelCollector.Ports = []*corev1.ContainerPort{ + { + Name: "otel-http", + ContainerPort: httpPort, + Protocol: corev1.ProtocolTCP, + }, + { + Name: "otel-grpc", + ContainerPort: grpcPort, + Protocol: corev1.ProtocolTCP, + }, + } + return builder +} + // Log Collection func (builder *DatadogAgentBuilder) initLogCollection() { if builder.datadogAgent.Spec.Features.LogCollection == nil { @@ -801,8 +870,8 @@ func (builder *DatadogAgentBuilder) WithSingleContainerStrategy(enabled bool) *D func (builder *DatadogAgentBuilder) WithCredentials(apiKey, appKey string) *DatadogAgentBuilder { builder.datadogAgent.Spec.Global.Credentials = &v2alpha1.DatadogCredentials{ - APIKey: utils.NewStringPointer(apiKey), - AppKey: utils.NewStringPointer(appKey), + APIKey: apiutils.NewStringPointer(apiKey), + AppKey: apiutils.NewStringPointer(appKey), } return builder } diff --git a/api/datadoghq/v2alpha1/test/new.go b/pkg/testutils/new.go similarity index 98% rename from api/datadoghq/v2alpha1/test/new.go rename to pkg/testutils/new.go index 97b00084b..8194719a9 100644 --- a/api/datadoghq/v2alpha1/test/new.go +++ b/pkg/testutils/new.go @@ -3,7 +3,7 @@ // This product includes software developed at Datadog (https://www.datadoghq.com/). // Copyright 2016-present Datadog, Inc. -package test +package testutils import ( "fmt"