From 0e98f1d705d4a57bc49c29df9fbdd18a433b2562 Mon Sep 17 00:00:00 2001 From: Claudio Busse Date: Tue, 18 Jun 2024 17:13:16 +0200 Subject: [PATCH] OSD-22635: use elevation for oc execs --- cmd/alerts/list_alerts.go | 15 +++++++++++---- cmd/alerts/silence/add_silence.go | 10 +++++++++- cmd/alerts/silence/clear_silence.go | 10 +++++++++- cmd/alerts/silence/common.go | 1 + cmd/alerts/silence/list_silence.go | 25 +++++++++++++++++++++---- cmd/cluster/detachstuckvolume.go | 17 +++++++++++++---- 6 files changed, 64 insertions(+), 14 deletions(-) diff --git a/cmd/alerts/list_alerts.go b/cmd/alerts/list_alerts.go index e628909f..234c0589 100644 --- a/cmd/alerts/list_alerts.go +++ b/cmd/alerts/list_alerts.go @@ -14,6 +14,7 @@ import ( type alertCmd struct { clusterID string alertLevel string + reason string } // Labels represents a set of labels associated with an alert. @@ -55,6 +56,8 @@ func NewCmdListAlerts() *cobra.Command { } newCmd.Flags().StringVarP(&alertCmd.alertLevel, "level", "l", "all", "Alert level [warning, critical, firing, pending, all]") + newCmd.Flags().StringVar(&alertCmd.reason, "reason", "", "The reason for this command, which requires elevation, to be run (usualy an OHSS or PD ticket)") + _ = newCmd.MarkFlagRequired("reason") return newCmd } @@ -72,21 +75,25 @@ func ListAlerts(cmd *alertCmd) { if alertLevel == "" { log.Printf("No alert level specified. Defaulting to 'all'") - getAlertLevel(clusterID, "all") + getAlertLevel(clusterID, "all", cmd.reason) } else if alertLevel == "warning" || alertLevel == "critical" || alertLevel == "firing" || alertLevel == "pending" || alertLevel == "info" || alertLevel == "none" || alertLevel == "all" { - getAlertLevel(clusterID, alertLevel) + getAlertLevel(clusterID, alertLevel, cmd.reason) } else { fmt.Printf("Invalid alert level \"%s\" \n", alertLevel) return } } -func getAlertLevel(clusterID, alertLevel string) { +func getAlertLevel(clusterID, alertLevel, elevationReason string) { var alerts []Alert listAlertCmd := []string{"amtool", "--alertmanager.url", silence.LocalHostUrl, "alert", "-o", "json"} - _, kubeconfig, clientset, err := common.GetKubeConfigAndClient(clusterID) + elevationReasons := []string{ + elevationReason, + "Listing active cluster alerts", + } + _, kubeconfig, clientset, err := common.GetKubeConfigAndClient(clusterID, elevationReasons...) if err != nil { log.Fatal(err) } diff --git a/cmd/alerts/silence/add_silence.go b/cmd/alerts/silence/add_silence.go index b21cd0cb..3bdf9a98 100644 --- a/cmd/alerts/silence/add_silence.go +++ b/cmd/alerts/silence/add_silence.go @@ -18,6 +18,7 @@ type addSilenceCmd struct { duration string comment string all bool + reason string } func NewCmdAddSilence() *cobra.Command { @@ -38,6 +39,8 @@ func NewCmdAddSilence() *cobra.Command { cmd.Flags().StringVarP(&addSilenceCmd.comment, "comment", "c", "", "add comment about silence") cmd.Flags().StringVarP(&addSilenceCmd.duration, "duration", "d", "15d", "add duration for silence") //default duration set to 15 days cmd.Flags().BoolVarP(&addSilenceCmd.all, "all", "a", false, "add silences for all alert") + cmd.Flags().StringVar(&addSilenceCmd.reason, "reason", "", "The reason for this command, which requires elevation, to be run (usualy an OHSS or PD ticket)") + _ = cmd.MarkFlagRequired("reason") return cmd } @@ -51,7 +54,12 @@ func AddSilence(cmd *addSilenceCmd) { username, clustername := GetUserAndClusterInfo(clusterID) - _, kubeconfig, clientset, err := common.GetKubeConfigAndClient(clusterID) + elevationReasons := []string{ + cmd.reason, + "Add alert silence via osdctl", + } + + _, kubeconfig, clientset, err := common.GetKubeConfigAndClient(clusterID, elevationReasons...) if err != nil { log.Fatal(err) } diff --git a/cmd/alerts/silence/clear_silence.go b/cmd/alerts/silence/clear_silence.go index 9be3e686..84174bc3 100644 --- a/cmd/alerts/silence/clear_silence.go +++ b/cmd/alerts/silence/clear_silence.go @@ -15,6 +15,7 @@ type silenceCmd struct { clusterID string silenceIDs []string all bool + reason string } func NewCmdClearSilence() *cobra.Command { @@ -33,6 +34,8 @@ func NewCmdClearSilence() *cobra.Command { cmd.Flags().StringSliceVar(&silenceCmd.silenceIDs, "silence-id", []string{}, "silence id (comma-separated)") cmd.Flags().BoolVarP(&silenceCmd.all, "all", "a", false, "clear all silences") + cmd.Flags().StringVar(&silenceCmd.reason, "reason", "", "The reason for this command, which requires elevation, to be run (usualy an OHSS or PD ticket)") + _ = cmd.MarkFlagRequired("reason") return cmd } @@ -42,7 +45,12 @@ func ClearSilence(cmd *silenceCmd) { silenceIDs := cmd.silenceIDs all := cmd.all - _, kubeconfig, clientset, err := common.GetKubeConfigAndClient(clusterID) + elevationReasons := []string{ + cmd.reason, + "Clear alertmanager silence for a cluster via osdctl", + } + + _, kubeconfig, clientset, err := common.GetKubeConfigAndClient(clusterID, elevationReasons...) if err != nil { log.Fatal(err) } diff --git a/cmd/alerts/silence/common.go b/cmd/alerts/silence/common.go index 2d84daa1..85bbceda 100644 --- a/cmd/alerts/silence/common.go +++ b/cmd/alerts/silence/common.go @@ -3,6 +3,7 @@ package silence import ( "context" "fmt" + "github.com/openshift/osdctl/cmd/cluster" corev1 "k8s.io/api/core/v1" "k8s.io/client-go/kubernetes" diff --git a/cmd/alerts/silence/list_silence.go b/cmd/alerts/silence/list_silence.go index 7799ab86..6709225e 100644 --- a/cmd/alerts/silence/list_silence.go +++ b/cmd/alerts/silence/list_silence.go @@ -33,25 +33,42 @@ type Silence struct { StartsAt string `json:"startsAt"` } +type listSilenceCmd struct { + clusterID string + reason string +} + func NewCmdListSilence() *cobra.Command { - return &cobra.Command{ + listSilenceCmd := &listSilenceCmd{} + cmd := &cobra.Command{ Use: "list ", Short: "List all silences", Long: `print the list of silences`, Args: cobra.ExactArgs(1), DisableAutoGenTag: true, Run: func(cmd *cobra.Command, args []string) { - ListSilence(args[0]) + listSilenceCmd.clusterID = args[0] + ListSilence(listSilenceCmd) }, } + + cmd.Flags().StringVar(&listSilenceCmd.reason, "reason", "", "The reason for this command, which requires elevation, to be run (usualy an OHSS or PD ticket)") + _ = cmd.MarkFlagRequired("reason") + + return cmd } -func ListSilence(clusterID string) { +func ListSilence(cmd *listSilenceCmd) { var silences []Silence silenceCmd := []string{"amtool", "silence", "--alertmanager.url", LocalHostUrl, "-o", "json"} - _, kubeconfig, clientset, err := common.GetKubeConfigAndClient(clusterID) + elevationReasons := []string{ + cmd.reason, + "List active alertmanager silences via osdctl", + } + + _, kubeconfig, clientset, err := common.GetKubeConfigAndClient(cmd.clusterID, elevationReasons...) if err != nil { log.Fatal(err) } diff --git a/cmd/cluster/detachstuckvolume.go b/cmd/cluster/detachstuckvolume.go index a782a8ba..80b541a6 100644 --- a/cmd/cluster/detachstuckvolume.go +++ b/cmd/cluster/detachstuckvolume.go @@ -28,6 +28,7 @@ var detachStuckVolumeInput struct { type detachStuckVolumeOptions struct { clusterID string cluster *cmv1.Cluster + reason string } func newCmdDetachStuckVolume() *cobra.Command { @@ -41,6 +42,10 @@ func newCmdDetachStuckVolume() *cobra.Command { cmdutil.CheckErr(ops.detachVolume(args[0])) }, } + + detachstuckvolumeCmd.Flags().StringVar(&ops.reason, "reason", "", "The reason for this command, which requires elevation, to be run (usualy an OHSS or PD ticket)") + _ = detachstuckvolumeCmd.MarkFlagRequired("reason") + return detachstuckvolumeCmd } @@ -66,13 +71,17 @@ func (o *detachStuckVolumeOptions) detachVolume(clusterID string) error { return fmt.Errorf("this command is only available for AWS clusters") } - _, _, clientset, err := common.GetKubeConfigAndClient(o.clusterID, "", "") + elevationReasons := []string{ + o.reason, + "Detach stuck volume in openshift-monitoring", + } + _, _, clientset, err := common.GetKubeConfigAndClient(o.clusterID, elevationReasons...) if err != nil { return fmt.Errorf("failed to retrieve Kubernetes configuration and client for cluster with ID %s: %w", o.clusterID, err) } - err = getVolumeID(clientset, Namespace, "") + err = getVolumeID(clientset, Namespace) if err != nil { return err } @@ -96,7 +105,7 @@ func (o *detachStuckVolumeOptions) detachVolume(clusterID string) error { _, err := awsClient.DetachVolume(context.TODO(), &ec2.DetachVolumeInput{VolumeId: &Volid}) if err != nil { - return fmt.Errorf("failed to detach %s: %s\n", *&Volid, err) + return fmt.Errorf("failed to detach %s: %s", *&Volid, err) } log.Printf("%s has been detached", Volid) } @@ -106,7 +115,7 @@ func (o *detachStuckVolumeOptions) detachVolume(clusterID string) error { } // Following function gets the volumeID & region of pv for non running state pod & value into global variable -func getVolumeID(clientset *kubernetes.Clientset, namespace, selector string) error { +func getVolumeID(clientset *kubernetes.Clientset, namespace string) error { var pvClaim []string var pVolume []string