From 235d41a80297bcef93c786a1e4450eacb2a43b1f Mon Sep 17 00:00:00 2001 From: QuantumEnigmaa Date: Thu, 30 May 2024 10:44:15 +0200 Subject: [PATCH] code refactoring --- .../cluster_monitoring_controller.go | 14 ++-- main.go | 7 +- pkg/common/secret/manager.go | 29 -------- pkg/common/secret/utils.go | 51 ++++++++++++++ pkg/monitoring/mimir/service.go | 68 ++++++------------- pkg/monitoring/prometheusagent/secret.go | 14 ++-- pkg/monitoring/prometheusagent/types.go | 1 + 7 files changed, 89 insertions(+), 95 deletions(-) delete mode 100644 pkg/common/secret/manager.go create mode 100644 pkg/common/secret/utils.go diff --git a/internal/controller/cluster_monitoring_controller.go b/internal/controller/cluster_monitoring_controller.go index 55c3bf0f..607a67a5 100644 --- a/internal/controller/cluster_monitoring_controller.go +++ b/internal/controller/cluster_monitoring_controller.go @@ -124,7 +124,7 @@ func (r *ClusterMonitoringReconciler) reconcile(ctx context.Context, cluster *cl return ctrl.Result{RequeueAfter: 5 * time.Minute}, errors.WithStack(err) } - err = r.MimirService.ConfigureMimir(ctx, r.ManagementCluster.Name) + err = r.MimirService.ConfigureMimir(ctx) if err != nil { logger.Error(err, "failed to configure mimir") return ctrl.Result{RequeueAfter: 5 * time.Minute}, errors.WithStack(err) @@ -151,15 +151,15 @@ func (r *ClusterMonitoringReconciler) reconcileDelete(ctx context.Context, clust logger.Error(err, "failed to delete heartbeat") return ctrl.Result{RequeueAfter: 5 * time.Minute}, errors.WithStack(err) } - } - err := r.MimirService.DeleteIngressSecret(ctx) - if err != nil { - logger.Error(err, "failed to delete mimir ingress secret") - return ctrl.Result{RequeueAfter: 5 * time.Minute}, errors.WithStack(err) + err = r.MimirService.DeleteMimirSecrets(ctx) + if err != nil { + logger.Error(err, "failed to delete mimir ingress secret") + return ctrl.Result{RequeueAfter: 5 * time.Minute}, errors.WithStack(err) + } } - err = r.PrometheusAgentService.DeleteRemoteWriteConfiguration(ctx, cluster) + err := r.PrometheusAgentService.DeleteRemoteWriteConfiguration(ctx, cluster) if err != nil { logger.Error(err, "failed to delete prometheus agent remote write config") return ctrl.Result{RequeueAfter: 5 * time.Minute}, errors.WithStack(err) diff --git a/main.go b/main.go index 7cb64f9d..06de81aa 100644 --- a/main.go +++ b/main.go @@ -41,7 +41,6 @@ import ( "github.com/giantswarm/observability-operator/pkg/common" "github.com/giantswarm/observability-operator/pkg/common/organization" "github.com/giantswarm/observability-operator/pkg/common/password" - "github.com/giantswarm/observability-operator/pkg/common/secret" "github.com/giantswarm/observability-operator/pkg/monitoring/heartbeat" "github.com/giantswarm/observability-operator/pkg/monitoring/mimir" "github.com/giantswarm/observability-operator/pkg/monitoring/prometheusagent" @@ -198,9 +197,9 @@ func main() { } mimirService := mimir.MimirService{ - Client: mgr.GetClient(), - PasswordManager: password.SimpleManager{}, - SecretManager: secret.SimpleManager{}, + Client: mgr.GetClient(), + PasswordManager: password.SimpleManager{}, + ManagementCluster: managementCluster, } if err = (&controller.ClusterMonitoringReconciler{ diff --git a/pkg/common/secret/manager.go b/pkg/common/secret/manager.go deleted file mode 100644 index c76db31b..00000000 --- a/pkg/common/secret/manager.go +++ /dev/null @@ -1,29 +0,0 @@ -package secret - -import ( - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type Manager interface { - GenerateGenericSecret(secretName string, secretNamespace string, key string, value string) (*corev1.Secret, error) -} - -type SimpleManager struct { -} - -func (m SimpleManager) GenerateGenericSecret(secretName string, secretNamespace string, - key string, value string) (*corev1.Secret, error) { - secret := &corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: secretName, - Namespace: secretNamespace, - }, - Data: map[string][]byte{ - key: []byte(value), - }, - Type: "Opaque", - } - - return secret, nil -} diff --git a/pkg/common/secret/utils.go b/pkg/common/secret/utils.go new file mode 100644 index 00000000..b26f5365 --- /dev/null +++ b/pkg/common/secret/utils.go @@ -0,0 +1,51 @@ +package secret + +import ( + "context" + + "github.com/pkg/errors" + corev1 "k8s.io/api/core/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +func GenerateGenericSecret(secretName string, secretNamespace string, + key string, value string) *corev1.Secret { + secret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: secretName, + Namespace: secretNamespace, + }, + Data: map[string][]byte{ + key: []byte(value), + }, + Type: "Opaque", + } + + return secret +} + +func DeleteSecret(secretName string, secretNamespace string, + ctx context.Context, providedClient client.Client) error { + objectKey := client.ObjectKey{ + Name: secretName, + Namespace: secretNamespace, + } + current := &corev1.Secret{} + // Get the current secret if it exists. + err := providedClient.Get(ctx, objectKey, current) + if apierrors.IsNotFound(err) { + // Ignore cases where the secret is not found (if it was manually deleted, for instance). + return nil + } else if err != nil { + return errors.WithStack(err) + } + + err = providedClient.Delete(ctx, current) + if err != nil { + return errors.WithStack(err) + } + + return nil +} diff --git a/pkg/monitoring/mimir/service.go b/pkg/monitoring/mimir/service.go index fce877a1..f9e94a2f 100644 --- a/pkg/monitoring/mimir/service.go +++ b/pkg/monitoring/mimir/service.go @@ -10,37 +10,37 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/log" + "github.com/giantswarm/observability-operator/pkg/common" "github.com/giantswarm/observability-operator/pkg/common/password" "github.com/giantswarm/observability-operator/pkg/common/secret" "github.com/giantswarm/observability-operator/pkg/monitoring/prometheusagent" ) const ( - authSecretName = "mimir-gateway-ingress" - authSecretNamespace = "mimir" - mimirSpecificSecretName = "mimir-basic-auth" - mimirSpecificSecretNamespace = "mimir" + ingressAuthSecretName = "mimir-gateway-ingress-auth" + mimirApiKey = "mimir-basic-auth" + mimirNamespace = "mimir" ) type MimirService struct { client.Client PasswordManager password.Manager - SecretManager secret.Manager + common.ManagementCluster } // ConfigureMimir configures the ingress and its authentication (basic auth) // to allow prometheus agents to send their data to Mimir -func (ms *MimirService) ConfigureMimir(ctx context.Context, mc string) error { - logger := log.FromContext(ctx).WithValues("cluster", mc) +func (ms *MimirService) ConfigureMimir(ctx context.Context) error { + logger := log.FromContext(ctx).WithValues("cluster", ms.ManagementCluster.Name) logger.Info("configuring mimir ingress") - err := ms.CreateAuthSecret(ctx, logger, mc) + err := ms.CreateApiKey(ctx, logger) if err != nil { logger.Error(err, "failed to create mimir auth secret") return errors.WithStack(err) } - err = ms.CreateIngressSecret(ctx, mc, logger) + err = ms.CreateIngressAuthenticationSecret(ctx, logger) if err != nil { logger.Error(err, "failed to create mimir ingress secret") return errors.WithStack(err) @@ -51,10 +51,10 @@ func (ms *MimirService) ConfigureMimir(ctx context.Context, mc string) error { return nil } -func (ms *MimirService) CreateAuthSecret(ctx context.Context, logger logr.Logger, mc string) error { +func (ms *MimirService) CreateApiKey(ctx context.Context, logger logr.Logger) error { objectKey := client.ObjectKey{ - Name: mimirSpecificSecretName, - Namespace: mimirSpecificSecretNamespace, + Name: mimirApiKey, + Namespace: mimirNamespace, } current := &corev1.Secret{} @@ -67,13 +67,8 @@ func (ms *MimirService) CreateAuthSecret(ctx context.Context, logger logr.Logger return errors.WithStack(err) } - secretdata := mc + ":" + password - - secret, err := ms.SecretManager.GenerateGenericSecret( - mimirSpecificSecretName, mimirSpecificSecretNamespace, "credentials", secretdata) - if err != nil { - return errors.WithStack(err) - } + secret := secret.GenerateGenericSecret( + mimirApiKey, mimirNamespace, "credentials", password) err = ms.Client.Create(ctx, secret) if err != nil { @@ -90,10 +85,10 @@ func (ms *MimirService) CreateAuthSecret(ctx context.Context, logger logr.Logger return nil } -func (ms *MimirService) CreateIngressSecret(ctx context.Context, mc string, logger logr.Logger) error { +func (ms *MimirService) CreateIngressAuthenticationSecret(ctx context.Context, logger logr.Logger) error { objectKey := client.ObjectKey{ - Name: authSecretName, - Namespace: authSecretNamespace, + Name: ingressAuthSecretName, + Namespace: mimirNamespace, } current := &corev1.Secret{} @@ -106,15 +101,12 @@ func (ms *MimirService) CreateIngressSecret(ctx context.Context, mc string, logg return errors.WithStack(err) } - htpasswd, err := ms.PasswordManager.GenerateHtpasswd(mc, password) + htpasswd, err := ms.PasswordManager.GenerateHtpasswd(ms.ManagementCluster.Name, password) if err != nil { return errors.WithStack(err) } - secret, err := ms.SecretManager.GenerateGenericSecret(authSecretName, authSecretNamespace, "auth", htpasswd) - if err != nil { - return errors.WithStack(err) - } + secret := secret.GenerateGenericSecret(ingressAuthSecretName, mimirNamespace, "auth", htpasswd) err = ms.Client.Create(ctx, secret) if err != nil { @@ -131,29 +123,13 @@ func (ms *MimirService) CreateIngressSecret(ctx context.Context, mc string, logg return nil } -func (ms *MimirService) DeleteIngressSecret(ctx context.Context) error { - objectKey := client.ObjectKey{ - Name: authSecretName, - Namespace: authSecretNamespace, - } - current := &corev1.Secret{} - // Get the current secret if it exists. - err := ms.Client.Get(ctx, objectKey, current) - if apierrors.IsNotFound(err) { - // Ignore cases where the secret is not found (if it was manually deleted, for instance). - return nil - } else if err != nil { - return errors.WithStack(err) - } - - // Delete the finalizer - desired := current.DeepCopy() - err = ms.Client.Patch(ctx, current, client.MergeFrom(desired)) +func (ms *MimirService) DeleteMimirSecrets(ctx context.Context) error { + err := secret.DeleteSecret(ingressAuthSecretName, mimirNamespace, ctx, ms.Client) if err != nil { return errors.WithStack(err) } - err = ms.Client.Delete(ctx, desired) + err = secret.DeleteSecret(mimirApiKey, mimirNamespace, ctx, ms.Client) if err != nil { return errors.WithStack(err) } diff --git a/pkg/monitoring/prometheusagent/secret.go b/pkg/monitoring/prometheusagent/secret.go index cc290614..ce9a03d4 100644 --- a/pkg/monitoring/prometheusagent/secret.go +++ b/pkg/monitoring/prometheusagent/secret.go @@ -3,7 +3,6 @@ package prometheusagent import ( "context" "fmt" - "strings" "github.com/pkg/errors" promv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" @@ -16,9 +15,8 @@ import ( ) const ( - authSecretName = "mimir-basic-auth" - authSecretNamespace = "mimir" - remoteWriteName = "mimir" + mimirApiKey = "mimir-basic-auth" + mimirNamespace = "mimir" ) func GetMimirIngressPassword(ctx context.Context) (string, error) { @@ -35,8 +33,8 @@ func GetMimirIngressPassword(ctx context.Context) (string, error) { secret := &corev1.Secret{} err = c.Get(ctx, client.ObjectKey{ - Name: authSecretName, - Namespace: authSecretNamespace, + Name: mimirApiKey, + Namespace: mimirNamespace, }, secret) if err != nil { return "", err @@ -111,7 +109,5 @@ func readMimirAuthPasswordFromSecret(secret corev1.Secret) (string, error) { return "", errors.WithStack(err) } - password := strings.Split(secretData, ":")[1] - - return password, nil + return secretData, nil } diff --git a/pkg/monitoring/prometheusagent/types.go b/pkg/monitoring/prometheusagent/types.go index 67dfac9d..cd65ed60 100644 --- a/pkg/monitoring/prometheusagent/types.go +++ b/pkg/monitoring/prometheusagent/types.go @@ -13,6 +13,7 @@ const ( // servicePriorityLabel is the label used to determine the priority of a service. servicePriorityLabel string = "giantswarm.io/service-priority" + remoteWriteName = "mimir" remoteWriteEndpointTemplateURL = "https://mimir.%s/api/v1/push" )