Assign correct resources to oauth proxy, empty as default

Signed-off-by: Ruben Vargas <[email protected]>

api/tempo/v1alpha1/tempomonolithic_defaults.go

@@ -5,6 +5,7 @@ import (
 	"strings"
 	"time"
 
+	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/utils/ptr"
@@ -84,6 +85,10 @@ func (r *TempoMonolithic) Default(ctrlConfig configv1alpha1.ProjectConfig) {
 				defaultSAR := fmt.Sprintf("{\"namespace\": \"%s\", \"resource\": \"pods\", \"verb\": \"get\"}", r.Namespace)
 				r.Spec.JaegerUI.Authentication.SAR = defaultSAR
 			}
+
+			if r.Spec.JaegerUI.Authentication.Resources != nil {
+				r.Spec.JaegerUI.Authentication.Resources = &corev1.ResourceRequirements{}
+			}
 		}
 
 		if r.Spec.JaegerUI.ServicesQueryDuration == nil {

internal/manifests/monolithic/build.go

@@ -93,13 +93,14 @@ func BuildAll(opts Options) ([]client.Object, error) {
 			}
 			manifests = append(manifests, route)
 			if tempo.Spec.JaegerUI.Authentication.Enabled && !tempo.Spec.Multitenancy.IsGatewayEnabled() {
+
 				oauthproxy.PatchStatefulSetForOauthProxy(
 					tempo.ObjectMeta,
 					tempo.Spec.JaegerUI.Authentication,
 					tempo.Spec.Timeout.Duration,
 					opts.CtrlConfig,
 					statefulSet,
-					tempo.Spec.Resources,
+					tempo.Spec.JaegerUI.Authentication.Resources,
 				)
 				oauthproxy.PatchQueryFrontEndService(getJaegerUIService(services, tempo), tempo.Name)
 				if serviceAccount != nil {

tests/e2e/monolithic-jaegerui/01-assert.yaml

@@ -0,0 +1,92 @@
+apiVersion: tempo.grafana.com/v1alpha1
+kind: TempoMonolithic
+metadata:
+  name: simplest
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: tempo-simplest
+  labels:
+    app.kubernetes.io/instance: simplest
+    app.kubernetes.io/managed-by: tempo-operator
+    app.kubernetes.io/name: tempo-monolithic
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: simplest
+      app.kubernetes.io/managed-by: tempo-operator
+      app.kubernetes.io/name: tempo-monolithic
+status:
+  readyReplicas: 1
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: tempo-simplest-0
+status:
+  containerStatuses:
+  - name: jaeger-query
+    ready: true
+    started: true
+  - name: tempo
+    ready: true
+    started: true
+  - name: tempo-query
+    ready: true
+    started: true
+  phase: Running
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/instance: simplest
+    app.kubernetes.io/managed-by: tempo-operator
+    app.kubernetes.io/name: tempo-monolithic
+  name: tempo-simplest
+spec:
+  ports:
+  - name: http
+    port: 3200
+    protocol: TCP
+    targetPort: http
+  - name: otlp-grpc
+    port: 4317
+    protocol: TCP
+    targetPort: otlp-grpc
+  - name: otlp-http
+    port: 4318
+    protocol: TCP
+    targetPort: otlp-http
+  selector:
+    app.kubernetes.io/instance: simplest
+    app.kubernetes.io/managed-by: tempo-operator
+    app.kubernetes.io/name: tempo-monolithic
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/instance: simplest
+    app.kubernetes.io/managed-by: tempo-operator
+    app.kubernetes.io/name: tempo-monolithic
+  name: tempo-simplest-jaegerui
+spec:
+  ports:
+  - name: jaeger-grpc
+    port: 16685
+    protocol: TCP
+    targetPort: jaeger-grpc
+  - name: jaeger-ui
+    port: 16686
+    protocol: TCP
+    targetPort: jaeger-ui
+  - name: jaeger-metrics
+    port: 16687
+    protocol: TCP
+    targetPort: jaeger-metrics
+  selector:
+    app.kubernetes.io/instance: simplest
+    app.kubernetes.io/managed-by: tempo-operator
+    app.kubernetes.io/name: tempo-monolithic

tests/e2e/monolithic-jaegerui/01-install-tempo.yaml

@@ -0,0 +1,9 @@
+apiVersion: tempo.grafana.com/v1alpha1
+kind: TempoMonolithic
+metadata:
+  name: simplest
+spec:
+  jaegerui:
+    enabled: true
+    route:
+      enabled: true

tests/e2e/monolithic-jaegerui/03-assert.yaml

@@ -0,0 +1,6 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: generate-traces
+status:
+  succeeded: 1

tests/e2e/monolithic-jaegerui/03-generate-traces.yaml

@@ -0,0 +1,17 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: generate-traces
+spec:
+  template:
+    spec:
+      containers:
+      - name: telemetrygen
+        image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0
+        args:
+        - traces
+        - --otlp-endpoint=tempo-simplest:4317
+        - --otlp-insecure
+        - --traces=10
+      restartPolicy: Never
+  backoffLimit: 4

tests/e2e/monolithic-jaegerui/04-assert.yaml

@@ -0,0 +1,6 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: verify-traces-jaeger
+status:
+  succeeded: 1

tests/e2e/monolithic-jaegerui/04-verify-traces-jaeger.yaml

@@ -0,0 +1,36 @@
+# Simulate Jaeger Query API requests.
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: verify-traces-jaeger
+spec:
+  template:
+    spec:
+      containers:
+      - name: verify-traces-jaeger
+        image: ghcr.io/grafana/tempo-operator/test-utils:main
+        command:
+        - /bin/bash
+        - -eux
+        - -c
+        args:
+        - |
+          # The query frontend must be accessible via HTTP (no mTLS) to enable connections from Grafana
+          curl \
+            -v -G \
+            http://tempo-simplest:3200/api/search \
+            --data-urlencode "q={}" \
+            | tee /tmp/tempo.out
+          num_traces=$(jq ".traces | length" /tmp/tempo.out)
+          if [[ "$num_traces" -ne 10 ]]; then
+            echo && echo "The Tempo API returned $num_traces instead of 10 traces."
+            exit 1
+          fi
+
+          curl -v -G http://tempo-simplest-jaegerui:16686/api/traces --data-urlencode "service=telemetrygen" | tee /tmp/jaeger.out
+          num_traces=$(jq ".data | length" /tmp/jaeger.out)
+          if [[ "$num_traces" -ne 10 ]]; then
+            echo && echo "The Jaeger API returned $num_traces instead of 10 traces."
+            exit 1
+          fi
+      restartPolicy: Never

tests/e2e/monolithic-jaegerui/05-assert.yaml

@@ -0,0 +1,6 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: verify-traces-grafana
+status:
+  succeeded: 1

tests/e2e/monolithic-jaegerui/05-verify-traces-grafana.yaml

@@ -0,0 +1,46 @@
+# Simulate Grafana Dashboard API requests.
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: verify-traces-grafana
+spec:
+  template:
+    spec:
+      containers:
+      - name: verify-traces-grafana
+        image: ghcr.io/grafana/tempo-operator/test-utils:main
+        command:
+        - /bin/bash
+        - -eux
+        - -c
+        args:
+        - |
+          # Get the current Unix timestamp for "end" time, which is the current time
+          end_time=$(date -u +%s)
+
+          # Calculate "start" time by subtracting 24 hours (86400 seconds) from the "end" time
+          start_time=$((end_time - 86400))
+
+          # The query frontend must be accessible via HTTP (no mTLS) to enable connections from Grafana
+
+          # Run the curl command and capture the HTTP status code and output in a file
+          response_file=$(mktemp)
+          http_status=$(curl -s -o "$response_file" -w "%{http_code}" "http://tempo-simplest:3200/api/search?tags=%20service.name%3D%22telemetrygen%22%20name%3D%22okey-dokey%22&limit=20&start=$start_time&end=$end_time")
+
+          # Check the HTTP status code to detect API call failures
+          if [[ "$http_status" -ne 200 ]]; then
+            echo "API call failed with HTTP status code $http_status."
+            exit 1
+          fi
+
+          # Parse the JSON output from the file and check if the "traces" array is empty
+          output=$(cat "$response_file" | jq .)
+
+          if [[ "$(echo "$output" | jq -r '.traces | length')" -eq 0 ]]; then
+            echo "The Tempo API returned 0 Traces."
+            exit 1
+          else
+            echo "Traces found."
+            exit 0
+          fi
+      restartPolicy: Never

tests/e2e/monolithic-jaegerui/chainsaw-test.yaml

@@ -0,0 +1,32 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json
+apiVersion: chainsaw.kyverno.io/v1alpha1
+kind: Test
+metadata:
+  creationTimestamp: null
+  name: monolithic-memory
+spec:
+  steps:
+  - name: step-01
+    try:
+    - apply:
+        file: 01-install-tempo.yaml
+    - assert:
+        file: 01-assert.yaml
+  - name: step-03
+    try:
+    - apply:
+        file: 03-generate-traces.yaml
+    - assert:
+        file: 03-assert.yaml
+  - name: step-04
+    try:
+    - apply:
+        file: 04-verify-traces-jaeger.yaml
+    - assert:
+        file: 04-assert.yaml
+  - name: step-05
+    try:
+    - apply:
+        file: 05-verify-traces-grafana.yaml
+    - assert:
+        file: 05-assert.yaml