Skip to content

Commit

Permalink
✨ Enable the agent to send event to inventory server (stolostron#1104)
Browse files Browse the repository at this point in the history
* ✨ Install the agent by helm chart (stolostron#1090)

* add standalone mode

Signed-off-by: myan <[email protected]>

d

Signed-off-by: myan <[email protected]>

agent support multiple transports

Signed-off-by: myan <[email protected]>

fix the transport type

Signed-off-by: myan <[email protected]>

improve ut

Signed-off-by: myan <[email protected]>

fix the error

Signed-off-by: myan <[email protected]>

remove the useless

Signed-off-by: myan <[email protected]>

add e2e test

Signed-off-by: myan <[email protected]>

format

Signed-off-by: myan <[email protected]>

remove the

Signed-off-by: myan <[email protected]>

fix the grafana

Signed-off-by: myan <[email protected]>

fix the e2e

Signed-off-by: myan <[email protected]>

pg and kafka

Signed-off-by: myan <[email protected]>

fix the ns

Signed-off-by: myan <[email protected]>

renaming

Signed-off-by: myan <[email protected]>

rerun

Signed-off-by: myan <[email protected]>

add standalone mode

Signed-off-by: myan <[email protected]>

d

Signed-off-by: myan <[email protected]>

agent support multiple transports

Signed-off-by: myan <[email protected]>

fix the transport type

Signed-off-by: myan <[email protected]>

improve ut

Signed-off-by: myan <[email protected]>

fix the error

Signed-off-by: myan <[email protected]>

remove the useless

Signed-off-by: myan <[email protected]>

add e2e test

Signed-off-by: myan <[email protected]>

format

Signed-off-by: myan <[email protected]>

remove the

Signed-off-by: myan <[email protected]>

fix the grafana

Signed-off-by: myan <[email protected]>

fix the e2e

Signed-off-by: myan <[email protected]>

pg and kafka

Signed-off-by: myan <[email protected]>

fix the ns

Signed-off-by: myan <[email protected]>

install agent by helm chart

Signed-off-by: myan <[email protected]>

fix helm

Signed-off-by: myan <[email protected]>

update doc

Signed-off-by: myan <[email protected]>

fix the secret error

Signed-off-by: myan <[email protected]>

doc

Signed-off-by: myan <[email protected]>

test

Signed-off-by: myan <[email protected]>

* add the review

Signed-off-by: myan <[email protected]>

* add clusterId as default leaf_hub_name for standalone

Signed-off-by: myan <[email protected]>

* add clusterId as default leaf_hub_name for standalone

Signed-off-by: myan <[email protected]>

* improve ut

Signed-off-by: myan <[email protected]>

* ut

Signed-off-by: myan <[email protected]>

---------

Signed-off-by: myan <[email protected]>

:bug: Fix the issue of event loss caused by time filtering. (stolostron#1101)

* skipp the expired event

Signed-off-by: myan <[email protected]>

* fix the ut

Signed-off-by: myan <[email protected]>

* integration

Signed-off-by: myan <[email protected]>

---------

Signed-off-by: myan <[email protected]>

kind_cluster (stolostron#1098)

Signed-off-by: myan <[email protected]>

MGMT-18597: Poll Stackrox Central for violation counts and push it to kafka (stolostron#1091)

This patch changes the agent so that it discovers Stackrox _central_
instances in the hub, polls them to extract the summary of security
violations and sends them to the manager via the Kafka broker.

Related: https://issues.redhat.com/browse/MGMT-18597

Signed-off-by: danmanor <[email protected]>
Co-authored-by: danmanor <[email protected]>

ACM-14143: Fix section levels in StackRox integration doc (stolostron#1106)

The levels of the sections are incorrect, this patch fixes them.

Related: https://issues.redhat.com/browse/ACM-14143
Related: https://issues.redhat.com/browse/MGMT-18591

Signed-off-by: Juan Hernandez <[email protected]>

:sparkles: Introduce managedclustermigration api (stolostron#1102)

* support migration

Signed-off-by: clyang82 <[email protected]>

* rename to managedclustermigration

Signed-off-by: clyang82 <[email protected]>

---------

Signed-off-by: clyang82 <[email protected]>

MGMT-18903: Add 'source' column to violations by severity count SQL table to support multiple central instances in one hub (stolostron#1105)

Signed-off-by: danmanor <[email protected]>

fix install hosted in other ns (stolostron#1107)

Signed-off-by: DangPeng Liu <[email protected]>

support sending to the inventory server

Signed-off-by: myan <[email protected]>

generate the secret

Signed-off-by: myan <[email protected]>

fix the e2e

Signed-off-by: myan <[email protected]>

shell

Signed-off-by: myan <[email protected]>

local test finished

Signed-off-by: myan <[email protected]>

rebase

Signed-off-by: myan <[email protected]>

fix the ut

Signed-off-by: myan <[email protected]>

add inventory unit test

Signed-off-by: myan <[email protected]>

add ut

Signed-off-by: myan <[email protected]>

ignore leak

Signed-off-by: myan <[email protected]>

watch the clusterinfo

Signed-off-by: myan <[email protected]>

upgrade addon

Signed-off-by: myan <[email protected]>

add ut

Signed-off-by: myan <[email protected]>

format

Signed-off-by: myan <[email protected]>

fix the e2e

Signed-off-by: myan <[email protected]>

fix the consumer error

Signed-off-by: myan <[email protected]>

* fix sum

Signed-off-by: myan <[email protected]>

* reply review

Signed-off-by: myan <[email protected]>

* remove the namespace

Signed-off-by: myan <[email protected]>

---------

Signed-off-by: myan <[email protected]>
  • Loading branch information
yanmxa authored Sep 20, 2024
1 parent 604bed7 commit 5e0e5c5
Show file tree
Hide file tree
Showing 36 changed files with 2,684 additions and 289 deletions.
12 changes: 6 additions & 6 deletions agent/cmd/agent/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
configv1 "github.com/openshift/api/config/v1"
routev1 "github.com/openshift/api/route/v1"
"github.com/spf13/pflag"
clusterinfov1beta1 "github.com/stolostron/cluster-lifecycle-api/clusterinfo/v1beta1"
coordinationv1 "k8s.io/api/coordination/v1"
corev1 "k8s.io/api/core/v1"
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
Expand Down Expand Up @@ -58,7 +59,7 @@ func main() {
restConfig.QPS = agentConfig.QPS
restConfig.Burst = agentConfig.Burst

c, err := client.New(restConfig, client.Options{})
c, err := client.New(restConfig, client.Options{Scheme: config.GetRuntimeScheme()})
if err != nil {
setupLog.Error(err, "failed to int controller runtime client")
os.Exit(1)
Expand Down Expand Up @@ -125,8 +126,6 @@ func parseFlags() *config.AgentConfig {
pflag.StringVar(&agentConfig.LeafHubName, "leaf-hub-name", "", "The name of the leaf hub.")
pflag.StringVar(&agentConfig.PodNamespace, "pod-namespace", constants.GHAgentNamespace,
"The agent running namespace, also used as leader election namespace")
pflag.StringVar(&agentConfig.TransportConfig.TransportType, "transport-type", "kafka",
"The transport type, 'kafka'")
pflag.IntVar(&agentConfig.SpecWorkPoolSize, "consumer-worker-pool-size", 10,
"The goroutine number to propagate the bundles on managed cluster.")
pflag.BoolVar(&agentConfig.SpecEnforceHohRbac, "enforce-hoh-rbac", false,
Expand Down Expand Up @@ -175,11 +174,11 @@ func completeConfig(ctx context.Context, c client.Client, agentConfig *config.Ag
return fmt.Errorf("failed to get the ClusterVersion(version): %w", err)
}

clusterId := string(clusterVersion.Spec.ClusterID)
if clusterId == "" {
clusterID := string(clusterVersion.Spec.ClusterID)
if clusterID == "" {
return fmt.Errorf("the clusterId from ClusterVersion must not be empty")
}
agentConfig.LeafHubName = clusterId
agentConfig.LeafHubName = clusterID
}

if agentConfig.MetricsAddress == "" {
Expand Down Expand Up @@ -275,6 +274,7 @@ func initCache(restConfig *rest.Config, cacheOpts cache.Options) (cache.Cache, e
&apiextensionsv1.CustomResourceDefinition{}: {},
&policyv1.Policy{}: {},
&clusterv1.ManagedCluster{}: {},
&clusterinfov1beta1.ManagedClusterInfo{}: {},
&clustersv1alpha1.ClusterClaim{}: {},
&routev1.Route{}: {},
&placementrulev1.PlacementRule{}: {},
Expand Down
2 changes: 0 additions & 2 deletions agent/cmd/agent/main_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,13 @@ func TestParseFlags(t *testing.T) {
"cmd",
"--leaf-hub-name=test-hub",
"--pod-namespace=test-namespace",
"--transport-type=kafka",
"--consumer-worker-pool-size=5",
}

agentConfig := parseFlags()

assert.Equal(t, "test-hub", agentConfig.LeafHubName)
assert.Equal(t, "test-namespace", agentConfig.PodNamespace)
assert.Equal(t, "kafka", agentConfig.TransportConfig.TransportType)
assert.Equal(t, 5, agentConfig.SpecWorkPoolSize)
}

Expand Down
2 changes: 2 additions & 0 deletions agent/pkg/config/scheme.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ package config
import (
configv1 "github.com/openshift/api/config/v1"
routev1 "github.com/openshift/api/route/v1"
clusterinfov1beta1 "github.com/stolostron/cluster-lifecycle-api/clusterinfo/v1beta1"
mchv1 "github.com/stolostron/multiclusterhub-operator/api/v1"
coordinationv1 "k8s.io/api/coordination/v1"
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
Expand Down Expand Up @@ -44,5 +45,6 @@ func GetRuntimeScheme() *runtime.Scheme {
utilruntime.Must(channelv1.AddToScheme(scheme))
utilruntime.Must(appsubv1.SchemeBuilder.AddToScheme(scheme))
utilruntime.Must(appv1beta1.AddToScheme(scheme))
utilruntime.Must(clusterinfov1beta1.AddToScheme(scheme))
return scheme
}
11 changes: 10 additions & 1 deletion agent/pkg/status/controller/controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,16 @@ func AddControllers(ctx context.Context, mgr ctrl.Manager, producer transport.Pr
if statusCtrlStarted {
return nil
}
// managed cluster info
if err := managedclusters.LaunchManagedClusterInfoSyncer(ctx, mgr, agentConfig, producer); err != nil {
return fmt.Errorf("failed to launch managedclusterinfo syncer: %w", err)
}

// if it's rest transport, skip the following controllers
if agentConfig.TransportConfig.TransportType == string(transport.Rest) {
statusCtrlStarted = true
return nil
}

if err := agentstatusconfig.AddConfigController(mgr, agentConfig); err != nil {
return fmt.Errorf("failed to add ConfigMap controller: %w", err)
Expand Down Expand Up @@ -86,6 +96,5 @@ func AddControllers(ctx context.Context, mgr ctrl.Manager, producer transport.Pr
return fmt.Errorf("failed to launch time filter: %w", err)
}

statusCtrlStarted = true
return nil
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
package managedclusters

import (
"context"

clusterinfov1beta1 "github.com/stolostron/cluster-lifecycle-api/clusterinfo/v1beta1"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/predicate"

"github.com/stolostron/multicluster-global-hub/agent/pkg/config"
statusconfig "github.com/stolostron/multicluster-global-hub/agent/pkg/status/controller/config"
"github.com/stolostron/multicluster-global-hub/agent/pkg/status/controller/generic"
"github.com/stolostron/multicluster-global-hub/pkg/constants"
"github.com/stolostron/multicluster-global-hub/pkg/enum"
"github.com/stolostron/multicluster-global-hub/pkg/transport"
"github.com/stolostron/multicluster-global-hub/pkg/utils"
)

// LaunchManagedClusterInfoSyncer only for the restful client
func LaunchManagedClusterInfoSyncer(ctx context.Context, mgr ctrl.Manager, agentConfig *config.AgentConfig,
producer transport.Producer,
) error {
if agentConfig.TransportConfig.TransportType != string(transport.Rest) {
return nil
}

// controller config
instance := func() client.Object { return &clusterinfov1beta1.ManagedClusterInfo{} }
predicate := predicate.NewPredicateFuncs(func(object client.Object) bool { return true })

// emitter config
tweakFunc := func(object client.Object) {
utils.MergeAnnotations(object, map[string]string{
constants.ManagedClusterManagedByAnnotation: statusconfig.GetLeafHubName(),
})
}
emitter := generic.ObjectEmitterWrapper(enum.ManagedClusterInfoType, func(obj client.Object) bool {
return true
}, tweakFunc, false)

return generic.LaunchGenericObjectSyncer(
"status.managed_cluster_info",
mgr,
generic.NewGenericController(instance, predicate),
producer,
statusconfig.GetManagerClusterDuration,
[]generic.ObjectEmitter{
emitter,
})
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
package managedclusters

import (
"context"
"testing"

"github.com/stretchr/testify/assert"
"k8s.io/client-go/rest"
"sigs.k8s.io/controller-runtime/pkg/manager"

"github.com/stolostron/multicluster-global-hub/agent/pkg/config"
"github.com/stolostron/multicluster-global-hub/pkg/transport"
)

func TestLaunchManagedClusterInfoSyncer(t *testing.T) {
ctx := context.Background()
agentConfig := &config.AgentConfig{
TransportConfig: &transport.TransportConfig{
TransportType: string(transport.Rest),
},
}
cfg := &rest.Config{
Host: "https://mock-cluster",
APIPath: "/api",
BearerToken: "mock-token",
TLSClientConfig: rest.TLSClientConfig{Insecure: true},
}
mgr, err := manager.New(cfg, manager.Options{Scheme: config.GetRuntimeScheme()})
assert.Nil(t, err)
err = LaunchManagedClusterInfoSyncer(ctx, mgr, agentConfig, nil)
assert.Nil(t, err)
}
18 changes: 17 additions & 1 deletion doc/event-exporter/templates/clusterrole.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -181,4 +181,20 @@ rules:
verbs:
- list
- watch
- get
- get
- apiGroups:
- config.openshift.io
resources:
- clusterversions
verbs:
- get
- list
- watch
- apiGroups:
- internal.open-cluster-management.io
resources:
- managedclusterinfos
verbs:
- get
- list
- watch
Loading

0 comments on commit 5e0e5c5

Please sign in to comment.