Split connection info secrets non-secret part to configmap (#1388) (#…

…1396) Co-authored-by: Marcell Sevcsik <[email protected]> Co-authored-by: Michał Grzybek <[email protected]>
Dynatrace · Dec 14, 2022 · 2c14dcd · 2c14dcd
1 parent 7dbf1ee
commit 2c14dcd
Show file tree

Hide file tree

Showing 44 changed files with 731 additions and 515 deletions.
diff --git a/.gitignore b/.gitignore
@@ -105,3 +105,5 @@ kind-logs-*
 /csi.db
 
 test/testdata/secrets/*
+
+local/
diff --git a/src/api/v1beta1/properties.go b/src/api/v1beta1/properties.go
@@ -29,11 +29,13 @@ import (
 
 const (
 	// PullSecretSuffix is the suffix appended to the DynaKube name to n.
-	PullSecretSuffix             = "-pull-secret"
-	ActiveGateTenantSecretSuffix = "-activegate-tenant-secret"
-	OneAgentTenantSecretSuffix   = "-oneagent-tenant-secret"
-	AuthTokenSecretSuffix        = "-activegate-authtoken-secret"
-	PodNameOsAgent               = "oneagent"
+	PullSecretSuffix                        = "-pull-secret"
+	ActiveGateTenantSecretSuffix            = "-activegate-tenant-secret"
+	OneAgentTenantSecretSuffix              = "-oneagent-tenant-secret"
+	OneAgentConnectionInfoConfigMapSuffix   = "-oneagent-connection-info"
+	ActiveGateConnectionInfoConfigMapSuffix = "-activegate-connection-info"
+	AuthTokenSecretSuffix                   = "-activegate-authtoken-secret"
+	PodNameOsAgent                          = "oneagent"
 
 	defaultActiveGateImage = "/linux/activegate:latest"
 	defaultStatsDImage     = "/linux/dynatrace-datasource-statsd:latest"
@@ -198,6 +200,14 @@ func (dk *DynaKube) ActiveGateAuthTokenSecret() string {
 	return dk.Name + AuthTokenSecretSuffix
 }
 
+func (dk *DynaKube) ActiveGateConnectionInfoConfigMapName() string {
+	return dk.Name + ActiveGateConnectionInfoConfigMapSuffix
+}
+
+func (dk *DynaKube) OneAgentConnectionInfoConfigMapName() string {
+	return dk.Name + OneAgentConnectionInfoConfigMapSuffix
+}
+
 // PullSecret returns the name of the pull secret to be used for immutable images.
 func (dk *DynaKube) PullSecret() string {
 	if dk.Spec.CustomPullSecret != "" {
@@ -438,7 +448,8 @@ func (dk *DynaKube) CommunicationHosts() []dtclient.CommunicationHost {
 	return communicationHosts
 }
 
-func (dk *DynaKube) TenantUUID() (string, error) {
+// TenantUUIDFromApiUrl gets the tenantUUID from the ApiUrl present in the struct, if the tenant is aliased then the alias will be returned
+func (dk *DynaKube) TenantUUIDFromApiUrl() (string, error) {
 	return tenantUUID(dk.Spec.APIURL)
 }
 

diff --git a/src/builder/builder.go b/src/builder/builder.go
@@ -1,13 +1,13 @@
 package builder
 
 type Builder[T any] interface {
-	Build() T
+	Build() (T, error)
 	AddModifier(...Modifier[T]) Builder[T]
 }
 
 type Modifier[T any] interface {
 	Enabled() bool
-	Modify(*T)
+	Modify(*T) error
 }
 
 type GenericBuilder[T any] struct {
@@ -17,17 +17,20 @@ type GenericBuilder[T any] struct {
 
 var _ Builder[any] = (*GenericBuilder[any])(nil)
 
-func (b GenericBuilder[T]) Build() T {
+func (b GenericBuilder[T]) Build() (T, error) {
+	var data T
 	if b.data == nil {
-		var data T
 		b.data = &data
 	}
 	for _, m := range b.modifiers {
 		if m.Enabled() {
-			m.Modify(b.data)
+			err := m.Modify(b.data)
+			if err != nil {
+				return *b.data, err
+			}
 		}
 	}
-	return *b.data
+	return *b.data, nil
 }
 
 func (b *GenericBuilder[T]) AddModifier(modifiers ...Modifier[T]) Builder[T] {

diff --git a/src/builder/builder_test.go b/src/builder/builder_test.go
@@ -11,18 +11,19 @@ import (
 func TestStatefulsetBuilder(t *testing.T) {
 	t.Run("Simple, no modifiers", func(t *testing.T) {
 		b := GenericBuilder[mocks.DataMock]{}
-		actual := b.Build()
+		actual, err := b.Build()
+		assert.NoError(t, err)
 		expected := mocks.DataMock{}
 		assert.Equal(t, expected, actual)
 	})
 	t.Run("One modifier", func(t *testing.T) {
 		b := GenericBuilder[mocks.DataMock]{}
 
 		modifierMock := mocks.NewModifierMock[mocks.DataMock]()
-		modifierMock.On("Modify", mock.Anything).Return()
+		modifierMock.On("Modify", mock.Anything).Return(nil)
 		modifierMock.On("Enabled").Return(true)
 
-		actual := b.AddModifier(modifierMock).Build()
+		actual, _ := b.AddModifier(modifierMock).Build()
 
 		modifierMock.AssertNumberOfCalls(t, "Modify", 1)
 
@@ -33,10 +34,10 @@ func TestStatefulsetBuilder(t *testing.T) {
 		b := GenericBuilder[mocks.DataMock]{}
 
 		modifierMock := mocks.NewModifierMock[mocks.DataMock]()
-		modifierMock.On("Modify", mock.Anything).Return()
+		modifierMock.On("Modify", mock.Anything).Return(nil)
 		modifierMock.On("Enabled").Return(false)
 
-		actual := b.AddModifier(modifierMock).Build()
+		actual, _ := b.AddModifier(modifierMock).Build()
 
 		modifierMock.AssertNumberOfCalls(t, "Modify", 0)
 
@@ -47,13 +48,13 @@ func TestStatefulsetBuilder(t *testing.T) {
 		b := GenericBuilder[mocks.DataMock]{}
 
 		modifierMock0 := mocks.NewModifierMock[mocks.DataMock]()
-		modifierMock0.On("Modify", mock.Anything).Return()
+		modifierMock0.On("Modify", mock.Anything).Return(nil)
 		modifierMock0.On("Enabled").Return(true)
 		modifierMock1 := mocks.NewModifierMock[mocks.DataMock]()
-		modifierMock1.On("Modify", mock.Anything).Return()
+		modifierMock1.On("Modify", mock.Anything).Return(nil)
 		modifierMock1.On("Enabled").Return(true)
 
-		actual := b.AddModifier(modifierMock0, modifierMock0, modifierMock1).Build()
+		actual, _ := b.AddModifier(modifierMock0, modifierMock0, modifierMock1).Build()
 
 		modifierMock0.AssertNumberOfCalls(t, "Modify", 2)
 		modifierMock1.AssertNumberOfCalls(t, "Modify", 1)
@@ -65,13 +66,13 @@ func TestStatefulsetBuilder(t *testing.T) {
 		b := GenericBuilder[mocks.DataMock]{}
 
 		modifierMock0 := mocks.NewModifierMock[mocks.DataMock]()
-		modifierMock0.On("Modify", mock.Anything).Return()
+		modifierMock0.On("Modify", mock.Anything).Return(nil)
 		modifierMock0.On("Enabled").Return(true)
 		modifierMock1 := mocks.NewModifierMock[mocks.DataMock]()
-		modifierMock1.On("Modify", mock.Anything).Return()
+		modifierMock1.On("Modify", mock.Anything).Return(nil)
 		modifierMock1.On("Enabled").Return(true)
 
-		actual := b.AddModifier(modifierMock0, modifierMock0).AddModifier(modifierMock1).Build()
+		actual, _ := b.AddModifier(modifierMock0, modifierMock0).AddModifier(modifierMock1).Build()
 
 		modifierMock0.AssertNumberOfCalls(t, "Modify", 2)
 		modifierMock1.AssertNumberOfCalls(t, "Modify", 1)

diff --git a/src/builder/mocks/modifier.go b/src/builder/mocks/modifier.go
@@ -15,6 +15,7 @@ func (m *ModifierMock[T]) Enabled() bool {
 	return args.Bool(0)
 }
 
-func (m *ModifierMock[T]) Modify(data *T) {
-	m.Called(data)
+func (m *ModifierMock[T]) Modify(data *T) error {
+	args := m.Called(data)
+	return args.Error(0)
 }
diff --git a/src/controllers/csi/gc/reconciler.go b/src/controllers/csi/gc/reconciler.go
@@ -127,7 +127,7 @@ func getDynakubeFromRequest(ctx context.Context, apiReader client.Reader, reques
 }
 
 func collectGCInfo(dynakube dynatracev1beta1.DynaKube, dynakubeList *dynatracev1beta1.DynaKubeList) (*garbageCollectionInfo, error) {
-	tenantUUID, err := dynakube.TenantUUID()
+	tenantUUID, err := dynakube.TenantUUIDFromApiUrl()
 	if err != nil {
 		log.Info("failed to get tenantUUID of DynaKube, checking later")
 		return nil, nil
@@ -186,7 +186,7 @@ func isUpgrading(dkMetadata *metadata.Dynakube, filteredDynakubes map[string]dyn
 func getAllPinnedVersionsForTenantUUID(dynakubeList *dynatracev1beta1.DynaKubeList, tenantUUID string) (pinnedVersionSet, error) {
 	pinnedVersions := make(pinnedVersionSet)
 	for _, dynakube := range dynakubeList.Items {
-		uuid, err := dynakube.TenantUUID()
+		uuid, err := dynakube.TenantUUIDFromApiUrl()
 		if err != nil {
 			log.Error(err, "failed to get tenantUUID of DynaKube")
 			continue

diff --git a/src/controllers/csi/provisioner/agent.go b/src/controllers/csi/provisioner/agent.go
@@ -36,7 +36,7 @@ func newAgentUrlUpdater(
 	recorder record.EventRecorder,
 	dk *dynatracev1beta1.DynaKube) (*agentUpdater, error) {
 
-	tenantUUID, err := dk.TenantUUID()
+	tenantUUID, err := dk.TenantUUIDFromApiUrl()
 	if err != nil {
 		return nil, err
 	}
@@ -66,8 +66,7 @@ func newAgentImageUpdater(
 	db metadata.Access,
 	recorder record.EventRecorder,
 	dk *dynatracev1beta1.DynaKube) (*agentUpdater, error) {
-
-	tenantUUID, err := dk.TenantUUID()
+	tenantUUID, err := dk.TenantUUIDFromApiUrl()
 	if err != nil {
 		return nil, err
 	}

diff --git a/src/controllers/csi/provisioner/controller.go b/src/controllers/csi/provisioner/controller.go
@@ -232,7 +232,7 @@ func (provisioner *OneAgentProvisioner) handleMetadata(ctx context.Context, dk *
 		oldDynakubeMetadata = *dynakubeMetadata
 	}
 
-	tenantUUID, err := dk.TenantUUID()
+	tenantUUID, err := dk.TenantUUIDFromApiUrl()
 	if err != nil {
 		return nil, metadata.Dynakube{}, err
 	}
@@ -295,13 +295,13 @@ func (provisioner *OneAgentProvisioner) getDynaKube(ctx context.Context, name ty
 	return &dk, err
 }
 
-func (provisioner *OneAgentProvisioner) createCSIDirectories(tenantUuid string) error {
-	tenantDir := provisioner.path.TenantDir(tenantUuid)
+func (provisioner *OneAgentProvisioner) createCSIDirectories(tenantUUID string) error {
+	tenantDir := provisioner.path.TenantDir(tenantUUID)
 	if err := provisioner.fs.MkdirAll(tenantDir, 0755); err != nil {
 		return fmt.Errorf("failed to create directory %s: %w", tenantDir, err)
 	}
 
-	agentBinaryDir := provisioner.path.AgentBinaryDir(tenantUuid)
+	agentBinaryDir := provisioner.path.AgentBinaryDir(tenantUUID)
 	if err := provisioner.fs.MkdirAll(agentBinaryDir, 0755); err != nil {
 		return fmt.Errorf("failed to create directory %s: %w", agentBinaryDir, err)
 	}

diff --git a/src/controllers/csi/provisioner/controller_test.go b/src/controllers/csi/provisioner/controller_test.go
@@ -52,7 +52,7 @@ func (fs *mkDirAllErrorFs) MkdirAll(_ string, _ os.FileMode) error {
 	return fmt.Errorf(errorMsg)
 }
 
-func TestOneAgentProvisioner_Reconcile(t *testing.T) {
+func TestOneAgentProvisioner_Reconcile(t *testing.T) { //nolint:revive
 	ctx := context.TODO()
 	dynakubeName := "test-dk"
 
@@ -170,29 +170,46 @@ func TestOneAgentProvisioner_Reconcile(t *testing.T) {
 		require.Len(t, dynakubeMetadatas, 0)
 	})
 	t.Run(`host monitoring used`, func(t *testing.T) {
+		fakeClient := fake.NewClient(
+			&dynatracev1beta1.DynaKube{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: dkName,
+				},
+				Spec: dynatracev1beta1.DynaKubeSpec{
+					APIURL: testAPIURL,
+					OneAgent: dynatracev1beta1.OneAgentSpec{
+						HostMonitoring: &dynatracev1beta1.HostInjectSpec{},
+					},
+				},
+			},
+			&v1.Secret{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: dkName,
+				},
+				Data: map[string][]byte{
+					dtclient.DynatraceApiToken: []byte("api-token"),
+				},
+			},
+		)
+		mockClient := &dtclient.MockDynatraceClient{}
+		mockDtcBuilder := &dynatraceclient.StubBuilder{
+			DynatraceClient: mockClient,
+		}
+
 		gc := &CSIGarbageCollectorMock{}
 		gc.On("Reconcile").Return(reconcile.Result{}, nil)
 		db := metadata.FakeMemoryDB()
+
 		provisioner := &OneAgentProvisioner{
-			apiReader: fake.NewClient(
-				&dynatracev1beta1.DynaKube{
-					ObjectMeta: metav1.ObjectMeta{
-						Name: dynakubeName,
-					},
-					Spec: dynatracev1beta1.DynaKubeSpec{
-						APIURL: testAPIURL,
-						OneAgent: dynatracev1beta1.OneAgentSpec{
-							HostMonitoring: &dynatracev1beta1.HostInjectSpec{},
-						},
-					},
-				},
-			),
-			fs:   afero.NewMemMapFs(),
-			db:   db,
-			gc:   gc,
-			path: metadata.PathResolver{},
+			apiReader:              fakeClient,
+			client:                 fakeClient,
+			fs:                     afero.NewMemMapFs(),
+			db:                     db,
+			gc:                     gc,
+			path:                   metadata.PathResolver{},
+			dynatraceClientBuilder: mockDtcBuilder,
 		}
-		result, err := provisioner.Reconcile(context.TODO(), reconcile.Request{NamespacedName: types.NamespacedName{Name: dynakubeName}})
+		result, err := provisioner.Reconcile(context.TODO(), reconcile.Request{NamespacedName: types.NamespacedName{Name: dkName}})
 
 		require.NoError(t, err)
 		require.NotNil(t, result)

diff --git a/src/controllers/dynakube/activegate/consts/consts.go b/src/controllers/dynakube/activegate/consts/consts.go
@@ -29,6 +29,7 @@ const (
 
 	EnvDtServer             = "DT_SERVER"
 	EnvDtTenant             = "DT_TENANT"
+	EnvDtCommunication      = "DT_COMMUNICATION"
 	EnvDtCapabilities       = "DT_CAPABILITIES"
 	EnvDtIdSeedNamespace    = "DT_ID_SEED_NAMESPACE"
 	EnvDtIdSeedClusterId    = "DT_ID_SEED_K8S_CLUSTER_ID"

diff --git a/src/controllers/dynakube/activegate/internal/statefulset/builder/builder_test.go b/src/controllers/dynakube/activegate/internal/statefulset/builder/builder_test.go
@@ -21,25 +21,27 @@ func (m *ModifierMock) Enabled() bool {
 	return args.Bool(0)
 }
 
-func (m *ModifierMock) Modify(sts *appsv1.StatefulSet) {
-	m.Called(sts)
+func (m *ModifierMock) Modify(sts *appsv1.StatefulSet) error {
+	args := m.Called(sts)
+	return args.Error(0)
 }
 
 func TestBuilder(t *testing.T) {
 	t.Run("Simple, no modifiers", func(t *testing.T) {
 		b := Builder{}
-		actual := b.Build()
+		actual, err := b.Build()
+		assert.NoError(t, err)
 		expected := appsv1.StatefulSet{}
 		assert.Equal(t, expected, actual)
 	})
 	t.Run("One modifier", func(t *testing.T) {
 		b := Builder{}
 
 		modifierMock := NewModifierMock()
-		modifierMock.On("Modify", mock.Anything).Return()
+		modifierMock.On("Modify", mock.Anything).Return(nil)
 		modifierMock.On("Enabled").Return(true)
 
-		actual := b.AddModifier(modifierMock).Build()
+		actual, _ := b.AddModifier(modifierMock).Build()
 
 		modifierMock.AssertNumberOfCalls(t, "Modify", 1)
 
@@ -50,10 +52,10 @@ func TestBuilder(t *testing.T) {
 		b := Builder{}
 
 		modifierMock := NewModifierMock()
-		modifierMock.On("Modify", mock.Anything).Return()
+		modifierMock.On("Modify", mock.Anything).Return(nil)
 		modifierMock.On("Enabled").Return(false)
 
-		actual := b.AddModifier(modifierMock).Build()
+		actual, _ := b.AddModifier(modifierMock).Build()
 
 		modifierMock.AssertNumberOfCalls(t, "Modify", 0)
 
@@ -65,12 +67,12 @@ func TestBuilder(t *testing.T) {
 
 		modifierMock0 := NewModifierMock()
 		modifierMock0.On("Enabled").Return(true)
-		modifierMock0.On("Modify", mock.Anything).Return()
+		modifierMock0.On("Modify", mock.Anything).Return(nil)
 		modifierMock1 := NewModifierMock()
 		modifierMock1.On("Enabled").Return(true)
-		modifierMock1.On("Modify", mock.Anything).Return()
+		modifierMock1.On("Modify", mock.Anything).Return(nil)
 
-		actual := b.AddModifier(modifierMock0, modifierMock0, modifierMock1).Build()
+		actual, _ := b.AddModifier(modifierMock0, modifierMock0, modifierMock1).Build()
 
 		modifierMock0.AssertNumberOfCalls(t, "Modify", 2)
 		modifierMock1.AssertNumberOfCalls(t, "Modify", 1)

diff --git a/src/controllers/dynakube/activegate/internal/statefulset/builder/modifiers/authtoken.go b/src/controllers/dynakube/activegate/internal/statefulset/builder/modifiers/authtoken.go
@@ -28,10 +28,11 @@ func (mod AuthTokenModifier) Enabled() bool {
 	return mod.dynakube.UseActiveGateAuthToken()
 }
 
-func (mod AuthTokenModifier) Modify(sts *appsv1.StatefulSet) {
+func (mod AuthTokenModifier) Modify(sts *appsv1.StatefulSet) error {
 	baseContainer := kubeobjects.FindContainerInPodSpec(&sts.Spec.Template.Spec, consts.ActiveGateContainerName)
 	sts.Spec.Template.Spec.Volumes = append(sts.Spec.Template.Spec.Volumes, mod.getVolumes()...)
 	baseContainer.VolumeMounts = append(baseContainer.VolumeMounts, mod.getVolumeMounts()...)
+	return nil
 }
 
 func (mod AuthTokenModifier) getVolumes() []corev1.Volume {

diff --git a/src/controllers/dynakube/activegate/internal/statefulset/builder/modifiers/authtoken_test.go b/src/controllers/dynakube/activegate/internal/statefulset/builder/modifiers/authtoken_test.go
@@ -43,7 +43,7 @@ func TestAuthTokenModify(t *testing.T) {
 		mod := NewAuthTokenModifier(dynakube)
 		builder := createBuilderForTesting()
 
-		sts := builder.AddModifier(mod).Build()
+		sts, _ := builder.AddModifier(mod).Build()
 
 		require.NotEmpty(t, sts)
 		isSubset(t, mod.getVolumes(), sts.Spec.Template.Spec.Volumes)
Original file line number	Diff line number	Diff line change
Expand Up		@@ -105,3 +105,5 @@ kind-logs-*
		/csi.db

		test/testdata/secrets/*

		local/