diff --git a/example/controller-registration.yaml b/example/controller-registration.yaml index f85eab31..fea04af1 100644 --- a/example/controller-registration.yaml +++ b/example/controller-registration.yaml @@ -1,11 +1,10 @@ --- -apiVersion: core.gardener.cloud/v1beta1 +apiVersion: core.gardener.cloud/v1 kind: ControllerDeployment metadata: name: extension-shoot-rsyslog-relp -type: helm -providerConfig: - chart: H4sIAAAAAAAAA+0da2/bOLKf9St46gJtF5X8ThYGekA28bbBtomRZHN3OBwCWmJsXiRRR0pO3cf99huSkqyHHctpz0m6GhSJI5HD4XBeHA7dKeYuCQi3yMeIBIKywBIzxiKLi4Xw2NTixAtbz74J2gD7g4H6DVD+rT53ev1Od9Dd25PPO/ud/t4zNPi2YetBLCLMEXrGYdJ3tdv0/onCtNb62zPi+XQaME7uMYZc4L1+f+36w7IX17/b6bV7z1D7u892BfzJ1/85GuMoIjwQKGJILzG6nZEATWLquTSYohA7N3hKhG08RxczKpCIw5DxCD6AWHho6rEJ8nHkzKD1awQCgyM6J9AvmuWe48AFBAGZwlsWoJchJ9f0I3HRLYV2f3llo9PAWyAWqJ6SJBQSjjwaENuwj86vziOgDVAcMt8HBJeH58ilXBj2lEYt9VOTb9iTT7ylfqYPZtOW/JH+KeZBa4loAvOLQ3RNPSKMn21xG8LPCb6Bn5EPn/8LTS8xpywW6PhoBAOGnP2bOJFhU5fglm4Hjwx7Lhzmkpbx0KtaH+rp/+EM88heYN+7zxib9B/0vqz/7f1uo/+7ABzSS8Llug/RvGPgMMz+NDt22zRcIhxOw0g9OkDvwBEgR4oDumYcRTOC3iYihM60yKAzEBk0SuVJtTuXMgUWJMA+GaJaQmfMU0LaNlDyhHTqKUE9/XeZY0/ZfcfYpP/77bL/b3f7g0b/dwGtFjofH/3d+g283yELF+AyZ9EFCMMQwSr00PnBGJ2PEKgwDtQf+BocJcURQQ7zQxwspGNf2gCHBRGnkxh8tTBaLSPF/546IF7EOoZmEb2mhIM1gchiRqwuKDe0m7LhVKKQqMUMWQ4yJxg+/PT24OxodDI6u3p3cPj71dHxWSttZ6nRmOeB/HIypSLiKriwodtd8oxs9NNLB0fItlvw73J0dn58evIq+ZN8xH7okdY65NINLs3bsIrelNOBuEqFTYmxJAGeQHyBCrPUcZQykMlDGW9Jm+owziHCQEsaUIEGI8xj/wbbWE//IwIcAZLFvXaCW+//up0OmItm/7cD2Hb9ryDkh7Bc2FFYOxbcZP87vV5p/Xv9vWb/txP4/NlCLmzEYNdlegS7BNYbDA/IAXVNZH39atwlGJbuYqV9DImOgD+QHR96ag3UgG313/FAYQgHn0Rq7wc36H93f78c//X77f1G/3cBz/+P4d9z43m94M+yLCO/EeUT7Ng4jmaM00864Ln5RdiUtWCLekMDd4gOtRyegRwaPomwiyM8NBDSG8xMmIWdCrjteCx2h58/I/sSezERtiB8DoSdQA8E5gohD0+IJyQWhGAjbN/EE8IDAmIvh167db0L5SpENACRCxxAJnvCZplgQey0D48hTBwaFnSkbzmLQ0WQtX5K8JYTwWLukKRpoqMC/oA99CR5OiWR+u1BFKk+3MrUXHUg7PpUyIEKAafmf3UsP45U1HpLJmA2bmD9r+k01p3qESA/xSGsH9HEc5J+DFcTmFGwkRE+DiBGdrOnRXrMn80qctNcwU81KR+H90UgRUeAvJcpqLskW6z9smnpzxYIXRTXX5KwvDi1ZioIrF9Uh08OY9ylwd3SpVSjhC0nIJv45kMUA5YIxNOGDRVhAn75K4h2OA6JXmXNtpAzMCozEguljrWZlqMtJ9JLVrqg7JHMYV+cHp2+5NccB59uyKshOiM+mxPY+lEBJhaUFx3EU9BiaYX79golDZUwlicCS0yuY09UlmANzd/k/ydgiCVrN4YBG/x/p9st538H+90m/t8J/AD+/1cthz9YGAATOyPXkopU9e/gC7SqhkXfwgURT+QJlwpENOZz3eDAcVgcRBnyLRmRecLqrNVjaPXQGvHngq3tfxoLWdSH2GoOQsK4Bb6L33Iard4TbrL/7UEp/9Nr97qdxv7vAh6N/ZeZI3qdWQ4lXZdKuk5T4ZImpHRemVg9JZQfcLjCB2xjoFbLdD2z9VgcRzp7NRVxVdTMIfpi5IZbyeQvCHgK64T6El2a0GvyeT8mbGv/XRJ6bOGDfNQvB7nb/nfae93y+U+/2+T/dgOPxv7nDbvc3S5D/aNM5L7RvNc05GVPpIrGztKdtsaDg4BFOsml7f26pFRLdx8iM+IxMfP29JE4DNlnBstu4TmmQBEsb7SwdJxnr51WtAgB3/J42hAhcYYqJTGnksp3VIAQLN5Tn0phUm9CjzpYaDKSCSQPD+WmQlMj1GES45otqn7wfY5P35FT9+FVagkT6nLyqPCVxUICiLlzI2K/taRLc1eNQQPHi10i6yEpsOAn+yIZwf4VRh7LGkqz0lPZXvMVssFbixnuDvYA/3JaNWOpCoHL4H454MqQqD7ldfYLd08k05YVMwP+c+oIW1dXnMs8nqygyM1tmcmTq6szfZkyrm4kazKgSU520mFUtcbXr+Y66ryCnH5XSb2fXkuA5reM38hM3XptZhb2PO35hSVHsYCTkhAgMnJCq9/vgVn2PHZL3FWYq/g4KDT1c3i27O+CChV6pAZGLxhlID6LQw8LcVLkKcQtoKTWoN1OGotC5uLkvisgbR2m0CdbYOt+PkiDUoeCKVRPKk3GseeNGdjIRaFxmD0uyAif5sTPQlZiL960SOS0CiFdzpAUOnj0mjgLxyOWjz/K7k7MOfhe6CX/kEXSb3J0LD2AsLOu9rLb+SJwRJ5EOYb2iRYLiT4ospZ2cx1u3eU07XGQdSjjLlUkWNR9k7NVK2oc7DKG5CgrYZ2VhQxv7tj6re2drL4lTUd+bkkzvXNNZWSs7csmfDC9zegIX4VtRjCPJgRH205r2RFWldxaYPFhEAw2Q4qFu1Ymsn626necdDvXvcqjZJqU1P7msWYmInlX7psYaUseS1jYlad+4s1wvRUvT8+LZuv76vdljnp0DhQJMeZsQpZ6B/FUFIVvSZR/hNR9iCFqaVSfiq+Uy9k4ngQB3loanXcXF+PcCxrQiGLviHh4kTB3iDrtrAUHuadb0yp7LXZC6iBrQIJ53oRpE/t+dHA0OrsavR8dXhyfnlydHHwYnY8PDkc5vHNJz2/gyotTge2G5yap9MrzsZpnGsbZmVJUCDj74+Ti+MNodwNvGcOldB5/OHg7ugQunZ5dnV6Ozv52dnxRoRVWVtWN5tJDrZX5ogI1hVCnQiAvbpA05M4nQWIi9g9ZOlvt8QWBZvrLzFOnXR6oNPacebFPPkh/LqrCUqhQ03YzxwFf9tLsr3jFXDMp+vJC0hDJWPFbl2VDPL2GvMoi1aOvwCzNqkrMchePnDSdmpfc8jyqWSK7wmog2RdF8bfQDVkM0aroQ4O2PNX3WzF+W7bfMePvkj9OwSXXOPaiD8wFzP1uOze3B0qybpv/W7kT3TDGpvrfwX65/nfQ6/Sb/N8u4FHm/2od7NQzRXUSfinenEQP0RcryablyhLyI+RO1ZN+pT3svIO9cIY7Ck1+Okl13OM4T9lW/0PmulTwWF0InMTulGw+CNh0/tvrlet/9uBzo/+7gEep/6FKbCxPAMbMPcqE7lcldLs5CngkKfo09eXjj38ESZreg7adR54uT2I2QXyIhQ6lvHCCzL++QR27u2e1TWQf4lCfOFDA9zugTmTAfkujy/w+Pw70PnMBsjACyqQkpGmxA+8WL8SBzBXmzlceWrOeBmxr/7e6+JHAJvvfbw9K9r+7v9/U/+wEHqX9r1H/uebix9PxAfIbdWwx03v8B7xXsos6/O3GSJ+rVdDvamXwrVVMzPLPReJz1fkQTDy0Ej4g3Mf+1y78T2Bz/N8v1//0mvh/N/CU7f/6wv/GDXznewWFCwVbEdncJHjUsK39T9Zhqy3ABvvfreZ/e/39pv5zJ/Ao7X9m5RNTsSsLXynfq1M7dc2Zb0Erz7UipgozxBC9+OdnM+QsYg7zzKF5cTg2X5vynZmvKrijauPrv15sR4Gq3yLEtXSNmwVSDZGtsJISqgJhZTpKlRGvy6RvQ0zGaSvNTCWj5lJTMLhZdFqFg3AYVSM1t2JDyFxL+ehs5GWRC7CBysrTwvXoH8Khp7lBXZCb3P87Hlcygw9YX6xFr1xXfVftZnp+m7RR41YKT1bV86SCO0Qgt8Vi6xRnWlCl1W016o3VWcVx5BOtb+PNmDIVf2jTr+Ce/h/r4K1eGLDp/Hdvv5z/G7QHzf5vJ/Ak/H+6VXjKG71tzSZsx5iqBSry4ILdEODQNfYE+R4nyNvq/zzEW38P8Kb8j3xXyv/vNd//sBt4NPpfig6knOnIwC3d+jWlZggHAjoIBrO0kJlYDGgWUXg5Zu5B0g6c/E4MRxqJrZhJGrPmK/aLz7S1ye4YqIc0Lduzli/09YUXP79IjmR9GhzoCD934SiMFZmc/CemnLjIXE+LvURgQz9ERdbNvGMK5W65kkef+Iwv7kWA7nofGpKeioxC1KfDsqwKd9Utw2V9Tu6m4f0KAOVBtTpZyC+qfqJr/nI95YTyje1lux1evK5n/+ea5Ht+Afwm+z8YVP//h367sf+7gEdj/5P7UCTmLCSWy5wb2NiHN1PbJfNWJqXJ/7zQCuMJ6Ez2fFmWCjuUivgOVegSGWHuKtXx9QmLxmBQpLIbOS0eohVfRZ+/pSrLbozC2aU0VoA/MdbK+pqDtq+vCabm0Nzrf6DykSdvxIph8eWg05VvjdzVmaFqm9yoytxD/lqVvjWRnXCmF5Gr12yGqCdLjdfeoUrjSaN01zl7DrZKYk8cclZyvsqFVR2SYgjwwyj6B8mPjfbSlE4c+JIu9FAf4yaRALxY3j4Zol/av8DSPEeCRPIrCYX6Yu0kS/AaEXtq6696k2mGyQKpbNny6qeRtBwaaUIA8LWzWacJimTyRmFjPzSya4aalH6/lzzS2315Fwd2tQ+t7Q000EADDTTQQAMNNNBAAw38WeF/vDLX+QB4AAA= +helm: + rawChart: H4sIAAAAAAAAA+0da2/bOLKf9St46gJtF5X8ThYGekA28bbBtomRZHN3OBwCWmJsXiRRR0pO3cf99huSkqyHHctpz0m6GhSJI5HD4XBeHA7dKeYuCQi3yMeIBIKywBIzxiKLi4Xw2NTixAtbz74J2gD7g4H6DVD+rT53ev1Od9Dd25PPO/ud/t4zNPi2YetBLCLMEXrGYdJ3tdv0/onCtNb62zPi+XQaME7uMYZc4L1+f+36w7IX17/b6bV7z1D7u892BfzJ1/85GuMoIjwQKGJILzG6nZEATWLquTSYohA7N3hKhG08RxczKpCIw5DxCD6AWHho6rEJ8nHkzKD1awQCgyM6J9AvmuWe48AFBAGZwlsWoJchJ9f0I3HRLYV2f3llo9PAWyAWqJ6SJBQSjjwaENuwj86vziOgDVAcMt8HBJeH58ilXBj2lEYt9VOTb9iTT7ylfqYPZtOW/JH+KeZBa4loAvOLQ3RNPSKMn21xG8LPCb6Bn5EPn/8LTS8xpywW6PhoBAOGnP2bOJFhU5fglm4Hjwx7Lhzmkpbx0KtaH+rp/+EM88heYN+7zxib9B/0vqz/7f1uo/+7ABzSS8Llug/RvGPgMMz+NDt22zRcIhxOw0g9OkDvwBEgR4oDumYcRTOC3iYihM60yKAzEBk0SuVJtTuXMgUWJMA+GaJaQmfMU0LaNlDyhHTqKUE9/XeZY0/ZfcfYpP/77bL/b3f7g0b/dwGtFjofH/3d+g283yELF+AyZ9EFCMMQwSr00PnBGJ2PEKgwDtQf+BocJcURQQ7zQxwspGNf2gCHBRGnkxh8tTBaLSPF/546IF7EOoZmEb2mhIM1gchiRqwuKDe0m7LhVKKQqMUMWQ4yJxg+/PT24OxodDI6u3p3cPj71dHxWSttZ6nRmOeB/HIypSLiKriwodtd8oxs9NNLB0fItlvw73J0dn58evIq+ZN8xH7okdY65NINLs3bsIrelNOBuEqFTYmxJAGeQHyBCrPUcZQykMlDGW9Jm+owziHCQEsaUIEGI8xj/wbbWE//IwIcAZLFvXaCW+//up0OmItm/7cD2Hb9ryDkh7Bc2FFYOxbcZP87vV5p/Xv9vWb/txP4/NlCLmzEYNdlegS7BNYbDA/IAXVNZH39atwlGJbuYqV9DImOgD+QHR96ag3UgG313/FAYQgHn0Rq7wc36H93f78c//X77f1G/3cBz/+P4d9z43m94M+yLCO/EeUT7Ng4jmaM00864Ln5RdiUtWCLekMDd4gOtRyegRwaPomwiyM8NBDSG8xMmIWdCrjteCx2h58/I/sSezERtiB8DoSdQA8E5gohD0+IJyQWhGAjbN/EE8IDAmIvh167db0L5SpENACRCxxAJnvCZplgQey0D48hTBwaFnSkbzmLQ0WQtX5K8JYTwWLukKRpoqMC/oA99CR5OiWR+u1BFKk+3MrUXHUg7PpUyIEKAafmf3UsP45U1HpLJmA2bmD9r+k01p3qESA/xSGsH9HEc5J+DFcTmFGwkRE+DiBGdrOnRXrMn80qctNcwU81KR+H90UgRUeAvJcpqLskW6z9smnpzxYIXRTXX5KwvDi1ZioIrF9Uh08OY9ylwd3SpVSjhC0nIJv45kMUA5YIxNOGDRVhAn75K4h2OA6JXmXNtpAzMCozEguljrWZlqMtJ9JLVrqg7JHMYV+cHp2+5NccB59uyKshOiM+mxPY+lEBJhaUFx3EU9BiaYX79golDZUwlicCS0yuY09UlmANzd/k/ydgiCVrN4YBG/x/p9st538H+90m/t8J/AD+/1cthz9YGAATOyPXkopU9e/gC7SqhkXfwgURT+QJlwpENOZz3eDAcVgcRBnyLRmRecLqrNVjaPXQGvHngq3tfxoLWdSH2GoOQsK4Bb6L33Iard4TbrL/7UEp/9Nr97qdxv7vAh6N/ZeZI3qdWQ4lXZdKuk5T4ZImpHRemVg9JZQfcLjCB2xjoFbLdD2z9VgcRzp7NRVxVdTMIfpi5IZbyeQvCHgK64T6El2a0GvyeT8mbGv/XRJ6bOGDfNQvB7nb/nfae93y+U+/2+T/dgOPxv7nDbvc3S5D/aNM5L7RvNc05GVPpIrGztKdtsaDg4BFOsml7f26pFRLdx8iM+IxMfP29JE4DNlnBstu4TmmQBEsb7SwdJxnr51WtAgB3/J42hAhcYYqJTGnksp3VIAQLN5Tn0phUm9CjzpYaDKSCSQPD+WmQlMj1GES45otqn7wfY5P35FT9+FVagkT6nLyqPCVxUICiLlzI2K/taRLc1eNQQPHi10i6yEpsOAn+yIZwf4VRh7LGkqz0lPZXvMVssFbixnuDvYA/3JaNWOpCoHL4H454MqQqD7ldfYLd08k05YVMwP+c+oIW1dXnMs8nqygyM1tmcmTq6szfZkyrm4kazKgSU520mFUtcbXr+Y66ryCnH5XSb2fXkuA5reM38hM3XptZhb2PO35hSVHsYCTkhAgMnJCq9/vgVn2PHZL3FWYq/g4KDT1c3i27O+CChV6pAZGLxhlID6LQw8LcVLkKcQtoKTWoN1OGotC5uLkvisgbR2m0CdbYOt+PkiDUoeCKVRPKk3GseeNGdjIRaFxmD0uyAif5sTPQlZiL960SOS0CiFdzpAUOnj0mjgLxyOWjz/K7k7MOfhe6CX/kEXSb3J0LD2AsLOu9rLb+SJwRJ5EOYb2iRYLiT4ospZ2cx1u3eU07XGQdSjjLlUkWNR9k7NVK2oc7DKG5CgrYZ2VhQxv7tj6re2drL4lTUd+bkkzvXNNZWSs7csmfDC9zegIX4VtRjCPJgRH205r2RFWldxaYPFhEAw2Q4qFu1Ymsn626necdDvXvcqjZJqU1P7msWYmInlX7psYaUseS1jYlad+4s1wvRUvT8+LZuv76vdljnp0DhQJMeZsQpZ6B/FUFIVvSZR/hNR9iCFqaVSfiq+Uy9k4ngQB3loanXcXF+PcCxrQiGLviHh4kTB3iDrtrAUHuadb0yp7LXZC6iBrQIJ53oRpE/t+dHA0OrsavR8dXhyfnlydHHwYnY8PDkc5vHNJz2/gyotTge2G5yap9MrzsZpnGsbZmVJUCDj74+Ti+MNodwNvGcOldB5/OHg7ugQunZ5dnV6Ozv52dnxRoRVWVtWN5tJDrZX5ogI1hVCnQiAvbpA05M4nQWIi9g9ZOlvt8QWBZvrLzFOnXR6oNPacebFPPkh/LqrCUqhQ03YzxwFf9tLsr3jFXDMp+vJC0hDJWPFbl2VDPL2GvMoi1aOvwCzNqkrMchePnDSdmpfc8jyqWSK7wmog2RdF8bfQDVkM0aroQ4O2PNX3WzF+W7bfMePvkj9OwSXXOPaiD8wFzP1uOze3B0qybpv/W7kT3TDGpvrfwX65/nfQ6/Sb/N8u4FHm/2od7NQzRXUSfinenEQP0RcryablyhLyI+RO1ZN+pT3svIO9cIY7Ck1+Okl13OM4T9lW/0PmulTwWF0InMTulGw+CNh0/tvrlet/9uBzo/+7gEep/6FKbCxPAMbMPcqE7lcldLs5CngkKfo09eXjj38ESZreg7adR54uT2I2QXyIhQ6lvHCCzL++QR27u2e1TWQf4lCfOFDA9zugTmTAfkujy/w+Pw70PnMBsjACyqQkpGmxA+8WL8SBzBXmzlceWrOeBmxr/7e6+JHAJvvfbw9K9r+7v9/U/+wEHqX9r1H/uebix9PxAfIbdWwx03v8B7xXsos6/O3GSJ+rVdDvamXwrVVMzPLPReJz1fkQTDy0Ej4g3Mf+1y78T2Bz/N8v1//0mvh/N/CU7f/6wv/GDXznewWFCwVbEdncJHjUsK39T9Zhqy3ABvvfreZ/e/39pv5zJ/Ao7X9m5RNTsSsLXynfq1M7dc2Zb0Erz7UipgozxBC9+OdnM+QsYg7zzKF5cTg2X5vynZmvKrijauPrv15sR4Gq3yLEtXSNmwVSDZGtsJISqgJhZTpKlRGvy6RvQ0zGaSvNTCWj5lJTMLhZdFqFg3AYVSM1t2JDyFxL+ehs5GWRC7CBysrTwvXoH8Khp7lBXZCb3P87Hlcygw9YX6xFr1xXfVftZnp+m7RR41YKT1bV86SCO0Qgt8Vi6xRnWlCl1W016o3VWcVx5BOtb+PNmDIVf2jTr+Ce/h/r4K1eGLDp/Hdvv5z/G7QHzf5vJ/Ak/H+6VXjKG71tzSZsx5iqBSry4ILdEODQNfYE+R4nyNvq/zzEW38P8Kb8j3xXyv/vNd//sBt4NPpfig6knOnIwC3d+jWlZggHAjoIBrO0kJlYDGgWUXg5Zu5B0g6c/E4MRxqJrZhJGrPmK/aLz7S1ye4YqIc0Lduzli/09YUXP79IjmR9GhzoCD934SiMFZmc/CemnLjIXE+LvURgQz9ERdbNvGMK5W65kkef+Iwv7kWA7nofGpKeioxC1KfDsqwKd9Utw2V9Tu6m4f0KAOVBtTpZyC+qfqJr/nI95YTyje1lux1evK5n/+ea5Ht+Afwm+z8YVP//h367sf+7gEdj/5P7UCTmLCSWy5wb2NiHN1PbJfNWJqXJ/7zQCuMJ6Ez2fFmWCjuUivgOVegSGWHuKtXx9QmLxmBQpLIbOS0eohVfRZ+/pSrLbozC2aU0VoA/MdbK+pqDtq+vCabm0Nzrf6DykSdvxIph8eWg05VvjdzVmaFqm9yoytxD/lqVvjWRnXCmF5Gr12yGqCdLjdfeoUrjSaN01zl7DrZKYk8cclZyvsqFVR2SYgjwwyj6B8mPjfbSlE4c+JIu9FAf4yaRALxY3j4Zol/av8DSPEeCRPIrCYX6Yu0kS/AaEXtq6696k2mGyQKpbNny6qeRtBwaaUIA8LWzWacJimTyRmFjPzSya4aalH6/lzzS2315Fwd2tQ+t7Q000EADDTTQQAMNNNBAAw38WeF/vDLX+QB4AAA= values: image: europe-docker.pkg.dev/gardener-project/public/gardener/extensions/shoot-rsyslog-relp:v0.6.0-dev --- diff --git a/pkg/controller/lifecycle/monitoring.go b/pkg/controller/lifecycle/monitoring.go index 7702bb20..03f3b0d3 100644 --- a/pkg/controller/lifecycle/monitoring.go +++ b/pkg/controller/lifecycle/monitoring.go @@ -110,7 +110,7 @@ func deployMonitoringConfig(ctx context.Context, c client.Client, namespace stri ScrapeTimeout: ptr.To(monitoringv1.Duration("30s")), Scheme: ptr.To("HTTPS"), // This is needed because the kubelets' certificates are not are generated for a specific pod IP - TLSConfig: &monitoringv1.SafeTLSConfig{InsecureSkipVerify: true}, + TLSConfig: &monitoringv1.SafeTLSConfig{InsecureSkipVerify: ptr.To(true)}, Authorization: &monitoringv1.SafeAuthorization{Credentials: &corev1.SecretKeySelector{ LocalObjectReference: corev1.LocalObjectReference{Name: "shoot-access-prometheus-shoot"}, Key: "token", @@ -124,18 +124,18 @@ func deployMonitoringConfig(ctx context.Context, c client.Client, namespace stri Key: "token", }}, // This is needed because we do not fetch the correct cluster CA bundle right now - TLSConfig: &monitoringv1.SafeTLSConfig{InsecureSkipVerify: true}, + TLSConfig: &monitoringv1.SafeTLSConfig{InsecureSkipVerify: ptr.To(true)}, FollowRedirects: ptr.To(true), }}, - RelabelConfigs: []*monitoringv1.RelabelConfig{ + RelabelConfigs: []monitoringv1.RelabelConfig{ { Action: "replace", - Replacement: "rsyslog-metrics", + Replacement: ptr.To("rsyslog-metrics"), TargetLabel: "job", }, { TargetLabel: "type", - Replacement: "shoot", + Replacement: ptr.To("shoot"), }, { SourceLabels: []monitoringv1.LabelName{"__meta_kubernetes_service_name", "__meta_kubernetes_endpoint_port_name"}, @@ -156,13 +156,13 @@ func deployMonitoringConfig(ctx context.Context, c client.Client, namespace stri }, { TargetLabel: "__address__", - Replacement: "kube-apiserver:443", + Replacement: ptr.To("kube-apiserver:443"), }, { SourceLabels: []monitoringv1.LabelName{"__meta_kubernetes_pod_name", "__meta_kubernetes_pod_container_port_number"}, Regex: `(.+);(.+)`, TargetLabel: "__metrics_path__", - Replacement: "/api/v1/namespaces/kube-system/pods/${1}:${2}/proxy/metrics", + Replacement: ptr.To("/api/v1/namespaces/kube-system/pods/${1}:${2}/proxy/metrics"), }, }, MetricRelabelConfigs: monitoringutils.StandardMetricRelabelConfig("rsyslog_.+"), diff --git a/skaffold.yaml b/skaffold.yaml index 5a4b147d..501f45ce 100644 --- a/skaffold.yaml +++ b/skaffold.yaml @@ -100,7 +100,7 @@ deploy: profiles: - name: remote-extension patches: - - op: add - path: /deploy/helm/releases/0/setValues - value: - global.vpa.enabled: false + - op: add + path: /deploy/helm/releases/0/setValues + value: + global.vpa.enabled: false diff --git a/test/integration/controller/lifecycle/lifecycle_test.go b/test/integration/controller/lifecycle/lifecycle_test.go index 6ca85b29..df45979b 100644 --- a/test/integration/controller/lifecycle/lifecycle_test.go +++ b/test/integration/controller/lifecycle/lifecycle_test.go @@ -17,12 +17,16 @@ import ( . "github.com/gardener/gardener/pkg/utils/test/matchers" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - v1 "k8s.io/api/autoscaling/v1" + "github.com/onsi/gomega/types" + appsv1 "k8s.io/api/apps/v1" + autoscalingv1 "k8s.io/api/autoscaling/v1" corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/types" + apimachinerytypes "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/uuid" + "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" "github.com/gardener/gardener-extension-shoot-rsyslog-relp/pkg/apis/rsyslog" @@ -30,112 +34,132 @@ import ( var _ = Describe("Lifecycle controller tests", func() { var ( - rsyslogConfigurationCleanerDaemonsetYaml = `apiVersion: apps/v1 -kind: DaemonSet -metadata: - creationTimestamp: null - labels: - app.kubernetes.io/instance: rsyslog-relp-configuration-cleaner - app.kubernetes.io/name: rsyslog-relp-configuration-cleaner - name: rsyslog-relp-configuration-cleaner - namespace: kube-system -spec: - selector: - matchLabels: - app.kubernetes.io/instance: rsyslog-relp-configuration-cleaner - app.kubernetes.io/name: rsyslog-relp-configuration-cleaner - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/instance: rsyslog-relp-configuration-cleaner - app.kubernetes.io/name: rsyslog-relp-configuration-cleaner - spec: - automountServiceAccountToken: false - containers: - - image: registry.k8s.io/pause:3.9 - imagePullPolicy: IfNotPresent - name: pause-container - resources: {} - hostPID: true - initContainers: - - command: - - sh - - -c - - |- - if [[ -f /host/etc/systemd/system/rsyslog-configurator.service ]]; then - chroot /host /bin/bash -c 'systemctl disable rsyslog-configurator; systemctl stop rsyslog-configurator; rm -f /etc/systemd/system/rsyslog-configurator.service' - fi - - if [[ -d /host/var/log/rsyslog ]]; then - rm -rf /host/var/log/rsyslog - fi - - if [[ -f /host/etc/audit/plugins.d/syslog.conf ]]; then - sed -i "s/^active\\>.*/active = no/i" /host/etc/audit/plugins.d/syslog.conf - fi - if [[ -f /host/etc/audisp/plugins.d/syslog.conf ]]; then - sed -i "s/^active\\>.*/active = no/i" /host/etc/audisp/plugins.d/syslog.conf - fi - - chroot /host /bin/bash -c 'if systemctl list-unit-files systemd-journald-audit.socket > /dev/null; then \ - systemctl enable systemd-journald-audit.socket; \ - systemctl start systemd-journald-audit.socket; \ - systemctl restart systemd-journald; \ - fi' - - if [[ -d /host/etc/audit/rules.d.original ]]; then - if [[ -d /host/etc/audit/rules.d ]]; then - rm -rf /host/etc/audit/rules.d - fi - mv /host/etc/audit/rules.d.original /host/etc/audit/rules.d - chroot /host /bin/bash -c 'if systemctl list-unit-files auditd.service > /dev/null; then augenrules --load; systemctl restart auditd; fi' - fi - - if [[ -f /host/etc/rsyslog.d/60-audit.conf ]]; then - rm -f /host/etc/rsyslog.d/60-audit.conf - chroot /host /bin/bash -c 'if systemctl list-unit-files rsyslog.service > /dev/null; then systemctl restart rsyslog; fi' - fi - - if [[ -d /host/etc/ssl/rsyslog ]]; then - rm -rf /host/etc/ssl/rsyslog - fi - - if [[ -d /host/var/lib/rsyslog-relp-configurator ]]; then - rm -rf /host/var/lib/rsyslog-relp-configurator - fi - image: europe-docker.pkg.dev/gardener-project/releases/3rd/alpine:3.18.4 - imagePullPolicy: IfNotPresent - name: rsyslog-relp-configuration-cleaner - resources: - limits: - memory: 32Mi - requests: - cpu: 2m - memory: 8Mi - volumeMounts: - - mountPath: /host - mountPropagation: HostToContainer - name: host-root-volume - priorityClassName: gardener-shoot-system-700 - securityContext: - seccompProfile: - type: RuntimeDefault - volumes: - - hostPath: - path: / - name: host-root-volume - updateStrategy: {} -status: - currentNumberScheduled: 0 - desiredNumberScheduled: 0 - numberMisscheduled: 0 - numberReady: 0 -` - - cluster *extensionsv1alpha1.Cluster - shoot *gardencorev1beta1.Shoot - shootUID types.UID + rsyslogConfigurationCleanerDaemonset = &appsv1.DaemonSet{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app.kubernetes.io/instance": "rsyslog-relp-configuration-cleaner", + "app.kubernetes.io/name": "rsyslog-relp-configuration-cleaner", + }, + Name: "rsyslog-relp-configuration-cleaner", + Namespace: "kube-system", + }, + Spec: appsv1.DaemonSetSpec{ + Selector: &metav1.LabelSelector{ + MatchLabels: map[string]string{ + "app.kubernetes.io/instance": "rsyslog-relp-configuration-cleaner", + "app.kubernetes.io/name": "rsyslog-relp-configuration-cleaner", + }, + }, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app.kubernetes.io/instance": "rsyslog-relp-configuration-cleaner", + "app.kubernetes.io/name": "rsyslog-relp-configuration-cleaner", + }, + }, + Spec: corev1.PodSpec{ + AutomountServiceAccountToken: ptr.To(false), + Containers: []corev1.Container{ + { + Image: "registry.k8s.io/pause:3.9", + ImagePullPolicy: corev1.PullIfNotPresent, + Name: "pause-container", + }, + }, + InitContainers: []corev1.Container{ + { + Command: []string{ + "sh", + "-c", + `if [[ -f /host/etc/systemd/system/rsyslog-configurator.service ]]; then + chroot /host /bin/bash -c 'systemctl disable rsyslog-configurator; systemctl stop rsyslog-configurator; rm -f /etc/systemd/system/rsyslog-configurator.service' +fi + +if [[ -d /host/var/log/rsyslog ]]; then + rm -rf /host/var/log/rsyslog +fi + +if [[ -f /host/etc/audit/plugins.d/syslog.conf ]]; then + sed -i "s/^active\\>.*/active = no/i" /host/etc/audit/plugins.d/syslog.conf +fi +if [[ -f /host/etc/audisp/plugins.d/syslog.conf ]]; then + sed -i "s/^active\\>.*/active = no/i" /host/etc/audisp/plugins.d/syslog.conf +fi + +chroot /host /bin/bash -c 'if systemctl list-unit-files systemd-journald-audit.socket > /dev/null; then \ + systemctl enable systemd-journald-audit.socket; \ + systemctl start systemd-journald-audit.socket; \ + systemctl restart systemd-journald; \ +fi' + +if [[ -d /host/etc/audit/rules.d.original ]]; then + if [[ -d /host/etc/audit/rules.d ]]; then + rm -rf /host/etc/audit/rules.d + fi + mv /host/etc/audit/rules.d.original /host/etc/audit/rules.d + chroot /host /bin/bash -c 'if systemctl list-unit-files auditd.service > /dev/null; then augenrules --load; systemctl restart auditd; fi' +fi + +if [[ -f /host/etc/rsyslog.d/60-audit.conf ]]; then + rm -f /host/etc/rsyslog.d/60-audit.conf + chroot /host /bin/bash -c 'if systemctl list-unit-files rsyslog.service > /dev/null; then systemctl restart rsyslog; fi' +fi + +if [[ -d /host/etc/ssl/rsyslog ]]; then + rm -rf /host/etc/ssl/rsyslog +fi + +if [[ -d /host/var/lib/rsyslog-relp-configurator ]]; then + rm -rf /host/var/lib/rsyslog-relp-configurator +fi`, + }, + Image: "europe-docker.pkg.dev/gardener-project/releases/3rd/alpine:3.18.4", + ImagePullPolicy: corev1.PullIfNotPresent, + Name: "rsyslog-relp-configuration-cleaner", + Resources: corev1.ResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceCPU: resource.MustParse("2m"), + corev1.ResourceMemory: resource.MustParse("8Mi"), + }, + Limits: corev1.ResourceList{ + corev1.ResourceMemory: resource.MustParse("32Mi"), + }, + }, + VolumeMounts: []corev1.VolumeMount{ + { + Name: "host-root-volume", + MountPath: "/host", + MountPropagation: ptr.To(corev1.MountPropagationHostToContainer), + }, + }, + }, + }, + HostPID: true, + PriorityClassName: "gardener-shoot-system-700", + SecurityContext: &corev1.PodSecurityContext{ + SeccompProfile: &corev1.SeccompProfile{ + Type: corev1.SeccompProfileTypeRuntimeDefault, + }, + }, + Volumes: []corev1.Volume{ + { + VolumeSource: corev1.VolumeSource{ + HostPath: &corev1.HostPathVolumeSource{ + Path: "/", + }, + }, + Name: "host-root-volume", + }, + }, + }, + }, + }, + } + + consistOf func(...client.Object) types.GomegaMatcher + cluster *extensionsv1alpha1.Cluster + shoot *gardencorev1beta1.Shoot + shootUID apimachinerytypes.UID extensionProviderConfig *rsyslog.RsyslogRelpConfig extensionResource *extensionsv1alpha1.Extension @@ -147,6 +171,8 @@ status: shootUID = uuid.NewUUID() shootTechnicalID = fmt.Sprintf("shoot--%s--%s", projectName, shootName) + consistOf = NewManagedResourceConsistOfObjectsMatcher(testClient) + By("Create test Namespace") shootSeedNamespace = &corev1.Namespace{ ObjectMeta: metav1.ObjectMeta{ @@ -177,7 +203,7 @@ status: Resources: []gardencorev1beta1.NamedResourceReference{ { Name: "rsyslog-tls", - ResourceRef: v1.CrossVersionObjectReference{ + ResourceRef: autoscalingv1.CrossVersionObjectReference{ Kind: "Secret", Name: "rsyslog-tls", }, @@ -298,7 +324,7 @@ status: g.Expect(testClient.Get(ctx, client.ObjectKeyFromObject(configCleanerResourceSecret), configCleanerResourceSecret)).To(Succeed()) g.Expect(configCleanerResourceSecret.Type).To(Equal(corev1.SecretTypeOpaque)) - g.Expect(string(configCleanerResourceSecret.Data["daemonset__kube-system__rsyslog-relp-configuration-cleaner.yaml"])).To(Equal(rsyslogConfigurationCleanerDaemonsetYaml)) + g.Expect(configCleanerManagedResource).To(consistOf(rsyslogConfigurationCleanerDaemonset)) }).Should(Succeed()) By("Ensure that managed resource used for configuration cleanup does not get deleted immediately")