Skip to content

Commit

Permalink
fix(validation-reconciler): correct output and flow status report
Browse files Browse the repository at this point in the history
Signed-off-by: Bence Csati <[email protected]>
  • Loading branch information
csatib02 committed Jan 23, 2025
1 parent c6bf514 commit c159a1e
Show file tree
Hide file tree
Showing 7 changed files with 58 additions and 17 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,9 @@ spec:
properties:
allowClusterResourcesFromAllNamespaces:
type: boolean
x-kubernetes-validations:
- message: Value is immutable, please recreate the resource
rule: self == oldSelf
clusterDomain:
type: string
configCheck:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,9 @@ spec:
properties:
allowClusterResourcesFromAllNamespaces:
type: boolean
x-kubernetes-validations:
- message: Value is immutable, please recreate the resource
rule: self == oldSelf
clusterDomain:
type: string
configCheck:
Expand Down
3 changes: 3 additions & 0 deletions config/crd/bases/logging.banzaicloud.io_loggings.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,9 @@ spec:
properties:
allowClusterResourcesFromAllNamespaces:
type: boolean
x-kubernetes-validations:
- message: Value is immutable, please recreate the resource
rule: self == oldSelf
clusterDomain:
type: string
configCheck:
Expand Down
2 changes: 1 addition & 1 deletion docs/configuration/crds/v1beta1/logging_types.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ LoggingSpec defines the desired state of Logging

### allowClusterResourcesFromAllNamespaces (bool, optional) {#loggingspec-allowclusterresourcesfromallnamespaces}

Allow configuration of cluster resources from any namespace. Mutually exclusive with ControlNamespace restriction of Cluster resources
Allow configuration of cluster resources from any namespace. Mutually exclusive with ControlNamespace restriction of Cluster resources WARNING: Becareful when turning this on and off as it can result in some resources being orphaned.


### clusterDomain (*string, optional) {#loggingspec-clusterdomain}
Expand Down
58 changes: 42 additions & 16 deletions pkg/resources/model/reconciler.go
Original file line number Diff line number Diff line change
Expand Up @@ -120,13 +120,19 @@ func NewValidationReconciler(
}

for _, ref := range flow.Spec.GlobalOutputRefs {
if output := resources.Fluentd.ClusterOutputs.FindByName(ref); output != nil {
switch output := resources.Fluentd.ClusterOutputs.FindByName(ref); {
case output == nil:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling global output reference: %s", ref))

case output.Status.ProblemsCount > 0:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("global output reference: %s has problems", output.Name))

default:
flow.Status.Active = utils.BoolPointer(true)
output.Status.Active = utils.BoolPointer(true)
} else {
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling global output reference: %s", ref))
}
}

flow.Status.ProblemsCount = len(flow.Status.Problems)
}

Expand All @@ -146,11 +152,12 @@ func NewValidationReconciler(
switch output := resources.Fluentd.ClusterOutputs.FindByName(ref); {
case output == nil:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling global output reference: %s", ref))
continue

case output.Spec.Protected:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("global output reference is protected: %s", ref))
continue

case output.Status.ProblemsCount > 0:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("global output reference: %s has problems", output.Name))

default:
output.Status.Active = utils.BoolPointer(true)
Expand All @@ -159,11 +166,16 @@ func NewValidationReconciler(
}

for _, ref := range flow.Spec.LocalOutputRefs {
if output := resources.Fluentd.Outputs.FindByNamespacedName(flow.Namespace, ref); output != nil {
switch output := resources.Fluentd.Outputs.FindByNamespacedName(flow.Namespace, ref); {
case output == nil:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling local output reference: %s", ref))

case output.Status.ProblemsCount > 0:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("local output reference: %s has problems", output.Name))

default:
output.Status.Active = utils.BoolPointer(true)
hasValidOutput = true
} else {
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling local output reference: %s", ref))
}
}

Expand All @@ -185,13 +197,19 @@ func NewValidationReconciler(
flow.Status.Problems = nil

for _, ref := range flow.Spec.GlobalOutputRefs {
if output := resources.SyslogNG.ClusterOutputs.FindByName(ref); output != nil {
switch output := resources.SyslogNG.ClusterOutputs.FindByName(ref); {
case output == nil:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling global output reference: %s", ref))

case output.Status.ProblemsCount > 0:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("global output reference: %s has problems", output.Name))

default:
flow.Status.Active = utils.BoolPointer(true)
output.Status.Active = utils.BoolPointer(true)
} else {
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling global output reference: %s", ref))
}
}

flow.Status.ProblemsCount = len(flow.Status.Problems)
}

Expand All @@ -207,11 +225,12 @@ func NewValidationReconciler(
switch output := resources.SyslogNG.ClusterOutputs.FindByName(ref); {
case output == nil:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling global output reference: %s", ref))
continue

case output.Spec.Protected:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("global output reference is protected: %s", ref))
continue

case output.Status.ProblemsCount > 0:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("global output reference: %s has problems", output.Name))

default:
output.Status.Active = utils.BoolPointer(true)
Expand All @@ -220,11 +239,16 @@ func NewValidationReconciler(
}

for _, ref := range flow.Spec.LocalOutputRefs {
if output := resources.SyslogNG.Outputs.FindByNamespacedName(flow.Namespace, ref); output != nil {
switch output := resources.SyslogNG.Outputs.FindByNamespacedName(flow.Namespace, ref); {
case output == nil:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling local output reference: %s", ref))

case output.Status.ProblemsCount > 0:
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("local output reference: %s has problems", output.Name))

default:
output.Status.Active = utils.BoolPointer(true)
hasValidOutput = true
} else {
flow.Status.Problems = append(flow.Status.Problems, fmt.Sprintf("dangling local output reference: %s", ref))
}
}

Expand Down Expand Up @@ -313,6 +337,8 @@ func NewValidationReconciler(

if !resources.Logging.WatchAllNamespaces() {
resources.Logging.Status.WatchNamespaces = resources.WatchNamespaces
} else {
resources.Logging.Status.WatchNamespaces = []string{"*"}
}

if resources.Logging.Spec.WatchNamespaceSelector != nil &&
Expand Down
2 changes: 2 additions & 0 deletions pkg/resources/model/repository.go
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,8 @@ func (r LoggingResourceRepository) LoggingResourcesFor(ctx context.Context, logg
return
}

// UniqueWatchNamespaces returns the unique list of namespaces to watch for a logging resource.
// if both watchNamespaces and watchNamespaceSelector are empty, it returns all namespaces.
func UniqueWatchNamespaces(ctx context.Context, reader client.Reader, logging *v1beta1.Logging) ([]string, error) {
watchNamespaces := logging.Spec.WatchNamespaces
nsLabelSelector := logging.Spec.WatchNamespaceSelector
Expand Down
4 changes: 4 additions & 0 deletions pkg/sdk/logging/api/v1beta1/logging_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,11 @@ type LoggingSpec struct {
// This should be a protected namespace from regular users.
// Resources like fluentbit and fluentd will run in this namespace as well.
ControlNamespace string `json:"controlNamespace"`

// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable, please recreate the resource"

// Allow configuration of cluster resources from any namespace. Mutually exclusive with ControlNamespace restriction of Cluster resources
// WARNING: Becareful when turning this on and off as it can result in some resources being orphaned.
AllowClusterResourcesFromAllNamespaces bool `json:"allowClusterResourcesFromAllNamespaces,omitempty"`
// InlineNodeAgent Configuration
// Deprecated, will be removed with next major version
Expand Down

0 comments on commit c159a1e

Please sign in to comment.