Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DatadogAgent][Flare] Additional environment variables and RBAC to permit user manifests retrieval #1477

Merged
merged 10 commits into from
Nov 6, 2024
Merged

[DatadogAgent][Flare] Additional environment variables and RBAC to permit user manifests retrieval #1477

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
3f041eb
Inject DCA, node Agent and DDA names in DCA
tbavelier Oct 21, 2024
8660067
Add DCA RBAC to query dd CR
tbavelier Oct 21, 2024
1f79825
Add utils test
tbavelier Oct 22, 2024
cd54441
Merge branch 'main' into tbavelier/innovation_week_improve_flare
tbavelier Oct 22, 2024
5a4e17c
Merge branch 'main' into tbavelier/innovation_week_improve_flare
tbavelier Oct 23, 2024
89483cd
Merge branch 'main' into tbavelier/innovation_week_improve_flare
tbavelier Oct 25, 2024
d3e2ead
Merge branch 'main' into tbavelier/innovation_week_improve_flare
tbavelier Oct 28, 2024
c17311a
Change datadog_agent_cr_name to datadogagent_cr_name
tbavelier Oct 30, 2024
1a72ce9
Merge branch 'main' into tbavelier/innovation_week_improve_flare
tbavelier Nov 5, 2024
efec96e
Merge branch 'main' into tbavelier/innovation_week_improve_flare
tbavelier Nov 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions internal/controller/datadogagent/feature/enabledefault/const.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
// Unless explicitly stated otherwise all files in this repository are licensed
// under the Apache License Version 2.0.
// This product includes software developed at Datadog (https://www.datadoghq.com/).
// Copyright 2016-present Datadog, Inc.

package enabledefault

const (
DDAgentDaemonSet = "AGENT_DAEMONSET"
DDClusterAgentDeployment = "CLUSTER_AGENT_DEPLOYMENT"
DDDatadogAgentCustomResource = "DATADOGAGENT_CR_NAME"
)
12 changes: 12 additions & 0 deletions internal/controller/datadogagent/feature/enabledefault/feature.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -386,6 +386,18 @@ func (f *defaultFeature) ManageClusterAgent(managers feature.PodTemplateManagers
Name: apicommon.DDClusterAgentServiceAccountName,
Value: f.clusterAgent.serviceAccountName,
})
managers.EnvVar().AddEnvVar(&corev1.EnvVar{
Name: DDAgentDaemonSet,
Value: getDaemonSetNameFromDatadogAgent(f.owner.(*v2alpha1.DatadogAgent)),
})
managers.EnvVar().AddEnvVar(&corev1.EnvVar{
Name: DDClusterAgentDeployment,
Value: getDeploymentNameFromDatadogAgent(f.owner.(*v2alpha1.DatadogAgent)),
})
managers.EnvVar().AddEnvVar(&corev1.EnvVar{
Name: DDDatadogAgentCustomResource,
Value: f.owner.GetName(),
})
return nil
}

Expand Down
8 changes: 8 additions & 0 deletions internal/controller/datadogagent/feature/enabledefault/rbac.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,14 @@ func getDefaultClusterAgentRolePolicyRules(dda metav1.Object) []rbacv1.PolicyRul
},
Verbs: []string{rbac.GetVerb, rbac.UpdateVerb, rbac.CreateVerb},
})
rules = append(rules, rbacv1.PolicyRule{
APIGroups: []string{rbac.DatadogAPIGroup},
Resources: []string{rbac.DatadogAgentsResource},
ResourceNames: []string{
dda.GetName(),
},
Verbs: []string{rbac.GetVerb},
})
return rules
}

Expand Down
36 changes: 36 additions & 0 deletions internal/controller/datadogagent/feature/enabledefault/utils.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
// Unless explicitly stated otherwise all files in this repository are licensed
// under the Apache License Version 2.0.
// This product includes software developed at Datadog (https://www.datadoghq.com/).
// Copyright 2016-present Datadog, Inc.

package enabledefault

import (
"github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1"
componentagent "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/agent"
componentdca "github.com/DataDog/datadog-operator/internal/controller/datadogagent/component/clusteragent"
)

// getDaemonSetNameFromDatadogAgent returns the expected node Agent DS/EDS name based on
// the DDA name and nodeAgent name override
func getDaemonSetNameFromDatadogAgent(dda *v2alpha1.DatadogAgent) string {
dsName := componentagent.GetAgentName(dda)
if componentOverride, ok := dda.Spec.Override[v2alpha1.NodeAgentComponentName]; ok {
if componentOverride.Name != nil && *componentOverride.Name != "" {
dsName = *componentOverride.Name
}
}
return dsName
}

// getDeploymentNameFromDatadogAgent returns the expected Cluster Agent Deployment name based on
// the DDA name and clusterAgent name override
func getDeploymentNameFromDatadogAgent(dda *v2alpha1.DatadogAgent) string {
deployName := componentdca.GetClusterAgentName(dda)
if componentOverride, ok := dda.Spec.Override[v2alpha1.ClusterAgentComponentName]; ok {
if componentOverride.Name != nil && *componentOverride.Name != "" {
deployName = *componentOverride.Name
}
}
return deployName
}
84 changes: 84 additions & 0 deletions internal/controller/datadogagent/feature/enabledefault/utils_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
// Unless explicitly stated otherwise all files in this repository are licensed
// under the Apache License Version 2.0.
// This product includes software developed at Datadog (https://www.datadoghq.com/).
// Copyright 2016-present Datadog, Inc.

package enabledefault

import (
"testing"

"github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1"
v2alpha1test "github.com/DataDog/datadog-operator/api/datadoghq/v2alpha1/test"
"github.com/stretchr/testify/assert"
)

func Test_getDaemonSetNameFromDatadogAgent(t *testing.T) {
tests := []struct {
name string
ddaName string
overrideAgentName string
expectedName string
}{
{
name: "No override",
ddaName: "foo",
overrideAgentName: "",
expectedName: "foo-agent",
},
{
name: "With override",
ddaName: "bar",
overrideAgentName: "node",
expectedName: "node",
},
}

for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
dda := v2alpha1test.NewDatadogAgentBuilder().
WithName(tt.ddaName).
WithComponentOverride(v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{
Name: &tt.overrideAgentName,
}).
Build()
dsName := getDaemonSetNameFromDatadogAgent(dda)
assert.Equal(t, tt.expectedName, dsName)
})
}
}

func Test_getDeploymentNameFromDatadogAgent(t *testing.T) {
tests := []struct {
name string
ddaName string
overrideClusterAgentName string
expectedName string
}{
{
name: "No override",
ddaName: "foo",
overrideClusterAgentName: "",
expectedName: "foo-cluster-agent",
},
{
name: "With override",
ddaName: "bar",
overrideClusterAgentName: "dca",
expectedName: "dca",
},
}

for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
dda := v2alpha1test.NewDatadogAgentBuilder().
WithName(tt.ddaName).
WithComponentOverride(v2alpha1.ClusterAgentComponentName, v2alpha1.DatadogAgentComponentOverride{
Name: &tt.overrideClusterAgentName,
}).
Build()
deployName := getDeploymentNameFromDatadogAgent(dda)
assert.Equal(t, tt.expectedName, deployName)
})
}
}
1 change: 1 addition & 0 deletions pkg/kubernetes/rbac/const.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ const (
CronjobsResource = "cronjobs"
CustomResourceDefinitionsResource = "customresourcedefinitions"
DaemonsetsResource = "daemonsets"
DatadogAgentsResource = "datadogagents"
DatadogMetricsResource = "datadogmetrics"
DatadogMetricsStatusResource = "datadogmetrics/status"
DatadogPodAutoscalersResource = "datadogpodautoscalers"
Expand Down
Loading