From 63588295554ae9325ad6f8376850711575d39c9d Mon Sep 17 00:00:00 2001
From: kwall <kwall@apache.org>
Date: Tue, 18 Apr 2023 10:13:52 +0100
Subject: [PATCH 1/2] MGDSTRM-10557: Expose strimzi oauth metrics to assist
 investigating a sporadic slow authentications

Signed-off-by: kwall <kwall@apache.org>
---
 .../src/main/resources/kafka-metrics.yaml     | 61 +++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/operator/src/main/resources/kafka-metrics.yaml b/operator/src/main/resources/kafka-metrics.yaml
index fa3a80f3a..06af9c7b4 100644
--- a/operator/src/main/resources/kafka-metrics.yaml
+++ b/operator/src/main/resources/kafka-metrics.yaml
@@ -305,3 +305,64 @@ data:
         pattern: >-
           kafka.server<type=KafkaServer, name=BrokerState><>Value: (\d+)
         type: GAUGE
+      # OAuth Metrics - from https://raw.githubusercontent.com/strimzi/strimzi-kafka-oauth/main/testsuite/docker/kafka/config/metrics-config.yml
+      - pattern: "strimzi.oauth<type=(.+), context=(.+), kind=(.+), host=\"(.+)\", path=\"(.+)\", (.+)=(.+), (.+)=(.+), (.+)=(.+)><>(count|totalTimeMs):"
+        name: "strimzi_oauth_$1_$12"
+        type: COUNTER
+        labels:
+          context: "$2"
+          kind: "$3"
+          host: "$4"
+          path: "$5"
+          "$6": "$7"
+          "$8": "$9"
+          "$10": "$11"
+      - pattern: "strimzi.oauth<type=(.+), context=(.+), kind=(.+), host=\"(.+)\", path=\"(.+)\", (.+)=(.+), (.+)=(.+)><>(count|totalTimeMs):"
+        name: "strimzi_oauth_$1_$10"
+        type: COUNTER
+        labels:
+          context: "$2"
+          kind: "$3"
+          host: "$4"
+          path: "$5"
+          "$6": "$7"
+          "$8": "$9"
+      - pattern: "strimzi.oauth<type=(.+), context=(.+), kind=(.+), host=\"(.+)\", path=\"(.+)\", (.+)=(.+)><>(count|totalTimeMs):"
+        name: "strimzi_oauth_$1_$8"
+        type: COUNTER
+        labels:
+          context: "$2"
+          kind: "$3"
+          host: "$4"
+          path: "$5"
+          "$6": "$7"
+      - pattern: "strimzi.oauth<type=(.+), context=(.+), kind=(.+), host=\"(.+)\", path=\"(.+)\", (.+)=(.+), (.+)=(.+), (.+)=(.+)><>(.+):"
+        name: "strimzi_oauth_$1_$12"
+        type: GAUGE
+        labels:
+          context: "$2"
+          kind: "$3"
+          host: "$4"
+          path: "$5"
+          "$6": "$7"
+          "$8": "$9"
+          "$10": "$11"
+      - pattern: "strimzi.oauth<type=(.+), context=(.+), kind=(.+), host=\"(.+)\", path=\"(.+)\", (.+)=(.+), (.+)=(.+)><>(.+):"
+        name: "strimzi_oauth_$1_$10"
+        type: GAUGE
+        labels:
+          context: "$2"
+          kind: "$3"
+          host: "$4"
+          path: "$5"
+          "$6": "$7"
+          "$8": "$9"
+      - pattern: "strimzi.oauth<type=(.+), context=(.+), kind=(.+), host=\"(.+)\", path=\"(.+)\", (.+)=(.+)><>(.+):"
+        name: "strimzi_oauth_$1_$8"
+        type: GAUGE
+        labels:
+          context: "$2"
+          kind: "$3"
+          host: "$4"
+          path: "$5"
+          "$6": "$7"
\ No newline at end of file

From c80f3e18539fa4099c6fade9cb5a75b1fedfea56 Mon Sep 17 00:00:00 2001
From: kwall <kwall@apache.org>
Date: Tue, 18 Apr 2023 11:50:27 +0100
Subject: [PATCH 2/2] allow kafka container environment to be overridden too

---
 .../org/bf2/operator/operands/KafkaCluster.java | 17 +++++++++++++++++
 .../bf2/operator/operands/KafkaClusterTest.java |  2 ++
 .../expected/custom-config-strimzi.yml          |  4 ++++
 3 files changed, 23 insertions(+)

diff --git a/operator/src/main/java/org/bf2/operator/operands/KafkaCluster.java b/operator/src/main/java/org/bf2/operator/operands/KafkaCluster.java
index cec6e210b..cfec7064d 100644
--- a/operator/src/main/java/org/bf2/operator/operands/KafkaCluster.java
+++ b/operator/src/main/java/org/bf2/operator/operands/KafkaCluster.java
@@ -26,6 +26,8 @@
 import io.fabric8.openshift.api.model.TLSConfigBuilder;
 import io.javaoperatorsdk.operator.api.reconciler.Context;
 import io.quarkus.arc.DefaultBean;
+import io.strimzi.api.kafka.model.ContainerEnvVar;
+import io.strimzi.api.kafka.model.ContainerEnvVarBuilder;
 import io.strimzi.api.kafka.model.CruiseControlSpec;
 import io.strimzi.api.kafka.model.CruiseControlSpecBuilder;
 import io.strimzi.api.kafka.model.ExternalConfigurationReferenceBuilder;
@@ -98,6 +100,7 @@
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.function.Function;
 import java.util.function.Supplier;
+import java.util.stream.Collectors;
 
 import static io.fabric8.kubernetes.api.model.Quantity.getAmountInBytes;
 
@@ -544,6 +547,11 @@ private KafkaClusterTemplate buildKafkaTemplate(ManagedKafka managedKafka, int r
         KafkaClusterTemplateBuilder templateBuilder = new KafkaClusterTemplateBuilder()
                 .withPod(podTemplateBuilder.build());
 
+        var kafkaContainerEnv = buildKafkaContainerEnvVars(managedKafka);
+        if (!kafkaContainerEnv.isEmpty()) {
+            templateBuilder.withNewKafkaContainer().withEnv(kafkaContainerEnv).endKafkaContainer();
+        }
+
         if (replicas > 1 && drainCleanerManager.isDrainCleanerWebhookFound()) {
             templateBuilder.withPodDisruptionBudget(
                 new PodDisruptionBudgetTemplateBuilder()
@@ -554,6 +562,15 @@ private KafkaClusterTemplate buildKafkaTemplate(ManagedKafka managedKafka, int r
         return templateBuilder.build();
     }
 
+    private List<ContainerEnvVar> buildKafkaContainerEnvVars(ManagedKafka managedKafka) {
+        var kafkaOverride = this.overrideManager.getKafkaOverride(managedKafka.getSpec().getVersions().getStrimzi());
+        if (kafkaOverride == null) {
+            return List.of();
+        }
+        var envVars = kafkaOverride.applyEnvironmentTo(List.of());
+        return envVars.stream().filter(env -> Objects.isNull(env.getValueFrom())).map(env -> new ContainerEnvVarBuilder().withName(env.getName()).withValue(env.getValue()).build()).collect(Collectors.toList());
+    }
+
     public static Toleration buildKafkaBrokerToleration() {
         return new TolerationBuilder()
                 .withKey("org.bf2.operator/kafka-broker")
diff --git a/operator/src/test/java/org/bf2/operator/operands/KafkaClusterTest.java b/operator/src/test/java/org/bf2/operator/operands/KafkaClusterTest.java
index 8c4ef9c37..22186989a 100644
--- a/operator/src/test/java/org/bf2/operator/operands/KafkaClusterTest.java
+++ b/operator/src/test/java/org/bf2/operator/operands/KafkaClusterTest.java
@@ -5,6 +5,7 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.fabric8.kubernetes.api.model.Affinity;
+import io.fabric8.kubernetes.api.model.EnvVar;
 import io.fabric8.kubernetes.api.model.LocalObjectReferenceBuilder;
 import io.fabric8.kubernetes.api.model.PersistentVolumeClaim;
 import io.fabric8.kubernetes.api.model.PersistentVolumeClaimBuilder;
@@ -445,6 +446,7 @@ void testManagedKafkaToKafkaWithCustomConfiguration() throws IOException {
 
         OperandOverrideManager.Kafka kafkaOverride = new OperandOverrideManager.Kafka();
         kafkaOverride.setBrokerConfig(brokerConfig);
+        kafkaOverride.setEnv(List.of(new EnvVar("FOO", "BAR", null)));
         kafkaOverride.setListeners(Map.of("external", externalListenerOverride, "oauth", oauthListenerOverride));
 
         when(overrideManager.getKafkaOverride(strimzi)).thenReturn(kafkaOverride);
diff --git a/operator/src/test/resources/expected/custom-config-strimzi.yml b/operator/src/test/resources/expected/custom-config-strimzi.yml
index db07c01ac..c8f0a7de4 100644
--- a/operator/src/test/resources/expected/custom-config-strimzi.yml
+++ b/operator/src/test/resources/expected/custom-config-strimzi.yml
@@ -234,6 +234,10 @@ spec:
           name: "test-mk-kafka-logging"
           optional: false
     template:
+      kafkaContainer:
+        env:
+          - name: FOO
+            value: BAR
       pod:
         tolerations:
         - effect: "NoExecute"