fix TLS setup when cluster driver notifies plugin with client updates

rancher · Oct 27, 2023 · 2ce8d10 · 2ce8d10
1 parent 6323bd1
commit 2ce8d10
Show file tree

Hide file tree

Showing 5 changed files with 79 additions and 7 deletions.
diff --git a/plugins/alerting/pkg/alerting/drivers/alerting_manager/alerting_manager_suite_test.go b/plugins/alerting/pkg/alerting/drivers/alerting_manager/alerting_manager_suite_test.go
@@ -0,0 +1,15 @@
+package alerting_manager_test
+
+import (
+	"testing"
+
+	_ "github.com/rancher/opni/pkg/test/setup"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+func TestAlertingManager(t *testing.T) {
+	RegisterFailHandler(Fail)
+	RunSpecs(t, "AlertingManager Suite")
+}
diff --git a/plugins/alerting/pkg/alerting/drivers/alerting_manager/cluster_driver.go b/plugins/alerting/pkg/alerting/drivers/alerting_manager/cluster_driver.go
@@ -133,6 +133,7 @@ func (a *AlertingClusterManager) InstallCluster(ctx context.Context, _ *emptypb.
 		lg.Error(fmt.Sprintf("%s", retryErr))
 		return nil, retryErr
 	}
+	a.notify(1)
 	return &emptypb.Empty{}, nil
 }
 
@@ -343,6 +344,7 @@ func (a *AlertingClusterManager) notify(replicas int) {
 		alertingClient.WithQuerierAddress(
 			fmt.Sprintf("%s:3000", shared.AlertmanagerService),
 		),
+		alertingClient.WithTLSConfig(a.TlsConfig),
 	)
 	if err != nil {
 		panic(err)

diff --git a/plugins/alerting/pkg/alerting/drivers/alerting_manager/driver_test.go b/plugins/alerting/pkg/alerting/drivers/alerting_manager/driver_test.go
@@ -0,0 +1,48 @@
+package alerting_manager_test
+
+import (
+	"crypto/tls"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	"github.com/rancher/opni/pkg/alerting/client"
+	"github.com/rancher/opni/pkg/alerting/shared"
+	"github.com/rancher/opni/pkg/logger"
+	"github.com/rancher/opni/pkg/plugins/driverutil"
+	"github.com/rancher/opni/plugins/alerting/pkg/alerting/drivers/alerting_manager"
+)
+
+var _ = Describe("", Label("unit"), func() {
+	When("We register the alering cluster driver", func() {
+		It("should apply the tls config via driver options", func() {
+			tlsConfig := &tls.Config{}
+			opts := []driverutil.Option{
+				driverutil.NewOption("tlsConfig", tlsConfig),
+			}
+
+			options := alerting_manager.AlertingDriverOptions{
+				ConfigKey:          shared.AlertManagerConfigKey,
+				InternalRoutingKey: shared.InternalRoutingConfigKey,
+				Logger:             logger.NewPluginLogger().WithGroup("alerting").WithGroup("alerting-manager"),
+			}
+			driverutil.ApplyOptions(&options, opts...)
+			Expect(options.TlsConfig).NotTo(BeNil())
+		})
+
+		It("should apply cluster driver subscribers via driver options", func() {
+			subscriberA := make(chan client.AlertingClient)
+			subscriberB := make(chan client.AlertingClient)
+			opts := []driverutil.Option{
+				driverutil.NewOption("subscribers", []chan client.AlertingClient{subscriberA, subscriberB}),
+			}
+
+			options := alerting_manager.AlertingDriverOptions{
+				ConfigKey:          shared.AlertManagerConfigKey,
+				InternalRoutingKey: shared.InternalRoutingConfigKey,
+				Logger:             logger.NewPluginLogger().WithGroup("alerting").WithGroup("alerting-manager"),
+			}
+			driverutil.ApplyOptions(&options, opts...)
+			Expect(options.Subscribers).To(HaveLen(2))
+		})
+	})
+})
diff --git a/plugins/alerting/pkg/alerting/drivers/alerting_manager/options.go b/plugins/alerting/pkg/alerting/drivers/alerting_manager/options.go
@@ -1,10 +1,12 @@
 package alerting_manager
 
 import (
+	"crypto/tls"
+	"log/slog"
+
 	alertingClient "github.com/rancher/opni/pkg/alerting/client"
 	"github.com/rancher/opni/pkg/alerting/shared"
 	"k8s.io/apimachinery/pkg/types"
-	"log/slog"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -16,4 +18,5 @@ type AlertingDriverOptions struct {
 	InternalRoutingKey string                               `option:"internalRoutingKey"`
 	AlertingOptions    *shared.AlertingClusterOptions       `option:"alertingOptions"`
 	Subscribers        []chan alertingClient.AlertingClient `option:"subscribers"`
+	TlsConfig          *tls.Config                          `option:"tlsConfig"`
 }
diff --git a/plugins/alerting/pkg/alerting/system.go b/plugins/alerting/pkg/alerting/system.go
@@ -39,6 +39,7 @@ import (
 )
 
 func (p *Plugin) UseManagementAPI(client managementv1.ManagementClient) {
+	opt := &shared.AlertingClusterOptions{}
 	p.mgmtClient.Set(client)
 	cfg, err := client.GetConfig(context.Background(),
 		&emptypb.Empty{}, grpc.WaitForReady(true))
@@ -63,7 +64,7 @@ func (p *Plugin) UseManagementAPI(client managementv1.ManagementClient) {
 			os.Exit(1)
 		}
 		p.storageBackend.Set(backend)
-		opt := &shared.AlertingClusterOptions{
+		opt = &shared.AlertingClusterOptions{
 			Namespace:             config.Spec.Alerting.Namespace,
 			WorkerNodesService:    config.Spec.Alerting.WorkerNodeService,
 			WorkerNodePort:        config.Spec.Alerting.WorkerPort,
@@ -74,13 +75,16 @@ func (p *Plugin) UseManagementAPI(client managementv1.ManagementClient) {
 			ConfigMap:             config.Spec.Alerting.ConfigMap,
 			ManagementHookHandler: config.Spec.Alerting.ManagementHookHandler,
 		}
-		p.configureDriver(p.ctx,
-			driverutil.NewOption("alertingOptions", opt),
-			driverutil.NewOption("logger", p.logger.WithGroup("alerting-manager")),
-			driverutil.NewOption("subscribers", []chan alertingClient.AlertingClient{p.clusterNotifier}),
-		)
+
 	})
 	tlsConfig := p.loadCerts()
+	p.configureDriver(
+		p.ctx,
+		driverutil.NewOption("alertingOptions", opt),
+		driverutil.NewOption("logger", p.logger.WithGroup("alerting-manager")),
+		driverutil.NewOption("subscribers", []chan alertingClient.AlertingClient{p.clusterNotifier}),
+		driverutil.NewOption("tlsConfig", tlsConfig),
+	)
 	p.alertingTLSConfig.Set(tlsConfig)
 	go p.handleDriverNotifications()
 	go p.runSync()