Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ta-secret-values-over-mtls #2920

Closed
wants to merge 1,459 commits into from

Conversation

ItielOlenick
Copy link
Contributor

Description:
Added an additional HTTPS server with mTLS to serve scrape_configs with secret values. This resolves one part of the issue. An additional PR will be opened for the generation and mounting of certs.

Link to tracking Issue(s):

Testing:
Tested in cluster with self-issued certificates. Successfully retrieved the redacted scrape_config using the existing HTTP server and obtained the scrape_config with actual secret values from the new HTTPS server.

Documentation:
Not yet added. Will be added once the entire feature is available.

yuriolisa and others added 30 commits December 20, 2023 16:53
* Bump Python dependencies

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Bump Python dependencies

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Bump python dependencies

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

---------

Signed-off-by: Yuri Sa <yurimsa@gmail.com>
* Add version label to target allocator resources

* Use manifestutils.SelectorLabels for target allocator resources
Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.3.0 to 1.4.1.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.3.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…metry#2473)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.3.0 to 1.4.1.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.3.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jacob Aronoff <jaronoff97@users.noreply.github.com>
…pen-telemetry#2478)

* Implement test for adding new collector after completed initial allocation (open-telemetry#1)

* Rename target creator helper function

* Add test for adding new collector

* Add dot to test comment to fix lint

* Revert target creator helper function

* Remove unused collector label to avoid confusion
…-telemetry#2481)

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.17.0 to 1.18.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/v1.18.0/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.17.0...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…or (open-telemetry#2475)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.3.0 to 1.4.1.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.3.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: add default appProtocol on oc receiver

Signed-off-by: Husni Alhamdani <dhanielluis@gmail.com>

* feat: add default appProtocol on oc receiver

Signed-off-by: Husni Alhamdani <dhanielluis@gmail.com>

* feat: add default appProtocol on oc receiver

Signed-off-by: Husni Alhamdani <dhanielluis@gmail.com>

---------

Signed-off-by: Husni Alhamdani <dhanielluis@gmail.com>
…ion (open-telemetry#2467)

* rbac pr testing

* makefile convenience

* Add test

* add chlog

* Add a comment

* update to allow for policy rule checking

* change package

* lint fail

* better formatting

* don't use leading slash for empty group

* add more detail for comment
* Release 0.91.0

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Release 0.91.0

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Release 0.91.0

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

---------

Signed-off-by: Yuri Sa <yurimsa@gmail.com>
* Use kustomize for setting target allocator image in E2E tests

* Use kustomize for setting opamp bridge image in E2E tests

* Use kustomize for setting feature gates in E2E tests

* Move operator flags to manager manifest
* Use typed config in v1alpha2

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

* Fix

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

* Add more types

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

* Fix

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

* Add more tests

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

* rewrite test

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

---------

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>
…emetry#2466)

* Use standard collector selectors in target allocator config

* Use both collector selector formats in ta config

This is to keep backwards compatibility with older target
allocator versions, which makes upgrades easier.
* Change default allocation strategy to consistent-hashing

* Change default filtering strategy to relabel-config

* Add changelog

* Change default allocation strategy to consistent-hashing

* Change default allocation strategy to consistent-hashing

* Fix config hash
* Show pods with health

* changelog

* fix unit test

* update example, add note
* bump operator version

* Fix tests
* common fields for v2 poc

* Docs and changelog

* fix deepcopy

* Remove more v1alpha1 deps, respond from comments
…telemetry#2506)

Bumps the kubernetes group in /cmd/otel-allocator with 1 update: [k8s.io/klog/v2](https://github.com/kubernetes/klog).


Updates `k8s.io/klog/v2` from 2.110.1 to 2.120.0
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](kubernetes/klog@v2.110.1...v2.120.0)

---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: kubernetes
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…open-telemetry#2505)

Bumps [github.com/operator-framework/operator-lib](https://github.com/operator-framework/operator-lib) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/operator-framework/operator-lib/releases)
- [Commits](operator-framework/operator-lib@v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: github.com/operator-framework/operator-lib
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…open-telemetry#2504)

Bumps the kubernetes group in /cmd/operator-opamp-bridge with 1 update: [k8s.io/klog/v2](https://github.com/kubernetes/klog).


Updates `k8s.io/klog/v2` from 2.110.1 to 2.120.0
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](kubernetes/klog@v2.110.1...v2.120.0)

---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: kubernetes
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…pen-telemetry#2394)

* Automate the creation of the permissions requested by resourcedetection

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

* Add changelog

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

* Fix merge

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

* Apply changes requested in code review

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

* Fix lint

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

* Add feature gate and test

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

* Add unit tests

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

* Apply feedback from pull request

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

* Apply changes requested as part of the Pull Request

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

* Apply changes requested as part of the Pull Request

Signed-off-by: Israel Blancas <iblancasa@gmail.com>

---------

Signed-off-by: Israel Blancas <iblancasa@gmail.com>
Fixed README.md `sidecar` hyperlink under "Deployment modes"
* Use a single module for all binaries

* Move Go setup after checkout in CI jobs
pavolloffay and others added 25 commits April 25, 2024 13:48
Signed-off-by: Pavol Loffay <p.loffay@gmail.com>
* Add service.instance.id with Pod name

* Add e2e assert

Signed-off-by: Janario Oliveira <janario.oliveira@gmail.com>

* Fix tests

Signed-off-by: Janario Oliveira <janario.oliveira@gmail.com>

* Remove unnecessary `service.name`

Signed-off-by: Janario Oliveira <janario.oliveira@gmail.com>

* Rename var `someNamespace` - > `testNamespace`

Signed-off-by: Janario Oliveira <janario.oliveira@gmail.com>

* Fix tests

Signed-off-by: Janario Oliveira <janario.oliveira@gmail.com>

* Add changelog

Signed-off-by: Janario Oliveira <janario.oliveira@gmail.com>

---------

Signed-off-by: Janario Oliveira <janario.oliveira@gmail.com>
* Changed featuregate into CLI - instrumentation go

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Changed featuregate into CLI - instrumentation go

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Changed featuregate into CLI - instrumentation go

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Changed featuregate into CLI - instrumentation go

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Changed featuregate into CLI - instrumentation go

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Changed featuregate into CLI - instrumentation go

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Changed featuregate into CLI - instrumentation go

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Changed e2e job

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

---------

Signed-off-by: Yuri Sa <yurimsa@gmail.com>
Bumps the otel group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` |
| [go.opentelemetry.io/otel/metric](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` |
| [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go) | `1.25.0` | `1.26.0` |


Updates `go.opentelemetry.io/otel` from 1.25.0 to 1.26.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` from 1.25.0 to 1.26.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0)

Updates `go.opentelemetry.io/otel/metric` from 1.25.0 to 1.26.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.25.0 to 1.26.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0)

Updates `go.opentelemetry.io/otel/sdk/metric` from 1.25.0 to 1.26.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/metric
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/sdk/metric
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* add default annotation filter to prevent unnecessary reconciliation

* oop

* chlog

* add comment
* NodeJS instrumentation featuregates into cli

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Added complement to featuregate

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Fixed Linters

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Fixed Linters

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Added e2e parameters

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Fixed e2e test

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Fixed e2e test

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Fixed e2e test

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Fixed e2e test

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Removed feature flags

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

* Removed feature flags

Signed-off-by: Yuri Sa <yurimsa@gmail.com>

---------

Signed-off-by: Yuri Sa <yurimsa@gmail.com>
* Add document explaining v1beta1 changes

* Document the CRD stored version migration
* introduce more typing for pipelines

* rock and a hard place

* resolve tests

* Fix tests

* chlog

* fix docs

* thing

* alphabet

* remove chlog entry
* Prepare release 0.99.0

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

* Fix

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

* Fix

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

* Fix

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

---------

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>
* Use v1beta1 in docs

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

* Fix

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>

---------

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>
* Load initial Prometheus CR config at startup

* Fix target allocator readiness check
…n-telemetry#2528)

* Use informer to track collector Pods in target allocator

* Rename CollectorWatcher to Watcher
@ItielOlenick ItielOlenick requested review from a team May 1, 2024 20:53
Copy link

linux-foundation-easycla bot commented May 1, 2024

CLA Not Signed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Target Allocator - ServiceMonitor scheme