ROX-26516: Collector reads runtime config from configmap #1878
Conversation
JoukoVirtanen
changed the title
| TEST(CollectorConfigTest, TestConfigMapTrue) { | ||
| std::string jsonStr = R"({ | ||
| "networkConnectionConfig": { | ||
| "enableExternalIps": true | ||
| } | ||
| })"; | ||
|
|
||
| MockCollectorConfig config; | ||
| config.MockHandleConfigMapString(jsonStr); | ||
|
|
||
| EXPECT_TRUE(config.EnableExternalIPs()); | ||
| } | ||
|
|
||
| TEST(CollectorConfigTest, TestConfigMapFalse) { | ||
| std::string jsonStr = R"({ | ||
| "networkConnectionConfig": { | ||
| "enableExternalIps": false | ||
| } | ||
| })"; | ||
|
|
||
| MockCollectorConfig config; | ||
| config.MockHandleConfigMapString(jsonStr); | ||
|
|
||
| EXPECT_FALSE(config.EnableExternalIPs()); | ||
| } | ||
|
|
||
| TEST(CollectorConfigTest, TestConfigMapEmpty) { | ||
| std::string jsonStr = R"({ | ||
| "networkConnectionConfig": { | ||
| } | ||
| })"; | ||
|
|
||
| MockCollectorConfig config; | ||
| config.MockHandleConfigMapString(jsonStr); | ||
|
|
||
| EXPECT_FALSE(config.EnableExternalIPs()); | ||
| } | ||
|
|
||
| TEST(CollectorConfigTest, TestConfigMapInvalid) { | ||
| std::string jsonStr = R"({ | ||
| "networkConnectionConfig": { | ||
| } | ||
| )"; | ||
|
|
||
| MockCollectorConfig config; | ||
| config.MockHandleConfigMapString(jsonStr); | ||
|
|
||
| EXPECT_FALSE(config.EnableExternalIPs()); | ||
| } | ||
|
|
There was a problem hiding this comment.
We can probably rewrite all of these as a single test with something like:
TEST(CollectorConfigTest, TestConfigurationFile) {
std::vector<std::pair<std::string, bool>> tests = {
{ R"({
"networkConnectionConfig": {
"enableExternalIps": true
}
})", true },
{ R"({
"networkConnectionConfig": {
"enableExternalIps": false
}
})", false },
// ...
};
for (const auto& [input, expected] : tests) {
CollectorConfig config;
config.HandleConfigMapString(input);
EXPECT_EQUAL(config.EnableExternalIPs(), expected);
}
}Since the test is concise (literally 3 lines in a loop), the result should overall have less bloat and make it easier to understand what is being tested.
There was a problem hiding this comment.
We are also missing a test for an empty string as input.
| "networkConnectionConfig": { | ||
| "enableExternalIps": true |
There was a problem hiding this comment.
I also now realize the only place I can actually check what the configuration is going to look like is these tests, which is not great, we need a way to have a formal specification of the configuration that we can properly review, but for now I guess it's fine 🤷🏻♂️ .
I do have some objections though:
networkConnectionConfigis redundant, we know this is a configuration parameter, so it should benetworkConnection.enableExternalIpsis not extensible.
I would prefer the configuration to look something closer to this:
networkConnection:
externalIPs:
enable: trueThere was a problem hiding this comment.
If you want to change these, we need to change the protobuf definitions.
There was a problem hiding this comment.
Why not? Is not like the feature is GA.
There was a problem hiding this comment.
I didn't say that we couldn't change the protobuf definitions.
Co-authored-by: Mauro Ezequiel Moltrasio <mmoltras@redhat.com>
Co-authored-by: Mauro Ezequiel Moltrasio <mmoltras@redhat.com> Co-authored-by: Simon Bäumer <baeumer@pm.me>
Co-authored-by: Olivier Valentin <ovalenti@redhat.com>
Co-authored-by: Mauro Ezequiel Moltrasio <mmoltras@redhat.com>
| EXPECT_TRUE(runtime_config.has_value()); | ||
|
|
||
| if (runtime_config.has_value()) { |
There was a problem hiding this comment.
You don't need the if, you already expected runtime_config.has_value() to be true.
| EXPECT_TRUE(runtime_config.has_value()); | |
| if (runtime_config.has_value()) { | |
| EXPECT_TRUE(runtime_config.has_value()); |
| @@ -104,6 +106,35 @@ seconds. The default value is 30 seconds. | |||
|
|
|||
| * `logLevel`: Sets logging level. The default is INFO. | |||
|
|
|||
| ### File mount or ConfigMap | |||
Description
Makes it so that the runtime config can be read from a ConfigMap. The ConfigMap is added to collector here stackrox/stackrox#12910. The ConfigMap is optional and is not needed in order for collector to run. For now the runtime config only enables or disables the external IPs feature. If the ConfigMap is not used the external IPs feature will be controlled by an environment variable.
Json is used for the configuration. This is convenient, because there is a method for converting Json strings to protobuf objects. YAML was considered, but having the ConfigMap use Json makes it easy to copy the ConfigMap into the API, and use it there. Also using a library for YAML, proved to be a pain.
Checklist
Automated testing
If any of these don't apply, please comment below.
Testing Performed
Testing was performed using stackrox/stackrox#12910 which adds the ConfigMap to collector.
Created the following yaml file for a ConfigMap
Saved the contents in config-map.yml.
Ran
Deployed ACS on a GKE infra cluster using
deploy/deploy-local.sh.Set the collector image to one from this PR using
ks edit ds collector.The collector logs were checked and the following was found
enableExternalIps false
The configmap was changed to
Collector pods were deleted and allowed to come back up
Invalid config
The configmap was changed to the following
The collector log had the following
This is the expected result.
No config map
The configmap was deleted and collector was restarted. The following was found in the collector log.
There was nothing in the collector logs.
Different config path
The configmap was changed to the following
The following were added to the env section of collector
The following was in the collector log