-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: reject monitors with invalid relabel configs #5841
fix: reject monitors with invalid relabel configs #5841
Conversation
2cdd7a1
to
1836f57
Compare
minimumVersionCaseActions := version.GTE(semver.MustParse("2.36.0")) | ||
minimumVersionEqualActions := version.GTE(semver.MustParse("2.41.0")) | ||
if rc.Action == "" { | ||
rc.Action = string(relabel.Replace) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shouldn't this be already taken care since we set default as replace
?
prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go
Lines 1340 to 1341 in 78a2875
// +kubebuilder:default=replace | |
Action string `json:"action,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is for tests + environments that don't have a recent version of the CRD (e.g. one without the default value).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm struggling a little bit to understand what/where is the bug that you're fixing here 😬
Do I understand it correctly that we're allowing actions with a mixture of Lower/Upper case and then we fail to compare with relabel.<action name>
?
If that's the case, what do you think about passing this validation to kubebuilder annotations?
One issue is here: prometheus-operator/pkg/prometheus/resource_selector.go Lines 535 to 548 in 34bb905
If an invalid relabel config is detected, it will be logged but it won't continue from the outer for loop so the probe will be added to the map. Another issue here: prometheus-operator/pkg/prometheus/resource_selector.go Lines 155 to 172 in 34bb905
If L157 returns an error, TL;DR: write unit tests to assert that the code is doing what it should ;)
No upper/lower case actions are fine (in fact the Prometheus config supports everything but will always compare to the lower-case version). |
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
1836f57
to
20fa8ef
Compare
@@ -152,20 +152,14 @@ func (rs *ResourceSelector) SelectServiceMonitors(ctx context.Context, listFn Li | |||
break | |||
} | |||
|
|||
for _, rl := range endpoint.RelabelConfigs { | |||
if rl.Action != "" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure why we had this test in the first place. I've modified validateRelabelConfig()
to default to the replace action if the field is empty.
Ooooh now I get it, we're breaking the inner loop when we wanted to break the outer loop. Thanks for the explanation! |
Swaps to using the code from prometheus-operator#5841
This is a follow-up of prometheus-operator#5841. For the same reason that we didn't continue from the outer loop, invalid ScrapeConfig objects were not rejected. Signed-off-by: Simon Pasquier <spasquie@redhat.com>
This is a follow-up of prometheus-operator#5841. For the same reason that we didn't continue from the outer loop, invalid ScrapeConfig objects were not rejected. Signed-off-by: Simon Pasquier <spasquie@redhat.com>
Description
I noticed that probes, service monitors, pod monitors and scrape configs with invalid relabel configs were not rejected by the operator. This PR fixes it.
Type of change
What type of changes does your code introduce to the Prometheus operator? Put an
x
in the box that apply.CHANGE
(fix or feature that would cause existing functionality to not work as expected)FEATURE
(non-breaking change which adds functionality)BUGFIX
(non-breaking change which fixes an issue)ENHANCEMENT
(non-breaking change which improves existing functionality)NONE
(if none of the other choices apply. Example, tooling, build system, CI, docs, etc.)Changelog entry
Please put a one-line changelog entry below. This will be copied to the changelog file during the release process.