Skip to content

Commit

Permalink
api/vmalertmanager: adds validation for logLevel
Browse files Browse the repository at this point in the history
it accepts lower and upper case values for consistency with VM logger flags.

Signed-off-by: f41gh7 <[email protected]>
  • Loading branch information
f41gh7 committed Sep 25, 2024
1 parent c800ed4 commit d6bb671
Show file tree
Hide file tree
Showing 5 changed files with 111 additions and 56 deletions.
9 changes: 9 additions & 0 deletions api/operator/v1beta1/vmalertmanager_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -80,9 +80,11 @@ type VMAlertmanagerSpec struct {
ConfigSecret string `json:"configSecret,omitempty"`
// Log level for VMAlertmanager to be configured with.
// +optional
// +kubebuilder:validation:Enum=debug;info;warn;error;DEBUG;INFO;WARN;ERROR
LogLevel string `json:"logLevel,omitempty"`
// LogFormat for VMAlertmanager to be configured with.
// +optional
// +kubebuilder:validation:Enum=logfmt;json
LogFormat string `json:"logFormat,omitempty"`

// Retention Time duration VMAlertmanager shall retain data for. Default is '120h',
Expand Down Expand Up @@ -190,9 +192,11 @@ type VMAlertmanagerSpec struct {

// WebConfig defines configuration for webserver
// https://github.com/prometheus/alertmanager/blob/main/docs/https.md
// +optional
WebConfig *AlertmanagerWebConfig `json:"webConfig,omitempty"`

// GossipConfig defines gossip TLS configuration for Alertmanager cluster
// +optional
GossipConfig *AlertmanagerGossipConfig `json:"gossipConfig,omitempty"`

CommonDefaultableParams `json:",inline,omitempty"`
Expand Down Expand Up @@ -513,20 +517,25 @@ type AlertmanagerGossipConfig struct {
// AlertmanagerWebConfig defines web server configuration for alertmanager
type AlertmanagerWebConfig struct {
// TLSServerConfig defines server TLS configuration for alertmanager
// +optional
TLSServerConfig *TLSServerConfig `json:"tls_server_config,omitempty"`
// HTTPServerConfig defines http server configuration for alertmanager web server
// +optional
HTTPServerConfig *AlertmanagerHTTPConfig `json:"http_server_config,omitempty"`
// BasicAuthUsers Usernames and hashed passwords that have full access to the web server
// Passwords must be hashed with bcrypt
// +optional
BasicAuthUsers map[string]string `json:"basic_auth_users,omitempty"`
}

// AlertmanagerHTTPConfig defines http server configuration for alertmanager
type AlertmanagerHTTPConfig struct {
// HTTP2 enables HTTP/2 support. Note that HTTP/2 is only supported with TLS.
// This can not be changed on the fly.
// +optional
HTTP2 bool `json:"http2,omitempty"`
// Headers defines list of headers that can be added to HTTP responses.
// +optional
Headers map[string]string `json:"headers,omitempty"`
}

Expand Down
28 changes: 26 additions & 2 deletions api/operator/v1beta1/vmextra_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -512,8 +512,10 @@ type StreamAggrConfig struct {
DedupInterval string `json:"dedupInterval,omitempty"`
// labels to drop from samples for aggregator before stream de-duplication and aggregation
// +optional
DropInputLabels []string `json:"dropInputLabels,omitempty"`
IgnoreFirstIntervals int `json:"ignoreFirstIntervals,omitempty"`
DropInputLabels []string `json:"dropInputLabels,omitempty"`
// IgnoreFirstIntervals instructs to ignore first interval
// +optional
IgnoreFirstIntervals int `json:"ignoreFirstIntervals,omitempty"`
// IgnoreOldSamples instructs to ignore samples with old timestamps outside the current aggregation interval.
// +optional
IgnoreOldSamples bool `json:"ignoreOldSamples,omitempty"`
Expand Down Expand Up @@ -934,47 +936,61 @@ func (c *TLSConfig) BuildAssetPath(prefix, name, key string) string {

// Certs defines TLS certs configuration
type Certs struct {
// CertSecretRef defines reference for secret with certificate content under given key
// mutually exclusive with CertFile
// +optional
CertSecretRef *v1.SecretKeySelector `json:"cert_secret_ref,omitempty"`
// CertFile defines path to the pre-mounted file with certificate
// mutually exclusive with CertSecretRef
// +optional
CertFile string `json:"cert_file,omitempty"`
// Key defines reference for secret with certificate key content under given key
// mutually exclusive with KeyFile
// +optional
KeySecretRef *v1.SecretKeySelector `json:"key_secret_ref,omitempty"`
// KeyFile defines path to the pre-mounted file with certificate key
// mutually exclusive with KeySecretRef
// +optional
KeyFile string `json:"key_file,omitempty"`
}

// TLSServerConfig defines TLS configuration for the application's server
type TLSServerConfig struct {
// ClientCASecretRef defines reference for secret with CA content under given key
// mutually exclusive with ClientCAFile
// +optional
ClientCASecretRef *v1.SecretKeySelector `json:"client_ca_secret_ref,omitempty"`
// ClientCAFile defines path to the pre-mounted file with CA
// mutually exclusive with ClientCASecretRef
// +optional
ClientCAFile string `json:"client_ca_file,omitempty"`
// Cert defines reference for secret with CA content under given key
// mutually exclusive with CertFile
// ClientAuthType defines server policy for client authentication
// If you want to enable client authentication (aka mTLS), you need to use RequireAndVerifyClientCert
// Note, mTLS is supported only at enterprise version of VictoriaMetrics components
// +optional
// +kubebuilder:validation:Enum=NoClientCert;RequireAndVerifyClientCert
ClientAuthType string `json:"client_auth_type,omitempty"`
// MinVersion minimum TLS version that is acceptable.
// +optional
// +kubebuilder:validation:Enum=TLS10;TLS11;TLS12;TLS13
MinVersion string `json:"min_version,omitempty"`
// MaxVersion maximum TLS version that is acceptable.
// +optional
// +kubebuilder:validation:Enum=TLS10;TLS11;TLS12;TLS13
MaxVersion string `json:"max_version,omitempty"`
// CipherSuites defines list of supported cipher suites for TLS versions up to TLS 1.2
// https://golang.org/pkg/crypto/tls/#pkg-constants
// +optional
CipherSuites []string `json:"cipher_suites,omitempty"`
// CurvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order.
// https://golang.org/pkg/crypto/tls/#CurveID
// +optional
CurvePreferences []string `json:"curve_preferences,omitempty"`
// PreferServerCipherSuites controls whether the server selects the
// client's most preferred ciphersuite
// +optional
PreferServerCipherSuites bool `json:"prefer_server_cipher_suites,omitempty"`
// Certs defines cert, CA and key for TLS auth
Certs `json:",inline"`
Expand All @@ -984,14 +1000,18 @@ type TLSServerConfig struct {
type TLSClientConfig struct {
// CA defines reference for secret with CA content under given key
// mutually exclusive with CAFile
// +optional
CASecretRef *v1.SecretKeySelector `json:"ca_secret_ref,omitempty"`
// CAFile defines path to the pre-mounted file with CA
// mutually exclusive with CASecretRef
// +optional
CAFile string `json:"ca_file,omitempty"`
// Cert defines reference for secret with CA content under given key
// mutually exclusive with CertFile
// +optional
InsecureSkipVerify bool `json:"insecure_skip_verify,omitempty"`
// ServerName indicates a name of a server
// +optional
ServerName string `json:"server_name,omitempty"`
// Certs defines cert, CA and key for TLS auth
Certs `json:",inline"`
Expand Down Expand Up @@ -1047,18 +1067,22 @@ type CommonDefaultableParams struct {
// DisableSelfServiceScrape controls creation of VMServiceScrape by operator
// for the application.
// Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable
// +optional
DisableSelfServiceScrape *bool `json:"disableSelfServiceScrape,omitempty"`
}

type CommonConfigReloaderParams struct {
// UseVMConfigReloader replaces prometheus-like config-reloader
// with vm one. It uses secrets watch instead of file watch
// which greatly increases speed of config updates
// +optional
UseVMConfigReloader *bool `json:"useVMConfigReloader,omitempty"`
// ConfigReloaderImageTag defines image:tag for config-reloader container
// +optional
ConfigReloaderImageTag string `json:"configReloaderImageTag,omitempty"`
// ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
// if not defined default resources from operator config will be used
// +optional
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resources",xDescriptors="urn:alm:descriptor:com.tectonic.ui:resourceRequirements"
ConfigReloaderResources v1.ResourceRequirements `json:"configReloaderResources,omitempty"`
// ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container
Expand Down
28 changes: 25 additions & 3 deletions config/crd/overlay/crd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3276,6 +3276,8 @@ spec:
type: string
type: array
ignoreFirstIntervals:
description: IgnoreFirstIntervals instructs to ignore first
interval
type: integer
ignoreOldSamples:
description: IgnoreOldSamples instructs to ignore samples
Expand Down Expand Up @@ -5073,6 +5075,7 @@ spec:
type: string
type: array
ignoreFirstIntervals:
description: IgnoreFirstIntervals instructs to ignore first interval
type: integer
ignoreOldSamples:
description: IgnoreOldSamples instructs to ignore samples with
Expand Down Expand Up @@ -10556,7 +10559,9 @@ spec:
mutually exclusive with CertSecretRef
type: string
cert_secret_ref:
description: SecretKeySelector selects a key of a Secret.
description: |-
CertSecretRef defines reference for secret with certificate content under given key
mutually exclusive with CertFile
properties:
key:
description: The key of the secret to select from. Must
Expand Down Expand Up @@ -10633,7 +10638,9 @@ spec:
mutually exclusive with CertSecretRef
type: string
cert_secret_ref:
description: SecretKeySelector selects a key of a Secret.
description: |-
CertSecretRef defines reference for secret with certificate content under given key
mutually exclusive with CertFile
properties:
key:
description: The key of the secret to select from. Must
Expand Down Expand Up @@ -10888,9 +10895,21 @@ spec:
x-kubernetes-preserve-unknown-fields: true
logFormat:
description: LogFormat for VMAlertmanager to be configured with.
enum:
- logfmt
- json
type: string
logLevel:
description: Log level for VMAlertmanager to be configured with.
enum:
- debug
- info
- warn
- error
- DEBUG
- INFO
- WARN
- ERROR
type: string
minReadySeconds:
description: |-
Expand Down Expand Up @@ -11878,7 +11897,9 @@ spec:
mutually exclusive with CertSecretRef
type: string
cert_secret_ref:
description: SecretKeySelector selects a key of a Secret.
description: |-
CertSecretRef defines reference for secret with certificate content under given key
mutually exclusive with CertFile
properties:
key:
description: The key of the secret to select from. Must
Expand Down Expand Up @@ -29220,6 +29241,7 @@ spec:
type: string
type: array
ignoreFirstIntervals:
description: IgnoreFirstIntervals instructs to ignore first interval
type: integer
ignoreOldSamples:
description: IgnoreOldSamples instructs to ignore samples with
Expand Down
Loading

0 comments on commit d6bb671

Please sign in to comment.