diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 1276ef2ed..f7e423043 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -17,18 +17,18 @@ jobs: charts: ${{ steps.list-changed.outputs.changed }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@v3.5 + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5.0 with: version: v3.6.3 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: 3.12 - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.1 + uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 - name: Run chart-testing (list-changed) id: list-changed env: @@ -52,14 +52,14 @@ jobs: - changed steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: 3.12 - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.1 + uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 - name: Run chart-testing (lint) run: ct lint --config .github/ct.yaml @@ -69,7 +69,7 @@ jobs: - changed steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Run helm-docs @@ -100,7 +100,7 @@ jobs: - v1.31.1 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Add datadog helm repo @@ -145,20 +145,20 @@ jobs: kind: v0.22.0 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Create kind ${{ matrix.versions.k8s }} cluster with kind version ${{ matrix.versions.kind }} - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 with: version: ${{ matrix.versions.kind }} node_image: kindest/node:${{ matrix.versions.k8s}} config: .github/kind_config.yaml - - uses: actions/setup-python@v4 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: 3.12 - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.1 + uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 - name: Run chart-testing (install) run: ct install --config .github/ct.yaml diff --git a/.github/workflows/go-test-private-action-runner.yaml b/.github/workflows/go-test-private-action-runner.yaml index dc26fd575..06b1639af 100644 --- a/.github/workflows/go-test-private-action-runner.yaml +++ b/.github/workflows/go-test-private-action-runner.yaml @@ -22,18 +22,18 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up Go - uses: actions/setup-go@v1 + uses: actions/setup-go@0caeaed6fd66a828038c2da3c0f662a42862658f # v1.1.3 with: go-version: 1.21 id: go - name: Set up Helm - uses: azure/setup-helm@v3.5 + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5.0 with: version: v3.10.1 - name: Add Datadog Helm repo run: helm repo add datadog https://helm.datadoghq.com && helm repo update - name: Check out code into the Go module directory - uses: actions/checkout@v1 + uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1.2.0 - name: run Go tests run: | helm dependency build ./charts/private-action-runner diff --git a/.github/workflows/go-test.yaml b/.github/workflows/go-test.yaml index 739a20b1b..20192dd45 100644 --- a/.github/workflows/go-test.yaml +++ b/.github/workflows/go-test.yaml @@ -22,18 +22,18 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up Go - uses: actions/setup-go@v1 + uses: actions/setup-go@0caeaed6fd66a828038c2da3c0f662a42862658f # v1.1.3 with: go-version: 1.21 id: go - name: Set up Helm - uses: azure/setup-helm@v4.2.0 + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 with: version: v3.14.0 - name: Add Datadog Helm repo run: helm repo add datadog https://helm.datadoghq.com && helm repo update - name: Check out code into the Go module directory - uses: actions/checkout@v1 + uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1.2.0 - name: run Go tests run: | helm dependency build ./charts/datadog-operator @@ -70,11 +70,11 @@ jobs: kind: v0.22.0 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Create K8s ${{ matrix.versions.k8s }} cluster with kind version ${{ matrix.versions.kind }} - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 with: version: ${{ matrix.versions.kind }} node_image: kindest/node:${{ matrix.versions.k8s }} diff --git a/.github/workflows/pr-labeler.yaml b/.github/workflows/pr-labeler.yaml index ff711a73d..c8a50951a 100644 --- a/.github/workflows/pr-labeler.yaml +++ b/.github/workflows/pr-labeler.yaml @@ -17,7 +17,7 @@ jobs: pull-requests: write timeout-minutes: 5 steps: - - uses: actions/labeler@v5 + - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" configuration-path: .github/workflows/labeler/labels.yaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index e33b3d11f..e9ba1d964 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -17,7 +17,7 @@ jobs: contents: write steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: fetch-depth: 0 - name: Configure Git @@ -29,7 +29,7 @@ jobs: helm repo add datadog https://helm.datadoghq.com helm repo add kube-state-metrics https://prometheus-community.github.io/helm-charts - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.5.0 + uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 env: CR_TOKEN: '${{ secrets.GITHUB_TOKEN }}' CR_SKIP_EXISTING: true # Ignore chart changes when version was not updated (documentation) diff --git a/charts/datadog-crds/CHANGELOG.md b/charts/datadog-crds/CHANGELOG.md index b55387c05..2fbdcae06 100644 --- a/charts/datadog-crds/CHANGELOG.md +++ b/charts/datadog-crds/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +# 2.4.0 + +* Update CRDs from Datadog Operator v1.12.0 tag. + # 2.3.0 * Update CRDs from Datadog Operator v1.11.0 tag. diff --git a/charts/datadog-crds/Chart.yaml b/charts/datadog-crds/Chart.yaml index 3402f3d30..1e0c31b5d 100644 --- a/charts/datadog-crds/Chart.yaml +++ b/charts/datadog-crds/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: datadog-crds description: Datadog Kubernetes CRDs chart -version: 2.3.0 +version: 2.4.0 appVersion: "1" keywords: - monitoring diff --git a/charts/datadog-crds/README.md b/charts/datadog-crds/README.md index 3da17dcde..06e25173f 100644 --- a/charts/datadog-crds/README.md +++ b/charts/datadog-crds/README.md @@ -1,6 +1,6 @@ # Datadog CRDs -![Version: 2.3.0](https://img.shields.io/badge/Version-2.3.0-informational?style=flat-square) ![AppVersion: 1](https://img.shields.io/badge/AppVersion-1-informational?style=flat-square) +![Version: 2.4.0](https://img.shields.io/badge/Version-2.4.0-informational?style=flat-square) ![AppVersion: 1](https://img.shields.io/badge/AppVersion-1-informational?style=flat-square) This chart was designed to allow other "datadog" charts to share `CustomResourceDefinitions` such as the `DatadogMetric`. diff --git a/charts/datadog-crds/templates/datadoghq.com_datadogagentprofiles_v1.yaml b/charts/datadog-crds/templates/datadoghq.com_datadogagentprofiles_v1.yaml index e16b1bdcf..465d9b42f 100644 --- a/charts/datadog-crds/templates/datadoghq.com_datadogagentprofiles_v1.yaml +++ b/charts/datadog-crds/templates/datadoghq.com_datadogagentprofiles_v1.yaml @@ -260,6 +260,12 @@ spec: If not specified, the pod priority will be default or zero if there is no default. type: string + runtimeClassName: + description: |- + If specified, indicates the pod's RuntimeClass kubelet should use to run the pod. + If the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase. + If no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled. + type: string updateStrategy: description: |- The deployment strategy to use to replace existing pods with new ones. diff --git a/charts/datadog-crds/templates/datadoghq.com_datadogagents_v1.yaml b/charts/datadog-crds/templates/datadoghq.com_datadogagents_v1.yaml index af1e555c1..8036de9ab 100644 --- a/charts/datadog-crds/templates/datadoghq.com_datadogagents_v1.yaml +++ b/charts/datadog-crds/templates/datadoghq.com_datadogagents_v1.yaml @@ -261,6 +261,11 @@ spec: type: boolean failurePolicy: type: string + kubernetesAdmissionEvents: + properties: + enabled: + type: boolean + type: object mutateUnlabelled: type: boolean mutation: @@ -708,6 +713,69 @@ spec: scrubContainers: type: boolean type: object + otelCollector: + properties: + conf: + properties: + configData: + type: string + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + name: + type: string + type: object + type: object + coreConfig: + properties: + enabled: + type: boolean + extensionTimeout: + type: integer + extensionURL: + type: string + type: object + enabled: + type: boolean + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-type: atomic + type: object otlp: properties: receiver: @@ -2444,6 +2512,8 @@ spec: replicas: format: int32 type: integer + runtimeClassName: + type: string securityContext: properties: appArmorProfile: @@ -3741,6 +3811,11 @@ spec: type: boolean failurePolicy: type: string + kubernetesAdmissionEvents: + properties: + enabled: + type: boolean + type: object mutateUnlabelled: type: boolean mutation: @@ -4188,6 +4263,69 @@ spec: scrubContainers: type: boolean type: object + otelCollector: + properties: + conf: + properties: + configData: + type: string + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + name: + type: string + type: object + type: object + coreConfig: + properties: + enabled: + type: boolean + extensionTimeout: + type: integer + extensionURL: + type: string + type: object + enabled: + type: boolean + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-type: atomic + type: object otlp: properties: receiver: diff --git a/charts/datadog-crds/templates/datadoghq.com_datadogpodautoscalers_v1.yaml b/charts/datadog-crds/templates/datadoghq.com_datadogpodautoscalers_v1.yaml index 7ef853b56..355798a05 100644 --- a/charts/datadog-crds/templates/datadoghq.com_datadogpodautoscalers_v1.yaml +++ b/charts/datadog-crds/templates/datadoghq.com_datadogpodautoscalers_v1.yaml @@ -231,6 +231,14 @@ spec: type: object type: array x-kubernetes-list-type: atomic + stabilizationWindowSeconds: + description: |- + StabilizationWindowSeconds is the number of seconds the controller should lookback at previous recommendations + before deciding to apply a new one. Defaults to 0. + format: int32 + maximum: 1800 + minimum: 0 + type: integer strategy: description: |- Strategy is used to specify which policy should be used. @@ -297,6 +305,14 @@ spec: type: object type: array x-kubernetes-list-type: atomic + stabilizationWindowSeconds: + description: |- + StabilizationWindowSeconds is the number of seconds the controller should lookback at previous recommendations + before deciding to apply a new one. Defaults to 0. + format: int32 + maximum: 1800 + minimum: 0 + type: integer strategy: description: |- Strategy is used to specify which policy should be used. diff --git a/charts/datadog-operator/Chart.yaml b/charts/datadog-operator/Chart.yaml index 23065c712..83165c1ae 100644 --- a/charts/datadog-operator/Chart.yaml +++ b/charts/datadog-operator/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: datadog-operator -version: 2.5.1 +version: 2.5.2 appVersion: 1.11.1 description: Datadog Operator keywords: diff --git a/charts/datadog-operator/README.md b/charts/datadog-operator/README.md index 2e67681f0..c0ed7224d 100644 --- a/charts/datadog-operator/README.md +++ b/charts/datadog-operator/README.md @@ -1,6 +1,6 @@ # Datadog Operator -![Version: 2.5.1](https://img.shields.io/badge/Version-2.5.1-informational?style=flat-square) ![AppVersion: 1.11.1](https://img.shields.io/badge/AppVersion-1.11.1-informational?style=flat-square) +![Version: 2.5.2](https://img.shields.io/badge/Version-2.5.2-informational?style=flat-square) ![AppVersion: 1.11.1](https://img.shields.io/badge/AppVersion-1.11.1-informational?style=flat-square) ## Values diff --git a/charts/datadog-operator/templates/clusterrole.yaml b/charts/datadog-operator/templates/clusterrole.yaml index 79c245eb6..1ac37f56e 100644 --- a/charts/datadog-operator/templates/clusterrole.yaml +++ b/charts/datadog-operator/templates/clusterrole.yaml @@ -347,6 +347,13 @@ rules: verbs: - list - watch +- apiGroups: # EKS kube_scheduler and kube_controller_manager control plane metrics + - "metrics.eks.amazonaws.com" + resources: + - kcm/metrics + - ksh/metrics + verbs: + - get {{- if .Values.datadogAgentProfile.enabled }} - apiGroups: - "" diff --git a/charts/datadog/CHANGELOG.md b/charts/datadog/CHANGELOG.md index 6135989da..0f005d308 100644 --- a/charts/datadog/CHANGELOG.md +++ b/charts/datadog/CHANGELOG.md @@ -4,6 +4,14 @@ * Enable `system-probe` container on GKE Autopilot. +## 3.90.2 + +* Adds env vars `DD_AGENT_IPC_PORT` and `DD_AGENT_IPC_CONFIG_REFRESH_INTERVAL` when Otel Agent is enabled and adds flag `--sync-delay=30s` to otel agent. + +## 3.90.1 + +* Add rule to clusterrole to allow the node agent to query the EKS control plane metrics API + ## 3.90.0 * Set default `Agent` and `Cluster-Agent` version to `7.62.0`. diff --git a/charts/datadog/templates/_container-agent.yaml b/charts/datadog/templates/_container-agent.yaml index 0dba5f33c..1bda81b9d 100644 --- a/charts/datadog/templates/_container-agent.yaml +++ b/charts/datadog/templates/_container-agent.yaml @@ -59,6 +59,12 @@ {{- include "containers-common-env" . | nindent 4 }} {{- include "fips-envvar" . | nindent 4 }} {{- include "processes-common-envs" . | nindent 4 }} + {{- if eq (include "should-enable-otel-agent" .) "true" }} + - name: DD_AGENT_IPC_PORT + value: "5009" + - name: DD_AGENT_IPC_CONFIG_REFRESH_INTERVAL + value: "60" + {{- end }} {{- if .Values.datadog.logLevel }} - name: DD_LOG_LEVEL diff --git a/charts/datadog/templates/_container-otel-agent.yaml b/charts/datadog/templates/_container-otel-agent.yaml index 193748157..67793f402 100644 --- a/charts/datadog/templates/_container-otel-agent.yaml +++ b/charts/datadog/templates/_container-otel-agent.yaml @@ -3,10 +3,10 @@ image: "{{ include "image-path" (dict "root" .Values "image" .Values.agents.image) }}" imagePullPolicy: {{ .Values.agents.image.pullPolicy }} {{- if eq .Values.targetSystem "linux" }} - command: ["otel-agent", "--config={{ template "datadog.otelconfPath" . }}/otel-config.yaml", "--core-config={{ template "datadog.confPath" . }}/datadog.yaml"] + command: ["otel-agent", "--config={{ template "datadog.otelconfPath" . }}/otel-config.yaml", "--core-config={{ template "datadog.confPath" . }}/datadog.yaml", "--sync-delay=30s"] {{- end -}} {{- if eq .Values.targetSystem "windows" }} - command: ["otel-agent", "-foreground", "-config={{ template "datadog.otelconfPath" . }}/otel-config.yaml", "--core-config={{ template "datadog.confPath" . }}/datadog.yaml"] + command: ["otel-agent", "-foreground", "-config={{ template "datadog.otelconfPath" . }}/otel-config.yaml", "--core-config={{ template "datadog.confPath" . }}/datadog.yaml", "--sync-delay=30s"] {{- end -}} {{ include "generate-security-context" (dict "securityContext" .Values.agents.containers.otelAgent.securityContext "targetSystem" .Values.targetSystem "seccomp" "" "kubeversion" .Capabilities.KubeVersion.Version) | indent 2 }} resources: @@ -32,6 +32,10 @@ env: {{- include "containers-common-env" . | nindent 4 }} {{- include "containers-cluster-agent-env" . | nindent 4 }} + - name: DD_AGENT_IPC_PORT + value: "5009" + - name: DD_AGENT_IPC_CONFIG_REFRESH_INTERVAL + value: "60" {{- include "fips-envvar" . | nindent 4 }} - name: DD_LOG_LEVEL value: {{ .Values.agents.containers.otelAgent.logLevel | default .Values.datadog.logLevel | quote }} diff --git a/charts/datadog/templates/_containers-init-linux.yaml b/charts/datadog/templates/_containers-init-linux.yaml index fd0636250..e50dac6f6 100644 --- a/charts/datadog/templates/_containers-init-linux.yaml +++ b/charts/datadog/templates/_containers-init-linux.yaml @@ -1,8 +1,6 @@ {{- define "containers-init-linux" -}} - name: init-volume -{{- if not .Values.providers.gke.autopilot }} {{- include "generate-security-context" (dict "securityContext" .Values.agents.containers.initContainers.securityContext "targetSystem" .Values.targetSystem "seccomp" "" "kubeversion" .Capabilities.KubeVersion.Version) | indent 2 }} -{{- end }} image: "{{ include "image-path" (dict "root" .Values "image" .Values.agents.image) }}" imagePullPolicy: {{ .Values.agents.image.pullPolicy }} command: ["bash", "-c"] @@ -15,9 +13,7 @@ resources: {{ toYaml .Values.agents.containers.initContainers.resources | indent 4 }} - name: init-config -{{- if not .Values.providers.gke.autopilot }} {{- include "generate-security-context" (dict "securityContext" .Values.agents.containers.initContainers.securityContext "targetSystem" .Values.targetSystem "seccomp" "" "kubeversion" .Capabilities.KubeVersion.Version) | indent 2 }} -{{- end }} image: "{{ include "image-path" (dict "root" .Values "image" .Values.agents.image) }}" imagePullPolicy: {{ .Values.agents.image.pullPolicy }} command: diff --git a/charts/datadog/templates/_helpers.tpl b/charts/datadog/templates/_helpers.tpl index 9acf4ea5e..53acb70ce 100644 --- a/charts/datadog/templates/_helpers.tpl +++ b/charts/datadog/templates/_helpers.tpl @@ -117,8 +117,6 @@ false {{- end -}} {{- end -}} - - {{/* Return secret name to be used based on provided values. */}} diff --git a/charts/datadog/templates/_system-probe-init.yaml b/charts/datadog/templates/_system-probe-init.yaml index cfea181fc..a9defec32 100644 --- a/charts/datadog/templates/_system-probe-init.yaml +++ b/charts/datadog/templates/_system-probe-init.yaml @@ -1,8 +1,6 @@ {{- define "system-probe-init" -}} - name: seccomp-setup -{{- if not .Values.providers.gke.autopilot }} {{ include "generate-security-context" (dict "securityContext" .Values.agents.containers.initContainers.securityContext "targetSystem" .Values.targetSystem "seccomp" "" "kubeversion" .Capabilities.KubeVersion.Version) | indent 2 }} -{{- end }} image: "{{ include "image-path" (dict "root" .Values "image" .Values.agents.image) }}" imagePullPolicy: {{ .Values.agents.image.pullPolicy }} command: diff --git a/charts/datadog/templates/rbac.yaml b/charts/datadog/templates/rbac.yaml index 2d555d52f..919808f88 100644 --- a/charts/datadog/templates/rbac.yaml +++ b/charts/datadog/templates/rbac.yaml @@ -129,6 +129,13 @@ rules: resources: ["secrets"] verbs: ["get"] {{- end }} +- apiGroups: # EKS kube_scheduler and kube_controller_manager control plane metrics + - "metrics.eks.amazonaws.com" + resources: + - kcm/metrics + - ksh/metrics + verbs: + - get --- apiVersion: {{ template "rbac.apiVersion" . }} kind: ClusterRoleBinding diff --git a/crds/datadoghq.com_datadogagentprofiles.yaml b/crds/datadoghq.com_datadogagentprofiles.yaml index 5c4ed60b7..d0e4501c5 100644 --- a/crds/datadoghq.com_datadogagentprofiles.yaml +++ b/crds/datadoghq.com_datadogagentprofiles.yaml @@ -254,6 +254,12 @@ spec: If not specified, the pod priority will be default or zero if there is no default. type: string + runtimeClassName: + description: |- + If specified, indicates the pod's RuntimeClass kubelet should use to run the pod. + If the named RuntimeClass does not exist, or the CRI cannot run the corresponding handler, the pod enters the Failed terminal phase. + If no runtimeClassName is specified, the default RuntimeHandler is used, which is equivalent to the behavior when the RuntimeClass feature is disabled. + type: string updateStrategy: description: |- The deployment strategy to use to replace existing pods with new ones. diff --git a/crds/datadoghq.com_datadogagents.yaml b/crds/datadoghq.com_datadogagents.yaml index cd982f6df..05deca222 100644 --- a/crds/datadoghq.com_datadogagents.yaml +++ b/crds/datadoghq.com_datadogagents.yaml @@ -255,6 +255,11 @@ spec: type: boolean failurePolicy: type: string + kubernetesAdmissionEvents: + properties: + enabled: + type: boolean + type: object mutateUnlabelled: type: boolean mutation: @@ -702,6 +707,69 @@ spec: scrubContainers: type: boolean type: object + otelCollector: + properties: + conf: + properties: + configData: + type: string + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + name: + type: string + type: object + type: object + coreConfig: + properties: + enabled: + type: boolean + extensionTimeout: + type: integer + extensionURL: + type: string + type: object + enabled: + type: boolean + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-type: atomic + type: object otlp: properties: receiver: @@ -2438,6 +2506,8 @@ spec: replicas: format: int32 type: integer + runtimeClassName: + type: string securityContext: properties: appArmorProfile: @@ -3735,6 +3805,11 @@ spec: type: boolean failurePolicy: type: string + kubernetesAdmissionEvents: + properties: + enabled: + type: boolean + type: object mutateUnlabelled: type: boolean mutation: @@ -4182,6 +4257,69 @@ spec: scrubContainers: type: boolean type: object + otelCollector: + properties: + conf: + properties: + configData: + type: string + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + name: + type: string + type: object + type: object + coreConfig: + properties: + enabled: + type: boolean + extensionTimeout: + type: integer + extensionURL: + type: string + type: object + enabled: + type: boolean + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-type: atomic + type: object otlp: properties: receiver: diff --git a/crds/datadoghq.com_datadogpodautoscalers.yaml b/crds/datadoghq.com_datadogpodautoscalers.yaml index 148d84206..5a30875db 100644 --- a/crds/datadoghq.com_datadogpodautoscalers.yaml +++ b/crds/datadoghq.com_datadogpodautoscalers.yaml @@ -225,6 +225,14 @@ spec: type: object type: array x-kubernetes-list-type: atomic + stabilizationWindowSeconds: + description: |- + StabilizationWindowSeconds is the number of seconds the controller should lookback at previous recommendations + before deciding to apply a new one. Defaults to 0. + format: int32 + maximum: 1800 + minimum: 0 + type: integer strategy: description: |- Strategy is used to specify which policy should be used. @@ -291,6 +299,14 @@ spec: type: object type: array x-kubernetes-list-type: atomic + stabilizationWindowSeconds: + description: |- + StabilizationWindowSeconds is the number of seconds the controller should lookback at previous recommendations + before deciding to apply a new one. Defaults to 0. + format: int32 + maximum: 1800 + minimum: 0 + type: integer strategy: description: |- Strategy is used to specify which policy should be used. diff --git a/test/datadog-operator/baseline/Operator_Deployment_default.yaml b/test/datadog-operator/baseline/Operator_Deployment_default.yaml index a1e2c5a8e..b373cd360 100644 --- a/test/datadog-operator/baseline/Operator_Deployment_default.yaml +++ b/test/datadog-operator/baseline/Operator_Deployment_default.yaml @@ -7,7 +7,7 @@ metadata: namespace: datadog-agent labels: app.kubernetes.io/name: datadog-operator - helm.sh/chart: datadog-operator-2.5.1 + helm.sh/chart: datadog-operator-2.5.2 app.kubernetes.io/instance: datadog-operator app.kubernetes.io/version: "1.11.1" app.kubernetes.io/managed-by: Helm diff --git a/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml b/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml index 56914c0d8..7c6570c18 100644 --- a/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml +++ b/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml @@ -36,7 +36,7 @@ spec: name: datadog-clusterchecks annotations: - checksum/clusteragent_token: 8f3b3c8b7cfa2cda5ff4136a1169d5b997a5f93b2a505411319066c36b4dbfc6 + checksum/clusteragent_token: 247c426a527d3914cf4c9ed1f016b3ba0b4797064af564486f45cd0b2f13174d checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d spec: serviceAccountName: datadog-cluster-checks diff --git a/test/datadog/baseline/cluster-agent-deployment_default.yaml b/test/datadog/baseline/cluster-agent-deployment_default.yaml index 2cc59025e..3e5ea25b0 100644 --- a/test/datadog/baseline/cluster-agent-deployment_default.yaml +++ b/test/datadog/baseline/cluster-agent-deployment_default.yaml @@ -36,7 +36,7 @@ spec: name: datadog-cluster-agent annotations: - checksum/clusteragent_token: c9e63cc924f65c90c9db043c85691922f903454f911800caf22b5331c09eb95a + checksum/clusteragent_token: a456a0b0db2dcb0a05cc06a3b8cccd630ce47a103199f363970edeb225ed57e7 checksum/clusteragent-configmap: 04f78cc8c755f4c6debb07948b1bf8318109acb1f32d624857bf409e9e7570c0 checksum/api_key: 657e19756058df21cac9dd8bdb1289cdf8ab0a632155ce5b9cd382881874a62f checksum/application_key: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b diff --git a/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml b/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml index 2f3ad4e69..50822929f 100644 --- a/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml +++ b/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml @@ -36,7 +36,7 @@ spec: name: datadog-cluster-agent annotations: - checksum/clusteragent_token: f089f3678f8a3df78afc7ef68c772db6ec759491285736d3d980f00847634be2 + checksum/clusteragent_token: 8d8f3cd91285a7d6e1507a1f1435fc5fd21778965cf685a462238553841a2daf checksum/clusteragent-configmap: 04f78cc8c755f4c6debb07948b1bf8318109acb1f32d624857bf409e9e7570c0 checksum/api_key: 657e19756058df21cac9dd8bdb1289cdf8ab0a632155ce5b9cd382881874a62f checksum/application_key: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b diff --git a/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml b/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml index ff9f13884..a6b62bf7d 100644 --- a/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml +++ b/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml @@ -36,7 +36,7 @@ spec: name: datadog-cluster-agent annotations: - checksum/clusteragent_token: 3a1c3382ada88b2d39c40936b49cd1a4466546419509613522b2a5c11439f571 + checksum/clusteragent_token: 443892528b5e1ffddee461bdd9a241aa564cd5126cf4d6f36b7af5d50a94d884 checksum/clusteragent-configmap: 04f78cc8c755f4c6debb07948b1bf8318109acb1f32d624857bf409e9e7570c0 checksum/api_key: 657e19756058df21cac9dd8bdb1289cdf8ab0a632155ce5b9cd382881874a62f checksum/application_key: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b diff --git a/test/datadog/baseline/daemonset_default.yaml b/test/datadog/baseline/daemonset_default.yaml index a61510e50..b89003e13 100644 --- a/test/datadog/baseline/daemonset_default.yaml +++ b/test/datadog/baseline/daemonset_default.yaml @@ -30,7 +30,7 @@ spec: name: datadog annotations: - checksum/clusteragent_token: 146f64f1abee014184c989109690a3ea279768d7ca890233050804a39dee61de + checksum/clusteragent_token: f9c45c3e8cd387fc09e0d57c3d5395387e3c674a00806e2a8a26e14454a0a262 checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a diff --git a/test/datadog/baseline/gdc_daemonset_default.yaml b/test/datadog/baseline/gdc_daemonset_default.yaml index 4324e1e50..aa71a7b89 100644 --- a/test/datadog/baseline/gdc_daemonset_default.yaml +++ b/test/datadog/baseline/gdc_daemonset_default.yaml @@ -30,7 +30,7 @@ spec: env.datadoghq.com/kind: gke-gdc name: datadog annotations: - checksum/clusteragent_token: 6b75d47ae4b90c05c782c001af2ad43f1c1a5180f08b0cc53ca47d9598d5e701 + checksum/clusteragent_token: b1ce037acd1ae38c7dd524a44aa9bab7cab5c3679696633ffcac0dea97152aec checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a diff --git a/test/datadog/baseline/gdc_daemonset_logs_collection.yaml b/test/datadog/baseline/gdc_daemonset_logs_collection.yaml index 1853a0887..52a59100e 100644 --- a/test/datadog/baseline/gdc_daemonset_logs_collection.yaml +++ b/test/datadog/baseline/gdc_daemonset_logs_collection.yaml @@ -30,7 +30,7 @@ spec: env.datadoghq.com/kind: gke-gdc name: datadog annotations: - checksum/clusteragent_token: 3e4b1c117cad7e2f7b738e53441d937bef3462845797739348ac420bcc8cefbf + checksum/clusteragent_token: c477368060c394d653969d3cbce514a56824150a477be33eb4fecaf6e702c9b1 checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a diff --git a/test/datadog/baseline/other_default.yaml b/test/datadog/baseline/other_default.yaml index 7869ebfe8..ab63ebcf0 100644 --- a/test/datadog/baseline/other_default.yaml +++ b/test/datadog/baseline/other_default.yaml @@ -99,7 +99,7 @@ metadata: app.kubernetes.io/version: "7" type: Opaque data: - token: "RFlvZHdzcENkR2VwNHY4U3N0UXBINXZ2QkFjcmRWOWI=" + token: "Rjh4VG1qODNFVWdNR0F5RG5RMWs4cWJ3VGU0OWR1S0k=" --- # Source: datadog/templates/cluster-agent-confd-configmap.yaml apiVersion: v1 @@ -193,8 +193,8 @@ metadata: app.kubernetes.io/version: "7" data: install_type: k8s_manual - install_id: "4af1741c-cd0d-4e9f-8fd3-d248e4a0791a" - install_time: "1738261766" + install_id: "a8722398-d4d1-4608-ae54-a267838ef60d" + install_time: "1738887322" --- # Source: datadog/templates/cluster-agent-rbac.yaml apiVersion: "rbac.authorization.k8s.io/v1" @@ -564,6 +564,13 @@ rules: - leases verbs: - get +- apiGroups: # EKS kube_scheduler and kube_controller_manager control plane metrics + - "metrics.eks.amazonaws.com" + resources: + - kcm/metrics + - ksh/metrics + verbs: + - get --- # Source: datadog/templates/agent-clusterchecks-rbac.yaml apiVersion: "rbac.authorization.k8s.io/v1" @@ -834,7 +841,7 @@ spec: name: datadog annotations: - checksum/clusteragent_token: 2a7eca5aca30d383d947ec4f9fe35850f0e55bfbacc3a14bfa6495b415f98438 + checksum/clusteragent_token: df5542e15c4a6b2ca3cafa45d4f4dd9885dacbdd3b5e859a78b7eb09a873d3bc checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a @@ -1268,7 +1275,7 @@ spec: name: datadog-clusterchecks annotations: - checksum/clusteragent_token: b3f8a3f41d1108ea08a30af4f45cb1b1c9b04cdc46f7cd343cbf8a6a974d66c5 + checksum/clusteragent_token: 5a3ebcf850d185370c74eb30bfc4943a792c0aaff1358543224a8c0a7e1882bb checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d spec: serviceAccountName: datadog-cluster-checks @@ -1460,7 +1467,7 @@ spec: name: datadog-cluster-agent annotations: - checksum/clusteragent_token: f0b764322f58502282ea7299e7e8957fe0045bdda4095b12dd00cdcbfc60c97a + checksum/clusteragent_token: 2125e0b8c18f02677614776f5826a96ecdf6be8393e9acdc9a096b538337b316 checksum/clusteragent-configmap: 86190a6d13b82b58a4a3158761c458fd0009ae0cfd622e7c98e02207e8361074 checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d spec: diff --git a/test/datadog/otel_agent_test.go b/test/datadog/otel_agent_test.go new file mode 100644 index 000000000..a14b8368e --- /dev/null +++ b/test/datadog/otel_agent_test.go @@ -0,0 +1,75 @@ +package datadog + +import ( + "testing" + + "github.com/stretchr/testify/assert" + appsv1 "k8s.io/api/apps/v1" + + "github.com/DataDog/helm-charts/test/common" +) + +const ( + DDAgentIpcPort = "DD_AGENT_IPC_PORT" + DDAgentIpcConfigRefreshInterval = "DD_AGENT_IPC_CONFIG_REFRESH_INTERVAL" +) + +type ExpectedIpcEnv struct { + ipcPort string + ipcConfigRefreshInterval string +} + +func Test_otelAgentConfigs(t *testing.T) { + tests := []struct { + name string + command common.HelmCommand + assertions func(t *testing.T, manifest string, expectedIpcEnv ExpectedIpcEnv) + expectedIpcEnv ExpectedIpcEnv + }{ + { + name: "no ipc provided", + command: common.HelmCommand{ + ReleaseName: "datadog", + ChartPath: "../../charts/datadog", + ShowOnly: []string{"templates/daemonset.yaml"}, + Values: []string{"../../charts/datadog/values.yaml"}, + Overrides: map[string]string{ + "datadog.apiKeyExistingSecret": "datadog-secret", + "datadog.appKeyExistingSecret": "datadog-secret", + "datadog.otelCollector.enabled": "true", + }, + }, + expectedIpcEnv: ExpectedIpcEnv{ + ipcPort: "5009", + ipcConfigRefreshInterval: "60", + }, + assertions: verifyOtelAgentEnvVars, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + manifest, err := common.RenderChart(t, tt.command) + assert.Nil(t, err, "couldn't render template") + tt.assertions(t, manifest, tt.expectedIpcEnv) + }) + } +} + +func verifyOtelAgentEnvVars(t *testing.T, manifest string, expectedIpcEnv ExpectedIpcEnv) { + var deployment appsv1.DaemonSet + common.Unmarshal(t, manifest, &deployment) + // otel agent + otelAgentContainer, ok := getContainer(t, deployment.Spec.Template.Spec.Containers, "otel-agent") + assert.True(t, ok) + coreEnvs := getEnvVarMap(otelAgentContainer.Env) + assert.Equal(t, expectedIpcEnv.ipcPort, coreEnvs[DDAgentIpcPort]) + assert.Equal(t, expectedIpcEnv.ipcConfigRefreshInterval, coreEnvs[DDAgentIpcConfigRefreshInterval]) + + // core agent + coreAgentContainer, ok := getContainer(t, deployment.Spec.Template.Spec.Containers, "agent") + assert.True(t, ok) + coreEnvs = getEnvVarMap(coreAgentContainer.Env) + assert.Equal(t, expectedIpcEnv.ipcPort, coreEnvs[DDAgentIpcPort]) + assert.Equal(t, expectedIpcEnv.ipcConfigRefreshInterval, coreEnvs[DDAgentIpcConfigRefreshInterval]) +}