From abb267057cafb55c5274eb0e3aac57f8f29d5200 Mon Sep 17 00:00:00 2001
From: Shubham Sharma <shubhash@microsoft.com>
Date: Tue, 5 Jul 2022 22:01:24 +0530
Subject: [PATCH] Add new annotations to annotate command (#1020)

* Add new annotations

Signed-off-by: Shubham Sharma <shubhash@microsoft.com>

* Fix lint

Signed-off-by: Shubham Sharma <shubhash@microsoft.com>
---
 cmd/annotate.go                    | 103 +++++++++++++++++---------
 pkg/kubernetes/annotator.go        |  94 +++++++++++++++---------
 pkg/kubernetes/annotator_config.go | 112 ++++++++++++++++++++---------
 pkg/kubernetes/annotator_test.go   |  16 +++++
 4 files changed, 222 insertions(+), 103 deletions(-)

diff --git a/cmd/annotate.go b/cmd/annotate.go
index a6db78478..6987c2b52 100644
--- a/cmd/annotate.go
+++ b/cmd/annotate.go
@@ -30,40 +30,47 @@ import (
 )
 
 var (
-	annotateTargetResource          string
-	annotateTargetNamespace         string
-	annotateAppID                   string
-	annotateAppPort                 int
-	annotateConfig                  string
-	annotateAppProtocol             string
-	annotateEnableProfile           bool
-	annotateLogLevel                string
-	annotateAPITokenSecret          string
-	annotateAppTokenSecret          string
-	annotateLogAsJSON               bool
-	annotateAppMaxConcurrency       int
-	annotateEnableMetrics           bool
-	annotateMetricsPort             int
-	annotateEnableDebug             bool
-	annotateEnv                     string
-	annotateCPULimit                string
-	annotateMemoryLimit             string
-	annotateCPURequest              string
-	annotateMemoryRequest           string
-	annotateListenAddresses         string
-	annotateLivenessProbeDelay      int
-	annotateLivenessProbeTimeout    int
-	annotateLivenessProbePeriod     int
-	annotateLivenessProbeThreshold  int
-	annotateReadinessProbeDelay     int
-	annotateReadinessProbeTimeout   int
-	annotateReadinessProbePeriod    int
-	annotateReadinessProbeThreshold int
-	annotateDaprImage               string
-	annotateAppSSL                  bool
-	annotateMaxRequestBodySize      int
-	annotateHTTPStreamRequestBody   bool
-	annotateGracefulShutdownSeconds int
+	annotateTargetResource               string
+	annotateTargetNamespace              string
+	annotateAppID                        string
+	annotateAppPort                      int
+	annotateConfig                       string
+	annotateAppProtocol                  string
+	annotateEnableProfile                bool
+	annotateLogLevel                     string
+	annotateAPITokenSecret               string
+	annotateAppTokenSecret               string
+	annotateLogAsJSON                    bool
+	annotateAppMaxConcurrency            int
+	annotateEnableMetrics                bool
+	annotateMetricsPort                  int
+	annotateEnableDebug                  bool
+	annotateEnv                          string
+	annotateCPULimit                     string
+	annotateMemoryLimit                  string
+	annotateCPURequest                   string
+	annotateMemoryRequest                string
+	annotateListenAddresses              string
+	annotateLivenessProbeDelay           int
+	annotateLivenessProbeTimeout         int
+	annotateLivenessProbePeriod          int
+	annotateLivenessProbeThreshold       int
+	annotateReadinessProbeDelay          int
+	annotateReadinessProbeTimeout        int
+	annotateReadinessProbePeriod         int
+	annotateReadinessProbeThreshold      int
+	annotateDaprImage                    string
+	annotateAppSSL                       bool
+	annotateMaxRequestBodySize           int
+	annotateReadBufferSize               int
+	annotateHTTPStreamRequestBody        bool
+	annotateGracefulShutdownSeconds      int
+	annotateEnableAPILogging             bool
+	annotateUnixDomainSocketPath         string
+	annotateVolumeMountsReadOnly         string
+	annotateVolumeMountsReadWrite        string
+	annotateDisableBuiltinK8sSecretStore bool
+	annotatePlacementHostAddress         string
 )
 
 var AnnotateCmd = &cobra.Command{
@@ -316,12 +323,33 @@ func getOptionsFromFlags() kubernetes.AnnotateOptions {
 	if annotateMaxRequestBodySize != -1 {
 		o = append(o, kubernetes.WithMaxRequestBodySize(annotateMaxRequestBodySize))
 	}
+	if annotateReadBufferSize != -1 {
+		o = append(o, kubernetes.WithReadBufferSize(annotateReadBufferSize))
+	}
 	if annotateHTTPStreamRequestBody {
 		o = append(o, kubernetes.WithHTTPStreamRequestBody())
 	}
 	if annotateGracefulShutdownSeconds != -1 {
 		o = append(o, kubernetes.WithGracefulShutdownSeconds(annotateGracefulShutdownSeconds))
 	}
+	if annotateEnableAPILogging {
+		o = append(o, kubernetes.WithEnableAPILogging())
+	}
+	if annotateUnixDomainSocketPath != "" {
+		o = append(o, kubernetes.WithUnixDomainSocketPath(annotateUnixDomainSocketPath))
+	}
+	if annotateVolumeMountsReadOnly != "" {
+		o = append(o, kubernetes.WithVolumeMountsReadOnly(annotateVolumeMountsReadOnly))
+	}
+	if annotateVolumeMountsReadWrite != "" {
+		o = append(o, kubernetes.WithVolumeMountsReadWrite(annotateVolumeMountsReadWrite))
+	}
+	if annotateDisableBuiltinK8sSecretStore {
+		o = append(o, kubernetes.WithDisableBuiltinK8sSecretStore())
+	}
+	if annotatePlacementHostAddress != "" {
+		o = append(o, kubernetes.WithPlacementHostAddress(annotatePlacementHostAddress))
+	}
 	return kubernetes.NewAnnotateOptions(o...)
 }
 
@@ -359,7 +387,14 @@ func init() {
 	AnnotateCmd.Flags().StringVar(&annotateDaprImage, "dapr-image", "", "The image to use for the dapr sidecar container")
 	AnnotateCmd.Flags().BoolVar(&annotateAppSSL, "app-ssl", false, "Enable SSL for the app")
 	AnnotateCmd.Flags().IntVar(&annotateMaxRequestBodySize, "max-request-body-size", -1, "The maximum request body size to use")
+	AnnotateCmd.Flags().IntVar(&annotateReadBufferSize, "http-read-buffer-size", -1, "The maximum size of HTTP header read buffer in kilobytes")
 	AnnotateCmd.Flags().BoolVar(&annotateHTTPStreamRequestBody, "http-stream-request-body", false, "Enable streaming request body for HTTP")
 	AnnotateCmd.Flags().IntVar(&annotateGracefulShutdownSeconds, "graceful-shutdown-seconds", -1, "The number of seconds to wait for the app to shutdown")
+	AnnotateCmd.Flags().BoolVar(&annotateEnableAPILogging, "enable-api-logging", false, "Enable API logging for the Dapr sidecar")
+	AnnotateCmd.Flags().StringVar(&annotateUnixDomainSocketPath, "unix-domain-socket-path", "", "Linux domain socket path to use for communicating with the Dapr sidecar")
+	AnnotateCmd.Flags().StringVar(&annotateVolumeMountsReadOnly, "volume-mounts", "", "List of pod volumes to be mounted to the sidecar container in read-only mode")
+	AnnotateCmd.Flags().StringVar(&annotateVolumeMountsReadWrite, "volume-mounts-rw", "", "List of pod volumes to be mounted to the sidecar container in read-write mode")
+	AnnotateCmd.Flags().BoolVar(&annotateDisableBuiltinK8sSecretStore, "disable-builtin-k8s-secret-store", false, "Disable the built-in k8s secret store")
+	AnnotateCmd.Flags().StringVar(&annotatePlacementHostAddress, "placement-host-address", "", "Comma separated list of addresses for Dapr actor placement servers")
 	RootCmd.AddCommand(AnnotateCmd)
 }
diff --git a/pkg/kubernetes/annotator.go b/pkg/kubernetes/annotator.go
index 1116b3f8b..aec7e9f3b 100644
--- a/pkg/kubernetes/annotator.go
+++ b/pkg/kubernetes/annotator.go
@@ -24,41 +24,47 @@ import (
 
 const (
 	// Dapr annotation keys.
-	daprEnabledKey                 = "dapr.io/enabled"
-	daprAppPortKey                 = "dapr.io/app-port"
-	daprConfigKey                  = "dapr.io/config"
-	daprAppProtocolKey             = "dapr.io/app-protocol"
-	daprAppIDKey                   = "dapr.io/app-id"
-	daprEnableProfilingKey         = "dapr.io/enable-profiling"
-	daprLogLevelKey                = "dapr.io/log-level"
-	daprAPITokenSecretKey          = "dapr.io/api-token-secret" /* #nosec */
-	daprAppTokenSecretKey          = "dapr.io/app-token-secret" /* #nosec */
-	daprLogAsJSONKey               = "dapr.io/log-as-json"
-	daprAppMaxConcurrencyKey       = "dapr.io/app-max-concurrency"
-	daprEnableMetricsKey           = "dapr.io/enable-metrics"
-	daprMetricsPortKey             = "dapr.io/metrics-port"
-	daprEnableDebugKey             = "dapr.io/enable-debug"
-	daprDebugPortKey               = "dapr.io/debug-port"
-	daprEnvKey                     = "dapr.io/env"
-	daprCPULimitKey                = "dapr.io/sidecar-cpu-limit"
-	daprMemoryLimitKey             = "dapr.io/sidecar-memory-limit"
-	daprCPURequestKey              = "dapr.io/sidecar-cpu-request"
-	daprMemoryRequestKey           = "dapr.io/sidecar-memory-request"
-	daprListenAddressesKey         = "dapr.io/sidecar-listen-addresses"
-	daprLivenessProbeDelayKey      = "dapr.io/sidecar-liveness-probe-delay-seconds"
-	daprLivenessProbeTimeoutKey    = "dapr.io/sidecar-liveness-probe-timeout-seconds"
-	daprLivenessProbePeriodKey     = "dapr.io/sidecar-liveness-probe-period-seconds"
-	daprLivenessProbeThresholdKey  = "dapr.io/sidecar-liveness-probe-threshold"
-	daprReadinessProbeDelayKey     = "dapr.io/sidecar-readiness-probe-delay-seconds"
-	daprReadinessProbeTimeoutKey   = "dapr.io/sidecar-readiness-probe-timeout-seconds"
-	daprReadinessProbePeriodKey    = "dapr.io/sidecar-readiness-probe-period-seconds"
-	daprReadinessProbeThresholdKey = "dapr.io/sidecar-readiness-probe-threshold"
-	daprImageKey                   = "dapr.io/sidecar-image"
-	daprAppSSLKey                  = "dapr.io/app-ssl"
-	daprMaxRequestBodySizeKey      = "dapr.io/http-max-request-size"
-	daprReadBufferSizeKey          = "dapr.io/http-read-buffer-size"
-	daprHTTPStreamRequestBodyKey   = "dapr.io/http-stream-request-body"
-	daprGracefulShutdownSecondsKey = "dapr.io/graceful-shutdown-seconds"
+	daprEnabledKey                      = "dapr.io/enabled"
+	daprAppPortKey                      = "dapr.io/app-port"
+	daprConfigKey                       = "dapr.io/config"
+	daprAppProtocolKey                  = "dapr.io/app-protocol"
+	daprAppIDKey                        = "dapr.io/app-id"
+	daprEnableProfilingKey              = "dapr.io/enable-profiling"
+	daprLogLevelKey                     = "dapr.io/log-level"
+	daprAPITokenSecretKey               = "dapr.io/api-token-secret" /* #nosec */
+	daprAppTokenSecretKey               = "dapr.io/app-token-secret" /* #nosec */
+	daprLogAsJSONKey                    = "dapr.io/log-as-json"
+	daprAppMaxConcurrencyKey            = "dapr.io/app-max-concurrency"
+	daprEnableMetricsKey                = "dapr.io/enable-metrics"
+	daprMetricsPortKey                  = "dapr.io/metrics-port"
+	daprEnableDebugKey                  = "dapr.io/enable-debug"
+	daprDebugPortKey                    = "dapr.io/debug-port"
+	daprEnvKey                          = "dapr.io/env"
+	daprCPULimitKey                     = "dapr.io/sidecar-cpu-limit"
+	daprMemoryLimitKey                  = "dapr.io/sidecar-memory-limit"
+	daprCPURequestKey                   = "dapr.io/sidecar-cpu-request"
+	daprMemoryRequestKey                = "dapr.io/sidecar-memory-request"
+	daprListenAddressesKey              = "dapr.io/sidecar-listen-addresses"
+	daprLivenessProbeDelayKey           = "dapr.io/sidecar-liveness-probe-delay-seconds"
+	daprLivenessProbeTimeoutKey         = "dapr.io/sidecar-liveness-probe-timeout-seconds"
+	daprLivenessProbePeriodKey          = "dapr.io/sidecar-liveness-probe-period-seconds"
+	daprLivenessProbeThresholdKey       = "dapr.io/sidecar-liveness-probe-threshold"
+	daprReadinessProbeDelayKey          = "dapr.io/sidecar-readiness-probe-delay-seconds"
+	daprReadinessProbeTimeoutKey        = "dapr.io/sidecar-readiness-probe-timeout-seconds"
+	daprReadinessProbePeriodKey         = "dapr.io/sidecar-readiness-probe-period-seconds"
+	daprReadinessProbeThresholdKey      = "dapr.io/sidecar-readiness-probe-threshold"
+	daprImageKey                        = "dapr.io/sidecar-image"
+	daprAppSSLKey                       = "dapr.io/app-ssl"
+	daprMaxRequestBodySizeKey           = "dapr.io/http-max-request-size"
+	daprReadBufferSizeKey               = "dapr.io/http-read-buffer-size"
+	daprHTTPStreamRequestBodyKey        = "dapr.io/http-stream-request-body"
+	daprGracefulShutdownSecondsKey      = "dapr.io/graceful-shutdown-seconds"
+	daprEnableAPILoggingKey             = "dapr.io/enable-api-logging"
+	daprUnixDomainSocketPathKey         = "dapr.io/unix-domain-socket-path"
+	daprVolumeMountsReadOnlyKey         = "dapr.io/volume-mounts"
+	daprVolumeMountsReadWriteKey        = "dapr.io/volume-mounts-rw"
+	daprDisableBuiltinK8sSecretStoreKey = "dapr.io/disable-builtin-k8s-secret-store" /* #nosec */
+	daprPlacementHostAddressKey         = "dapr.io/placement-host-address"
 
 	// K8s kinds.
 	pod         = "pod"
@@ -490,6 +496,24 @@ func getDaprAnnotations(config *AnnotateOptions) map[string]string {
 	if config.gracefulShutdownSeconds != nil {
 		annotations[daprGracefulShutdownSecondsKey] = strconv.FormatInt(int64(*config.gracefulShutdownSeconds), 10)
 	}
+	if config.enableAPILogging != nil {
+		annotations[daprEnableAPILoggingKey] = strconv.FormatBool(*config.enableAPILogging)
+	}
+	if config.unixDomainSocketPath != nil {
+		annotations[daprUnixDomainSocketPathKey] = *config.unixDomainSocketPath
+	}
+	if config.volumeMountsReadOnly != nil {
+		annotations[daprVolumeMountsReadOnlyKey] = *config.volumeMountsReadOnly
+	}
+	if config.volumeMountsReadWrite != nil {
+		annotations[daprVolumeMountsReadWriteKey] = *config.volumeMountsReadWrite
+	}
+	if config.disableBuiltinK8sSecretStore != nil {
+		annotations[daprDisableBuiltinK8sSecretStoreKey] = strconv.FormatBool(*config.disableBuiltinK8sSecretStore)
+	}
+	if config.placementHostAddress != nil {
+		annotations[daprPlacementHostAddressKey] = *config.placementHostAddress
+	}
 
 	return annotations
 }
diff --git a/pkg/kubernetes/annotator_config.go b/pkg/kubernetes/annotator_config.go
index edad666f5..33b8a1eee 100644
--- a/pkg/kubernetes/annotator_config.go
+++ b/pkg/kubernetes/annotator_config.go
@@ -2,40 +2,46 @@ package kubernetes
 
 // AnnotateOptions configure the injection behavior.
 type AnnotateOptions struct {
-	appID                   *string
-	metricsEnabled          *bool
-	metricsPort             *int
-	appPort                 *int
-	config                  *string
-	appProtocol             *string
-	profileEnabled          *bool
-	logLevel                *string
-	apiTokenSecret          *string
-	appTokenSecret          *string
-	logAsJSON               *bool
-	appMaxConcurrency       *int
-	debugEnabled            *bool
-	debugPort               *int
-	env                     *string
-	cpuLimit                *string
-	memoryLimit             *string
-	cpuRequest              *string
-	memoryRequest           *string
-	listenAddresses         *string
-	livenessProbeDelay      *int
-	livenessProbeTimeout    *int
-	livenessProbePeriod     *int
-	livenessProbeThreshold  *int
-	readinessProbeDelay     *int
-	readinessProbeTimeout   *int
-	readinessProbePeriod    *int
-	readinessProbeThreshold *int
-	image                   *string
-	appSSL                  *bool
-	maxRequestBodySize      *int
-	readBufferSize          *int
-	httpStreamRequestBody   *bool
-	gracefulShutdownSeconds *int
+	appID                        *string
+	metricsEnabled               *bool
+	metricsPort                  *int
+	appPort                      *int
+	config                       *string
+	appProtocol                  *string
+	profileEnabled               *bool
+	logLevel                     *string
+	apiTokenSecret               *string
+	appTokenSecret               *string
+	logAsJSON                    *bool
+	appMaxConcurrency            *int
+	debugEnabled                 *bool
+	debugPort                    *int
+	env                          *string
+	cpuLimit                     *string
+	memoryLimit                  *string
+	cpuRequest                   *string
+	memoryRequest                *string
+	listenAddresses              *string
+	livenessProbeDelay           *int
+	livenessProbeTimeout         *int
+	livenessProbePeriod          *int
+	livenessProbeThreshold       *int
+	readinessProbeDelay          *int
+	readinessProbeTimeout        *int
+	readinessProbePeriod         *int
+	readinessProbeThreshold      *int
+	image                        *string
+	appSSL                       *bool
+	maxRequestBodySize           *int
+	readBufferSize               *int
+	httpStreamRequestBody        *bool
+	gracefulShutdownSeconds      *int
+	enableAPILogging             *bool
+	unixDomainSocketPath         *string
+	volumeMountsReadOnly         *string
+	volumeMountsReadWrite        *string
+	disableBuiltinK8sSecretStore *bool
+	placementHostAddress         *string
 }
 
 type AnnoteOption func(*AnnotateOptions)
@@ -257,3 +263,41 @@ func WithGracefulShutdownSeconds(gracefulShutdownSeconds int) AnnoteOption {
 		config.gracefulShutdownSeconds = &gracefulShutdownSeconds
 	}
 }
+
+func WithEnableAPILogging() AnnoteOption {
+	return func(config *AnnotateOptions) {
+		enabled := true
+		config.enableAPILogging = &enabled
+	}
+}
+
+func WithUnixDomainSocketPath(unixDomainSocketPath string) AnnoteOption {
+	return func(config *AnnotateOptions) {
+		config.unixDomainSocketPath = &unixDomainSocketPath
+	}
+}
+
+func WithVolumeMountsReadOnly(volumeMountsReadOnly string) AnnoteOption {
+	return func(config *AnnotateOptions) {
+		config.volumeMountsReadOnly = &volumeMountsReadOnly
+	}
+}
+
+func WithVolumeMountsReadWrite(volumeMountsReadWrite string) AnnoteOption {
+	return func(config *AnnotateOptions) {
+		config.volumeMountsReadWrite = &volumeMountsReadWrite
+	}
+}
+
+func WithDisableBuiltinK8sSecretStore() AnnoteOption {
+	return func(config *AnnotateOptions) {
+		enabled := true
+		config.disableBuiltinK8sSecretStore = &enabled
+	}
+}
+
+func WithPlacementHostAddress(placementHostAddress string) AnnoteOption {
+	return func(config *AnnotateOptions) {
+		config.placementHostAddress = &placementHostAddress
+	}
+}
diff --git a/pkg/kubernetes/annotator_test.go b/pkg/kubernetes/annotator_test.go
index 77b4068f4..981451441 100644
--- a/pkg/kubernetes/annotator_test.go
+++ b/pkg/kubernetes/annotator_test.go
@@ -372,6 +372,10 @@ func TestGetDaprAnnotations(t *testing.T) {
 		readinessProbeTimeout := 60
 		logLevel := "debug"
 		gracefulShutdownSeconds := 10
+		unixDomainSocketPath := "/tmp/dapr.sock"
+		volumeMountsReadOnly := "vm1:/tmp/path1,vm2:/tmp/path2"
+		volumeMountsReadWrite := "vm3:/tmp/path3"
+		placementHostAddress := "127.0.0.1:50057,127.0.0.1:50058"
 
 		opts := NewAnnotateOptions(
 			WithAppID(appID),
@@ -408,6 +412,12 @@ func TestGetDaprAnnotations(t *testing.T) {
 			WithLogLevel(logLevel),
 			WithHTTPStreamRequestBody(),
 			WithGracefulShutdownSeconds(gracefulShutdownSeconds),
+			WithEnableAPILogging(),
+			WithUnixDomainSocketPath(unixDomainSocketPath),
+			WithVolumeMountsReadOnly(volumeMountsReadOnly),
+			WithVolumeMountsReadWrite(volumeMountsReadWrite),
+			WithDisableBuiltinK8sSecretStore(),
+			WithPlacementHostAddress(placementHostAddress),
 		)
 
 		annotations := getDaprAnnotations(&opts)
@@ -447,5 +457,11 @@ func TestGetDaprAnnotations(t *testing.T) {
 		assert.Equal(t, fmt.Sprintf("%d", readBufferSize), annotations[daprReadBufferSizeKey])
 		assert.Equal(t, "true", annotations[daprHTTPStreamRequestBodyKey])
 		assert.Equal(t, fmt.Sprintf("%d", gracefulShutdownSeconds), annotations[daprGracefulShutdownSecondsKey])
+		assert.Equal(t, "true", annotations[daprEnableAPILoggingKey])
+		assert.Equal(t, unixDomainSocketPath, annotations[daprUnixDomainSocketPathKey])
+		assert.Equal(t, volumeMountsReadOnly, annotations[daprVolumeMountsReadOnlyKey])
+		assert.Equal(t, volumeMountsReadWrite, annotations[daprVolumeMountsReadWriteKey])
+		assert.Equal(t, "true", annotations[daprDisableBuiltinK8sSecretStoreKey])
+		assert.Equal(t, placementHostAddress, annotations[daprPlacementHostAddressKey])
 	})
 }