Devops 831 fix env var cleanup upon change (#23)

* redo patch env var function
introduce annotations to save agent args for future cleanup

* fix updating same container 2 times within the same apply to kube api
add tests

* remove comment

* add test cases
#minor

* bump github actions deps

* replace append with proper Delete func
rename test

Author: Leonid Podolinskiy

.github/workflows/e2e.yaml

@@ -20,10 +20,10 @@ jobs:
         ports:
           - 5000:5000
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Setup Go environment
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v5
         with:
           go-version: "1.22"
 
@@ -83,7 +83,7 @@ jobs:
           kubectl wait --timeout=120s --for=condition=Ready node/$(echo $HOSTNAME| awk '{print tolower($0)}')
 
       - name: Build and push to local repo
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: .
           push: true

.github/workflows/init_container.yaml

@@ -4,35 +4,46 @@ on:
   workflow_dispatch:
     inputs:
       release_tag:
-        description: 'Release tag of the agent'     
+        description: "Release tag of the agent"
         required: true
       init_image_tag:
-        description: 'Image tag'  
+        description: "Image tag"
         required: true
         default: "0"
       force:
-        description: 'Force build'  
+        description: "Force build"
         required: false
         default: "false"
 
-
-
-jobs:  
+jobs:
   set_image_tag_variable:
     strategy:
       matrix:
-        agents: [
-          {name: "linux", file: "agent.zip", platform: "linux/amd64"},
-          {name: "alpine", file: "agent-alpine.zip", platform: "linux/amd64"},
-          {name: "linux-arm64", file: "agent-arm64.zip", platform: "linux/arm64"},
-          {name: "alpine-arm64", file: "agent-alpine-arm64.zip", platform: "linux/arm64"}
-        ]
+        agents:
+          [
+            { name: "linux", file: "agent.zip", platform: "linux/amd64" },
+            {
+              name: "alpine",
+              file: "agent-alpine.zip",
+              platform: "linux/amd64",
+            },
+            {
+              name: "linux-arm64",
+              file: "agent-arm64.zip",
+              platform: "linux/arm64",
+            },
+            {
+              name: "alpine-arm64",
+              file: "agent-alpine-arm64.zip",
+              platform: "linux/arm64",
+            },
+          ]
     runs-on: ubuntu-latest
     name: Build and push Docker image
     steps:
-    - name: Set release tag
-      shell: bash
-      run: |
+      - name: Set release tag
+        shell: bash
+        run: |
           # check that tag is matching regex x.y.x-release.<commit hash> or force flag is enabled
           if [[ ! ${{ inputs.release_tag }} =~ ^[0-9]+\.[0-9]+\.[0-9]+-release\.[0-9a-f]+$ ]] ; then
             echo "Tag ${{ inputs.release_tag }} is not matching regex x.y.x-release.<commithash>"
@@ -43,81 +54,78 @@ jobs:
             fi
           fi
           echo "TAG_NAME=$(echo ${{ inputs.release_tag }} | sed -E 's/^([0-9]*\.[0-9]*\.[0-9]*).*/\1/')-init.${{ inputs.init_image_tag }}"  >> "$GITHUB_OUTPUT"
-      id: set_tag
+        id: set_tag
 
-    - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
-    - name: Set up QEMU
-      uses: docker/setup-qemu-action@v3
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
 
-    - name: Login to DockerHub
-      if: ${{ success() }}
-      uses: docker/login-action@v2
-      with:
-        username: ${{ secrets.DOCKERHUB_USER }}
-        password: ${{ secrets.DOCKERHUB_PASS }}
-    
+      - name: Login to DockerHub
+        if: ${{ success() }}
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USER }}
+          password: ${{ secrets.DOCKERHUB_PASS }}
 
-    - name: Configure AWS credentials for artifacts bucket
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.RELEASE_ARTIFACTS_MANAGER_KEY }}
-        aws-secret-access-key: ${{ secrets.RELEASE_ARTIFACTS_MANAGER_SECRET }}
-        aws-region: us-east-1
+      - name: Configure AWS credentials for artifacts bucket
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.RELEASE_ARTIFACTS_MANAGER_KEY }}
+          aws-secret-access-key: ${{ secrets.RELEASE_ARTIFACTS_MANAGER_SECRET }}
+          aws-region: us-east-1
 
-    - name: Set docker image tags
-      id: set_docker_tags
-      run: |
-        python3 -m pip install semver
-        existing_tags=()
-        dockerhub_tags=$(curl -s   "https://hub.docker.com/v2/namespaces/lightruncom/repositories/k8s-operator-init-java-agent-${{ matrix.agents.name }}/tags?page_size=50" | jq -r ".results[].name")
-        if [[ $? -ne  0 ]] ; then
-          echo "Failed to fetch existing tags"
-          exit 1
-        fi
-        while IFS= read -r line; do
-          existing_tags+=("$line")
-        done < <(echo $dockerhub_tags)
-        for tag in $existing_tags
-        do
-          if [[ "$tag" == "latest" ]] ; then
-            continue
+      - name: Set docker image tags
+        id: set_docker_tags
+        run: |
+          python3 -m pip install semver
+          existing_tags=()
+          dockerhub_tags=$(curl -s   "https://hub.docker.com/v2/namespaces/lightruncom/repositories/k8s-operator-init-java-agent-${{ matrix.agents.name }}/tags?page_size=50" | jq -r ".results[].name")
+          if [[ $? -ne  0 ]] ; then
+            echo "Failed to fetch existing tags"
+            exit 1
           fi
-          echo "Comparing existing tag: $tag with new: ${{steps.set_tag.outputs.TAG_NAME}}"
-          if [[ $(pysemver compare $tag ${{steps.set_tag.outputs.TAG_NAME}}) -ge 0 ]] ; then
-            echo "Existing tag: $tag is greater or equal than new: ${{ inputs.release_tag }}. Skip adding latest tag"
-            echo "DOCKER_TAGS=lightruncom/k8s-operator-init-java-agent-${{ matrix.agents.name }}:${{steps.set_tag.outputs.TAG_NAME}}"  >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-        done
-        echo "Adding latest tag to ${{steps.set_tag.outputs.TAG_NAME}}"
-        echo "DOCKER_TAGS=lightruncom/k8s-operator-init-java-agent-${{ matrix.agents.name }}:${{steps.set_tag.outputs.TAG_NAME}},lightruncom/k8s-operator-init-java-agent-${{ matrix.agents.name }}:latest"  >> "$GITHUB_OUTPUT"
-
-    - name: Download agent artifacts
-      run: |
-        aws s3 cp s3://${{ secrets.RELEASE_ARTIFACTS_BUCKET }}/artifacts/${{ inputs.release_tag }}/${{ matrix.agents.file }} ./lightrun-init-agent/
-
+          while IFS= read -r line; do
+            existing_tags+=("$line")
+          done < <(echo $dockerhub_tags)
+          for tag in $existing_tags
+          do
+            if [[ "$tag" == "latest" ]] ; then
+              continue
+            fi
+            echo "Comparing existing tag: $tag with new: ${{steps.set_tag.outputs.TAG_NAME}}"
+            if [[ $(pysemver compare $tag ${{steps.set_tag.outputs.TAG_NAME}}) -ge 0 ]] ; then
+              echo "Existing tag: $tag is greater or equal than new: ${{ inputs.release_tag }}. Skip adding latest tag"
+              echo "DOCKER_TAGS=lightruncom/k8s-operator-init-java-agent-${{ matrix.agents.name }}:${{steps.set_tag.outputs.TAG_NAME}}"  >> "$GITHUB_OUTPUT"
+              exit 0
+            fi
+          done
+          echo "Adding latest tag to ${{steps.set_tag.outputs.TAG_NAME}}"
+          echo "DOCKER_TAGS=lightruncom/k8s-operator-init-java-agent-${{ matrix.agents.name }}:${{steps.set_tag.outputs.TAG_NAME}},lightruncom/k8s-operator-init-java-agent-${{ matrix.agents.name }}:latest"  >> "$GITHUB_OUTPUT"
 
-    - name: Build and push ${{ matrix.agents.name }} container
-      uses: docker/build-push-action@v4
-      with:
-        context: .
-        file: ./lightrun-init-agent/Dockerfile
-        push: true
-        platforms: ${{ matrix.agents.platform }}
-        tags: ${{steps.set_docker_tags.outputs.DOCKER_TAGS}}
-        build-args: |
-          FILE=${{ matrix.agents.file }}
+      - name: Download agent artifacts
+        run: |
+          aws s3 cp s3://${{ secrets.RELEASE_ARTIFACTS_BUCKET }}/artifacts/${{ inputs.release_tag }}/${{ matrix.agents.file }} ./lightrun-init-agent/
 
+      - name: Build and push ${{ matrix.agents.name }} container
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ./lightrun-init-agent/Dockerfile
+          push: true
+          platforms: ${{ matrix.agents.platform }}
+          tags: ${{steps.set_docker_tags.outputs.DOCKER_TAGS}}
+          build-args: |
+            FILE=${{ matrix.agents.file }}
 
-    - name: Slack Notification
-      if: always()
-      uses: rtCamp/action-slack-notify@v2.2.0
-      env:
-        SLACK_CHANNEL: devops-alerts
-        SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff'
-        SLACK_MESSAGE: "Tag ${{ inputs.release_tag }} | Platform ${{ matrix.agents.name }}"
-        SLACK_TITLE: Init contianer build status - ${{ job.status }}
-        SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
+      - name: Slack Notification
+        if: always()
+        uses: rtCamp/action-slack-notify@v2.2.0
+        env:
+          SLACK_CHANNEL: devops-alerts
+          SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff'
+          SLACK_MESSAGE: "Tag ${{ inputs.release_tag }} | Platform ${{ matrix.agents.name }}"
+          SLACK_TITLE: Init contianer build status - ${{ job.status }}
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}

.github/workflows/release.yaml

@@ -21,12 +21,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           path: "helm-repo"
           ref: "helm-repo"
@@ -42,7 +42,7 @@ jobs:
           WITH_V: false
 
       - name: Setup Go environment
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v5
         with:
           go-version: "1.22"
 
@@ -63,7 +63,7 @@ jobs:
 
       - name: Login to DockerHub
         if: ${{ success() }}
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USER }}
           password: ${{ secrets.DOCKERHUB_PASS }}
@@ -74,7 +74,7 @@ jobs:
         uses: docker/setup-buildx-action@v3
 
       - name: Build and push
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: .
           push: true
@@ -85,7 +85,7 @@ jobs:
 
       - name: Create Release
         if: ${{ success() }}
-        uses: ncipollo/release-action@v1.10.0
+        uses: ncipollo/release-action@v1.14.0
         with:
           artifacts: helm-repo/lightrun-k8s-operator-${{steps.release_tag.outputs.new_tag}}.tgz
           tag: ${{steps.release_tag.outputs.new_tag}}

internal/controller/helpers.go

@@ -2,8 +2,10 @@ package controller
 
 import (
 	"context"
+	"errors"
 	"hash/fnv"
 	"sort"
+	"strings"
 	"time"
 
 	agentv1beta "github.com/lightrun-platform/lightrun-k8s-operator/api/v1beta"
@@ -226,3 +228,30 @@ func SetStatusCondition(conditions *[]metav1.Condition, newCondition metav1.Cond
 	existingCondition.Message = newCondition.Message
 	existingCondition.ObservedGeneration = newCondition.ObservedGeneration
 }
+
+func agentEnvVarArgument(mountPath string, agentCliFlags string) (string, error) {
+	agentArg := " -agentpath:" + mountPath + "/agent/lightrun_agent.so"
+	if agentCliFlags != "" {
+		agentArg += "=" + agentCliFlags
+		if len(agentArg) > 1024 {
+			return "", errors.New("agentpath with agentCliFlags has more than 1024 chars. This is a limitation of Java")
+		}
+	}
+	return agentArg, nil
+}
+
+// Removes from env var value. Removes env var from the list if value is empty after the update
+func unpatchEnvVarValue(origValue string, removalValue string) string {
+	value := strings.ReplaceAll(origValue, removalValue, "")
+	return value
+}
+
+// Return index if the env var in the []corev1.EnvVar, otherwise -1
+func findEnvVarIndex(envVarName string, envVarList []corev1.EnvVar) int {
+	for i, envVar := range envVarList {
+		if envVar.Name == envVarName {
+			return i
+		}
+	}
+	return -1
+}