From 3534d946292a6e59a8461b330ac43b606cc2aa14 Mon Sep 17 00:00:00 2001 From: ItielOlenick <67790309+ItielOlenick@users.noreply.github.com> Date: Mon, 25 Nov 2024 20:10:07 +0200 Subject: [PATCH 01/10] Only mounting and using secret when TA is deployed --- internal/manifests/collector/configmap.go | 2 +- internal/manifests/collector/container.go | 2 +- internal/manifests/collector/volume.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index b611dea178..ddd51eacc6 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -45,7 +45,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { replaceCfgOpts := []ta.TAOption{} - if params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { + if params.otelcol.Spec.TargetAllocator.Enabled && params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig( filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorCAFileName), filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorTLSCertFileName), diff --git a/internal/manifests/collector/container.go b/internal/manifests/collector/container.go index f499f08c55..e0a5bcddd5 100644 --- a/internal/manifests/collector/container.go +++ b/internal/manifests/collector/container.go @@ -85,7 +85,7 @@ func Container(cfg config.Config, logger logr.Logger, otelcol v1beta1.OpenTeleme }) } - if cfg.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { + if otelcol.Spec.TargetAllocator.Enabled && cfg.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { volumeMounts = append(volumeMounts, corev1.VolumeMount{ Name: naming.TAClientCertificate(otelcol.Name), diff --git a/internal/manifests/collector/volume.go b/internal/manifests/collector/volume.go index f1bd201056..e59108b5c7 100644 --- a/internal/manifests/collector/volume.go +++ b/internal/manifests/collector/volume.go @@ -43,7 +43,7 @@ func Volumes(cfg config.Config, otelcol v1beta1.OpenTelemetryCollector) []corev1 }, }} - if cfg.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { + if otelcol.Spec.TargetAllocator.Enabled && cfg.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { volumes = append(volumes, corev1.Volume{ Name: naming.TAClientCertificate(otelcol.Name), VolumeSource: corev1.VolumeSource{ From 0551a98b84e7f538e294ec337b09400434cfec2a Mon Sep 17 00:00:00 2001 From: ItielOlenick Date: Mon, 25 Nov 2024 20:45:17 +0200 Subject: [PATCH 02/10] Typo --- internal/manifests/collector/configmap.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/manifests/collector/configmap.go b/internal/manifests/collector/configmap.go index ddd51eacc6..3f68362354 100644 --- a/internal/manifests/collector/configmap.go +++ b/internal/manifests/collector/configmap.go @@ -45,7 +45,7 @@ func ConfigMap(params manifests.Params) (*corev1.ConfigMap, error) { replaceCfgOpts := []ta.TAOption{} - if params.otelcol.Spec.TargetAllocator.Enabled && params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { + if params.OtelCol.Spec.TargetAllocator.Enabled && params.Config.CertManagerAvailability() == certmanager.Available && featuregate.EnableTargetAllocatorMTLS.IsEnabled() { replaceCfgOpts = append(replaceCfgOpts, ta.WithTLSConfig( filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorCAFileName), filepath.Join(constants.TACollectorTLSDirPath, constants.TACollectorTLSCertFileName), From 7a79acfa8311ab3c9c0eda5f8a24716600501e1f Mon Sep 17 00:00:00 2001 From: ItielOlenick Date: Sun, 1 Dec 2024 20:34:49 +0200 Subject: [PATCH 03/10] Fixed unit tests --- internal/manifests/collector/container_test.go | 2 ++ internal/manifests/collector/volume_test.go | 1 + 2 files changed, 3 insertions(+) diff --git a/internal/manifests/collector/container_test.go b/internal/manifests/collector/container_test.go index 3f48fc26da..66ef5394e4 100644 --- a/internal/manifests/collector/container_test.go +++ b/internal/manifests/collector/container_test.go @@ -873,6 +873,8 @@ func TestContainerWithCertManagerAvailable(t *testing.T) { flgs := featuregate.Flags(colfg.GlobalRegistry()) err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + otelcol.Spec.TargetAllocator.Enabled = true + require.NoError(t, err) // test diff --git a/internal/manifests/collector/volume_test.go b/internal/manifests/collector/volume_test.go index 03747d519e..56e0268871 100644 --- a/internal/manifests/collector/volume_test.go +++ b/internal/manifests/collector/volume_test.go @@ -106,6 +106,7 @@ func TestVolumeWithTargetAllocatorMTLS(t *testing.T) { flgs := featuregate.Flags(colfg.GlobalRegistry()) err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + otelcol.Spec.TargetAllocator.Enabled = true require.NoError(t, err) volumes := Volumes(cfg, otelcol) From e5aadafb55f907649850495f5539966f1367d2af Mon Sep 17 00:00:00 2001 From: ItielOlenick Date: Tue, 3 Dec 2024 19:08:20 +0200 Subject: [PATCH 04/10] Added changelog and tests --- ...oyed-and-mTLS-feature-gate-is-enabled.yaml | 16 ++++++ .../manifests/collector/configmap_test.go | 55 +++++++++++++++++++ .../manifests/collector/container_test.go | 20 +++++++ internal/manifests/collector/volume_test.go | 21 +++++++ 4 files changed, 112 insertions(+) create mode 100755 .chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml diff --git a/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml b/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml new file mode 100755 index 0000000000..f43ac5126b --- /dev/null +++ b/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: bug_fix + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Prevent mounting secrets to collector when TA is not deployed and mTLS feature gate is enabled + +# One or more tracking issues related to the change +issues: [3456] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: diff --git a/internal/manifests/collector/configmap_test.go b/internal/manifests/collector/configmap_test.go index a6469704ea..3adebcaedb 100644 --- a/internal/manifests/collector/configmap_test.go +++ b/internal/manifests/collector/configmap_test.go @@ -182,4 +182,59 @@ service: assert.NoError(t, err) }) + + t.Run("Should return expected collector config map without mTLS config", func(t *testing.T) { + expectedData := map[string]string{ + "collector.yaml": `exporters: + debug: +receivers: + prometheus: + config: + scrape_configs: + - job_name: serviceMonitor/test/test/0 + static_configs: + - targets: ["prom.domain:1001", "prom.domain:1002", "prom.domain:1003"] + labels: + my: label + file_sd_configs: + - files: + - file2.json +service: + pipelines: + metrics: + exporters: + - debug + receivers: + - prometheus +`, + } + + param, err := newParams("test/test-img", "testdata/http_sd_config_servicemonitor_test.yaml", config.WithCertManagerAvailability(certmanager.Available)) + require.NoError(t, err) + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err = flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + param.TargetAllocator = nil + require.NoError(t, err) + + hash, _ := manifestutils.GetConfigMapSHA(param.OtelCol.Spec.Config) + expectedName := naming.ConfigMap("test", hash) + + expectedLables["app.kubernetes.io/component"] = "opentelemetry-collector" + expectedLables["app.kubernetes.io/name"] = "test-collector" + expectedLables["app.kubernetes.io/version"] = "latest" + + actual, err := ConfigMap(param) + + assert.NoError(t, err) + assert.Equal(t, expectedName, actual.Name) + assert.Equal(t, expectedLables, actual.Labels) + assert.Equal(t, len(expectedData), len(actual.Data)) + for k, expected := range expectedData { + assert.YAMLEq(t, expected, actual.Data[k]) + } + + // Reset the value + expectedLables["app.kubernetes.io/version"] = "0.47.0" + assert.NoError(t, err) + }) } diff --git a/internal/manifests/collector/container_test.go b/internal/manifests/collector/container_test.go index 66ef5394e4..74ea4b1aaa 100644 --- a/internal/manifests/collector/container_test.go +++ b/internal/manifests/collector/container_test.go @@ -886,3 +886,23 @@ func TestContainerWithCertManagerAvailable(t *testing.T) { MountPath: constants.TACollectorTLSDirPath, }) } + +func TestContainerWithFeaturegateEnabledButTADisabled(t *testing.T) { + otelcol := v1beta1.OpenTelemetryCollector{} + + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + + require.NoError(t, err) + + // test + c := Container(cfg, logger, otelcol, true) + + // verify + assert.NotContains(t, c.VolumeMounts, corev1.VolumeMount{ + Name: naming.TAClientCertificate(""), + MountPath: constants.TACollectorTLSDirPath, + }) +} diff --git a/internal/manifests/collector/volume_test.go b/internal/manifests/collector/volume_test.go index 56e0268871..4a3394dc8f 100644 --- a/internal/manifests/collector/volume_test.go +++ b/internal/manifests/collector/volume_test.go @@ -141,4 +141,25 @@ func TestVolumeWithTargetAllocatorMTLS(t *testing.T) { volumes := Volumes(cfg, otelcol) assert.NotContains(t, volumes, corev1.Volume{Name: naming.TAClientCertificate(otelcol.Name)}) }) + + t.Run("Feature gate enabled but TargetAllocator disabled", func(t *testing.T) { + otelcol := v1beta1.OpenTelemetryCollector{} + cfg := config.New(config.WithCertManagerAvailability(certmanager.Available)) + + flgs := featuregate.Flags(colfg.GlobalRegistry()) + err := flgs.Parse([]string{"--feature-gates=operator.targetallocator.mtls"}) + + require.NoError(t, err) + + volumes := Volumes(cfg, otelcol) + unexpectedVolume := corev1.Volume{ + Name: naming.TAClientCertificate(otelcol.Name), + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: naming.TAClientCertificateSecretName(otelcol.Name), + }, + }, + } + assert.NotContains(t, volumes, unexpectedVolume) + }) } From eba803c869d82b25cc4f091a35b57671842c90de Mon Sep 17 00:00:00 2001 From: ItielOlenick Date: Thu, 2 Jan 2025 22:10:18 +0200 Subject: [PATCH 05/10] Added e2e test --- .../ta-disabled/00-assert.yaml | 33 ++++++++ .../ta-disabled/00-install.yaml | 76 +++++++++++++++++++ .../ta-disabled/chainsaw-test.yaml | 18 +++++ 3 files changed, 127 insertions(+) create mode 100644 tests/e2e-ta-collector-mtls/ta-disabled/00-assert.yaml create mode 100644 tests/e2e-ta-collector-mtls/ta-disabled/00-install.yaml create mode 100755 tests/e2e-ta-collector-mtls/ta-disabled/chainsaw-test.yaml diff --git a/tests/e2e-ta-collector-mtls/ta-disabled/00-assert.yaml b/tests/e2e-ta-collector-mtls/ta-disabled/00-assert.yaml new file mode 100644 index 0000000000..c4936ebfc2 --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-disabled/00-assert.yaml @@ -0,0 +1,33 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: prometheus-cr-collector +status: + readyReplicas: 1 + replicas: 1 +--- +apiVersion: v1 +data: + collector.yaml: | + receivers: + otlp: + protocols: + grpc: + endpoint: 0.0.0.0:4317 + http: + endpoint: 0.0.0.0:4318 + exporters: + debug: null + service: + telemetry: + metrics: + address: 0.0.0.0:8888 + pipelines: + traces: + exporters: + - debug + receivers: + - otlp +kind: ConfigMap +metadata: + name: prometheus-cr-collector-aec5aa11 diff --git a/tests/e2e-ta-collector-mtls/ta-disabled/00-install.yaml b/tests/e2e-ta-collector-mtls/ta-disabled/00-install.yaml new file mode 100644 index 0000000000..c2630a9eef --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-disabled/00-install.yaml @@ -0,0 +1,76 @@ +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + name: collector +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: (join('-', ['collector', $namespace])) +rules: + - apiGroups: + - "" + resources: + - pods + - nodes + - nodes/metrics + - services + - endpoints + - namespaces + verbs: + - get + - watch + - list + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - watch + - list + - nonResourceURLs: + - /metrics + - /metrics/cadvisor + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: (join('-', ['collector', $namespace])) +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: (join('-', ['collector', $namespace])) +subjects: + - kind: ServiceAccount + name: collector + namespace: ($namespace) +--- +apiVersion: opentelemetry.io/v1alpha1 +kind: OpenTelemetryCollector +metadata: + name: prometheus-cr +spec: + config: | + receivers: + otlp: + protocols: + grpc: + http: + processors: + + exporters: + debug: + + service: + pipelines: + traces: + receivers: [otlp] + exporters: [debug] + mode: statefulset + serviceAccount: collector + targetAllocator: + enabled: false diff --git a/tests/e2e-ta-collector-mtls/ta-disabled/chainsaw-test.yaml b/tests/e2e-ta-collector-mtls/ta-disabled/chainsaw-test.yaml new file mode 100755 index 0000000000..614a1ed66d --- /dev/null +++ b/tests/e2e-ta-collector-mtls/ta-disabled/chainsaw-test.yaml @@ -0,0 +1,18 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json +apiVersion: chainsaw.kyverno.io/v1alpha1 +kind: Test +metadata: + creationTimestamp: null + name: ta-disabled +spec: + steps: + - name: step-00 + try: + - apply: + template: true + file: 00-install.yaml + - assert: + file: 00-assert.yaml + catch: + - podLogs: + selector: app.kubernetes.io/managed-by=opentelemetry-operator From cedd152bafb5a0b059158ee2d97207ca1a6709e1 Mon Sep 17 00:00:00 2001 From: ItielOlenick Date: Sun, 5 Jan 2025 11:05:38 +0200 Subject: [PATCH 06/10] Modified tests --- .../ta-disabled/00-assert.yaml | 25 +++++-- .../ta-disabled/00-install.yaml | 75 +++++-------------- 2 files changed, 36 insertions(+), 64 deletions(-) diff --git a/tests/e2e-ta-collector-mtls/ta-disabled/00-assert.yaml b/tests/e2e-ta-collector-mtls/ta-disabled/00-assert.yaml index c4936ebfc2..548b61d96b 100644 --- a/tests/e2e-ta-collector-mtls/ta-disabled/00-assert.yaml +++ b/tests/e2e-ta-collector-mtls/ta-disabled/00-assert.yaml @@ -10,12 +10,25 @@ apiVersion: v1 data: collector.yaml: | receivers: - otlp: + jaeger: protocols: grpc: - endpoint: 0.0.0.0:4317 - http: - endpoint: 0.0.0.0:4318 + endpoint: 0.0.0.0:14250 + prometheus: + config: + global: + scrape_interval: 30s + scrape_protocols: + - PrometheusProto + - OpenMetricsText1.0.0 + - OpenMetricsText0.0.1 + - PrometheusText0.0.4 + scrape_configs: + - job_name: otel-collector + scrape_interval: 10s + static_configs: + - targets: + - 0.0.0.0:8888 exporters: debug: null service: @@ -27,7 +40,7 @@ data: exporters: - debug receivers: - - otlp + - jaeger kind: ConfigMap metadata: - name: prometheus-cr-collector-aec5aa11 + name: prometheus-cr-collector-7a42612e diff --git a/tests/e2e-ta-collector-mtls/ta-disabled/00-install.yaml b/tests/e2e-ta-collector-mtls/ta-disabled/00-install.yaml index c2630a9eef..72c7665c9d 100644 --- a/tests/e2e-ta-collector-mtls/ta-disabled/00-install.yaml +++ b/tests/e2e-ta-collector-mtls/ta-disabled/00-install.yaml @@ -1,54 +1,3 @@ -apiVersion: v1 -automountServiceAccountToken: true -kind: ServiceAccount -metadata: - name: collector ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: (join('-', ['collector', $namespace])) -rules: - - apiGroups: - - "" - resources: - - pods - - nodes - - nodes/metrics - - services - - endpoints - - namespaces - verbs: - - get - - watch - - list - - apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - get - - watch - - list - - nonResourceURLs: - - /metrics - - /metrics/cadvisor - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: (join('-', ['collector', $namespace])) -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: (join('-', ['collector', $namespace])) -subjects: - - kind: ServiceAccount - name: collector - namespace: ($namespace) ---- apiVersion: opentelemetry.io/v1alpha1 kind: OpenTelemetryCollector metadata: @@ -56,21 +5,31 @@ metadata: spec: config: | receivers: - otlp: - protocols: - grpc: - http: + jaeger: + protocols: + grpc: + + # Collect own metrics + prometheus: + config: + global: + scrape_interval: 30s + scrape_protocols: ['PrometheusProto','OpenMetricsText1.0.0','OpenMetricsText0.0.1','PrometheusText0.0.4'] + scrape_configs: + - job_name: 'otel-collector' + scrape_interval: 10s + static_configs: + - targets: [ '0.0.0.0:8888' ] + processors: exporters: debug: - service: pipelines: traces: - receivers: [otlp] + receivers: [jaeger] exporters: [debug] mode: statefulset - serviceAccount: collector targetAllocator: enabled: false From ac654251ec8d151e337ebe61518273b8b98f29a7 Mon Sep 17 00:00:00 2001 From: ItielOlenick Date: Sun, 5 Jan 2025 11:10:07 +0200 Subject: [PATCH 07/10] Updated changelog --- ...eployed-and-mTLS-feature-gate-is-enabled.yaml | 16 ---------------- .chloggen/operator32.yaml | 16 ---------------- CHANGELOG.md | 10 ++++++++++ 3 files changed, 10 insertions(+), 32 deletions(-) delete mode 100755 .chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml delete mode 100644 .chloggen/operator32.yaml diff --git a/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml b/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml deleted file mode 100755 index f43ac5126b..0000000000 --- a/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: bug_fix - -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: collector - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Prevent mounting secrets to collector when TA is not deployed and mTLS feature gate is enabled - -# One or more tracking issues related to the change -issues: [3456] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/.chloggen/operator32.yaml b/.chloggen/operator32.yaml deleted file mode 100644 index 43c60adcb1..0000000000 --- a/.chloggen/operator32.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: 'enhancement' - -# The name of the component, or a single word describing the area of concern, (e.g. operator, target allocator, github action) -component: operator - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: Support for Kubernetes `1.32` version. - -# One or more tracking issues related to the change -issues: [ ] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: diff --git a/CHANGELOG.md b/CHANGELOG.md index 05a2cb6ac6..0a09d2e21d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ +## vTODO + +### 💡 Enhancements 💡 + +- `operator`: Support for Kubernetes `1.32` version. () + +### 🧰 Bug fixes 🧰 + +- `collector`: Prevent mounting secrets to collector when TA is not deployed and mTLS feature gate is enabled (#3456) + ## 0.116.0 ### 💡 Enhancements 💡 From cd4e141a07bc7d77c1b0c69fcff994ef2db00818 Mon Sep 17 00:00:00 2001 From: ItielOlenick Date: Sun, 5 Jan 2025 11:16:38 +0200 Subject: [PATCH 08/10] Readded changelog --- CHANGELOG.md | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0a09d2e21d..05a2cb6ac6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,16 +2,6 @@ -## vTODO - -### 💡 Enhancements 💡 - -- `operator`: Support for Kubernetes `1.32` version. () - -### 🧰 Bug fixes 🧰 - -- `collector`: Prevent mounting secrets to collector when TA is not deployed and mTLS feature gate is enabled (#3456) - ## 0.116.0 ### 💡 Enhancements 💡 From 1989a2123d032cd7045ff21c3408c10ab519b51d Mon Sep 17 00:00:00 2001 From: ItielOlenick Date: Sun, 5 Jan 2025 11:16:44 +0200 Subject: [PATCH 09/10] Readded changelog --- ...eployed-and-mTLS-feature-gate-is-enabled.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100755 .chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml diff --git a/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml b/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml new file mode 100755 index 0000000000..f43ac5126b --- /dev/null +++ b/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: bug_fix + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: collector + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Prevent mounting secrets to collector when TA is not deployed and mTLS feature gate is enabled + +# One or more tracking issues related to the change +issues: [3456] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: From ce550b3a7157435980dc6ba80ce7e49507ab465f Mon Sep 17 00:00:00 2001 From: ItielOlenick Date: Sun, 5 Jan 2025 11:17:54 +0200 Subject: [PATCH 10/10] dummy commit --- ...A-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml b/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml index f43ac5126b..93cd9107e0 100755 --- a/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml +++ b/.chloggen/Fix-Prevent-mounting-secrets-to-collector-when-TA-is-not-deployed-and-mTLS-feature-gate-is-enabled.yaml @@ -1,16 +1,9 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' change_type: bug_fix -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) component: collector -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). note: Prevent mounting secrets to collector when TA is not deployed and mTLS feature gate is enabled -# One or more tracking issues related to the change issues: [3456] -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. subtext: