Skip to content

Commit

Permalink
Merge pull request #259 from philbrookes/gh-143-2
Browse files Browse the repository at this point in the history
More updates to health check spec.
  • Loading branch information
philbrookes authored Oct 2, 2024
2 parents dab8598 + e68d71f commit d0cab9e
Show file tree
Hide file tree
Showing 8 changed files with 158 additions and 35 deletions.
38 changes: 27 additions & 11 deletions api/v1alpha1/dnsrecord_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,31 +26,47 @@ import (
"github.com/kuadrant/dns-operator/internal/common/hash"
)

type HealthProtocol string
type Protocol string

const HttpProtocol HealthProtocol = "HTTP"
const HttpsProtocol HealthProtocol = "HTTPS"
const HttpProtocol Protocol = "HTTP"
const HttpsProtocol Protocol = "HTTPS"

// HealthCheckSpec configures health checks in the DNS provider.
// By default this health check will be applied to each unique DNS A Record for
// the listeners assigned to the target gateway
type HealthCheckSpec struct {
// Endpoint is the path to append to the host to reach the expected health check.
// Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common
// +kubebuilder:validation:Pattern=`^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$`
Endpoint string `json:"endpoint,omitempty"`

// Port to connect to the host on. Must be either 80, 443 or 1024-49151
// +kubebuilder:validation:XValidation:rule="self in [80, 443] || (self >= 1024 && self <= 49151)",message="Only ports 80, 443, 1024-49151 are allowed"
Port *int `json:"port,omitempty"`

// Path is the path to append to the host to reach the expected health check.
// Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common
// +kubebuilder:validation:Pattern=`^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$`
Path string `json:"path,omitempty"`
// Protocol to use when connecting to the host, valid values are "HTTP" or "HTTPS"
// +kubebuilder:validation:XValidation:rule="self in ['HTTP','HTTPS']",message="Only HTTP or HTTPS protocols are allowed"
Protocol *HealthProtocol `json:"protocol,omitempty"`

Protocol Protocol `json:"protocol,omitempty"`
// Interval defines how frequently this probe should execute
Interval metav1.Duration `json:"interval,omitempty"`
// AdditionalHeadersRef refers to a secret that contains extra headers to send in the probe request, this is primarily useful if an authentication
// token is required by the endpoint.
AdditionalHeadersRef *AdditionalHeadersRef `json:"additionalHeadersRef,omitempty"`
// FailureThreshold is a limit of consecutive failures that must occur for a host to be considered unhealthy
// +kubebuilder:validation:XValidation:rule="self > 0",message="Failure threshold must be greater than 0"
FailureThreshold *int `json:"failureThreshold,omitempty"`
// AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate
// this is primarily used in development or testing environments
AllowInsecureCertificate bool `json:"allowInsecureCertificate,omitempty"`
}

type AdditionalHeadersRef struct {
Name string `json:"name"`
}

type AdditionalHeaders []AdditionalHeader

type AdditionalHeader struct {
Name string `json:"name"`
Value string `json:"value"`
}

type HealthCheckStatus struct {
Expand Down
56 changes: 53 additions & 3 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion bundle/manifests/dns-operator.clusterserviceversion.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ metadata:
capabilities: Basic Install
categories: Integration & Delivery
containerImage: quay.io/kuadrant/dns-operator:latest
createdAt: "2024-09-11T15:34:57Z"
createdAt: "2024-10-01T10:02:18Z"
description: A Kubernetes Operator to manage the lifecycle of DNS resources
operators.operatorframework.io/builder: operator-sdk-v1.33.0
operators.operatorframework.io/project_layout: go.kubebuilder.io/v4
Expand Down
29 changes: 24 additions & 5 deletions bundle/manifests/kuadrant.io_dnsrecords.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -98,19 +98,38 @@ spec:
By default this health check will be applied to each unique DNS A Record for
the listeners assigned to the target gateway
properties:
endpoint:
additionalHeadersRef:
description: |-
Endpoint is the path to append to the host to reach the expected health check.
Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common
pattern: ^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$
type: string
AdditionalHeadersRef refers to a secret that contains extra headers to send in the probe request, this is primarily useful if an authentication
token is required by the endpoint.
properties:
name:
type: string
required:
- name
type: object
allowInsecureCertificate:
description: |-
AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate
this is primarily used in development or testing environments
type: boolean
failureThreshold:
description: FailureThreshold is a limit of consecutive failures
that must occur for a host to be considered unhealthy
type: integer
x-kubernetes-validations:
- message: Failure threshold must be greater than 0
rule: self > 0
interval:
description: Interval defines how frequently this probe should
execute
type: string
path:
description: |-
Path is the path to append to the host to reach the expected health check.
Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common
pattern: ^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$
type: string
port:
description: Port to connect to the host on. Must be either 80,
443 or 1024-49151
Expand Down
29 changes: 24 additions & 5 deletions charts/dns-operator/templates/manifests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -110,19 +110,38 @@ spec:
By default this health check will be applied to each unique DNS A Record for
the listeners assigned to the target gateway
properties:
endpoint:
additionalHeadersRef:
description: |-
Endpoint is the path to append to the host to reach the expected health check.
Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common
pattern: ^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$
type: string
AdditionalHeadersRef refers to a secret that contains extra headers to send in the probe request, this is primarily useful if an authentication
token is required by the endpoint.
properties:
name:
type: string
required:
- name
type: object
allowInsecureCertificate:
description: |-
AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate
this is primarily used in development or testing environments
type: boolean
failureThreshold:
description: FailureThreshold is a limit of consecutive failures
that must occur for a host to be considered unhealthy
type: integer
x-kubernetes-validations:
- message: Failure threshold must be greater than 0
rule: self > 0
interval:
description: Interval defines how frequently this probe should
execute
type: string
path:
description: |-
Path is the path to append to the host to reach the expected health check.
Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common
pattern: ^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$
type: string
port:
description: Port to connect to the host on. Must be either 80,
443 or 1024-49151
Expand Down
29 changes: 24 additions & 5 deletions config/crd/bases/kuadrant.io_dnsrecords.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -98,19 +98,38 @@ spec:
By default this health check will be applied to each unique DNS A Record for
the listeners assigned to the target gateway
properties:
endpoint:
additionalHeadersRef:
description: |-
Endpoint is the path to append to the host to reach the expected health check.
Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common
pattern: ^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$
type: string
AdditionalHeadersRef refers to a secret that contains extra headers to send in the probe request, this is primarily useful if an authentication
token is required by the endpoint.
properties:
name:
type: string
required:
- name
type: object
allowInsecureCertificate:
description: |-
AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate
this is primarily used in development or testing environments
type: boolean
failureThreshold:
description: FailureThreshold is a limit of consecutive failures
that must occur for a host to be considered unhealthy
type: integer
x-kubernetes-validations:
- message: Failure threshold must be greater than 0
rule: self > 0
interval:
description: Interval defines how frequently this probe should
execute
type: string
path:
description: |-
Path is the path to append to the host to reach the expected health check.
Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common
pattern: ^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$
type: string
port:
description: Port to connect to the host on. Must be either 80,
443 or 1024-49151
Expand Down
6 changes: 3 additions & 3 deletions internal/controller/dnsrecord_controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -152,16 +152,16 @@ var _ = Describe("DNSRecordReconciler", func() {
},
Endpoints: getTestEndpoints("bar.example.com", "127.0.0.1"),
HealthCheck: &v1alpha1.HealthCheckSpec{
Endpoint: "health",
Path: "health",
Port: ptr.To(5),
Protocol: ptr.To(v1alpha1.HealthProtocol("cat")),
Protocol: v1alpha1.Protocol("cat"),
FailureThreshold: ptr.To(-1),
},
},
}
err := k8sClient.Create(ctx, dnsRecord)
Expect(err).To(MatchError(ContainSubstring("spec.rootHost: Invalid value")))
Expect(err).To(MatchError(ContainSubstring("spec.healthCheck.endpoint: Invalid value")))
Expect(err).To(MatchError(ContainSubstring("spec.healthCheck.path: Invalid value")))
Expect(err).To(MatchError(ContainSubstring("Only ports 80, 443, 1024-49151 are allowed")))
Expect(err).To(MatchError(ContainSubstring("Only HTTP or HTTPS protocols are allowed")))
Expect(err).To(MatchError(ContainSubstring("Failure threshold must be greater than 0")))
Expand Down
4 changes: 2 additions & 2 deletions internal/controller/dnsrecord_healthchecks.go
Original file line number Diff line number Diff line change
Expand Up @@ -164,10 +164,10 @@ func getHealthChecksConfig(dnsRecord *v1alpha1.DNSRecord) *healthChecksConfig {
failureThreshold := int64(*dnsRecord.Spec.HealthCheck.FailureThreshold)

return &healthChecksConfig{
Endpoint: dnsRecord.Spec.HealthCheck.Endpoint,
Endpoint: dnsRecord.Spec.HealthCheck.Path,
Port: &port,
FailureThreshold: &failureThreshold,
Protocol: (*provider.HealthCheckProtocol)(dnsRecord.Spec.HealthCheck.Protocol),
Protocol: (*provider.HealthCheckProtocol)(&dnsRecord.Spec.HealthCheck.Protocol),
}
}

Expand Down

0 comments on commit d0cab9e

Please sign in to comment.