Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

operator: Refactor handling of credentials in managed-auth mode #11920

Merged
merged 13 commits into from
Feb 13, 2024
Merged

operator: Refactor handling of credentials in managed-auth mode #11920

merged 13 commits into from
Feb 13, 2024

Conversation

xperimental
Copy link
Collaborator

What this PR does / why we need it:

This PR builds on the integration of token and managed token credentials modes for AWS, Azure and GCP and tries to simplify the approach taken. It combines a few different things, maybe it makes sense to split some of it up into separate PRs:

  • Remove separate controller for CredentialsRequest, the resource is now created in the same namespace as the LokiStack simplifying the dependency management
  • Fix issue with CredentialsRequest not containing the ruler ServiceAccount
  • Reconcile contents of CredentialsRequest on subsequent reconciliation runs (like other resources)
  • Show what type of credential (static, token, managed) is used in status of LokiStack
  • Use same paths / volume names across the different cloud providers
  • Only read environment configuration (for managed auth) once at operator startup

Which issue(s) this PR fixes:

  • CredentialsRequest does not contain ruler account (LOG-5061)

Special notes for your reviewer:

Checklist

  • Reviewed the CONTRIBUTING.md guide (required)
  • Tests updated
  • CHANGELOG.md updated

@xperimental xperimental self-assigned this Feb 12, 2024
@xperimental xperimental requested review from periklis and a team as code owners February 12, 2024 15:40
periklis
periklis reviewed Feb 12, 2024
View reviewed changes
Copy link
Collaborator

@periklis periklis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

operator/controllers/loki/lokistack_controller.go Show resolved Hide resolved
@periklis periklis merged commit 6c5c347 into grafana:main Feb 13, 2024
15 checks passed
@xperimental xperimental deleted the refactor-cco branch February 13, 2024 11:06
rhnasc pushed a commit to inloco/loki that referenced this pull request Apr 12, 2024
@xperimental @rhnasc
operator: Refactor handling of credentials in managed-auth mode (graf…
5178656 
…ana#11920)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@periklis periklis periklis approved these changes

Assignees

@xperimental xperimental

Labels
sig/operator size/XXL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@xperimental @periklis