Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: expiration date in resource annotations #1631

Merged
merged 10 commits into from
Feb 7, 2024
Merged

feat: expiration date in resource annotations #1631

merged 10 commits into from
Feb 7, 2024

Conversation

parametalol
Copy link
Contributor

@parametalol parametalol commented Feb 1, 2024
edited
Loading

Description

Add expired-at annotation to the namespace, central CR and central CR customization.

Checklist (Definition of Done)

  • Unit and integration tests added
  • Added test description under Test manual
  • Documentation added if necessary (i.e. changes to dev setup, test execution, ...)
  • CI and all relevant tests are passing
  • Add the ticket number to the PR title if available, i.e. ROX-12345: ...
  • Discussed security and business related topics privately. Will move any security and business related topics that arise to private communication channel.
  • Add secret to app-interface Vault or Secrets Manager if necessary
  • RDS changes were e2e tested manually
  • Check AWS limits are reasonable for changes provisioning new resources

Test manual

Namespace annotation

kind: Namespace
metadata:
  annotations:
    rhacs.redhat.com/expired-at: "2024-02-05T12:01:20Z"
    rhacs.redhat.com/org-name: stubbed-name
  creationTimestamp: "2024-02-05T13:43:01Z"
  labels:
    kubernetes.io/metadata.name: rhacs-cn0cp84dvq3t6k6t1sng
    rhacs.redhat.com/org-id: "11009103"
    rhacs.redhat.com/tenant: cn0cp84dvq3t6k6t1sng
  name: rhacs-cn0cp84dvq3t6k6t1sng

Central CR annotation and custom annotation

apiVersion: platform.stackrox.io/v1alpha1
kind: Central
metadata:
  annotations:
    platform.stackrox.io/managed-services: "true"
    rhacs.redhat.com/expired-at: "2024-04-08T00:00:00Z"
    rhacs.redhat.com/org-name: stubbed-name
    rhacs.redhat.com/revision: "11"
  creationTimestamp: "2024-02-05T13:43:01Z"
...
spec:
  central:
    ...
  customize:
    annotations:
      rhacs.redhat.com/cluster-name: ""
      rhacs.redhat.com/environment: ""
      rhacs.redhat.com/expired-at: "2024-04-08T00:00:00Z"
      rhacs.redhat.com/org-name: stubbed-name

Central pod

apiVersion: v1
kind: Pod
metadata:
  annotations:
    email: [email protected]
    meta.helm.sh/release-name: test-eval-1
    meta.helm.sh/release-namespace: rhacs-cn0cp84dvq3t6k6t1sng
    owner: stackrox
    rhacs.redhat.com/cluster-name: ""
    rhacs.redhat.com/environment: ""
    rhacs.redhat.com/expired-at: "2024-04-08T00:00:00Z"
    rhacs.redhat.com/org-name: stubbed-name
    traffic.sidecar.istio.io/excludeInboundPorts: "8443"
  creationTimestamp: "2024-02-05T19:54:47Z"

@parametalol parametalol requested a review from stehessel February 1, 2024 18:27
@stehessel
Copy link
Contributor

In general I think this could have been split into two PRs:

  • Propagating expired-at to the namespace/pod labels.
  • Reporting status changes in telemetry.

@parametalol parametalol changed the title feat: Report telemetry on central status change feat: Expose expiration date Feb 5, 2024
@stehessel
Copy link
Contributor

Can you add the new annotations to the unit tests in reconciler_test.go?

@parametalol parametalol force-pushed the michael/telemetry-tenant-expired-at branch from 27ea555 to a87475d Compare February 6, 2024 15:27
@parametalol parametalol changed the base branch from main to michael/expired-at-only-telemetry February 6, 2024 15:27
@parametalol parametalol changed the title feat: Expose expiration date feat: expiration date in resource annotations Feb 6, 2024
@parametalol parametalol requested a review from stehessel February 6, 2024 15:30
@parametalol parametalol changed the base branch from michael/expired-at-only-telemetry to main February 6, 2024 15:31
@parametalol parametalol changed the base branch from main to michael/expired-at-only-telemetry February 6, 2024 15:34
@openshift-ci openshift-ci bot added the lgtm label Feb 6, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Feb 6, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: 0x656b694d, stehessel
Once this PR has been reviewed and has the lgtm label, please assign vladbologa for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Base automatically changed from michael/expired-at-only-telemetry to main February 7, 2024 13:51
@parametalol parametalol mentioned this pull request Feb 7, 2024
Open
@parametalol parametalol merged commit 129a4ce into main Feb 7, 2024
9 checks passed
@parametalol parametalol deleted the michael/telemetry-tenant-expired-at branch February 7, 2024 15:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stehessel stehessel stehessel approved these changes

Assignees

@stehessel stehessel

Labels
lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@parametalol @stehessel