metrics: Populate MetricsOptions at startup

Author: DavidHurta

cmd/cluster-version-operator/start.go

@@ -29,13 +29,13 @@ func init() {
 		},
 	}
 
-	cmd.PersistentFlags().StringVar(&opts.ListenAddr, "listen", opts.ListenAddr, "Address to listen on for metrics")
+	cmd.PersistentFlags().StringVar(&opts.MetricsOptions.ListenAddress, "listen", opts.MetricsOptions.ListenAddress, "Address to listen on for metrics")
 	cmd.PersistentFlags().StringVar(&opts.Kubeconfig, "kubeconfig", opts.Kubeconfig, "Kubeconfig file to access a remote cluster (testing only)")
 	cmd.PersistentFlags().StringVar(&opts.NodeName, "node-name", opts.NodeName, "kubernetes node name CVO is scheduled on.")
 	cmd.PersistentFlags().BoolVar(&opts.EnableAutoUpdate, "enable-auto-update", opts.EnableAutoUpdate, "Enables the autoupdate controller.")
 	cmd.PersistentFlags().StringVar(&opts.ReleaseImage, "release-image", opts.ReleaseImage, "The Openshift release image url.")
-	cmd.PersistentFlags().StringVar(&opts.ServingCertFile, "serving-cert-file", opts.ServingCertFile, "The X.509 certificate file for serving metrics over HTTPS.  You must set both --serving-cert-file and --serving-key-file unless you set --listen empty.")
-	cmd.PersistentFlags().StringVar(&opts.ServingKeyFile, "serving-key-file", opts.ServingKeyFile, "The X.509 key file for serving metrics over HTTPS.  You must set both --serving-cert-file and --serving-key-file unless you set --listen empty.")
+	cmd.PersistentFlags().StringVar(&opts.MetricsOptions.ServingCertFile, "serving-cert-file", opts.MetricsOptions.ServingCertFile, "The X.509 certificate file for serving metrics over HTTPS.  You must set both --serving-cert-file and --serving-key-file unless you set --listen empty.")
+	cmd.PersistentFlags().StringVar(&opts.MetricsOptions.ServingKeyFile, "serving-key-file", opts.MetricsOptions.ServingKeyFile, "The X.509 key file for serving metrics over HTTPS.  You must set both --serving-cert-file and --serving-key-file unless you set --listen empty.")
 	cmd.PersistentFlags().StringVar(&opts.PromQLTarget.CABundleFile, "metrics-ca-bundle-file", opts.PromQLTarget.CABundleFile, "The service CA bundle file containing one or more X.509 certificate files for validating certificates generated from the service CA for the respective remote PromQL query service.")
 	cmd.PersistentFlags().StringVar(&opts.PromQLTarget.BearerTokenFile, "metrics-token-file", opts.PromQLTarget.BearerTokenFile, "The bearer token file used to access the remote PromQL query service.")
 	cmd.PersistentFlags().StringVar(&opts.PromQLTarget.KubeSvc.Namespace, "metrics-namespace", opts.PromQLTarget.KubeSvc.Namespace, "The name of the namespace where the the remote PromQL query service resides. Must be specified when --use-dns-for-services is disabled.")

pkg/start/start.go

@@ -57,13 +57,12 @@ const (
 
 // Options are the valid inputs to starting the CVO.
 type Options struct {
-	ReleaseImage    string
-	ServingCertFile string
-	ServingKeyFile  string
+	ReleaseImage string
+
+	MetricsOptions cvo.MetricsOptions
 
 	Kubeconfig string
 	NodeName   string
-	ListenAddr string
 
 	EnableAutoUpdate bool
 
@@ -116,7 +115,7 @@ func defaultEnv(name, defaultValue string) string {
 func NewOptions() *Options {
 	defaultPromQLTarget := clusterconditions.DefaultPromQLTarget()
 	return &Options{
-		ListenAddr:          "0.0.0.0:9099",
+		MetricsOptions:      cvo.MetricsOptions{ListenAddress: "0.0.0.0:9099"},
 		NodeName:            os.Getenv("NODE_NAME"),
 		PrometheusURLString: defaultPromQLTarget.URL.String(),
 		PromQLTarget:        defaultPromQLTarget,
@@ -138,10 +137,10 @@ func (o *Options) ValidateAndComplete() error {
 	if o.ReleaseImage == "" {
 		return fmt.Errorf("missing --release-image flag, it is required")
 	}
-	if o.ListenAddr != "" && o.ServingCertFile == "" {
+	if o.MetricsOptions.ListenAddress != "" && o.MetricsOptions.ServingCertFile == "" {
 		return fmt.Errorf("--listen was not set empty, so --serving-cert-file must be set")
 	}
-	if o.ListenAddr != "" && o.ServingKeyFile == "" {
+	if o.MetricsOptions.ListenAddress != "" && o.MetricsOptions.ServingKeyFile == "" {
 		return fmt.Errorf("--listen was not set empty, so --serving-key-file must be set")
 	}
 	if o.PrometheusURLString == "" {
@@ -161,6 +160,10 @@ func (o *Options) ValidateAndComplete() error {
 	// Inject the cluster ID into PromQL queries in HyperShift
 	o.InjectClusterIdIntoPromQL = o.HyperShift
 
+	// Temporarily disable the authentication and authorization for the metrics endpoint in HyperShift
+	o.MetricsOptions.DisableAuthorization = o.HyperShift
+	o.MetricsOptions.DisableAuthentication = o.HyperShift
+
 	if err := validateCapabilities(o.AlwaysEnableCapabilities); err != nil {
 		return fmt.Errorf("--always-enable-capabilities: %w", err)
 	}
@@ -346,18 +349,11 @@ func (o *Options) run(ctx context.Context, controllerCtx *Context, lock resource
 			Callbacks: leaderelection.LeaderCallbacks{
 				OnStartedLeading: func(_ context.Context) { // no need for this passed-through postMainContext, because goroutines we launch inside will use runContext
 					launchedMain = true
-					if o.ListenAddr != "" {
+					if o.MetricsOptions.ListenAddress != "" {
 						resultChannelCount++
 						go func() {
 							defer utilruntime.HandleCrash()
-							options := cvo.MetricsOptions{
-								ListenAddress:         o.ListenAddr,
-								ServingCertFile:       o.ServingCertFile,
-								ServingKeyFile:        o.ServingKeyFile,
-								DisableAuthentication: o.HyperShift,
-								DisableAuthorization:  o.HyperShift,
-							}
-							err := cvo.RunMetrics(postMainContext, shutdownContext, restConfig, options)
+							err := cvo.RunMetrics(postMainContext, shutdownContext, restConfig, o.MetricsOptions)
 							resultChannel <- asyncResult{name: "metrics server", error: err}
 						}()
 					}
@@ -658,7 +654,7 @@ func (o *Options) NewControllerContext(
 			return nil, err
 		}
 	}
-	if o.ListenAddr != "" {
+	if o.MetricsOptions.ListenAddress != "" {
 		if err := ctx.CVO.RegisterMetrics(coInformer.Informer()); err != nil {
 			return nil, err
 		}

pkg/start/start_integration_test.go

@@ -185,7 +185,7 @@ func TestIntegrationCVO_initializeAndUpgrade(t *testing.T) {
 	options := NewOptions()
 	options.Namespace = ns
 	options.Name = ns
-	options.ListenAddr = ""
+	options.MetricsOptions.ListenAddress = ""
 	options.NodeName = "test-node"
 	options.ReleaseImage = payloadImage1
 	options.PayloadOverride = filepath.Join(dir, "0.0.1")
@@ -330,7 +330,7 @@ func TestIntegrationCVO_gracefulStepDown(t *testing.T) {
 	options := NewOptions()
 	options.Namespace = ns
 	options.Name = ns
-	options.ListenAddr = ""
+	options.MetricsOptions.ListenAddress = ""
 	options.NodeName = "test-node"
 	options.ReleaseImage = payloadImage1
 	options.PayloadOverride = filepath.Join(dir, "0.0.1")
@@ -537,7 +537,7 @@ metadata:
 	options := NewOptions()
 	options.Namespace = ns
 	options.Name = ns
-	options.ListenAddr = ""
+	options.MetricsOptions.ListenAddress = ""
 	options.NodeName = "test-node"
 	options.ReleaseImage = payloadImage1
 	options.PayloadOverride = payloadDir