From 990f5358962c07237aa02ccdefe16ef29516aa2e Mon Sep 17 00:00:00 2001 From: Ruben Vargas Date: Wed, 10 Jul 2024 09:28:45 -0600 Subject: [PATCH] Allow otlp grpc and http to be enabled with TLS Signed-off-by: Ruben Vargas --- .../fix_tls_monolithic_both_enabled.yaml | 16 +++ internal/manifests/manifestutils/paths.go | 10 ++ internal/manifests/manifestutils/tls.go | 48 ++++--- internal/manifests/monolithic/statefulset.go | 4 +- .../manifests/monolithic/statefulset_test.go | 4 +- .../monolithic-receivers-tls/01-assert.yaml | 75 +++++++++++ .../01-install-tempo.yaml | 57 ++++++++ .../monolithic-receivers-tls/02-assert.yaml | 34 +++++ .../02-install-otel.yaml | 127 ++++++++++++++++++ .../monolithic-receivers-tls/03-assert.yaml | 8 ++ .../03-generate-traces.yaml | 17 +++ .../monolithic-receivers-tls/04-assert.yaml | 8 ++ .../04-verify-traces.yaml | 35 +++++ .../chainsaw-test.yaml | 38 ++++++ 14 files changed, 462 insertions(+), 19 deletions(-) create mode 100755 .chloggen/fix_tls_monolithic_both_enabled.yaml create mode 100644 tests/e2e/monolithic-receivers-tls/01-assert.yaml create mode 100644 tests/e2e/monolithic-receivers-tls/01-install-tempo.yaml create mode 100644 tests/e2e/monolithic-receivers-tls/02-assert.yaml create mode 100644 tests/e2e/monolithic-receivers-tls/02-install-otel.yaml create mode 100644 tests/e2e/monolithic-receivers-tls/03-assert.yaml create mode 100644 tests/e2e/monolithic-receivers-tls/03-generate-traces.yaml create mode 100644 tests/e2e/monolithic-receivers-tls/04-assert.yaml create mode 100644 tests/e2e/monolithic-receivers-tls/04-verify-traces.yaml create mode 100755 tests/e2e/monolithic-receivers-tls/chainsaw-test.yaml diff --git a/.chloggen/fix_tls_monolithic_both_enabled.yaml b/.chloggen/fix_tls_monolithic_both_enabled.yaml new file mode 100755 index 000000000..a9c4fa9aa --- /dev/null +++ b/.chloggen/fix_tls_monolithic_both_enabled.yaml @@ -0,0 +1,16 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: bug_fix + +# The name of the component, or a single word describing the area of concern, (e.g. tempostack, tempomonolithic, github action) +component: tempomonolithic + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Allow create a monolithic with tls enabled on both grpc/http + +# One or more tracking issues related to the change +issues: [976] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: diff --git a/internal/manifests/manifestutils/paths.go b/internal/manifests/manifestutils/paths.go index 8006a3388..436152847 100644 --- a/internal/manifests/manifestutils/paths.go +++ b/internal/manifests/manifestutils/paths.go @@ -14,6 +14,16 @@ const ( // ReceiverTLSCertDir returns the mount path of the receivers certificates (for ingesting traces). ReceiverTLSCertDir = TLSDir + "/receiver" + // ReceiverGRPCTLSCADir is the path that is mounted from the configmap for TLS for receiver. + ReceiverGRPCTLSCADir = "/var/run/ca-receiver/grpc" + // ReceiverGRPCTLSCertDir returns the mount path of the receivers certificates (for ingesting traces). + ReceiverGRPCTLSCertDir = TLSDir + "/receiver/grpc" + + // ReceiverHTTPTLSCADir is the path that is mounted from the configmap for TLS for receiver. + ReceiverHTTPTLSCADir = "/var/run/ca-receiver/http" + // ReceiverHTTPTLSCertDir returns the mount path of the receivers certificates (for ingesting traces). + ReceiverHTTPTLSCertDir = TLSDir + "/receiver/http" + // StorageTLSCADir contains the CA file for accessing object storage. StorageTLSCADir = TLSDir + "/storage/ca" // StorageTLSCertDir contains the certificate and key file for accessing object storage. diff --git a/internal/manifests/manifestutils/tls.go b/internal/manifests/manifestutils/tls.go index a2d657ae5..5c5301c7b 100644 --- a/internal/manifests/manifestutils/tls.go +++ b/internal/manifests/manifestutils/tls.go @@ -27,16 +27,20 @@ func MountCAConfigMap( MountPath: caDir, ReadOnly: true, }) - pod.Volumes = append(pod.Volumes, corev1.Volume{ - Name: caConfigMap, - VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: caConfigMap, + + volumeIndex, _ := findVolumeIndex(pod, caConfigMap) + if volumeIndex < 0 { + pod.Volumes = append(pod.Volumes, corev1.Volume{ + Name: caConfigMap, + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: caConfigMap, + }, }, }, - }, - }) + }) + } return nil } @@ -58,14 +62,18 @@ func MountCertSecret( MountPath: certDir, ReadOnly: true, }) - pod.Volumes = append(pod.Volumes, corev1.Volume{ - Name: certSecret, - VolumeSource: corev1.VolumeSource{ - Secret: &corev1.SecretVolumeSource{ - SecretName: certSecret, + + volumeIndex, _ := findVolumeIndex(pod, certSecret) + if volumeIndex < 0 { + pod.Volumes = append(pod.Volumes, corev1.Volume{ + Name: certSecret, + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: certSecret, + }, }, - }, - }) + }) + } return nil } @@ -117,3 +125,13 @@ func findContainerIndex(pod *corev1.PodSpec, containerName string) (int, error) return -1, fmt.Errorf("cannot find container %s", containerName) } + +func findVolumeIndex(pod *corev1.PodSpec, volumeName string) (int, error) { + for i, volume := range pod.Volumes { + if volume.Name == volumeName { + return i, nil + } + } + + return -1, fmt.Errorf("cannot find volume %s", volumeName) +} diff --git a/internal/manifests/monolithic/statefulset.go b/internal/manifests/monolithic/statefulset.go index b2348de6f..dc9153b47 100644 --- a/internal/manifests/monolithic/statefulset.go +++ b/internal/manifests/monolithic/statefulset.go @@ -121,7 +121,7 @@ func BuildTempoStatefulset(opts Options, extraAnnotations map[string]string) (*a tempo.Spec.Ingestion.OTLP.GRPC.TLS != nil && tempo.Spec.Ingestion.OTLP.GRPC.TLS.Enabled { err := manifestutils.MountTLSSpecVolumes( &sts.Spec.Template.Spec, "tempo", *tempo.Spec.Ingestion.OTLP.GRPC.TLS, - manifestutils.ReceiverTLSCADir, manifestutils.ReceiverTLSCertDir, + manifestutils.ReceiverGRPCTLSCADir, manifestutils.ReceiverGRPCTLSCertDir, ) if err != nil { return nil, err @@ -132,7 +132,7 @@ func BuildTempoStatefulset(opts Options, extraAnnotations map[string]string) (*a tempo.Spec.Ingestion.OTLP.HTTP.TLS != nil && tempo.Spec.Ingestion.OTLP.HTTP.TLS.Enabled { err := manifestutils.MountTLSSpecVolumes( &sts.Spec.Template.Spec, "tempo", *tempo.Spec.Ingestion.OTLP.HTTP.TLS, - manifestutils.ReceiverTLSCADir, manifestutils.ReceiverTLSCertDir, + manifestutils.ReceiverHTTPTLSCADir, manifestutils.ReceiverHTTPTLSCertDir, ) if err != nil { return nil, err diff --git a/internal/manifests/monolithic/statefulset_test.go b/internal/manifests/monolithic/statefulset_test.go index ff3bcfc76..cf27e79f5 100644 --- a/internal/manifests/monolithic/statefulset_test.go +++ b/internal/manifests/monolithic/statefulset_test.go @@ -427,12 +427,12 @@ func TestStatefulsetReceiverTLS(t *testing.T) { }, { Name: "custom-ca", - MountPath: "/var/run/ca-receiver", + MountPath: "/var/run/ca-receiver/grpc", ReadOnly: true, }, { Name: "custom-cert", - MountPath: "/var/run/tls/receiver", + MountPath: "/var/run/tls/receiver/grpc", ReadOnly: true, }, }, sts.Spec.Template.Spec.Containers[0].VolumeMounts) diff --git a/tests/e2e/monolithic-receivers-tls/01-assert.yaml b/tests/e2e/monolithic-receivers-tls/01-assert.yaml new file mode 100644 index 000000000..31e8a38a6 --- /dev/null +++ b/tests/e2e/monolithic-receivers-tls/01-assert.yaml @@ -0,0 +1,75 @@ +apiVersion: tempo.grafana.com/v1alpha1 +kind: TempoMonolithic +metadata: + name: simplest +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: tempo-simplest + labels: + app.kubernetes.io/instance: simplest + app.kubernetes.io/managed-by: tempo-operator + app.kubernetes.io/name: tempo-monolithic +spec: + selector: + matchLabels: + app.kubernetes.io/instance: simplest + app.kubernetes.io/managed-by: tempo-operator + app.kubernetes.io/name: tempo-monolithic +status: + readyReplicas: 1 +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: simplest + app.kubernetes.io/managed-by: tempo-operator + app.kubernetes.io/name: tempo-monolithic + name: tempo-simplest +spec: + ports: + - name: http + port: 3200 + protocol: TCP + targetPort: http + - name: otlp-grpc + port: 4317 + protocol: TCP + targetPort: otlp-grpc + - name: otlp-http + port: 4318 + protocol: TCP + targetPort: otlp-http + selector: + app.kubernetes.io/instance: simplest + app.kubernetes.io/managed-by: tempo-operator + app.kubernetes.io/name: tempo-monolithic +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: simplest + app.kubernetes.io/managed-by: tempo-operator + app.kubernetes.io/name: tempo-monolithic + name: tempo-simplest-jaegerui +spec: + ports: + - name: jaeger-grpc + port: 16685 + protocol: TCP + targetPort: jaeger-grpc + - name: jaeger-ui + port: 16686 + protocol: TCP + targetPort: jaeger-ui + - name: jaeger-metrics + port: 16687 + protocol: TCP + targetPort: jaeger-metrics + selector: + app.kubernetes.io/instance: simplest + app.kubernetes.io/managed-by: tempo-operator + app.kubernetes.io/name: tempo-monolithic diff --git a/tests/e2e/monolithic-receivers-tls/01-install-tempo.yaml b/tests/e2e/monolithic-receivers-tls/01-install-tempo.yaml new file mode 100644 index 000000000..5226a143d --- /dev/null +++ b/tests/e2e/monolithic-receivers-tls/01-install-tempo.yaml @@ -0,0 +1,57 @@ +--- +apiVersion: tempo.grafana.com/v1alpha1 +kind: TempoMonolithic +metadata: + name: simplest +spec: + jaegerui: + enabled: true + ingestion: + otlp: + grpc: + enabled: true + tls: + enabled: true + caName: custom-ca + certName: custom-cert + http: + enabled: true + tls: + enabled: true + caName: custom-ca + certName: custom-cert +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: custom-ca +data: + service-ca.crt: | + -----BEGIN CERTIFICATE----- + MIIDWzCCAkOgAwIBAgIUJ714jTtYBKKKYtVCysJY+DqMNgowDQYJKoZIhvcNAQEL + BQAwPDELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEWMBQGA1UE + CgwNb2JzZXJ2YWJpbGl0eTAgFw0yMzExMDIwMzE1MzdaGA8yMDUxMDMxOTAzMTUz + N1owPDELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEWMBQGA1UE + CgwNb2JzZXJ2YWJpbGl0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB + AKqdrAkgclDaho+NwCrdr4wuR1zgDZ71Gzmdjokkn0dBa8sUR69or25PfB3oAzs0 + J8i23lQB9Ny4jsDud8XoNkPpECTh1ddvqLj33Z3tacdZ82ESZ16HYdtDVEc2JnUZ + GzmrR9WKWFJ/JFS3/Kp1CSiLVy8fmT6Xq3RShgv+cGJ7tTI+Y4g6It5gDCmT5sSA + ZfubqGcbo9LLYeQuovEiSTUW4K+w0/3psBf5SmGH4srzICHejX4pSV3lMaB8rwOC + zWex/vdCyinf3TfLlUb6euqRMFxiGZgaskgqG0xVshFqv3FoRZ3yAOM1YeIgDNyz + gKObWefMzWmXLL8E+MLJMdUCAwEAAaNTMFEwHQYDVR0OBBYEFLFDtqWNRN2a32iX + 7Ralg/PfX32JMB8GA1UdIwQYMBaAFLFDtqWNRN2a32iX7Ralg/PfX32JMA8GA1Ud + EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHgbypkfsfucJMuyIG2xHnNr + yJr14vbVETq7Rl4MlpWkrTMJieJb2egSkSxsFq25H8da6Rqkj+3me57zxYZTnrgG + 4xcdoVuX2Lm+pytX+SIMJkhY6J44uq43CBgJ0RPIwPAN1za2+VRnaIhc48m2cyxP + xv0wyCCc0SRthqNLhUd9vSgp3NWIBT9Dl2d6RVORl87dV1sd5GG4BQMmvmBmM36/ + A1CVtDwDngOy1C9rjnWWHxQ/NzVYRKCzNUqiC+E5xtDpSfCCzNrWRvjwIdNveri9 + ga1x9xINK/3uKa5ZEcTg+PAVKI6dNsPvpolaH3zBNs4YaqXcQ21Ix29JuKIsNH8= + -----END CERTIFICATE----- +--- +apiVersion: v1 +kind: Secret +metadata: + name: custom-cert +data: + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVXakNDQTBLZ0F3SUJBZ0lVUE9WcllCNWlKdnhNaVRMQnk0ckd6T1AxZ2o0d0RRWUpLb1pJaHZjTkFRRUwKQlFBd1BERUxNQWtHQTFVRUJoTUNXRmd4RlRBVEJnTlZCQWNNREVSbFptRjFiSFFnUTJsMGVURVdNQlFHQTFVRQpDZ3dOYjJKelpYSjJZV0pwYkdsMGVUQWdGdzB5TXpFeE1ESXdNelEzTXpsYUdBOHlNRFV4TURNeE9UQXpORGN6Ck9Wb3dKVEVqTUNFR0ExVUVBd3dhZEdWdGNHOHRjMmx0Y0d4bGMzUXRaR2x6ZEhKcFluVjBiM0l3Z2dJaU1BMEcKQ1NxR1NJYjNEUUVCQVFVQUE0SUNEd0F3Z2dJS0FvSUNBUUNINWZFdnpCWE16MUVVa3h2bDdXMVVZUnZxb2FsTApSZDU1VWlLc051RTNMYkZiOEFUZ1dsWXQxRFVKVWFSVUNXbDJRbXBnbGRTVVBaMmxGaTRxMmhkM1ZMWDd1YjVpCmVGRXhTV25iZ1JMOU9HWG5sS2pjeFFCN21PL0MyT2pQakJxaGg5UnJlVUNsd1FmN0Y3Tll0Si9qT1YxVU5abUsKTmYvRXpIQmVMN3psZTFiS2lkUDBaYkVKdFJ3T3crb2xwcFhQaXdTWk8xR1dGZkRGY3R0ajkzQzRaQUdnRjNMYgozVzJoRzFSS0tFaUdtTlVESEtyakFnMTdCR2Vwb1MzeHVUZ0pUbjc3cTgzRGdwcmVtSmNka2hBcTVwVHMva2tHCklyL0E1aWMyRXNnN2NJQWRPOTlsKzVNMWdqTHJMQnJSL2x1c1pTdVEycnJEK0dwNnpYR2I0czBCSVF1aGhOV1MKOEJ0cWtKNVFTRDZSaTA5d3dMaWhkTXVrWkJ1amFtY3lMZmszM1dMQ05xajdMRHNidE1VS0RFeGh4SHUrRGhiSwo1VFFKamZBYUdSWXRzcm93VWlqWWpBVnZRckJIdTQ0cWFFOWVQN1J2OC8xTk1VTE1MeFhPWkpwMzMyVlAzWG9MClhJTDhXQXNmZktpQ3NrSXhZMEU2UlVTbUhvbjlpYVdtM0F4Ti9DNWZ5NGlmRmRHNmlWTlkyUElHdlpCci9BK0kKUDBaRjNoNlQ1SkkvTGZobmFiS0tmUDRYYjcwenFFNzFtUTdTcjErM25weDFCS0djbEtMemhTa3BqaCtSQVpxOQptczBaZkw0eGJkSmJSalN3Um9Sbi9SSmxiQ2VNMlpCSzBLaFhUb2hqVjFSSWNrZTFBYlR0Zk9INnNwakMwanppCkMwYmFsaXFEblVjdVJ3SURBUUFCbzJrd1p6QWxCZ05WSFJFRUhqQWNnaHAwWlcxd2J5MXphVzF3YkdWemRDMWsKYVhOMGNtbGlkWFJ2Y2pBZEJnTlZIUTRFRmdRVUxOVEkzOUFUZW04QkxXSWQzcWRCNXlPbG9VQXdId1lEVlIwagpCQmd3Rm9BVXNVTzJwWTFFM1pyZmFKZnRGcVdEODk5ZmZZa3dEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBQ3RDCmtWNjgzQ1N1NkZyZ3NBekZGMjBuYkViRnFIV0tkYjhpNldKMXNiK1FiWld4K0dMc2xiTS9taHp2dlFucDV2OEIKUUZpWHgvNG1pTmQ0R2owSGhZNTJ4UTBTRllFL1RyU25tZ2I3bzFYc0t6K1FyQ1N3L0lLYStTNDdSNEgxbkFyZgo5OEsybWo1SmJ0U2grY04wWlI5amxvVi9KWDZVb0RvaE51ZlFpc09BVThLdTdwUTRtc2hObUN2aGlMRmRkc21tCk4wbVZxeG1jdVRlaW5GbkR5ZUZ1V0luU1JoUWtNeFFQdzBndm9WRFN5RWltcFBTb0xaTCtEYkJYdUJXb2gvRTYKL3Qwc05TcmhPa1c5TVZ6N0ZYNEQ1YldsTkIwaE1hVURJVHFvSEdrRnNBVWpHYXpLVzljRGNTQ3Z2SGJzenozNAo3VUZSZG42dTRWaWNQR3BEQkNjPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRd0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1Mwd2dna3BBZ0VBQW9JQ0FRQ0g1ZkV2ekJYTXoxRVUKa3h2bDdXMVVZUnZxb2FsTFJkNTVVaUtzTnVFM0xiRmI4QVRnV2xZdDFEVUpVYVJVQ1dsMlFtcGdsZFNVUFoybApGaTRxMmhkM1ZMWDd1YjVpZUZFeFNXbmJnUkw5T0dYbmxLamN4UUI3bU8vQzJPalBqQnFoaDlScmVVQ2x3UWY3CkY3Tll0Si9qT1YxVU5abUtOZi9FekhCZUw3emxlMWJLaWRQMFpiRUp0UndPdytvbHBwWFBpd1NaTzFHV0ZmREYKY3R0ajkzQzRaQUdnRjNMYjNXMmhHMVJLS0VpR21OVURIS3JqQWcxN0JHZXBvUzN4dVRnSlRuNzdxODNEZ3ByZQptSmNka2hBcTVwVHMva2tHSXIvQTVpYzJFc2c3Y0lBZE85OWwrNU0xZ2pMckxCclIvbHVzWlN1UTJyckQrR3A2CnpYR2I0czBCSVF1aGhOV1M4QnRxa0o1UVNENlJpMDl3d0xpaGRNdWtaQnVqYW1jeUxmazMzV0xDTnFqN0xEc2IKdE1VS0RFeGh4SHUrRGhiSzVUUUpqZkFhR1JZdHNyb3dVaWpZakFWdlFyQkh1NDRxYUU5ZVA3UnY4LzFOTVVMTQpMeFhPWkpwMzMyVlAzWG9MWElMOFdBc2ZmS2lDc2tJeFkwRTZSVVNtSG9uOWlhV20zQXhOL0M1Znk0aWZGZEc2CmlWTlkyUElHdlpCci9BK0lQMFpGM2g2VDVKSS9MZmhuYWJLS2ZQNFhiNzB6cUU3MW1RN1NyMSszbnB4MUJLR2MKbEtMemhTa3BqaCtSQVpxOW1zMFpmTDR4YmRKYlJqU3dSb1JuL1JKbGJDZU0yWkJLMEtoWFRvaGpWMVJJY2tlMQpBYlR0Zk9INnNwakMwanppQzBiYWxpcURuVWN1UndJREFRQUJBb0lDQUFaUFcvS1BORmZ0TEdPYkxRbHhDOG1HCk5NaWhOdjRpd1dDNnVwZHFlT3laOTRsQVRNbXFDQ1JhblJmUXJhT2xTRHRRZkNYOTd2L3ZHSG5JM04zcWdIcHUKK1lBMXNLeGJ6OUZOQ2xoQjF3TGc4b0pkT2JYK2c3WTVkTENFWjlMek8yMVNwRDlWUXZZdlQxS09XQ3AvUUlsSgphWmIyWWltenRpdUtIcEdRLytGYjU3ekJ4NUNxaEJ6aVJ1bzhtSXVrLzRIQ2Y3VXB0dkVVRmJqbFMyQ0o1YmI2CkZjVThNWDRaK3ZRbkU3UFp5UHhPN2wwVm9LMm5zNzZKaHRLdWhEYWNGZ2tBbHc3U2ZGeGVuUmhHMTRWcytjazAKS2FnVGFvcVpaSFB0ZTlhYjZxWXY1QkwzYTdrTmhGbFFzVktRR3JLemI4aENibEpzaFkyQjVGZk5ZRUFQdU5zSwpQb1hUenMyT1N0M3NjOVJIY2k4VW5XblJWSjNnUnBGTnRMMEYrL0JjdDcvaHR3Vm9vYjZvZm1OWEJGUS9rdkhzCnR5VjNiN0Y4R3AxV1ZVUkZxWmFnVkJGTi9XZ3lJdk5ZdnNHUTRnMk5JaFZDU3dudFFIRUQ5VDFRYVNWeW1SeEIKTnk4cUQrU2VsTE9LcGNaUHVtTEVZTG94NDE3cm9DbWFqaSsvMzluanMwTVJQeThKeWFuTENxZnltR0NFYzI0Mgo3cEFqYVRISXZNaHR1TkpGVFE5K1J6eXc4TDJ4QzIwNndPSFpPWHc1aHJtQy9pdHorUXU2VzY3S1VWTTdMMnBhCmkybVlrZFpuTlFnV2pCekNkL0owUmQwQ29GSVo2UW9aSThmZ1VPd0M4LzdIa05nVXdkSkRyTlpJa2hlRnFOQmoKSE0vQWQxOGtoODRQVXo2cFZoa1pBb0lCQVFDNnVaL1pvbkltL0ZtRjZUTzgxeFB5YTJNMEM4bVNSdExjS0J3aQpncUZ2ZnNJWEkxdTliOHVDbE5CbVlxNkczc3MrV0FGbGx6S1htdEdZWHZ2TFFaejJYbHpkYkMzbG1teGVRS3NaCm5rVDFkVjA1RzRzRFRmWS9waDVWK0tHaG5kalR1ZFp0SW1ZdUtVVWtnN0dSL0lXMXViK2ZBd3RlWmdtTWpNYUcKMGFQdTBWdU9qSG5oS2tENE9MUytMTDJXaGlURjFZRkw2ajQycmxCaFkwK3BxQmRVVXJoNUFtRVdlaUhvWVVKWApuZHJSVDlYRk9ONnBiamxreHVqVjZvNmZpOUhIbFdHalBKenpjZkRRMlFuVWlsakFUYU0xVG5HcHBQUWpaM3lFCk1wT05ocFd4UjlGMWdxNVI4b1Q2bzFNcUNFcVJWOHNFeXltZFFvVHVPVWhaUUJvMUFvSUJBUUM2VVAydjI1clkKdThjbXFKbGQyakk4WktYQitiZnM2YzZRUnNEWTdvd2xXMTNYMXFheEo3OVZHUGxVK1ZnVWcwQTgyOHJwTGRSagpJSFZnY1M3aUV5SEhVaTZsTi90ZDQwWGlKK2kyMVRENnY0NFRjWmFYMExjOGRzeC8rL1RXb0MxeUx5K2paeWJJCkc4bVlpaC80NmpOdjFJZ1h1K0xFU1VRWGhHSFRxbzV5cE15SEw2RUVlU2ZMU0lOMWUxQTdjWGFYSzZSR2lhTUwKMDZ6dFJlakY4eGNxR0lVZEo3emszWEtjZHp2Q1Vlc3B3a1FHc3FGQTJuZVN4NjFFWTZHdG5ZekhmQis0NzhFcQpUbGkrWXVaRVZsRnFpTTN1TDVkcEh0M2dzZGhMNEd3bG1qL1hxeHJnRDI4WWFvODV4QjBVSmFhMnUwMEFGQjZSCm0zWkpXM3hVMzVZTEFvSUJBUUNPdEtVbGFKQ0RtU00yUThkRjBMNnU3RUd5R2p3Z3JqNGpBZ2lXbTIyVHo3VzQKaDA1cTFsRWI2RzNwZ2d2T2llR2RNUmRJTkNqM1V0eFM3bXpUcDc2MVQrTDdXdDBzK0R0UVFXNUNzd0lTOG5LZgozWnY5bDR6V2tqZm5EcEZBK21rblQ0VkFmU1RJck1QcUp6Z0QwWkhERkVZTjJmN0xVNEtDeDJoR3kxdlZmbTNSCjRTeVkySGswKyttdTJuUys0S0NrRGd1MklEMFIvMkR4UFR3NTlueDE5bzZEOVR5TU9DVkgrMlQvbjJZSHlGTWgKV3RoWmR5TW9FUmtMdkNycVpxcWFOV0djcHd0d3h5ajhCSlFOdXZvZlpuYVFtL1lrYUN3cURzSk1LbmM0bDU0NgpFaUJVQmQ4Q1JDNDdlNjFvbDFPZUJ4SGpCUDQxOFF1MUlWUlkyYlB0QW9JQkFHZlg0ajBVeWU1SVlvd3laaUNBCkQ0WEhsdmRSSm1qK08yb0FkVld6UnhzL0hFUERXRzdldDI1SG1CZjdUVk5KZ0JFcmM2R1pNSW43T2xDQlpOOE8KU01KZUZLOXpUeitaLzRZNE5pVkpGNTU2QzBiZEJWRWlQQzZRREJTOUtrNUJRbk1reDRsc1lab2dtckRSTTFhNQp1ZWQzYms3RUluVENYUmc2YVlmZXhMd3pDK2ZBN1I2Z0pFVFI2cXNkQ3EvRzRwRUkrdXR4cFJWZmFqOW91bjh4CnFOU0dqQktlNWxJczlzY3NVWHRSeXg4Z0xtZ0pRWVR5L3JncFlISUFrY2xCU1lpWnJ0aVZrSFR5NjlWWksvd2sKbkFZanI1czBuVkF5cXZta1JlaXNjYnBYaVlPNzB5UFVsbGZtZEdOKzRiSXI5Z3BjeEdMcDA4dlYrUXlUMSswNgpITmNDZ2dFQkFLdGdqU01GOWc0UGFtTEloQjN1czlrOU9Rdlc0Zk9JZ1NOSHpLem9VKzMwejQ4aXdJNUhidXhFCkU4aE9wK3hKZEMvWUx5aW5Ga3ZCc3FVL2RLT3FRa0tLekNhdmhWbm9XN0R0c2lNL2haLysvUlpDanRCNXFQU1YKbFk0NFVWQ3BaY2NjMGZOQlVCcWlESlZkankwOTNnRnhMeWtLU05VQkYvd0sxeFlKdDB3RlRQOEtZNHBmcEc2WgpoSGQ4UXp5ajNiak56ME1rb2NHeWk5OU0yOVFrMjVSUy93dk5nNXJrRzkvUVdhVkJsbkRkTEhaQjZCSFI4UHp0CnAwV2FKQUFpTkdBMDFITFhTWDdZVytLcWJ0VUNYczB5RFZPcHFpaHU3ZW11KzB5T0h0SFVmNmFLREpTSTVHUHEKYTAvMlNXdzlKU2pkMGJ1cmxSY3FZV2E2cGVpby90QT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= diff --git a/tests/e2e/monolithic-receivers-tls/02-assert.yaml b/tests/e2e/monolithic-receivers-tls/02-assert.yaml new file mode 100644 index 000000000..21fd9dd47 --- /dev/null +++ b/tests/e2e/monolithic-receivers-tls/02-assert.yaml @@ -0,0 +1,34 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: opentelemetry-collector + labels: + app.kubernetes.io/name: otelcol + app.kubernetes.io/instance: opentelemetry + component: standalone-collector +spec: + selector: + matchLabels: + app.kubernetes.io/name: otelcol + app.kubernetes.io/instance: opentelemetry + component: standalone-collector +status: + readyReplicas: 1 + +--- +apiVersion: v1 +kind: Service +metadata: + name: opentelemetry-collector +spec: + type: ClusterIP + ports: + - name: otlp + port: 4317 + targetPort: 4317 + protocol: TCP + appProtocol: grpc + selector: + app.kubernetes.io/name: otelcol + app.kubernetes.io/instance: opentelemetry + component: standalone-collector diff --git a/tests/e2e/monolithic-receivers-tls/02-install-otel.yaml b/tests/e2e/monolithic-receivers-tls/02-install-otel.yaml new file mode 100644 index 000000000..a7e51884c --- /dev/null +++ b/tests/e2e/monolithic-receivers-tls/02-install-otel.yaml @@ -0,0 +1,127 @@ +apiVersion: v1 +kind: Secret +metadata: + name: opentelemetry-collector-cert +data: + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVWRENDQXp5Z0F3SUJBZ0lVUE9WcllCNWlKdnhNaVRMQnk0ckd6T1AxZ2o4d0RRWUpLb1pJaHZjTkFRRUwKQlFBd1BERUxNQWtHQTFVRUJoTUNXRmd4RlRBVEJnTlZCQWNNREVSbFptRjFiSFFnUTJsMGVURVdNQlFHQTFVRQpDZ3dOYjJKelpYSjJZV0pwYkdsMGVUQWdGdzB5TXpFeE1ESXdNelEzTlRKYUdBOHlNRFV4TURNeE9UQXpORGMxCk1sb3dJakVnTUI0R0ExVUVBd3dYYjNCbGJuUmxiR1Z0WlhSeWVTMWpiMnhzWldOMGIzSXdnZ0lpTUEwR0NTcUcKU0liM0RRRUJBUVVBQTRJQ0R3QXdnZ0lLQW9JQ0FRQzNieXhGNEkwSTVkeGcwbXhqdW9FcVFTNFNyRC9HNVFuMgozVnJqUkppMDEzK0NVU1djdFNuZDQvdEdvNHUyUEsxeTdiOTNHVHV5cE8xSWdlRksyYXM4cFNmTUFpWE1jU1dPCnFQQ29aTG83ZnRJY3NLTWk4OXI0T1kzZUF3Q0ZpeGVydWxyT3F4MEd2MGhTM29QaDlHSjVlSWx3UTV3TkQxSEsKbWxraHoxTkNJaGFTQWhJOEttek8yblZjeC9HZGtHL250NjJjUi85QVpaVktQN1drenMrRVJwUmduVTJsU3YrbAo5VHZCeG9VQzdYK0ZvL1Fjd0xYemNUaGlFaTJhd1V2MFNGWitNckxLa1JXRFFyUEhqMUFKdXhhU094TEN4dXVvClJHZTZSOEhrUHZvNENxMmFQb2xnSzJWM2FqcDlQT0pWTUVxUkQxeTFTY0FjZjNGNDZza0pLbjVtSFFnYjZzUUQKckxFcTF0ZTJlRWVBWUVOTnBOYisycFJ2bEdRRGQ4d2o5TW9LNXExQTYxMEE1cXBzSFFPZkEybE9pejRPd0ltRgpnQVFzc1hqc2NEUFdYM29vQkJZaXVvWnE3YzJsRHFERDhxN1BpY1NTTmFkRm80NTZabzBJVjNIeFN6WHQ1UlE5CnQ1Y0FzZWhmSC9ieUpSMFpudmRLWWgvbFczd01ISjhnYnJMYVBodUV6TUlZUnZOVTJoVnZWSzJScnV3OVNLaGkKSmZ0Q2tOK3dNTGh3c0pMMEM4VG92ekJ1cS83T1hiMEVsYjdabnhyU21QcnY5bjFaRm1DRnRPK0orZ2RXaGVLTAp1SXJ5aGJuVGlPZmxJUlRrcEVjWTlwNVBFM0tnbjNHRFdtS2t2NHE1bkcxSFJZQ0N3KzNjSnAxMDA3NFhNZTQwClNWbzlCN1BwM1FJREFRQUJvMll3WkRBaUJnTlZIUkVFR3pBWmdoZHZjR1Z1ZEdWc1pXMWxkSEo1TFdOdmJHeGwKWTNSdmNqQWRCZ05WSFE0RUZnUVVGYTBZUzBLRktCL01CSHduNlYyZ25HdS9laDB3SHdZRFZSMGpCQmd3Rm9BVQpzVU8ycFkxRTNacmZhSmZ0RnFXRDg5OWZmWWt3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUJsanc4M1FTMS9SCjMvRllad0puNkpseURIRlpaUWhwUnU1Z09ZM0pNN0k5SnFDQmpVVVpCSkVrTnIyNG41amlvT1ZhcUMyVk1XOEwKUnRYb0YxZjN4Q1lOa25vc1h6VWZxdEFhd0lFN3FWTURFaEtnblV4ZUJsaFozai85aHk2OEtoNnRqSnJQVGFCZgpMTVRUNGdubkdWTE5CeS92WjBkUGlqekdqOWhvdmwwYS9HYUdRM1RVelU3VGRaR1NPRXBqdjM1UTNmSXhQYU9GClRNd016dzVrSzZ5eHdFM3NXbGFrMUlpMDU5b0hzUGNVbFE0eWx4Q0thREpLSmFURUF3b0FtTCtrVXUyU1FaMkoKQXRVaVF3QStNVlhPM2dIbzJNaTVtUWNXRmwyQ1JMK0FXaGVaZDJTWFcrNWkvdjVBZlcyTitFRmIxZXFJT2JzVgp2SlhSZjV2d1RjVT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRQzNieXhGNEkwSTVkeGcKMG14anVvRXFRUzRTckQvRzVRbjIzVnJqUkppMDEzK0NVU1djdFNuZDQvdEdvNHUyUEsxeTdiOTNHVHV5cE8xSQpnZUZLMmFzOHBTZk1BaVhNY1NXT3FQQ29aTG83ZnRJY3NLTWk4OXI0T1kzZUF3Q0ZpeGVydWxyT3F4MEd2MGhTCjNvUGg5R0o1ZUlsd1E1d05EMUhLbWxraHoxTkNJaGFTQWhJOEttek8yblZjeC9HZGtHL250NjJjUi85QVpaVksKUDdXa3pzK0VScFJnblUybFN2K2w5VHZCeG9VQzdYK0ZvL1Fjd0xYemNUaGlFaTJhd1V2MFNGWitNckxLa1JXRApRclBIajFBSnV4YVNPeExDeHV1b1JHZTZSOEhrUHZvNENxMmFQb2xnSzJWM2FqcDlQT0pWTUVxUkQxeTFTY0FjCmYzRjQ2c2tKS241bUhRZ2I2c1FEckxFcTF0ZTJlRWVBWUVOTnBOYisycFJ2bEdRRGQ4d2o5TW9LNXExQTYxMEEKNXFwc0hRT2ZBMmxPaXo0T3dJbUZnQVFzc1hqc2NEUFdYM29vQkJZaXVvWnE3YzJsRHFERDhxN1BpY1NTTmFkRgpvNDU2Wm8wSVYzSHhTelh0NVJROXQ1Y0FzZWhmSC9ieUpSMFpudmRLWWgvbFczd01ISjhnYnJMYVBodUV6TUlZClJ2TlUyaFZ2VksyUnJ1dzlTS2hpSmZ0Q2tOK3dNTGh3c0pMMEM4VG92ekJ1cS83T1hiMEVsYjdabnhyU21QcnYKOW4xWkZtQ0Z0TytKK2dkV2hlS0x1SXJ5aGJuVGlPZmxJUlRrcEVjWTlwNVBFM0tnbjNHRFdtS2t2NHE1bkcxSApSWUNDdyszY0pwMTAwNzRYTWU0MFNWbzlCN1BwM1FJREFRQUJBb0lDQUNEQ1FlM1l4RmNxZGNqMHkxYWtJQjBqCnRzNnU1RlRvNG5hcjRXZGxBTUNMRzhKeUszMW8vU2tiWmV5Zm1IdmJLajYwSnRWbU5Ec2JLU1Voek5KSlBVTi8KV3pRYnpoUk13S0JSbTJqM1ZDcjc0eG9za1hYVWh1NTltTkJsU05xUWxKR2Vua2o2Vmh5MlhId3dNTzFSYjZTeAoyaG1xZVZ2N3VHZXVXT3lvMGYybGlOSmFmRmN5WEd3MHAzRUNaQ3YzZDRTeVVOYndKSzJqZHAzajh0U1Qrb3RzCjcyS3h0UVFuK0sveXM5RlBXc0hER0ZzTmhMTDkxNEM2WDQ5a0g3RGJoRzBEM2k1N2IyS3R0bUhTcjdpYjUzZFYKYWhxRFlqNVd1QTg4NkNsa1YwUWoyeHZYREZuWGdVRWpmdU5zblRWd2doc2tuS3g3U2RzMmFKQ3VVZDErVUpoOApQQk9CUVdIelZSM0lHdjJ1R2FwbjFjRlhHWlJRNGZjRW1hOE81VXNNSFJDblZOcjFYejFHRDc0a0VyWFdHRlRFCjRpaU1mcUJMSjUwT3c0VHlzWVdJdlc4NjhPMjFtTGFlYzJqQnJDdEtiU2pEV3FSaDlpajNnU05XN004QVFLT2cKdVZvSTJOZ0h4QjJNd2EvUytlQlpiVVhtU0FGTmRTS0lSbXhHSUNlcGZxOXBvR1kwQ0c1ZWJHbkxzVlVSYnFpNApsRWNKVlpBaWhIS0hHdXNsZ21MRmduQ04yZVVRYkpSWEorNnFFMm1mWnA2dlZwZ0hpL3lRQkxGZDM4b2JwbnhQCm1aUCtCK21zdHB2elBabGpXN2FlREZhUnFZblJBbm1zdUR5Mmk1MmtHdVBqeGxObjI0T3UvTWpiaFJvRkt2Q1YKNlVwRkUrcE9hUnRZcmI1VzZ6d0JBb0lCQVFENnhZZWZOWkkvYnRKYnQzQ2YrbkhPcVVQSUN1OFhFZHFDMlA1eApxSzhqVjN0VzFKZ1RNaHQrTGRDZy9EMzR0b1pWTFFVZmVocUZudnhLckhpNExid1VDUG56WkU3aHIvS29IWE1oCm01OUQ5TWFHZDJRYWZXaW5XTE93SGRTQ2NxbjNjZnRZVnFqWVJFSXUybCtlK0VwUlRJSGwrdGlCcXhkakZ5bjIKSnZ6dlVuODk4MW9yS3JnYVAzdUJ6cmlrcDFhR2huamhxVHAvNHVOVGtuV0JhQTBUUTVVc3VTTnpHL0VIOWxkSgp0dk9mZ1p3bnVuTERYeEVJYVNxc1V5V0k4Z1lISUcwQ0h0TUpkTFd1T1Fqa2FIdWswbjd3a0p0eE1FWnZhOUF1Cm0rMDg0QXRIMi81NDBDVXRXcmdJZy9ycDVuZTVxOHh3MGNKK2p2T1hwQTlVdHpaOUFvSUJBUUM3UWp5RUE5QVYKa1Z6RjJPRUpZaEcxc0R2MnBhaXhWRWU0ZTM0L0tLYTNVWTdNWWp6aDlPQmVCcXp6bUVQL1BxOW0zYTFkbkNEUAoxQ0l0emtLZnZHWGE5eEVWZHgvY0Z5Mmo4NUpmRXNSZytPbWpiOFVacDkwanNqK0lXT1ZNazE4NFdFUkxBQ1cyCit1bDk1NU1sK1VoYTRReEE3ZkdOZnZISXhMMDRuV0FvYjVzNzgzbFQ0NStUcHdFSWNXazZiRXpLdC8yN1VCbzYKNzJHRnBkSWdKUW9CM3NPMkJISm5vUDA3eFVBY2FzVW9uY3BLTklreUZrNndOci9QSUdjWTRVblRlZjR1RVVxRAo4blZveHQvOE1vRE1aWEM3YzJsWE4zeEhkaTdIUW1ZTWR3djJUaVhnNlpLaEczeXU4ZWtYc0htVWN2ZFc0NWhlClFYZVppa2Qrb2Y3aEFvSUJBRW9RWlFua3JKa0hoaUdJZ0Q3L25QVklrTGhZWWwwUjdOT1FlelhlZUR1Yjd0V3EKWEcvdThLZkhxRUtqdlRuanpyRUJadTN4Qmp4SXhJTFpoWjRBQS9oMjNqdkFlSHUzbDVlSGV5V0Y3UGdKSjBrMwpvZDBoQlBQSUF1b1ZKVnFSdXhsV0ZNSDJkay9KZVRLVlZJQ0RISS8rWks4ajh5WDQvaU5LQ0I2blRUVHh6SnJqCmNOSW0vOURneHYyRHJJMFV6ejFVSWdla0Q1OE54ODQ3QjNGODViKzJ5aXczVWYwQlY2TGVZdEZtczNWOHRqNFYKbHllVXdGY1htSDdrMzhVZWxpRXN0b1ZWelVhUnJjY1RHVWs4Z3FnZmMxWmhuMGRDMXNxNXNQYlRIckpJQ1l6agpzTGpGNFBVUVFpSmh1STIwZjgvYXFicjRlTlVnSzFteUhzVUtoNUVDZ2dFQkFJN2U0SEVRdjZoVStlVnhyWENOClJGbk5GbEwrM1pBK2IySVB4cWpGaVQyQW1tVFI1d1cyNGFDYmswVmZ2VEYzVURnNWxkWkFFc0MrWnoxdmkyRjQKU25ZZjN3YnpsbmxEcmV6VEg3QXVEMnExUHYwVmY5b3RPd25MSzdJSnNSa1ZyNmE3b1k5ZmsyYmlWVmRjWWVhdApKVWxCUHlvaTRSTkY4WTl1bTdnZ1NvZFBiNjd6K25QSXphM0gwMy92bDR1ZHFaRlpnOXR3S0RNakJOTUZTeVovClcvMUZTeWtLaDRjTlMyaFkvS3N4d3k5VUJFMU5mQWVkQVhoc3JUZUl6MkFxTXp1SWJpZ1R4VGlhdW4yd2pxQksKbi81U3Z3b2w2ZzlESkMwWnZHTUhBL2txc3hPL1dDTWIwbVhkSk9vTlkveFJCdEgrVFR3YjlkcWtORzRQRkxGSApROEVDZ2dFQVBWbFc2M2pMT2d1Y2xFSzA0dm4wNWxtWlI5REk2QzAvWUpGWU9iWk1kUmcvU0JwdU9kSEc2VDNyCjJaZHJvbTVVUCtoQWd4YldaVUNwVlFpckpnRVBjc2dubFF2aWNRTkxtSCtKeTBJNVBxNnNzdmpRWE02L25BdnkKb2JDem9UY3RIK2xId2NSVG5WUWtLSGRoU3o0QmJHWmNrR3lBeXlTUlk1c1l3Q0w1czNwaTcwdHF2UWpvR0ZvVQpJd3F5RjFaTmZ6ZzRWWjZwOGtSUEk2QS9KdFcrNXh1WGlDNmVYT3ZCb0IvdlJ2M1lLTTZURTNCK0pkY00wRVYvCmx1cHhnN01jY21tK3ZRRjhuWFl5V0R6RUZlWG9vT1RuK1NBTjVseENIZHlJTTBaUElmNk1rODFTY2hLaWd1dEcKbjNqSGhvNVo4ZzloYTA2bUNTUFpkbkNTaVpBUEF3PT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: opentelemetry-collector-configmap +data: + config: | + exporters: + logging: {} + otlp: + endpoint: tempo-simplest-distributor:4317 + tls: + insecure: false + ca_file: /var/run/tls/receiver/ca/service-ca.crt + receivers: + otlp: + protocols: + grpc: + endpoint: 0.0.0.0:4317 + http: + endpoint: 0.0.0.0:4318 + extensions: + health_check: + service: + extensions: [health_check] + pipelines: + traces: + exporters: + - otlp + receivers: + - otlp +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: opentelemetry-collector + labels: + app.kubernetes.io/name: otelcol + app.kubernetes.io/instance: opentelemetry + component: standalone-collector +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/name: otelcol + app.kubernetes.io/instance: opentelemetry + component: standalone-collector + template: + metadata: + labels: + app.kubernetes.io/name: otelcol + app.kubernetes.io/instance: opentelemetry + component: standalone-collector + spec: + containers: + - name: opentelemetry-collector + command: + - /otelcol-contrib + - --config=/conf/config.yaml + image: "otel/opentelemetry-collector-contrib:0.82.0" + ports: + - name: otlp + containerPort: 4317 + protocol: TCP + - name: otlp-http + containerPort: 4318 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: 13133 + readinessProbe: + httpGet: + path: / + port: 13133 + resources: + limits: + memory: 200Mi + volumeMounts: + - mountPath: /conf + name: opentelemetry-collector-configmap + - mountPath: /var/run/tls/receiver/ca + name: custom-ca + readOnly: true + - mountPath: /var/run/tls/receiver/cert + name: opentelemetry-collector-cert + readOnly: true + volumes: + - configMap: + defaultMode: 420 + name: custom-ca + name: custom-ca + - name: opentelemetry-collector-configmap + configMap: + name: opentelemetry-collector-configmap + items: + - key: config + path: config.yaml + - name: opentelemetry-collector-cert + secret: + defaultMode: 420 + secretName: opentelemetry-collector-cert +--- +apiVersion: v1 +kind: Service +metadata: + name: opentelemetry-collector +spec: + type: ClusterIP + ports: + - name: otlp + port: 4317 + targetPort: 4317 + protocol: TCP + appProtocol: grpc + selector: + app.kubernetes.io/name: otelcol + app.kubernetes.io/instance: opentelemetry + component: standalone-collector diff --git a/tests/e2e/monolithic-receivers-tls/03-assert.yaml b/tests/e2e/monolithic-receivers-tls/03-assert.yaml new file mode 100644 index 000000000..3f7323066 --- /dev/null +++ b/tests/e2e/monolithic-receivers-tls/03-assert.yaml @@ -0,0 +1,8 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: generate-traces +status: + conditions: + - status: "True" + type: Complete diff --git a/tests/e2e/monolithic-receivers-tls/03-generate-traces.yaml b/tests/e2e/monolithic-receivers-tls/03-generate-traces.yaml new file mode 100644 index 000000000..aa48aaeb0 --- /dev/null +++ b/tests/e2e/monolithic-receivers-tls/03-generate-traces.yaml @@ -0,0 +1,17 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: generate-traces +spec: + template: + spec: + containers: + - name: telemetrygen + image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 + args: + - traces + - --otlp-endpoint=opentelemetry-collector:4317 + - --otlp-insecure + - --traces=10 + restartPolicy: Never + backoffLimit: 4 diff --git a/tests/e2e/monolithic-receivers-tls/04-assert.yaml b/tests/e2e/monolithic-receivers-tls/04-assert.yaml new file mode 100644 index 000000000..d9aef19d9 --- /dev/null +++ b/tests/e2e/monolithic-receivers-tls/04-assert.yaml @@ -0,0 +1,8 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: verify-traces +status: + conditions: + - status: "True" + type: Complete diff --git a/tests/e2e/monolithic-receivers-tls/04-verify-traces.yaml b/tests/e2e/monolithic-receivers-tls/04-verify-traces.yaml new file mode 100644 index 000000000..d175d20c8 --- /dev/null +++ b/tests/e2e/monolithic-receivers-tls/04-verify-traces.yaml @@ -0,0 +1,35 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: verify-traces +spec: + template: + spec: + containers: + - name: verify-traces + image: ghcr.io/grafana/tempo-operator/test-utils:main + command: + - /bin/bash + - -eux + - -c + args: + - | + # The query frontend must be accessible via HTTP (no mTLS) to enable connections from Grafana + curl \ + -v -G \ + http://tempo-simplest-query-frontend:3200/api/search \ + --data-urlencode "q={}" \ + | tee /tmp/tempo.out + num_traces=$(jq ".traces | length" /tmp/tempo.out) + if [[ "$num_traces" -ne 10 ]]; then + echo && echo "The Tempo API returned $num_traces instead of 10 traces." + exit 1 + fi + + curl -v -G http://tempo-simplest-query-frontend:16686/api/traces --data-urlencode "service=telemetrygen" | tee /tmp/jaeger.out + num_traces=$(jq ".data | length" /tmp/jaeger.out) + if [[ "$num_traces" -ne 10 ]]; then + echo && echo "The Jaeger API returned $num_traces instead of 10 traces." + exit 1 + fi + restartPolicy: Never diff --git a/tests/e2e/monolithic-receivers-tls/chainsaw-test.yaml b/tests/e2e/monolithic-receivers-tls/chainsaw-test.yaml new file mode 100755 index 000000000..6a74e1605 --- /dev/null +++ b/tests/e2e/monolithic-receivers-tls/chainsaw-test.yaml @@ -0,0 +1,38 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json +apiVersion: chainsaw.kyverno.io/v1alpha1 +kind: Test +metadata: + creationTimestamp: null + name: monolithic-receivers-tls +spec: + steps: + - name: step-00 + try: + - apply: + file: 00-install-storage.yaml + - assert: + file: 00-assert.yaml + - name: step-01 + try: + - apply: + file: 01-install-tempo.yaml + - assert: + file: 01-assert.yaml + - name: step-02 + try: + - apply: + file: 02-install-otel.yaml + - assert: + file: 02-assert.yaml + - name: step-03 + try: + - apply: + file: 03-generate-traces.yaml + - assert: + file: 03-assert.yaml + - name: step-04 + try: + - apply: + file: 04-verify-traces.yaml + - assert: + file: 04-assert.yaml