NETOBSERV-1383 do not turn off conversion-gen (#480)

conversion-gen was turned off on some fields because it didn't work well with some alpha1 missing fields. But the problem is that it's also turned off for beta1<->beta2 conversions, which we don't want. This is turning them back on, however, adding the missing fields in alpha1 (which is deprecated) so that it converts without trouble
netobserv · Nov 2, 2023 · fc1c80c · fc1c80c
1 parent 066cd98
commit fc1c80c
Show file tree

Hide file tree

Showing 11 changed files with 1,087 additions and 64 deletions.
diff --git a/api/v1alpha1/flowcollector_types.go b/api/v1alpha1/flowcollector_types.go
@@ -76,7 +76,6 @@ type FlowCollectorSpec struct {
 
 	// exporters defines additional optional exporters for custom consumption or storage. This is an experimental feature. Currently, only KAFKA exporter is available.
 	// +optional
-	// +k8s:conversion-gen=false
 	Exporters []*FlowCollectorExporter `json:"exporters"`
 }
 
@@ -232,6 +231,25 @@ type FlowCollectorKafka struct {
 	// Note that, when eBPF agents are used, Kafka certificate needs to be copied in the agent namespace (by default it's netobserv-privileged).
 	// +optional
 	TLS ClientTLS `json:"tls"`
+
+	// SASL authentication configuration. [Unsupported (*)].
+	// +optional
+	SASL SASLConfig `json:"sasl"`
+}
+
+type FlowCollectorIPFIXReceiver struct {
+	//+kubebuilder:default:=""
+	// Address of the IPFIX external receiver
+	TargetHost string `json:"targetHost"`
+
+	// Port for the IPFIX external receiver
+	TargetPort int `json:"targetPort"`
+
+	// Transport protocol (`TCP` or `UDP`) to be used for the IPFIX connection, defaults to `TCP`.
+	// +unionDiscriminator
+	// +kubebuilder:validation:Enum:="TCP";"UDP"
+	// +optional
+	Transport string `json:"transport,omitempty"`
 }
 
 const (
@@ -580,6 +598,24 @@ const (
 	CertRefTypeConfigMap MountableType = "configmap"
 )
 
+type FileReference struct {
+	//+kubebuilder:validation:Enum=configmap;secret
+	// Type for the file reference: "configmap" or "secret"
+	Type MountableType `json:"type,omitempty"`
+
+	// Name of the config map or secret containing the file
+	Name string `json:"name,omitempty"`
+
+	// Namespace of the config map or secret containing the file. If omitted, the default is to use the same namespace as where NetObserv is deployed.
+	// If the namespace is different, the config map or the secret is copied so that it can be mounted as required.
+	// +optional
+	//+kubebuilder:default:=""
+	Namespace string `json:"namespace,omitempty"`
+
+	// File name within the config map or secret
+	File string `json:"file,omitempty"`
+}
+
 type CertificateReference struct {
 	//+kubebuilder:validation:Enum=configmap;secret
 	// type for the certificate reference: "configmap" or "secret"
@@ -621,6 +657,28 @@ type ClientTLS struct {
 	UserCert CertificateReference `json:"userCert,omitempty"`
 }
 
+type SASLType string
+
+const (
+	SASLDisabled    SASLType = "DISABLED"
+	SASLPlain       SASLType = "PLAIN"
+	SASLScramSHA512 SASLType = "SCRAM-SHA512"
+)
+
+// `SASLConfig` defines SASL configuration
+type SASLConfig struct {
+	//+kubebuilder:validation:Enum=DISABLED;PLAIN;SCRAM-SHA512
+	//+kubebuilder:default:=DISABLED
+	// Type of SASL authentication to use, or `DISABLED` if SASL is not used
+	Type SASLType `json:"type,omitempty"`
+
+	// Reference to the secret or config map containing the client ID
+	ClientIDReference FileReference `json:"clientIDReference,omitempty"`
+
+	// Reference to the secret or config map containing the client secret
+	ClientSecretReference FileReference `json:"clientSecretReference,omitempty"`
+}
+
 // DebugConfig allows tweaking some aspects of the internal configuration of the agent and FLP.
 // They are aimed exclusively for debugging. Users setting these values do it at their own risk.
 type DebugConfig struct {
@@ -641,15 +699,19 @@ const (
 
 // FlowCollectorExporter defines an additional exporter to send enriched flows to
 type FlowCollectorExporter struct {
-	// type selects the type of exporters. Only "KAFKA" is available at the moment.
+	// `type` selects the type of exporters. The available options are `KAFKA` and `IPFIX`.
 	// +unionDiscriminator
-	// +kubebuilder:validation:Enum:="KAFKA"
+	// +kubebuilder:validation:Enum:="KAFKA";"IPFIX"
 	// +kubebuilder:validation:Required
 	Type ExporterType `json:"type"`
 
 	// kafka configuration, such as address or topic, to send enriched flows to.
 	// +optional
 	Kafka FlowCollectorKafka `json:"kafka,omitempty"`
+
+	// IPFIX configuration, such as the IP address and port to send enriched IPFIX flows to.
+	// +optional
+	IPFIX FlowCollectorIPFIXReceiver `json:"ipfix,omitempty"`
 }
 
 // FlowCollectorStatus defines the observed state of FlowCollector

diff --git a/api/v1alpha1/flowcollector_webhook.go b/api/v1alpha1/flowcollector_webhook.go
@@ -18,7 +18,6 @@ package v1alpha1
 
 import (
 	"fmt"
-	"reflect"
 
 	"github.com/netobserv/network-observability-operator/api/v1beta2"
 	utilconversion "github.com/netobserv/network-observability-operator/pkg/conversion"
@@ -74,27 +73,9 @@ func (r *FlowCollector) ConvertTo(dstRaw conversion.Hub) error {
 	// Loki
 	dst.Spec.Loki.Enable = restored.Spec.Loki.Enable
 
-	// Exporters
-	if restored.Spec.Exporters != nil {
-		for _, restoredExp := range restored.Spec.Exporters {
-			if !isExporterIn(restoredExp, dst.Spec.Exporters) {
-				dst.Spec.Exporters = append(dst.Spec.Exporters, restoredExp)
-			}
-		}
-	}
-
 	return nil
 }
 
-func isExporterIn(restoredExporter *v1beta2.FlowCollectorExporter, dstExporters []*v1beta2.FlowCollectorExporter) bool {
-	for _, dstExp := range dstExporters {
-		if reflect.DeepEqual(restoredExporter, dstExp) {
-			return true
-		}
-	}
-	return false
-}
-
 // ConvertFrom converts the hub version v1beta2 FlowCollector object to v1alpha1
 func (r *FlowCollector) ConvertFrom(srcRaw conversion.Hub) error {
 	src := srcRaw.(*v1beta2.FlowCollector)
@@ -174,13 +155,6 @@ func Convert_v1beta2_FlowCollectorConsolePlugin_To_v1alpha1_FlowCollectorConsole
 	return autoConvert_v1beta2_FlowCollectorConsolePlugin_To_v1alpha1_FlowCollectorConsolePlugin(in, out, s)
 }
 
-// This function need to be manually created because conversion-gen not able to create it intentionally because
-// we have new defined fields in v1beta1 not in v1alpha1
-// nolint:golint,stylecheck,revive
-func Convert_v1beta2_FlowCollectorExporter_To_v1alpha1_FlowCollectorExporter(in *v1beta2.FlowCollectorExporter, out *FlowCollectorExporter, s apiconversion.Scope) error {
-	return autoConvert_v1beta2_FlowCollectorExporter_To_v1alpha1_FlowCollectorExporter(in, out, s)
-}
-
 // This function need to be manually created because conversion-gen not able to create it intentionally because
 // we have new defined fields in v1beta1 not in v1alpha1
 // nolint:golint,stylecheck,revive