feat: extra OPTEL collector configuration.

charts/kubewarden-controller/templates/deployment.yaml

@@ -18,7 +18,7 @@ spec:
         {{- range keys .Values.podAnnotations }}
         {{ . | quote }}: {{ get $.Values.podAnnotations . | quote}}
         {{- end }}
-        {{- if or .Values.telemetry.metrics.enabled .Values.telemetry.tracing.enabled}}
+        {{- if or .Values.telemetry.metrics.enabled .Values.telemetry.tracing.enabled }}
         "sidecar.opentelemetry.io/inject": "true"
         {{- end }}
         {{- include "kubewarden-controller.annotations" . | nindent 8 }}
@@ -56,10 +56,9 @@ spec:
         - --zap-log-level={{ .Values.logLevel }}
         command:
         - /manager
-        {{- if .Values.telemetry.metrics.enabled }}
+        {{- if .Values.env }}
         env:
-          - name: KUBEWARDEN_POLICY_SERVER_SERVICES_METRICS_PORT
-            value: "{{ .Values.telemetry.metrics.port | default 8080 }}"
+        {{- toYaml .Values.env | nindent 10 }}
         {{- end }}
         image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}'
         imagePullPolicy: {{ .Values.image.pullPolicy }}

charts/kubewarden-controller/templates/opentelemetry-collector.yaml

@@ -1,4 +1,4 @@
-{{ if or .Values.telemetry.metrics.enabled .Values.telemetry.tracing.enabled }}
+{{ if or .Values.telemetry.metrics.enabled .Values.telemetry.tracing.enabled  }}
 apiVersion: opentelemetry.io/v1beta1
 kind: OpenTelemetryCollector
 metadata:
@@ -9,41 +9,5 @@ metadata:
   annotations:
     {{- include "kubewarden-controller.annotations" . | nindent 4 }}
 spec:
-  mode: sidecar
-  config: 
-    receivers:
-      otlp:
-        protocols:
-          grpc: {}
-    processors:
-      batch: {}
-    exporters:
-      {{- if and .Values.telemetry.tracing.enabled .Values.telemetry.tracing.jaeger.endpoint }}
-      otlp/jaeger:
-        endpoint: {{ .Values.telemetry.tracing.jaeger.endpoint }}
-        {{- if hasKey .Values.telemetry.tracing.jaeger "tls" }}
-        {{- if .Values.telemetry.tracing.jaeger.tls.insecure }}
-        tls:
-          insecure: {{ .Values.telemetry.tracing.jaeger.tls.insecure }}
-        {{- end }}
-        {{- end }}
-      {{- end }}
-      {{- if and .Values.telemetry.metrics.enabled .Values.telemetry.metrics.port }}
-      prometheus:
-        endpoint: ":{{ .Values.telemetry.metrics.port }}"
-      {{- end }}
-    service:
-      pipelines:
-        {{- if and .Values.telemetry.metrics.enabled .Values.telemetry.metrics.port }}
-        metrics:
-          receivers: [otlp]
-          processors: []
-          exporters: [prometheus]
-        {{- end }}
-        {{- if and .Values.telemetry.tracing.enabled .Values.telemetry.tracing.jaeger.endpoint }}
-        traces:
-          receivers: [otlp]
-          processors: [batch]
-          exporters: [otlp/jaeger]
-        {{- end }}
+  {{- toYaml .Values.telemetry.otelSpec | nindent 2 }}
 {{ end }}

charts/kubewarden-controller/tests/deployment_test.yaml

@@ -0,0 +1,28 @@
+suite: Kubewarden controller deployment test
+templates:
+  - deployment.yaml
+release:
+  namespace: "kubewarden"
+tests:
+  - it: "should not add the environment variable in the controller deployment when it is not set"
+    asserts:
+      - notExists:
+          path: spec.template.spec.containers[0].env
+  - it: "should not add the environment variable in the controller deployment when it is empty"
+    set:
+      env: []
+    asserts:
+      - notExists:
+          path: spec.template.spec.containers[0].env
+  - it: "should adds the environment variable in the controller deployment"
+    set:
+      env:
+        - name: KUBEWARDEN_POLICY_SERVER_SERVICES_METRICS_PORT
+          value: "8080"
+    asserts:
+      - isSubset:
+          path: spec.template.spec.containers[0]
+          content:
+            env:
+              - name: KUBEWARDEN_POLICY_SERVER_SERVICES_METRICS_PORT
+                value: "8080"

charts/kubewarden-controller/tests/telemetry_test.yaml

@@ -0,0 +1,241 @@
+suite: Telemetry tests
+templates:
+  - opentelemetry-collector.yaml
+  - deployment.yaml
+release:
+  name: "kubewarden-controller"
+  namespace: "kubewarden"
+tests:
+  - it: "should adds cli flags in the controller deployment when tracing or metrics are enabled"
+    template: deployment.yaml
+    set:
+      telemetry:
+        tracing:
+          enabled: true
+        metrics:
+          enabled: true
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].args[3]
+          value: --enable-metrics
+      - equal:
+          path: spec.template.spec.containers[0].args[4]
+          value: --enable-tracing
+  - it: "should not creates the OpenTelemetryCollector when telemetry is disabled"
+    template: opentelemetry-collector.yaml
+    set:
+      telemetry:
+        tracing:
+          enabled: false
+        metrics:
+          enabled: false
+    asserts:
+      - containsDocument:
+          kind: OpenTelemetryCollector
+          apiVersion: opentelemetry.io/v1beta1
+          name: kubewarden
+          namespace: kubewarden
+        not: true
+  - it: "should creates the OpenTelemetryCollector when metrics is enabled"
+    template: opentelemetry-collector.yaml
+    set:
+      telemetry:
+        tracing:
+          enabled: false
+        metrics:
+          enabled: true
+    asserts:
+      - containsDocument:
+          kind: OpenTelemetryCollector
+          apiVersion: opentelemetry.io/v1beta1
+          name: kubewarden
+          namespace: kubewarden
+  - it: "should creates the OpenTelemetryCollector when tracing is enabled"
+    template: opentelemetry-collector.yaml
+    set:
+      telemetry:
+        tracing:
+          enabled: true
+        metrics:
+          enabled: false
+    asserts:
+      - containsDocument:
+          kind: OpenTelemetryCollector
+          apiVersion: opentelemetry.io/v1beta1
+          name: kubewarden
+          namespace: kubewarden
+  - it: "should use the default OpenTelemetryCollector configuration when telemetry is enabled"
+    template: opentelemetry-collector.yaml
+    set:
+      telemetry:
+        metrics:
+          enabled: true
+    asserts:
+      - containsDocument:
+          kind: OpenTelemetryCollector
+          apiVersion: opentelemetry.io/v1beta1
+          name: kubewarden
+          namespace: kubewarden
+      - equal:
+          path: spec
+          value:
+            config:
+              connectors: {}
+              exporters:
+                otlp/jaeger:
+                  endpoint: my-open-telemetry-collector.jaeger.svc.cluster.local:4317
+                  tls:
+                    insecure: true
+                prometheus:
+                  endpoint: :8080
+              extensions: {}
+              processors:
+                batch: {}
+              receivers:
+                otlp:
+                  protocols:
+                    grpc: {}
+              service:
+                extensions: {}
+                pipelines:
+                  metrics:
+                    exporters:
+                    - prometheus
+                    processors: []
+                    receivers:
+                    - otlp
+                  traces:
+                    exporters:
+                    - otlp/jaeger
+                    processors:
+                    - batch
+                    receivers:
+                    - otlp
+            envFrom: {}
+            mode: sidecar
+  - it: "should use the user defined OpenTelemetryCollector spec configuration"
+    template: opentelemetry-collector.yaml
+    set:
+      telemetry:
+        tracing:
+          enabled: true
+        otelSpec:
+          mode: sidecar
+          envFrom:
+            - secretRef:
+                name: open-telemetry-collector
+          config: 
+            processors:
+              resource:
+                attributes:
+                - key: k8s.cluster.name
+                  action: upsert
+                  value: k3d-kubewarden
+                - key: service.instance.id
+                  from_attribute: k8s.pod.uid
+                  action: insert
+            extensions:
+              bearertokenauth:
+                scheme: SUSEObservability
+                token: "${env:API_KEY}"
+            exporters:
+              debug:
+                verbosity: normal
+              otlphttp/stackstate:
+                auth:
+                  authenticator: bearertokenauth
+                endpoint: https://otlp-stackstate.oldfield.arch.nue2.suse.org:443
+                tls:
+                  insecure_skip_verify: true
+            service:
+              extensions:
+                - bearertokenauth
+              pipelines:
+                traces/stackstate:
+                  receivers: [otlp]
+                  processors: [resource]
+                  exporters: [otlphttp/stackstate]
+                metrics/stackstate:
+                  receivers: [otlp]
+                  processors: [resource]
+                  exporters: [debug, otlphttp/stackstate]
+    asserts:
+      - containsDocument:
+          kind: OpenTelemetryCollector
+          apiVersion: opentelemetry.io/v1beta1
+          name: kubewarden
+          namespace: kubewarden
+      - equal:
+          path: spec
+          value:
+            config:
+              connectors: {}
+              exporters:
+                debug:
+                  verbosity: normal
+                otlp/jaeger:
+                  endpoint: my-open-telemetry-collector.jaeger.svc.cluster.local:4317
+                  tls:
+                    insecure: true
+                otlphttp/stackstate:
+                  auth:
+                    authenticator: bearertokenauth
+                  endpoint: https://otlp-stackstate.oldfield.arch.nue2.suse.org:443
+                  tls:
+                    insecure_skip_verify: true
+                prometheus:
+                  endpoint: :8080
+              extensions:
+                bearertokenauth:
+                  scheme: SUSEObservability
+                  token: ${env:API_KEY}
+              processors:
+                batch: {}
+                resource:
+                  attributes:
+                  - action: upsert
+                    key: k8s.cluster.name
+                    value: k3d-kubewarden
+                  - action: insert
+                    from_attribute: k8s.pod.uid
+                    key: service.instance.id
+              receivers:
+                otlp:
+                  protocols:
+                    grpc: {}
+              service:
+                extensions:
+                - bearertokenauth
+                pipelines:
+                  metrics:
+                    exporters:
+                    - prometheus
+                    processors: []
+                    receivers:
+                    - otlp
+                  metrics/stackstate:
+                    exporters:
+                    - debug
+                    - otlphttp/stackstate
+                    processors:
+                    - resource
+                    receivers:
+                    - otlp
+                  traces:
+                    exporters:
+                    - otlp/jaeger
+                    processors:
+                    - batch
+                    receivers:
+                    - otlp
+                  traces/stackstate:
+                    exporters:
+                    - otlphttp/stackstate
+                    processors:
+                    - resource
+                    receivers:
+                    - otlp
+            envFrom:
+            - secretRef:
+                name: open-telemetry-collector
+            mode: sidecar