chore: Unify TLS settings for logpipeline beta1 (#1495)

Co-authored-by: Stanislav Khalash <stanislav.khalash@sap.com> Co-authored-by: Hisar Balik <hisar.balik@sap.com>
kyma-project · Oct 11, 2024 · cf42a50 · cf42a50
1 parent edaab6a
commit cf42a50
Show file tree

Hide file tree

Showing 11 changed files with 80 additions and 80 deletions.
diff --git a/apis/telemetry/v1alpha1/logpipeline_conversion.go b/apis/telemetry/v1alpha1/logpipeline_conversion.go
@@ -75,14 +75,14 @@ func (lp *LogPipeline) ConvertTo(dstRaw conversion.Hub) error {
 	return nil
 }
 
-func v1Alpha1OtlpTLSToV1Beta1(tls *OtlpTLS) *telemetryv1beta1.OTLPTLS {
+func v1Alpha1OtlpTLSToV1Beta1(tls *OtlpTLS) *telemetryv1beta1.OutputTLS {
 	if tls == nil {
 		return nil
 	}
 
-	betaTLS := &telemetryv1beta1.OTLPTLS{
-		Insecure:           tls.Insecure,
-		InsecureSkipVerify: tls.InsecureSkipVerify,
+	betaTLS := &telemetryv1beta1.OutputTLS{
+		Disabled:                  tls.Insecure,
+		SkipCertificateValidation: tls.InsecureSkipVerify,
 	}
 
 	if tls.CA != nil {
@@ -150,8 +150,8 @@ func v1Alpha1ValueTypeToV1Beta1(src ValueType) telemetryv1beta1.ValueType {
 	}
 }
 
-func v1Alpha1TLSToV1Beta1(src TLSConfig) telemetryv1beta1.LogPipelineHTTPOutputTLS {
-	var dst telemetryv1beta1.LogPipelineHTTPOutputTLS
+func v1Alpha1TLSToV1Beta1(src TLSConfig) telemetryv1beta1.OutputTLS {
+	var dst telemetryv1beta1.OutputTLS
 
 	if src.CA != nil {
 		ca := v1Alpha1ValueTypeToV1Beta1(*src.CA)
@@ -236,14 +236,14 @@ func (lp *LogPipeline) ConvertFrom(srcRaw conversion.Hub) error {
 	return nil
 }
 
-func v1Beta1OtlpTLSToV1Alpha1(tls *telemetryv1beta1.OTLPTLS) *OtlpTLS {
+func v1Beta1OtlpTLSToV1Alpha1(tls *telemetryv1beta1.OutputTLS) *OtlpTLS {
 	if tls == nil {
 		return nil
 	}
 
 	alphaTLS := &OtlpTLS{
-		Insecure:           tls.Insecure,
-		InsecureSkipVerify: tls.InsecureSkipVerify,
+		Insecure:           tls.Disabled,
+		InsecureSkipVerify: tls.SkipCertificateValidation,
 	}
 
 	if tls.CA != nil {
@@ -296,7 +296,7 @@ func v1Beta1BasicAuthOptionsToV1Alpha1(basic *telemetryv1beta1.BasicAuthOptions)
 	}
 }
 
-func v1Beta1TLSToV1Alpha1(src telemetryv1beta1.LogPipelineHTTPOutputTLS) TLSConfig {
+func v1Beta1TLSToV1Alpha1(src telemetryv1beta1.OutputTLS) TLSConfig {
 	var dst TLSConfig
 	if src.CA != nil {
 		ca := v1Beta1ValueTypeToV1Alpha1(*src.CA)

diff --git a/apis/telemetry/v1alpha1/logpipeline_conversion_test.go b/apis/telemetry/v1alpha1/logpipeline_conversion_test.go
@@ -201,7 +201,7 @@ func TestConvertFrom(t *testing.T) {
 					Port:     "8080",
 					Compress: "on",
 					Format:   "json",
-					TLSConfig: telemetryv1beta1.LogPipelineHTTPOutputTLS{
+					TLSConfig: telemetryv1beta1.OutputTLS{
 						SkipCertificateValidation: true,
 						CA: &telemetryv1beta1.ValueType{
 							Value: "ca",
@@ -243,12 +243,12 @@ func TestConvertFrom(t *testing.T) {
 							Prefix: "prefix2",
 						},
 					},
-					TLS: &telemetryv1beta1.OTLPTLS{
-						Insecure:           true,
-						InsecureSkipVerify: true,
-						CA:                 &telemetryv1beta1.ValueType{Value: "ca"},
-						Cert:               &telemetryv1beta1.ValueType{Value: "cert"},
-						Key:                &telemetryv1beta1.ValueType{Value: "key"},
+					TLS: &telemetryv1beta1.OutputTLS{
+						Disabled:                  true,
+						SkipCertificateValidation: true,
+						CA:                        &telemetryv1beta1.ValueType{Value: "ca"},
+						Cert:                      &telemetryv1beta1.ValueType{Value: "cert"},
+						Key:                       &telemetryv1beta1.ValueType{Value: "key"},
 					},
 				},
 			},
@@ -333,8 +333,8 @@ func requireLogPipelinesEquivalent(t *testing.T, x *LogPipeline, y *telemetryv1b
 	require.Equal(t, xOTLP.Headers[1].Name, yOTLP.Headers[1].Name, "OTLP header name mismatch")
 	require.Equal(t, xOTLP.Headers[1].ValueType.Value, yOTLP.Headers[1].ValueType.Value, "OTLP header value mismatch")
 	require.Equal(t, xOTLP.Headers[1].Prefix, yOTLP.Headers[1].Prefix, "OTLP header prefix mismatch")
-	require.Equal(t, xOTLP.TLS.Insecure, yOTLP.TLS.Insecure, "OTLP TLS insecure mismatch")
-	require.Equal(t, xOTLP.TLS.InsecureSkipVerify, yOTLP.TLS.InsecureSkipVerify, "OTLP TLS insecure skip verify mismatch")
+	require.Equal(t, xOTLP.TLS.Insecure, yOTLP.TLS.Disabled, "OTLP TLS insecure mismatch")
+	require.Equal(t, xOTLP.TLS.InsecureSkipVerify, yOTLP.TLS.SkipCertificateValidation, "OTLP TLS insecure skip verify mismatch")
 	require.Equal(t, xOTLP.TLS.CA.Value, yOTLP.TLS.CA.Value, "OTLP TLS CA mismatch")
 	require.Equal(t, xOTLP.TLS.Cert.Value, yOTLP.TLS.Cert.Value, "OTLP TLS cert mismatch")
 	require.Equal(t, xOTLP.TLS.Key.Value, yOTLP.TLS.Key.Value, "OTLP TLS key mismatch")

diff --git a/apis/telemetry/v1beta1/logpipeline_types.go b/apis/telemetry/v1beta1/logpipeline_types.go
@@ -137,13 +137,13 @@ type LogPipelineHTTPOutput struct {
 	// Data format to be used in the HTTP request body. Default is `json`.
 	Format string `json:"format,omitempty"`
 	// Configures TLS for the HTTP target server.
-	TLSConfig LogPipelineHTTPOutputTLS `json:"tls,omitempty"`
+	TLSConfig OutputTLS `json:"tls,omitempty"`
 	// Enables de-dotting of Kubernetes labels and annotations for compatibility with ElasticSearch based backends. Dots (.) will be replaced by underscores (_). Default is `false`.
 	Dedot bool `json:"dedot,omitempty"`
 }
 
 // +kubebuilder:validation:XValidation:rule="has(self.cert) == has(self.key)", message="Can define either both 'cert' and 'key', or neither"
-type LogPipelineHTTPOutputTLS struct {
+type OutputTLS struct {
 	// Indicates if TLS is disabled or enabled. Default is `false`.
 	Disabled bool `json:"disabled,omitempty"`
 	// If `true`, the validation of certificates is skipped. Default is `false`.

diff --git a/apis/telemetry/v1beta1/secret_refs.go b/apis/telemetry/v1beta1/secret_refs.go
@@ -71,7 +71,7 @@ func getRefsInOTLPOutput(OTLPOut *OTLPOutput) []SecretKeyRef {
 		refs = appendIfSecretRef(refs, header.ValueType)
 	}
 
-	if OTLPOut.TLS != nil && !OTLPOut.TLS.Insecure {
+	if OTLPOut.TLS != nil && !OTLPOut.TLS.Disabled {
 		if OTLPOut.TLS.CA != nil {
 			refs = appendIfSecretRef(refs, *OTLPOut.TLS.CA)
 		}

diff --git a/apis/telemetry/v1beta1/shared_types.go b/apis/telemetry/v1beta1/shared_types.go
@@ -59,10 +59,10 @@ type Header struct {
 
 // +kubebuilder:validation:XValidation:rule="has(self.cert) == has(self.key)", message="Can define either both 'cert' and 'key', or neither"
 type OTLPTLS struct {
-	// Defines whether to send requests using plaintext instead of TLS.
-	Insecure bool `json:"insecure,omitempty"`
+	// Defines whether to send requests using plaintext instead of TLS. Default is false.
+	Disabled bool `json:"disabled,omitempty"`
 	// Defines whether to skip server certificate verification when using TLS.
-	InsecureSkipVerify bool `json:"insecureSkipVerify,omitempty"`
+	SkipCertificateValidation bool `json:"SkipCertificateValidation,omitempty"`
 	// Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.
 	CA *ValueType `json:"ca,omitempty"`
 	// Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.
@@ -95,7 +95,7 @@ type OTLPOutput struct {
 	// Defines custom headers to be added to outgoing HTTP or GRPC requests.
 	Headers []Header `json:"headers,omitempty"`
 	// Defines TLS options for the OTLP output.
-	TLS *OTLPTLS `json:"tls,omitempty"`
+	TLS *OutputTLS `json:"tls,omitempty"`
 }
 
 type AuthenticationOptions struct {

diff --git a/apis/telemetry/v1beta1/zz_generated.deepcopy.go b/apis/telemetry/v1beta1/zz_generated.deepcopy.go
diff --git a/config/development/crd/bases/telemetry.kyma-project.io_logpipelines.yaml b/config/development/crd/bases/telemetry.kyma-project.io_logpipelines.yaml
@@ -1378,13 +1378,9 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                          insecure:
-                            description: Defines whether to send requests using plaintext
-                              instead of TLS.
-                            type: boolean
-                          insecureSkipVerify:
-                            description: Defines whether to skip server certificate
-                              verification when using TLS.
+                          disabled:
+                            description: Indicates if TLS is disabled or enabled.
+                              Default is `false`.
                             type: boolean
                           key:
                             description: Defines the client key to use when using
@@ -1417,6 +1413,10 @@ spec:
                                     type: object
                                 type: object
                             type: object
+                          skipCertificateValidation:
+                            description: If `true`, the validation of certificates
+                              is skipped. Default is `false`.
+                            type: boolean
                         type: object
                         x-kubernetes-validations:
                         - message: Can define either both 'cert' and 'key', or neither

diff --git a/config/development/crd/bases/telemetry.kyma-project.io_metricpipelines.yaml b/config/development/crd/bases/telemetry.kyma-project.io_metricpipelines.yaml
@@ -1099,13 +1099,9 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                          insecure:
-                            description: Defines whether to send requests using plaintext
-                              instead of TLS.
-                            type: boolean
-                          insecureSkipVerify:
-                            description: Defines whether to skip server certificate
-                              verification when using TLS.
+                          disabled:
+                            description: Indicates if TLS is disabled or enabled.
+                              Default is `false`.
                             type: boolean
                           key:
                             description: Defines the client key to use when using
@@ -1138,6 +1134,10 @@ spec:
                                     type: object
                                 type: object
                             type: object
+                          skipCertificateValidation:
+                            description: If `true`, the validation of certificates
+                              is skipped. Default is `false`.
+                            type: boolean
                         type: object
                         x-kubernetes-validations:
                         - message: Can define either both 'cert' and 'key', or neither

diff --git a/config/development/crd/bases/telemetry.kyma-project.io_tracepipelines.yaml b/config/development/crd/bases/telemetry.kyma-project.io_tracepipelines.yaml
@@ -695,13 +695,9 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                          insecure:
-                            description: Defines whether to send requests using plaintext
-                              instead of TLS.
-                            type: boolean
-                          insecureSkipVerify:
-                            description: Defines whether to skip server certificate
-                              verification when using TLS.
+                          disabled:
+                            description: Indicates if TLS is disabled or enabled.
+                              Default is `false`.
                             type: boolean
                           key:
                             description: Defines the client key to use when using
@@ -734,6 +730,10 @@ spec:
                                     type: object
                                 type: object
                             type: object
+                          skipCertificateValidation:
+                            description: If `true`, the validation of certificates
+                              is skipped. Default is `false`.
+                            type: boolean
                         type: object
                         x-kubernetes-validations:
                         - message: Can define either both 'cert' and 'key', or neither

diff --git a/test/e2e/logs_basic_v1beta1_test.go b/test/e2e/logs_basic_v1beta1_test.go
@@ -50,7 +50,7 @@ var _ = Describe(suite.ID(), Label(suite.LabelLogs, suite.LabelExperimental), Or
 						},
 						Port: strconv.Itoa(int(backend.Port())),
 						URI:  "/",
-						TLSConfig: telemetryv1beta1.LogPipelineHTTPOutputTLS{
+						TLSConfig: telemetryv1beta1.OutputTLS{
 							Disabled:                  true,
 							SkipCertificateValidation: true,
 						},

diff --git a/test/e2e/logs_version_conversion_test.go b/test/e2e/logs_version_conversion_test.go
@@ -55,7 +55,7 @@ var _ = Describe(suite.ID(), Label(suite.LabelLogs, suite.LabelExperimental), Or
 						},
 						Port: "443",
 						URI:  "/",
-						TLSConfig: telemetryv1beta1.LogPipelineHTTPOutputTLS{
+						TLSConfig: telemetryv1beta1.OutputTLS{
 							Disabled: true,
 						},
 					},