Merge pull request #593 from jlarriba/prom_secret

openshift-merge-bot[bot] · web-flow · commit 9652f2e8ad0b · 2025-01-31T16:24:17.000Z
[OSPRH-13223] Expose prometheus connection information in a secret
diff --git a/controllers/metricstorage_controller.go b/controllers/metricstorage_controller.go
@@ -18,6 +18,7 @@ package controllers
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"net"
 	"reflect"
@@ -390,6 +391,12 @@ func (r *MetricStorageReconciler) reconcileNormal(
 		}
 		instance.Status.PrometheusTLSPatched = false
 	}
+
+	// Create the PrometheusEndpoint secret that contains the details for Prometheus API endpoint
+	if err := r.prometheusEndpointSecret(ctx, instance, helper, serviceLabels); err != nil {
+		return ctrl.Result{}, err
+	}
+
 	instance.Status.Conditions.MarkTrue(telemetryv1.PrometheusReadyCondition, condition.ReadyMessage)
 
 	// Patch Prometheus service to add route creation
@@ -511,6 +518,60 @@ func (r *MetricStorageReconciler) reconcileNormal(
 	return ctrl.Result{}, nil
 }
 
+// PrometheusEndpointSecret creates a Secret that contains the details for Prometheus API endpoint
+func (r *MetricStorageReconciler) prometheusEndpointSecret(
+	ctx context.Context,
+	instance *telemetryv1.MetricStorage,
+	helper *helper.Helper,
+	labels map[string]string,
+) error {
+	secret := &corev1.Secret{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      fmt.Sprintf("%s-prometheus-endpoint", instance.Name),
+			Namespace: instance.Namespace,
+			Labels:    labels,
+		},
+	}
+
+	secret.Data = map[string][]byte{
+		"host": []byte(fmt.Sprintf("%s-prometheus.%s.svc", telemetryv1.DefaultServiceName, instance.Namespace)),
+		"port": []byte(strconv.Itoa(telemetryv1.DefaultPrometheusPort)),
+	}
+
+	if _, err := controllerutil.CreateOrUpdate(context.TODO(), helper.GetClient(), secret, func() error {
+		secret.Type = corev1.SecretTypeOpaque
+
+		err := controllerutil.SetControllerReference(instance, secret, helper.GetScheme())
+		if err != nil {
+			return err
+		}
+
+		return nil
+	}); err != nil {
+		return err
+	}
+
+	if instance.Spec.PrometheusTLS.Enabled() {
+		tlsSecret := &corev1.Secret{
+			Data: map[string][]byte{
+				"ca_secret": []byte(*instance.Spec.PrometheusTLS.SecretName),
+				"ca_key":    []byte(tls.CAKey),
+			},
+		}
+
+		patch, err := json.Marshal(tlsSecret)
+		if err != nil {
+			return err
+		}
+
+		if err := r.Client.Patch(ctx, secret, client.RawPatch(types.StrategicMergePatchType, patch)); err != nil {
+			panic(err)
+		}
+	}
+
+	return nil
+}
+
 func (r *MetricStorageReconciler) createServiceScrapeConfig(
 	ctx context.Context,
 	instance *telemetryv1.MetricStorage,
