feat: discover default lokistack (#690)

Author: jgbernalp

bundle/manifests/observability-operator.clusterserviceversion.yaml

@@ -42,7 +42,7 @@ metadata:
     categories: Monitoring
     certified: "false"
     containerImage: observability-operator:1.0.0
-    createdAt: "2025-02-24T18:08:14Z"
+    createdAt: "2025-03-03T08:38:22Z"
     description: A Go based Kubernetes operator to setup and manage highly available
       Monitoring Stack using Prometheus, Alertmanager and Thanos Querier.
     operatorframework.io/cluster-monitoring: "true"
@@ -415,6 +415,13 @@ spec:
           - network
           verbs:
           - get
+        - apiGroups:
+          - loki.grafana.com
+          resources:
+          - lokistacks
+          verbs:
+          - get
+          - list
         - apiGroups:
           - monitoring.coreos.com
           resourceNames:

bundle/manifests/observability.openshift.io_uiplugins.yaml

@@ -123,10 +123,9 @@ spec:
                     properties:
                       name:
                         description: Name of the LokiStack resource.
-                        minLength: 1
                         type: string
-                    required:
-                    - name
+                      namespace:
+                        type: string
                     type: object
                     x-kubernetes-map-type: atomic
                   timeout:
@@ -137,8 +136,6 @@ spec:
                       or 'm' (minutes). If the unit is omitted, it defaults to seconds.
                     pattern: ^([0-9]+)([sm]{0,1})$
                     type: string
-                required:
-                - lokiStack
                 type: object
               monitoring:
                 description: Monitoring contains configuration for the monitoring
@@ -233,8 +230,6 @@ spec:
             - message: Distributed Tracing configuration is only supported with the
                 DistributedTracing type
               rule: self.type == 'DistributedTracing' || !has(self.distributedTracing)
-            - message: Logging configuration is required if type is Logging
-              rule: self.type != 'Logging' || has(self.logging)
           status:
             description: |-
               UIPluginStatus defines the observed state of UIPlugin.

deploy/crds/common/observability.openshift.io_uiplugins.yaml

@@ -123,10 +123,9 @@ spec:
                     properties:
                       name:
                         description: Name of the LokiStack resource.
-                        minLength: 1
                         type: string
-                    required:
-                    - name
+                      namespace:
+                        type: string
                     type: object
                     x-kubernetes-map-type: atomic
                   timeout:
@@ -137,8 +136,6 @@ spec:
                       or 'm' (minutes). If the unit is omitted, it defaults to seconds.
                     pattern: ^([0-9]+)([sm]{0,1})$
                     type: string
-                required:
-                - lokiStack
                 type: object
               monitoring:
                 description: Monitoring contains configuration for the monitoring
@@ -233,8 +230,6 @@ spec:
             - message: Distributed Tracing configuration is only supported with the
                 DistributedTracing type
               rule: self.type == 'DistributedTracing' || !has(self.distributedTracing)
-            - message: Logging configuration is required if type is Logging
-              rule: self.type != 'Logging' || has(self.logging)
           status:
             description: |-
               UIPluginStatus defines the observed state of UIPlugin.

deploy/operator/observability-operator-cluster-role.yaml

@@ -130,6 +130,13 @@ rules:
   - network
   verbs:
   - get
+- apiGroups:
+  - loki.grafana.com
+  resources:
+  - lokistacks
+  verbs:
+  - get
+  - list
 - apiGroups:
   - monitoring.coreos.com
   resourceNames:

docs/api.md

@@ -4262,14 +4262,6 @@ It only applies to UIPlugin Type: Logging.
         </tr>
     </thead>
     <tbody><tr>
-        <td><b><a href="#uipluginspeclogginglokistack">lokiStack</a></b></td>
-        <td>object</td>
-        <td>
-          LokiStack points to the LokiStack instance of which logs should be displayed.
-It always references a LokiStack in the "openshift-logging" namespace.<br/>
-        </td>
-        <td>true</td>
-      </tr><tr>
         <td><b>logsLimit</b></td>
         <td>integer</td>
         <td>
@@ -4279,6 +4271,14 @@ It always references a LokiStack in the "openshift-logging" namespace.<br/>
             <i>Minimum</i>: 0<br/>
         </td>
         <td>false</td>
+      </tr><tr>
+        <td><b><a href="#uipluginspeclogginglokistack">lokiStack</a></b></td>
+        <td>object</td>
+        <td>
+          LokiStack points to the LokiStack instance of which logs should be displayed.
+It always references a LokiStack in the "openshift-logging" namespace.<br/>
+        </td>
+        <td>false</td>
       </tr><tr>
         <td><b>timeout</b></td>
         <td>string</td>
@@ -4316,7 +4316,14 @@ It always references a LokiStack in the "openshift-logging" namespace.
         <td>
           Name of the LokiStack resource.<br/>
         </td>
-        <td>true</td>
+        <td>false</td>
+      </tr><tr>
+        <td><b>namespace</b></td>
+        <td>string</td>
+        <td>
+          <br/>
+        </td>
+        <td>false</td>
       </tr></tbody>
 </table>
 

pkg/apis/uiplugin/v1alpha1/types.go

@@ -102,8 +102,8 @@ type LoggingConfig struct {
 	// LokiStack points to the LokiStack instance of which logs should be displayed.
 	// It always references a LokiStack in the "openshift-logging" namespace.
 	//
-	// +kubebuilder:validation:Required
-	LokiStack LokiStackReference `json:"lokiStack"`
+	// +kubebuilder:validation:Optional
+	LokiStack *LokiStackReference `json:"lokiStack"`
 
 	// LogsLimit is the max number of entries returned for a query.
 	//
@@ -130,9 +130,11 @@ type LoggingConfig struct {
 type LokiStackReference struct {
 	// Name of the LokiStack resource.
 	//
-	// +kubebuilder:validation:Required
-	// +kubebuilder:validation:MinLength:=1
-	Name string `json:"name"`
+	// +kubebuilder:validation:Optional
+	Name string `json:"name,omitempty"`
+
+	// +kubebuilder:validation:Optional
+	Namespace string `json:"namespace,omitempty"`
 }
 
 // MonitoringConfig contains options for configuring the monitoring console plugin.
@@ -214,7 +216,6 @@ type IncidentsReference struct {
 //
 // +kubebuilder:validation:XValidation:rule="self.type == 'TroubleshootingPanel' || !has(self.troubleshootingPanel)", message="Troubleshooting Panel configuration is only supported with the TroubleshootingPanel type"
 // +kubebuilder:validation:XValidation:rule="self.type == 'DistributedTracing' || !has(self.distributedTracing)", message="Distributed Tracing configuration is only supported with the DistributedTracing type"
-// +kubebuilder:validation:XValidation:rule="self.type != 'Logging' || has(self.logging)", message="Logging configuration is required if type is Logging"
 type UIPluginSpec struct {
 	// Type defines the UI plugin.
 	// +required

pkg/apis/uiplugin/v1alpha1/zz_generated.deepcopy.go

@@ -18,6 +18,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/client-go/dynamic"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -30,12 +31,13 @@ import (
 )
 
 type resourceManager struct {
-	k8sClient      client.Client
-	scheme         *runtime.Scheme
-	logger         logr.Logger
-	controller     controller.Controller
-	pluginConf     UIPluginsConfiguration
-	clusterVersion string
+	k8sClient        client.Client
+	k8sDynamicClient dynamic.Interface
+	scheme           *runtime.Scheme
+	logger           logr.Logger
+	controller       controller.Controller
+	pluginConf       UIPluginsConfiguration
+	clusterVersion   string
 }
 
 type UIPluginsConfiguration struct {
@@ -76,6 +78,7 @@ const (
 
 // RBAC for logging view plugin
 // +kubebuilder:rbac:groups=loki.grafana.com,resources=application;infrastructure;audit,verbs=get
+// +kubebuilder:rbac:groups=loki.grafana.com,resources=lokistacks,verbs=list;get
 
 // RBAC for perses
 // +kubebuilder:rbac:groups=perses.dev,resources=perses;persesdatasources;persesdashboards,verbs=get;list;watch;create;update;delete;patch
@@ -113,12 +116,19 @@ func RegisterWithManager(mgr ctrl.Manager, opts Options) error {
 		return err
 	}
 
+	dynamicClient, err := dynamic.NewForConfig(mgr.GetConfig())
+	if err != nil {
+		logger.Error(err, "failed to create dynamic client")
+		return err
+	}
+
 	rm := &resourceManager{
-		k8sClient:      mgr.GetClient(),
-		scheme:         mgr.GetScheme(),
-		logger:         logger,
-		pluginConf:     opts.PluginsConf,
-		clusterVersion: clusterVersion.Status.Desired.Version,
+		k8sClient:        mgr.GetClient(),
+		k8sDynamicClient: dynamicClient,
+		scheme:           mgr.GetScheme(),
+		logger:           logger,
+		pluginConf:       opts.PluginsConf,
+		clusterVersion:   clusterVersion.Status.Desired.Version,
 	}
 
 	generationChanged := builder.WithPredicates(predicate.GenerationChangedPredicate{})
@@ -247,7 +257,7 @@ func (rm resourceManager) Reconcile(ctx context.Context, req ctrl.Request) (ctrl
 		return ctrl.Result{}, err
 	}
 
-	pluginInfo, err := PluginInfoBuilder(ctx, rm.k8sClient, plugin, rm.pluginConf, compatibilityInfo, rm.clusterVersion)
+	pluginInfo, err := PluginInfoBuilder(ctx, rm.k8sClient, rm.k8sDynamicClient, plugin, rm.pluginConf, compatibilityInfo, rm.clusterVersion)
 
 	if err != nil {
 		logger.Error(err, "failed to reconcile plugin")

pkg/controllers/uiplugin/controller.go

@@ -0,0 +1,91 @@
+package uiplugin
+
+import (
+	osv1 "github.com/openshift/api/console/v1"
+	osv1alpha1 "github.com/openshift/api/console/v1alpha1"
+	corev1 "k8s.io/api/core/v1"
+	rbacv1 "k8s.io/api/rbac/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+	uiv1alpha1 "github.com/rhobs/observability-operator/pkg/apis/uiplugin/v1alpha1"
+)
+
+func createDashboardsPluginInfo(plugin *uiv1alpha1.UIPlugin, namespace, name, image string) (*UIPluginInfo, error) {
+	pluginName := "observability-ui-" + name
+	readerRoleName := plugin.Name + "-datasource-reader"
+	datasourcesNamespace := "openshift-config-managed"
+
+	return &UIPluginInfo{
+		Image:             image,
+		Name:              pluginName,
+		ConsoleName:       pluginTypeToConsoleName[plugin.Spec.Type],
+		DisplayName:       "Console Enhanced Dashboards",
+		ResourceNamespace: namespace,
+		LegacyProxies: []osv1alpha1.ConsolePluginProxy{
+			{
+				Type:      osv1alpha1.ProxyTypeService,
+				Alias:     "backend",
+				Authorize: true,
+				Service: osv1alpha1.ConsolePluginProxyServiceConfig{
+					Name:      pluginName,
+					Namespace: namespace,
+					Port:      port,
+				},
+			},
+		},
+		Proxies: []osv1.ConsolePluginProxy{
+			{
+				Alias:         "backend",
+				Authorization: "UserToken",
+				Endpoint: osv1.ConsolePluginProxyEndpoint{
+					Type: osv1.ProxyTypeService,
+					Service: &osv1.ConsolePluginProxyServiceConfig{
+						Name:      pluginName,
+						Namespace: namespace,
+						Port:      port,
+					},
+				},
+			},
+		},
+		Role: &rbacv1.Role{
+			TypeMeta: metav1.TypeMeta{
+				APIVersion: rbacv1.SchemeGroupVersion.String(),
+				Kind:       "Role",
+			},
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      readerRoleName,
+				Namespace: datasourcesNamespace,
+			},
+			Rules: []rbacv1.PolicyRule{
+				{
+					APIGroups: []string{""},
+					Resources: []string{"configmaps"},
+					Verbs:     []string{"get", "list", "watch"},
+				},
+			},
+		},
+		RoleBinding: &rbacv1.RoleBinding{
+			TypeMeta: metav1.TypeMeta{
+				APIVersion: rbacv1.SchemeGroupVersion.String(),
+				Kind:       "RoleBinding",
+			},
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      pluginName + "-rolebinding",
+				Namespace: datasourcesNamespace,
+			},
+			Subjects: []rbacv1.Subject{
+				{
+					APIGroup:  corev1.SchemeGroupVersion.Group,
+					Kind:      "ServiceAccount",
+					Name:      pluginName + serviceAccountSuffix,
+					Namespace: namespace,
+				},
+			},
+			RoleRef: rbacv1.RoleRef{
+				APIGroup: rbacv1.SchemeGroupVersion.Group,
+				Kind:     "Role",
+				Name:     readerRoleName,
+			},
+		},
+	}, nil
+}