├── .chainsaw-openshift.yaml ├── .chainsaw-upgrade.yaml ├── .chainsaw.yaml ├── .chloggen ├── TEMPLATE.yaml ├── add_audience_gcs.yaml ├── azure_sts_2.yaml ├── cloudcredential_s3.yaml ├── clusterrole_suffix.yaml ├── clusterscope_label.yaml ├── ensure_permissions.yaml ├── finalizer.yaml ├── fix-cluster-admin-filtering.yaml ├── fix-config.yaml ├── fix-overrides.yaml ├── fix_fix_oauth_resources.yaml ├── gcs_short_live_token.yaml ├── gomem.yaml ├── kubernetes_1.32.yaml ├── thanos_tenancy_port.yaml ├── update_tempo.yaml └── watch_secrets_monolitic.yaml ├── .codecov.yml ├── .dockerignore ├── .github ├── dependabot.yml └── workflows │ ├── changelog.yaml │ ├── check_links_config.json │ ├── continuous-integration.yaml │ ├── e2e.yaml │ ├── olm.yaml │ ├── prepare-release.yaml │ ├── publish-images.yaml │ ├── publish-test-utils-image.yaml │ ├── release.yaml │ ├── reusable-operator-hub-release.yaml │ ├── reusable-publish-images.yaml │ └── scorecard.yaml ├── .gitignore ├── .golangci.yaml ├── ADOPTERS.md ├── CHANGELOG.md ├── CONTRIBUTING.md ├── Dockerfile ├── LICENSE ├── Makefile ├── PROJECT ├── README.md ├── RELEASE.md ├── api ├── config │ └── v1alpha1 │ │ ├── doc.go │ │ ├── groupversion_info.go │ │ ├── projectconfig_types.go │ │ ├── projectconfig_validation.go │ │ ├── projectconfig_validation_test.go │ │ └── zz_generated.deepcopy.go └── tempo │ ├── register.go │ └── v1alpha1 │ ├── auth.go │ ├── common_types.go │ ├── doc.go │ ├── finalizer.go │ ├── groupversion_info.go │ ├── ingress_types.go │ ├── tempomonolithic_defaults.go │ ├── tempomonolithic_defaults_test.go │ ├── tempomonolithic_types.go │ ├── tempostack_types.go │ └── zz_generated.deepcopy.go ├── bundle ├── community │ ├── bundle.Dockerfile │ ├── manifests │ │ ├── tempo-operator-controller-manager-metrics-service_v1_service.yaml │ │ ├── tempo-operator-manager-config_v1_configmap.yaml │ │ ├── tempo-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml │ │ ├── tempo-operator-webhook-service_v1_service.yaml │ │ ├── tempo-operator.clusterserviceversion.yaml │ │ ├── tempo.grafana.com_tempomonolithics.yaml │ │ └── tempo.grafana.com_tempostacks.yaml │ ├── metadata │ │ └── annotations.yaml │ └── tests │ │ └── scorecard │ │ └── config.yaml └── openshift │ ├── bundle.Dockerfile │ ├── manifests │ ├── tempo-operator-controller-manager-metrics-service_v1_service.yaml │ ├── tempo-operator-manager-config_v1_configmap.yaml │ ├── tempo-operator-manager-rolebinding-cluster-monitoring-view_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml │ ├── tempo-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml │ ├── tempo-operator-prometheus_rbac.authorization.k8s.io_v1_role.yaml │ ├── tempo-operator-prometheus_rbac.authorization.k8s.io_v1_rolebinding.yaml │ ├── tempo-operator-webhook-service_v1_service.yaml │ ├── tempo-operator.clusterserviceversion.yaml │ ├── tempo.grafana.com_tempomonolithics.yaml │ └── tempo.grafana.com_tempostacks.yaml │ ├── metadata │ └── annotations.yaml │ └── tests │ └── scorecard │ └── config.yaml ├── cmd ├── gather │ ├── Dockerfile │ ├── README.md │ ├── cluster │ │ ├── cluster.go │ │ └── write.go │ ├── config │ │ └── config.go │ └── main.go ├── generate │ ├── main.go │ ├── main_test.go │ └── testdata │ │ └── cr.yaml ├── main.go ├── root │ ├── options.go │ ├── root.go │ └── root_test.go ├── start │ └── main.go ├── testdata │ ├── empty.yaml │ ├── tlsprofile_invalid.yaml │ └── tlsprofile_old.yaml └── version │ └── main.go ├── config ├── certmanager │ ├── certificate.yaml │ ├── kustomization.yaml │ └── kustomizeconfig.yaml ├── crd │ ├── bases │ │ ├── tempo.grafana.com_tempomonolithics.yaml │ │ └── tempo.grafana.com_tempostacks.yaml │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── patches │ │ ├── cainjection_in_config.tempo_projectconfigs.yaml │ │ ├── cainjection_in_tempomonolithics.yaml │ │ ├── cainjection_in_tempostacks.yaml │ │ ├── webhook_in_config.tempo_projectconfigs.yaml │ │ ├── webhook_in_tempomonolithics.yaml │ │ └── webhook_in_tempostacks.yaml ├── default │ ├── kustomization.yaml │ ├── manager_config_patch.yaml │ ├── manager_webhook_patch.yaml │ ├── metrics_service.yaml │ └── webhookcainjection_patch.yaml ├── manager │ ├── kustomization.yaml │ └── manager.yaml ├── manifests │ ├── community │ │ ├── bases │ │ │ └── tempo-operator.clusterserviceversion.yaml │ │ └── kustomization.yaml │ └── openshift │ │ ├── bases │ │ └── tempo-operator.clusterserviceversion.yaml │ │ └── kustomization.yaml ├── overlays │ ├── community │ │ ├── controller_manager_config.yaml │ │ └── kustomization.yaml │ └── openshift │ │ ├── cluster_monitoring_role_binding.yaml │ │ ├── cluster_monitoring_view_role.yaml │ │ ├── controller_manager_config.yaml │ │ ├── kustomization.yaml │ │ ├── metrics_service_tls_patch.yaml │ │ ├── patch_tls_metrics_args.yaml │ │ ├── prometheus_role.yaml │ │ └── prometheus_role_binding.yaml ├── rbac │ ├── config.tempo_projectconfig_editor_role.yaml │ ├── config.tempo_projectconfig_viewer_role.yaml │ ├── kustomization.yaml │ ├── leader_election_role.yaml │ ├── leader_election_role_binding.yaml │ ├── metrics_auth_role.yaml │ ├── metrics_auth_role_binding.yaml │ ├── metrics_reader_role.yaml │ ├── metrics_service.yaml │ ├── role.yaml │ ├── role_binding.yaml │ ├── service_account.yaml │ ├── tempostack_editor_role.yaml │ └── tempostack_viewer_role.yaml ├── samples │ ├── community │ │ ├── kustomization.yaml │ │ ├── tempo_v1alpha1_tempomonolithic.yaml │ │ └── tempo_v1alpha1_tempostack.yaml │ └── openshift │ │ ├── kustomization.yaml │ │ ├── otelcol_v1alpha1_multitenancy.yaml │ │ ├── tempo_v1alpha1_multitenancy.yaml │ │ ├── tempo_v1alpha1_tempomonolithic.yaml │ │ └── tempo_v1alpha1_tempostack.yaml ├── scorecard │ ├── bases │ │ └── config.yaml │ ├── kustomization.yaml │ └── patches │ │ ├── basic.config.yaml │ │ └── olm.config.yaml └── webhook │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ ├── manifests.yaml │ └── service.yaml ├── docs ├── operator │ └── config.yaml ├── spec │ ├── tempo.grafana.com_tempomonolithics.yaml │ └── tempo.grafana.com_tempostacks.yaml └── tempomonolithic.md ├── events.txt ├── go.mod ├── go.sum ├── hack ├── boilerplate.go.txt ├── ignore-createdAt-bundle.sh ├── install │ ├── install-kind.sh │ ├── install-openshift-routes.sh │ └── install-utils.sh └── list-components.sh ├── internal ├── autodetect │ └── network.go ├── certrotation │ ├── build.go │ ├── build_test.go │ ├── cabundle.go │ ├── cabundle_test.go │ ├── expiry.go │ ├── handlers │ │ ├── certrotation_discovery.go │ │ ├── check_cert_expiry.go │ │ ├── options.go │ │ └── rotate_certs.go │ ├── options.go │ ├── rotation.go │ ├── rotation_test.go │ ├── signer.go │ ├── signer_test.go │ ├── target.go │ ├── target_test.go │ └── var.go ├── controller │ └── tempo │ │ ├── certrotation_controller.go │ │ ├── common.go │ │ ├── finalizer.go │ │ ├── internal │ │ └── management │ │ │ └── state │ │ │ ├── state.go │ │ │ └── state_test.go │ │ ├── operator_controller.go │ │ ├── operator_controller_test.go │ │ ├── suite_test.go │ │ ├── tempomonolithic_controller.go │ │ ├── tempomonolithic_controller_test.go │ │ ├── tempostack_controller.go │ │ ├── tempostack_controller_test.go │ │ ├── tempostack_create_or_update.go │ │ └── testdata │ │ └── prometheus-operator-0.66.0.yaml ├── crdmetrics │ ├── bootstrap.go │ ├── consts.go │ ├── instance_view.go │ ├── tempo_stack.go │ └── tempo_stack_test.go ├── handlers │ ├── gateway │ │ ├── basedomain.go │ │ ├── basedomain_test.go │ │ ├── oidc_secret.go │ │ ├── oidc_secret_test.go │ │ ├── suite_test.go │ │ ├── tenants_data.go │ │ ├── tenants_data_test.go │ │ └── testdata │ │ │ ├── configdns_crd.go │ │ │ └── ingresscontrolle_crd.go │ └── storage │ │ ├── azure_secret.go │ │ ├── azure_secret_test.go │ │ ├── gcs_secret.go │ │ ├── s3_secret.go │ │ ├── secret.go │ │ ├── secret_test.go │ │ ├── storage.go │ │ └── tls.go ├── logging │ ├── logging.go │ └── logging_test.go ├── manifests │ ├── alerts │ │ ├── build.go │ │ ├── build_test.go │ │ ├── options.go │ │ ├── prometheus-alerts.yaml │ │ ├── prometheus-rules.yaml │ │ ├── prometheus.go │ │ └── prometheus_test.go │ ├── cloudcredentials │ │ ├── credentialsrequests.go │ │ ├── credentialsrequests_test.go │ │ └── options.go │ ├── compactor │ │ ├── compactor.go │ │ └── compactor_test.go │ ├── config │ │ ├── build.go │ │ ├── build_test.go │ │ ├── configmap.go │ │ ├── configmap_test.go │ │ ├── extra.go │ │ ├── extra_test.go │ │ ├── options.go │ │ ├── tempo-config.yaml │ │ ├── tempo-overrides.yaml │ │ └── tempo-query.yaml │ ├── distributor │ │ ├── distributor.go │ │ └── distributor_test.go │ ├── gateway │ │ ├── configs.go │ │ ├── configs_test.go │ │ ├── gateway-rbac.yaml │ │ ├── gateway-tenants.yaml │ │ ├── gateway.go │ │ ├── gateway_test.go │ │ ├── openshift.go │ │ ├── openshift_test.go │ │ └── testdata │ │ │ ├── rbac.yaml │ │ │ └── tenants.yaml │ ├── grafana │ │ ├── datasource.go │ │ └── datasource_test.go │ ├── ingester │ │ ├── ingester.go │ │ └── ingester_test.go │ ├── manifests.go │ ├── manifests_test.go │ ├── manifestutils │ │ ├── affinity.go │ │ ├── annotations.go │ │ ├── annotations_test.go │ │ ├── cloudcredentials.go │ │ ├── constants.go │ │ ├── gomemlimit.go │ │ ├── labels.go │ │ ├── params.go │ │ ├── paths.go │ │ ├── probes.go │ │ ├── resources.go │ │ ├── resources_test.go │ │ ├── securitycontext.go │ │ ├── service.go │ │ ├── storage.go │ │ ├── storage_test.go │ │ ├── tls.go │ │ ├── tls_test.go │ │ ├── tracing.go │ │ └── tracing_test.go │ ├── memberlist │ │ ├── gossip.go │ │ └── gossip_test.go │ ├── monolithic │ │ ├── build.go │ │ ├── build_test.go │ │ ├── configmap.go │ │ ├── configmap_test.go │ │ ├── gateway.go │ │ ├── gateway_test.go │ │ ├── grafana_datasource.go │ │ ├── grafana_datasource_test.go │ │ ├── jaegerui_ingress.go │ │ ├── jaegerui_ingress_test.go │ │ ├── labels.go │ │ ├── options.go │ │ ├── prometheusrule.go │ │ ├── prometheusrule_test.go │ │ ├── serviceaccount.go │ │ ├── serviceaccount_test.go │ │ ├── servicemonitor.go │ │ ├── servicemonitor_test.go │ │ ├── services.go │ │ ├── services_test.go │ │ ├── statefulset.go │ │ ├── statefulset_test.go │ │ └── util.go │ ├── mutate.go │ ├── mutate_test.go │ ├── naming │ │ ├── naming.go │ │ ├── naming_test.go │ │ ├── sanitize.go │ │ └── sanitize_test.go │ ├── oauthproxy │ │ ├── oauth_proxy.go │ │ └── oauth_proxy_test.go │ ├── operator │ │ ├── manifests.go │ │ └── prometheus │ │ │ ├── prometheus-operator-alerts.yaml │ │ │ ├── prometheus_rule.go │ │ │ ├── prometheus_rule_test.go │ │ │ ├── servicemonitor.go │ │ │ └── servicemonitor_test.go │ ├── querier │ │ ├── querier.go │ │ └── querier_test.go │ ├── queryfrontend │ │ ├── query_frontend.go │ │ └── query_frontend_test.go │ ├── serviceaccount │ │ ├── serviceaccount.go │ │ └── serviceaccount_test.go │ └── servicemonitor │ │ ├── servicemonitor.go │ │ └── servicemonitor_test.go ├── status │ ├── client.go │ ├── client_test.go │ ├── components.go │ ├── components_test.go │ ├── conditions.go │ ├── conditions_test.go │ ├── metrics.go │ ├── monolithic.go │ ├── monolithic_test.go │ ├── status.go │ └── status_test.go ├── tlsprofile │ ├── client_test.go │ ├── get.go │ ├── get_test.go │ ├── interfaces.go │ ├── options.go │ ├── options_test.go │ ├── tlsprofile.go │ └── tlsprofile_test.go ├── upgrade │ ├── suite_test.go │ ├── upgrade.go │ ├── upgrade_test.go │ ├── v0_11_0.go │ ├── v0_15_4.go │ ├── v0_1_0.go │ ├── v0_3_0.go │ ├── v0_3_0_test.go │ ├── v0_5_0.go │ ├── v0_6_0.go │ ├── v0_8_0.go │ └── versions.go ├── version │ └── main.go └── webhooks │ ├── tempomonolithic_webhook.go │ ├── tempomonolithic_webhook_test.go │ ├── tempostack_webhook.go │ ├── tempostack_webhook_test.go │ ├── validations.go │ └── webhook_suite_test.go ├── kind-1.25.yaml ├── kind-1.26.yaml ├── kind-1.27.yaml ├── kind-1.28.yaml ├── kind-1.29.yaml ├── kind-1.30.yaml ├── kind-1.32.yaml ├── minio.yaml ├── operations └── runbook.md └── tests ├── Dockerfile ├── Dockerfile.utils ├── e2e-long-running └── tempostack-retention-global │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces-jaeger.yaml │ ├── 05-assert.yaml │ ├── 05-verify-traces-grafana.yaml │ ├── chainsaw-test.yaml │ ├── verify-traces-grafana-ret-assert.yaml │ ├── verify-traces-grafana-ret.yaml │ ├── verify-traces-jaeger-ret-assert.yaml │ └── verify-traces-jaeger-ret.yaml ├── e2e-openshift-object-stores ├── aws-sts-cco-monolithic │ ├── aws-sts-s3-create-assert.yaml │ ├── aws-sts-s3-create.sh │ ├── aws-sts-s3-delete.sh │ ├── chainsaw-test.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-monolithic-assert.yaml │ ├── install-monolithic.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── aws-sts-cco-tempostack │ ├── aws-sts-s3-create-assert.yaml │ ├── aws-sts-s3-create.sh │ ├── aws-sts-s3-delete.sh │ ├── chainsaw-test.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-tempostack-assert.yaml │ ├── install-tempostack.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── aws-sts-monolithic │ ├── aws-sts-s3-create-assert.yaml │ ├── aws-sts-s3-create.sh │ ├── aws-sts-s3-delete.sh │ ├── chainsaw-test.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-monolithic-assert.yaml │ ├── install-monolithic.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── aws-sts-tempostack │ ├── aws-sts-s3-create-assert.yaml │ ├── aws-sts-s3-create.sh │ ├── aws-sts-s3-delete.sh │ ├── chainsaw-test.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-tempostack-assert.yaml │ ├── install-tempostack.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── azure-wif-monolithic │ ├── azure-wif-create-assert.yaml │ ├── azure-wif-create.sh │ ├── azure-wif-delete.sh │ ├── chainsaw-test.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-monolithic-assert.yaml │ ├── install-monolithic.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── azure-wif-tempostack │ ├── azure-wif-create-assert.yaml │ ├── azure-wif-create.sh │ ├── azure-wif-delete.sh │ ├── chainsaw-test.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-tempostack-assert.yaml │ ├── install-tempostack.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── gcp-wif-monolithic │ ├── chainsaw-test.yaml │ ├── gcp-wif-create-assert.yaml │ ├── gcp-wif-create.sh │ ├── gcp-wif-delete.sh │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-monolithic-assert.yaml │ ├── install-monolithic.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── gcp-wif-tempostack │ ├── chainsaw-test.yaml │ ├── gcp-wif-create-assert.yaml │ ├── gcp-wif-create.sh │ ├── gcp-wif-delete.sh │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-tempostack-assert.yaml │ ├── install-tempostack.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── monolithic-aws │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ ├── chainsaw-test.yaml │ └── create-bucket.sh ├── monolithic-azure │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ ├── chainsaw-test.yaml │ ├── create-bucket.sh │ └── delete-bucket.sh ├── monolithic-gcs │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ ├── chainsaw-test.yaml │ └── create-bucket.sh ├── monolithic-ibm │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ ├── chainsaw-test.yaml │ ├── create-bucket.sh │ └── delete-bucket.sh ├── tempostack-aws │ ├── 00-assert.yaml │ ├── 00-object-store-bucket.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempostack.yaml │ ├── 02-assert.yaml │ ├── 02-generate-traces.yaml │ ├── 03-assert.yaml │ ├── 03-verify-traces.yaml │ ├── chainsaw-test.yaml │ └── create-bucket.sh ├── tempostack-azure │ ├── 00-assert.yaml │ ├── 00-object-store-bucket.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempostack.yaml │ ├── 02-assert.yaml │ ├── 02-generate-traces.yaml │ ├── 03-assert.yaml │ ├── 03-verify-traces.yaml │ ├── chainsaw-test.yaml │ ├── create-bucket.sh │ └── delete-bucket.sh ├── tempostack-gcs │ ├── 00-assert.yaml │ ├── 00-object-store-bucket.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempostack.yaml │ ├── 02-assert.yaml │ ├── 02-generate-traces.yaml │ ├── 03-assert.yaml │ ├── 03-verify-traces.yaml │ ├── chainsaw-test.yaml │ └── create-bucket.sh └── tempostack-ibm │ ├── 00-assert.yaml │ ├── 00-object-store-bucket.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempostack.yaml │ ├── 02-assert.yaml │ ├── 02-generate-traces.yaml │ ├── 03-assert.yaml │ ├── 03-verify-traces.yaml │ ├── chainsaw-test.yaml │ ├── create-bucket.sh │ └── delete-bucket.sh ├── e2e-openshift-ossm ├── ossm-monolithic-otel │ ├── apply-telemetry-cr-assert.yaml │ ├── apply-telemetry-cr.yaml │ ├── chainsaw-test.yaml │ ├── generate-traces-otel-assert.yaml │ ├── generate-traces-otel.yaml │ ├── install-bookinfo-assert.yaml │ ├── install-bookinfo.yaml │ ├── install-ossm-assert.yaml │ ├── install-ossm.yaml │ ├── install-otel-collector-assert.yaml │ ├── install-otel-collector.yaml │ ├── install-tempo-assert.yaml │ ├── install-tempo.yaml │ ├── update-kiali-assert.yaml │ ├── update-kiali.yaml │ ├── verify-traces-assert.yaml │ ├── verify-traces-otel-assert.yaml │ ├── verify-traces-otel.yaml │ └── verify-traces.yaml ├── ossm-tempostack-otel │ ├── apply-telemetry-cr-assert.yaml │ ├── apply-telemetry-cr.yaml │ ├── chainsaw-test.yaml │ ├── generate-traces-otel-assert.yaml │ ├── generate-traces-otel.yaml │ ├── install-bookinfo-assert.yaml │ ├── install-bookinfo.yaml │ ├── install-minio-assert.yaml │ ├── install-minio.yaml │ ├── install-ossm-assert.yaml │ ├── install-ossm.yaml │ ├── install-otel-collector-assert.yaml │ ├── install-otel-collector.yaml │ ├── install-tempo-assert.yaml │ ├── install-tempo.yaml │ ├── update-kiali-assert.yaml │ ├── update-kiali.yaml │ ├── verify-traces-assert.yaml │ ├── verify-traces-otel-assert.yaml │ ├── verify-traces-otel.yaml │ └── verify-traces.yaml └── ossm-tempostack │ ├── apply-telemetry-cr-assert.yaml │ ├── apply-telemetry-cr.yaml │ ├── chainsaw-test.yaml │ ├── install-bookinfo-assert.yaml │ ├── install-bookinfo.yaml │ ├── install-minio-assert.yaml │ ├── install-minio.yaml │ ├── install-ossm-assert.yaml │ ├── install-ossm.yaml │ ├── install-tempo-assert.yaml │ ├── install-tempo.yaml │ ├── update-kiali-assert.yaml │ ├── update-kiali.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── e2e-openshift-serverless ├── otel-tempo-serverless │ ├── chainsaw-test.yaml │ ├── create-knative-app-assert.yaml │ ├── create-knative-app.yaml │ ├── create-knative-eventing-assert.yaml │ ├── create-knative-eventing.yaml │ ├── create-knative-serving-assert.yaml │ ├── create-knative-serving.yaml │ ├── create-otel-collector-assert.yaml │ ├── create-otel-collector.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-minio-assert.yaml │ ├── install-minio.yaml │ ├── install-tempo-assert.yaml │ ├── install-tempo.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml └── tempo-serverless │ ├── chainsaw-test.yaml │ ├── create-knative-app-assert.yaml │ ├── create-knative-app.yaml │ ├── create-knative-eventing-assert.yaml │ ├── create-knative-eventing.yaml │ ├── create-knative-serving-assert.yaml │ ├── create-knative-serving.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-minio-assert.yaml │ ├── install-minio.yaml │ ├── install-tempo-assert.yaml │ ├── install-tempo.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── e2e-openshift ├── component-replicas │ ├── chainsaw-test.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-otelcol-assert.yaml │ ├── install-otelcol.yaml │ ├── install-storage-assert.yaml │ ├── install-storage.yaml │ ├── install-tempo-assert.yaml │ ├── install-tempo.yaml │ ├── scale-tempo-assert.yaml │ ├── scale-tempo.yaml │ ├── verify-traces-assert.yaml │ └── verify-traces.yaml ├── monitoring-monolithic │ ├── chainsaw-test.yaml │ ├── check_metrics.sh │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-monolithic-assert.yaml │ ├── install-monolithic.yaml │ ├── verify-traces-assert.yaml │ ├── verify-traces.yaml │ ├── workload-monitoring-assert.yaml │ └── workload-monitoring.yaml ├── monitoring │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-workload-monitoring.yaml │ ├── 02-assert.yaml │ ├── 02-install-tempostack.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ ├── chainsaw-test.yaml │ ├── check_metrics.sh │ └── check_operator_servicemonitor.yaml ├── monolithic-multitenancy-openshift │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otelcol.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml ├── monolithic-multitenancy-rbac │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otelcol.yaml │ ├── assert-create-sas.yaml │ ├── assert-tempo-rbac-sa-1-traces-gen.yaml │ ├── assert-tempo-rbac-sa-1-traces-verify.yaml │ ├── assert-tempo-rbac-sa-2-traces-gen.yaml │ ├── chainsaw-test.yaml │ ├── create-SAs-with-namespace-access.yaml │ ├── tempo-rbac-sa-1-traces-gen.yaml │ ├── tempo-rbac-sa-1-traces-verify.yaml │ ├── tempo-rbac-sa-2-traces-gen.yaml │ └── tracing-ui-plugin.yaml ├── monolithic-multitenancy-static │ ├── 00-assert.yaml │ ├── 00-install-hydra.yaml │ ├── 01-assert.yaml │ ├── 01-setup-hydra.yaml │ ├── 02-assert.yaml │ ├── 02-install-tempo.yaml │ ├── 03-assert.yaml │ ├── 03-install-otel.yaml │ ├── 04-assert.yaml │ ├── 04-generate-traces.yaml │ ├── 05-assert.yaml │ ├── 05-verify-traces.yaml │ └── chainsaw-test.yaml ├── monolithic-route │ ├── chainsaw-test.yaml │ ├── check-must-gather.sh │ ├── install-tempo-assert.yaml │ └── install-tempo.yaml ├── monolithic-single-tenant-auth │ ├── chainsaw-test.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-tempo-assert.yaml │ ├── install-tempo.yaml │ ├── verify-traces-jaeger-assert.yaml │ ├── verify-traces-jaeger.yaml │ ├── verify-traces-traceql-assert.yaml │ └── verify-traces-traceql.yaml ├── multitenancy-rbac │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otelcol.yaml │ ├── assert-create-sas.yaml │ ├── assert-tempo-rbac-sa-1-traces-gen.yaml │ ├── assert-tempo-rbac-sa-1-traces-verify.yaml │ ├── assert-tempo-rbac-sa-2-traces-gen.yaml │ ├── chainsaw-test.yaml │ ├── create-SAs-with-namespace-access.yaml │ ├── tempo-rbac-sa-1-traces-gen.yaml │ ├── tempo-rbac-sa-1-traces-verify.yaml │ ├── tempo-rbac-sa-2-traces-gen.yaml │ └── tracing-ui-plugin.yaml ├── multitenancy │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otelcol.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml ├── red-metrics │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-workload-monitoring.yaml │ ├── 02-assert.yaml │ ├── 02-install-otel-collector.yaml │ ├── 03-assert.yaml │ ├── 03-install-tempo.yaml │ ├── 04-assert.yaml │ ├── 04-install-hotrod.yaml │ ├── 05-assert.yaml │ ├── 05-install-generate-traces.yaml │ ├── 06-assert.yaml │ ├── 06-install-assert-job.yaml │ ├── chainsaw-test.yaml │ ├── check_alert.sh │ └── check_metrics.sh ├── route │ ├── chainsaw-test.yaml │ ├── check-must-gather.sh │ ├── install-storage-assert.yaml │ ├── install-storage.yaml │ ├── install-tempo-assert.yaml │ └── install-tempo.yaml ├── tempo-single-tenant-auth │ ├── chainsaw-test.yaml │ ├── generate-traces-assert.yaml │ ├── generate-traces.yaml │ ├── install-storage-assert.yaml │ ├── install-storage.yaml │ ├── install-tempo-assert.yaml │ ├── install-tempo.yaml │ ├── verify-traces-jaeger-assert.yaml │ ├── verify-traces-jaeger.yaml │ ├── verify-traces-traceql-assert.yaml │ └── verify-traces-traceql.yaml ├── tempostack-resources │ ├── chainsaw-test.yaml │ ├── install-storage-assert.yaml │ ├── install-storage.yaml │ ├── install-tempostack-assert.yaml │ ├── install-tempostack.yaml │ ├── update-tempostack-assert.yaml │ └── update-tempostack.yaml ├── tls-monolithic-singletenant │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otelcol.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml └── tls-singletenant │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otelcol.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml ├── e2e-upgrade └── upgrade │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 10-setup-olm.yaml │ ├── 20-assert.yaml │ ├── 20-install-old-operator.yaml │ ├── 30-assert.yaml │ ├── 30-install-tempo.yaml │ ├── 40-assert.yaml │ ├── 40-generate-traces.yaml │ ├── 50-assert.yaml │ ├── 50-verify-traces.yaml │ ├── 60-assert.yaml │ ├── 60-upgrade-operator.yaml │ ├── 70-assert.yaml │ ├── 70-verify-traces-after-upgrade.yaml │ ├── README.md │ ├── chainsaw-test.yaml │ └── tempostack.yaml ├── e2e ├── compatibility │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces-jaeger.yaml │ ├── 05-assert.yaml │ ├── 05-verify-traces-grafana.yaml │ └── chainsaw-test.yaml ├── custom-ca │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-generate-traces.yaml │ ├── 03-assert.yaml │ ├── 03-verify-traces.yaml │ ├── README.md │ └── chainsaw-test.yaml ├── gateway │ ├── 00-assert.yaml │ ├── 00-install.yaml │ ├── 01-assert.yaml │ ├── 01-install.yaml │ ├── 02-assert.yaml │ ├── 02-install.yaml │ ├── 03-install-disable-jaeger-query.yaml │ └── chainsaw-test.yaml ├── generate │ ├── .gitignore │ ├── 00-storage-secret.yaml │ ├── 01-assert.yaml │ ├── chainsaw-test.yaml │ ├── config.yaml │ └── cr.yaml ├── monolithic-extraconfig │ ├── chainsaw-test.yaml │ ├── install-tempo-assert.yaml │ └── install-tempo.yaml ├── monolithic-ingestion-mtls │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otel.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml ├── monolithic-memory │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces-jaeger.yaml │ ├── 05-assert.yaml │ ├── 05-verify-traces-grafana.yaml │ └── chainsaw-test.yaml ├── monolithic-pv │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml ├── monolithic-receivers-tls │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otel.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml ├── monolithic-s3-tls │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml ├── receivers-mtls │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otel.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml ├── receivers-tls │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 02-install-otel.yaml │ ├── 03-assert.yaml │ ├── 03-generate-traces.yaml │ ├── 04-assert.yaml │ ├── 04-verify-traces.yaml │ └── chainsaw-test.yaml ├── reconcile │ ├── 00-assert.yaml │ ├── 00-install-storage.yaml │ ├── 01-assert.yaml │ ├── 01-install-tempo.yaml │ ├── 02-assert.yaml │ ├── 03-assert.yaml │ ├── 03-update-storage-secret.yaml │ ├── 05-assert.yaml │ ├── 05-disable-reconciliation.yaml │ └── chainsaw-test.yaml └── tempostack-extraconfig │ ├── chainsaw-test.yaml │ ├── install-storage-assert.yaml │ ├── install-storage.yaml │ ├── install-tempostack-assert.yaml │ └── install-tempostack.yaml └── operator-metrics └── max-loops ├── 00-assert.yaml ├── 00-metrics-service.yaml ├── 01-assert-job.yaml ├── 01-verify-metrics.yaml └── chainsaw-test.yaml /.chainsaw-openshift.yaml: -------------------------------------------------------------------------------- 1 | # yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/configuration-chainsaw-v1alpha1.json 2 | apiVersion: chainsaw.kyverno.io/v1alpha1 3 | kind: Configuration 4 | metadata: 5 | name: configuration 6 | spec: 7 | timeouts: 8 | assert: 5m00s 9 | cleanup: 5m00s 10 | delete: 5m00s 11 | error: 5m00s 12 | exec: 5m00s 13 | apply: 10s 14 | -------------------------------------------------------------------------------- /.chainsaw-upgrade.yaml: -------------------------------------------------------------------------------- 1 | # yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/configuration-chainsaw-v1alpha1.json 2 | apiVersion: chainsaw.kyverno.io/v1alpha1 3 | kind: Configuration 4 | metadata: 5 | name: configuration 6 | spec: 7 | parallel: 1 8 | timeouts: 9 | assert: 5m0s 10 | cleanup: 5m0s 11 | delete: 5m0s 12 | error: 5m0s 13 | exec: 5m0s 14 | -------------------------------------------------------------------------------- /.chainsaw.yaml: -------------------------------------------------------------------------------- 1 | # yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/configuration-chainsaw-v1alpha1.json 2 | apiVersion: chainsaw.kyverno.io/v1alpha1 3 | kind: Configuration 4 | metadata: 5 | name: configuration 6 | spec: 7 | timeouts: 8 | assert: 2m30s 9 | cleanup: 2m30s 10 | delete: 2m30s 11 | error: 2m30s 12 | exec: 2m30s 13 | -------------------------------------------------------------------------------- /.chloggen/TEMPLATE.yaml: -------------------------------------------------------------------------------- 1 | # One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' 2 | change_type: 3 | 4 | # The name of the component, or a single word describing the area of concern, (e.g. tempostack, tempomonolithic, github action) 5 | component: 6 | 7 | # A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). 8 | note: 9 | 10 | # One or more tracking issues related to the change 11 | issues: [] 12 | 13 | # (Optional) One or more lines of additional information to render under the primary note. 14 | # These lines will be padded with 2 spaces and then inserted directly into the document. 15 | # Use pipe (|) for multiline entries. 16 | subtext: 17 | -------------------------------------------------------------------------------- /.chloggen/cloudcredential_s3.yaml: -------------------------------------------------------------------------------- 1 | # One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' 2 | change_type: enhancement 3 | 4 | # The name of the component, or a single word describing the area of concern, (e.g. tempostack, tempomonolithic, github action) 5 | component: tempostack, tempomonolithic 6 | 7 | # A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). 8 | note: Support for AWS STS via cloudcredential operator 9 | 10 | # One or more tracking issues related to the change 11 | issues: [1159] 12 | 13 | # (Optional) One or more lines of additional information to render under the primary note. 14 | # These lines will be padded with 2 spaces and then inserted directly into the document. 15 | # Use pipe (|) for multiline entries. 16 | subtext: 17 | -------------------------------------------------------------------------------- /.chloggen/fix-config.yaml: -------------------------------------------------------------------------------- 1 | # One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' 2 | change_type: bug_fix 3 | 4 | # The name of the component, or a single word describing the area of concern, (e.g. tempostack, tempomonolithic, github action) 5 | component: tempostack, tempomonolithic 6 | 7 | # A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). 8 | note: Don't set --opa.matcher=kubernetes_namespace_name when query RBAC is disabled 9 | 10 | # One or more tracking issues related to the change 11 | issues: [1176] 12 | 13 | # (Optional) One or more lines of additional information to render under the primary note. 14 | # These lines will be padded with 2 spaces and then inserted directly into the document. 15 | # Use pipe (|) for multiline entries. 16 | subtext: 17 | -------------------------------------------------------------------------------- /.chloggen/kubernetes_1.32.yaml: -------------------------------------------------------------------------------- 1 | # One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' 2 | change_type: 'enhancement' 3 | 4 | # The name of the component, or a single word describing the area of concern, (e.g. operator, github action) 5 | component: operator 6 | 7 | # A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). 8 | note: Kubernetes 1.32 enablement 9 | 10 | # One or more tracking issues related to the change 11 | issues: [1157] 12 | 13 | # (Optional) One or more lines of additional information to render under the primary note. 14 | # These lines will be padded with 2 spaces and then inserted directly into the document. 15 | # Use pipe (|) for multiline entries. 16 | subtext: 17 | -------------------------------------------------------------------------------- /.chloggen/update_tempo.yaml: -------------------------------------------------------------------------------- 1 | # One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' 2 | change_type: bug_fix 3 | 4 | # The name of the component, or a single word describing the area of concern, (e.g. tempostack, tempomonolithic, github action) 5 | component: tempostack, tempomonolithic 6 | 7 | # A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). 8 | note: Update Tempo to 2.7.2 9 | 10 | # One or more tracking issues related to the change 11 | issues: [1149] 12 | 13 | # (Optional) One or more lines of additional information to render under the primary note. 14 | # These lines will be padded with 2 spaces and then inserted directly into the document. 15 | # Use pipe (|) for multiline entries. 16 | subtext: | 17 | -------------------------------------------------------------------------------- /.chloggen/watch_secrets_monolitic.yaml: -------------------------------------------------------------------------------- 1 | # One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' 2 | change_type: enhancement 3 | 4 | # The name of the component, or a single word describing the area of concern, (e.g. tempostack, tempomonolithic, github action) 5 | component: tempomonolithic 6 | 7 | # A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). 8 | note: Watch storage secrets for tempo monolithic 9 | 10 | # One or more tracking issues related to the change 11 | issues: [1181] 12 | 13 | # (Optional) One or more lines of additional information to render under the primary note. 14 | # These lines will be padded with 2 spaces and then inserted directly into the document. 15 | # Use pipe (|) for multiline entries. 16 | subtext: 17 | -------------------------------------------------------------------------------- /.codecov.yml: -------------------------------------------------------------------------------- 1 | coverage: 2 | status: 3 | project: 4 | default: 5 | target: auto 6 | # this allows a 0.1% drop from the previous base commit coverage 7 | threshold: 0.1% 8 | ignore: 9 | - "apis/config/v1alpha1/zz_generated.deepcopy.go" 10 | - "apis/config/v1alpha1/groupversion_info.go" 11 | - "apis/tempo/v1alpha1/zz_generated.deepcopy.go" 12 | - "apis/tempo/v1alpha1/groupversion_info.go" 13 | -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file 2 | # Ignore build and test binaries. 3 | bin/ 4 | testbin/ 5 | -------------------------------------------------------------------------------- /.github/workflows/check_links_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "ignorePatterns": [ 3 | { 4 | "pattern": "http(s)?://\\d+\\.\\d+\\.\\d+\\.\\d+" 5 | }, 6 | { 7 | "pattern": "http(s)?://localhost" 8 | }, 9 | { 10 | "pattern": "http(s)?://example.com" 11 | }, 12 | { 13 | "pattern": "^#" 14 | } 15 | ], 16 | "aliveStatusCodes": [429, 200] 17 | } 18 | -------------------------------------------------------------------------------- /.github/workflows/publish-images.yaml: -------------------------------------------------------------------------------- 1 | name: "Publish operator" 2 | 3 | permissions: {} 4 | 5 | on: 6 | push: 7 | branches: [main] 8 | # will run only on main, for tag branches we run it as part of the release process. 9 | tags-ignore: ["v*"] 10 | 11 | workflow_dispatch: 12 | 13 | jobs: 14 | publish-images: 15 | uses: ./.github/workflows/reusable-publish-images.yaml 16 | permissions: 17 | packages: write # push container image 18 | with: 19 | publish_bundle: false 20 | version_tag: ${{ github.ref }} 21 | push: ${{ github.event_name != 'pull_request' }} 22 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.exe~ 4 | *.dll 5 | *.so 6 | *.dylib 7 | 8 | # Test binary, built with `go test -c` 9 | *.test 10 | 11 | # Output of the go coverage tool, specifically when used with LiteIDE 12 | *.out 13 | 14 | # Dependency directories (remove the comment below to include it) 15 | # vendor/ 16 | bin/ 17 | 18 | # Files generated by e2e tests 19 | kubeconfig 20 | 21 | # website 22 | 23 | website/public/* 24 | website/resources/* 25 | docs/prologue/contributing.md 26 | 27 | #IDE 28 | .idea 29 | .vscode 30 | -------------------------------------------------------------------------------- /api/config/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // Package v1alpha1 contains API Schema definitions for the config.tempo v1alpha1 API group. 2 | // +kubebuilder:object:generate=true 3 | // +groupName=config.tempo.grafana.com 4 | package v1alpha1 5 | -------------------------------------------------------------------------------- /api/config/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | // Package v1alpha1 contains API Schema definitions for the config.tempo v1alpha1 API group. 2 | // +kubebuilder:object:generate=true 3 | // +groupName=config.tempo.grafana.com 4 | package v1alpha1 5 | 6 | import ( 7 | "k8s.io/apimachinery/pkg/runtime/schema" 8 | "sigs.k8s.io/controller-runtime/pkg/scheme" 9 | ) 10 | 11 | var ( 12 | // GroupVersion is group version used to register these objects. 13 | GroupVersion = schema.GroupVersion{Group: "config.tempo.grafana.com", Version: "v1alpha1"} 14 | 15 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme. 16 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 17 | 18 | // AddToScheme adds the types in this group-version to the given scheme. 19 | AddToScheme = SchemeBuilder.AddToScheme 20 | ) 21 | -------------------------------------------------------------------------------- /api/tempo/register.go: -------------------------------------------------------------------------------- 1 | package tempo 2 | -------------------------------------------------------------------------------- /api/tempo/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | // Package v1alpha1 contains API Schema definitions for the tempo v1alpha1 API group. 2 | // +kubebuilder:object:generate=true 3 | // +groupName=tempo.grafana.com 4 | package v1alpha1 5 | -------------------------------------------------------------------------------- /api/tempo/v1alpha1/finalizer.go: -------------------------------------------------------------------------------- 1 | package v1alpha1 2 | 3 | const ( 4 | // TempoFinalizer if the finalizer name used by the Tempo operator. 5 | TempoFinalizer = "tempo.grafana.com/finalizer" 6 | ) 7 | -------------------------------------------------------------------------------- /api/tempo/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | // Package v1alpha1 contains API Schema definitions for the tempo v1alpha1 API group. 2 | // +kubebuilder:object:generate=true 3 | // +groupName=tempo.grafana.com 4 | package v1alpha1 5 | 6 | import ( 7 | "k8s.io/apimachinery/pkg/runtime/schema" 8 | "sigs.k8s.io/controller-runtime/pkg/scheme" 9 | ) 10 | 11 | var ( 12 | // GroupVersion is group version used to register these objects. 13 | GroupVersion = schema.GroupVersion{Group: "tempo.grafana.com", Version: "v1alpha1"} 14 | 15 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme. 16 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 17 | 18 | // AddToScheme adds the types in this group-version to the given scheme. 19 | AddToScheme = SchemeBuilder.AddToScheme 20 | ) 21 | -------------------------------------------------------------------------------- /bundle/community/manifests/tempo-operator-controller-manager-metrics-service_v1_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app.kubernetes.io/managed-by: operator-lifecycle-manager 7 | app.kubernetes.io/name: tempo-operator 8 | app.kubernetes.io/part-of: tempo-operator 9 | control-plane: controller-manager 10 | name: tempo-operator-controller-manager-metrics-service 11 | spec: 12 | ports: 13 | - name: https 14 | port: 8443 15 | protocol: TCP 16 | targetPort: https 17 | selector: 18 | app.kubernetes.io/managed-by: operator-lifecycle-manager 19 | app.kubernetes.io/name: tempo-operator 20 | app.kubernetes.io/part-of: tempo-operator 21 | control-plane: controller-manager 22 | status: 23 | loadBalancer: {} 24 | -------------------------------------------------------------------------------- /bundle/community/manifests/tempo-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app.kubernetes.io/managed-by: operator-lifecycle-manager 7 | app.kubernetes.io/name: tempo-operator 8 | app.kubernetes.io/part-of: tempo-operator 9 | name: tempo-operator-metrics-reader 10 | rules: 11 | - nonResourceURLs: 12 | - /metrics 13 | verbs: 14 | - get 15 | -------------------------------------------------------------------------------- /bundle/community/manifests/tempo-operator-webhook-service_v1_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app.kubernetes.io/managed-by: operator-lifecycle-manager 7 | app.kubernetes.io/name: tempo-operator 8 | app.kubernetes.io/part-of: tempo-operator 9 | name: tempo-operator-webhook-service 10 | spec: 11 | ports: 12 | - port: 443 13 | protocol: TCP 14 | targetPort: 9443 15 | selector: 16 | app.kubernetes.io/managed-by: operator-lifecycle-manager 17 | app.kubernetes.io/name: tempo-operator 18 | app.kubernetes.io/part-of: tempo-operator 19 | control-plane: controller-manager 20 | status: 21 | loadBalancer: {} 22 | -------------------------------------------------------------------------------- /bundle/openshift/manifests/tempo-operator-manager-rolebinding-cluster-monitoring-view_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app.kubernetes.io/managed-by: operator-lifecycle-manager 7 | app.kubernetes.io/name: tempo-operator 8 | app.kubernetes.io/part-of: tempo-operator 9 | name: tempo-operator-manager-rolebinding-cluster-monitoring-view 10 | roleRef: 11 | apiGroup: rbac.authorization.k8s.io 12 | kind: ClusterRole 13 | name: cluster-monitoring-view 14 | subjects: 15 | - kind: ServiceAccount 16 | name: tempo-operator-controller-manager 17 | namespace: tempo-operator-system 18 | -------------------------------------------------------------------------------- /bundle/openshift/manifests/tempo-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app.kubernetes.io/managed-by: operator-lifecycle-manager 7 | app.kubernetes.io/name: tempo-operator 8 | app.kubernetes.io/part-of: tempo-operator 9 | name: tempo-operator-metrics-reader 10 | rules: 11 | - nonResourceURLs: 12 | - /metrics 13 | verbs: 14 | - get 15 | -------------------------------------------------------------------------------- /bundle/openshift/manifests/tempo-operator-prometheus_rbac.authorization.k8s.io_v1_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | annotations: 5 | include.release.openshift.io/self-managed-high-availability: "true" 6 | include.release.openshift.io/single-node-developer: "true" 7 | creationTimestamp: null 8 | labels: 9 | app.kubernetes.io/managed-by: operator-lifecycle-manager 10 | app.kubernetes.io/name: tempo-operator 11 | app.kubernetes.io/part-of: tempo-operator 12 | name: tempo-operator-prometheus 13 | rules: 14 | - apiGroups: 15 | - "" 16 | resources: 17 | - services 18 | - endpoints 19 | - pods 20 | verbs: 21 | - get 22 | - list 23 | - watch 24 | -------------------------------------------------------------------------------- /bundle/openshift/manifests/tempo-operator-prometheus_rbac.authorization.k8s.io_v1_rolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | annotations: 5 | include.release.openshift.io/self-managed-high-availability: "true" 6 | include.release.openshift.io/single-node-developer: "true" 7 | creationTimestamp: null 8 | labels: 9 | app.kubernetes.io/managed-by: operator-lifecycle-manager 10 | app.kubernetes.io/name: tempo-operator 11 | app.kubernetes.io/part-of: tempo-operator 12 | name: tempo-operator-prometheus 13 | roleRef: 14 | apiGroup: rbac.authorization.k8s.io 15 | kind: Role 16 | name: tempo-operator-prometheus 17 | subjects: 18 | - kind: ServiceAccount 19 | name: prometheus-k8s 20 | namespace: openshift-monitoring 21 | -------------------------------------------------------------------------------- /bundle/openshift/manifests/tempo-operator-webhook-service_v1_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app.kubernetes.io/managed-by: operator-lifecycle-manager 7 | app.kubernetes.io/name: tempo-operator 8 | app.kubernetes.io/part-of: tempo-operator 9 | name: tempo-operator-webhook-service 10 | spec: 11 | ports: 12 | - port: 443 13 | protocol: TCP 14 | targetPort: 9443 15 | selector: 16 | app.kubernetes.io/managed-by: operator-lifecycle-manager 17 | app.kubernetes.io/name: tempo-operator 18 | app.kubernetes.io/part-of: tempo-operator 19 | control-plane: controller-manager 20 | status: 21 | loadBalancer: {} 22 | -------------------------------------------------------------------------------- /cmd/generate/testdata/cr.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | spec: 6 | images: 7 | tempo: docker.io/grafana/tempo:x.y.z 8 | tempoQuery: docker.io/grafana/tempo-query:x.y.z 9 | tempoGateway: quay.io/observatorium/api 10 | tempoGatewayOPA: quay.io/observatorium/opa-openshift 11 | storage: 12 | secret: 13 | name: minio-test 14 | type: s3 15 | storageSize: 1Gi 16 | -------------------------------------------------------------------------------- /cmd/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "flag" 5 | "os" 6 | 7 | "github.com/grafana/tempo-operator/cmd/generate" 8 | "github.com/grafana/tempo-operator/cmd/root" 9 | "github.com/grafana/tempo-operator/cmd/start" 10 | "github.com/grafana/tempo-operator/cmd/version" 11 | "github.com/grafana/tempo-operator/internal/logging" 12 | ) 13 | 14 | func main() { 15 | rootCmd := root.NewRootCommand() 16 | rootCmd.AddCommand(start.NewStartCommand()) 17 | rootCmd.AddCommand(generate.NewGenerateCommand()) 18 | rootCmd.AddCommand(version.NewVersionCommand()) 19 | 20 | logging.SetupLogging() 21 | 22 | // pass remaining flags (excluding zap flags) to spf13/cobra commands 23 | args := flag.Args() 24 | rootCmd.SetArgs(args) 25 | 26 | if err := rootCmd.Execute(); err != nil { 27 | os.Exit(1) 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /cmd/testdata/empty.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/grafana/tempo-operator/1c02a98025546c1d298dd7336aabe3cf35d0e7a8/cmd/testdata/empty.yaml -------------------------------------------------------------------------------- /cmd/testdata/tlsprofile_invalid.yaml: -------------------------------------------------------------------------------- 1 | featureGates: 2 | tlsProfile: abc 3 | -------------------------------------------------------------------------------- /cmd/testdata/tlsprofile_old.yaml: -------------------------------------------------------------------------------- 1 | featureGates: 2 | tlsProfile: Old 3 | -------------------------------------------------------------------------------- /cmd/version/main.go: -------------------------------------------------------------------------------- 1 | package version 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | 7 | "github.com/spf13/cobra" 8 | 9 | "github.com/grafana/tempo-operator/internal/version" 10 | ) 11 | 12 | // NewVersionCommand returns a new version command. 13 | func NewVersionCommand() *cobra.Command { 14 | cmd := &cobra.Command{ 15 | Use: "version", 16 | Short: "Show the version of the Tempo Operator and exit", 17 | RunE: func(c *cobra.Command, args []string) error { 18 | info := version.Get() 19 | json, err := json.Marshal(info) 20 | if err != nil { 21 | return err 22 | } 23 | fmt.Println(string(json)) 24 | return nil 25 | }, 26 | } 27 | 28 | return cmd 29 | } 30 | -------------------------------------------------------------------------------- /config/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - certificate.yaml 3 | 4 | configurations: 5 | - kustomizeconfig.yaml 6 | -------------------------------------------------------------------------------- /config/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This configuration is for teaching kustomize how to update name ref and var substitution 2 | nameReference: 3 | - kind: Issuer 4 | group: cert-manager.io 5 | fieldSpecs: 6 | - kind: Certificate 7 | group: cert-manager.io 8 | path: spec/issuerRef/name 9 | 10 | varReference: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/commonName 14 | - kind: Certificate 15 | group: cert-manager.io 16 | path: spec/dnsNames 17 | -------------------------------------------------------------------------------- /config/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | version: v1 8 | group: apiextensions.k8s.io 9 | path: spec/conversion/webhook/clientConfig/service/name 10 | 11 | namespace: 12 | - kind: CustomResourceDefinition 13 | version: v1 14 | group: apiextensions.k8s.io 15 | path: spec/conversion/webhook/clientConfig/service/namespace 16 | create: false 17 | 18 | varReference: 19 | - path: metadata/annotations 20 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_config.tempo_projectconfigs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: projectconfigs.config.tempo.grafana.com 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_tempomonolithics.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: tempomonolithics.tempo.grafana.com 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_tempostacks.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: tempostacks.tempo.grafana.com 8 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_config.tempo_projectconfigs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: projectconfigs.config.tempo.grafana.com 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | conversionReviewVersions: 16 | - v1 17 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_tempomonolithics.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: tempomonolithics.tempo.grafana.com 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | conversionReviewVersions: 16 | - v1 17 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_tempostacks.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: tempostacks.tempo.grafana.com 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | conversionReviewVersions: 16 | - v1 17 | -------------------------------------------------------------------------------- /config/default/manager_config_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | args: 12 | - --zap-log-level=info 13 | - start 14 | - "--config=controller_manager_config.yaml" 15 | volumeMounts: 16 | - name: manager-config 17 | mountPath: /controller_manager_config.yaml 18 | subPath: controller_manager_config.yaml 19 | ports: 20 | - containerPort: 8443 21 | name: https 22 | protocol: TCP 23 | volumes: 24 | - name: manager-config 25 | configMap: 26 | name: manager-config 27 | -------------------------------------------------------------------------------- /config/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | ports: 12 | - containerPort: 9443 13 | name: webhook-server 14 | protocol: TCP 15 | volumeMounts: 16 | - mountPath: /tmp/k8s-webhook-server/serving-certs 17 | name: cert 18 | readOnly: true 19 | volumes: 20 | - name: cert 21 | secret: 22 | defaultMode: 420 23 | secretName: webhook-server-cert 24 | -------------------------------------------------------------------------------- /config/default/metrics_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: controller-manager-metrics-service 7 | namespace: system 8 | spec: 9 | ports: 10 | - name: https 11 | port: 8443 12 | protocol: TCP 13 | targetPort: https 14 | selector: 15 | control-plane: controller-manager 16 | -------------------------------------------------------------------------------- /config/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch add annotation to admission webhook config and 2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | name: mutating-webhook-configuration 7 | annotations: 8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 9 | --- 10 | apiVersion: admissionregistration.k8s.io/v1 11 | kind: ValidatingWebhookConfiguration 12 | metadata: 13 | name: validating-webhook-configuration 14 | annotations: 15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 16 | -------------------------------------------------------------------------------- /config/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | 4 | generatorOptions: 5 | disableNameSuffixHash: true 6 | 7 | apiVersion: kustomize.config.k8s.io/v1beta1 8 | kind: Kustomization 9 | images: 10 | - name: controller 11 | newName: ghcr.io/grafana/tempo-operator/tempo-operator 12 | newTag: v0.15.3 13 | -------------------------------------------------------------------------------- /config/overlays/community/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../../default 3 | 4 | # Adds namespace to all resources. 5 | namespace: tempo-operator-system 6 | 7 | # Value of this field is prepended to the 8 | # names of all resources, e.g. a deployment named 9 | # "wordpress" becomes "alices-wordpress". 10 | # Note that it should also match with the prefix (text before '-') of the namespace 11 | # field above. 12 | namePrefix: tempo-operator- 13 | 14 | labels: 15 | - pairs: 16 | app.kubernetes.io/name: tempo-operator 17 | app.kubernetes.io/part-of: tempo-operator 18 | app.kubernetes.io/managed-by: operator-lifecycle-manager 19 | includeSelectors: true 20 | 21 | generatorOptions: 22 | disableNameSuffixHash: true 23 | 24 | configMapGenerator: 25 | - files: 26 | - controller_manager_config.yaml 27 | name: manager-config 28 | -------------------------------------------------------------------------------- /config/overlays/openshift/cluster_monitoring_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: cluster-monitoring-role 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-monitoring-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: controller-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/overlays/openshift/cluster_monitoring_view_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: cluster-monitoring-role 5 | rules: 6 | - apiGroups: 7 | - monitoring.coreos.com 8 | resourceNames: 9 | - k8s 10 | resources: 11 | - prometheuses/api 12 | verbs: 13 | - get 14 | - create 15 | - update 16 | -------------------------------------------------------------------------------- /config/overlays/openshift/metrics_service_tls_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | annotations: 5 | service.beta.openshift.io/serving-cert-secret-name: tempo-operator-metrics 6 | name: controller-manager-metrics-service 7 | namespace: system 8 | -------------------------------------------------------------------------------- /config/overlays/openshift/patch_tls_metrics_args.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /spec/template/spec/containers/0/args/- 3 | value: --metrics-tls-cert-dir=/var/run/tls/server/ 4 | 5 | - op: add 6 | path: /spec/template/spec/volumes/- 7 | value: 8 | name: tempo-operator-metrics-cert 9 | secret: 10 | defaultMode: 420 11 | # secret generated by the 'service.beta.openshift.io/serving-cert-secret-name' annotation on the metrics-service 12 | secretName: tempo-operator-metrics 13 | 14 | - op: add 15 | path: /spec/template/spec/containers/0/volumeMounts/- 16 | value: 17 | mountPath: /var/run/tls/server 18 | name: tempo-operator-metrics-cert 19 | -------------------------------------------------------------------------------- /config/overlays/openshift/prometheus_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | annotations: 5 | include.release.openshift.io/self-managed-high-availability: "true" 6 | include.release.openshift.io/single-node-developer: "true" 7 | name: prometheus 8 | rules: 9 | - apiGroups: 10 | - "" 11 | resources: 12 | - services 13 | - endpoints 14 | - pods 15 | verbs: 16 | - get 17 | - list 18 | - watch 19 | -------------------------------------------------------------------------------- /config/overlays/openshift/prometheus_role_binding.yaml: -------------------------------------------------------------------------------- 1 | # Give OpenShift in-cluster-monitoring permissions to list, watch and get services, endpoints and pods in the namespace of the operator 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | annotations: 6 | include.release.openshift.io/self-managed-high-availability: "true" 7 | include.release.openshift.io/single-node-developer: "true" 8 | name: prometheus 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: Role 12 | name: prometheus 13 | subjects: 14 | - kind: ServiceAccount 15 | name: prometheus-k8s 16 | namespace: openshift-monitoring 17 | -------------------------------------------------------------------------------- /config/rbac/config.tempo_projectconfig_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit projectconfigs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: projectconfig-editor-role 6 | rules: 7 | - apiGroups: 8 | - config.tempo.grafana.com 9 | resources: 10 | - projectconfigs 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - config.tempo.grafana.com 21 | resources: 22 | - projectconfigs/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/config.tempo_projectconfig_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view projectconfigs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: projectconfig-viewer-role 6 | rules: 7 | - apiGroups: 8 | - config.tempo.grafana.com 9 | resources: 10 | - projectconfigs 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - config.tempo.grafana.com 17 | resources: 18 | - projectconfigs/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | # All RBAC will be applied under this service account in 3 | # the deployment namespace. You may comment out this resource 4 | # if your manager will use a service account that exists at 5 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding 6 | # subjects if changing service account names. 7 | - service_account.yaml 8 | - role.yaml 9 | - role_binding.yaml 10 | - leader_election_role.yaml 11 | - leader_election_role_binding.yaml 12 | - metrics_service.yaml 13 | - metrics_auth_role.yaml 14 | - metrics_auth_role_binding.yaml 15 | - metrics_reader_role.yaml 16 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: leader-election-role 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - configmaps 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - coordination.k8s.io 21 | resources: 22 | - leases 23 | verbs: 24 | - get 25 | - list 26 | - watch 27 | - create 28 | - update 29 | - patch 30 | - delete 31 | - apiGroups: 32 | - "" 33 | resources: 34 | - events 35 | verbs: 36 | - create 37 | - patch 38 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: leader-election-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: leader-election-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: controller-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/metrics_auth_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: metrics-auth-role 5 | rules: 6 | - apiGroups: 7 | - authentication.k8s.io 8 | resources: 9 | - tokenreviews 10 | verbs: 11 | - create 12 | - apiGroups: 13 | - authorization.k8s.io 14 | resources: 15 | - subjectaccessreviews 16 | verbs: 17 | - create 18 | -------------------------------------------------------------------------------- /config/rbac/metrics_auth_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: metrics-auth-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: metrics-auth-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: controller-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/metrics_reader_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: metrics-reader 5 | rules: 6 | - nonResourceURLs: 7 | - "/metrics" 8 | verbs: 9 | - get 10 | -------------------------------------------------------------------------------- /config/rbac/metrics_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: controller-manager-metrics-service 7 | namespace: system 8 | spec: 9 | ports: 10 | - name: https 11 | port: 8443 12 | protocol: TCP 13 | targetPort: https 14 | selector: 15 | control-plane: controller-manager 16 | -------------------------------------------------------------------------------- /config/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: manager-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: controller-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/service_account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | -------------------------------------------------------------------------------- /config/rbac/tempostack_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit tempostacks. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: tempostack-editor-role 6 | rules: 7 | - apiGroups: 8 | - tempo.grafana.com 9 | resources: 10 | - tempostacks 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - tempo.grafana.com 21 | resources: 22 | - tempostacks/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/tempostack_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view tempostacks. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: tempostack-viewer-role 6 | rules: 7 | - apiGroups: 8 | - tempo.grafana.com 9 | resources: 10 | - tempostacks 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - tempo.grafana.com 17 | resources: 18 | - tempostacks/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/samples/community/kustomization.yaml: -------------------------------------------------------------------------------- 1 | ## Append samples you want in your CSV to this file as resources ## 2 | resources: 3 | - tempo_v1alpha1_tempostack.yaml 4 | - tempo_v1alpha1_tempomonolithic.yaml 5 | #+kubebuilder:scaffold:manifestskustomizesamples 6 | -------------------------------------------------------------------------------- /config/samples/community/tempo_v1alpha1_tempomonolithic.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: sample 5 | spec: 6 | storage: 7 | traces: 8 | backend: memory 9 | resources: 10 | limits: 11 | cpu: "2" 12 | memory: "2Gi" 13 | jaegerui: 14 | enabled: true 15 | ingress: 16 | enabled: true 17 | resources: 18 | limits: 19 | cpu: "2" 20 | memory: "2Gi" 21 | -------------------------------------------------------------------------------- /config/samples/community/tempo_v1alpha1_tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: sample 5 | spec: 6 | storage: 7 | secret: 8 | name: my-storage-secret 9 | type: s3 10 | storageSize: 1Gi 11 | resources: 12 | total: 13 | limits: 14 | memory: 2Gi 15 | cpu: 2000m 16 | template: 17 | queryFrontend: 18 | jaegerQuery: 19 | enabled: true 20 | ingress: 21 | type: ingress 22 | -------------------------------------------------------------------------------- /config/samples/openshift/kustomization.yaml: -------------------------------------------------------------------------------- 1 | ## Append samples you want in your CSV to this file as resources ## 2 | resources: 3 | - tempo_v1alpha1_tempostack.yaml 4 | - tempo_v1alpha1_tempomonolithic.yaml 5 | #+kubebuilder:scaffold:manifestskustomizesamples 6 | -------------------------------------------------------------------------------- /config/samples/openshift/tempo_v1alpha1_tempomonolithic.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: sample 5 | spec: 6 | storage: 7 | traces: 8 | backend: memory 9 | resources: 10 | limits: 11 | cpu: "2" 12 | memory: "2Gi" 13 | jaegerui: 14 | enabled: true 15 | route: 16 | enabled: true 17 | resources: 18 | limits: 19 | cpu: "2" 20 | memory: "2Gi" 21 | -------------------------------------------------------------------------------- /config/samples/openshift/tempo_v1alpha1_tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: sample 5 | spec: 6 | storage: 7 | secret: 8 | name: my-storage-secret 9 | type: s3 10 | storageSize: 1Gi 11 | resources: 12 | total: 13 | limits: 14 | memory: 2Gi 15 | cpu: 2000m 16 | template: 17 | queryFrontend: 18 | jaegerQuery: 19 | enabled: true 20 | ingress: 21 | type: route 22 | -------------------------------------------------------------------------------- /config/scorecard/bases/config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: scorecard.operatorframework.io/v1alpha3 2 | kind: Configuration 3 | metadata: 4 | name: config 5 | stages: 6 | - parallel: true 7 | tests: [] 8 | -------------------------------------------------------------------------------- /config/scorecard/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - bases/config.yaml 3 | patches: 4 | - path: patches/basic.config.yaml 5 | target: 6 | group: scorecard.operatorframework.io 7 | version: v1alpha3 8 | kind: Configuration 9 | name: config 10 | - path: patches/olm.config.yaml 11 | target: 12 | group: scorecard.operatorframework.io 13 | version: v1alpha3 14 | kind: Configuration 15 | name: config 16 | -------------------------------------------------------------------------------- /config/scorecard/patches/basic.config.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /stages/0/tests/- 3 | value: 4 | entrypoint: 5 | - scorecard-test 6 | - basic-check-spec 7 | image: quay.io/operator-framework/scorecard-test:v1.27.0 8 | labels: 9 | suite: basic 10 | test: basic-check-spec-test 11 | -------------------------------------------------------------------------------- /config/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manifests.yaml 3 | - service.yaml 4 | 5 | configurations: 6 | - kustomizeconfig.yaml 7 | -------------------------------------------------------------------------------- /config/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: webhook-service 6 | namespace: system 7 | spec: 8 | ports: 9 | - port: 443 10 | protocol: TCP 11 | targetPort: 9443 12 | selector: 13 | control-plane: controller-manager 14 | -------------------------------------------------------------------------------- /events.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/grafana/tempo-operator/1c02a98025546c1d298dd7336aabe3cf35d0e7a8/events.txt -------------------------------------------------------------------------------- /hack/boilerplate.go.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/grafana/tempo-operator/1c02a98025546c1d298dd7336aabe3cf35d0e7a8/hack/boilerplate.go.txt -------------------------------------------------------------------------------- /hack/ignore-createdAt-bundle.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Since operator-sdk 1.26.0, `make bundle` changes the `createdAt` field from the bundle 3 | # even if it is patched: 4 | # https://github.com/operator-framework/operator-sdk/pull/6136 5 | # This code checks if only the createdAt field. If is the only change, it is ignored. 6 | # Else, it will do nothing. 7 | # https://github.com/operator-framework/operator-sdk/issues/6285#issuecomment-1415350333 8 | git diff --quiet -I'^ createdAt: ' bundle 9 | if ((! $?)) ; then 10 | git checkout bundle 11 | fi 12 | -------------------------------------------------------------------------------- /hack/install/install-kind.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | VERSION="0.18.0" 3 | 4 | echo "Installing kind" 5 | 6 | current_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) 7 | source $current_dir/install-utils.sh 8 | 9 | PROGRAM="kind" 10 | 11 | url="https://kind.sigs.k8s.io/dl/v$VERSION/kind-$(go env GOOS)-amd64" 12 | 13 | download $PROGRAM $VERSION $url 14 | -------------------------------------------------------------------------------- /hack/install/install-openshift-routes.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if kubectl api-resources --api-group=route.openshift.io | grep -q Route; then 4 | echo "OpenShift Routes are already installed." 5 | else 6 | kubectl apply -f https://raw.githubusercontent.com/openshift/router/release-4.12/deploy/router_rbac.yaml 7 | kubectl apply -f https://raw.githubusercontent.com/openshift/router/release-4.12/deploy/route_crd.yaml 8 | kubectl apply -f https://raw.githubusercontent.com/openshift/router/release-4.12/deploy/router.yaml 9 | kubectl wait --for=condition=available deployment/ingress-router -n openshift-ingress --timeout=5m 10 | fi 11 | -------------------------------------------------------------------------------- /hack/list-components.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | TEMPO_VERSION=$(grep -oP "docker.io/grafana/tempo:\K.*" config/manager/manager.yaml) 4 | KUBE_MIN_VERSION=$(grep -oP 'kube-version: "\K([\d.]*)' .github/workflows/e2e.yaml | sed -n '1p') 5 | KUBE_MAX_VERSION=$(grep -oP 'kube-version: "\K([\d.]*)' .github/workflows/e2e.yaml | sed -n '2p') 6 | 7 | cat << EOF 8 | ### Components 9 | - Tempo: [v${TEMPO_VERSION}](https://github.com/grafana/tempo/releases/tag/v${TEMPO_VERSION}) 10 | 11 | ### Support 12 | This release supports Kubernetes ${KUBE_MIN_VERSION} to ${KUBE_MAX_VERSION}. 13 | EOF 14 | -------------------------------------------------------------------------------- /internal/certrotation/expiry.go: -------------------------------------------------------------------------------- 1 | package certrotation 2 | 3 | import ( 4 | "fmt" 5 | "strings" 6 | ) 7 | 8 | // CertExpiredError contains information if a certificate expired 9 | // and the reasons of expiry. 10 | type CertExpiredError struct { 11 | Message string 12 | Reasons []string 13 | } 14 | 15 | func (e *CertExpiredError) Error() string { 16 | return fmt.Sprintf("%s for reasons: %s", e.Message, strings.Join(e.Reasons, ", ")) 17 | } 18 | -------------------------------------------------------------------------------- /internal/crdmetrics/bootstrap.go: -------------------------------------------------------------------------------- 1 | package crdmetrics 2 | 3 | import ( 4 | "go.opentelemetry.io/otel" 5 | "go.opentelemetry.io/otel/exporters/prometheus" 6 | "go.opentelemetry.io/otel/sdk/metric" 7 | "sigs.k8s.io/controller-runtime/pkg/client" 8 | "sigs.k8s.io/controller-runtime/pkg/metrics" 9 | ) 10 | 11 | // Bootstrap configures the OpenTelemetry meter provider with the Prometheus exporter. 12 | func Bootstrap(client client.Client) error { 13 | exporter, err := prometheus.New(prometheus.WithRegisterer(metrics.Registry)) 14 | if err != nil { 15 | return err 16 | } 17 | provider := metric.NewMeterProvider(metric.WithReader(exporter)) 18 | otel.SetMeterProvider(provider) 19 | // Create metrics 20 | tempoStackMetrics := newTempoStackMetrics(client) 21 | err = tempoStackMetrics.Setup() 22 | return err 23 | } 24 | -------------------------------------------------------------------------------- /internal/crdmetrics/consts.go: -------------------------------------------------------------------------------- 1 | package crdmetrics 2 | 3 | const ( 4 | meterName = "grafana/tempo-operator" 5 | ) 6 | 7 | // Metric labels 8 | 9 | const ( 10 | tempoStackMetricsPrefix = "tempo_operator_tempostack" 11 | storageBackendMetric = "storage_backend" 12 | managedMetric = "managed" 13 | jaegerUIUsage = "jaeger_ui" 14 | multitenancy = "multi_tenancy" 15 | ) 16 | -------------------------------------------------------------------------------- /internal/manifests/alerts/build_test.go: -------------------------------------------------------------------------------- 1 | package alerts 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/stretchr/testify/assert" 7 | "github.com/stretchr/testify/require" 8 | ) 9 | 10 | func TestBuildRules(t *testing.T) { 11 | rulesSpec, err := build(Options{ 12 | RunbookURL: RunbookDefaultURL, 13 | Namespace: "default", 14 | Cluster: "test", 15 | }) 16 | 17 | require.NoError(t, err) 18 | assert.Len(t, rulesSpec.Groups, 2) 19 | assert.Equal(t, "tempo_alerts_test_default", rulesSpec.Groups[0].Name) 20 | assert.Len(t, rulesSpec.Groups[0].Rules, 14) 21 | 22 | assert.Equal(t, "tempo_rules_test_default", rulesSpec.Groups[1].Name) 23 | assert.Len(t, rulesSpec.Groups[1].Rules, 6) 24 | 25 | } 26 | -------------------------------------------------------------------------------- /internal/manifests/alerts/options.go: -------------------------------------------------------------------------------- 1 | package alerts 2 | 3 | // Options is used to configure Prometheus Alerts. 4 | type Options struct { 5 | RunbookURL string 6 | Cluster string 7 | Namespace string 8 | } 9 | -------------------------------------------------------------------------------- /internal/manifests/alerts/prometheus_test.go: -------------------------------------------------------------------------------- 1 | package alerts 2 | 3 | import ( 4 | "testing" 5 | 6 | monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" 7 | "github.com/stretchr/testify/assert" 8 | "github.com/stretchr/testify/require" 9 | ) 10 | 11 | func TestBuildPrometheusRule(t *testing.T) { 12 | objects, err := BuildPrometheusRule("tempo-test", "default") 13 | 14 | require.NoError(t, err) 15 | assert.Len(t, objects, 1) 16 | rules := objects[0].(*monitoringv1.PrometheusRule) 17 | 18 | assert.Equal(t, "tempo-test-prometheus-rule", rules.Name) 19 | } 20 | -------------------------------------------------------------------------------- /internal/manifests/cloudcredentials/options.go: -------------------------------------------------------------------------------- 1 | package cloudcredentials 2 | 3 | import ( 4 | "os" 5 | 6 | "github.com/grafana/tempo-operator/internal/manifests/manifestutils" 7 | ) 8 | 9 | // DiscoverTokenCCOAuthConfig return a token config based on the env variables. 10 | func DiscoverTokenCCOAuthConfig() *manifestutils.TokenCCOAuthConfig { 11 | // AWS 12 | roleARN := os.Getenv("ROLEARN") 13 | 14 | switch { 15 | case roleARN != "": 16 | return &manifestutils.TokenCCOAuthConfig{ 17 | AWS: &manifestutils.TokenCCOAWSEnvironment{ 18 | RoleARN: roleARN, 19 | }, 20 | } 21 | } 22 | 23 | return nil 24 | } 25 | -------------------------------------------------------------------------------- /internal/manifests/config/tempo-query.yaml: -------------------------------------------------------------------------------- 1 | address: 0.0.0.0:7777 2 | backend: localhost:{{ .HTTPPort }} 3 | tenant_header_key: {{ .TenantHeader }} 4 | {{- if and .Gates.HTTPEncryption .Gateway }} 5 | tls_enabled: true 6 | tls_cert_path: {{ .TLS.Paths.Certificate }} 7 | tls_key_path: {{ .TLS.Paths.Key }} 8 | tls_ca_path: {{ .TLS.Paths.CA }} 9 | tls_insecure_skip_verify: false 10 | tls_server_name: {{ .TLS.ServerNames.QueryFrontend }} 11 | {{- end }} 12 | services_query_duration: {{ .ServicesQueryDuration }} 13 | find_traces_concurrent_requests: {{ .FindTracesConcurrentRequests }} 14 | -------------------------------------------------------------------------------- /internal/manifests/gateway/testdata/rbac.yaml: -------------------------------------------------------------------------------- 1 | roleBindings: 2 | - name: "test" 3 | roles: 4 | - read-write 5 | subjects: 6 | - kind: "user" 7 | name: "admin@example.com" 8 | roles: 9 | - name: "read-write" 10 | permissions: 11 | - "read" 12 | - "write" 13 | resources: 14 | - "logs" 15 | - "metrics" 16 | - "traces" 17 | tenants: 18 | - "test-oidc" 19 | -------------------------------------------------------------------------------- /internal/manifests/gateway/testdata/tenants.yaml: -------------------------------------------------------------------------------- 1 | tenants: 2 | - id: "1610b0c3-c509-4592-a256-a1871353dbfa" 3 | name: "test-oidc" 4 | oidc: 5 | clientID: "test" 6 | issuerURL: "https://dex.klimlive.de/dex" 7 | clientSecret: "super-secret" 8 | redirectURL: "https://observatorium.klimlive.de/oidc/test-oidc/callback" 9 | usernameClaim: "email" 10 | rateLimits: 11 | - endpoint: "/api/metrics/v1/.+/api/v1/receive" 12 | limit: 1000 13 | window: "1s" 14 | - endpoint: "/api/logs/v1/.*" 15 | limit: 1000 16 | window: "1s" 17 | -------------------------------------------------------------------------------- /internal/manifests/manifestutils/annotations_test.go: -------------------------------------------------------------------------------- 1 | package manifestutils 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/stretchr/testify/assert" 7 | ) 8 | 9 | func TestAzureShortLiveTokenAnnotation(t *testing.T) { 10 | annotations := AzureShortLiveTokenAnnotation(AzureStorage{ 11 | TenantID: "test-tenant", 12 | ClientID: "test-client", 13 | }) 14 | 15 | assert.Equal(t, "test-client", annotations["azure.workload.identity/client-id"]) 16 | assert.Equal(t, "test-tenant", annotations["azure.workload.identity/tenant-id"]) 17 | } 18 | -------------------------------------------------------------------------------- /internal/manifests/manifestutils/cloudcredentials.go: -------------------------------------------------------------------------------- 1 | package manifestutils 2 | 3 | // TokenCCOAWSEnvironment expose AWS settings when using CCO. 4 | type TokenCCOAWSEnvironment struct { 5 | RoleARN string 6 | } 7 | 8 | // TokenCCOAuthConfig CCO token config. 9 | type TokenCCOAuthConfig struct { 10 | AWS *TokenCCOAWSEnvironment 11 | } 12 | -------------------------------------------------------------------------------- /internal/manifests/manifestutils/gomemlimit.go: -------------------------------------------------------------------------------- 1 | package manifestutils 2 | 3 | import ( 4 | "fmt" 5 | 6 | v1 "k8s.io/api/core/v1" 7 | ) 8 | 9 | // SetGoMemLimit sets GOMEMLIMIT env var to 80% memory of the container if it's defined. 10 | func SetGoMemLimit(containerName string, pod *v1.PodSpec) { 11 | index, _ := findContainerIndex(pod, containerName) 12 | 13 | if index == -1 { 14 | return 15 | } 16 | 17 | container := &pod.Containers[index] 18 | 19 | memory := container.Resources.Limits.Memory() 20 | if memory != nil && !memory.IsZero() { 21 | bytes := memory.Value() 22 | gomemlimit := bytes * 80 / 100 23 | container.Env = append(container.Env, v1.EnvVar{ 24 | Name: "GOMEMLIMIT", 25 | Value: fmt.Sprintf("%d", gomemlimit), 26 | }) 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /internal/manifests/manifestutils/probes.go: -------------------------------------------------------------------------------- 1 | package manifestutils 2 | 3 | import ( 4 | corev1 "k8s.io/api/core/v1" 5 | "k8s.io/apimachinery/pkg/util/intstr" 6 | ) 7 | 8 | // TempoReadinessProbe returns a readiness Probe spec for tempo components. 9 | func TempoReadinessProbe(tlsEnable bool) *corev1.Probe { 10 | 11 | scheme := corev1.URISchemeHTTP 12 | port := intstr.FromString(HttpPortName) 13 | 14 | if tlsEnable { 15 | scheme = corev1.URISchemeHTTPS 16 | port = intstr.FromInt(PortInternalHTTPServer) 17 | } 18 | 19 | return &corev1.Probe{ 20 | ProbeHandler: corev1.ProbeHandler{ 21 | HTTPGet: &corev1.HTTPGetAction{ 22 | Scheme: scheme, 23 | Path: TempoReadinessPath, 24 | Port: port, 25 | }, 26 | }, 27 | InitialDelaySeconds: 15, 28 | TimeoutSeconds: 1, 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /internal/manifests/manifestutils/securitycontext.go: -------------------------------------------------------------------------------- 1 | package manifestutils 2 | 3 | import ( 4 | corev1 "k8s.io/api/core/v1" 5 | "k8s.io/utils/ptr" 6 | ) 7 | 8 | // TempoContainerSecurityContext returns the default container security context. 9 | func TempoContainerSecurityContext() *corev1.SecurityContext { 10 | return &corev1.SecurityContext{ 11 | AllowPrivilegeEscalation: ptr.To(false), 12 | Capabilities: &corev1.Capabilities{ 13 | Drop: []corev1.Capability{"ALL"}, 14 | }, 15 | ReadOnlyRootFilesystem: ptr.To(true), 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /internal/manifests/monolithic/build_test.go: -------------------------------------------------------------------------------- 1 | package monolithic 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/stretchr/testify/require" 7 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 8 | 9 | "github.com/grafana/tempo-operator/api/tempo/v1alpha1" 10 | ) 11 | 12 | func TestBuildAll(t *testing.T) { 13 | opts := Options{ 14 | Tempo: v1alpha1.TempoMonolithic{ 15 | ObjectMeta: metav1.ObjectMeta{ 16 | Name: "sample", 17 | Namespace: "default", 18 | }, 19 | Spec: v1alpha1.TempoMonolithicSpec{ 20 | Storage: &v1alpha1.MonolithicStorageSpec{ 21 | Traces: v1alpha1.MonolithicTracesStorageSpec{ 22 | Backend: "memory", 23 | }, 24 | }, 25 | }, 26 | }, 27 | } 28 | 29 | objects, err := BuildAll(opts) 30 | require.NoError(t, err) 31 | require.Len(t, objects, 4) 32 | } 33 | -------------------------------------------------------------------------------- /internal/manifests/monolithic/prometheusrule.go: -------------------------------------------------------------------------------- 1 | package monolithic 2 | 3 | import ( 4 | "sigs.k8s.io/controller-runtime/pkg/client" 5 | 6 | "github.com/grafana/tempo-operator/internal/manifests/alerts" 7 | ) 8 | 9 | // BuildPrometheusRules creates PrometheusRule objects. 10 | func BuildPrometheusRules(opts Options) ([]client.Object, error) { 11 | tempo := opts.Tempo 12 | return alerts.BuildPrometheusRule(tempo.Name, tempo.Namespace) 13 | } 14 | -------------------------------------------------------------------------------- /internal/status/client.go: -------------------------------------------------------------------------------- 1 | package status 2 | 3 | import ( 4 | "context" 5 | 6 | corev1 "k8s.io/api/core/v1" 7 | 8 | "github.com/grafana/tempo-operator/api/tempo/v1alpha1" 9 | ) 10 | 11 | // StatusClient defines a interface for fetching status information. 12 | type StatusClient interface { 13 | GetPodsComponent(ctx context.Context, componentName string, stack v1alpha1.TempoStack) (*corev1.PodList, error) 14 | PatchStatus(ctx context.Context, changed, original *v1alpha1.TempoStack) error 15 | } 16 | -------------------------------------------------------------------------------- /internal/tlsprofile/client_test.go: -------------------------------------------------------------------------------- 1 | package tlsprofile 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/stretchr/testify/mock" 7 | "sigs.k8s.io/controller-runtime/pkg/client" 8 | ) 9 | 10 | type clientStub struct { 11 | mock.Mock 12 | } 13 | 14 | func (scs2 *clientStub) Get(ctx context.Context, key client.ObjectKey, obj client.Object, opts ...client.GetOption) error { 15 | args := scs2.Called(ctx, key, obj, opts) 16 | return args.Error(0) 17 | } 18 | -------------------------------------------------------------------------------- /internal/tlsprofile/interfaces.go: -------------------------------------------------------------------------------- 1 | package tlsprofile 2 | 3 | import ( 4 | "context" 5 | 6 | "sigs.k8s.io/controller-runtime/pkg/client" 7 | ) 8 | 9 | type k8getter interface { 10 | Get(ctx context.Context, key client.ObjectKey, obj client.Object, opts ...client.GetOption) error 11 | } 12 | -------------------------------------------------------------------------------- /internal/upgrade/v0_15_4.go: -------------------------------------------------------------------------------- 1 | package upgrade 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/grafana/tempo-operator/api/tempo/v1alpha1" 7 | ) 8 | 9 | // Switch thanos-querier port to tenancy-enabled port. 10 | func upgrade0_15_4(ctx context.Context, u Upgrade, tempo *v1alpha1.TempoStack) error { 11 | if tempo.Spec.Template.QueryFrontend.JaegerQuery.MonitorTab.PrometheusEndpoint == "https://thanos-querier.openshift-monitoring.svc.cluster.local:9091" { 12 | tempo.Spec.Template.QueryFrontend.JaegerQuery.MonitorTab.PrometheusEndpoint = "https://thanos-querier.openshift-monitoring.svc.cluster.local:9092" 13 | } 14 | return nil 15 | } 16 | -------------------------------------------------------------------------------- /internal/upgrade/v0_1_0.go: -------------------------------------------------------------------------------- 1 | package upgrade 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/grafana/tempo-operator/api/tempo/v1alpha1" 7 | ) 8 | 9 | // This is a template for future versions. 10 | func upgrade0_1_0(ctx context.Context, u Upgrade, tempo *v1alpha1.TempoStack) error { 11 | // no-op because 0.1.0 is the first released tempo-operator version 12 | return nil 13 | } 14 | -------------------------------------------------------------------------------- /internal/upgrade/v0_3_0.go: -------------------------------------------------------------------------------- 1 | package upgrade 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/grafana/tempo-operator/api/tempo/v1alpha1" 7 | ) 8 | 9 | // This upgrade sets the deprecated MaxSearchBytesPerTrace field to nil. 10 | func upgrade0_3_0(ctx context.Context, u Upgrade, tempo *v1alpha1.TempoStack) error { 11 | if tempo.Spec.LimitSpec.Global.Query.MaxSearchBytesPerTrace != nil { 12 | tempo.Spec.LimitSpec.Global.Query.MaxSearchBytesPerTrace = nil 13 | } 14 | for tenant, limits := range tempo.Spec.LimitSpec.PerTenant { 15 | if limits.Query.MaxSearchBytesPerTrace != nil { 16 | limits.Query.MaxSearchBytesPerTrace = nil 17 | tempo.Spec.LimitSpec.PerTenant[tenant] = limits 18 | } 19 | } 20 | return nil 21 | } 22 | -------------------------------------------------------------------------------- /internal/upgrade/v0_6_0.go: -------------------------------------------------------------------------------- 1 | package upgrade 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/grafana/tempo-operator/api/tempo/v1alpha1" 7 | ) 8 | 9 | // This upgrade unsets the image fields in the TempoStack CR. 10 | // From 0.6.0 onwards, the image location is not stored in the CR unless it got changed manually. 11 | func upgrade0_6_0(ctx context.Context, u Upgrade, tempo *v1alpha1.TempoStack) error { 12 | tempo.Spec.Images.Tempo = "" 13 | tempo.Spec.Images.TempoQuery = "" 14 | tempo.Spec.Images.TempoGateway = "" 15 | tempo.Spec.Images.TempoGatewayOpa = "" 16 | return nil 17 | } 18 | -------------------------------------------------------------------------------- /internal/upgrade/v0_8_0.go: -------------------------------------------------------------------------------- 1 | package upgrade 2 | 3 | import ( 4 | "context" 5 | 6 | "github.com/grafana/tempo-operator/api/tempo/v1alpha1" 7 | ) 8 | 9 | // The .spec.storage.tls field from TempoStack CR changed from {caName: ""} to TLSSpec 10 | // Set the enabled field if the caName was set previously. 11 | func upgrade0_8_0(ctx context.Context, u Upgrade, tempo *v1alpha1.TempoStack) error { 12 | if tempo.Spec.Storage.TLS.CA != "" { 13 | tempo.Spec.Storage.TLS.Enabled = true 14 | } 15 | return nil 16 | } 17 | -------------------------------------------------------------------------------- /kind-1.25.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | image: kindest/node:v1.25.8@sha256:00d3f5314cc35327706776e95b2f8e504198ce59ac545d0200a89e69fce10b7f 6 | kubeadmConfigPatches: 7 | - | 8 | kind: InitConfiguration 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | node-labels: "ingress-ready=true" 12 | extraPortMappings: 13 | - containerPort: 80 14 | hostPort: 80 15 | protocol: TCP 16 | - containerPort: 443 17 | hostPort: 443 18 | protocol: TCP 19 | -------------------------------------------------------------------------------- /kind-1.26.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | image: kindest/node:v1.26.3@sha256:61b92f38dff6ccc29969e7aa154d34e38b89443af1a2c14e6cfbd2df6419c66f 6 | kubeadmConfigPatches: 7 | - | 8 | kind: InitConfiguration 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | node-labels: "ingress-ready=true" 12 | extraPortMappings: 13 | - containerPort: 80 14 | hostPort: 80 15 | protocol: TCP 16 | - containerPort: 443 17 | hostPort: 443 18 | protocol: TCP 19 | -------------------------------------------------------------------------------- /kind-1.27.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | image: kindest/node:v1.27.1@sha256:9915f5629ef4d29f35b478e819249e89cfaffcbfeebda4324e5c01d53d937b09 6 | kubeadmConfigPatches: 7 | - | 8 | kind: InitConfiguration 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | node-labels: "ingress-ready=true" 12 | extraPortMappings: 13 | - containerPort: 80 14 | hostPort: 80 15 | protocol: TCP 16 | - containerPort: 443 17 | hostPort: 443 18 | protocol: TCP 19 | -------------------------------------------------------------------------------- /kind-1.28.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | image: kindest/node:v1.28.0@sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31 6 | kubeadmConfigPatches: 7 | - | 8 | kind: InitConfiguration 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | node-labels: "ingress-ready=true" 12 | extraPortMappings: 13 | - containerPort: 80 14 | hostPort: 80 15 | protocol: TCP 16 | - containerPort: 443 17 | hostPort: 443 18 | protocol: TCP 19 | -------------------------------------------------------------------------------- /kind-1.29.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | image: kindest/node:v1.29.2@sha256:acc9e82a5a5bd3dfccfd03117e9ef5f96b46108b55cd647fb5e7d0d1a35c9c6f 6 | kubeadmConfigPatches: 7 | - | 8 | kind: InitConfiguration 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | node-labels: "ingress-ready=true" 12 | extraPortMappings: 13 | - containerPort: 80 14 | hostPort: 80 15 | protocol: TCP 16 | - containerPort: 443 17 | hostPort: 443 18 | protocol: TCP 19 | -------------------------------------------------------------------------------- /kind-1.30.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | image: kindest/node:v1.30.4@sha256:34cb98a38a57a3357fde925a41d61232bbbbeb411b45a25c0d766635d6c3b975 6 | kubeadmConfigPatches: 7 | - | 8 | kind: InitConfiguration 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | node-labels: "ingress-ready=true" 12 | extraPortMappings: 13 | - containerPort: 80 14 | hostPort: 80 15 | protocol: TCP 16 | - containerPort: 443 17 | hostPort: 443 18 | protocol: TCP 19 | -------------------------------------------------------------------------------- /kind-1.32.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | image: kindest/node:v1.32.3@sha256:b36e76b4ad37b88539ce5e07425f77b29f73a8eaaebf3f1a8bc9c764401d118c 6 | kubeadmConfigPatches: 7 | - | 8 | kind: InitConfiguration 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | node-labels: "ingress-ready=true" 12 | extraPortMappings: 13 | - containerPort: 80 14 | hostPort: 80 15 | protocol: TCP 16 | - containerPort: 443 17 | hostPort: 443 18 | protocol: TCP 19 | -------------------------------------------------------------------------------- /tests/Dockerfile.utils: -------------------------------------------------------------------------------- 1 | FROM alpine:3.18 2 | 3 | RUN apk update && \ 4 | apk add --no-cache curl jq bash && \ 5 | rm -rf /var/cache/apk/* 6 | 7 | CMD [ "bash" ] 8 | -------------------------------------------------------------------------------- /tests/e2e-long-running/tempostack-retention-global/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-long-running/tempostack-retention-global/01-install.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: global 5 | spec: 6 | storage: 7 | secret: 8 | name: minio 9 | type: s3 10 | storageSize: 200M 11 | resources: 12 | total: 13 | limits: 14 | memory: 6Gi 15 | cpu: 2000m 16 | retention: 17 | global: 18 | traces: "32m" 19 | template: 20 | queryFrontend: 21 | jaegerQuery: 22 | enabled: true 23 | ingress: 24 | type: ingress 25 | -------------------------------------------------------------------------------- /tests/e2e-long-running/tempostack-retention-global/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-long-running/tempostack-retention-global/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-global-distributor:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e-long-running/tempostack-retention-global/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-long-running/tempostack-retention-global/05-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-grafana 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-long-running/tempostack-retention-global/verify-traces-grafana-ret-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-grafana-ret 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-long-running/tempostack-retention-global/verify-traces-jaeger-ret-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger-ret 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-monolithic/aws-sts-s3-create-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: aws-sts 5 | namespace: chainsaw-awscco-mono 6 | type: Opaque 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-monolithic/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-awscco-mono 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-monolithic/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-awscco-mono 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-tmonocco.chainsaw-awscco-mono.svc:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-monolithic/install-monolithic.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: tmonocco 5 | namespace: chainsaw-awscco-mono 6 | spec: 7 | storage: 8 | traces: 9 | backend: s3 10 | s3: 11 | secret: aws-sts 12 | credentialMode: token-cco 13 | jaegerui: 14 | enabled: true 15 | route: 16 | enabled: true 17 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-monolithic/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-awscco-mono 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-tempostack/aws-sts-s3-create-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: aws-sts 5 | namespace: chainsaw-awscco-tempo 6 | type: Opaque 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-tempostack/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-awscco-tempo 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-tempostack/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-awscco-tempo 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-tmcco-distributor.chainsaw-awscco-tempo.svc:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-tempostack/install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: tmcco 5 | namespace: chainsaw-awscco-tempo 6 | spec: 7 | storage: 8 | secret: 9 | name: aws-sts 10 | type: s3 11 | credentialMode: token-cco 12 | storageSize: 10Gi 13 | resources: 14 | total: 15 | limits: 16 | memory: 4Gi 17 | cpu: 2000m 18 | template: 19 | queryFrontend: 20 | jaegerQuery: 21 | enabled: true 22 | ingress: 23 | type: route 24 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-cco-tempostack/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-awscco-tempo 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-monolithic/aws-sts-s3-create-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: aws-sts 5 | namespace: chainsaw-awssts-mono 6 | type: Opaque 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-monolithic/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-awssts-mono 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-monolithic/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-awssts-mono 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-tmmono.chainsaw-awssts-mono.svc:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-monolithic/install-monolithic.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: tmmono 5 | namespace: chainsaw-awssts-mono 6 | spec: 7 | storage: 8 | traces: 9 | backend: s3 10 | s3: 11 | secret: aws-sts 12 | jaegerui: 13 | enabled: true 14 | route: 15 | enabled: true 16 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-monolithic/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-awssts-mono 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-tempostack/aws-sts-s3-create-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: aws-sts 5 | namespace: chainsaw-awssts-tempo 6 | type: Opaque 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-tempostack/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-awssts-tempo 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-tempostack/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-awssts-tempo 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-tmstack-distributor.chainsaw-awssts-tempo.svc:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-tempostack/install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: tmstack 5 | namespace: chainsaw-awssts-tempo 6 | spec: 7 | storage: 8 | secret: 9 | name: aws-sts 10 | type: s3 11 | storageSize: 10Gi 12 | resources: 13 | total: 14 | limits: 15 | memory: 4Gi 16 | cpu: 2000m 17 | template: 18 | queryFrontend: 19 | jaegerQuery: 20 | enabled: true 21 | ingress: 22 | type: route 23 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/aws-sts-tempostack/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-awssts-tempo 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-monolithic/azure-wif-create-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: azure-secret 5 | namespace: chainsaw-azurewif-mono 6 | type: Opaque 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-monolithic/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-azurewif-mono 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-monolithic/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-azurewif-mono 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-azurewifmn.chainsaw-azurewif-mono.svc:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-monolithic/install-monolithic.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: azurewifmn 5 | namespace: chainsaw-azurewif-mono 6 | spec: 7 | storage: 8 | traces: 9 | backend: azure 10 | azure: 11 | secret: azure-secret 12 | jaegerui: 13 | enabled: true 14 | route: 15 | enabled: true 16 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-monolithic/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-azurewif-mono 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-tempostack/azure-wif-create-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: azure-secret 5 | namespace: chainsaw-azurewif-tempo 6 | type: Opaque 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-tempostack/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-azurewif-tempo 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-tempostack/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-azurewif-tempo 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-azurewiftm-distributor.chainsaw-azurewif-tempo.svc:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-tempostack/install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: azurewiftm 5 | namespace: chainsaw-azurewif-tempo 6 | spec: 7 | storage: 8 | secret: 9 | name: azure-secret 10 | type: azure 11 | storageSize: 10Gi 12 | resources: 13 | total: 14 | limits: 15 | memory: 4Gi 16 | cpu: 2000m 17 | template: 18 | queryFrontend: 19 | jaegerQuery: 20 | enabled: true 21 | ingress: 22 | type: route 23 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/azure-wif-tempostack/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-azurewif-tempo 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-monolithic/gcp-wif-create-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: gcs-secret 5 | namespace: chainsaw-gcpwif-mono 6 | type: Opaque 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-monolithic/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-gcpwif-mono 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-monolithic/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-gcpwif-mono 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-gcpwifmn.chainsaw-gcpwif-mono.svc:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-monolithic/install-monolithic.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: gcpwifmn 5 | namespace: chainsaw-gcpwif-mono 6 | spec: 7 | storage: 8 | traces: 9 | backend: gcs 10 | gcs: 11 | secret: gcs-secret 12 | jaegerui: 13 | enabled: true 14 | route: 15 | enabled: true 16 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-monolithic/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-gcpwif-mono 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-tempostack/gcp-wif-create-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: gcs-secret 5 | namespace: chainsaw-gcpwif-tempo 6 | type: Opaque 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-tempostack/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-gcpwif-tempo 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-tempostack/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-gcpwif-tempo 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-gcpwiftm-distributor.chainsaw-gcpwif-tempo.svc:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-tempostack/install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: gcpwiftm 5 | namespace: chainsaw-gcpwif-tempo 6 | spec: 7 | storage: 8 | secret: 9 | name: gcs-secret 10 | type: gcs 11 | storageSize: 10Gi 12 | resources: 13 | total: 14 | limits: 15 | memory: 4Gi 16 | cpu: 2000m 17 | template: 18 | queryFrontend: 19 | jaegerQuery: 20 | enabled: true 21 | ingress: 22 | type: route 23 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/gcp-wif-tempostack/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-gcpwif-tempo 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-aws/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: s3-secret 5 | type: Opaque 6 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-aws/00-install-storage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | - script: ./create-bucket.sh 5 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-aws/01-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | traces: 8 | backend: s3 9 | s3: 10 | secret: s3-secret 11 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-aws/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-aws/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.75.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-aws/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-azure/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: azure-secret 5 | type: Opaque 6 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-azure/00-install-storage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | - script: ./create-bucket.sh 5 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-azure/01-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | traces: 8 | backend: azure 9 | azure: 10 | secret: azure-secret 11 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-azure/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-azure/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.75.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-azure/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-azure/delete-bucket.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | AZURE_RESOURCE_GROUP_NAME=ikanse-monolithic-azure 6 | 7 | # Check if the resource group exists before attempting to delete it. 8 | if [ "$(az group exists --name $AZURE_RESOURCE_GROUP_NAME)" == "true" ]; then 9 | az group delete --name $AZURE_RESOURCE_GROUP_NAME -y || { echo "Failed to delete resource group"; } 10 | fi 11 | 12 | #Wait for the resource group to be deleted for 30 seconds. 13 | # Check if the resource group exists before attempting to delete it. 14 | if [ "$(az group exists --name $AZURE_RESOURCE_GROUP_NAME)" == "true" ]; then 15 | sleep 30 16 | fi 17 | 18 | echo "Script executed successfully" 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-gcs/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: gcs-secret 5 | type: Opaque 6 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-gcs/00-install-storage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | - script: ./create-bucket.sh 5 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-gcs/01-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | traces: 8 | backend: gcs 9 | gcs: 10 | secret: gcs-secret 11 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-gcs/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-gcs/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.75.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-gcs/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-ibm/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: ibm-cos-secret 5 | type: Opaque 6 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-ibm/00-install-storage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | - script: ./create-bucket.sh 5 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-ibm/01-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | traces: 8 | backend: s3 9 | s3: 10 | secret: ibm-cos-secret 11 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-ibm/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-ibm/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.75.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-ibm/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/monolithic-ibm/delete-bucket.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # List objects in the bucket 4 | ibmcloud cos objects --bucket ikanse-tempo-bucket-mono 5 | 6 | # Delete all objects in the bucket 7 | ibmcloud cos list-objects --bucket ikanse-tempo-bucket-mono --output json | jq -r '.Contents[].Key' | xargs -I {} ibmcloud cos object-delete --bucket ikanse-tempo-bucket-mono --force --key {} 8 | 9 | # Delete the bucket 10 | ibmcloud cos bucket-delete --bucket ikanse-tempo-bucket-mono --force 11 | 12 | # Delete the service key 13 | ibmcloud resource service-key-delete ikanse-tempo-bucket-mono --force 14 | 15 | # Delete the service instance 16 | ibmcloud resource service-instance-delete ikanse-tempo-bucket-mono --force 17 | 18 | # Delete the resource group 19 | ibmcloud resource group-delete ikanse-tracing-mono --force 20 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-aws/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: s3-secret 5 | type: Opaque 6 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-aws/00-object-store-bucket.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | - script: ./create-bucket.sh 5 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-aws/01-install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | secret: 8 | name: s3-secret 9 | type: s3 10 | storageSize: 200M 11 | resources: 12 | total: 13 | limits: 14 | memory: 2Gi 15 | cpu: 2000m 16 | template: 17 | queryFrontend: 18 | jaegerQuery: 19 | enabled: true 20 | ingress: 21 | type: ingress 22 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-aws/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-aws/02-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:latest 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest-distributor:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-aws/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-azure/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: azure-secret 5 | type: Opaque 6 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-azure/00-object-store-bucket.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | - script: ./create-bucket.sh 5 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-azure/01-install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | secret: 8 | name: azure-secret 9 | type: azure 10 | storageSize: 200M 11 | resources: 12 | total: 13 | limits: 14 | memory: 2Gi 15 | cpu: 2000m 16 | template: 17 | queryFrontend: 18 | jaegerQuery: 19 | enabled: true 20 | ingress: 21 | type: ingress 22 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-azure/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-azure/02-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:latest 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest-distributor:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-azure/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-azure/delete-bucket.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | AZURE_RESOURCE_GROUP_NAME=ikanse-tempostack-azure 6 | 7 | # Check if the resource group exists before attempting to delete it. 8 | if [ "$(az group exists --name $AZURE_RESOURCE_GROUP_NAME)" == "true" ]; then 9 | az group delete --name $AZURE_RESOURCE_GROUP_NAME -y || { echo "Failed to delete resource group"; } 10 | fi 11 | 12 | #Wait for the resource group to be deleted for 30 seconds. 13 | # Check if the resource group exists before attempting to delete it. 14 | if [ "$(az group exists --name $AZURE_RESOURCE_GROUP_NAME)" == "true" ]; then 15 | sleep 30 16 | fi 17 | 18 | echo "Script executed successfully" 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-gcs/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: gcs-secret 5 | type: Opaque 6 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-gcs/00-object-store-bucket.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | - script: ./create-bucket.sh 5 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-gcs/01-install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | secret: 8 | name: gcs-secret 9 | type: gcs 10 | storageSize: 200M 11 | resources: 12 | total: 13 | limits: 14 | memory: 2Gi 15 | cpu: 2000m 16 | template: 17 | queryFrontend: 18 | jaegerQuery: 19 | enabled: true 20 | ingress: 21 | type: ingress 22 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-gcs/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-gcs/02-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:latest 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest-distributor:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-gcs/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-ibm/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: ibm-cos-secret 5 | type: Opaque 6 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-ibm/00-object-store-bucket.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | - script: ./create-bucket.sh 5 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-ibm/01-install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | secret: 8 | name: ibm-cos-secret 9 | type: s3 10 | storageSize: 200M 11 | resources: 12 | total: 13 | limits: 14 | memory: 4Gi 15 | cpu: 2000m 16 | template: 17 | queryFrontend: 18 | jaegerQuery: 19 | enabled: true 20 | ingress: 21 | type: ingress 22 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-ibm/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-ibm/02-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:latest 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest-distributor:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-ibm/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift-object-stores/tempostack-ibm/delete-bucket.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # List objects in the bucket 4 | ibmcloud cos objects --bucket ikanse-tempo-bucket 5 | 6 | # Delete all objects in the bucket 7 | ibmcloud cos list-objects --bucket ikanse-tempo-bucket --output json | jq -r '.Contents[].Key' | xargs -I {} ibmcloud cos object-delete --bucket ikanse-tempo-bucket --force --key {} 8 | 9 | # Delete the bucket 10 | ibmcloud cos bucket-delete --bucket ikanse-tempo-bucket --force 11 | 12 | # Delete the service key 13 | ibmcloud resource service-key-delete ikanse-tempo-bucket --force 14 | 15 | # Delete the service instance 16 | ibmcloud resource service-instance-delete ikanse-tempo-bucket --force 17 | 18 | # Delete the resource group 19 | ibmcloud resource group-delete ikanse-tracing --force 20 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/apply-telemetry-cr-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: telemetry.istio.io/v1alpha1 2 | kind: Telemetry 3 | metadata: 4 | name: mesh-default 5 | namespace: istio-system 6 | spec: 7 | tracing: 8 | - providers: 9 | - name: tempo 10 | randomSamplingPercentage: 100 11 | 12 | --- 13 | apiVersion: v1 14 | kind: Pod 15 | metadata: 16 | labels: 17 | app: kiali 18 | app.kubernetes.io/instance: kiali 19 | app.kubernetes.io/name: kiali 20 | app.kubernetes.io/part-of: kiali 21 | namespace: istio-system 22 | status: 23 | containerStatuses: 24 | - name: kiali 25 | ready: true 26 | started: true 27 | phase: Running -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/apply-telemetry-cr.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: telemetry.istio.io/v1alpha1 2 | kind: Telemetry 3 | metadata: 4 | name: mesh-default 5 | namespace: istio-system 6 | spec: 7 | tracing: 8 | - providers: 9 | - name: tempo 10 | randomSamplingPercentage: 100 11 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/generate-traces-otel-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc 5 | namespace: otlp-app 6 | status: 7 | succeeded: 1 8 | 9 | --- 10 | apiVersion: batch/v1 11 | kind: Job 12 | metadata: 13 | name: generate-traces-http 14 | namespace: otlp-app 15 | status: 16 | succeeded: 1 17 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/install-otel-collector-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: simplest-collector 5 | namespace: tracing-system 6 | status: 7 | availableReplicas: 1 8 | readyReplicas: 1 9 | replicas: 1 10 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/install-otel-collector.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: opentelemetry.io/v1alpha1 2 | kind: OpenTelemetryCollector 3 | metadata: 4 | name: simplest 5 | namespace: tracing-system 6 | spec: 7 | config: | 8 | receivers: 9 | zipkin: {} 10 | otlp: 11 | protocols: 12 | grpc: 13 | http: 14 | 15 | processors: 16 | 17 | exporters: 18 | otlp: 19 | endpoint: tempo-simplest.tracing-system.svc.cluster.local:4317 20 | tls: 21 | insecure: true 22 | 23 | service: 24 | pipelines: 25 | traces: 26 | receivers: [zipkin, otlp] 27 | processors: [] 28 | exporters: [otlp] 29 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: simplest 5 | namespace: tracing-system 6 | spec: 7 | jaegerui: 8 | enabled: true 9 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/update-kiali-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kiali.io/v1alpha1 2 | kind: Kiali 3 | metadata: 4 | name: kiali 5 | namespace: istio-system 6 | spec: 7 | external_services: 8 | tracing: 9 | query_timeout: 30 10 | enabled: true 11 | in_cluster_url: 'http://tempo-simplest-jaegerui.tracing-system.svc.cluster.local:16686' 12 | url: '[Tempo query frontend Route url]' 13 | use_grpc: false 14 | 15 | --- 16 | apiVersion: v1 17 | kind: Pod 18 | metadata: 19 | labels: 20 | app: kiali 21 | app.kubernetes.io/instance: kiali 22 | app.kubernetes.io/name: kiali 23 | app.kubernetes.io/part-of: kiali 24 | namespace: istio-system 25 | status: 26 | containerStatuses: 27 | - name: kiali 28 | ready: true 29 | started: true 30 | phase: Running 31 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/update-kiali.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kiali.io/v1alpha1 2 | kind: Kiali 3 | metadata: 4 | name: kiali 5 | namespace: istio-system 6 | spec: 7 | kiali_feature_flags: 8 | certificates_information_indicators: 9 | enabled: false 10 | external_services: 11 | tracing: 12 | query_timeout: 30 13 | enabled: true 14 | in_cluster_url: 'http://tempo-simplest-jaegerui.tracing-system.svc.cluster.local:16686' 15 | url: '[Tempo query frontend Route url]' 16 | use_grpc: false 17 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: istio-system 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-monolithic-otel/verify-traces-otel-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-otel 5 | namespace: otlp-app 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/apply-telemetry-cr-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: telemetry.istio.io/v1alpha1 2 | kind: Telemetry 3 | metadata: 4 | name: mesh-default 5 | namespace: istio-system 6 | spec: 7 | tracing: 8 | - providers: 9 | - name: tempo 10 | randomSamplingPercentage: 100 11 | 12 | --- 13 | apiVersion: v1 14 | kind: Pod 15 | metadata: 16 | labels: 17 | app: kiali 18 | app.kubernetes.io/instance: kiali 19 | app.kubernetes.io/name: kiali 20 | app.kubernetes.io/part-of: kiali 21 | namespace: istio-system 22 | status: 23 | containerStatuses: 24 | - name: kiali 25 | ready: true 26 | started: true 27 | phase: Running -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/apply-telemetry-cr.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: telemetry.istio.io/v1alpha1 2 | kind: Telemetry 3 | metadata: 4 | name: mesh-default 5 | namespace: istio-system 6 | spec: 7 | tracing: 8 | - providers: 9 | - name: tempo 10 | randomSamplingPercentage: 100 11 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/generate-traces-otel-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc 5 | namespace: otlp-app 6 | status: 7 | succeeded: 1 8 | 9 | --- 10 | apiVersion: batch/v1 11 | kind: Job 12 | metadata: 13 | name: generate-traces-http 14 | namespace: otlp-app 15 | status: 16 | succeeded: 1 17 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/install-minio-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: tracing-system 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/install-otel-collector-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: simplest-collector 5 | namespace: tracing-system 6 | status: 7 | availableReplicas: 1 8 | readyReplicas: 1 9 | replicas: 1 10 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/install-otel-collector.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: opentelemetry.io/v1alpha1 2 | kind: OpenTelemetryCollector 3 | metadata: 4 | name: simplest 5 | namespace: tracing-system 6 | spec: 7 | config: | 8 | receivers: 9 | zipkin: {} 10 | otlp: 11 | protocols: 12 | grpc: 13 | http: 14 | 15 | processors: 16 | 17 | exporters: 18 | otlp: 19 | endpoint: tempo-simplest-distributor.tracing-system.svc.cluster.local:4317 20 | tls: 21 | insecure: true 22 | 23 | service: 24 | pipelines: 25 | traces: 26 | receivers: [zipkin, otlp] 27 | processors: [] 28 | exporters: [otlp] 29 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | namespace: tracing-system 6 | spec: 7 | storage: 8 | secret: 9 | name: minio 10 | type: s3 11 | storageSize: 200M 12 | resources: 13 | total: 14 | limits: 15 | memory: 3Gi 16 | cpu: 2000m 17 | template: 18 | queryFrontend: 19 | jaegerQuery: 20 | enabled: true 21 | ingress: 22 | type: route 23 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/update-kiali-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kiali.io/v1alpha1 2 | kind: Kiali 3 | metadata: 4 | name: kiali 5 | namespace: istio-system 6 | spec: 7 | external_services: 8 | tracing: 9 | query_timeout: 30 10 | enabled: true 11 | in_cluster_url: 'http://tempo-simplest-query-frontend.tracing-system.svc.cluster.local:16686' 12 | url: '[Tempo query frontend Route url]' 13 | use_grpc: false 14 | 15 | --- 16 | apiVersion: v1 17 | kind: Pod 18 | metadata: 19 | labels: 20 | app: kiali 21 | app.kubernetes.io/instance: kiali 22 | app.kubernetes.io/name: kiali 23 | app.kubernetes.io/part-of: kiali 24 | namespace: istio-system 25 | status: 26 | containerStatuses: 27 | - name: kiali 28 | ready: true 29 | started: true 30 | phase: Running -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/update-kiali.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kiali.io/v1alpha1 2 | kind: Kiali 3 | metadata: 4 | name: kiali 5 | namespace: istio-system 6 | spec: 7 | kiali_feature_flags: 8 | certificates_information_indicators: 9 | enabled: false 10 | external_services: 11 | tracing: 12 | query_timeout: 30 13 | enabled: true 14 | in_cluster_url: 'http://tempo-simplest-query-frontend.tracing-system.svc.cluster.local:16686' 15 | url: '[Tempo query frontend Route url]' 16 | use_grpc: false 17 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: istio-system 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack-otel/verify-traces-otel-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-otel 5 | namespace: otlp-app 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack/apply-telemetry-cr-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: telemetry.istio.io/v1alpha1 2 | kind: Telemetry 3 | metadata: 4 | name: mesh-default 5 | namespace: istio-system 6 | spec: 7 | tracing: 8 | - providers: 9 | - name: tempo 10 | randomSamplingPercentage: 100 11 | 12 | --- 13 | apiVersion: v1 14 | kind: Pod 15 | metadata: 16 | labels: 17 | app: kiali 18 | app.kubernetes.io/instance: kiali 19 | app.kubernetes.io/name: kiali 20 | app.kubernetes.io/part-of: kiali 21 | namespace: istio-system 22 | status: 23 | containerStatuses: 24 | - name: kiali 25 | ready: true 26 | started: true 27 | phase: Running -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack/apply-telemetry-cr.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: telemetry.istio.io/v1alpha1 2 | kind: Telemetry 3 | metadata: 4 | name: mesh-default 5 | namespace: istio-system 6 | spec: 7 | tracing: 8 | - providers: 9 | - name: tempo 10 | randomSamplingPercentage: 100 11 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack/install-minio-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: tracing-system 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack/install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | namespace: tracing-system 6 | spec: 7 | storage: 8 | secret: 9 | name: minio 10 | type: s3 11 | storageSize: 200M 12 | resources: 13 | total: 14 | limits: 15 | memory: 3Gi 16 | cpu: 2000m 17 | template: 18 | queryFrontend: 19 | jaegerQuery: 20 | enabled: true 21 | ingress: 22 | type: route 23 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack/update-kiali-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kiali.io/v1alpha1 2 | kind: Kiali 3 | metadata: 4 | name: kiali 5 | namespace: istio-system 6 | spec: 7 | external_services: 8 | tracing: 9 | query_timeout: 30 10 | enabled: true 11 | in_cluster_url: 'http://tempo-simplest-query-frontend.tracing-system.svc.cluster.local:16686' 12 | url: '[Tempo query frontend Route url]' 13 | use_grpc: false 14 | 15 | --- 16 | apiVersion: v1 17 | kind: Pod 18 | metadata: 19 | labels: 20 | app: kiali 21 | app.kubernetes.io/instance: kiali 22 | app.kubernetes.io/name: kiali 23 | app.kubernetes.io/part-of: kiali 24 | namespace: istio-system 25 | status: 26 | containerStatuses: 27 | - name: kiali 28 | ready: true 29 | started: true 30 | phase: Running -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack/update-kiali.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kiali.io/v1alpha1 2 | kind: Kiali 3 | metadata: 4 | name: kiali 5 | namespace: istio-system 6 | spec: 7 | kiali_feature_flags: 8 | certificates_information_indicators: 9 | enabled: false 10 | external_services: 11 | tracing: 12 | query_timeout: 30 13 | enabled: true 14 | in_cluster_url: 'http://tempo-simplest-query-frontend.tracing-system.svc.cluster.local:16686' 15 | url: '[Tempo query frontend Route url]' 16 | use_grpc: false 17 | -------------------------------------------------------------------------------- /tests/e2e-openshift-ossm/ossm-tempostack/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: istio-system 6 | status: 7 | succeeded: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/otel-tempo-serverless/create-knative-app.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: serving.knative.dev/v1 2 | kind: Service 3 | metadata: 4 | name: serverless-app 5 | namespace: chainsaw-otel-tempo-serverless 6 | spec: 7 | template: 8 | metadata: 9 | labels: 10 | app: helloworld-go 11 | annotations: 12 | autoscaling.knative.dev/minScale: "1" 13 | autoscaling.knative.dev/target: "1" 14 | spec: 15 | containers: 16 | - image: quay.io/openshift-knative/helloworld:v1.2 17 | imagePullPolicy: Always 18 | resources: 19 | requests: 20 | cpu: "200m" 21 | env: 22 | - name: TARGET 23 | value: "Go Sample v1" 24 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/otel-tempo-serverless/create-knative-eventing.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: project.openshift.io/v1 2 | kind: Project 3 | metadata: 4 | name: knative-eventing 5 | spec: {} 6 | 7 | --- 8 | apiVersion: operator.knative.dev/v1beta1 9 | kind: KnativeEventing 10 | metadata: 11 | name: serverless 12 | namespace: knative-eventing 13 | spec: 14 | config: 15 | tracing: 16 | backend: "zipkin" 17 | zipkin-endpoint: "http://serverless-collector-headless.chainsaw-otel-tempo-serverless.svc:9411/api/v2/spans" 18 | debug: "false" 19 | sample-rate: "0.1" 20 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/otel-tempo-serverless/create-knative-serving.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: project.openshift.io/v1 2 | kind: Project 3 | metadata: 4 | name: knative-serving 5 | spec: {} 6 | 7 | --- 8 | apiVersion: operator.knative.dev/v1beta1 9 | kind: KnativeServing 10 | metadata: 11 | name: serverless 12 | namespace: knative-serving 13 | spec: 14 | config: 15 | tracing: 16 | backend: "zipkin" 17 | zipkin-endpoint: "http://serverless-collector-headless.chainsaw-otel-tempo-serverless.svc:9411/api/v2/spans" 18 | debug: "false" 19 | sample-rate: "0.1" 20 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/otel-tempo-serverless/create-otel-collector-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: serverless-collector 5 | namespace: chainsaw-otel-tempo-serverless 6 | status: 7 | availableReplicas: 1 8 | readyReplicas: 1 9 | replicas: 1 10 | 11 | --- 12 | apiVersion: v1 13 | kind: Service 14 | metadata: 15 | name: serverless-collector-headless 16 | namespace: chainsaw-otel-tempo-serverless 17 | spec: 18 | ports: 19 | - appProtocol: http 20 | name: zipkin 21 | port: 9411 22 | protocol: TCP 23 | targetPort: 9411 24 | selector: 25 | app.kubernetes.io/component: opentelemetry-collector 26 | app.kubernetes.io/instance: chainsaw-otel-tempo-serverless.serverless 27 | app.kubernetes.io/managed-by: opentelemetry-operator 28 | app.kubernetes.io/part-of: opentelemetry -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/otel-tempo-serverless/create-otel-collector.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: opentelemetry.io/v1alpha1 2 | kind: OpenTelemetryCollector 3 | metadata: 4 | name: serverless 5 | namespace: chainsaw-otel-tempo-serverless 6 | spec: 7 | mode: deployment 8 | config: | 9 | receivers: 10 | zipkin: {} 11 | processors: 12 | exporters: 13 | otlp: 14 | endpoint: tempo-serverless-distributor:4317 15 | tls: 16 | insecure: true 17 | debug: 18 | service: 19 | pipelines: 20 | traces: 21 | receivers: [zipkin] 22 | processors: [] 23 | exporters: [debug, otlp] 24 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/otel-tempo-serverless/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-otel-tempo-serverless 6 | status: 7 | active: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/otel-tempo-serverless/install-minio-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: chainsaw-otel-tempo-serverless 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/otel-tempo-serverless/install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: serverless 5 | namespace: chainsaw-otel-tempo-serverless 6 | spec: 7 | storage: 8 | secret: 9 | name: minio 10 | type: s3 11 | storageSize: 200M 12 | resources: 13 | total: 14 | limits: 15 | memory: 2Gi 16 | cpu: 2000m 17 | template: 18 | queryFrontend: 19 | jaegerQuery: 20 | enabled: true 21 | ingress: 22 | route: 23 | termination: edge 24 | type: route 25 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/otel-tempo-serverless/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-otel-tempo-serverless 6 | status: 7 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/tempo-serverless/create-knative-app.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: serving.knative.dev/v1 2 | kind: Service 3 | metadata: 4 | name: serverless-app 5 | namespace: chainsaw-tempo-serverless 6 | spec: 7 | template: 8 | metadata: 9 | labels: 10 | app: helloworld-go 11 | annotations: 12 | autoscaling.knative.dev/minScale: "1" 13 | autoscaling.knative.dev/target: "1" 14 | spec: 15 | containers: 16 | - image: quay.io/openshift-knative/helloworld:v1.2 17 | imagePullPolicy: Always 18 | resources: 19 | requests: 20 | cpu: "200m" 21 | env: 22 | - name: TARGET 23 | value: "Go Sample v1" 24 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/tempo-serverless/create-knative-eventing.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: project.openshift.io/v1 2 | kind: Project 3 | metadata: 4 | name: knative-eventing 5 | spec: {} 6 | 7 | --- 8 | apiVersion: operator.knative.dev/v1beta1 9 | kind: KnativeEventing 10 | metadata: 11 | name: serverless 12 | namespace: knative-eventing 13 | spec: 14 | config: 15 | tracing: 16 | backend: "zipkin" 17 | zipkin-endpoint: "http://tempo-serverless-distributor.chainsaw-tempo-serverless.svc:9411/api/v2/spans" 18 | debug: "false" 19 | sample-rate: "0.1" 20 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/tempo-serverless/create-knative-serving.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: project.openshift.io/v1 2 | kind: Project 3 | metadata: 4 | name: knative-serving 5 | spec: {} 6 | 7 | --- 8 | apiVersion: operator.knative.dev/v1beta1 9 | kind: KnativeServing 10 | metadata: 11 | name: serverless 12 | namespace: knative-serving 13 | spec: 14 | config: 15 | tracing: 16 | backend: "zipkin" 17 | zipkin-endpoint: "http://tempo-serverless-distributor.chainsaw-tempo-serverless.svc:9411/api/v2/spans" 18 | debug: "false" 19 | sample-rate: "0.1" 20 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/tempo-serverless/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-tempo-serverless 6 | status: 7 | active: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/tempo-serverless/install-minio-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: chainsaw-tempo-serverless 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/tempo-serverless/install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: serverless 5 | namespace: chainsaw-tempo-serverless 6 | spec: 7 | storage: 8 | secret: 9 | name: minio 10 | type: s3 11 | storageSize: 200M 12 | resources: 13 | total: 14 | limits: 15 | memory: 2Gi 16 | cpu: 2000m 17 | template: 18 | queryFrontend: 19 | jaegerQuery: 20 | enabled: true 21 | ingress: 22 | route: 23 | termination: edge 24 | type: route 25 | -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/tempo-serverless/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-tempo-serverless 6 | status: 7 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift-serverless/tempo-serverless/verify-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | namespace: chainsaw-tempo-serverless 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: verify-traces 11 | image: ghcr.io/grafana/tempo-operator/test-utils:main 12 | command: 13 | - /bin/bash 14 | - -eux 15 | - -c 16 | args: 17 | - | 18 | curl -v -G http://tempo-serverless-query-frontend:16686/api/traces --data-urlencode "service=activator-service" | tee /tmp/jaeger.out 19 | num_traces=$(jq ".data | length" /tmp/jaeger.out) 20 | if [[ "$num_traces" -le 0 ]]; then 21 | echo && echo "The Jaeger API returned $num_traces" 22 | exit 1 23 | fi 24 | restartPolicy: Never -------------------------------------------------------------------------------- /tests/e2e-openshift/component-replicas/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc 5 | namespace: chainsaw-replicas 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: generate-traces-http 13 | namespace: chainsaw-replicas 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/component-replicas/install-otelcol-assert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: dev-collector 6 | namespace: chainsaw-replicas 7 | status: 8 | readyReplicas: 1 9 | -------------------------------------------------------------------------------- /tests/e2e-openshift/component-replicas/install-storage-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: chainsaw-replicas 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift/component-replicas/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-grpc 5 | namespace: chainsaw-replicas 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: verify-traces-traceql-grpc 13 | namespace: chainsaw-replicas 14 | status: 15 | succeeded: 1 16 | --- 17 | apiVersion: batch/v1 18 | kind: Job 19 | metadata: 20 | name: verify-traces-http 21 | namespace: chainsaw-replicas 22 | status: 23 | succeeded: 1 24 | --- 25 | apiVersion: batch/v1 26 | kind: Job 27 | metadata: 28 | name: verify-traces-traceql-http 29 | namespace: chainsaw-replicas 30 | status: 31 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring-monolithic/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | active: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring-monolithic/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-monitor:4317 14 | - --otlp-insecure 15 | - --duration=3m 16 | - --workers=1 17 | - --span-duration=1s 18 | restartPolicy: Never 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring-monolithic/install-monolithic.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: monitor 5 | spec: 6 | jaegerui: 7 | enabled: true 8 | route: 9 | enabled: true 10 | observability: 11 | metrics: 12 | prometheusRules: 13 | enabled: true 14 | serviceMonitors: 15 | enabled: true 16 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring-monolithic/verify-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring-monolithic/workload-monitoring-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: prometheus-operator 5 | namespace: openshift-user-workload-monitoring 6 | (status.replicas == spec.replicas): true 7 | spec: 8 | (replicas >= `1`): true 9 | 10 | --- 11 | apiVersion: apps/v1 12 | kind: StatefulSet 13 | metadata: 14 | name: prometheus-user-workload 15 | namespace: openshift-user-workload-monitoring 16 | (status.replicas == spec.replicas): true 17 | spec: 18 | (replicas >= `1`): true 19 | 20 | --- 21 | apiVersion: apps/v1 22 | kind: StatefulSet 23 | metadata: 24 | name: thanos-ruler-user-workload 25 | namespace: openshift-user-workload-monitoring 26 | (status.replicas == spec.replicas): true 27 | spec: 28 | (replicas >= `1`): true 29 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring-monolithic/workload-monitoring.yaml: -------------------------------------------------------------------------------- 1 | # oc -n openshift-user-workload-monitoring get pod 2 | # https://docs.openshift.com/container-platform/4.13/monitoring/enabling-monitoring-for-user-defined-projects.html#accessing-metrics-from-outside-cluster_enabling-monitoring-for-user-defined-projects 3 | 4 | apiVersion: v1 5 | kind: ConfigMap 6 | metadata: 7 | name: cluster-monitoring-config 8 | namespace: openshift-monitoring 9 | data: 10 | config.yaml: | 11 | enableUserWorkload: true 12 | alertmanagerMain: 13 | enableUserAlertmanagerConfig: true 14 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: chainsaw-monitoring 6 | status: 7 | availableReplicas: 1 8 | readyReplicas: 1 9 | replicas: 1 10 | 11 | --- 12 | apiVersion: v1 13 | kind: Service 14 | metadata: 15 | name: minio 16 | namespace: chainsaw-monitoring 17 | spec: 18 | ports: 19 | - port: 9000 20 | protocol: TCP 21 | targetPort: 9000 22 | selector: 23 | app.kubernetes.io/name: minio 24 | type: ClusterIP 25 | 26 | --- 27 | apiVersion: v1 28 | kind: Secret 29 | metadata: 30 | name: minio-secret 31 | namespace: chainsaw-monitoring 32 | type: Opaque 33 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring/01-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: prometheus-operator 5 | namespace: openshift-user-workload-monitoring 6 | (status.replicas == spec.replicas): true 7 | spec: 8 | (replicas >= `1`): true 9 | 10 | --- 11 | apiVersion: apps/v1 12 | kind: StatefulSet 13 | metadata: 14 | name: prometheus-user-workload 15 | namespace: openshift-user-workload-monitoring 16 | (status.replicas == spec.replicas): true 17 | spec: 18 | (replicas >= `1`): true 19 | 20 | --- 21 | apiVersion: apps/v1 22 | kind: StatefulSet 23 | metadata: 24 | name: thanos-ruler-user-workload 25 | namespace: openshift-user-workload-monitoring 26 | (status.replicas == spec.replicas): true 27 | spec: 28 | (replicas >= `1`): true 29 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring/01-workload-monitoring.yaml: -------------------------------------------------------------------------------- 1 | # oc -n openshift-user-workload-monitoring get pod 2 | # https://docs.openshift.com/container-platform/4.13/monitoring/enabling-monitoring-for-user-defined-projects.html#accessing-metrics-from-outside-cluster_enabling-monitoring-for-user-defined-projects 3 | 4 | apiVersion: v1 5 | kind: ConfigMap 6 | metadata: 7 | name: cluster-monitoring-config 8 | namespace: openshift-monitoring 9 | data: 10 | config.yaml: | 11 | enableUserWorkload: true 12 | alertmanagerMain: 13 | enableUserAlertmanagerConfig: true 14 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring/02-install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: tempostack 5 | namespace: chainsaw-monitoring 6 | spec: 7 | observability: 8 | metrics: 9 | createPrometheusRules: true 10 | createServiceMonitors: true 11 | resources: 12 | total: 13 | limits: 14 | cpu: 2000m 15 | memory: 2Gi 16 | template: 17 | queryFrontend: 18 | jaegerQuery: 19 | enabled: true 20 | ingress: 21 | route: 22 | termination: edge 23 | type: route 24 | storage: 25 | secret: 26 | type: s3 27 | name: minio-secret 28 | storageSize: 10Gi 29 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | active: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-tempostack-distributor.chainsaw-monitoring.svc:4317 14 | - --otlp-insecure 15 | - --duration=3m 16 | - --workers=1 17 | - --span-duration=1s 18 | restartPolicy: Never 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monitoring/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: chainsaw-tempo-monitoring-view 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-monitoring-view 9 | subjects: 10 | - kind: ServiceAccount 11 | name: prometheus-user-workload 12 | namespace: openshift-user-workload-monitoring 13 | 14 | --- 15 | apiVersion: batch/v1 16 | kind: Job 17 | metadata: 18 | name: verify-traces 19 | status: 20 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-openshift/02-assert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: dev-collector 6 | status: 7 | readyReplicas: 1 8 | 9 | --- 10 | apiVersion: v1 11 | kind: Service 12 | metadata: 13 | name: dev-collector 14 | namespace: chainsaw-monolithic-multitenancy 15 | spec: 16 | ports: 17 | - appProtocol: grpc 18 | name: otlp-grpc-grpc 19 | port: 4317 20 | protocol: TCP 21 | targetPort: 4317 22 | - appProtocol: http 23 | name: otlp-http-http 24 | port: 4318 25 | protocol: TCP 26 | targetPort: 4318 27 | selector: 28 | app.kubernetes.io/component: opentelemetry-collector 29 | app.kubernetes.io/instance: chainsaw-monolithic-multitenancy.dev 30 | app.kubernetes.io/managed-by: opentelemetry-operator 31 | app.kubernetes.io/part-of: opentelemetry -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-openshift/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc 5 | status: 6 | succeeded: 1 7 | --- 8 | apiVersion: batch/v1 9 | kind: Job 10 | metadata: 11 | name: generate-traces-http 12 | status: 13 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-openshift/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaegerui-grpc 5 | status: 6 | succeeded: 1 7 | --- 8 | apiVersion: batch/v1 9 | kind: Job 10 | metadata: 11 | name: verify-traces-traceql-grpc 12 | status: 13 | succeeded: 1 14 | --- 15 | apiVersion: batch/v1 16 | kind: Job 17 | metadata: 18 | name: verify-traces-jaegerui-http 19 | status: 20 | succeeded: 1 21 | --- 22 | apiVersion: batch/v1 23 | kind: Job 24 | metadata: 25 | name: verify-traces-traceql-http 26 | status: 27 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-rbac/02-assert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: dev-collector 6 | status: 7 | readyReplicas: 1 8 | 9 | --- 10 | apiVersion: v1 11 | kind: Service 12 | metadata: 13 | name: dev-collector 14 | namespace: chainsaw-mmo-rbac 15 | spec: 16 | ports: 17 | - appProtocol: grpc 18 | name: otlp-grpc-grpc 19 | port: 4317 20 | protocol: TCP 21 | targetPort: 4317 22 | - appProtocol: http 23 | name: otlp-http-http 24 | port: 4318 25 | protocol: TCP 26 | targetPort: 4318 27 | selector: 28 | app.kubernetes.io/component: opentelemetry-collector 29 | app.kubernetes.io/instance: chainsaw-mmo-rbac.dev 30 | app.kubernetes.io/managed-by: opentelemetry-operator 31 | app.kubernetes.io/part-of: opentelemetry -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-rbac/assert-tempo-rbac-sa-1-traces-gen.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc-sa-1 5 | namespace: chainsaw-mono-rbac-1 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: generate-traces-http-sa-1 13 | namespace: chainsaw-mono-rbac-1 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-rbac/assert-tempo-rbac-sa-1-traces-verify.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-traceql-grpc-sa-1 5 | namespace: chainsaw-mono-rbac-1 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: verify-traces-traceql-http-sa-1 13 | namespace: chainsaw-mono-rbac-1 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-rbac/assert-tempo-rbac-sa-2-traces-gen.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc-sa-2 5 | namespace: chainsaw-mono-rbac-2 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: generate-traces-http-sa-2 13 | namespace: chainsaw-mono-rbac-2 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-rbac/tracing-ui-plugin.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: observability.openshift.io/v1alpha1 2 | kind: UIPlugin 3 | metadata: 4 | name: distributed-tracing 5 | namespace: openshift-operators 6 | spec: 7 | type: DistributedTracing 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-static/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: hydra 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-static/01-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: setup-hydra 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-static/01-setup-hydra.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: setup-hydra 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: setup-hydra 10 | image: ghcr.io/grafana/tempo-operator/test-utils:main 11 | command: ["/bin/bash", "-eux", "-c"] 12 | args: 13 | - | 14 | # create OAuth2 client 15 | client_id=tenant1-oidc-client 16 | client_secret=ZXhhbXBsZS1hcHAtc2VjcmV0 # notsecret 17 | curl -v \ 18 | --data '{"audience": ["'$client_id'"], "client_id": "'$client_id'", "client_secret": "'$client_secret'", "grant_types": ["client_credentials"], "token_endpoint_auth_method": "client_secret_basic"}' \ 19 | http://hydra:4445/admin/clients 20 | restartPolicy: Never 21 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-static/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: tempo-sample 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-static/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-static/04-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=opentelemetry-collector:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-multitenancy-static/05-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-traceql 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-route/install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: mono-route 5 | namespace: chainsaw-mono-route 6 | spec: 7 | timeout: 2m 8 | jaegerui: 9 | enabled: true 10 | route: 11 | enabled: true -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-single-tenant-auth/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-mst 6 | status: 7 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-single-tenant-auth/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-mst 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-monolithic-st:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-single-tenant-auth/install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: monolithic-st 5 | namespace: chainsaw-mst 6 | spec: 7 | jaegerui: 8 | enabled: true 9 | authentication: 10 | enabled: true 11 | sar: "{\"namespace\": \"chainsaw-mst\", \"resource\": \"pods\", \"verb\": \"get\"}" 12 | resources: 13 | limits: 14 | cpu: 200m 15 | memory: 512Gi 16 | requests: 17 | cpu: 100m 18 | memory: 256Mi 19 | route: 20 | enabled: true -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-single-tenant-auth/verify-traces-jaeger-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger 5 | namespace: chainsaw-mst 6 | status: 7 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/monolithic-single-tenant-auth/verify-traces-traceql-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-traceql 5 | namespace: chainsaw-mst 6 | status: 7 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy-rbac/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: chainsaw-rbac 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy-rbac/02-assert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: dev-collector 6 | namespace: chainsaw-rbac 7 | status: 8 | readyReplicas: 1 9 | -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy-rbac/assert-tempo-rbac-sa-1-traces-gen.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc-sa-1 5 | namespace: chainsaw-test-rbac-1 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: generate-traces-http-sa-1 13 | namespace: chainsaw-test-rbac-1 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy-rbac/assert-tempo-rbac-sa-1-traces-verify.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-traceql-grpc-sa-1 5 | namespace: chainsaw-test-rbac-1 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: verify-traces-traceql-http-sa-1 13 | namespace: chainsaw-test-rbac-1 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy-rbac/assert-tempo-rbac-sa-2-traces-gen.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc-sa-2 5 | namespace: chainsaw-test-rbac-2 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: generate-traces-http-sa-2 13 | namespace: chainsaw-test-rbac-2 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy-rbac/tracing-ui-plugin.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: observability.openshift.io/v1alpha1 2 | kind: UIPlugin 3 | metadata: 4 | name: distributed-tracing 5 | namespace: openshift-operators 6 | spec: 7 | type: DistributedTracing 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: chainsaw-multitenancy 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy/02-assert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: dev-collector 6 | namespace: chainsaw-multitenancy 7 | status: 8 | readyReplicas: 1 9 | -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc 5 | namespace: chainsaw-multitenancy 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: generate-traces-http 13 | namespace: chainsaw-multitenancy 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/multitenancy/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-grpc 5 | namespace: chainsaw-multitenancy 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: verify-traces-traceql-grpc 13 | namespace: chainsaw-multitenancy 14 | status: 15 | succeeded: 1 16 | --- 17 | apiVersion: batch/v1 18 | kind: Job 19 | metadata: 20 | name: verify-traces-http 21 | namespace: chainsaw-multitenancy 22 | status: 23 | succeeded: 1 24 | --- 25 | apiVersion: batch/v1 26 | kind: Job 27 | metadata: 28 | name: verify-traces-traceql-http 29 | namespace: chainsaw-multitenancy 30 | status: 31 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/red-metrics/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | availableReplicas: 1 7 | readyReplicas: 1 8 | replicas: 1 9 | 10 | --- 11 | apiVersion: v1 12 | kind: Service 13 | metadata: 14 | name: minio 15 | spec: 16 | ports: 17 | - port: 9000 18 | protocol: TCP 19 | targetPort: 9000 20 | selector: 21 | app.kubernetes.io/name: minio 22 | type: ClusterIP 23 | -------------------------------------------------------------------------------- /tests/e2e-openshift/red-metrics/01-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: prometheus-operator 5 | namespace: openshift-user-workload-monitoring 6 | (status.replicas == spec.replicas): true 7 | spec: 8 | (replicas >= `1`): true 9 | 10 | --- 11 | apiVersion: apps/v1 12 | kind: StatefulSet 13 | metadata: 14 | name: prometheus-user-workload 15 | namespace: openshift-user-workload-monitoring 16 | (status.replicas == spec.replicas): true 17 | spec: 18 | (replicas >= `1`): true 19 | 20 | --- 21 | apiVersion: apps/v1 22 | kind: StatefulSet 23 | metadata: 24 | name: thanos-ruler-user-workload 25 | namespace: openshift-user-workload-monitoring 26 | (status.replicas == spec.replicas): true 27 | spec: 28 | (replicas >= `1`): true 29 | -------------------------------------------------------------------------------- /tests/e2e-openshift/red-metrics/01-install-workload-monitoring.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: cluster-monitoring-config 5 | namespace: openshift-monitoring 6 | data: 7 | config.yaml: | 8 | enableUserWorkload: true 9 | -------------------------------------------------------------------------------- /tests/e2e-openshift/red-metrics/03-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: minio-test 5 | stringData: 6 | endpoint: http://minio:9000 7 | bucket: tempo 8 | access_key_id: tempo 9 | access_key_secret: supersecret 10 | type: Opaque 11 | --- 12 | apiVersion: tempo.grafana.com/v1alpha1 13 | kind: TempoStack 14 | metadata: 15 | name: redmetrics 16 | spec: 17 | storage: 18 | secret: 19 | name: minio-test 20 | type: s3 21 | storageSize: 1Gi 22 | template: 23 | gateway: 24 | enabled: false 25 | queryFrontend: 26 | jaegerQuery: 27 | enabled: true 28 | monitorTab: 29 | enabled: true 30 | prometheusEndpoint: https://thanos-querier.openshift-monitoring.svc.cluster.local:9092 31 | ingress: 32 | type: route 33 | -------------------------------------------------------------------------------- /tests/e2e-openshift/red-metrics/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: hotrod 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift/red-metrics/05-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: hotrod-curl 5 | status: 6 | active: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift/red-metrics/05-install-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: hotrod-curl 5 | spec: 6 | template: 7 | metadata: 8 | labels: 9 | app: hotrod-curl 10 | spec: 11 | containers: 12 | - name: hotrod-curl 13 | image: ghcr.io/grafana/tempo-operator/test-utils:main 14 | command: ["/bin/sh", "-c"] 15 | args: 16 | - "for i in `seq 1 900`; do for j in `seq 1 10`; do curl http://hotrod:80/dispatch?customer=123 & done; wait; sleep 1; done" 17 | restartPolicy: Never 18 | -------------------------------------------------------------------------------- /tests/e2e-openshift/red-metrics/06-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-metrics 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/red-metrics/check_alert.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Run the command and save its output 4 | while true; do 5 | output=$(oc -n openshift-monitoring exec alertmanager-main-0 -- amtool --alertmanager.url http://localhost:9093 alert query SpanREDFrontendAPIRequestLatency 2>&1) 6 | 7 | # Check if the command was successful 8 | if [ $? -ne 0 ]; then 9 | echo "Error executing oc command: $output" 10 | exit 1 11 | fi 12 | 13 | # Check if the alert is active 14 | if echo "$output" | grep -q "SpanREDFrontendAPIRequestLatency.*active"; then 15 | echo "Alert SpanREDFrontendAPIRequestLatency is firing" 16 | exit 0 17 | else 18 | echo "Alert SpanREDFrontendAPIRequestLatency is not firing" 19 | sleep 5 # wait for 5 seconds before checking again 20 | fi 21 | done 22 | -------------------------------------------------------------------------------- /tests/e2e-openshift/route/install-storage-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift/route/install-tempo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: minio-test 6 | stringData: 7 | endpoint: http://minio:9000 8 | bucket: tempo 9 | access_key_id: tempo 10 | access_key_secret: supersecret 11 | type: Opaque 12 | 13 | --- 14 | apiVersion: tempo.grafana.com/v1alpha1 15 | kind: TempoStack 16 | metadata: 17 | name: simplest 18 | spec: 19 | timeout: 2m 20 | storage: 21 | secret: 22 | name: minio 23 | type: s3 24 | storageSize: 200M 25 | template: 26 | queryFrontend: 27 | jaegerQuery: 28 | enabled: true 29 | ingress: 30 | type: route 31 | host: example.com 32 | annotations: 33 | example_annotation: example_value 34 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tempo-single-tenant-auth/generate-traces-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-tst 6 | status: 7 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/tempo-single-tenant-auth/generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | namespace: chainsaw-tst 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: telemetrygen 11 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 12 | args: 13 | - traces 14 | - --otlp-endpoint=tempo-tempo-st-distributor:4317 15 | - --otlp-insecure 16 | - --traces=10 17 | restartPolicy: Never 18 | backoffLimit: 4 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tempo-single-tenant-auth/install-storage-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: chainsaw-tst 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tempo-single-tenant-auth/verify-traces-jaeger-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger 5 | namespace: chainsaw-tst 6 | status: 7 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/tempo-single-tenant-auth/verify-traces-traceql-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-traceql 5 | namespace: chainsaw-tst 6 | status: 7 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/tempostack-resources/install-storage-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tempostack-resources/install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: tmrs 5 | spec: 6 | storage: 7 | secret: 8 | name: minio 9 | type: s3 10 | storageSize: 1Gi 11 | resources: 12 | total: 13 | limits: 14 | memory: 2Gi 15 | cpu: 2000m 16 | tenants: 17 | mode: openshift 18 | authentication: 19 | - tenantName: dev 20 | tenantId: "1610b0c3-c509-4592-a256-a1871353dbfa" 21 | - tenantName: prod 22 | tenantId: "1610b0c3-c509-4592-a256-a1871353dbfb" 23 | template: 24 | gateway: 25 | enabled: true 26 | queryFrontend: 27 | jaegerQuery: 28 | enabled: true -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-monolithic-singletenant/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: chainsaw-tls-mono-st 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-monolithic-singletenant/01-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: mono 5 | namespace: chainsaw-tls-mono-st 6 | spec: 7 | jaegerui: 8 | enabled: true 9 | route: 10 | enabled: true 11 | ingestion: 12 | otlp: 13 | grpc: 14 | tls: 15 | enabled: true 16 | http: 17 | tls: 18 | enabled: true 19 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-monolithic-singletenant/02-assert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: dev-collector 6 | namespace: chainsaw-tls-mono-st 7 | status: 8 | readyReplicas: 1 9 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-monolithic-singletenant/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc 5 | namespace: chainsaw-tls-mono-st 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: generate-traces-http 13 | namespace: chainsaw-tls-mono-st 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-monolithic-singletenant/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-grpc 5 | namespace: chainsaw-tls-mono-st 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: verify-traces-http 13 | namespace: chainsaw-tls-mono-st 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-singletenant/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | namespace: chainsaw-tls-singletenant 6 | status: 7 | readyReplicas: 1 8 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-singletenant/01-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | namespace: chainsaw-tls-singletenant 6 | spec: 7 | storage: 8 | secret: 9 | name: minio 10 | type: s3 11 | storageSize: 1Gi 12 | resources: 13 | total: 14 | limits: 15 | memory: 4Gi 16 | cpu: 2000m 17 | template: 18 | distributor: 19 | tls: 20 | enabled: true 21 | queryFrontend: 22 | jaegerQuery: 23 | enabled: true 24 | ingress: 25 | type: route 26 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-singletenant/02-assert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: dev-collector 6 | namespace: chainsaw-tls-singletenant 7 | status: 8 | readyReplicas: 1 9 | -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-singletenant/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-grpc 5 | namespace: chainsaw-tls-singletenant 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: generate-traces-http 13 | namespace: chainsaw-tls-singletenant 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-openshift/tls-singletenant/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-grpc 5 | namespace: chainsaw-tls-singletenant 6 | status: 7 | succeeded: 1 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: verify-traces-http 13 | namespace: chainsaw-tls-singletenant 14 | status: 15 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/10-setup-olm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: chainsaw-operator-upgrade 5 | --- 6 | apiVersion: operators.coreos.com/v1 7 | kind: OperatorGroup 8 | metadata: 9 | name: operatorgroup 10 | namespace: chainsaw-operator-upgrade 11 | --- 12 | apiVersion: operators.coreos.com/v1alpha1 13 | kind: CatalogSource 14 | metadata: 15 | name: old-catalog 16 | namespace: chainsaw-operator-upgrade 17 | spec: 18 | sourceType: grpc 19 | image: quay.io/operatorhubio/catalog:latest 20 | --- 21 | apiVersion: operators.coreos.com/v1alpha1 22 | kind: CatalogSource 23 | metadata: 24 | name: new-catalog 25 | namespace: chainsaw-operator-upgrade 26 | spec: 27 | sourceType: grpc 28 | image: localregistry:5000/tempo-operator-catalog:v100.0.0 29 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/20-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operators.coreos.com/v1alpha1 2 | kind: Subscription 3 | metadata: 4 | name: tempo 5 | namespace: chainsaw-operator-upgrade 6 | status: 7 | state: AtLatestKnown 8 | --- 9 | apiVersion: apps/v1 10 | kind: Deployment 11 | metadata: 12 | name: tempo-operator-controller 13 | namespace: chainsaw-operator-upgrade 14 | status: 15 | readyReplicas: 1 16 | --- 17 | apiVersion: v1 18 | kind: Pod 19 | metadata: 20 | namespace: chainsaw-operator-upgrade 21 | labels: 22 | app.kubernetes.io/name: tempo-operator 23 | control-plane: controller-manager 24 | status: 25 | containerStatuses: 26 | - ready: true 27 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/20-install-old-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operators.coreos.com/v1alpha1 2 | kind: Subscription 3 | metadata: 4 | name: tempo 5 | namespace: chainsaw-operator-upgrade 6 | spec: 7 | channel: alpha 8 | name: tempo-operator 9 | source: old-catalog 10 | sourceNamespace: chainsaw-operator-upgrade 11 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/30-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: tempo-simplest-compactor 5 | status: 6 | readyReplicas: 1 7 | --- 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | metadata: 11 | name: tempo-simplest-distributor 12 | status: 13 | readyReplicas: 1 14 | --- 15 | apiVersion: apps/v1 16 | kind: Deployment 17 | metadata: 18 | name: tempo-simplest-querier 19 | status: 20 | readyReplicas: 1 21 | --- 22 | apiVersion: apps/v1 23 | kind: Deployment 24 | metadata: 25 | name: tempo-simplest-query-frontend 26 | status: 27 | readyReplicas: 1 28 | --- 29 | apiVersion: apps/v1 30 | kind: StatefulSet 31 | metadata: 32 | name: tempo-simplest-ingester 33 | status: 34 | readyReplicas: 1 35 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/30-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | secret: 8 | name: minio 9 | type: s3 10 | storageSize: 200M 11 | resources: 12 | total: 13 | limits: 14 | memory: 2Gi 15 | cpu: 2000m 16 | template: 17 | queryFrontend: 18 | jaegerQuery: 19 | enabled: true 20 | ingress: 21 | type: ingress 22 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/40-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/40-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest-distributor:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/50-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/50-verify-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: verify-traces 10 | image: ghcr.io/grafana/tempo-operator/test-utils:main 11 | command: 12 | - /bin/bash 13 | - -eux 14 | - -c 15 | args: 16 | - | 17 | curl -v -G http://tempo-simplest-query-frontend:16686/api/traces --data-urlencode "service=telemetrygen" | tee /tmp/jaeger.out 18 | num_traces=$(jq ".data | length" /tmp/jaeger.out) 19 | if [[ "$num_traces" -ne 10 ]]; then 20 | echo && echo "The Jaeger API returned $num_traces instead of 10 traces." 21 | exit 1 22 | fi 23 | restartPolicy: Never 24 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/60-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operators.coreos.com/v1alpha1 2 | kind: Subscription 3 | metadata: 4 | name: tempo 5 | namespace: chainsaw-operator-upgrade 6 | status: 7 | installedCSV: tempo-operator.v100.0.0 8 | state: AtLatestKnown 9 | --- 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | metadata: 13 | name: tempo-operator-controller 14 | namespace: chainsaw-operator-upgrade 15 | status: 16 | readyReplicas: 1 17 | --- 18 | apiVersion: tempo.grafana.com/v1alpha1 19 | kind: TempoStack 20 | metadata: 21 | name: simplest 22 | status: 23 | operatorVersion: 100.0.0 24 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/60-upgrade-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operators.coreos.com/v1alpha1 2 | kind: Subscription 3 | metadata: 4 | name: tempo 5 | namespace: chainsaw-operator-upgrade 6 | spec: 7 | source: new-catalog 8 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/70-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-after-upgrade 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/70-verify-traces-after-upgrade.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-after-upgrade 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: verify-traces 10 | image: ghcr.io/grafana/tempo-operator/test-utils:main 11 | command: 12 | - /bin/bash 13 | - -eux 14 | - -c 15 | args: 16 | - | 17 | curl -v -G http://tempo-simplest-query-frontend:16686/api/traces --data-urlencode "service=telemetrygen" | tee /tmp/jaeger.out 18 | num_traces=$(jq ".data | length" /tmp/jaeger.out) 19 | if [[ "$num_traces" -ne 10 ]]; then 20 | echo && echo "The Jaeger API returned $num_traces instead of 10 traces." 21 | exit 1 22 | fi 23 | restartPolicy: Never 24 | -------------------------------------------------------------------------------- /tests/e2e-upgrade/upgrade/tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: check-operator-ready 5 | spec: 6 | storage: 7 | secret: 8 | name: minio 9 | type: s3 10 | -------------------------------------------------------------------------------- /tests/e2e/compatibility/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/compatibility/01-install.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | secret: 8 | name: minio 9 | type: s3 10 | storageSize: 200M 11 | resources: 12 | total: 13 | limits: 14 | memory: 2Gi 15 | cpu: 2000m 16 | template: 17 | queryFrontend: 18 | jaegerQuery: 19 | enabled: true 20 | ingress: 21 | type: ingress 22 | -------------------------------------------------------------------------------- /tests/e2e/compatibility/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/compatibility/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest-distributor:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e/compatibility/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/compatibility/05-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-grafana 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/custom-ca/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/custom-ca/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/custom-ca/02-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest-distributor:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e/custom-ca/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/custom-ca/README.md: -------------------------------------------------------------------------------- 1 | # Example certs 2 | The example certs were generated with the following commands: 3 | 4 | openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout ca.key -out ca.crt -subj '/CN=MyDemoCA' 5 | openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout cert.key -out cert.crt -CA ca.crt -CAkey ca.key -subj "/CN=minio" -addext "subjectAltName=DNS:minio" 6 | -------------------------------------------------------------------------------- /tests/e2e/gateway/01-assert.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: minio-test 6 | --- 7 | apiVersion: v1 8 | kind: Secret 9 | metadata: 10 | name: oidc-test 11 | -------------------------------------------------------------------------------- /tests/e2e/gateway/01-install.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: minio-test 6 | stringData: 7 | endpoint: http://minio.minio.svc:9000 8 | bucket: tempo 9 | access_key_id: tempo 10 | access_key_secret: supersecret 11 | type: Opaque 12 | --- 13 | apiVersion: v1 14 | kind: Secret 15 | metadata: 16 | name: oidc-test 17 | stringData: 18 | clientID: test 19 | clientSecret: ZXhhbXBsZS1hcHAtc2VjcmV0 20 | type: Opaque 21 | -------------------------------------------------------------------------------- /tests/e2e/generate/.gitignore: -------------------------------------------------------------------------------- 1 | generated.yaml 2 | -------------------------------------------------------------------------------- /tests/e2e/generate/00-storage-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: minio-test 5 | stringData: 6 | endpoint: http://minio.minio.svc:9000 7 | bucket: tempo 8 | access_key_id: tempo 9 | access_key_secret: supersecret 10 | type: Opaque 11 | -------------------------------------------------------------------------------- /tests/e2e/generate/cr.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: generated-tempo 5 | spec: 6 | storage: 7 | secret: 8 | name: minio-test 9 | type: s3 10 | storageSize: 1Gi 11 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-extraconfig/chainsaw-test.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: chainsaw.kyverno.io/v1alpha1 2 | kind: Test 3 | metadata: 4 | name: monolithic-extraconfig 5 | spec: 6 | description: Test extra config in Tempo Monolithic 7 | namespace: chainsaw-monoextcfg 8 | steps: 9 | - name: Install Tempo Monolithic 10 | try: 11 | - apply: 12 | file: install-tempo.yaml 13 | - assert: 14 | file: install-tempo-assert.yaml 15 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-extraconfig/install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: simplest 5 | spec: 6 | extraConfig: 7 | tempo: 8 | querier: 9 | search: 10 | query_timeout: 180s 11 | query_frontend: 12 | max_retries: 3 13 | jaegerui: 14 | enabled: true 15 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-ingestion-mtls/01-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: tempo-simplest 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-ingestion-mtls/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: opentelemetry-collector 5 | status: 6 | availableReplicas: 1 7 | readyReplicas: 1 8 | replicas: 1 9 | 10 | --- 11 | apiVersion: v1 12 | kind: Service 13 | metadata: 14 | name: opentelemetry-collector 15 | spec: 16 | ports: 17 | - appProtocol: grpc 18 | name: otlp-grpc 19 | port: 4317 20 | protocol: TCP 21 | targetPort: 4317 22 | selector: 23 | app.kubernetes.io/component: opentelemetry-collector 24 | app.kubernetes.io/managed-by: opentelemetry-operator 25 | app.kubernetes.io/part-of: opentelemetry 26 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-ingestion-mtls/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-ingestion-mtls/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=opentelemetry-collector:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-ingestion-mtls/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-memory/01-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: simplest 5 | spec: 6 | jaegerui: 7 | enabled: true 8 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-memory/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/monolithic-memory/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-memory/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-jaeger 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/monolithic-memory/05-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-grafana 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/monolithic-pv/01-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoMonolithic 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | traces: 8 | backend: pv 9 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-pv/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/monolithic-pv/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-pv/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/monolithic-pv/04-verify-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: verify-traces 10 | image: ghcr.io/grafana/tempo-operator/test-utils:main 11 | command: 12 | - /bin/bash 13 | - -eux 14 | - -c 15 | args: 16 | - | 17 | curl \ 18 | -v -G \ 19 | http://tempo-simplest:3200/api/search \ 20 | --data-urlencode "q={}" \ 21 | | tee /tmp/tempo.out 22 | num_traces=$(jq ".traces | length" /tmp/tempo.out) 23 | if [[ "$num_traces" -ne 10 ]]; then 24 | echo && echo "The Tempo API returned $num_traces instead of 10 traces." 25 | exit 1 26 | fi 27 | restartPolicy: Never 28 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-pv/chainsaw-test.yaml: -------------------------------------------------------------------------------- 1 | # yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json 2 | apiVersion: chainsaw.kyverno.io/v1alpha1 3 | kind: Test 4 | metadata: 5 | creationTimestamp: null 6 | name: monolithic-pv 7 | spec: 8 | steps: 9 | - name: step-01 10 | try: 11 | - apply: 12 | file: 01-install-tempo.yaml 13 | - assert: 14 | file: 01-assert.yaml 15 | - name: step-03 16 | try: 17 | - apply: 18 | file: 03-generate-traces.yaml 19 | - assert: 20 | file: 03-assert.yaml 21 | - name: step-04 22 | try: 23 | - apply: 24 | file: 04-verify-traces.yaml 25 | - assert: 26 | file: 04-assert.yaml 27 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-receivers-tls/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: opentelemetry-collector 5 | status: 6 | availableReplicas: 1 7 | readyReplicas: 1 8 | replicas: 1 9 | 10 | --- 11 | apiVersion: v1 12 | kind: Service 13 | metadata: 14 | name: opentelemetry-collector 15 | spec: 16 | ports: 17 | - appProtocol: grpc 18 | name: otlp-grpc-grpc 19 | port: 4317 20 | protocol: TCP 21 | targetPort: 4317 22 | - appProtocol: http 23 | name: otlp-http-http 24 | port: 4318 25 | protocol: TCP 26 | targetPort: 4318 27 | selector: 28 | app.kubernetes.io/component: opentelemetry-collector 29 | app.kubernetes.io/managed-by: opentelemetry-operator 30 | app.kubernetes.io/part-of: opentelemetry 31 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-receivers-tls/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces-http 5 | status: 6 | succeeded: 1 7 | --- 8 | apiVersion: batch/v1 9 | kind: Job 10 | metadata: 11 | name: generate-traces-grpc 12 | status: 13 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/monolithic-receivers-tls/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces-http 5 | status: 6 | succeeded: 1 7 | --- 8 | apiVersion: batch/v1 9 | kind: Job 10 | metadata: 11 | name: verify-traces-grpc 12 | status: 13 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/monolithic-s3-tls/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-s3-tls/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/monolithic-s3-tls/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=tempo-simplest:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e/monolithic-s3-tls/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/receivers-mtls/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/receivers-mtls/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: opentelemetry-collector 5 | status: 6 | availableReplicas: 1 7 | readyReplicas: 1 8 | replicas: 1 9 | 10 | --- 11 | apiVersion: v1 12 | kind: Service 13 | metadata: 14 | name: opentelemetry-collector 15 | spec: 16 | ports: 17 | - appProtocol: grpc 18 | name: otlp-grpc 19 | port: 4317 20 | protocol: TCP 21 | targetPort: 4317 22 | - appProtocol: http 23 | name: otlp-http 24 | port: 4318 25 | protocol: TCP 26 | targetPort: 4318 27 | selector: 28 | app.kubernetes.io/component: opentelemetry-collector 29 | app.kubernetes.io/managed-by: opentelemetry-operator 30 | app.kubernetes.io/part-of: opentelemetry 31 | -------------------------------------------------------------------------------- /tests/e2e/receivers-mtls/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/receivers-mtls/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=opentelemetry-collector:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e/receivers-mtls/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/receivers-tls/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/receivers-tls/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: opentelemetry-collector 5 | status: 6 | availableReplicas: 1 7 | readyReplicas: 1 8 | replicas: 1 9 | 10 | --- 11 | apiVersion: v1 12 | kind: Service 13 | metadata: 14 | name: opentelemetry-collector 15 | spec: 16 | ports: 17 | - appProtocol: grpc 18 | name: otlp-grpc 19 | port: 4317 20 | protocol: TCP 21 | targetPort: 4317 22 | - appProtocol: http 23 | name: otlp-http 24 | port: 4318 25 | protocol: TCP 26 | targetPort: 4318 27 | selector: 28 | app.kubernetes.io/component: opentelemetry-collector 29 | app.kubernetes.io/managed-by: opentelemetry-operator 30 | app.kubernetes.io/part-of: opentelemetry 31 | -------------------------------------------------------------------------------- /tests/e2e/receivers-tls/03-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/receivers-tls/03-generate-traces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: generate-traces 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: telemetrygen 10 | image: ghcr.io/open-telemetry/opentelemetry-collector-contrib/telemetrygen:v0.92.0 11 | args: 12 | - traces 13 | - --otlp-endpoint=opentelemetry-collector:4317 14 | - --otlp-insecure 15 | - --traces=10 16 | restartPolicy: Never 17 | backoffLimit: 4 18 | -------------------------------------------------------------------------------- /tests/e2e/receivers-tls/04-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-traces 5 | status: 6 | succeeded: 1 -------------------------------------------------------------------------------- /tests/e2e/reconcile/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/reconcile/01-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app.kubernetes.io/component: querier 6 | app.kubernetes.io/instance: simplest 7 | app.kubernetes.io/managed-by: tempo-operator 8 | app.kubernetes.io/name: tempo 9 | name: tempo-simplest-querier 10 | spec: 11 | ports: 12 | - name: http-memberlist 13 | port: 7946 14 | protocol: TCP 15 | targetPort: http-memberlist 16 | - name: http 17 | port: 3200 18 | protocol: TCP 19 | targetPort: http 20 | - name: grpc 21 | port: 9095 22 | protocol: TCP 23 | targetPort: grpc 24 | selector: 25 | app.kubernetes.io/component: querier 26 | app.kubernetes.io/instance: simplest 27 | app.kubernetes.io/managed-by: tempo-operator 28 | app.kubernetes.io/name: tempo 29 | -------------------------------------------------------------------------------- /tests/e2e/reconcile/01-install-tempo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | spec: 6 | storage: 7 | secret: 8 | name: minio-test 9 | type: s3 10 | storageSize: 200M 11 | -------------------------------------------------------------------------------- /tests/e2e/reconcile/02-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app.kubernetes.io/component: querier 6 | app.kubernetes.io/instance: simplest 7 | app.kubernetes.io/managed-by: tempo-operator 8 | app.kubernetes.io/name: tempo 9 | name: tempo-simplest-querier 10 | spec: 11 | ports: 12 | - name: http-memberlist 13 | port: 7946 14 | protocol: TCP 15 | targetPort: http-memberlist 16 | - name: http 17 | port: 3200 18 | protocol: TCP 19 | targetPort: http 20 | - name: grpc 21 | port: 9095 22 | protocol: TCP 23 | targetPort: grpc 24 | selector: 25 | app.kubernetes.io/component: querier 26 | app.kubernetes.io/instance: simplest 27 | app.kubernetes.io/managed-by: tempo-operator 28 | app.kubernetes.io/name: tempo 29 | -------------------------------------------------------------------------------- /tests/e2e/reconcile/03-update-storage-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: minio-test 5 | stringData: 6 | # update bucket name to check if the operator recreated the tempo configuration file 7 | bucket: tempo2 8 | type: Opaque 9 | -------------------------------------------------------------------------------- /tests/e2e/reconcile/05-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: tempo-simplest-distributor 5 | spec: 6 | template: 7 | spec: 8 | serviceAccount: tempo-simplest 9 | status: 10 | readyReplicas: 1 11 | -------------------------------------------------------------------------------- /tests/e2e/reconcile/05-disable-reconciliation.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: fake-sa 5 | --- 6 | apiVersion: tempo.grafana.com/v1alpha1 7 | kind: TempoStack 8 | metadata: 9 | name: simplest 10 | spec: 11 | # The deployments use the tempo-simplest Service Account. Changing the 12 | # SA here and setting the managementState to Unmanaged will make the operator 13 | # to not change the original service account name 14 | serviceAccount: fake-sa 15 | managementState: Unmanaged 16 | -------------------------------------------------------------------------------- /tests/e2e/tempostack-extraconfig/install-storage-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: minio 5 | status: 6 | readyReplicas: 1 7 | -------------------------------------------------------------------------------- /tests/e2e/tempostack-extraconfig/install-tempostack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tempo.grafana.com/v1alpha1 2 | kind: TempoStack 3 | metadata: 4 | name: simplest 5 | spec: 6 | timeout: 70s 7 | extraConfig: 8 | tempo: 9 | server: 10 | http_server_write_timeout: 10m 11 | http_server_read_timeout: 10m 12 | querier: 13 | search: 14 | query_timeout: 180s 15 | query_frontend: 16 | max_retries: 3 17 | storage: 18 | secret: 19 | name: minio 20 | type: s3 21 | storageSize: 200M 22 | resources: 23 | total: 24 | limits: 25 | memory: 2Gi 26 | cpu: 2000m 27 | template: 28 | queryFrontend: 29 | jaegerQuery: 30 | enabled: true 31 | ingress: 32 | type: ingress 33 | -------------------------------------------------------------------------------- /tests/operator-metrics/max-loops/00-assert.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: sa-assert-metrics 5 | namespace: ($TEMPO_NAMESPACE) 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: sa-assert-metrics-role-binding 11 | -------------------------------------------------------------------------------- /tests/operator-metrics/max-loops/00-metrics-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: sa-assert-metrics 5 | namespace: ($TEMPO_NAMESPACE) 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: sa-assert-metrics-role-binding 11 | subjects: 12 | - kind: ServiceAccount 13 | name: sa-assert-metrics 14 | namespace: ($TEMPO_NAMESPACE) 15 | roleRef: 16 | kind: ClusterRole 17 | name: tempo-operator-metrics-reader 18 | apiGroup: rbac.authorization.k8s.io 19 | -------------------------------------------------------------------------------- /tests/operator-metrics/max-loops/01-assert-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: verify-metrics 5 | namespace: ($TEMPO_NAMESPACE) 6 | status: 7 | succeeded: 1 --------------------------------------------------------------------------------