Skip to content

MON-4036: Add TelemeterClientConfig to ClusterMonitoring API #2755

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
danielmellado wants to merge 1 commit into
base: master
Choose a base branch
from
Open

MON-4036: Add TelemeterClientConfig to ClusterMonitoring API #2755

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
562 changes: 516 additions & 46 deletions config/v1alpha1/tests/clustermonitorings.config.openshift.io/ClusterMonitoringConfig.yaml
View file
Open in desktop

Large diffs are not rendered by default.

106 changes: 96 additions & 10 deletions config/v1alpha1/types_cluster_monitoring.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,12 @@ type ClusterMonitoringSpec struct {
// When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.
// +optional
OpenShiftStateMetricsConfig OpenShiftStateMetricsConfig `json:"openShiftStateMetricsConfig,omitempty,omitzero"`
// telemeterClientConfig is an optional field that can be used to configure the Telemeter Client
// component that runs in the openshift-monitoring namespace. The Telemeter Client collects
// selected monitoring metrics and forwards them to Red Hat for telemetry purposes.
// When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.
// +optional
TelemeterClientConfig TelemeterClientConfig `json:"telemeterClientConfig,omitempty,omitzero"`
}

// UserDefinedMonitoring config for user-defined projects.
Expand Down Expand Up @@ -202,13 +208,13 @@ type AlertmanagerCustomConfig struct {
// - name: memory
// request: 40Mi
// limit: null
// Maximum length for this list is 10.
// Maximum length for this list is 5.
// Minimum length for this list is 1.
// Each resource name must be unique within this list.
// +optional
// +listType=map
// +listMapKey=name
// +kubebuilder:validation:MaxItems=10
// +kubebuilder:validation:MaxItems=5
// +kubebuilder:validation:MinItems=1
Comment on lines +211 to 218
Copy link

@coderabbitai coderabbitai bot Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Avoid tightening existing resources lists without a migration plan.

Lines 211-218, 422-429, 493-500, 557-564, and 617-624 all shrink already-shipped []ContainerResource fields from 10 items to 5. That is a schema-breaking contraction: any existing ClusterMonitoring object using 6-10 entries in one of those fields will stop passing validation on later updates once this CRD is installed. Please either preserve backward compatibility for the existing fields or document/implement a migration path before merging.

Also applies to: 422-429, 493-500, 557-564, 617-624, 690-697

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@config/v1alpha1/types_cluster_monitoring.go` around lines 211 - 218, The
MaxItems for several []ContainerResource "resources" lists was tightened from 10
to 5, which is schema-breaking; revert the +kubebuilder:validation:MaxItems
annotation (or change it back to 10) for the "resources" list annotations so
existing ClusterMonitoring CRs with 6–10 entries continue to validate,
specifically update the +kubebuilder:validation:MaxItems on the "resources" list
annotations associated with the ContainerResource lists (the "resources" field)
in types_cluster_monitoring.go so they match the original limit (10) or remove
the constraint until a migration is provided.

Resources []ContainerResource `json:"resources,omitempty"`
// secrets defines a list of secrets that need to be mounted into the Alertmanager.
Expand Down Expand Up @@ -309,6 +315,13 @@ const (
)

// ContainerResource defines a single resource requirement for a container.
// ---
// MaxItems on []ContainerResource fields is kept at 5 to stay within the
// Kubernetes CRD CEL validation cost budget (StaticEstimatedCRDCostLimit).
// The quantity() CEL function has a high fixed estimated cost per invocation,
// and the limit-vs-request comparison rule is costed per maxItems per location.
// With multiple structs in ClusterMonitoringSpec embedding []ContainerResource,
// maxItems > 5 causes the total estimated rule cost to exceed the budget.
// +kubebuilder:validation:XValidation:rule="has(self.request) || has(self.limit)",message="at least one of request or limit must be set"
// +kubebuilder:validation:XValidation:rule="!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) >= 0",message="limit must be greater than or equal to request"
type ContainerResource struct {
Expand Down Expand Up @@ -407,13 +420,13 @@ type MetricsServerConfig struct {
// - name: memory
// request: 40Mi
// limit: null
// Maximum length for this list is 10.
// Maximum length for this list is 5.
// Minimum length for this list is 1.
// Each resource name must be unique within this list.
// +optional
// +listType=map
// +listMapKey=name
// +kubebuilder:validation:MaxItems=10
// +kubebuilder:validation:MaxItems=5
// +kubebuilder:validation:MinItems=1
Resources []ContainerResource `json:"resources,omitempty"`
// topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed
Expand Down Expand Up @@ -478,13 +491,13 @@ type PrometheusOperatorConfig struct {
// - name: memory
// request: 40Mi
// limit: null
// Maximum length for this list is 10.
// Maximum length for this list is 5.
// Minimum length for this list is 1.
// Each resource name must be unique within this list.
// +optional
// +listType=map
// +listMapKey=name
// +kubebuilder:validation:MaxItems=10
// +kubebuilder:validation:MaxItems=5
// +kubebuilder:validation:MinItems=1
Resources []ContainerResource `json:"resources,omitempty"`
// tolerations defines tolerations for the pods.
Expand Down Expand Up @@ -542,13 +555,13 @@ type PrometheusOperatorAdmissionWebhookConfig struct {
// - name: memory
// request: 30Mi
// limit: null
// Maximum length for this list is 10.
// Maximum length for this list is 5.
// Minimum length for this list is 1.
// Each resource name must be unique within this list.
// +optional
// +listType=map
// +listMapKey=name
// +kubebuilder:validation:MaxItems=10
// +kubebuilder:validation:MaxItems=5
// +kubebuilder:validation:MinItems=1
Resources []ContainerResource `json:"resources,omitempty"`
// topologySpreadConstraints defines rules for how admission webhook Pods should be distributed
Expand Down Expand Up @@ -602,13 +615,13 @@ type OpenShiftStateMetricsConfig struct {
// - name: memory
// request: 32Mi
// limit: null
// Maximum length for this list is 10.
// Maximum length for this list is 5.
// Minimum length for this list is 1.
// Each resource name must be unique within this list.
// +optional
// +listType=map
// +listMapKey=name
// +kubebuilder:validation:MaxItems=10
// +kubebuilder:validation:MaxItems=5
// +kubebuilder:validation:MinItems=1
Resources []ContainerResource `json:"resources,omitempty"`
// tolerations defines tolerations for the pods.
Expand Down Expand Up @@ -645,6 +658,79 @@ type OpenShiftStateMetricsConfig struct {
TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
}

// TelemeterClientConfig provides configuration options for the Telemeter Client component
// that runs in the `openshift-monitoring` namespace. The Telemeter Client collects selected
// monitoring metrics and forwards them to Red Hat for telemetry purposes.
// +kubebuilder:validation:MinProperties=1
type TelemeterClientConfig struct {
// nodeSelector defines the nodes on which the Pods are scheduled.
Comment on lines +661 to +666
Copy link

@qodo-code-review qodo-code-review bot Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Action required

1. telemeterclientconfig minproperties undocumented 📘 Rule violation ✓ Correctness

TelemeterClientConfig has +kubebuilder:validation:MinProperties=1, but the type comment does not
document that the object must not be empty (i.e., at least one field must be set). This violates the
requirement that validation markers be fully documented, potentially confusing API consumers about
valid/invalid configurations.
Agent Prompt 
## Issue description
`TelemeterClientConfig` includes the validation marker `+kubebuilder:validation:MinProperties=1`, but the type-level comment does not document the resulting constraint that the object must not be empty.

## Issue Context
Compliance requires that every validation marker applied to an API field/type be fully documented in comments so users understand constraints without inspecting generated schema.

## Fix Focus Areas
- config/v1alpha1/types_cluster_monitoring.go[575-581]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

// This field is optional.
//
// When omitted, this means the user has no opinion and the platform is left
// to choose reasonable defaults. These defaults are subject to change over time.
// The current default value is `kubernetes.io/os: linux`.
// When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.
// +optional
// +kubebuilder:validation:MinProperties=1
// +kubebuilder:validation:MaxProperties=10
NodeSelector map[string]string `json:"nodeSelector,omitempty"`
// resources defines the compute resource requests and limits for the Telemeter Client container.
// This includes CPU, memory and HugePages constraints to help control scheduling and resource usage.
// When not specified, defaults are used by the platform. Requests cannot exceed limits.
// This field is optional.
// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
// This is a simplified API that maps to Kubernetes ResourceRequirements.
// The current default values are:
// resources:
// - name: cpu
// request: 1m
// limit: null
// - name: memory
// request: 40Mi
// limit: null
// Maximum length for this list is 5.
// Minimum length for this list is 1.
// Each resource name must be unique within this list.
// +optional
// +listType=map
// +listMapKey=name
// +kubebuilder:validation:MaxItems=5
// +kubebuilder:validation:MinItems=1
Resources []ContainerResource `json:"resources,omitempty"`
// tolerations defines tolerations for the pods.
// This field is optional.
//
// When omitted, this means the user has no opinion and the platform is left
// to choose reasonable defaults. These defaults are subject to change over time.
// Default is empty list.
// Maximum length for this list is 10.
// Minimum length for this list is 1.
// +kubebuilder:validation:MaxItems=10
// +kubebuilder:validation:MinItems=1
// +listType=atomic
// +optional
Tolerations []v1.Toleration `json:"tolerations,omitempty"`
// topologySpreadConstraints defines rules for how Telemeter Client Pods should be distributed
// across topology domains such as zones, nodes, or other user-defined labels.
// This field is optional.
// This helps improve high availability and resource efficiency by avoiding placing
// too many replicas in the same failure domain.
//
// When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time.
// This field maps directly to the `topologySpreadConstraints` field in the Pod spec.
// Default is empty list.
// Maximum length for this list is 10.
// Minimum length for this list is 1.
// Entries must have unique topologyKey and whenUnsatisfiable pairs.
// +kubebuilder:validation:MaxItems=10
// +kubebuilder:validation:MinItems=1
// +listType=map
// +listMapKey=topologyKey
// +listMapKey=whenUnsatisfiable
// +optional
TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
}

// AuditProfile defines the audit log level for the Metrics Server.
// +kubebuilder:validation:Enum=None;Metadata;Request;RequestResponse
type AuditProfile string
Expand Down
Loading