diff --git a/cmd/nginx-ingress/main.go b/cmd/nginx-ingress/main.go index ff283b9d65..8608e93808 100644 --- a/cmd/nginx-ingress/main.go +++ b/cmd/nginx-ingress/main.go @@ -1068,7 +1068,7 @@ func updateSelfWithVersionInfo(ctx context.Context, eventLog record.EventRecorde for key, value := range labels { fmt.Fprintf(labelsString, "%s=\"%s\", ", key, value) } - eventLog.Eventf(newPod, api_v1.EventTypeNormal, "UpdatePodLabel", "Successfully added version labels, %s", strings.TrimRight(labelsString.String(), ", ")) + eventLog.Eventf(newPod, api_v1.EventTypeNormal, nl.EventReasonUpdatePodLabel, "Successfully added version labels, %s", strings.TrimRight(labelsString.String(), ", ")) nl.Infof(l, "Pod label updated: %s", pod.ObjectMeta.Name) podUpdated = true } diff --git a/internal/certmanager/sync.go b/internal/certmanager/sync.go index 9b9bb76129..5b362a7b83 100644 --- a/internal/certmanager/sync.go +++ b/internal/certmanager/sync.go @@ -40,13 +40,6 @@ import ( vsapi "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/v1" ) -const ( - reasonBadConfig = "BadConfig" - reasonCreateCertificate = "CreateCertificate" - reasonUpdateCertificate = "UpdateCertificate" - reasonDeleteCertificate = "DeleteCertificate" -) - var vsGVK = vsapi.SchemeGroupVersion.WithKind("VirtualServer") // SyncFn is the reconciliation function passed to cert manager VS controller. @@ -71,7 +64,7 @@ func SyncFnFor( issuerName, issuerKind, issuerGroup, err := issuerForVirtualServer(vs) if err != nil { nl.Errorf(l, "Failed to determine issuer to be used for VirtualServer resource: %v", err) - rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Could not determine issuer for virtual server due to bad config: %s", + rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Could not determine issuer for virtual server due to bad config: %s", err) return err } @@ -81,7 +74,7 @@ func SyncFnFor( newCrts, updateCrts, err := buildCertificates(ctx, nsi.cmLister, vs, issuerName, issuerKind, issuerGroup) if err != nil { nl.Errorf(l, "Incorrect cert-manager configuration for VirtualServer resource: %v", err) - rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Incorrect cert-manager configuration for VirtualServer resource: %s", + rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Incorrect cert-manager configuration for VirtualServer resource: %s", err) return err } @@ -90,22 +83,22 @@ func SyncFnFor( _, err := cmClient.CertmanagerV1().Certificates(crt.Namespace).Create(ctx, crt, metav1.CreateOptions{}) if err != nil { nl.Errorf(l, "Error issuing Certificate for VirtualServer resource: %v", err) - rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Error issuing Certificate for VirtualServer resource: %s", + rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Error issuing Certificate for VirtualServer resource: %s", err) return err } - rec.Eventf(vs, corev1.EventTypeNormal, reasonCreateCertificate, "Successfully created Certificate %q", crt.Name) + rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonCreateCertificate, "Successfully created Certificate %q", crt.Name) } for _, crt := range updateCrts { _, err := cmClient.CertmanagerV1().Certificates(crt.Namespace).Update(ctx, crt, metav1.UpdateOptions{}) if err != nil { nl.Errorf(l, "Error updating Certificate for VirtualServer resource: %v", err) - rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Error updating Certificate for VirtualServer resource: %s", + rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Error updating Certificate for VirtualServer resource: %s", err) return err } - rec.Eventf(vs, corev1.EventTypeNormal, reasonUpdateCertificate, "Successfully updated Certificate %q", crt.Name) + rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonUpdateCertificate, "Successfully updated Certificate %q", crt.Name) } var certs []*cmapi.Certificate @@ -121,7 +114,7 @@ func SyncFnFor( nl.Errorf(l, "Error deleting Certificate for VirtualServer resource: %v", err) return err } - rec.Eventf(vs, corev1.EventTypeNormal, reasonDeleteCertificate, "Successfully deleted unrequired Certificate %q", certName) + rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonDeleteCertificate, "Successfully deleted unrequired Certificate %q", certName) } return nil diff --git a/internal/configs/configmaps.go b/internal/configs/configmaps.go index 38bc215788..9bcdfe254a 100644 --- a/internal/configs/configmaps.go +++ b/internal/configs/configmaps.go @@ -16,8 +16,7 @@ import ( ) const ( - minimumInterval = 60 - invalidValueReason = "InvalidValue" + minimumInterval = 60 ) // ParseConfigMap parses ConfigMap into ConfigParams. @@ -38,7 +37,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has } else { errorText := fmt.Sprintf("ConfigMap %s/%s: 'server-tokens' must be a bool for OSS, ignoring", cfgm.GetNamespace(), cfgm.GetName()) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } else { @@ -54,7 +53,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if parsedMethod, err := ParseLBMethodForPlus(lbMethod); err != nil { errorText := fmt.Sprintf("ConfigMap %s/%s: invalid value for 'lb-method': %q: %v, ignoring", cfgm.GetNamespace(), cfgm.GetName(), lbMethod, err) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } else { cfgParams.LBMethod = parsedMethod @@ -63,7 +62,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if parsedMethod, err := ParseLBMethod(lbMethod); err != nil { errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the lb-method key: got %q: %v", cfgm.GetNamespace(), cfgm.GetName(), lbMethod, err) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } else { cfgParams.LBMethod = parsedMethod @@ -114,7 +113,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if HTTP2, exists, err := GetMapKeyAsBool(cfgm.Data, "http2", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.HTTP2 = HTTP2 @@ -124,7 +123,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if redirectToHTTPS, exists, err := GetMapKeyAsBool(cfgm.Data, "redirect-to-https", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.RedirectToHTTPS = redirectToHTTPS @@ -134,7 +133,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if sslRedirect, exists, err := GetMapKeyAsBool(cfgm.Data, "ssl-redirect", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.SSLRedirect = sslRedirect @@ -144,7 +143,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if hsts, exists, err := GetMapKeyAsBool(cfgm.Data, "hsts", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { parsingErrors := false @@ -152,21 +151,21 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has hstsMaxAge, existsMA, err := GetMapKeyAsInt64(cfgm.Data, "hsts-max-age", cfgm) if existsMA && err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) parsingErrors = true configOk = false } hstsIncludeSubdomains, existsIS, err := GetMapKeyAsBool(cfgm.Data, "hsts-include-subdomains", cfgm) if existsIS && err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) parsingErrors = true configOk = false } hstsBehindProxy, existsBP, err := GetMapKeyAsBool(cfgm.Data, "hsts-behind-proxy", cfgm) if existsBP && err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) parsingErrors = true configOk = false } @@ -174,7 +173,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if parsingErrors { errorText := fmt.Sprintf("ConfigMap %s/%s: there are configuration issues with HSTS settings, ignoring all HSTS options", cfgm.GetNamespace(), cfgm.GetName()) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } else { cfgParams.HSTS = hsts @@ -194,7 +193,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if proxyProtocol, exists, err := GetMapKeyAsBool(cfgm.Data, "proxy-protocol", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.ProxyProtocol = proxyProtocol @@ -209,7 +208,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has } else { nl.Error(l, errorText) configOk = false - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) } } else { cfgParams.RealIPHeader = realIPHeader @@ -223,7 +222,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if realIPRecursive, exists, err := GetMapKeyAsBool(cfgm.Data, "real-ip-recursive", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.RealIPRecursive = realIPRecursive @@ -237,7 +236,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if sslPreferServerCiphers, exists, err := GetMapKeyAsBool(cfgm.Data, "ssl-prefer-server-ciphers", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.MainServerSSLPreferServerCiphers = sslPreferServerCiphers @@ -261,7 +260,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if !strings.HasPrefix(accessLog, "syslog:") { errorText := fmt.Sprintf("ConfigMap %s/%s: invalid value for 'access-log': %q, ignoring", cfgm.GetNamespace(), cfgm.GetName(), accessLog) nl.Warn(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } else { cfgParams.MainAccessLog = accessLog @@ -271,7 +270,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if accessLogOff, exists, err := GetMapKeyAsBool(cfgm.Data, "access-log-off", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { if accessLogOff { @@ -305,7 +304,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if defaultServerAccessLogOff, exists, err := GetMapKeyAsBool(cfgm.Data, "default-server-access-log-off", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.DefaultServerAccessLogOff = defaultServerAccessLogOff @@ -319,7 +318,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if proxyBuffering, exists, err := GetMapKeyAsBool(cfgm.Data, "proxy-buffering", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.ProxyBuffering = proxyBuffering @@ -357,7 +356,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if _, exists, err := GetMapKeyAsInt(cfgm.Data, "worker-processes", cfgm); exists { if err != nil && cfgm.Data["worker-processes"] != "auto" { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.MainWorkerProcesses = cfgm.Data["worker-processes"] @@ -383,7 +382,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if keepalive, exists, err := GetMapKeyAsInt(cfgm.Data, "keepalive", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.Keepalive = keepalive @@ -393,7 +392,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if maxFails, exists, err := GetMapKeyAsInt(cfgm.Data, "max-fails", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.MaxFails = maxFails @@ -442,7 +441,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has } else { errorText := fmt.Sprintf("ConfigMap %s/%s key %s requires NGINX Plus", cfgm.Namespace, cfgm.Name, "resolver-addresses") nl.Warn(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -450,7 +449,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if resolverIpv6, exists, err := GetMapKeyAsBool(cfgm.Data, "resolver-ipv6", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { if nginxPlus { @@ -458,7 +457,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has } else { errorText := fmt.Sprintf("ConfigMap %s/%s key %s requires NGINX Plus", cfgm.Namespace, cfgm.Name, "resolver-ipv6") nl.Warn(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -470,7 +469,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has } else { errorText := fmt.Sprintf("ConfigMap %s/%s key %s requires NGINX Plus", cfgm.Namespace, cfgm.Name, "resolver-valid") nl.Warn(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -481,7 +480,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has } else { errorText := fmt.Sprintf("ConfigMap %s/%s key %s requires NGINX Plus", cfgm.Namespace, cfgm.Name, "resolver-timeout") nl.Warn(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -493,7 +492,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if keepaliveRequests, exists, err := GetMapKeyAsInt64(cfgm.Data, "keepalive-requests", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.MainKeepaliveRequests = keepaliveRequests @@ -503,7 +502,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if varHashBucketSize, exists, err := GetMapKeyAsUint64(cfgm.Data, "variables-hash-bucket-size", cfgm, true); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.VariablesHashBucketSize = varHashBucketSize @@ -513,7 +512,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if varHashMaxSize, exists, err := GetMapKeyAsUint64(cfgm.Data, "variables-hash-max-size", cfgm, false); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { cfgParams.VariablesHashMaxSize = varHashMaxSize @@ -535,7 +534,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has if openTracing, exists, err := GetMapKeyAsBool(cfgm.Data, "opentracing", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configOk = false } else { if cfgParams.MainOpenTracingLoadModule { @@ -543,7 +542,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has } else { errorText := "ConfigMap key 'opentracing' requires both 'opentracing-tracer' and 'opentracing-tracer-config' keys configured, Opentracing will be disabled, ignoring" nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -561,7 +560,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has appProtectFailureModeAction, ) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -577,7 +576,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has appProtectCompressedRequestsAction, ) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -597,7 +596,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has appProtectCPUThresholds, ) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -613,7 +612,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has appProtectPhysicalMemoryThresholds, ) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -630,7 +629,7 @@ func ParseConfigMap(ctx context.Context, cfgm *v1.ConfigMap, nginxPlus bool, has appProtectReconnectPeriod, ) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configOk = false } } @@ -680,7 +679,7 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record if err != nil { errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the ssl-verify key: got %t: %v. Ignoring.", cfgm.GetNamespace(), cfgm.GetName(), sslVerify, err) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configWarnings = true } else { mgmtCfgParams.SSLVerify = BoolToPointerBool(sslVerify) @@ -694,7 +693,7 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record if resolverIpv6, exists, err := GetMapKeyAsBool(cfgm.Data, "resolver-ipv6", cfgm); exists { if err != nil { nl.Error(l, err) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, err.Error()) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, err.Error()) configWarnings = true } else { mgmtCfgParams.ResolverIPV6 = BoolToPointerBool(resolverIpv6) @@ -709,7 +708,7 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record if err != nil { errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the enforce-initial-report key: got %t: %v. Ignoring.", cfgm.GetNamespace(), cfgm.GetName(), enforceInitialReport, err) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configWarnings = true } else { mgmtCfgParams.EnforceInitialReport = BoolToPointerBool(enforceInitialReport) @@ -722,7 +721,7 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record if err != nil { errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the usage-report-endpoint key: got %q: %v. Using default endpoint.", cfgm.GetNamespace(), cfgm.GetName(), endpoint, err) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configWarnings = true } else { mgmtCfgParams.Endpoint = strings.TrimSpace(endpoint) @@ -735,13 +734,13 @@ func ParseMGMTConfigMap(ctx context.Context, cfgm *v1.ConfigMap, eventLog record if err != nil { errorText := fmt.Sprintf("Configmap %s/%s: Invalid value for the interval key: got %q: %v. Ignoring.", cfgm.GetNamespace(), cfgm.GetName(), i, err) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configWarnings = true } if t.Seconds() < minimumInterval { errorText := fmt.Sprintf("Configmap %s/%s: Value too low for the interval key, got: %v, need higher than %ds. Ignoring.", cfgm.GetNamespace(), cfgm.GetName(), i, minimumInterval) nl.Error(l, errorText) - eventLog.Event(cfgm, v1.EventTypeWarning, invalidValueReason, errorText) + eventLog.Event(cfgm, v1.EventTypeWarning, nl.EventReasonInvalidValue, errorText) configWarnings = true mgmtCfgParams.Interval = "" } else { diff --git a/internal/externaldns/sync.go b/internal/externaldns/sync.go index 3024b8bd3f..1b55c27092 100644 --- a/internal/externaldns/sync.go +++ b/internal/externaldns/sync.go @@ -23,12 +23,9 @@ import ( ) const ( - reasonBadConfig = "BadConfig" - reasonCreateDNSEndpoint = "CreateDNSEndpoint" - reasonUpdateDNSEndpoint = "UpdateDNSEndpoint" - recordTypeA = "A" - recordTypeAAAA = "AAAA" - recordTypeCNAME = "CNAME" + recordTypeA = "A" + recordTypeAAAA = "AAAA" + recordTypeCNAME = "CNAME" ) var vsGVK = vsapi.SchemeGroupVersion.WithKind("VirtualServer") @@ -54,7 +51,7 @@ func SyncFnFor(rec record.EventRecorder, client clientset.Interface, ig map[stri targets, recordType, err := getValidTargets(ctx, vs.Status.ExternalEndpoints) if err != nil { nl.Error(l, "Invalid external endpoint") - rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Invalid external endpoint") + rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Invalid external endpoint") return err } @@ -63,7 +60,7 @@ func SyncFnFor(rec record.EventRecorder, client clientset.Interface, ig map[stri newDNSEndpoint, updateDNSEndpoint, err := buildDNSEndpoint(ctx, nsi.extdnslister, vs, targets, recordType) if err != nil { nl.Errorf(l, "incorrect DNSEndpoint config for VirtualServer resource: %s", err) - rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Incorrect DNSEndpoint config for VirtualServer resource: %s", err) + rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Incorrect DNSEndpoint config for VirtualServer resource: %s", err) return err } @@ -80,11 +77,11 @@ func SyncFnFor(rec record.EventRecorder, client clientset.Interface, ig map[stri return fmt.Errorf("DNSEndpoint has already been created") } nl.Errorf(l, "Error creating DNSEndpoint for VirtualServer resource: %v", err) - rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Error creating DNSEndpoint for VirtualServer resource %s", err) + rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Error creating DNSEndpoint for VirtualServer resource %s", err) return err } - rec.Eventf(vs, corev1.EventTypeNormal, reasonCreateDNSEndpoint, "Successfully created DNSEndpoint %q", newDNSEndpoint.Name) - rec.Eventf(dep, corev1.EventTypeNormal, reasonCreateDNSEndpoint, "Successfully created DNSEndpoint for VirtualServer %q", vs.Name) + rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonCreateDNSEndpoint, "Successfully created DNSEndpoint %q", newDNSEndpoint.Name) + rec.Eventf(dep, corev1.EventTypeNormal, nl.EventReasonCreateDNSEndpoint, "Successfully created DNSEndpoint for VirtualServer %q", vs.Name) } // Update existing DNSEndpoint object @@ -93,11 +90,11 @@ func SyncFnFor(rec record.EventRecorder, client clientset.Interface, ig map[stri dep, err = client.ExternaldnsV1().DNSEndpoints(updateDNSEndpoint.Namespace).Update(ctx, updateDNSEndpoint, metav1.UpdateOptions{}) if err != nil { nl.Errorf(l, "Error updating DNSEndpoint endpoint for VirtualServer resource: %v", err) - rec.Eventf(vs, corev1.EventTypeWarning, reasonBadConfig, "Error updating DNSEndpoint for VirtualServer resource: %s", err) + rec.Eventf(vs, corev1.EventTypeWarning, nl.EventReasonBadConfig, "Error updating DNSEndpoint for VirtualServer resource: %s", err) return err } - rec.Eventf(vs, corev1.EventTypeNormal, reasonUpdateDNSEndpoint, "Successfully updated DNSEndpoint %q", updateDNSEndpoint.Name) - rec.Eventf(dep, corev1.EventTypeNormal, reasonUpdateDNSEndpoint, "Successfully updated DNSEndpoint for VirtualServer %q", vs.Name) + rec.Eventf(vs, corev1.EventTypeNormal, nl.EventReasonUpdateDNSEndpoint, "Successfully updated DNSEndpoint %q", updateDNSEndpoint.Name) + rec.Eventf(dep, corev1.EventTypeNormal, nl.EventReasonUpdateDNSEndpoint, "Successfully updated DNSEndpoint for VirtualServer %q", vs.Name) } return nil } diff --git a/internal/k8s/appprotect/app_protect_configuration.go b/internal/k8s/appprotect/app_protect_configuration.go index 587b4aca0a..5fd3b5374d 100644 --- a/internal/k8s/appprotect/app_protect_configuration.go +++ b/internal/k8s/appprotect/app_protect_configuration.go @@ -7,9 +7,9 @@ import ( "sort" "time" - "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/validation" - "github.com/nginx/kubernetes-ingress/internal/k8s/appprotectcommon" + nl "github.com/nginx/kubernetes-ingress/internal/logger" + "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/validation" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" @@ -354,7 +354,7 @@ func (ci *ConfigurationImpl) AddOrUpdatePolicy(policyObj *unstructured.Unstructu if err != nil { ci.Policies[resNsName] = policy return append(changes, Change{Op: Delete, Resource: policy}), - append(problems, Problem{Object: policyObj, Reason: "Rejected", Message: err.Error()}) + append(problems, Problem{Object: policyObj, Reason: nl.EventReasonRejected, Message: err.Error()}) } if ci.verifyPolicyAgainstUserSigs(policy) { ci.Policies[resNsName] = policy @@ -364,7 +364,7 @@ func (ci *ConfigurationImpl) AddOrUpdatePolicy(policyObj *unstructured.Unstructu policy.ErrorMsg = missingUserSigErrorMsg ci.Policies[resNsName] = policy return append(changes, Change{Op: Delete, Resource: policy}), - append(problems, Problem{Object: policyObj, Reason: "Rejected", Message: missingUserSigErrorMsg}) + append(problems, Problem{Object: policyObj, Reason: nl.EventReasonRejected, Message: missingUserSigErrorMsg}) } // AddOrUpdateLogConf adds or updates App Protect Log Configuration to App Protect Configuration @@ -374,7 +374,7 @@ func (ci *ConfigurationImpl) AddOrUpdateLogConf(logconfObj *unstructured.Unstruc ci.LogConfs[resNsName] = logConf if err != nil { return append(changes, Change{Op: Delete, Resource: logConf}), - append(problems, Problem{Object: logconfObj, Reason: "Rejected", Message: err.Error()}) + append(problems, Problem{Object: logconfObj, Reason: nl.EventReasonRejected, Message: err.Error()}) } return append(changes, Change{Op: AddOrUpdate, Resource: logConf}), problems } @@ -385,7 +385,7 @@ func (ci *ConfigurationImpl) AddOrUpdateUserSig(userSigObj *unstructured.Unstruc userSig, err := createAppProtectUserSigEx(userSigObj) ci.UserSigs[resNsName] = userSig if err != nil { - problems = append(problems, Problem{Object: userSigObj, Reason: "Rejected", Message: err.Error()}) + problems = append(problems, Problem{Object: userSigObj, Reason: nl.EventReasonRejected, Message: err.Error()}) } change.UserSigs = append(change.UserSigs, userSigObj) ci.buildUserSigChangeAndProblems(&problems, &change) @@ -489,7 +489,7 @@ func (ci *ConfigurationImpl) reconcileUserSigs() (changes []Change, problems []P for _, sig := range sigs[1:] { if sig.IsValid { sig.setInvalid(duplicatedTagsErrorMsg) - looserProblem := Problem{Object: sig.Obj, Reason: "Rejected", Message: duplicatedTagsErrorMsg} + looserProblem := Problem{Object: sig.Obj, Reason: nl.EventReasonRejected, Message: duplicatedTagsErrorMsg} looserChange := Change{Op: Delete, Resource: sig} changes = append(changes, looserChange) problems = append(problems, looserProblem) @@ -511,7 +511,7 @@ func (ci *ConfigurationImpl) verifyPolicies() (changes []Change, problems []Prob if pol.IsValid { if !ci.verifyPolicyAgainstUserSigs(pol) { pol.setInvalid(missingUserSigErrorMsg) - polProb := Problem{Object: pol.Obj, Reason: "Rejected", Message: missingUserSigErrorMsg} + polProb := Problem{Object: pol.Obj, Reason: nl.EventReasonRejected, Message: missingUserSigErrorMsg} polCh := Change{Op: Delete, Resource: pol} changes = append(changes, polCh) problems = append(problems, polProb) diff --git a/internal/k8s/appprotect/app_protect_configuration_test.go b/internal/k8s/appprotect/app_protect_configuration_test.go index 7328924482..3fe5de84f8 100644 --- a/internal/k8s/appprotect/app_protect_configuration_test.go +++ b/internal/k8s/appprotect/app_protect_configuration_test.go @@ -6,6 +6,7 @@ import ( "testing" "time" + nl "github.com/nginx/kubernetes-ingress/internal/logger" nic_glog "github.com/nginx/kubernetes-ingress/internal/logger/glog" "github.com/nginx/kubernetes-ingress/internal/logger/levels" @@ -577,7 +578,7 @@ func TestAddOrUpdatePolicy(t *testing.T) { expectedProblems: []Problem{ { Object: invalidTestPolicy, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Error validating policy : error validating App Protect Policy : required field map[] not found", }, }, @@ -606,7 +607,7 @@ func TestAddOrUpdatePolicy(t *testing.T) { expectedProblems: []Problem{ { Object: testPolicyUnsatisfied, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "policy has unsatisfied signature requirements", }, }, @@ -686,7 +687,7 @@ func TestAddOrUpdateLogConf(t *testing.T) { expectedProblems: []Problem{ { Object: invalidLogConf, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "error validating App Protect Log Configuration testlogconf: required field map[] not found", }, }, @@ -846,7 +847,7 @@ func TestAddOrUpdateUserSig(t *testing.T) { expectedProblems: []Problem{ { Object: invalidTestUserSig2, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "validation failed", }, }, @@ -863,7 +864,7 @@ func TestAddOrUpdateUserSig(t *testing.T) { { Object: testUserSigDupTag, Message: "duplicate tag set", - Reason: "Rejected", + Reason: nl.EventReasonRejected, }, }, msg: "Duplicate tags", @@ -879,7 +880,7 @@ func TestAddOrUpdateUserSig(t *testing.T) { { Object: testUserSig1Invalid, Message: "validation failed", - Reason: "Rejected", + Reason: nl.EventReasonRejected, }, }, msg: "UserSig becomes valid after previous tag holder became invalid", @@ -1071,7 +1072,7 @@ func TestDeleteUserSig(t *testing.T) { }, expectedProblems: []Problem{ { - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "policy has unsatisfied signature requirements", Object: &unstructured.Unstructured{ Object: map[string]interface{}{}, diff --git a/internal/k8s/appprotect_dos.go b/internal/k8s/appprotect_dos.go index 96f0c1d7e6..babfcd2425 100644 --- a/internal/k8s/appprotect_dos.go +++ b/internal/k8s/appprotect_dos.go @@ -216,17 +216,17 @@ func (lbc *LoadBalancerController) processAppProtectDosChanges(changes []appprot warnings, err := lbc.configurator.AddOrUpdateResourcesThatUseDosProtected(resourceExes.IngressExes, resourceExes.MergeableIngresses, resourceExes.VirtualServerExes) lbc.updateResourcesStatusAndEvents(resources, warnings, err) msg := fmt.Sprintf("Configuration for %s/%s was added or updated", impl.Obj.Namespace, impl.Obj.Name) - lbc.recorder.Event(impl.Obj, api_v1.EventTypeNormal, "AddedOrUpdated", msg) + lbc.recorder.Event(impl.Obj, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, msg) case *appprotectdos.DosPolicyEx: msg := "Configuration was added or updated" - lbc.recorder.Event(impl.Obj, api_v1.EventTypeNormal, "AddedOrUpdated", msg) + lbc.recorder.Event(impl.Obj, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, msg) case *appprotectdos.DosLogConfEx: eventType := api_v1.EventTypeNormal - eventTitle := "AddedOrUpdated" + eventTitle := nl.EventReasonAddedOrUpdated msg := "Configuration was added or updated" if impl.ErrorMsg != "" { msg += fmt.Sprintf(" ; with warning(s): %s", impl.ErrorMsg) - eventTitle = "AddedOrUpdatedWithWarning" + eventTitle = nl.EventReasonAddedOrUpdatedWithWarning eventType = api_v1.EventTypeWarning } lbc.recorder.Event(impl.Obj, eventType, eventTitle, msg) diff --git a/internal/k8s/appprotect_waf.go b/internal/k8s/appprotect_waf.go index adfd8ad893..8ed8748f23 100644 --- a/internal/k8s/appprotect_waf.go +++ b/internal/k8s/appprotect_waf.go @@ -371,7 +371,7 @@ func (lbc *LoadBalancerController) processAppProtectChanges(changes []appprotect warnings, updateErr := lbc.configurator.AddOrUpdateAppProtectResource(impl.Obj, resourceExes.IngressExes, resourceExes.MergeableIngresses, resourceExes.VirtualServerExes) lbc.updateResourcesStatusAndEvents(resources, warnings, updateErr) - lbc.recorder.Eventf(impl.Obj, api_v1.EventTypeNormal, "AddedOrUpdated", "AppProtectPolicy %v was added or updated", namespace+"/"+name) + lbc.recorder.Eventf(impl.Obj, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, "AppProtectPolicy %v was added or updated", namespace+"/"+name) case *appprotect.LogConfEx: namespace := impl.Obj.GetNamespace() name := impl.Obj.GetName() @@ -385,7 +385,7 @@ func (lbc *LoadBalancerController) processAppProtectChanges(changes []appprotect warnings, updateErr := lbc.configurator.AddOrUpdateAppProtectResource(impl.Obj, resourceExes.IngressExes, resourceExes.MergeableIngresses, resourceExes.VirtualServerExes) lbc.updateResourcesStatusAndEvents(resources, warnings, updateErr) - lbc.recorder.Eventf(impl.Obj, api_v1.EventTypeNormal, "AddedOrUpdated", "AppProtectLogConfig %v was added or updated", namespace+"/"+name) + lbc.recorder.Eventf(impl.Obj, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, "AppProtectLogConfig %v was added or updated", namespace+"/"+name) } } else if c.Op == appprotect.Delete { switch impl := c.Resource.(type) { diff --git a/internal/k8s/appprotectdos/app_protect_dos_configuration.go b/internal/k8s/appprotectdos/app_protect_dos_configuration.go index 5a30bf387d..0546ca2a2e 100644 --- a/internal/k8s/appprotectdos/app_protect_dos_configuration.go +++ b/internal/k8s/appprotectdos/app_protect_dos_configuration.go @@ -6,6 +6,7 @@ import ( "github.com/nginx/kubernetes-ingress/internal/configs" "github.com/nginx/kubernetes-ingress/internal/k8s/appprotectcommon" + nl "github.com/nginx/kubernetes-ingress/internal/logger" "github.com/nginx/kubernetes-ingress/pkg/apis/dos/v1beta1" "github.com/nginx/kubernetes-ingress/pkg/apis/dos/validation" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" @@ -117,7 +118,7 @@ func (ci *Configuration) AddOrUpdatePolicy(policyObj *unstructured.Unstructured) op := AddOrUpdate if err != nil { op = Delete - problems = append(problems, Problem{Object: policyObj, Reason: "Rejected", Message: err.Error()}) + problems = append(problems, Problem{Object: policyObj, Reason: nl.EventReasonRejected, Message: err.Error()}) } changes = append(changes, Change{Op: op, Resource: policy}) @@ -140,7 +141,7 @@ func (ci *Configuration) AddOrUpdateLogConf(logConfObj *unstructured.Unstructure op := AddOrUpdate if err != nil { op = Delete - problems = append(problems, Problem{Object: logConfObj, Reason: "Rejected", Message: err.Error()}) + problems = append(problems, Problem{Object: logConfObj, Reason: nl.EventReasonRejected, Message: err.Error()}) } changes = append(changes, Change{Op: op, Resource: logConf}) @@ -162,7 +163,7 @@ func (ci *Configuration) AddOrUpdateDosProtectedResource(protectedConf *v1beta1. ci.dosProtectedResource[resNsName] = protectedEx if err != nil { return []Change{{Op: Delete, Resource: protectedEx}}, - []Problem{{Object: protectedConf, Reason: "Rejected", Message: err.Error()}} + []Problem{{Object: protectedConf, Reason: nl.EventReasonRejected, Message: err.Error()}} } if protectedEx.Obj.Spec.ApDosPolicy != "" { policyReference := protectedEx.Obj.Spec.ApDosPolicy @@ -173,7 +174,7 @@ func (ci *Configuration) AddOrUpdateDosProtectedResource(protectedConf *v1beta1. _, err := ci.getPolicy(policyReference) if err != nil { return []Change{{Op: Delete, Resource: protectedEx}}, - []Problem{{Object: protectedConf, Reason: "Rejected", Message: fmt.Sprintf("dos protected refers (%s) to an invalid DosPolicy: %s", policyReference, err.Error())}} + []Problem{{Object: protectedConf, Reason: nl.EventReasonRejected, Message: fmt.Sprintf("dos protected refers (%s) to an invalid DosPolicy: %s", policyReference, err.Error())}} } } if protectedEx.Obj.Spec.DosSecurityLog != nil && protectedEx.Obj.Spec.DosSecurityLog.ApDosLogConf != "" { @@ -185,7 +186,7 @@ func (ci *Configuration) AddOrUpdateDosProtectedResource(protectedConf *v1beta1. _, err := ci.getLogConf(logConfReference) if err != nil { return []Change{{Op: Delete, Resource: protectedEx}}, - []Problem{{Object: protectedConf, Reason: "Rejected", Message: fmt.Sprintf("dos protected refers (%s) to an invalid DosLogConf: %s", logConfReference, err.Error())}} + []Problem{{Object: protectedConf, Reason: nl.EventReasonRejected, Message: fmt.Sprintf("dos protected refers (%s) to an invalid DosLogConf: %s", logConfReference, err.Error())}} } } return []Change{{Op: AddOrUpdate, Resource: protectedEx}}, nil diff --git a/internal/k8s/appprotectdos/app_protect_dos_configuration_test.go b/internal/k8s/appprotectdos/app_protect_dos_configuration_test.go index 9b2e995cc1..fb76bed5ff 100644 --- a/internal/k8s/appprotectdos/app_protect_dos_configuration_test.go +++ b/internal/k8s/appprotectdos/app_protect_dos_configuration_test.go @@ -6,6 +6,7 @@ import ( "github.com/google/go-cmp/cmp" "github.com/nginx/kubernetes-ingress/internal/configs" + nl "github.com/nginx/kubernetes-ingress/internal/logger" "github.com/nginx/kubernetes-ingress/pkg/apis/dos/v1beta1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" @@ -191,7 +192,7 @@ func TestAddOrUpdateDosProtected(t *testing.T) { expectedProblems: []Problem{ { Object: invalidResource, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "error validating DosProtectedResource: invalidResource missing value for field: name", }, }, @@ -295,7 +296,7 @@ func TestAddOrUpdateDosPolicy(t *testing.T) { expectedProblems: []Problem{ { Object: invalidTestPolicy, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "error validating DosPolicy : required field map[] not found", }, }, @@ -400,7 +401,7 @@ func TestAddOrUpdateDosLogConf(t *testing.T) { expectedProblems: []Problem{ { Object: invalidLogConf, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "error validating App Protect Dos Log Configuration invalid-logconf: required field map[] not found", }, }, diff --git a/internal/k8s/configuration.go b/internal/k8s/configuration.go index a09cd89f25..3aa5969aa9 100644 --- a/internal/k8s/configuration.go +++ b/internal/k8s/configuration.go @@ -8,6 +8,7 @@ import ( "sync" "github.com/nginx/kubernetes-ingress/internal/configs" + nl "github.com/nginx/kubernetes-ingress/internal/logger" conf_v1 "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/v1" "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/validation" networking "k8s.io/api/networking/v1" @@ -469,7 +470,7 @@ func (c *Configuration) AddOrUpdateIngress(ing *networking.Ingress) ([]ResourceC p := ConfigurationProblem{ Object: ing, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: validationError.Error(), } problems = append(problems, p) @@ -535,7 +536,7 @@ func (c *Configuration) AddOrUpdateVirtualServer(vs *conf_v1.VirtualServer) ([]R p := ConfigurationProblem{ Object: vs, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: fmt.Sprintf("VirtualServer %s was rejected with error: %s", getResourceKey(&vs.ObjectMeta), validationError.Error()), } problems = append(problems, p) @@ -584,7 +585,7 @@ func (c *Configuration) AddOrUpdateVirtualServerRoute(vsr *conf_v1.VirtualServer p := ConfigurationProblem{ Object: vsr, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: fmt.Sprintf("VirtualServerRoute %s was rejected with error: %s", getResourceKey(&vsr.ObjectMeta), validationError.Error()), } problems = append(problems, p) @@ -711,7 +712,7 @@ func (c *Configuration) AddOrUpdateTransportServer(ts *conf_v1.TransportServer) p := ConfigurationProblem{ Object: ts, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: fmt.Sprintf("TransportServer %s was rejected with error: %s", getResourceKey(&ts.ObjectMeta), validationErr.Error()), } problems = append(problems, p) @@ -1091,7 +1092,7 @@ func (c *Configuration) addProblemsForTSConfigsWithoutActiveListener( p := ConfigurationProblem{ Object: tsc.TransportServer, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: fmt.Sprintf("Listener %s doesn't exist", listenerName), } problems[tsc.GetKeyWithKind()] = p @@ -1102,7 +1103,7 @@ func (c *Configuration) addProblemsForTSConfigsWithoutActiveListener( p := ConfigurationProblem{ Object: tsc.TransportServer, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: fmt.Sprintf("Listener %s with host %s is taken by another resource", listenerName, hostDescription), } problems[tsc.GetKeyWithKind()] = p @@ -1125,7 +1126,7 @@ func (c *Configuration) addProblemsForResourcesWithoutActiveHost(resources map[s p := ConfigurationProblem{ Object: impl.Ingress, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "All hosts are taken by other resources", } problems[r.GetKeyWithKind()] = p @@ -1137,7 +1138,7 @@ func (c *Configuration) addProblemsForResourcesWithoutActiveHost(resources map[s p := ConfigurationProblem{ Object: impl.VirtualServer, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Host is taken by another resource", } problems[r.GetKeyWithKind()] = p @@ -1149,7 +1150,7 @@ func (c *Configuration) addProblemsForResourcesWithoutActiveHost(resources map[s p := ConfigurationProblem{ Object: impl.TransportServer, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Host is taken by another resource", } problems[r.GetKeyWithKind()] = p @@ -1228,7 +1229,7 @@ func (c *Configuration) addProblemsForOrphanMinions(problems map[string]Configur p := ConfigurationProblem{ Object: ing, IsError: false, - Reason: "NoIngressMasterFound", + Reason: nl.EventReasonNoIngressMasterFound, Message: "Ingress master is invalid or doesn't exist", } k := getResourceKeyWithKind(ingressKind, &ing.ObjectMeta) @@ -1248,7 +1249,7 @@ func (c *Configuration) addProblemsForOrphanOrIgnoredVsrs(problems map[string]Co p := ConfigurationProblem{ Object: vsr, IsError: false, - Reason: "NoVirtualServerFound", + Reason: nl.EventReasonNoVirtualServerFound, Message: "VirtualServer is invalid or doesn't exist", } k := getResourceKeyWithKind(virtualServerRouteKind, &vsr.ObjectMeta) @@ -1268,7 +1269,7 @@ func (c *Configuration) addProblemsForOrphanOrIgnoredVsrs(problems map[string]Co p := ConfigurationProblem{ Object: vsr, IsError: false, - Reason: "Ignored", + Reason: nl.EventReasonIgnored, Message: fmt.Sprintf("VirtualServer %s ignores VirtualServerRoute", getResourceKey(&vsConfig.VirtualServer.ObjectMeta)), } k := getResourceKeyWithKind(virtualServerRouteKind, &vsr.ObjectMeta) diff --git a/internal/k8s/configuration_test.go b/internal/k8s/configuration_test.go index 611e60fb6f..7a746f7148 100644 --- a/internal/k8s/configuration_test.go +++ b/internal/k8s/configuration_test.go @@ -6,7 +6,7 @@ import ( "time" "github.com/google/go-cmp/cmp" - nic_logger "github.com/nginx/kubernetes-ingress/internal/logger" + nl "github.com/nginx/kubernetes-ingress/internal/logger" conf_v1 "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/v1" "github.com/nginx/kubernetes-ingress/pkg/apis/configuration/validation" networking "k8s.io/api/networking/v1" @@ -16,7 +16,7 @@ import ( func createTestConfiguration() *Configuration { lbc := LoadBalancerController{ ingressClass: "nginx", - Logger: nic_logger.LoggerFromContext(context.Background()), + Logger: nl.LoggerFromContext(context.Background()), } isPlus := false appProtectEnabled := false @@ -228,7 +228,7 @@ func TestAddInvalidIngress(t *testing.T) { { Object: ing, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: `spec.rules[1].host: Duplicate value: "foo.example.com"`, }, } @@ -267,7 +267,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) { expectedProblems := []ConfigurationProblem{ { Object: minion1, - Reason: "NoIngressMasterFound", + Reason: nl.EventReasonNoIngressMasterFound, Message: "Ingress master is invalid or doesn't exist", }, } @@ -435,7 +435,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) { { Object: invalidMinion1, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: `[spec.rules[1].host: Duplicate value: "example.com", spec.rules: Too many: 2: must have at most 1 items]`, }, } @@ -517,7 +517,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) { expectedProblems = []ConfigurationProblem{ { Object: updatedMinion2, - Reason: "NoIngressMasterFound", + Reason: nl.EventReasonNoIngressMasterFound, Message: "Ingress master is invalid or doesn't exist", }, } @@ -560,7 +560,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) { expectedProblems = []ConfigurationProblem{ { Object: updatedMinion1, - Reason: "NoIngressMasterFound", + Reason: nl.EventReasonNoIngressMasterFound, Message: "Ingress master is invalid or doesn't exist", }, } @@ -598,7 +598,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) { expectedProblems = []ConfigurationProblem{ { Object: updatedMinion2, - Reason: "NoIngressMasterFound", + Reason: nl.EventReasonNoIngressMasterFound, Message: "Ingress master is invalid or doesn't exist", }, } @@ -709,7 +709,7 @@ func TestAddIngressForMergeableIngresses(t *testing.T) { expectedProblems = []ConfigurationProblem{ { Object: minion2, - Reason: "NoIngressMasterFound", + Reason: nl.EventReasonNoIngressMasterFound, Message: "Ingress master is invalid or doesn't exist", }, } @@ -1089,7 +1089,7 @@ func TestAddInvalidVirtualServer(t *testing.T) { { Object: vs, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "VirtualServer default/virtualserver was rejected with error: spec.host: Required value", }, } @@ -1192,7 +1192,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) { expectedProblems := []ConfigurationProblem{ { Object: vsr1, - Reason: "NoVirtualServerFound", + Reason: nl.EventReasonNoVirtualServerFound, Message: "VirtualServer is invalid or doesn't exist", }, } @@ -1306,7 +1306,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) { { Object: invalidVSR1, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "VirtualServerRoute default/virtualserverroute-1 was rejected with error: spec.host: Required value", }, } @@ -1358,7 +1358,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) { expectedProblems = []ConfigurationProblem{ { Object: invalidForVSVSR1, - Reason: "Ignored", + Reason: nl.EventReasonIgnored, Message: "VirtualServer default/virtualserver ignores VirtualServerRoute", }, } @@ -1410,7 +1410,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) { expectedProblems = []ConfigurationProblem{ { Object: updatedVSR2, - Reason: "NoVirtualServerFound", + Reason: nl.EventReasonNoVirtualServerFound, Message: "VirtualServer is invalid or doesn't exist", }, } @@ -1441,7 +1441,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) { expectedProblems = []ConfigurationProblem{ { Object: vsr1, - Reason: "NoVirtualServerFound", + Reason: nl.EventReasonNoVirtualServerFound, Message: "VirtualServer is invalid or doesn't exist", }, } @@ -1469,7 +1469,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) { expectedProblems = []ConfigurationProblem{ { Object: updatedVSR2, - Reason: "NoVirtualServerFound", + Reason: nl.EventReasonNoVirtualServerFound, Message: "VirtualServer is invalid or doesn't exist", }, } @@ -1540,7 +1540,7 @@ func TestAddVirtualServerWithVirtualServerRoutes(t *testing.T) { expectedProblems = []ConfigurationProblem{ { Object: vsr2, - Reason: "NoVirtualServerFound", + Reason: nl.EventReasonNoVirtualServerFound, Message: "VirtualServer is invalid or doesn't exist", }, } @@ -1577,7 +1577,7 @@ func TestAddInvalidVirtualServerRoute(t *testing.T) { { Object: vsr, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "VirtualServerRoute default/virtualserverroute was rejected with error: spec.host: Required value", }, } @@ -1678,7 +1678,7 @@ func TestHostCollisions(t *testing.T) { { Object: ts, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Host is taken by another resource", }, } @@ -1714,7 +1714,7 @@ func TestHostCollisions(t *testing.T) { { Object: vs, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Host is taken by another resource", }, } @@ -1766,7 +1766,7 @@ func TestHostCollisions(t *testing.T) { { Object: regularIng2, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "All hosts are taken by other resources", }, } @@ -2295,7 +2295,7 @@ func TestAddInvalidTransportServer(t *testing.T) { { Object: ts, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "TransportServer default/transportserver was rejected with error: spec.listener.name: Required value", }, } @@ -2385,7 +2385,7 @@ func TestAddTransportServerWithNonExistingListener(t *testing.T) { { Object: ts, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: `Listener tcp-7777 doesn't exist`, }, } @@ -2618,7 +2618,7 @@ func TestAddOrUpdateGlobalConfigurationThenAddTransportServer(t *testing.T) { { Object: ts1, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Listener tcp-7777 doesn't exist", }, } @@ -2691,13 +2691,13 @@ func TestAddOrUpdateGlobalConfigurationThenAddTransportServer(t *testing.T) { { Object: ts1, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Listener tcp-7777 doesn't exist", }, { Object: ts2, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Listener tcp-8888 doesn't exist", }, } @@ -3412,7 +3412,7 @@ func TestPortCollisions(t *testing.T) { { Object: ts2, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Listener tcp-7777 with host empty host is taken by another resource", }, } @@ -3432,7 +3432,7 @@ func TestPortCollisions(t *testing.T) { { Object: ts3, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Listener tcp-7777 with host empty host is taken by another resource", }, } @@ -3523,7 +3523,7 @@ func TestChallengeIngressToVSR(t *testing.T) { { Object: ing, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "spec.rules: Forbidden: challenge Ingress must have exactly 1 rule defined", }, } @@ -3542,7 +3542,7 @@ func TestChallengeIngressToVSR(t *testing.T) { { Object: ing, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "spec.rules.HTTP.Paths: Forbidden: challenge Ingress must have exactly 1 path defined", }, } @@ -4806,7 +4806,7 @@ func TestTransportServerListenerHostCollisions(t *testing.T) { { Object: ts2, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Listener tcp-7777 with host example.com is taken by another resource", }, } @@ -4861,7 +4861,7 @@ func TestTransportServerListenerHostCollisions(t *testing.T) { { Object: ts5, IsError: false, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: "Listener tcp-7777 with host empty host is taken by another resource", }, } diff --git a/internal/k8s/controller.go b/internal/k8s/controller.go index a518ec0132..f8b317817e 100644 --- a/internal/k8s/controller.go +++ b/internal/k8s/controller.go @@ -79,7 +79,6 @@ const ( typeKeyword = "type" helmReleaseType = "helm.sh/release.v1" splitClientAmountWhenWeightChangesDynamicReload = 101 - secretDeletedReason = "SecretDeleted" ) var ( @@ -935,12 +934,12 @@ func (lbc *LoadBalancerController) updateAllConfigs() { resourceExes := lbc.createExtendedResources(resources) warnings, updateErr := lbc.configurator.UpdateConfig(resourceExes) - eventTitle := "Updated" + eventTitle := nl.EventReasonUpdated eventType := api_v1.EventTypeNormal eventWarningMessage := "" if updateErr != nil { - eventTitle = "UpdatedWithError" + eventTitle = nl.EventReasonUpdatedWithError eventType = api_v1.EventTypeWarning eventWarningMessage = fmt.Sprintf("but was not applied: %v", updateErr) } @@ -951,17 +950,17 @@ func (lbc *LoadBalancerController) updateAllConfigs() { if lbc.configMap != nil { if isNGINXConfigValid { - lbc.recorder.Event(lbc.configMap, api_v1.EventTypeNormal, "Updated", fmt.Sprintf("ConfigMap %s/%s updated without error", lbc.configMap.GetNamespace(), lbc.configMap.GetName())) + lbc.recorder.Event(lbc.configMap, api_v1.EventTypeNormal, nl.EventReasonUpdated, fmt.Sprintf("ConfigMap %s/%s updated without error", lbc.configMap.GetNamespace(), lbc.configMap.GetName())) } else { - lbc.recorder.Event(lbc.configMap, api_v1.EventTypeWarning, "UpdatedWithError", fmt.Sprintf("ConfigMap %s/%s updated with errors. Ignoring invalid values", lbc.configMap.GetNamespace(), lbc.configMap.GetName())) + lbc.recorder.Event(lbc.configMap, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, fmt.Sprintf("ConfigMap %s/%s updated with errors. Ignoring invalid values", lbc.configMap.GetNamespace(), lbc.configMap.GetName())) } } if lbc.mgmtConfigMap != nil { if !mgmtConfigHasWarnings { - lbc.recorder.Event(lbc.mgmtConfigMap, api_v1.EventTypeNormal, "Updated", fmt.Sprintf("MGMT ConfigMap %s/%s updated without error", lbc.mgmtConfigMap.GetNamespace(), lbc.mgmtConfigMap.GetName())) + lbc.recorder.Event(lbc.mgmtConfigMap, api_v1.EventTypeNormal, nl.EventReasonUpdated, fmt.Sprintf("MGMT ConfigMap %s/%s updated without error", lbc.mgmtConfigMap.GetNamespace(), lbc.mgmtConfigMap.GetName())) } else { - lbc.recorder.Event(lbc.mgmtConfigMap, api_v1.EventTypeWarning, "UpdatedWithError", fmt.Sprintf("MGMT ConfigMap %s/%s updated with errors. Ignoring invalid values", lbc.mgmtConfigMap.GetNamespace(), lbc.mgmtConfigMap.GetName())) + lbc.recorder.Event(lbc.mgmtConfigMap, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, fmt.Sprintf("MGMT ConfigMap %s/%s updated with errors. Ignoring invalid values", lbc.mgmtConfigMap.GetNamespace(), lbc.mgmtConfigMap.GetName())) } } @@ -1357,7 +1356,7 @@ func (lbc *LoadBalancerController) processChanges(changes []ResourceChange) { // UpdateVirtualServerStatusAndEventsOnDelete updates the virtual server status and events func (lbc *LoadBalancerController) UpdateVirtualServerStatusAndEventsOnDelete(vsConfig *VirtualServerConfiguration, changeError string, deleteErr error) { eventType := api_v1.EventTypeWarning - eventTitle := "Rejected" + eventTitle := nl.EventReasonRejected eventWarningMessage := "" state := "" @@ -1376,7 +1375,7 @@ func (lbc *LoadBalancerController) UpdateVirtualServerStatusAndEventsOnDelete(vs if eventWarningMessage != "" { if deleteErr != nil { eventType = api_v1.EventTypeWarning - eventTitle = "RejectedWithError" + eventTitle = nl.EventReasonRejectedWithError eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, deleteErr) state = conf_v1.StateInvalid } @@ -1398,7 +1397,7 @@ func (lbc *LoadBalancerController) UpdateVirtualServerStatusAndEventsOnDelete(vs // UpdateIngressStatusAndEventsOnDelete updates the ingress status and events. func (lbc *LoadBalancerController) UpdateIngressStatusAndEventsOnDelete(ingConfig *IngressConfiguration, changeError string, deleteErr error) { - eventTitle := "Rejected" + eventTitle := nl.EventReasonRejected eventWarningMessage := "" // Ingress either became invalid or lost all its hosts @@ -1413,7 +1412,7 @@ func (lbc *LoadBalancerController) UpdateIngressStatusAndEventsOnDelete(ingConfi // (some other Ingress Controller will handle it) if eventWarningMessage != "" { if deleteErr != nil { - eventTitle = "RejectedWithError" + eventTitle = nl.EventReasonRejectedWithError eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, deleteErr) } @@ -1449,27 +1448,27 @@ func (lbc *LoadBalancerController) updateResourcesStatusAndEvents(resources []Re func (lbc *LoadBalancerController) updateMergeableIngressStatusAndEvents(ingConfig *IngressConfiguration, warnings configs.Warnings, operationErr error) { eventType := api_v1.EventTypeNormal - eventTitle := "AddedOrUpdated" + eventTitle := nl.EventReasonAddedOrUpdated eventWarningMessage := "" eventWarningSuffix := "" if len(ingConfig.Warnings) > 0 { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithWarning" + eventTitle = nl.EventReasonAddedOrUpdatedWithWarning eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(ingConfig.Warnings)) eventWarningSuffix = "; " } if messages, ok := warnings[ingConfig.Ingress]; ok { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithWarning" + eventTitle = nl.EventReasonAddedOrUpdatedWithWarning eventWarningMessage = fmt.Sprintf("%s%swith warning(s): %v", eventWarningMessage, eventWarningSuffix, formatWarningMessages(messages)) eventWarningSuffix = "; " } if operationErr != nil { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithError" + eventTitle = nl.EventReasonAddedOrUpdatedWithError eventWarningMessage = fmt.Sprintf("%s%sbut was not applied: %v", eventWarningMessage, eventWarningSuffix, operationErr) } @@ -1483,7 +1482,7 @@ func (lbc *LoadBalancerController) updateMergeableIngressStatusAndEvents(ingConf for _, fm := range ingConfig.Minions { minionEventType := api_v1.EventTypeNormal - minionEventTitle := "AddedOrUpdated" + minionEventTitle := nl.EventReasonAddedOrUpdated minionEventWarningMessage := "" minionEventWarningSuffix := "" @@ -1491,21 +1490,21 @@ func (lbc *LoadBalancerController) updateMergeableIngressStatusAndEvents(ingConf if len(minionChangeWarnings) > 0 { minionEventType = api_v1.EventTypeWarning - minionEventTitle = "AddedOrUpdatedWithWarning" + minionEventTitle = nl.EventReasonAddedOrUpdatedWithWarning minionEventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(minionChangeWarnings)) minionEventWarningSuffix = "; " } if messages, ok := warnings[fm.Ingress]; ok { minionEventType = api_v1.EventTypeWarning - minionEventTitle = "AddedOrUpdatedWithWarning" + minionEventTitle = nl.EventReasonAddedOrUpdatedWithWarning minionEventWarningMessage = fmt.Sprintf("%s%swith warning(s): %v", minionEventWarningMessage, minionEventWarningSuffix, formatWarningMessages(messages)) minionEventWarningSuffix = "; " } if operationErr != nil { minionEventType = api_v1.EventTypeWarning - minionEventTitle = "AddedOrUpdatedWithError" + minionEventTitle = nl.EventReasonAddedOrUpdatedWithError minionEventWarningMessage = fmt.Sprintf("%s%s; but was not applied: %v", minionEventWarningMessage, minionEventWarningSuffix, operationErr) minionEventWarningSuffix = "; " } @@ -1534,24 +1533,24 @@ func (lbc *LoadBalancerController) updateMergeableIngressStatusAndEvents(ingConf func (lbc *LoadBalancerController) updateRegularIngressStatusAndEvents(ingConfig *IngressConfiguration, warnings configs.Warnings, operationErr error) { eventType := api_v1.EventTypeNormal - eventTitle := "AddedOrUpdated" + eventTitle := nl.EventReasonAddedOrUpdated eventWarningMessage := "" if len(ingConfig.Warnings) > 0 { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithWarning" + eventTitle = nl.EventReasonAddedOrUpdatedWithWarning eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(ingConfig.Warnings)) } if messages, ok := warnings[ingConfig.Ingress]; ok { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithWarning" + eventTitle = nl.EventReasonAddedOrUpdatedWithWarning eventWarningMessage = fmt.Sprintf("%s; with warning(s): %v", eventWarningMessage, formatWarningMessages(messages)) } if operationErr != nil { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithError" + eventTitle = nl.EventReasonAddedOrUpdatedWithError eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, operationErr) } @@ -1568,27 +1567,27 @@ func (lbc *LoadBalancerController) updateRegularIngressStatusAndEvents(ingConfig func (lbc *LoadBalancerController) updateVirtualServerStatusAndEvents(vsConfig *VirtualServerConfiguration, warnings configs.Warnings, operationErr error) { eventType := api_v1.EventTypeNormal - eventTitle := "AddedOrUpdated" + eventTitle := nl.EventReasonAddedOrUpdated eventWarningMessage := "" state := conf_v1.StateValid if len(vsConfig.Warnings) > 0 { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithWarning" + eventTitle = nl.EventReasonAddedOrUpdatedWithWarning eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(vsConfig.Warnings)) state = conf_v1.StateWarning } if messages, ok := warnings[vsConfig.VirtualServer]; ok { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithWarning" + eventTitle = nl.EventReasonAddedOrUpdatedWithWarning eventWarningMessage = fmt.Sprintf("%s; with warning(s): %v", eventWarningMessage, formatWarningMessages(messages)) state = conf_v1.StateWarning } if operationErr != nil { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithError" + eventTitle = nl.EventReasonAddedOrUpdatedWithError eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, operationErr) state = conf_v1.StateInvalid } @@ -1605,20 +1604,20 @@ func (lbc *LoadBalancerController) updateVirtualServerStatusAndEvents(vsConfig * for _, vsr := range vsConfig.VirtualServerRoutes { vsrEventType := api_v1.EventTypeNormal - vsrEventTitle := "AddedOrUpdated" + vsrEventTitle := nl.EventReasonAddedOrUpdated vsrEventWarningMessage := "" vsrState := conf_v1.StateValid if messages, ok := warnings[vsr]; ok { vsrEventType = api_v1.EventTypeWarning - vsrEventTitle = "AddedOrUpdatedWithWarning" + vsrEventTitle = nl.EventReasonAddedOrUpdatedWithWarning vsrEventWarningMessage = fmt.Sprintf(" with warning(s): %v", formatWarningMessages(messages)) vsrState = conf_v1.StateWarning } if operationErr != nil { vsrEventType = api_v1.EventTypeWarning - vsrEventTitle = "AddedOrUpdatedWithError" + vsrEventTitle = nl.EventReasonAddedOrUpdatedWithError vsrEventWarningMessage = fmt.Sprintf(" %s; but was not applied:%v", vsrEventWarningMessage, operationErr) vsrState = conf_v1.StateInvalid } @@ -1780,7 +1779,7 @@ func (lbc *LoadBalancerController) syncSecret(task task) { lbc.handleRegularSecretDeletion(resources) } if lbc.isSpecialSecret(key) { - lbc.recorder.Eventf(lbc.metadata.pod, conf_v1.StateWarning, secretDeletedReason, "A special secret [%s] was deleted. Retaining the secret on this pod but this will affect new pods.", key) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonSecretDeleted, "A special secret [%s] was deleted. Retaining the secret on this pod but this will affect new pods.", key) nl.Warnf(lbc.Logger, "A special Secret %v was removed. Retaining the Secret.", key) } return @@ -1853,7 +1852,7 @@ func (lbc *LoadBalancerController) handleSecretUpdate(secret *api_v1.Secret, res warnings, addOrUpdateErr = lbc.configurator.AddOrUpdateResources(resourceExes, !lbc.configurator.DynamicSSLReloadEnabled()) if addOrUpdateErr != nil { nl.Errorf(lbc.Logger, "Error when updating Secret %v: %v", secretNsName, addOrUpdateErr) - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "UpdatedWithError", "%v was updated, but not applied: %v", secretNsName, addOrUpdateErr) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, "%v was updated, but not applied: %v", secretNsName, addOrUpdateErr) } lbc.updateResourcesStatusAndEvents(resources, warnings, addOrUpdateErr) @@ -1884,7 +1883,7 @@ func (lbc *LoadBalancerController) handleSpecialSecretUpdate(secret *api_v1.Secr // When the MGMT Configmap updates, we don't need to reload here, we are reloading in updateAllConfigs(). if !reload { - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeNormal, "SecretUpdated", "the special Secret %v was updated", secretNsName) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeNormal, nl.EventReasonSecretUpdated, "the special Secret %v was updated", secretNsName) return } @@ -1909,7 +1908,7 @@ func (lbc *LoadBalancerController) handleSpecialSecretUpdate(secret *api_v1.Secr } } - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeNormal, "SecretUpdated", "the special Secret %v was updated", secretNsName) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeNormal, nl.EventReasonSecretUpdated, "the special Secret %v was updated", secretNsName) } // writeSpecialSecrets generates content and writes the secret to disk @@ -1924,7 +1923,7 @@ func (lbc *LoadBalancerController) writeSpecialSecrets(secret *api_v1.Secret, sp err := lbc.configurator.AddOrUpdateLicenseSecret(secret) if err != nil { nl.Error(lbc.Logger, err) - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "UpdatedWithError", "the license Secret %v was updated, but not applied: %v", secretNsName, err) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, "the license Secret %v was updated, but not applied: %v", secretNsName, err) return false } case secrets.SecretTypeCA: @@ -1945,7 +1944,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string, err := lbc.validationTLSSpecialSecret(secret, configs.DefaultServerSecretFileName, specialTLSSecretsToUpdate) if err != nil { nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err) - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) return false } } @@ -1953,7 +1952,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string, err := lbc.validationTLSSpecialSecret(secret, configs.WildcardSecretFileName, specialTLSSecretsToUpdate) if err != nil { nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err) - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) return false } } @@ -1961,7 +1960,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string, err := secrets.ValidateLicenseSecret(secret) if err != nil { nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err) - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) return false } } @@ -1969,7 +1968,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string, err := secrets.ValidateCASecret(secret) if err != nil { nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err) - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) return false } } @@ -1977,7 +1976,7 @@ func (lbc *LoadBalancerController) specialSecretValidation(secretNsName string, err := secrets.ValidateTLSSecret(secret) if err != nil { nl.Errorf(lbc.Logger, "Couldn't validate the special Secret %v: %v", secretNsName, err) - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "Rejected", "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonRejected, "the special Secret %v was rejected, using the previous version: %v", secretNsName, err) return false } } @@ -1995,7 +1994,7 @@ func (lbc *LoadBalancerController) performNGINXReload(secret *api_v1.Secret) boo secretNsName := generateSecretNSName(secret) if err := lbc.configurator.Reload(false); err != nil { nl.Errorf(lbc.Logger, "error when reloading NGINX when updating the special Secrets: %v", err) - lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, "UpdatedWithError", "the special Secret %v was updated, but not applied: %v", secretNsName, err) + lbc.recorder.Eventf(lbc.metadata.pod, api_v1.EventTypeWarning, nl.EventReasonUpdatedWithError, "the special Secret %v was updated, but not applied: %v", secretNsName, err) return false } return true @@ -3513,7 +3512,7 @@ func (lbc *LoadBalancerController) haltIfVSConfigInvalid(vsNew *conf_v1.VirtualS p := ConfigurationProblem{ Object: vsNew, IsError: true, - Reason: "Rejected", + Reason: nl.EventReasonRejected, Message: fmt.Sprintf("VirtualServer %s was rejected with error: %s", getResourceKey(&vsNew.ObjectMeta), validationError.Error()), } problems = append(problems, p) diff --git a/internal/k8s/global_configuration.go b/internal/k8s/global_configuration.go index 746173f722..4e87ca1d70 100644 --- a/internal/k8s/global_configuration.go +++ b/internal/k8s/global_configuration.go @@ -87,18 +87,18 @@ func (lbc *LoadBalancerController) syncGlobalConfiguration(task task) { updateErr := lbc.processChangesFromGlobalConfiguration(changes) if gcExists { - eventTitle := "Updated" + eventTitle := nl.EventReasonUpdated eventType := api_v1.EventTypeNormal eventMessage := fmt.Sprintf("GlobalConfiguration %s was added or updated", key) if validationErr != nil { - eventTitle = "AddedOrUpdatedWithError" + eventTitle = nl.EventReasonAddedOrUpdatedWithError eventType = api_v1.EventTypeWarning eventMessage = fmt.Sprintf("GlobalConfiguration %s is updated with errors: %v", key, validationErr) } if updateErr != nil { - eventTitle += "WithError" + eventTitle += nl.EventReasonUpdatedWithError eventType = api_v1.EventTypeWarning eventMessage = fmt.Sprintf("%s; with reload error: %v", eventMessage, updateErr) } diff --git a/internal/k8s/policy.go b/internal/k8s/policy.go index cd74e2c32e..34136e4b4b 100644 --- a/internal/k8s/policy.go +++ b/internal/k8s/policy.go @@ -74,7 +74,7 @@ func (lbc *LoadBalancerController) syncPolicy(task task) { err := validation.ValidatePolicy(pol, lbc.isNginxPlus, lbc.enableOIDC, lbc.appProtectEnabled) if err != nil { msg := fmt.Sprintf("Policy %v/%v is invalid and was rejected: %v", pol.Namespace, pol.Name, err) - lbc.recorder.Eventf(pol, api_v1.EventTypeWarning, "Rejected", msg) + lbc.recorder.Eventf(pol, api_v1.EventTypeWarning, nl.EventReasonRejected, msg) if lbc.reportCustomResourceStatusEnabled() { err = lbc.statusUpdater.UpdatePolicyStatus(pol, conf_v1.StateInvalid, "Rejected", msg) @@ -84,7 +84,7 @@ func (lbc *LoadBalancerController) syncPolicy(task task) { } } else { msg := fmt.Sprintf("Policy %v/%v was added or updated", pol.Namespace, pol.Name) - lbc.recorder.Eventf(pol, api_v1.EventTypeNormal, "AddedOrUpdated", msg) + lbc.recorder.Eventf(pol, api_v1.EventTypeNormal, nl.EventReasonAddedOrUpdated, msg) if lbc.reportCustomResourceStatusEnabled() { err = lbc.statusUpdater.UpdatePolicyStatus(pol, conf_v1.StateValid, "AddedOrUpdated", msg) diff --git a/internal/k8s/transport_server.go b/internal/k8s/transport_server.go index 09061f7699..89a16b3da3 100644 --- a/internal/k8s/transport_server.go +++ b/internal/k8s/transport_server.go @@ -88,7 +88,7 @@ func (lbc *LoadBalancerController) syncTransportServer(task task) { func (lbc *LoadBalancerController) updateTransportServerStatusAndEventsOnDelete(tsConfig *TransportServerConfiguration, changeError string, deleteErr error) { eventType := api_v1.EventTypeWarning - eventTitle := "Rejected" + eventTitle := nl.EventReasonRejected eventWarningMessage := "" var state string @@ -108,7 +108,7 @@ func (lbc *LoadBalancerController) updateTransportServerStatusAndEventsOnDelete( if eventWarningMessage != "" { if deleteErr != nil { eventType = api_v1.EventTypeWarning - eventTitle = "RejectedWithError" + eventTitle = nl.EventReasonRejectedWithError eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, deleteErr) state = conf_v1.StateInvalid } @@ -126,28 +126,28 @@ func (lbc *LoadBalancerController) updateTransportServerStatusAndEventsOnDelete( } func (lbc *LoadBalancerController) updateTransportServerStatusAndEvents(tsConfig *TransportServerConfiguration, warnings configs.Warnings, operationErr error) { - eventTitle := "AddedOrUpdated" + eventTitle := nl.EventReasonAddedOrUpdated eventType := api_v1.EventTypeNormal eventWarningMessage := "" state := conf_v1.StateValid if len(tsConfig.Warnings) > 0 { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithWarning" + eventTitle = nl.EventReasonAddedOrUpdatedWithWarning eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(tsConfig.Warnings)) state = conf_v1.StateWarning } if messages, ok := warnings[tsConfig.TransportServer]; ok { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithWarning" + eventTitle = nl.EventReasonAddedOrUpdatedWithWarning eventWarningMessage = fmt.Sprintf("with warning(s): %s", formatWarningMessages(messages)) state = conf_v1.StateWarning } if operationErr != nil { eventType = api_v1.EventTypeWarning - eventTitle = "AddedOrUpdatedWithError" + eventTitle = nl.EventReasonAddedOrUpdatedWithError eventWarningMessage = fmt.Sprintf("%s; but was not applied: %v", eventWarningMessage, operationErr) state = conf_v1.StateInvalid } diff --git a/internal/license_reporting/license_reporting.go b/internal/license_reporting/license_reporting.go index bc2dcbbfd7..65adce04e2 100644 --- a/internal/license_reporting/license_reporting.go +++ b/internal/license_reporting/license_reporting.go @@ -120,13 +120,13 @@ func (lr *LicenseReporter) checkLicenseExpiry(ctx context.Context) { if expiring, days := licenseExpiring(licenseData); expiring { licenseEventText = fmt.Sprintf("License expiring in %d day(s)", days) nl.Warn(l, licenseEventText) - lr.Config.EventLog.Event(lr.Config.Pod, api_v1.EventTypeWarning, "LicenseExpiry", licenseEventText) + lr.Config.EventLog.Event(lr.Config.Pod, api_v1.EventTypeWarning, nl.EventReasonLicenseExpiry, licenseEventText) } var usageGraceEventText string if ending, days := usageGraceEnding(licenseData); ending { usageGraceEventText = fmt.Sprintf("Usage reporting grace period ending in %d day(s)", days) nl.Warn(l, usageGraceEventText) - lr.Config.EventLog.Event(lr.Config.Pod, api_v1.EventTypeWarning, "UsageGraceEnding", usageGraceEventText) + lr.Config.EventLog.Event(lr.Config.Pod, api_v1.EventTypeWarning, nl.EventReasonUsageGraceEnding, usageGraceEventText) } } diff --git a/internal/logger/events.go b/internal/logger/events.go new file mode 100644 index 0000000000..c980725c8d --- /dev/null +++ b/internal/logger/events.go @@ -0,0 +1,26 @@ +package log + +const ( + EventReasonAddedOrUpdated = "AddedOrUpdated" //nolint:revive + EventReasonAddedOrUpdatedWithError = "AddedOrUpdatedWithError" //nolint:revive + EventReasonAddedOrUpdatedWithWarning = "AddedOrUpdatedWithWarning" //nolint:revive + EventReasonBadConfig = "BadConfig" //nolint:revive + EventReasonCreateDNSEndpoint = "CreateDNSEndpoint" //nolint:revive + EventReasonCreateCertificate = "CreateCertificate" //nolint:revive + EventReasonDeleteCertificate = "DeleteCertificate" //nolint:revive + EventReasonIgnored = "Ignored" //nolint:revive + EventReasonInvalidValue = "InvalidValue" //nolint:revive + EventReasonLicenseExpiry = "LicenseExpiry" //nolint:revive + EventReasonNoIngressMasterFound = "NoIngressMasterFound" //nolint:revive + EventReasonNoVirtualServerFound = "NoVirtualServerFound" //nolint:revive + EventReasonRejected = "Rejected" //nolint:revive + EventReasonRejectedWithError = "RejectedWithError" //nolint:revive + EventReasonSecretDeleted = "SecretDeleted" //nolint:revive + EventReasonSecretUpdated = "SecretUpdated" //nolint:revive + EventReasonUpdated = "Updated" //nolint:revive + EventReasonUpdatedWithError = "UpdatedWithError" //nolint:revive + EventReasonUpdateCertificate = "UpdateCertificate" //nolint:revive + EventReasonUpdateDNSEndpoint = "UpdateDNSEndpoint" //nolint:revive + EventReasonUpdatePodLabel = "UpdatePodLabel" //nolint:revive + EventReasonUsageGraceEnding = "UsageGraceEnding" //nolint:revive +)