Allow for disabling any disruption kind (#903)

Author: ptnapoleon

api/v1beta1/disruption_webhook.go

@@ -10,6 +10,8 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"reflect"
+	"slices"
 	"strings"
 	"time"
 
@@ -47,6 +49,7 @@ var (
 	defaultClusterThreshold         float64
 	allowNodeLevel                  bool
 	allowNodeFailure                bool
+	disabledDisruptions             []string
 	handlerEnabled                  bool
 	maxDuration                     time.Duration
 	defaultDuration                 time.Duration
@@ -80,6 +83,7 @@ func (r *Disruption) SetupWebhookWithManager(setupWebhookConfig utils.SetupWebho
 	deleteOnly = setupWebhookConfig.DeleteOnlyFlag
 	allowNodeFailure = setupWebhookConfig.AllowNodeFailure
 	allowNodeLevel = setupWebhookConfig.AllowNodeLevel
+	disabledDisruptions = setupWebhookConfig.DisabledDisruptions
 	enableSafemode = setupWebhookConfig.EnableSafemodeFlag
 	defaultNamespaceThreshold = float64(setupWebhookConfig.NamespaceThresholdFlag) / 100.0
 	defaultClusterThreshold = float64(setupWebhookConfig.ClusterThresholdFlag) / 100.0
@@ -232,6 +236,10 @@ func (r *Disruption) ValidateCreate() (admission.Warnings, error) {
 		return nil, multierror.Prefix(multiErr, "ddmark: ")
 	}
 
+	if err = checkForDisabledDisruptions(r); err != nil {
+		return nil, err
+	}
+
 	// handle initial safety nets
 	if enableSafemode {
 		if responses, err := r.initialSafetyNets(); err != nil {
@@ -663,3 +671,18 @@ func safetyNetAttemptsNodeRootDiskFailure(r *Disruption) bool {
 
 	return false
 }
+
+// checkForDisabledDisruptions returns an error if `r` specifies any of the disruption kinds in setupWebhookConfig.DisabledDisruptions
+func checkForDisabledDisruptions(r *Disruption) error {
+	for _, disKind := range chaostypes.DisruptionKindNames {
+		if subspec := r.Spec.DisruptionKindPicker(disKind); reflect.ValueOf(subspec).IsNil() {
+			continue
+		}
+
+		if slices.Contains(disabledDisruptions, string(disKind)) {
+			return fmt.Errorf("disruption kind %s is currently disabled", disKind)
+		}
+	}
+
+	return nil
+}

api/v1beta1/disruption_webhook_test.go

@@ -285,6 +285,7 @@ var _ = Describe("Disruption Webhook", func() {
 				k8sClient = nil
 				newDisruption = nil
 				permittedUserGroups = map[string]struct{}{}
+				disabledDisruptions = []string{}
 			})
 
 			When("disruption has delete-only mode enable", func() {
@@ -532,6 +533,18 @@ var _ = Describe("Disruption Webhook", func() {
 					Expect(ddmarkMock.AssertNumberOfCalls(GinkgoT(), "ValidateStructMultierror", 1)).To(BeTrue())
 				})
 			})
+
+			When("controller has network-disruptions disabled", func() {
+				It("should return an error which denies the creation of a new disruption", func() {
+					ddmarkMock.EXPECT().ValidateStructMultierror(mock.Anything, mock.Anything).Return(&multierror.Error{}).Once()
+					disabledDisruptions = []string{"network-disruption"}
+
+					_, err := newDisruption.ValidateCreate()
+
+					Expect(err).Should(HaveOccurred())
+					Expect(err.Error()).Should(HavePrefix("disruption kind network-disruption is currently disabled"))
+				})
+			})
 		})
 
 		Describe("expectations with node disruptions", func() {

chart/templates/configmap.yaml

@@ -75,6 +75,10 @@ data:
       disruptionCronEnabled: {{ .Values.controller.disruptionCronEnabled }}
       disruptionRolloutEnabled: {{ .Values.controller.disruptionRolloutEnabled }}
       disruptionDeletionTimeout: {{ .Values.controller.disruptionDeletionTimeout }}
+      disabledDisruptions:
+      {{- range $index, $kind := .Values.controller.disabledDisruptions }}
+        {{ $kind }}
+      {{- end }}
     injector:
       image: {{ template "chaos-controller.format-image" deepCopy .Values.global.chaos.defaultImage | merge .Values.global.oci | merge .Values.injector.image }}
       imagePullSecrets: {{ .Values.injector.image.pullSecrets }}

chart/values.yaml

@@ -89,6 +89,9 @@ controller:
   disruptionRolloutEnabled: false
   disruptionDeletionTimeout: 15m # The duration after which a disruption will be marked as "stuck on removal" if its removal process exceeds this duration.
   aggregateToClusterRole: false # If this is true two aggregated cluster roles are created for viewing and editing (https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles)
+# disabledDisruptions: # List of disruption kinds to disable at admission
+#   - dns-disruption
+#   - node-failure
 injector:
   image:
     repo: chaos-injector

config/config.go

@@ -44,6 +44,7 @@ type controllerConfig struct {
 	DisruptionCronEnabled     bool                            `json:"disruptionCronEnabled"`
 	DisruptionRolloutEnabled  bool                            `json:"disruptionRolloutEnabled"`
 	DisruptionDeletionTimeout time.Duration                   `json:"disruptionDeletionTimeout"`
+	DisabledDisruptions       []string                        `json:"disabledDisruptions"`
 }
 
 type controllerWebhookConfig struct {
@@ -370,6 +371,12 @@ func New(logger *zap.SugaredLogger, osArgs []string) (config, error) {
 		return cfg, err
 	}
 
+	mainFS.StringSliceVar(&cfg.Controller.DisabledDisruptions, "disabled-disruptions", []string{}, "List of Disruption Kinds to disable. These should match their kind names from types.go: e.g., `dns-disruption`, `container-failure`, etc. ")
+
+	if err := viper.BindPFlag("controller.disabledDisruptions", mainFS.Lookup("disabled-disruptions")); err != nil {
+		return cfg, err
+	}
+
 	mainFS.StringVar(&cfg.Controller.SafeMode.Environment, "safemode-environment", "", "Specify the 'location' this controller is run in. All disruptions must have an annotation of chaos.datadoghq.com/environment configured with this location to be allowed to create")
 
 	if err := viper.BindPFlag("controller.safeMode.environment", mainFS.Lookup("safemode-environment")); err != nil {

main.go

@@ -340,6 +340,7 @@ func main() {
 		EnableSafemodeFlag:            cfg.Controller.SafeMode.Enable,
 		AllowNodeFailure:              cfg.Controller.SafeMode.AllowNodeFailure,
 		AllowNodeLevel:                cfg.Controller.SafeMode.AllowNodeLevel,
+		DisabledDisruptions:           cfg.Controller.DisabledDisruptions,
 		DeleteOnlyFlag:                cfg.Controller.DeleteOnly,
 		HandlerEnabledFlag:            cfg.Handler.Enabled,
 		DefaultDurationFlag:           cfg.Controller.DefaultDuration,

utils/utils.go

@@ -50,6 +50,7 @@ type SetupWebhookWithManagerConfig struct {
 	EnableSafemodeFlag            bool
 	AllowNodeLevel                bool
 	AllowNodeFailure              bool
+	DisabledDisruptions           []string
 	DeleteOnlyFlag                bool
 	HandlerEnabledFlag            bool
 	DefaultDurationFlag           time.Duration