Skip to content

Arbitrary secret key refs and templating in collectors #1895

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Oct 13, 2025
Merged

Arbitrary secret key refs and templating in collectors #1895

merged 8 commits into from
Oct 13, 2025

Conversation

NoaheCampbell
Copy link
Contributor

Description, Motivation and Context

Enable collectors that require sensitive connection details, like passwords and TLS certs, without embedding them in specs, unlocking DB diagnostics in production clusters.

Based off of this issue:
https://github.com/replicated-collab/cohere-replicated/issues/48

Checklist

  • New and existing tests pass locally with introduced changes.
  • Tests for the changes have been added (for bug fixes / features)
  • The commit message(s) are informative and highlight any breaking changes
  • Any documentation required has been added/updated. For changes to https://troubleshoot.sh/ create a PR here

Does this PR introduce a breaking change?

  • Yes
  • No

@NoaheCampbell NoaheCampbell added the type::feature New feature or request label Oct 10, 2025
cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

@NoaheCampbell NoaheCampbell force-pushed the Arbitrary-secretKey-refs-and-templating-in-collectors branch from d7c6cf8 to 55dbd2a Compare October 10, 2025 22:15
cursor[bot]

This comment was marked as outdated.

Sign in to view

@NoaheCampbell NoaheCampbell removed the type::feature New feature or request label Oct 10, 2025
@NoaheCampbell NoaheCampbell added the type::feature New feature or request label Oct 10, 2025
@NoaheCampbell
Copy link
Contributor Author

NoaheCampbell commented Oct 10, 2025
edited
Loading

As an example, you can create a cluster using the replicated CLI and run

kubectl apply -f troubleshoot/test-v1beta3-secret.yaml

to apply the secrets there, and then run

support-bundle troubleshoot/test-v1beta3-bundle.yaml

which will generate a support bundle with the following files and content

postgres-with-secret.json

{"isConnected":false,"error":"failed to connect to `user=testuser database=testdb`: hostname resolving error: lookup postgres.example.com on 192.168.86.1:53: no such host"}

bennyyang11
bennyyang11 reviewed Oct 13, 2025
View reviewed changes
pkg/apis/troubleshoot/v1beta3/collector_shared.go
// These will be properly defined as we expand v1beta3 support
type AfterCollection struct {
CollectorMeta `json:",inline" yaml:",inline"`
// TODO: Add fields as needed
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are a few TODOs here. Are these needed at all.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The structs are needed as there was a problem with how v1beta3 was loaded previously, since it wasnt using the loader like v1beta2 was apparently, and adding a lot of fields here would take a lot of extra time to do and test and be too much of a branch for this PR so I left them as TODOs after confirming it still behaves the same

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good

bennyyang11
bennyyang11 approved these changes Oct 13, 2025
View reviewed changes
Copy link
Contributor

@bennyyang11 bennyyang11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me

@NoaheCampbell NoaheCampbell merged commit b7f499c into main Oct 13, 2025
21 of 22 checks passed
@NoaheCampbell NoaheCampbell deleted the Arbitrary-secretKey-refs-and-templating-in-collectors branch October 13, 2025 17:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@bennyyang11 bennyyang11 bennyyang11 approved these changes

Assignees

No one assigned

Labels

type::feature New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@NoaheCampbell @bennyyang11