Skip to content

Commit 0a79a54

Browse files
gnosekgnosek
authored
serverless-agent: expose priorities control (#483)
* update(serverless-agent): default sidecar mode to auto * new(serverless-agent): expose priority setting * update(serverless-agent): default to non-essential container
1 parent 16529c5 commit 0a79a54

13 files changed

+133
-5
lines changed

sysdig/data_source_sysdig_fargate_ECS_test.go

Lines changed: 19 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,7 @@ func getKiltRecipe(t *testing.T) string {
4949
CollectorHost: "collector_host",
5050
CollectorPort: "collector_port",
5151
SysdigLogging: "sysdig_logging",
52+
Priority: "priority",
5253
}
5354

5455
jsonRecipeConfig, err := json.Marshal(&recipeConfig)
@@ -121,6 +122,12 @@ func TestNewPatchOptions(t *testing.T) {
121122
},
122123
},
123124
},
125+
"priority": {
126+
Type: schema.TypeString,
127+
Description: "The priority of the agent. Can be 'security' or 'availability'",
128+
Default: "availability",
129+
Optional: true,
130+
},
124131
},
125132
}
126133
}
@@ -164,13 +171,24 @@ func TestNewPatchOptions(t *testing.T) {
164171
"stream_prefix": "fried",
165172
"region": "chicken",
166173
},
167-
Essential: true,
174+
Essential: false,
168175
}
169176
actualPatchOptions := newPatchOptions(data)
170177

171178
if !reflect.DeepEqual(expectedPatchOptions, actualPatchOptions) {
172179
t.Errorf("patcConfigurations are not equal. Expected: %v, Actual: %v", expectedPatchOptions, actualPatchOptions)
173180
}
181+
182+
err = data.Set("priority", "security")
183+
if err != nil {
184+
assert.FailNow(t, fmt.Sprintf("Could not set priority, got error: %v", err))
185+
}
186+
expectedPatchOptions.Essential = true
187+
actualPatchOptions = newPatchOptions(data)
188+
189+
if !reflect.DeepEqual(expectedPatchOptions, actualPatchOptions) {
190+
t.Errorf("patcConfigurations are not equal. Expected: %v, Actual: %v", expectedPatchOptions, actualPatchOptions)
191+
}
174192
}
175193

176194
func getSidecarConfig() string {

sysdig/data_source_sysdig_fargate_workload_agent.go

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ const agentinoKiltDefinition = `build {
2727
"SYSDIG_ACCESS_KEY": ${config.sysdig_access_key}
2828
"SYSDIG_LOGGING": ${config.sysdig_logging}
2929
"SYSDIG_SIDECAR": ${config.sidecar}
30+
"SYSDIG_PRIORITY": ${config.priority}
3031
}
3132
capabilities: ["SYS_PTRACE"]
3233
mount: [
@@ -129,14 +130,19 @@ func dataSourceSysdigFargateWorkloadAgent() *schema.Resource {
129130
"sidecar": {
130131
Type: schema.TypeString,
131132
Description: "Sidecar mode: auto/force/(empty string)",
132-
Default: "", // we will want to change this to "auto" eventually
133+
Default: "auto",
134+
Optional: true,
135+
},
136+
"priority": {
137+
Type: schema.TypeString,
138+
Description: "The priority of the agent. Can be 'security' or 'availability'",
139+
Default: "availability",
133140
Optional: true,
134141
},
135-
136142
"instrumentation_essential": {
137143
Type: schema.TypeBool,
138144
Description: "Should the instrumentation container be marked as essential",
139-
Default: true,
145+
Default: false,
140146
Optional: true,
141147
},
142148
"instrumentation_cpu": {
@@ -362,6 +368,7 @@ type KiltRecipeConfig struct {
362368
CollectorPort string `json:"collector_port"`
363369
SysdigLogging string `json:"sysdig_logging"`
364370
Sidecar string `json:"sidecar"`
371+
Priority string `json:"priority"`
365372
}
366373

367374
type patchOptions struct {
@@ -404,7 +411,8 @@ func newPatchOptions(d *schema.ResourceData) *patchOptions {
404411
if essential := d.Get("instrumentation_essential"); essential != nil {
405412
opts.Essential = essential.(bool)
406413
} else {
407-
opts.Essential = true
414+
priority := d.Get("priority").(string)
415+
opts.Essential = priority == "security"
408416
}
409417

410418
if cpuShares := d.Get("instrumentation_cpu"); cpuShares != nil {
@@ -429,6 +437,11 @@ func newPatchOptions(d *schema.ResourceData) *patchOptions {
429437
}
430438

431439
func dataSourceSysdigFargateWorkloadAgentRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
440+
priority := d.Get("priority").(string)
441+
if priority != "security" && priority != "availability" {
442+
return diag.Errorf("Invalid priority: %s. must be either \"security\" or \"availability\"", priority)
443+
}
444+
432445
recipeConfig := KiltRecipeConfig{
433446
SysdigAccessKey: d.Get("sysdig_access_key").(string),
434447
AgentImage: d.Get("workload_agent_image").(string),
@@ -438,6 +451,7 @@ func dataSourceSysdigFargateWorkloadAgentRead(ctx context.Context, d *schema.Res
438451
CollectorPort: d.Get("collector_port").(string),
439452
SysdigLogging: d.Get("sysdig_logging").(string),
440453
Sidecar: d.Get("sidecar").(string),
454+
Priority: priority,
441455
}
442456

443457
jsonConf, err := json.Marshal(&recipeConfig)

sysdig/testfiles/ECSInstrumented.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,10 @@
1919
"Name": "SYSDIG_LOGGING",
2020
"Value": "sysdig_logging"
2121
},
22+
{
23+
"Name": "SYSDIG_PRIORITY",
24+
"Value": "priority"
25+
},
2226
{
2327
"Name": "SYSDIG_SIDECAR",
2428
"Value": ""
@@ -90,6 +94,10 @@
9094
"Name": "SYSDIG_LOGGING",
9195
"Value": "sysdig_logging"
9296
},
97+
{
98+
"Name": "SYSDIG_PRIORITY",
99+
"Value": "priority"
100+
},
93101
{
94102
"Name": "SYSDIG_SIDECAR",
95103
"Value": ""

sysdig/testfiles/fargate_bare_pdig_expected.json

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,10 @@
2929
"Name": "SYSDIG_LOGGING",
3030
"Value": "sysdig_logging"
3131
},
32+
{
33+
"Name": "SYSDIG_PRIORITY",
34+
"Value": "priority"
35+
},
3236
{
3337
"Name": "SYSDIG_SIDECAR",
3438
"Value": ""
@@ -90,6 +94,10 @@
9094
"Name": "SYSDIG_LOGGING",
9195
"Value": "sysdig_logging"
9296
},
97+
{
98+
"Name": "SYSDIG_PRIORITY",
99+
"Value": "priority"
100+
},
93101
{
94102
"Name": "SYSDIG_SIDECAR",
95103
"Value": ""
@@ -172,6 +180,10 @@
172180
"Name": "SYSDIG_LOGGING",
173181
"Value": "sysdig_logging"
174182
},
183+
{
184+
"Name": "SYSDIG_PRIORITY",
185+
"Value": "priority"
186+
},
175187
{
176188
"Name": "SYSDIG_SIDECAR",
177189
"Value": ""

sysdig/testfiles/fargate_cmd_test_expected.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,10 @@
3232
"Name": "SYSDIG_LOGGING",
3333
"Value": "sysdig_logging"
3434
},
35+
{
36+
"Name": "SYSDIG_PRIORITY",
37+
"Value": "priority"
38+
},
3539
{
3640
"Name": "SYSDIG_SIDECAR",
3741
"Value": ""
@@ -85,6 +89,10 @@
8589
"Name": "SYSDIG_LOGGING",
8690
"Value": "sysdig_logging"
8791
},
92+
{
93+
"Name": "SYSDIG_PRIORITY",
94+
"Value": "priority"
95+
},
8896
{
8997
"Name": "SYSDIG_SIDECAR",
9098
"Value": ""

sysdig/testfiles/fargate_combined_test_expected.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,10 @@
3232
"Name": "SYSDIG_LOGGING",
3333
"Value": "sysdig_logging"
3434
},
35+
{
36+
"Name": "SYSDIG_PRIORITY",
37+
"Value": "priority"
38+
},
3539
{
3640
"Name": "SYSDIG_SIDECAR",
3741
"Value": ""
@@ -97,6 +101,10 @@
97101
"Name": "SYSDIG_LOGGING",
98102
"Value": "sysdig_logging"
99103
},
104+
{
105+
"Name": "SYSDIG_PRIORITY",
106+
"Value": "priority"
107+
},
100108
{
101109
"Name": "SYSDIG_SIDECAR",
102110
"Value": ""

sysdig/testfiles/fargate_entrypoint_test_expected.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,10 @@
2929
"Name": "SYSDIG_LOGGING",
3030
"Value": "sysdig_logging"
3131
},
32+
{
33+
"Name": "SYSDIG_PRIORITY",
34+
"Value": "priority"
35+
},
3236
{
3337
"Name": "SYSDIG_SIDECAR",
3438
"Value": ""
@@ -82,6 +86,10 @@
8286
"Name": "SYSDIG_LOGGING",
8387
"Value": "sysdig_logging"
8488
},
89+
{
90+
"Name": "SYSDIG_PRIORITY",
91+
"Value": "priority"
92+
},
8593
{
8694
"Name": "SYSDIG_SIDECAR",
8795
"Value": ""

sysdig/testfiles/fargate_env_test_expected.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,10 @@
2929
"Name": "SYSDIG_LOGGING",
3030
"Value": "sysdig_logging"
3131
},
32+
{
33+
"Name": "SYSDIG_PRIORITY",
34+
"Value": "priority"
35+
},
3236
{
3337
"Name": "SYSDIG_SIDECAR",
3438
"Value": ""
@@ -90,6 +94,10 @@
9094
"Name": "SYSDIG_LOGGING",
9195
"Value": "sysdig_logging"
9296
},
97+
{
98+
"Name": "SYSDIG_PRIORITY",
99+
"Value": "priority"
100+
},
93101
{
94102
"Name": "SYSDIG_SIDECAR",
95103
"Value": ""

sysdig/testfiles/fargate_field_case_test_expected.json

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,10 @@
2929
"Name": "SYSDIG_LOGGING",
3030
"Value": "sysdig_logging"
3131
},
32+
{
33+
"Name": "SYSDIG_PRIORITY",
34+
"Value": "priority"
35+
},
3236
{
3337
"Name": "SYSDIG_SIDECAR",
3438
"Value": ""
@@ -82,6 +86,10 @@
8286
"Name": "SYSDIG_LOGGING",
8387
"Value": "sysdig_logging"
8488
},
89+
{
90+
"Name": "SYSDIG_PRIORITY",
91+
"Value": "priority"
92+
},
8593
{
8694
"Name": "SYSDIG_SIDECAR",
8795
"Value": ""
@@ -135,6 +143,10 @@
135143
"Name": "SYSDIG_LOGGING",
136144
"Value": "sysdig_logging"
137145
},
146+
{
147+
"Name": "SYSDIG_PRIORITY",
148+
"Value": "priority"
149+
},
138150
{
139151
"Name": "SYSDIG_SIDECAR",
140152
"Value": ""

sysdig/testfiles/fargate_ignore_container_test_expected.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,10 @@
2929
"Name": "SYSDIG_LOGGING",
3030
"Value": "sysdig_logging"
3131
},
32+
{
33+
"Name": "SYSDIG_PRIORITY",
34+
"Value": "priority"
35+
},
3236
{
3337
"Name": "SYSDIG_SIDECAR",
3438
"Value": ""
@@ -96,6 +100,10 @@
96100
"Name": "SYSDIG_LOGGING",
97101
"Value": "sysdig_logging"
98102
},
103+
{
104+
"Name": "SYSDIG_PRIORITY",
105+
"Value": "priority"
106+
},
99107
{
100108
"Name": "SYSDIG_SIDECAR",
101109
"Value": ""

0 commit comments

Comments
 (0)