Skip to content

WIP: remove runtime extractor manifests for testing #1260

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
opokornyy wants to merge 4 commits into
base: master
Choose a base branch
from
+77 −203
Draft

WIP: remove runtime extractor manifests for testing #1260

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1e82f91
feat: update go.mod golang version
opokornyy Apr 27, 2026
8549cf1
fix: add linter exception for deprecated func
opokornyy Apr 27, 2026
538f746
feat: remove runtime extractor manifests
opokornyy Apr 28, 2026
b31220e
feat(manifests): add ENVs for runtime-extractor
opokornyy Apr 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cmd/gendoc/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ func walkDir(cleanRoot string, md map[string]*DocBlock) error {
return nil
}
}
d, err := parser.ParseDir(fset, path, nil, parser.ParseComments)
d, err := parser.ParseDir(fset, path, nil, parser.ParseComments) //nolint:staticcheck // SA1019: deprecated but functional
if err != nil {
fmt.Println(err)
return nil
Expand Down
4 changes: 1 addition & 3 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
module github.com/openshift/insights-operator

go 1.24.6

toolchain go1.24.10
go 1.25.0

require (
github.com/blang/semver/v4 v4.0.0
Expand Down
144 changes: 75 additions & 69 deletions manifests/06-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,75 +33,81 @@ spec:
kubernetes.io/os: linux
node-role.kubernetes.io/master: ""
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 900
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 900
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 900
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 900
volumes:
- emptyDir: {}
name: tmp
- name: snapshots
emptyDir: {}
#sizeLimit: 1Gi # bug https://bugzilla.redhat.com/show_bug.cgi?id=1713207
- name: trusted-ca-bundle
configMap:
name: trusted-ca-bundle
optional: true
- name: service-ca-bundle
configMap:
name: service-ca-bundle
optional: true
- name: serving-cert
secret:
secretName: openshift-insights-serving-cert
optional: true
containers:
- name: insights-operator
securityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
image: quay.io/openshift/origin-insights-operator:latest
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- mountPath: /tmp
- emptyDir: {}
name: tmp
- name: snapshots
mountPath: /var/lib/insights-operator
- mountPath: /var/run/configmaps/trusted-ca-bundle
name: trusted-ca-bundle
readOnly: true
- mountPath: /var/run/configmaps/service-ca-bundle
name: service-ca-bundle
readOnly: true
- mountPath: /var/run/secrets/serving-cert
name: serving-cert
ports:
- containerPort: 8443
name: metrics
resources:
requests:
cpu: 10m
memory: 54Mi
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: RELEASE_VERSION
value: "0.0.1-snapshot"
args:
- start
- --config=/etc/insights-operator/server.yaml
emptyDir: {}
#sizeLimit: 1Gi # bug https://bugzilla.redhat.com/show_bug.cgi?id=1713207
- name: trusted-ca-bundle
configMap:
name: trusted-ca-bundle
optional: true
- name: service-ca-bundle
configMap:
name: service-ca-bundle
optional: true
- name: serving-cert
secret:
secretName: openshift-insights-serving-cert
optional: true
containers:
- name: insights-operator
securityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
image: quay.io/openshift/origin-insights-operator:latest
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- mountPath: /tmp
name: tmp
- name: snapshots
mountPath: /var/lib/insights-operator
- mountPath: /var/run/configmaps/trusted-ca-bundle
name: trusted-ca-bundle
readOnly: true
- mountPath: /var/run/configmaps/service-ca-bundle
name: service-ca-bundle
readOnly: true
- mountPath: /var/run/secrets/serving-cert
name: serving-cert
ports:
- containerPort: 8443
name: metrics
resources:
requests:
cpu: 10m
memory: 54Mi
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: RELEASE_VERSION
value: "0.0.1-snapshot"
- name: RELATED_IMAGE_INSIGHTS_RUNTIME_EXTRACTOR
value: quay.io/openshift/origin-insights-runtime-extractor:latest
- name: RELATED_IMAGE_INSIGHTS_RUNTIME_EXPORTER
value: quay.io/openshift/origin-insights-runtime-exporter:latest
- name: RELATED_IMAGE_KUBE_RBAC_PROXY
value: quay.io/openshift/origin-kube-rbac-proxy:latest
Comment on lines +105 to +110
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# 1) Confirm code reads the three env vars added in manifests/06-deployment.yaml
rg -n --type=go -C3 'Getenv\("RELATED_IMAGE_(INSIGHTS_RUNTIME_EXTRACTOR|INSIGHTS_RUNTIME_EXPORTER|KUBE_RBAC_PROXY)"\)'

# 2) Find where runtime-extractor/runtime-exporter/kube-rbac-proxy images are composed/applied
rg -n --type=go -C3 'insights-runtime-extractor|insights-runtime-exporter|kube-rbac-proxy|RELATED_IMAGE_'

# 3) Locate the reconciler/build path for Kubernetes objects that should now use those env vars
rg -n --type=go -C3 'DaemonSet|Deployment|Service|Create|Apply|Reconcile'

Repository: openshift/insights-operator

Length of output: 1797

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Search for usage of the three RELATED_IMAGE env vars
echo "=== Searching for env var reads ==="
rg -n --type=go 'RELATED_IMAGE_(INSIGHTS_RUNTIME_EXTRACTOR|INSIGHTS_RUNTIME_EXPORTER|KUBE_RBAC_PROXY)' -C 3

echo -e "\n=== Searching for Getenv usage ==="
rg -n --type=go 'Getenv.*RELATED_IMAGE' -C 3

echo -e "\n=== Searching for runtime-extractor image references ==="
rg -n --type=go 'insights-runtime-extractor.*image|runtime-extractor.*image' -C 3

echo -e "\n=== Searching for deployment reconciliation with runtime ==="
rg -n --type=go 'runtime.*Deployment|DaemonSet.*runtime' -C 3

Repository: openshift/insights-operator

Length of output: 107

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== Searching for any RELATED_IMAGE in entire codebase ==="
rg -n 'RELATED_IMAGE' -C 3

echo -e "\n=== Checking manifests directory structure ==="
fd -t f '.*\.yaml' manifests/ | head -20

echo -e "\n=== Looking at manifests/06-deployment.yaml for full context ==="
cat manifests/06-deployment.yaml | head -150

echo -e "\n=== Searching for references to runtime-extractor deployment ==="
rg -n 'runtime.extractor|runtime-extractor' -i -C 3

echo -e "\n=== Searching for manifest application/reconciliation logic ==="
rg -n 'manifest|yaml|apply.*manifest' --type=go -i -C 2 | head -50

Repository: openshift/insights-operator

Length of output: 27643

The RELATED_IMAGE_ environment variables are not consumed by any code in the codebase.*

No reconciliation logic reads these three environment variables (RELATED_IMAGE_INSIGHTS_RUNTIME_EXTRACTOR, RELATED_IMAGE_INSIGHTS_RUNTIME_EXPORTER, RELATED_IMAGE_KUBE_RBAC_PROXY). Additionally, the deployment or DaemonSet manifest for the runtime-extractor workload itself is missing from the manifests directory.

While support manifests exist (ServiceAccount, ClusterRole, Service in manifests/03-*.yaml and manifests/10-*), there is no manifest or controller logic to actually deploy the runtime-extractor pods. The gathering code in pkg/gatherers/workloads/gather_workloads_runtime_infos.go expects these pods to exist and will fail with "no running pods found for the insights-runtime-extractor statefulset" if they are missing.

After removing manifests/10-insights-runtime-extractor.yaml, either:

  1. Add a deployment/DaemonSet manifest for runtime-extractor with proper pod labels and image references, or
  2. Implement reconciliation logic in the operator controller to create these workloads using the image values from the environment variables

Without one of these, runtime gathering will fail at deployment time.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@manifests/06-deployment.yaml` around lines 105 - 110, The manifests include
RELATED_IMAGE_INSIGHTS_RUNTIME_EXTRACTOR,
RELATED_IMAGE_INSIGHTS_RUNTIME_EXPORTER, and RELATED_IMAGE_KUBE_RBAC_PROXY env
vars but no workload manifest or reconciliation uses them; either (A) add a
runtime-extractor workload manifest (Deployment or DaemonSet) that uses those
env vars as the image values and sets the expected pod labels referenced by
pkg/gatherers/workloads/gather_workloads_runtime_infos.go so the gatherer finds
running pods, or (B) implement controller reconciliation in the operator to
create/update the runtime-extractor workload using the env vars
(RELATED_IMAGE_INSIGHTS_RUNTIME_EXTRACTOR,
RELATED_IMAGE_INSIGHTS_RUNTIME_EXPORTER, RELATED_IMAGE_KUBE_RBAC_PROXY) and
ensure the created pods have the labels and owner refs the gatherer expects;
update tests and manifests accordingly so the gatherer no longer errors with “no
running pods found for the insights-runtime-extractor statefulset.”

args:
- start
- --config=/etc/insights-operator/server.yaml
130 changes: 0 additions & 130 deletions manifests/10-insights-runtime-extractor.yaml
View file
Open in desktop

This file was deleted.