Add fields to header (#3992)

* Crunchy Bridge clusters managed
* Features gates enabled
* Registration token
* Build metadata

Issues: [PGO-1610, PGO-1616, PGO-1618]

Author: benjaminjb

Makefile

@@ -136,6 +136,9 @@ deploy-dev: createnamespaces
 		CHECK_FOR_UPGRADES='$(if $(CHECK_FOR_UPGRADES),$(CHECK_FOR_UPGRADES),false)' \
 		KUBECONFIG=hack/.kube/postgres-operator/pgo \
 		PGO_NAMESPACE='postgres-operator' \
+		PGO_INSTALLER='deploy-dev' \
+		PGO_INSTALLER_ORIGIN='postgres-operator-repo' \
+		BUILD_SOURCE='build-postgres-operator' \
 		$(shell kubectl kustomize ./config/dev | \
 			sed -ne '/^kind: Deployment/,/^---/ { \
 				/RELATED_IMAGE_/ { N; s,.*\(RELATED_[^[:space:]]*\).*value:[[:space:]]*\([^[:space:]]*\),\1="\2",; p; }; \

cmd/postgres-operator/main.go

@@ -168,7 +168,7 @@ func main() {
 	registrar, err := registration.NewRunner(os.Getenv("RSA_KEY"), os.Getenv("TOKEN_PATH"), shutdown)
 	assertNoError(err)
 	assertNoError(mgr.Add(registrar))
-	_ = registrar.CheckToken()
+	token, _ := registrar.CheckToken()
 
 	// add all PostgreSQL Operator controllers to the runtime manager
 	addControllersToManager(mgr, openshift, log, registrar)
@@ -188,8 +188,14 @@ func main() {
 	if !upgradeCheckingDisabled {
 		log.Info("upgrade checking enabled")
 		// get the URL for the check for upgrades endpoint if set in the env
-		assertNoError(upgradecheck.ManagedScheduler(mgr,
-			openshift, os.Getenv("CHECK_FOR_UPGRADES_URL"), versionString))
+		assertNoError(
+			upgradecheck.ManagedScheduler(
+				mgr,
+				openshift,
+				os.Getenv("CHECK_FOR_UPGRADES_URL"),
+				versionString,
+				token,
+			))
 	} else {
 		log.Info("upgrade checking disabled")
 	}

config/manager/manager.yaml

@@ -12,6 +12,10 @@ spec:
       - name: operator
         image: postgres-operator
         env:
+        - name: PGO_INSTALLER
+          value: kustomize
+        - name: PGO_INSTALLER_ORIGIN
+          value: postgres-operator-repo
         - name: PGO_NAMESPACE
           valueFrom:
             fieldRef:

internal/config/config_test.go

@@ -14,30 +14,6 @@ import (
 	"github.com/crunchydata/postgres-operator/pkg/apis/postgres-operator.crunchydata.com/v1beta1"
 )
 
-func saveEnv(t testing.TB, key string) {
-	t.Helper()
-	previous, ok := os.LookupEnv(key)
-	t.Cleanup(func() {
-		if ok {
-			os.Setenv(key, previous)
-		} else {
-			os.Unsetenv(key)
-		}
-	})
-}
-
-func setEnv(t testing.TB, key, value string) {
-	t.Helper()
-	saveEnv(t, key)
-	assert.NilError(t, os.Setenv(key, value))
-}
-
-func unsetEnv(t testing.TB, key string) {
-	t.Helper()
-	saveEnv(t, key)
-	assert.NilError(t, os.Unsetenv(key))
-}
-
 func TestFetchKeyCommand(t *testing.T) {
 
 	spec1 := v1beta1.PostgresClusterSpec{}
@@ -106,13 +82,14 @@ func TestFetchKeyCommand(t *testing.T) {
 func TestPGAdminContainerImage(t *testing.T) {
 	cluster := &v1beta1.PostgresCluster{}
 
-	unsetEnv(t, "RELATED_IMAGE_PGADMIN")
+	t.Setenv("RELATED_IMAGE_PGADMIN", "")
+	os.Unsetenv("RELATED_IMAGE_PGADMIN")
 	assert.Equal(t, PGAdminContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_PGADMIN", "")
+	t.Setenv("RELATED_IMAGE_PGADMIN", "")
 	assert.Equal(t, PGAdminContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_PGADMIN", "env-var-pgadmin")
+	t.Setenv("RELATED_IMAGE_PGADMIN", "env-var-pgadmin")
 	assert.Equal(t, PGAdminContainerImage(cluster), "env-var-pgadmin")
 
 	assert.NilError(t, yaml.Unmarshal([]byte(`{
@@ -124,13 +101,14 @@ func TestPGAdminContainerImage(t *testing.T) {
 func TestPGBackRestContainerImage(t *testing.T) {
 	cluster := &v1beta1.PostgresCluster{}
 
-	unsetEnv(t, "RELATED_IMAGE_PGBACKREST")
+	t.Setenv("RELATED_IMAGE_PGBACKREST", "")
+	os.Unsetenv("RELATED_IMAGE_PGBACKREST")
 	assert.Equal(t, PGBackRestContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_PGBACKREST", "")
+	t.Setenv("RELATED_IMAGE_PGBACKREST", "")
 	assert.Equal(t, PGBackRestContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_PGBACKREST", "env-var-pgbackrest")
+	t.Setenv("RELATED_IMAGE_PGBACKREST", "env-var-pgbackrest")
 	assert.Equal(t, PGBackRestContainerImage(cluster), "env-var-pgbackrest")
 
 	assert.NilError(t, yaml.Unmarshal([]byte(`{
@@ -142,13 +120,14 @@ func TestPGBackRestContainerImage(t *testing.T) {
 func TestPGBouncerContainerImage(t *testing.T) {
 	cluster := &v1beta1.PostgresCluster{}
 
-	unsetEnv(t, "RELATED_IMAGE_PGBOUNCER")
+	t.Setenv("RELATED_IMAGE_PGBOUNCER", "")
+	os.Unsetenv("RELATED_IMAGE_PGBOUNCER")
 	assert.Equal(t, PGBouncerContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_PGBOUNCER", "")
+	t.Setenv("RELATED_IMAGE_PGBOUNCER", "")
 	assert.Equal(t, PGBouncerContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_PGBOUNCER", "env-var-pgbouncer")
+	t.Setenv("RELATED_IMAGE_PGBOUNCER", "env-var-pgbouncer")
 	assert.Equal(t, PGBouncerContainerImage(cluster), "env-var-pgbouncer")
 
 	assert.NilError(t, yaml.Unmarshal([]byte(`{
@@ -160,13 +139,14 @@ func TestPGBouncerContainerImage(t *testing.T) {
 func TestPGExporterContainerImage(t *testing.T) {
 	cluster := &v1beta1.PostgresCluster{}
 
-	unsetEnv(t, "RELATED_IMAGE_PGEXPORTER")
+	t.Setenv("RELATED_IMAGE_PGEXPORTER", "")
+	os.Unsetenv("RELATED_IMAGE_PGEXPORTER")
 	assert.Equal(t, PGExporterContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_PGEXPORTER", "")
+	t.Setenv("RELATED_IMAGE_PGEXPORTER", "")
 	assert.Equal(t, PGExporterContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_PGEXPORTER", "env-var-pgexporter")
+	t.Setenv("RELATED_IMAGE_PGEXPORTER", "env-var-pgexporter")
 	assert.Equal(t, PGExporterContainerImage(cluster), "env-var-pgexporter")
 
 	assert.NilError(t, yaml.Unmarshal([]byte(`{
@@ -178,13 +158,14 @@ func TestPGExporterContainerImage(t *testing.T) {
 func TestStandalonePGAdminContainerImage(t *testing.T) {
 	pgadmin := &v1beta1.PGAdmin{}
 
-	unsetEnv(t, "RELATED_IMAGE_STANDALONE_PGADMIN")
+	t.Setenv("RELATED_IMAGE_STANDALONE_PGADMIN", "")
+	os.Unsetenv("RELATED_IMAGE_STANDALONE_PGADMIN")
 	assert.Equal(t, StandalonePGAdminContainerImage(pgadmin), "")
 
-	setEnv(t, "RELATED_IMAGE_STANDALONE_PGADMIN", "")
+	t.Setenv("RELATED_IMAGE_STANDALONE_PGADMIN", "")
 	assert.Equal(t, StandalonePGAdminContainerImage(pgadmin), "")
 
-	setEnv(t, "RELATED_IMAGE_STANDALONE_PGADMIN", "env-var-pgadmin")
+	t.Setenv("RELATED_IMAGE_STANDALONE_PGADMIN", "env-var-pgadmin")
 	assert.Equal(t, StandalonePGAdminContainerImage(pgadmin), "env-var-pgadmin")
 
 	assert.NilError(t, yaml.Unmarshal([]byte(`{
@@ -197,21 +178,22 @@ func TestPostgresContainerImage(t *testing.T) {
 	cluster := &v1beta1.PostgresCluster{}
 	cluster.Spec.PostgresVersion = 12
 
-	unsetEnv(t, "RELATED_IMAGE_POSTGRES_12")
+	t.Setenv("RELATED_IMAGE_POSTGRES_12", "")
+	os.Unsetenv("RELATED_IMAGE_POSTGRES_12")
 	assert.Equal(t, PostgresContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_POSTGRES_12", "")
+	t.Setenv("RELATED_IMAGE_POSTGRES_12", "")
 	assert.Equal(t, PostgresContainerImage(cluster), "")
 
-	setEnv(t, "RELATED_IMAGE_POSTGRES_12", "env-var-postgres")
+	t.Setenv("RELATED_IMAGE_POSTGRES_12", "env-var-postgres")
 	assert.Equal(t, PostgresContainerImage(cluster), "env-var-postgres")
 
 	cluster.Spec.Image = "spec-image"
 	assert.Equal(t, PostgresContainerImage(cluster), "spec-image")
 
 	cluster.Spec.Image = ""
 	cluster.Spec.PostGISVersion = "3.0"
-	setEnv(t, "RELATED_IMAGE_POSTGRES_12_GIS_3.0", "env-var-postgis")
+	t.Setenv("RELATED_IMAGE_POSTGRES_12_GIS_3.0", "env-var-postgis")
 	assert.Equal(t, PostgresContainerImage(cluster), "env-var-postgis")
 
 	cluster.Spec.Image = "spec-image"
@@ -222,7 +204,9 @@ func TestVerifyImageValues(t *testing.T) {
 	cluster := &v1beta1.PostgresCluster{}
 
 	verifyImageCheck := func(t *testing.T, envVar, errString string, cluster *v1beta1.PostgresCluster) {
-		unsetEnv(t, envVar)
+
+		t.Setenv(envVar, "")
+		os.Unsetenv(envVar)
 		err := VerifyImageValues(cluster)
 		assert.ErrorContains(t, err, errString)
 	}

internal/controller/pgupgrade/jobs_test.go

@@ -252,42 +252,17 @@ status: {}
 	`))
 }
 
-// saveEnv preserves environment variables so that any modifications needed for
-// the tests can be undone once completed.
-func saveEnv(t testing.TB, key string) {
-	t.Helper()
-	previous, ok := os.LookupEnv(key)
-	t.Cleanup(func() {
-		if ok {
-			os.Setenv(key, previous)
-		} else {
-			os.Unsetenv(key)
-		}
-	})
-}
-
-func setEnv(t testing.TB, key, value string) {
-	t.Helper()
-	saveEnv(t, key)
-	assert.NilError(t, os.Setenv(key, value))
-}
-
-func unsetEnv(t testing.TB, key string) {
-	t.Helper()
-	saveEnv(t, key)
-	assert.NilError(t, os.Unsetenv(key))
-}
-
 func TestPGUpgradeContainerImage(t *testing.T) {
 	upgrade := &v1beta1.PGUpgrade{}
 
-	unsetEnv(t, "RELATED_IMAGE_PGUPGRADE")
+	t.Setenv("RELATED_IMAGE_PGUPGRADE", "")
+	os.Unsetenv("RELATED_IMAGE_PGUPGRADE")
 	assert.Equal(t, pgUpgradeContainerImage(upgrade), "")
 
-	setEnv(t, "RELATED_IMAGE_PGUPGRADE", "")
+	t.Setenv("RELATED_IMAGE_PGUPGRADE", "")
 	assert.Equal(t, pgUpgradeContainerImage(upgrade), "")
 
-	setEnv(t, "RELATED_IMAGE_PGUPGRADE", "env-var-pgbackrest")
+	t.Setenv("RELATED_IMAGE_PGUPGRADE", "env-var-pgbackrest")
 	assert.Equal(t, pgUpgradeContainerImage(upgrade), "env-var-pgbackrest")
 
 	assert.NilError(t, yaml.Unmarshal(
@@ -299,7 +274,8 @@ func TestVerifyUpgradeImageValue(t *testing.T) {
 	upgrade := &v1beta1.PGUpgrade{}
 
 	t.Run("crunchy-postgres", func(t *testing.T) {
-		unsetEnv(t, "RELATED_IMAGE_PGUPGRADE")
+		t.Setenv("RELATED_IMAGE_PGUPGRADE", "")
+		os.Unsetenv("RELATED_IMAGE_PGUPGRADE")
 		err := verifyUpgradeImageValue(upgrade)
 		assert.ErrorContains(t, err, "crunchy-upgrade")
 	})

internal/feature/features.go

@@ -121,3 +121,12 @@ func Enabled(ctx context.Context, f Feature) bool {
 func NewContext(ctx context.Context, gate Gate) context.Context {
 	return context.WithValue(ctx, contextKey{}, gate)
 }
+
+func ShowGates(ctx context.Context) string {
+	featuresEnabled := ""
+	gate, ok := ctx.Value(contextKey{}).(Gate)
+	if ok {
+		featuresEnabled = gate.String()
+	}
+	return featuresEnabled
+}

internal/feature/features_test.go

@@ -53,10 +53,13 @@ func TestContext(t *testing.T) {
 	t.Parallel()
 	gate := NewGate()
 	ctx := NewContext(context.Background(), gate)
+	assert.Equal(t, ShowGates(ctx), "")
 
 	assert.NilError(t, gate.Set("TablespaceVolumes=true"))
 	assert.Assert(t, true == Enabled(ctx, TablespaceVolumes))
+	assert.Equal(t, ShowGates(ctx), "TablespaceVolumes=true")
 
 	assert.NilError(t, gate.SetFromMap(map[string]bool{TablespaceVolumes: false}))
 	assert.Assert(t, false == Enabled(ctx, TablespaceVolumes))
+	assert.Equal(t, ShowGates(ctx), "TablespaceVolumes=false")
 }

internal/registration/runner.go

@@ -76,8 +76,14 @@ func NewRunner(publicKey, tokenPath string, changed func()) (*Runner, error) {
 }
 
 // CheckToken loads and verifies the configured token, returning an error when
-// the file exists but cannot be verified.
-func (r *Runner) CheckToken() error {
+// the file exists but cannot be verified, and
+// returning the token if it can be verified.
+// NOTE(upgradecheck): return the token/nil so that we can use the token
+// in upgradecheck; currently a refresh of the token will cause a restart of the pod
+// meaning that the token used in upgradecheck is always the current token.
+// But if the restart behavior changes, we might drop the token return in main.go
+// and change upgradecheck to retrieve the token itself
+func (r *Runner) CheckToken() (*jwt.Token, error) {
 	data, errFile := os.ReadFile(r.tokenPath)
 	key := func(*jwt.Token) (any, error) { return r.publicKey, nil }
 
@@ -86,7 +92,7 @@ func (r *Runner) CheckToken() error {
 	r.token.Lock()
 	defer r.token.Unlock()
 
-	_, errToken := jwt.ParseWithClaims(string(data), &r.token, key,
+	token, errToken := jwt.ParseWithClaims(string(data), &r.token, key,
 		jwt.WithExpirationRequired(),
 		jwt.WithValidMethods([]string{"RS256"}),
 	)
@@ -102,11 +108,11 @@ func (r *Runner) CheckToken() error {
 
 	switch {
 	case !r.enabled || !r.token.Exists:
-		return nil
+		return nil, nil
 	case errFile != nil:
-		return errFile
+		return nil, errFile
 	default:
-		return errToken
+		return token, errToken
 	}
 }
 
@@ -168,7 +174,7 @@ func (r *Runner) Start(ctx context.Context) error {
 		select {
 		case <-ticks:
 			_, before := r.state()
-			if err := r.CheckToken(); err != nil {
+			if _, err := r.CheckToken(); err != nil {
 				log.Error(err, "Unable to validate token")
 			}
 			if _, after := r.state(); before != after && r.changed != nil {