use multiple secrets if scrape config exceeds K8s secret limit#2232
Open
AndrewChubatiuk wants to merge 1 commit into
Open
use multiple secrets if scrape config exceeds K8s secret limit#2232AndrewChubatiuk wants to merge 1 commit into
AndrewChubatiuk wants to merge 1 commit into
Conversation
AndrewChubatiuk
force-pushed
the
vmagent-use-multiple-secrets-for-scrape-config
branch
2 times, most recently
from
8cf847c to
6d36761
Compare
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
3 issues found across 16 files
Reply with feedback, questions, or to request a fix.
Fix all with cubic | Re-trigger cubic
AndrewChubatiuk
force-pushed
the
vmagent-use-multiple-secrets-for-scrape-config
branch
3 times, most recently
from
286ce17 to
22d00e0
Compare
Contributor
Author
|
@cubic-ai-dev |
Contributor
@AndrewChubatiuk I have started the AI code review. It will take a few minutes to complete. |
Contributor
There was a problem hiding this comment.
2 issues found across 17 files
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="internal/controller/operator/factory/vmsingle/vmsingle.go">
<violation number="1" location="internal/controller/operator/factory/vmsingle/vmsingle.go:129">
P2: `prevDeploy` is always constructed with `extraConfigSecretCount=0`, even when the previous deployment had extra config secrets. This causes unnecessary deployment updates on every reconciliation for VMSingle instances with oversized scrape configs, as the prevDeploy/newDeploy comparison will always see a volume/mount diff.</violation>
</file>
Reply with feedback, questions, or to request a fix.
Fix all with cubic | Re-trigger cubic
| if prevCR != nil { | ||
| var err error | ||
| prevDeploy, err = newDeploy(ctx, prevCR) | ||
| prevDeploy, err = newDeploy(ctx, prevCR, 0) |
Contributor
There was a problem hiding this comment.
P2: prevDeploy is always constructed with extraConfigSecretCount=0, even when the previous deployment had extra config secrets. This causes unnecessary deployment updates on every reconciliation for VMSingle instances with oversized scrape configs, as the prevDeploy/newDeploy comparison will always see a volume/mount diff.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At internal/controller/operator/factory/vmsingle/vmsingle.go, line 129:
<comment>`prevDeploy` is always constructed with `extraConfigSecretCount=0`, even when the previous deployment had extra config secrets. This causes unnecessary deployment updates on every reconciliation for VMSingle instances with oversized scrape configs, as the prevDeploy/newDeploy comparison will always see a volume/mount diff.</comment>
<file context>
@@ -125,22 +126,22 @@ func CreateOrUpdate(ctx context.Context, cr *vmv1beta1.VMSingle, rclient client.
if prevCR != nil {
var err error
- prevDeploy, err = newDeploy(ctx, prevCR)
+ prevDeploy, err = newDeploy(ctx, prevCR, 0)
if err != nil {
return fmt.Errorf("cannot generate prev deploy spec: %w", err)
</file context>
AndrewChubatiuk
force-pushed
the
vmagent-use-multiple-secrets-for-scrape-config
branch
from
22d00e0 to
16ff747
Compare
AndrewChubatiuk
force-pushed
the
vmagent-use-multiple-secrets-for-scrape-config
branch
3 times, most recently
from
7590330 to
e748449
Compare
AndrewChubatiuk
force-pushed
the
vmagent-use-multiple-secrets-for-scrape-config
branch
from
e748449 to
5af4c85
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
vmagent and vmsingle: use additional secrets if default scrape config size exceeds K8s secret limit. fixes #1048
Summary by cubic
Splits oversized scrape configs for
vmagent/vmsingleinto multiple gzip-compressed Secrets and loads overflow jobs viascrape_config_files. Addsconfig-reloadersupport to mirror and decompress watched files into an EmptyDir and clean up stale files.New Features
vmagent/vmsingle: When scrape config exceeds the 1MB Secret limit, overflow jobs are split using compressed-size-aware packing into extra Secrets (jobs.yaml). Pods mount a sharedsc-files-outEmptyDir;config-reloaderwatches per-bucket raw Secret dirs and writes decompressed files to matching subdirs. The main config adds ascrape_config_filesglob, and stale extra Secrets are removed automatically.config-reloader: Added--target-dirpaired with--watched-dir(counts must match). Detects gzip and decompresses. Copies files on init/start and on change, and removes orphaned files in the target.Bug Fixes
Written for commit 5af4c85. Summary will update on new commits.