diff --git a/api/datadoghq/v2alpha1/datadogagent_types.go b/api/datadoghq/v2alpha1/datadogagent_types.go index 8c0978b6f..4db1e2581 100644 --- a/api/datadoghq/v2alpha1/datadogagent_types.go +++ b/api/datadoghq/v2alpha1/datadogagent_types.go @@ -1528,13 +1528,6 @@ type GlobalConfig struct { // Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management // See also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md SecretBackend *SecretBackendConfig `json:"secretBackend,omitempty"` - - // Configure whether the Process Agent or core Agent collects process and/or container information (Linux only). - // If no other checks are running, the Process Agent container will not initialize. - // (Requires Agent 7.60.0+) - // Default: 'true' - // +optional - RunProcessChecksInCoreAgent *bool `json:"runProcessChecksInCoreAgent,omitempty"` } // DatadogCredentials is a generic structure that holds credentials to access Datadog. diff --git a/api/datadoghq/v2alpha1/zz_generated.deepcopy.go b/api/datadoghq/v2alpha1/zz_generated.deepcopy.go index 298207e4a..c9d32d1fc 100644 --- a/api/datadoghq/v2alpha1/zz_generated.deepcopy.go +++ b/api/datadoghq/v2alpha1/zz_generated.deepcopy.go @@ -1863,11 +1863,6 @@ func (in *GlobalConfig) DeepCopyInto(out *GlobalConfig) { *out = new(SecretBackendConfig) (*in).DeepCopyInto(*out) } - if in.RunProcessChecksInCoreAgent != nil { - in, out := &in.RunProcessChecksInCoreAgent, &out.RunProcessChecksInCoreAgent - *out = new(bool) - **out = **in - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GlobalConfig. diff --git a/config/crd/bases/v1/datadoghq.com_datadogagentinternals.yaml b/config/crd/bases/v1/datadoghq.com_datadogagentinternals.yaml index ef4b0dedc..6f18de229 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagentinternals.yaml +++ b/config/crd/bases/v1/datadoghq.com_datadogagentinternals.yaml @@ -2806,13 +2806,6 @@ spec: Use 'docker.io/datadog' for DockerHub. Default: 'gcr.io/datadoghq' type: string - runProcessChecksInCoreAgent: - description: |- - Configure whether the Process Agent or core Agent collects process and/or container information (Linux only). - If no other checks are running, the Process Agent container will not initialize. - (Requires Agent 7.60.0+) - Default: 'true' - type: boolean secretBackend: description: |- Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management diff --git a/config/crd/bases/v1/datadoghq.com_datadogagentinternals_v1alpha1.json b/config/crd/bases/v1/datadoghq.com_datadogagentinternals_v1alpha1.json index bca381c20..1b30ed7fe 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagentinternals_v1alpha1.json +++ b/config/crd/bases/v1/datadoghq.com_datadogagentinternals_v1alpha1.json @@ -2935,10 +2935,6 @@ "description": "Registry is the image registry to use for all Agent images.\nUse 'public.ecr.aws/datadog' for AWS ECR.\nUse 'datadoghq.azurecr.io' for Azure Container Registry.\nUse 'gcr.io/datadoghq' for Google Container Registry.\nUse 'eu.gcr.io/datadoghq' for Google Container Registry in the EU region.\nUse 'asia.gcr.io/datadoghq' for Google Container Registry in the Asia region.\nUse 'docker.io/datadog' for DockerHub.\nDefault: 'gcr.io/datadoghq'", "type": "string" }, - "runProcessChecksInCoreAgent": { - "description": "Configure whether the Process Agent or core Agent collects process and/or container information (Linux only).\nIf no other checks are running, the Process Agent container will not initialize.\n(Requires Agent 7.60.0+)\nDefault: 'true'", - "type": "boolean" - }, "secretBackend": { "additionalProperties": false, "description": "Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management\nSee also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md", diff --git a/config/crd/bases/v1/datadoghq.com_datadogagentprofiles.yaml b/config/crd/bases/v1/datadoghq.com_datadogagentprofiles.yaml index 89361e018..66563593e 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagentprofiles.yaml +++ b/config/crd/bases/v1/datadoghq.com_datadogagentprofiles.yaml @@ -2806,13 +2806,6 @@ spec: Use 'docker.io/datadog' for DockerHub. Default: 'gcr.io/datadoghq' type: string - runProcessChecksInCoreAgent: - description: |- - Configure whether the Process Agent or core Agent collects process and/or container information (Linux only). - If no other checks are running, the Process Agent container will not initialize. - (Requires Agent 7.60.0+) - Default: 'true' - type: boolean secretBackend: description: |- Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management diff --git a/config/crd/bases/v1/datadoghq.com_datadogagentprofiles_v1alpha1.json b/config/crd/bases/v1/datadoghq.com_datadogagentprofiles_v1alpha1.json index bcb7f8b84..3b6aebe6b 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagentprofiles_v1alpha1.json +++ b/config/crd/bases/v1/datadoghq.com_datadogagentprofiles_v1alpha1.json @@ -2939,10 +2939,6 @@ "description": "Registry is the image registry to use for all Agent images.\nUse 'public.ecr.aws/datadog' for AWS ECR.\nUse 'datadoghq.azurecr.io' for Azure Container Registry.\nUse 'gcr.io/datadoghq' for Google Container Registry.\nUse 'eu.gcr.io/datadoghq' for Google Container Registry in the EU region.\nUse 'asia.gcr.io/datadoghq' for Google Container Registry in the Asia region.\nUse 'docker.io/datadog' for DockerHub.\nDefault: 'gcr.io/datadoghq'", "type": "string" }, - "runProcessChecksInCoreAgent": { - "description": "Configure whether the Process Agent or core Agent collects process and/or container information (Linux only).\nIf no other checks are running, the Process Agent container will not initialize.\n(Requires Agent 7.60.0+)\nDefault: 'true'", - "type": "boolean" - }, "secretBackend": { "additionalProperties": false, "description": "Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management\nSee also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md", diff --git a/config/crd/bases/v1/datadoghq.com_datadogagents.yaml b/config/crd/bases/v1/datadoghq.com_datadogagents.yaml index fc50aa97c..e7f697f10 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagents.yaml +++ b/config/crd/bases/v1/datadoghq.com_datadogagents.yaml @@ -2806,13 +2806,6 @@ spec: Use 'docker.io/datadog' for DockerHub. Default: 'gcr.io/datadoghq' type: string - runProcessChecksInCoreAgent: - description: |- - Configure whether the Process Agent or core Agent collects process and/or container information (Linux only). - If no other checks are running, the Process Agent container will not initialize. - (Requires Agent 7.60.0+) - Default: 'true' - type: boolean secretBackend: description: |- Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management diff --git a/config/crd/bases/v1/datadoghq.com_datadogagents_v2alpha1.json b/config/crd/bases/v1/datadoghq.com_datadogagents_v2alpha1.json index 431b8124f..1d191faf3 100644 --- a/config/crd/bases/v1/datadoghq.com_datadogagents_v2alpha1.json +++ b/config/crd/bases/v1/datadoghq.com_datadogagents_v2alpha1.json @@ -2935,10 +2935,6 @@ "description": "Registry is the image registry to use for all Agent images.\nUse 'public.ecr.aws/datadog' for AWS ECR.\nUse 'datadoghq.azurecr.io' for Azure Container Registry.\nUse 'gcr.io/datadoghq' for Google Container Registry.\nUse 'eu.gcr.io/datadoghq' for Google Container Registry in the EU region.\nUse 'asia.gcr.io/datadoghq' for Google Container Registry in the Asia region.\nUse 'docker.io/datadog' for DockerHub.\nDefault: 'gcr.io/datadoghq'", "type": "string" }, - "runProcessChecksInCoreAgent": { - "description": "Configure whether the Process Agent or core Agent collects process and/or container information (Linux only).\nIf no other checks are running, the Process Agent container will not initialize.\n(Requires Agent 7.60.0+)\nDefault: 'true'", - "type": "boolean" - }, "secretBackend": { "additionalProperties": false, "description": "Configure the secret backend feature https://docs.datadoghq.com/agent/guide/secrets-management\nSee also: https://github.com/DataDog/datadog-operator/blob/main/docs/secret_management.md", diff --git a/docs/configuration.v2alpha1.md b/docs/configuration.v2alpha1.md index 3bfcb2a67..dad277159 100644 --- a/docs/configuration.v2alpha1.md +++ b/docs/configuration.v2alpha1.md @@ -255,7 +255,6 @@ spec: | global.podAnnotationsAsTags | Provide a mapping of Kubernetes Annotations to Datadog Tags. : | | global.podLabelsAsTags | Provide a mapping of Kubernetes Labels to Datadog Tags. : | | global.registry | Is the image registry to use for all Agent images. Use 'public.ecr.aws/datadog' for AWS ECR. Use 'datadoghq.azurecr.io' for Azure Container Registry. Use 'gcr.io/datadoghq' for Google Container Registry. Use 'eu.gcr.io/datadoghq' for Google Container Registry in the EU region. Use 'asia.gcr.io/datadoghq' for Google Container Registry in the Asia region. Use 'docker.io/datadog' for DockerHub. Default: 'gcr.io/datadoghq' | -| global.runProcessChecksInCoreAgent | Configure whether the Process Agent or core Agent collects process and/or container information (Linux only). If no other checks are running, the Process Agent container will not initialize. (Requires Agent 7.60.0+) Default: 'true' | | global.secretBackend.args | List of arguments to pass to the command (space-separated strings). | | global.secretBackend.command | The secret backend command to use. Datadog provides a pre-defined binary `/readsecret_multiple_providers.sh`. Read more about `/readsecret_multiple_providers.sh` at https://docs.datadoghq.com/agent/configuration/secrets-management/?tab=linux#script-for-reading-from-multiple-secret-providers. | | global.secretBackend.enableGlobalPermissions | Whether to create a global permission allowing Datadog agents to read all Kubernetes secrets. Default: `false`. | diff --git a/internal/controller/datadogagent/controller_v2_test.go b/internal/controller/datadogagent/controller_v2_test.go index a3d2a4338..1179a6154 100644 --- a/internal/controller/datadogagent/controller_v2_test.go +++ b/internal/controller/datadogagent/controller_v2_test.go @@ -367,32 +367,6 @@ func TestReconcileDatadogAgentV2_Reconcile(t *testing.T) { return verifyPDB(t, c) }, }, - { - name: "DatadogAgent with container monitoring in process agent", - fields: fields{ - client: fake.NewClientBuilder().WithStatusSubresource(&appsv1.DaemonSet{}, &v2alpha1.DatadogAgent{}).Build(), - scheme: s, - recorder: recorder, - }, - loadFunc: func(c client.Client) *v2alpha1.DatadogAgent { - dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). - WithProcessChecksInCoreAgent(false). - Build() - _ = c.Create(context.TODO(), dda) - return dda - }, - want: reconcile.Result{RequeueAfter: defaultRequeueDuration}, - wantErr: false, - wantFunc: func(c client.Client) error { - expectedContainers := []string{ - string(apicommon.CoreAgentContainerName), - string(apicommon.ProcessAgentContainerName), - string(apicommon.TraceAgentContainerName), - } - - return verifyDaemonsetContainers(c, resourcesNamespace, dsName, expectedContainers) - }, - }, { name: "DatadogAgent with override.nodeAgent.disabled true", fields: fields{ @@ -941,7 +915,7 @@ func Test_AutopilotOverrides(t *testing.T) { dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(false). WithLiveProcessEnabled(true). - WithProcessChecksInCoreAgent(false). + WithNPMEnabled(true). WithClusterChecksEnabled(false). WithAdmissionControllerEnabled(false). WithOrchestratorExplorerEnabled(false). @@ -1007,7 +981,7 @@ func Test_AutopilotOverrides(t *testing.T) { dda := testutils.NewInitializedDatadogAgentBuilder(resourcesNamespace, resourcesName). WithAPMEnabled(true). WithLiveProcessEnabled(true). - WithProcessChecksInCoreAgent(false). + WithNPMEnabled(true). WithClusterChecksEnabled(false). WithAdmissionControllerEnabled(false). WithOrchestratorExplorerEnabled(false). diff --git a/internal/controller/datadogagent/defaults/datadogagent_default.go b/internal/controller/datadogagent/defaults/datadogagent_default.go index c4c4bbe56..ebb83c76b 100644 --- a/internal/controller/datadogagent/defaults/datadogagent_default.go +++ b/internal/controller/datadogagent/defaults/datadogagent_default.go @@ -31,7 +31,6 @@ const ( defaultLiveProcessCollectionEnabled bool = false defaultLiveContainerCollectionEnabled bool = true defaultProcessDiscoveryEnabled bool = true - defaultRunProcessChecksInCoreAgent bool = true defaultOOMKillEnabled bool = false defaultTCPQueueLengthEnabled bool = false @@ -209,8 +208,6 @@ func defaultGlobalConfig(ddaSpec *v2alpha1.DatadogAgentSpec) { if ddaSpec.Global.Kubelet.PodResourcesSocketPath == "" { ddaSpec.Global.Kubelet.PodResourcesSocketPath = defaultKubeletPodResourcesSocketDir } - - apiutils.DefaultBooleanIfUnset(&ddaSpec.Global.RunProcessChecksInCoreAgent, defaultRunProcessChecksInCoreAgent) } // defaultFeaturesConfig sets default values in DatadogAgentSpec.Features. diff --git a/internal/controller/datadogagent/feature/apm/feature.go b/internal/controller/datadogagent/feature/apm/feature.go index ac1e35960..120af39b4 100644 --- a/internal/controller/datadogagent/feature/apm/feature.go +++ b/internal/controller/datadogagent/feature/apm/feature.go @@ -190,7 +190,7 @@ func (f *apmFeature) Configure(dda metav1.Object, ddaSpec *v2alpha1.DatadogAgent } } - f.processCheckRunsInCoreAgent = featutils.OverrideProcessConfigRunInCoreAgent(ddaSpec, apiutils.BoolValue(ddaSpec.Global.RunProcessChecksInCoreAgent)) + f.processCheckRunsInCoreAgent = featutils.ShouldRunProcessChecksInCoreAgent(ddaSpec) if f.shouldEnableLanguageDetection() && !f.processCheckRunsInCoreAgent { reqComp.Agent.Containers = append(reqComp.Agent.Containers, apicommon.ProcessAgentContainerName) } diff --git a/internal/controller/datadogagent/feature/apm/feature_test.go b/internal/controller/datadogagent/feature/apm/feature_test.go index 27db2fa2c..20ddde4ce 100644 --- a/internal/controller/datadogagent/feature/apm/feature_test.go +++ b/internal/controller/datadogagent/feature/apm/feature_test.go @@ -356,6 +356,13 @@ func TestAPMFeature(t *testing.T) { WithAPMUDSEnabled(true, apmSocketHostPath). WithAPMSingleStepInstrumentationEnabled(true, nil, nil, nil, true, "", nil). WithAdmissionControllerEnabled(true). + WithComponentOverride( + v2alpha1.NodeAgentComponentName, + v2alpha1.DatadogAgentComponentOverride{ + Image: &v2alpha1.AgentImageConfig{Tag: "7.60.0"}, + Env: []corev1.EnvVar{{Name: "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED", Value: "false"}}, + }, + ). Build(), WantConfigure: true, ClusterAgent: testAPMInstrumentationWithLanguageDetectionEnabledForClusterAgent(), @@ -400,7 +407,6 @@ func TestAPMFeature(t *testing.T) { Image: &v2alpha1.AgentImageConfig{Tag: "7.60.0"}, }, ). - WithProcessChecksInCoreAgent(true). Build(), WantConfigure: true, ClusterAgent: testAPMInstrumentationWithLanguageDetectionEnabledForClusterAgent(), diff --git a/internal/controller/datadogagent/feature/livecontainer/feature.go b/internal/controller/datadogagent/feature/livecontainer/feature.go index 685d77ffb..bc1920403 100644 --- a/internal/controller/datadogagent/feature/livecontainer/feature.go +++ b/internal/controller/datadogagent/feature/livecontainer/feature.go @@ -47,7 +47,7 @@ func (f *liveContainerFeature) Configure(_ metav1.Object, ddaSpec *v2alpha1.Data apicommon.CoreAgentContainerName, } - f.runInCoreAgent = featutils.OverrideProcessConfigRunInCoreAgent(ddaSpec, apiutils.BoolValue(ddaSpec.Global.RunProcessChecksInCoreAgent)) + f.runInCoreAgent = featutils.ShouldRunProcessChecksInCoreAgent(ddaSpec) if !f.runInCoreAgent { reqContainers = append(reqContainers, apicommon.ProcessAgentContainerName) diff --git a/internal/controller/datadogagent/feature/livecontainer/feature_test.go b/internal/controller/datadogagent/feature/livecontainer/feature_test.go index b378ec1b6..5944c064c 100644 --- a/internal/controller/datadogagent/feature/livecontainer/feature_test.go +++ b/internal/controller/datadogagent/feature/livecontainer/feature_test.go @@ -31,7 +31,7 @@ func TestLiveContainerFeature(t *testing.T) { WithLiveContainerCollectionEnabled(true). Build(), WantConfigure: true, - Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false), + Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true), }, { Name: "live container collection enabled with single container", @@ -40,40 +40,10 @@ func TestLiveContainerFeature(t *testing.T) { WithSingleContainerStrategy(true). Build(), WantConfigure: true, - Agent: testExpectedAgent(apicommon.UnprivilegedSingleAgentContainerName, false), - }, - { - Name: "live container collection enabled on core agent via env var", - DDA: testutils.NewDatadogAgentBuilder(). - WithLiveContainerCollectionEnabled(true). - WithComponentOverride( - v2alpha1.NodeAgentComponentName, - v2alpha1.DatadogAgentComponentOverride{ - Image: &v2alpha1.AgentImageConfig{Tag: "7.60.0"}, - Env: []corev1.EnvVar{{Name: "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED", Value: "true"}}, - }, - ). - Build(), - WantConfigure: true, - Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true), - }, - { - Name: "live container collection enabled on core agent via spec", - DDA: testutils.NewDatadogAgentBuilder(). - WithLiveContainerCollectionEnabled(true). - WithComponentOverride( - v2alpha1.NodeAgentComponentName, - v2alpha1.DatadogAgentComponentOverride{ - Image: &v2alpha1.AgentImageConfig{Tag: "7.60.0"}, - }, - ). - WithProcessChecksInCoreAgent(true). - Build(), - WantConfigure: true, - Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true), + Agent: testExpectedAgent(apicommon.UnprivilegedSingleAgentContainerName, true), }, { - Name: "live container collection enabled in core agent via spec without min version", + Name: "live container collection without min version to run in core agent", DDA: testutils.NewDatadogAgentBuilder(). WithLiveContainerCollectionEnabled(true). WithComponentOverride( @@ -82,7 +52,6 @@ func TestLiveContainerFeature(t *testing.T) { Image: &v2alpha1.AgentImageConfig{Tag: "7.52.0"}, }, ). - WithProcessChecksInCoreAgent(true). Build(), WantConfigure: true, Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false), @@ -98,7 +67,6 @@ func TestLiveContainerFeature(t *testing.T) { Env: []corev1.EnvVar{{Name: "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED", Value: "false"}}, }, ). - WithProcessChecksInCoreAgent(true). Build(), WantConfigure: true, Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false), diff --git a/internal/controller/datadogagent/feature/liveprocess/feature.go b/internal/controller/datadogagent/feature/liveprocess/feature.go index 960c50b1f..5cb9c7b4d 100644 --- a/internal/controller/datadogagent/feature/liveprocess/feature.go +++ b/internal/controller/datadogagent/feature/liveprocess/feature.go @@ -55,7 +55,7 @@ func (f *liveProcessFeature) Configure(_ metav1.Object, ddaSpec *v2alpha1.Datado apicommon.CoreAgentContainerName, } - f.runInCoreAgent = featutils.OverrideProcessConfigRunInCoreAgent(ddaSpec, apiutils.BoolValue(ddaSpec.Global.RunProcessChecksInCoreAgent)) + f.runInCoreAgent = featutils.ShouldRunProcessChecksInCoreAgent(ddaSpec) if !f.runInCoreAgent { reqContainers = append(reqContainers, apicommon.ProcessAgentContainerName) diff --git a/internal/controller/datadogagent/feature/liveprocess/feature_test.go b/internal/controller/datadogagent/feature/liveprocess/feature_test.go index be0f81e8b..2fa6c2610 100644 --- a/internal/controller/datadogagent/feature/liveprocess/feature_test.go +++ b/internal/controller/datadogagent/feature/liveprocess/feature_test.go @@ -38,7 +38,7 @@ func Test_liveProcessFeature_Configure(t *testing.T) { WithLiveProcessEnabled(true). Build(), WantConfigure: true, - Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false, false), + Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true, false), }, { Name: "live process collection enabled with scrub and strip args", @@ -47,40 +47,10 @@ func Test_liveProcessFeature_Configure(t *testing.T) { WithLiveProcessScrubStrip(true, true). Build(), WantConfigure: true, - Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false, true), - }, - { - Name: "live process collection enabled in core agent via env vars", - DDA: testutils.NewDatadogAgentBuilder(). - WithLiveProcessEnabled(true). - WithComponentOverride( - v2alpha1.NodeAgentComponentName, - v2alpha1.DatadogAgentComponentOverride{ - Image: &v2alpha1.AgentImageConfig{Tag: "7.60.0"}, - Env: []corev1.EnvVar{{Name: "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED", Value: "true"}}, - }, - ). - Build(), - WantConfigure: true, - Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true, false), - }, - { - Name: "live process collection enabled in core agent via spec", - DDA: testutils.NewDatadogAgentBuilder(). - WithLiveProcessEnabled(true). - WithComponentOverride( - v2alpha1.NodeAgentComponentName, - v2alpha1.DatadogAgentComponentOverride{ - Image: &v2alpha1.AgentImageConfig{Tag: "7.60.0"}, - }, - ). - WithProcessChecksInCoreAgent(true). - Build(), - WantConfigure: true, - Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true, false), + Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true, true), }, { - Name: "live process collection enabled in core agent via spec without min version", + Name: "live process collection without min version to run in core agent", DDA: testutils.NewDatadogAgentBuilder(). WithLiveProcessEnabled(true). WithComponentOverride( @@ -89,7 +59,6 @@ func Test_liveProcessFeature_Configure(t *testing.T) { Image: &v2alpha1.AgentImageConfig{Tag: "7.52.0"}, }, ). - WithProcessChecksInCoreAgent(true). Build(), WantConfigure: true, Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false, false), @@ -105,7 +74,6 @@ func Test_liveProcessFeature_Configure(t *testing.T) { Env: []corev1.EnvVar{{Name: "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED", Value: "false"}}, }, ). - WithProcessChecksInCoreAgent(true). Build(), WantConfigure: true, Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false, false), @@ -117,7 +85,7 @@ func Test_liveProcessFeature_Configure(t *testing.T) { WithSingleContainerStrategy(true). Build(), WantConfigure: true, - Agent: testExpectedAgent(apicommon.UnprivilegedSingleAgentContainerName, false, false), + Agent: testExpectedAgent(apicommon.UnprivilegedSingleAgentContainerName, true, false), }, } diff --git a/internal/controller/datadogagent/feature/processdiscovery/feature.go b/internal/controller/datadogagent/feature/processdiscovery/feature.go index 746b6b950..8adf77c84 100644 --- a/internal/controller/datadogagent/feature/processdiscovery/feature.go +++ b/internal/controller/datadogagent/feature/processdiscovery/feature.go @@ -44,7 +44,7 @@ func (p *processDiscoveryFeature) Configure(_ metav1.Object, ddaSpec *v2alpha1.D apicommon.CoreAgentContainerName, } - p.runInCoreAgent = featutils.OverrideProcessConfigRunInCoreAgent(ddaSpec, apiutils.BoolValue(ddaSpec.Global.RunProcessChecksInCoreAgent)) + p.runInCoreAgent = featutils.ShouldRunProcessChecksInCoreAgent(ddaSpec) if !p.runInCoreAgent { reqContainers = append(reqContainers, apicommon.ProcessAgentContainerName) diff --git a/internal/controller/datadogagent/feature/processdiscovery/feature_test.go b/internal/controller/datadogagent/feature/processdiscovery/feature_test.go index 9b34186ed..2f2b26277 100644 --- a/internal/controller/datadogagent/feature/processdiscovery/feature_test.go +++ b/internal/controller/datadogagent/feature/processdiscovery/feature_test.go @@ -31,7 +31,7 @@ func Test_processDiscoveryFeature_Configure(t *testing.T) { WithProcessDiscoveryEnabled(true). Build(), WantConfigure: true, - Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false), + Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true), }, { Name: "process discovery disabled", @@ -45,65 +45,33 @@ func Test_processDiscoveryFeature_Configure(t *testing.T) { DDA: testutils.NewDatadogAgentBuilder(). Build(), WantConfigure: true, - Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false), - }, - { - Name: "process discovery enabled in core agent via env vars", - DDA: testutils.NewDatadogAgentBuilder(). - WithProcessDiscoveryEnabled(true). - WithComponentOverride( - v2alpha1.NodeAgentComponentName, - v2alpha1.DatadogAgentComponentOverride{ - Image: &v2alpha1.AgentImageConfig{Tag: "7.60.0"}, - Env: []corev1.EnvVar{{Name: "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED", Value: "true"}}, - }, - ). - Build(), - WantConfigure: true, Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true), }, { - Name: "process discovery enabled in core agent via spec", + Name: "process discovery disabled in core agent via env vars", DDA: testutils.NewDatadogAgentBuilder(). WithProcessDiscoveryEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ Image: &v2alpha1.AgentImageConfig{Tag: "7.60.0"}, + Env: []corev1.EnvVar{{Name: "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED", Value: "false"}}, }, ). - WithProcessChecksInCoreAgent(true). - Build(), - WantConfigure: true, - Agent: testExpectedAgent(apicommon.CoreAgentContainerName, true), - }, - { - Name: "process discovery enabled in core agent via spec without min version", - DDA: testutils.NewDatadogAgentBuilder(). - WithProcessDiscoveryEnabled(true). - WithComponentOverride( - v2alpha1.NodeAgentComponentName, - v2alpha1.DatadogAgentComponentOverride{ - Image: &v2alpha1.AgentImageConfig{Tag: "7.52.0"}, - }, - ). - WithProcessChecksInCoreAgent(true). Build(), WantConfigure: true, Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false), }, { - Name: "process discovery disabled in core agent via env var override", + Name: "process discovery without min version to run in core agent", DDA: testutils.NewDatadogAgentBuilder(). WithProcessDiscoveryEnabled(true). WithComponentOverride( v2alpha1.NodeAgentComponentName, v2alpha1.DatadogAgentComponentOverride{ - Image: &v2alpha1.AgentImageConfig{Tag: "7.60.0"}, - Env: []corev1.EnvVar{{Name: "DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED", Value: "false"}}, + Image: &v2alpha1.AgentImageConfig{Tag: "7.52.0"}, }, ). - WithProcessChecksInCoreAgent(true). Build(), WantConfigure: true, Agent: testExpectedAgent(apicommon.ProcessAgentContainerName, false), @@ -115,7 +83,7 @@ func Test_processDiscoveryFeature_Configure(t *testing.T) { WithSingleContainerStrategy(true). Build(), WantConfigure: true, - Agent: testExpectedAgent(apicommon.UnprivilegedSingleAgentContainerName, false), + Agent: testExpectedAgent(apicommon.UnprivilegedSingleAgentContainerName, true), }, } tests.Run(t, buildProcessDiscoveryFeature) diff --git a/internal/controller/datadogagent/feature/test/factory_test.go b/internal/controller/datadogagent/feature/test/factory_test.go index fea574303..f94634c82 100644 --- a/internal/controller/datadogagent/feature/test/factory_test.go +++ b/internal/controller/datadogagent/feature/test/factory_test.go @@ -42,22 +42,6 @@ func TestBuilder(t *testing.T) { common.AgentDataPlaneContainerName: false, }, }, - { - name: "Container monitoring on Process agent", - dda: testutils.NewDatadogAgentBuilder(). - WithProcessChecksInCoreAgent(false). - BuildWithDefaults(), - wantAgentContainer: map[common.AgentContainerName]bool{ - common.UnprivilegedSingleAgentContainerName: false, - common.CoreAgentContainerName: true, - common.ProcessAgentContainerName: true, - common.TraceAgentContainerName: true, - common.SystemProbeContainerName: false, - common.SecurityAgentContainerName: false, - common.OtelAgent: false, - common.AgentDataPlaneContainerName: false, - }, - }, { name: "Default DDA with single container strategy, 1 single container", dda: testutils.NewDatadogAgentBuilder(). diff --git a/internal/controller/datadogagent/feature/utils/utils.go b/internal/controller/datadogagent/feature/utils/utils.go index 2ffc74ea7..f9e5ce06e 100644 --- a/internal/controller/datadogagent/feature/utils/utils.go +++ b/internal/controller/datadogagent/feature/utils/utils.go @@ -29,9 +29,11 @@ func agentSupportsRunInCoreAgent(ddaSpec *v2alpha1.DatadogAgentSpec) bool { return utils.IsAboveMinVersion(images.AgentLatestVersion, ProcessConfigRunInCoreAgentMinVersion) } -// OverrideProcessConfigRunInCoreAgent determines whether to respect the currentVal based on +// ShouldRunProcessChecksInCoreAgent determines whether allow process checks to run in core agent based on // environment variables and the agent version. -func OverrideProcessConfigRunInCoreAgent(ddaSpec *v2alpha1.DatadogAgentSpec, currentVal bool) bool { +func ShouldRunProcessChecksInCoreAgent(ddaSpec *v2alpha1.DatadogAgentSpec) bool { + + // Prioritize env var override if nodeAgent, ok := ddaSpec.Override[v2alpha1.NodeAgentComponentName]; ok { for _, env := range nodeAgent.Env { if env.Name == common.DDProcessConfigRunInCoreAgent { @@ -43,11 +45,12 @@ func OverrideProcessConfigRunInCoreAgent(ddaSpec *v2alpha1.DatadogAgentSpec, cur } } + // Check if agent version supports process checks running in core agent if !agentSupportsRunInCoreAgent(ddaSpec) { return false } - return currentVal + return true } func hasFeatureEnableAnnotation(dda metav1.Object, annotation string) bool { diff --git a/pkg/testutils/builder.go b/pkg/testutils/builder.go index b94ef7368..6960353f4 100644 --- a/pkg/testutils/builder.go +++ b/pkg/testutils/builder.go @@ -175,15 +175,6 @@ func (builder *DatadogAgentBuilder) WithLiveProcessScrubStrip(scrubEnabled, stri return builder } -func (builder *DatadogAgentBuilder) WithProcessChecksInCoreAgent(enabled bool) *DatadogAgentBuilder { - if builder.datadogAgent.Spec.Global == nil { - builder.datadogAgent.Spec.Global = &v2alpha1.GlobalConfig{} - } - - builder.datadogAgent.Spec.Global.RunProcessChecksInCoreAgent = apiutils.NewBoolPointer(enabled) - return builder -} - func (builder *DatadogAgentBuilder) WithWorkloadAutoscalerEnabled(enabled bool) *DatadogAgentBuilder { builder.datadogAgent.Spec.Features.Autoscaling = &v2alpha1.AutoscalingFeatureConfig{ Workload: &v2alpha1.WorkloadAutoscalingFeatureConfig{ diff --git a/pkg/testutils/ddai_builder.go b/pkg/testutils/ddai_builder.go index 8932b68ab..49ff854d4 100644 --- a/pkg/testutils/ddai_builder.go +++ b/pkg/testutils/ddai_builder.go @@ -171,15 +171,6 @@ func (builder *DatadogAgentInternalBuilder) WithLiveProcessScrubStrip(scrubEnabl return builder } -func (builder *DatadogAgentInternalBuilder) WithProcessChecksInCoreAgent(enabled bool) *DatadogAgentInternalBuilder { - if builder.datadogAgentInternal.Spec.Global == nil { - builder.datadogAgentInternal.Spec.Global = &v2alpha1.GlobalConfig{} - } - - builder.datadogAgentInternal.Spec.Global.RunProcessChecksInCoreAgent = apiutils.NewBoolPointer(enabled) - return builder -} - func (builder *DatadogAgentInternalBuilder) WithWorkloadAutoscalerEnabled(enabled bool) *DatadogAgentInternalBuilder { builder.datadogAgentInternal.Spec.Features.Autoscaling = &v2alpha1.AutoscalingFeatureConfig{ Workload: &v2alpha1.WorkloadAutoscalingFeatureConfig{