func()

in pkg/operator/operator_config.go [325:388]

• 56 lines of code
• 7 McCabe index (conditional complexity)

func (r *operatorConfigReconciler) makeRuleEvaluatorConfig(ctx context.Context, spec *monitoringv1.RuleEvaluatorSpec) (*corev1.ConfigMap, map[string][]byte, error) {
	amConfigs, secretData, err := r.makeAlertmanagerConfigs(ctx, &spec.Alerting)
	if err != nil {
		return nil, nil, fmt.Errorf("make alertmanager config: %w", err)
	}
	if spec.Credentials != nil {
		p := pathForSelector(r.opts.PublicNamespace, &monitoringv1.SecretOrConfigMap{Secret: spec.Credentials})
		b, err := getSecretKeyBytes(ctx, r.client, r.opts.PublicNamespace, spec.Credentials)
		if err != nil {
			return nil, nil, fmt.Errorf("get service account credentials: %w", err)
		}
		secretData[p] = b
	}

	// If no explicit project ID is set, use the one provided to the operator.
	// On GKE the rule-evaluator can also auto-detect the cluster's project
	// but this won't work in other Kubernetes environments.
	queryProjectID, _, _ := resolveLabels(r.opts.ProjectID, r.opts.Location, r.opts.Cluster, spec.ExternalLabels)
	if spec.QueryProjectID != "" {
		queryProjectID = spec.QueryProjectID
	}

	cfg := RuleEvaluatorConfig{
		Config: promconfig.Config{
			GlobalConfig: promconfig.GlobalConfig{
				ExternalLabels: labels.FromMap(spec.ExternalLabels),
			},
			AlertingConfig: promconfig.AlertingConfig{
				AlertmanagerConfigs: amConfigs,
			},
			RuleFiles: []string{path.Join(rulesDir, "*.yaml")},
		},
		GoogleCloud: GoogleCloudConfig{
			Query: &GoogleCloudQueryConfig{
				ProjectID:    queryProjectID,
				GeneratorURL: spec.GeneratorURL,
			},
		},
	}
	if spec.Credentials != nil {
		credentialsFile := path.Join(secretsDir, pathForSelector(r.opts.PublicNamespace, &monitoringv1.SecretOrConfigMap{Secret: spec.Credentials}))
		cfg.GoogleCloud.Query.CredentialsFile = credentialsFile
		cfg.GoogleCloud.Export = &GoogleCloudExportConfig{
			CredentialsFile: ptr.To(credentialsFile),
		}
	}

	cfgEncoded, err := yaml.Marshal(cfg)
	if err != nil {
		return nil, nil, fmt.Errorf("marshal Prometheus config: %w", err)
	}

	// Create rule-evaluator Secret.
	cm := &corev1.ConfigMap{
		ObjectMeta: metav1.ObjectMeta{
			Name:      NameRuleEvaluator,
			Namespace: r.opts.OperatorNamespace,
		},
		Data: map[string]string{
			configFilename: string(cfgEncoded),
		},
	}
	return cm, secretData, nil
}