From 1e2ed4eb310deceb60f8abfdb4f9d4532bf881dd Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 10:50:41 -0800 Subject: [PATCH 01/13] liveness probe fix --- .pipelines/azure-pipeline-build.yml | 1 + .../build/windows/scripts/livenessprobe.cmd | 26 +++++++++---------- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/.pipelines/azure-pipeline-build.yml b/.pipelines/azure-pipeline-build.yml index 430e27d86..24b6815e2 100644 --- a/.pipelines/azure-pipeline-build.yml +++ b/.pipelines/azure-pipeline-build.yml @@ -2,6 +2,7 @@ trigger: branches: include: - main + - grace/win-liveness pr: autoCancel: true diff --git a/otelcollector/build/windows/scripts/livenessprobe.cmd b/otelcollector/build/windows/scripts/livenessprobe.cmd index eaf493d3f..4104f54a5 100644 --- a/otelcollector/build/windows/scripts/livenessprobe.cmd +++ b/otelcollector/build/windows/scripts/livenessprobe.cmd @@ -12,9 +12,9 @@ set /a durationInMinutes = -1 if "%MAC%" == "" ( rem Non-MAC mode tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension > nul - if errorlevel 1 ( + if %ERRORLEVEL% NEQ 0 ( echo "Metrics Extension is not running (Non-MAC mode)" - exit /b 1 + exit /B 1 ) ) else ( if "%MAC%" == "true" ( @@ -38,14 +38,14 @@ if "%MAC%" == "" ( ) ) else ( tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension > nul - if errorlevel 1 ( + if %ERRORLEVEL% NEQ 0 ( echo "Metrics Extension is not running (configuration exists)" - exit /b 1 + exit /B 1 ) tasklist /fi "imagename eq MonAgentLauncher.exe" /fo "table" | findstr MonAgentLauncher > nul - if errorlevel 1 ( + if %ERRORLEVEL% NEQ 0 ( echo "MonAgentLauncher is not running (configuration exists)" - exit /b 1 + exit /B 1 ) ) ) @@ -53,29 +53,29 @@ if "%MAC%" == "" ( @REM "Checking if fluent-bit is running" tasklist /fi "imagename eq fluent-bit.exe" /fo "table" | findstr fluent-bit -if errorlevel 1 ( +if %ERRORLEVEL% NEQ 0 ( echo "Fluent-Bit is not running" - exit /b 1 + exit /B 1 ) @REM "Checking if config map has been updated since agent start" if exist "C:\opt\microsoft\scripts\filesystemwatcher.txt" ( echo "Config Map Updated or DCR/DCE updated since agent started" - exit /b 1 + exit /b 1 ) @REM REM "Checking if Telegraf is running" tasklist /fi "imagename eq telegraf.exe" /fo "table" | findstr telegraf -if errorlevel 1 ( +if %ERRORLEVEL% NEQ 0 ( echo "Telegraf is not running" - exit /b 1 + exit /B 1 ) @REM REM "Checking if otelcollector is running" tasklist /fi "imagename eq otelcollector.exe" /fo "table" | findstr otelcollector -if errorlevel 1 ( +if %ERRORLEVEL% NEQ 0 ( echo "otelcollector is not running" - exit /b 1 + exit /B 1 ) endlocal From a7e6bfcb25f488cdf1fae69add55cf43c834cee4 Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 10:52:11 -0800 Subject: [PATCH 02/13] remove branch --- .pipelines/azure-pipeline-build.yml | 1 - otelcollector/build/windows/scripts/livenessprobe.cmd | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.pipelines/azure-pipeline-build.yml b/.pipelines/azure-pipeline-build.yml index 24b6815e2..430e27d86 100644 --- a/.pipelines/azure-pipeline-build.yml +++ b/.pipelines/azure-pipeline-build.yml @@ -2,7 +2,6 @@ trigger: branches: include: - main - - grace/win-liveness pr: autoCancel: true diff --git a/otelcollector/build/windows/scripts/livenessprobe.cmd b/otelcollector/build/windows/scripts/livenessprobe.cmd index 4104f54a5..2a2cd181e 100644 --- a/otelcollector/build/windows/scripts/livenessprobe.cmd +++ b/otelcollector/build/windows/scripts/livenessprobe.cmd @@ -61,7 +61,7 @@ if %ERRORLEVEL% NEQ 0 ( @REM "Checking if config map has been updated since agent start" if exist "C:\opt\microsoft\scripts\filesystemwatcher.txt" ( echo "Config Map Updated or DCR/DCE updated since agent started" - exit /b 1 + exit /b 1 ) @REM REM "Checking if Telegraf is running" From 23d2d99858791c41910e4c90bf6d207ea617c62b Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 10:54:57 -0800 Subject: [PATCH 03/13] update /B everywhere --- otelcollector/build/windows/scripts/livenessprobe.cmd | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/otelcollector/build/windows/scripts/livenessprobe.cmd b/otelcollector/build/windows/scripts/livenessprobe.cmd index 2a2cd181e..61fce800f 100644 --- a/otelcollector/build/windows/scripts/livenessprobe.cmd +++ b/otelcollector/build/windows/scripts/livenessprobe.cmd @@ -33,7 +33,7 @@ if "%MAC%" == "" ( ) if !durationInMinutes! GTR 15 ( echo "Greater than 15 mins, No configuration present for the AKS resource" - exit /b 1 + exit /B 1 ) ) ) else ( @@ -61,7 +61,7 @@ if %ERRORLEVEL% NEQ 0 ( @REM "Checking if config map has been updated since agent start" if exist "C:\opt\microsoft\scripts\filesystemwatcher.txt" ( echo "Config Map Updated or DCR/DCE updated since agent started" - exit /b 1 + exit /B 1 ) @REM REM "Checking if Telegraf is running" @@ -80,4 +80,4 @@ if %ERRORLEVEL% NEQ 0 ( endlocal -exit /b 0 +exit /B 0 From 68f32e8b1cab37421713812808460b05cd3e284f Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 10:59:17 -0800 Subject: [PATCH 04/13] version and release notes --- RELEASENOTES.md | 5 ++++- otelcollector/VERSION | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/RELEASENOTES.md b/RELEASENOTES.md index 42f473ccf..db27c8c33 100644 --- a/RELEASENOTES.md +++ b/RELEASENOTES.md @@ -1,6 +1,9 @@ # Azure Monitor Metrics for AKS clusters -## Pending +## Release 11-16-2023 +* Windows image - `mcr.microsoft.com/azuremonitor/containerinsights/ciprod/prometheus-collector/images:6.8.2-main--win +* Change log - + * Fix Windows liveness probe for error level evaluation ## Release 11-03-2023 * Linux image - `mcr.microsoft.com/azuremonitor/containerinsights/ciprod/prometheus-collector/images:6.8.1-main-` diff --git a/otelcollector/VERSION b/otelcollector/VERSION index 5f6c0863a..166d79d6d 100644 --- a/otelcollector/VERSION +++ b/otelcollector/VERSION @@ -1 +1 @@ -6.8.1 +6.8.2 From 14610bf0b60e4c8a790b4361ebb72e33bd916fe1 Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 14:13:17 -0800 Subject: [PATCH 05/13] cves --- .trivyignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.trivyignore b/.trivyignore index f079692fd..79cd6c4a1 100644 --- a/.trivyignore +++ b/.trivyignore @@ -7,10 +7,12 @@ # =========== HIGH ================ # HIGH - otelcollector GHSA-m425-mq94-257g +CVE-2023-47108 # HIGH - telegraf GHSA-fr2g-9hjm-wr23 # HIGH - promconfigvalidator GHSA-m425-mq94-257g +CVE-2023-47108 # HIGH - telegraf GHSA-m425-mq94-257g CVE-2023-47090 From 5f239c364377adf78a6622079b69bf027525ceac Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 17:56:12 -0800 Subject: [PATCH 06/13] get build with eof --- .pipelines/azure-pipeline-build.yml | 13 ++++--------- .../build/windows/scripts/livenessprobe.cmd | 9 ++++++--- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/.pipelines/azure-pipeline-build.yml b/.pipelines/azure-pipeline-build.yml index 430e27d86..e7118deb9 100644 --- a/.pipelines/azure-pipeline-build.yml +++ b/.pipelines/azure-pipeline-build.yml @@ -2,6 +2,7 @@ trigger: branches: include: - main + - grace/win-liveness pr: autoCancel: true @@ -1005,22 +1006,16 @@ jobs: echo $(MCR_REGISTRY)$(MCR_REPOSITORY_HELM):$(IMAGE_TAG) output1=$(curl -s https://$(MCR_REGISTRY)/v2$(MCR_REPOSITORY)/tags/list) - output2=$(curl -s https://$(MCR_REGISTRY)/v2$(MCR_REPOSITORY_HELM)/tags/list) - if (echo $output1 | grep $(IMAGE_TAG_WINDOWS)) && (echo $output2 | grep $(IMAGE_TAG)) + if (echo $output1 | grep $(IMAGE_TAG_WINDOWS)) && (echo $output1 | grep $(IMAGE_TAG)) then - echo "Images and chart are published to mcr" + echo "Images are published to mcr" exit 0 fi done - echo "Images and chart are not published to mcr within 5 minutes" + echo "Images are not published to mcr within 5 minutes" exit 1 displayName: "Check images are pushed to dev MCR" - - bash: | - helm pull oci://$(MCR_REGISTRY)$(MCR_REPOSITORY_HELM) --version $(HELM_SEMVER) - workingDirectory: $(Build.StagingDirectory) - displayName: "Pull helm chart from dev MCR" - - bash: | export AKS_REGION="eastus" export AKS_RESOURCE_ID="/subscriptions/9b96ebbd-c57a-42d1-bbe9-b69296e4c7fb/resourceGroups/ci-dev-aks-mac-eus-rg/providers/Microsoft.ContainerService/managedClusters/ci-dev-aks-mac-eus" diff --git a/otelcollector/build/windows/scripts/livenessprobe.cmd b/otelcollector/build/windows/scripts/livenessprobe.cmd index 61fce800f..58fafe31d 100644 --- a/otelcollector/build/windows/scripts/livenessprobe.cmd +++ b/otelcollector/build/windows/scripts/livenessprobe.cmd @@ -33,19 +33,19 @@ if "%MAC%" == "" ( ) if !durationInMinutes! GTR 15 ( echo "Greater than 15 mins, No configuration present for the AKS resource" - exit /B 1 + Goto :eof ) ) ) else ( tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension > nul if %ERRORLEVEL% NEQ 0 ( echo "Metrics Extension is not running (configuration exists)" - exit /B 1 + Goto :eof ) tasklist /fi "imagename eq MonAgentLauncher.exe" /fo "table" | findstr MonAgentLauncher > nul if %ERRORLEVEL% NEQ 0 ( echo "MonAgentLauncher is not running (configuration exists)" - exit /B 1 + Goto :eof ) ) ) @@ -81,3 +81,6 @@ if %ERRORLEVEL% NEQ 0 ( endlocal exit /B 0 + +:eof +exit /B 1 \ No newline at end of file From b3fac9ef9e571cf4989b367cfffc4939eee25a91 Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 17:57:19 -0800 Subject: [PATCH 07/13] remove null --- otelcollector/build/windows/scripts/livenessprobe.cmd | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/otelcollector/build/windows/scripts/livenessprobe.cmd b/otelcollector/build/windows/scripts/livenessprobe.cmd index 58fafe31d..7f67fff20 100644 --- a/otelcollector/build/windows/scripts/livenessprobe.cmd +++ b/otelcollector/build/windows/scripts/livenessprobe.cmd @@ -37,12 +37,12 @@ if "%MAC%" == "" ( ) ) ) else ( - tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension > nul + tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension if %ERRORLEVEL% NEQ 0 ( echo "Metrics Extension is not running (configuration exists)" Goto :eof ) - tasklist /fi "imagename eq MonAgentLauncher.exe" /fo "table" | findstr MonAgentLauncher > nul + tasklist /fi "imagename eq MonAgentLauncher.exe" /fo "table" | findstr MonAgentLauncher if %ERRORLEVEL% NEQ 0 ( echo "MonAgentLauncher is not running (configuration exists)" Goto :eof From 8350f4bf21ecfec476999396e0936e002743bf1f Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 18:04:56 -0800 Subject: [PATCH 08/13] fix syntax --- otelcollector/build/windows/scripts/livenessprobe.cmd | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/otelcollector/build/windows/scripts/livenessprobe.cmd b/otelcollector/build/windows/scripts/livenessprobe.cmd index 7f67fff20..d8862134f 100644 --- a/otelcollector/build/windows/scripts/livenessprobe.cmd +++ b/otelcollector/build/windows/scripts/livenessprobe.cmd @@ -33,19 +33,19 @@ if "%MAC%" == "" ( ) if !durationInMinutes! GTR 15 ( echo "Greater than 15 mins, No configuration present for the AKS resource" - Goto :eof + goto eof ) ) ) else ( - tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension + tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension > nul if %ERRORLEVEL% NEQ 0 ( echo "Metrics Extension is not running (configuration exists)" - Goto :eof + goto eof ) - tasklist /fi "imagename eq MonAgentLauncher.exe" /fo "table" | findstr MonAgentLauncher + tasklist /fi "imagename eq MonAgentLauncher.exe" /fo "table" | findstr MonAgentLauncher > nul if %ERRORLEVEL% NEQ 0 ( echo "MonAgentLauncher is not running (configuration exists)" - Goto :eof + goto eof ) ) ) From 158c1aa7a73574dfe7c91a90af6e478059b3043f Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 18:25:50 -0800 Subject: [PATCH 09/13] use ! --- .../build/windows/scripts/livenessprobe.cmd | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/otelcollector/build/windows/scripts/livenessprobe.cmd b/otelcollector/build/windows/scripts/livenessprobe.cmd index d8862134f..ab9e0018f 100644 --- a/otelcollector/build/windows/scripts/livenessprobe.cmd +++ b/otelcollector/build/windows/scripts/livenessprobe.cmd @@ -12,7 +12,7 @@ set /a durationInMinutes = -1 if "%MAC%" == "" ( rem Non-MAC mode tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension > nul - if %ERRORLEVEL% NEQ 0 ( + if !ERRORLEVEL! NEQ 0 ( echo "Metrics Extension is not running (Non-MAC mode)" exit /B 1 ) @@ -33,19 +33,19 @@ if "%MAC%" == "" ( ) if !durationInMinutes! GTR 15 ( echo "Greater than 15 mins, No configuration present for the AKS resource" - goto eof + exit /B 1 ) ) ) else ( tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension > nul - if %ERRORLEVEL% NEQ 0 ( + if !ERRORLEVEL! NEQ 0 ( echo "Metrics Extension is not running (configuration exists)" - goto eof + exit /B 1 ) tasklist /fi "imagename eq MonAgentLauncher.exe" /fo "table" | findstr MonAgentLauncher > nul - if %ERRORLEVEL% NEQ 0 ( + if !ERRORLEVEL! NEQ 0 ( echo "MonAgentLauncher is not running (configuration exists)" - goto eof + exit /B 1 ) ) ) @@ -81,6 +81,3 @@ if %ERRORLEVEL% NEQ 0 ( endlocal exit /B 0 - -:eof -exit /B 1 \ No newline at end of file From aef17eae48f29584f0cbcdbe5ac0131cfb5a1e9b Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 18:27:42 -0800 Subject: [PATCH 10/13] remove branch --- .pipelines/azure-pipeline-build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.pipelines/azure-pipeline-build.yml b/.pipelines/azure-pipeline-build.yml index e7118deb9..424b705c4 100644 --- a/.pipelines/azure-pipeline-build.yml +++ b/.pipelines/azure-pipeline-build.yml @@ -2,7 +2,6 @@ trigger: branches: include: - main - - grace/win-liveness pr: autoCancel: true From d3c786f4b5c8832fbadcb2628fdc676f9f87d90e Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Thu, 16 Nov 2023 18:37:52 -0800 Subject: [PATCH 11/13] remove changes --- .pipelines/azure-pipeline-build.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/.pipelines/azure-pipeline-build.yml b/.pipelines/azure-pipeline-build.yml index 424b705c4..430e27d86 100644 --- a/.pipelines/azure-pipeline-build.yml +++ b/.pipelines/azure-pipeline-build.yml @@ -1005,16 +1005,22 @@ jobs: echo $(MCR_REGISTRY)$(MCR_REPOSITORY_HELM):$(IMAGE_TAG) output1=$(curl -s https://$(MCR_REGISTRY)/v2$(MCR_REPOSITORY)/tags/list) - if (echo $output1 | grep $(IMAGE_TAG_WINDOWS)) && (echo $output1 | grep $(IMAGE_TAG)) + output2=$(curl -s https://$(MCR_REGISTRY)/v2$(MCR_REPOSITORY_HELM)/tags/list) + if (echo $output1 | grep $(IMAGE_TAG_WINDOWS)) && (echo $output2 | grep $(IMAGE_TAG)) then - echo "Images are published to mcr" + echo "Images and chart are published to mcr" exit 0 fi done - echo "Images are not published to mcr within 5 minutes" + echo "Images and chart are not published to mcr within 5 minutes" exit 1 displayName: "Check images are pushed to dev MCR" + - bash: | + helm pull oci://$(MCR_REGISTRY)$(MCR_REPOSITORY_HELM) --version $(HELM_SEMVER) + workingDirectory: $(Build.StagingDirectory) + displayName: "Pull helm chart from dev MCR" + - bash: | export AKS_REGION="eastus" export AKS_RESOURCE_ID="/subscriptions/9b96ebbd-c57a-42d1-bbe9-b69296e4c7fb/resourceGroups/ci-dev-aks-mac-eus-rg/providers/Microsoft.ContainerService/managedClusters/ci-dev-aks-mac-eus" From 32b2881b42f35ed70fe5d2ce0b95fbdf6f2516e6 Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Fri, 17 Nov 2023 10:40:32 -0800 Subject: [PATCH 12/13] add in goto --- otelcollector/build/windows/scripts/livenessprobe.cmd | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/otelcollector/build/windows/scripts/livenessprobe.cmd b/otelcollector/build/windows/scripts/livenessprobe.cmd index ab9e0018f..d07c4d2f8 100644 --- a/otelcollector/build/windows/scripts/livenessprobe.cmd +++ b/otelcollector/build/windows/scripts/livenessprobe.cmd @@ -33,19 +33,19 @@ if "%MAC%" == "" ( ) if !durationInMinutes! GTR 15 ( echo "Greater than 15 mins, No configuration present for the AKS resource" - exit /B 1 + goto eof ) ) ) else ( tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension > nul if !ERRORLEVEL! NEQ 0 ( echo "Metrics Extension is not running (configuration exists)" - exit /B 1 + goto eof ) tasklist /fi "imagename eq MonAgentLauncher.exe" /fo "table" | findstr MonAgentLauncher > nul if !ERRORLEVEL! NEQ 0 ( echo "MonAgentLauncher is not running (configuration exists)" - exit /B 1 + goto eof ) ) ) @@ -81,3 +81,6 @@ if %ERRORLEVEL% NEQ 0 ( endlocal exit /B 0 + +:eof +exit /B 1 \ No newline at end of file From 97da610745eaa8e6f04aa52cc02595d0ff27dfed Mon Sep 17 00:00:00 2001 From: Grace Wehner Date: Fri, 17 Nov 2023 10:54:22 -0800 Subject: [PATCH 13/13] add another goto --- otelcollector/build/windows/scripts/livenessprobe.cmd | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/otelcollector/build/windows/scripts/livenessprobe.cmd b/otelcollector/build/windows/scripts/livenessprobe.cmd index d07c4d2f8..a585f57da 100644 --- a/otelcollector/build/windows/scripts/livenessprobe.cmd +++ b/otelcollector/build/windows/scripts/livenessprobe.cmd @@ -14,7 +14,7 @@ if "%MAC%" == "" ( tasklist /fi "imagename eq MetricsExtension.Native.exe" /fo "table" | findstr MetricsExtension > nul if !ERRORLEVEL! NEQ 0 ( echo "Metrics Extension is not running (Non-MAC mode)" - exit /B 1 + goto eof ) ) else ( if "%MAC%" == "true" ( @@ -83,4 +83,4 @@ endlocal exit /B 0 :eof -exit /B 1 \ No newline at end of file +exit /B 1