prosimcorp
diff --git a/‎api/v1alpha1/ruleraction_types.go
Lines changed: 6 additions & 5 deletions b/‎api/v1alpha1/ruleraction_types.go
Lines changed: 6 additions & 5 deletions
diff --git a/‎config/crd/bases/searchruler.prosimcorp.com_ruleractions.yaml
Lines changed: 2 additions & 0 deletions b/‎config/crd/bases/searchruler.prosimcorp.com_ruleractions.yaml
Lines changed: 2 additions & 0 deletions
diff --git a/‎config/samples/searchruler_v1alpha1_ruleraction.yaml
Lines changed: 3 additions & 0 deletions b/‎config/samples/searchruler_v1alpha1_ruleraction.yaml
Lines changed: 3 additions & 0 deletions
diff --git a/‎internal/controller/commons.go
Lines changed: 28 additions & 16 deletions b/‎internal/controller/commons.go
Lines changed: 28 additions & 16 deletions
diff --git a/‎internal/controller/queryconnector_controller.go
Lines changed: 6 additions & 4 deletions b/‎internal/controller/queryconnector_controller.go
Lines changed: 6 additions & 4 deletions
diff --git a/‎internal/controller/queryconnector_sync.go
Lines changed: 10 additions & 1 deletion b/‎internal/controller/queryconnector_sync.go
Lines changed: 10 additions & 1 deletion
diff --git a/‎internal/controller/ruleraction_sync.go
Lines changed: 30 additions & 2 deletions b/‎internal/controller/ruleraction_sync.go
Lines changed: 30 additions & 2 deletions
diff --git a/‎internal/controller/searchrule_controller.go
Lines changed: 6 additions & 3 deletions b/‎internal/controller/searchrule_controller.go
Lines changed: 6 additions & 3 deletions
diff --git a/‎internal/controller/searchrule_status.go
Lines changed: 90 additions & 11 deletions b/‎internal/controller/searchrule_status.go
Lines changed: 90 additions & 11 deletions
@@ -27,11 +27,12 @@ type RulerActionCredentials struct {
 
 // WebHook TODO
 type Webhook struct {
-	Url         string                 `json:"url"`
-	Verb        string                 `json:"verb"`
-	Headers     map[string]string      `json:"headers,omitempty"`
-	Validator   string                 `json:"validator,omitempty"`
-	Credentials RulerActionCredentials `json:"credentials,omitempty"`
+	Url           string                 `json:"url"`
+	Verb          string                 `json:"verb"`
+	Headers       map[string]string      `json:"headers,omitempty"`
+	TlsSkipVerify bool                   `json:"tlsSkipVerify,omitempty"`
+	Validator     string                 `json:"validator,omitempty"`
+	Credentials   RulerActionCredentials `json:"credentials,omitempty"`
 }
 
 // RulerActionSpec defines the desired state of RulerAction.
 
@@ -66,6 +66,8 @@ spec:
                     additionalProperties:
                       type: string
                     type: object
+                  tlsSkipVerify:
+                    type: boolean
                   url:
                     type: string
                   validator:
 
@@ -17,6 +17,9 @@ spec:
     # HTTP method to send the webhook message
     verb: POST
 
+    # Skip certificate verification if the connection is HTTPS
+    tlsSkipVerify: false
+
     # Additional headers if needed for the connection
     headers: {}
 
 
@@ -11,22 +11,34 @@ const (
 	defaultSyncInterval = "1m"
 
 	// Error messages
-	resourceNotFoundError           = "%s '%s' resource not found. Ignoring since object must be deleted."
-	resourceRetrievalError          = "Error getting the %s '%s' from the cluster: %s"
-	resourceTargetsDeleteError      = "Failed to delete targets of %s '%s': %s"
-	resourceFinalizersUpdateError   = "Failed to update finalizer of %s '%s': %s"
-	resourceConditionUpdateError    = "Failed to update the condition on %s '%s': %s"
-	resourceSyncTimeRetrievalError  = "can not get synchronization time from the %s '%s': %s"
-	syncTargetError                 = "can not sync the target for the %s '%s': %s"
-	ValidatorNotFoundErrorMessage   = "validator %s not found"
-	ValidationFailedErrorMessage    = "validation failed: %s"
-	HttpRequestCreationErrorMessage = "error creating http request: %s"
-	HttpRequestSendingErrorMessage  = "error sending http request: %s"
-	AlertFiringInfoMessage          = "alert firing for searchRule with namespaced name  %s/%s"
-	SecretNotFoundErrorMessage      = "error fetching secret %s: %v"
-	MissingCredentialsMessage       = "missing credentials in secret %s"
-	GetRulerActionErrorMessage      = "error getting RulerAction from event: %v"
-	EvaluateTemplateErrorMessage    = "error evaluating template message: %v"
+	resourceNotFoundError                  = "%s '%s' resource not found. Ignoring since object must be deleted."
+	resourceRetrievalError                 = "Error getting the %s '%s' from the cluster: %s"
+	resourceTargetsDeleteError             = "Failed to delete targets of %s '%s': %s"
+	resourceFinalizersUpdateError          = "Failed to update finalizer of %s '%s': %s"
+	resourceConditionUpdateError           = "Failed to update the condition on %s '%s': %s"
+	resourceSyncTimeRetrievalError         = "can not get synchronization time from the %s '%s': %s"
+	syncTargetError                        = "can not sync the target for the %s '%s': %s"
+	ValidatorNotFoundErrorMessage          = "validator %s not found"
+	ValidationFailedErrorMessage           = "validation failed: %s"
+	HttpRequestCreationErrorMessage        = "error creating http request: %s"
+	HttpRequestSendingErrorMessage         = "error sending http request: %s"
+	AlertFiringInfoMessage                 = "alert firing for searchRule with namespaced name %s/%s. Description: %s"
+	SecretNotFoundErrorMessage             = "error fetching secret %s: %v"
+	MissingCredentialsMessage              = "missing credentials in secret %s"
+	GetRulerActionErrorMessage             = "error getting RulerAction from event: %v"
+	EvaluateTemplateErrorMessage           = "error evaluating template message: %v"
+	AlertsPoolErrorMessage                 = "error getting alerts pool: %v"
+	QueryConnectorNotFoundMessage          = "queryConnector %s not found in the resource namespace %s"
+	QueryNotDefinedErrorMessage            = "query not defined in resource %s"
+	QueryDefinedInBothErrorMessage         = "both query and queryJSON are defined in resource %s. Only one of them must be defined"
+	JSONMarshalErrorMessage                = "error marshaling json: %v"
+	ElasticsearchQueryErrorMessage         = "error executing elasticsearch request %s: %v"
+	ResponseBodyReadErrorMessage           = "error reading response body: %v"
+	ElasticsearchQueryResponseErrorMessage = "error response from Elasticsearch executing request %s: %s"
+	ConditionFieldNotFoundMessage          = "conditionField %s not found in the response: %s"
+	EvaluatingConditionErrorMessage        = "error evaluating condition: %v"
+	ForValueParseErrorMessage              = "error parsing `for` time: %v"
+	KubeEventCreationErrorMessage          = "error creating kube event: %v"
 
 	// Finalizer
 	resourceFinalizer = "searchruler.prosimcorp.com/finalizer"
 
@@ -23,6 +23,7 @@ import (
 	"time"
 
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/watch"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
@@ -77,16 +78,17 @@ func (r *QueryConnectorReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 	// 3. Check if the SearchRule instance is marked to be deleted: indicated by the deletion timestamp being set
 	if !QueryConnectorResource.DeletionTimestamp.IsZero() {
 		if controllerutil.ContainsFinalizer(QueryConnectorResource, resourceFinalizer) {
+
+			// 3.1 Delete the resources associated with the QueryConnector
+			err = r.Sync(ctx, watch.Deleted, QueryConnectorResource)
+
 			// Remove the finalizers on Patch CR
 			controllerutil.RemoveFinalizer(QueryConnectorResource, resourceFinalizer)
 			err = r.Update(ctx, QueryConnectorResource)
 			if err != nil {
 				logger.Info(fmt.Sprintf(resourceFinalizersUpdateError, QueryConnectorResourceType, req.NamespacedName, err.Error()))
 			}
 		}
-		// Delete credentials from pool
-		credentialsKey := fmt.Sprintf("%s/%s", QueryConnectorResource.Namespace, QueryConnectorResource.Name)
-		r.CredentialsPool.Delete(credentialsKey)
 
 		result = ctrl.Result{}
 		err = nil
@@ -125,7 +127,7 @@ func (r *QueryConnectorReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 
 	// 7. Sync credentials if defined
 	if !reflect.ValueOf(QueryConnectorResource.Spec.Credentials).IsZero() {
-		err = r.Sync(ctx, QueryConnectorResource)
+		err = r.Sync(ctx, watch.Modified, QueryConnectorResource)
 		if err != nil {
 			r.UpdateConditionKubernetesApiCallFailure(QueryConnectorResource)
 			logger.Info(fmt.Sprintf(syncTargetError, QueryConnectorResourceType, req.NamespacedName, err.Error()))
 
@@ -22,13 +22,22 @@ import (
 
 	v1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/watch"
 	"prosimcorp.com/SearchRuler/api/v1alpha1"
 	"prosimcorp.com/SearchRuler/internal/pools"
 )
 
 // Sync function is used to synchronize the QueryConnector resource with the credentials. Adds the credentials to the
 // credentials pool to be used in SearchRule resources. Just executed when the resource has a secretRef defined.
-func (r *QueryConnectorReconciler) Sync(ctx context.Context, resource *v1alpha1.QueryConnector) (err error) {
+func (r *QueryConnectorReconciler) Sync(ctx context.Context, eventType watch.EventType, resource *v1alpha1.QueryConnector) (err error) {
+
+	// If the eventType is Deleted, remove the credentials from the pool
+	// In other cases get the credentials from the secret and add them to the pool
+	if eventType == watch.Deleted {
+		credentialsKey := fmt.Sprintf("%s/%s", resource.Namespace, resource.Name)
+		r.CredentialsPool.Delete(credentialsKey)
+		return nil
+	}
 
 	// Get credentials for the queryConnector in the secret associated
 	// First get secret with the credentials. The secret must be in the same
 
@@ -19,6 +19,7 @@ package controller
 import (
 	"bytes"
 	"context"
+	"crypto/tls"
 	"fmt"
 	"io"
 	"net/http"
@@ -27,6 +28,7 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"prosimcorp.com/SearchRuler/api/v1alpha1"
+	"prosimcorp.com/SearchRuler/internal/pools"
 	"prosimcorp.com/SearchRuler/internal/template"
 	"prosimcorp.com/SearchRuler/internal/validators"
 	"sigs.k8s.io/controller-runtime/pkg/log"
@@ -72,12 +74,21 @@ func (r *RulerActionReconciler) Sync(ctx context.Context, resource *v1alpha1.Rul
 
 	// Check alert pool for alerts related to this rulerAction
 	// Alerts key pattern: namespace/rulerActionName/searchRuleName
-	alerts := r.AlertsPool.GetByRegex(fmt.Sprintf("%s/%s/*", resource.Namespace, resource.Name))
+	alerts, err := r.getRulerActionAssociatedAlerts(resource)
+	if err != nil {
+		return fmt.Errorf(AlertsPoolErrorMessage, err)
+	}
 
 	// If there are alerts for the rulerAction, initialice the HTTP client
 	if len(alerts) > 0 {
 		// Create the HTTP client
-		httpClient := &http.Client{}
+		httpClient := &http.Client{
+			Transport: &http.Transport{
+				TLSClientConfig: &tls.Config{
+					InsecureSkipVerify: resource.Spec.Webhook.TlsSkipVerify,
+				},
+			},
+		}
 
 		// Create the request with the configured verb and URL
 		httpRequest, err := http.NewRequest(resource.Spec.Webhook.Verb, resource.Spec.Webhook.Url, nil)
@@ -104,6 +115,7 @@ func (r *RulerActionReconciler) Sync(ctx context.Context, resource *v1alpha1.Rul
 			logger.Info(fmt.Sprintf(
 				AlertFiringInfoMessage,
 				alert.SearchRule.Namespace,
+				alert.SearchRule.Name,
 				alert.SearchRule.Spec.Description,
 			))
 
@@ -214,3 +226,19 @@ func (r *RulerActionReconciler) GetEventRuleAction(ctx context.Context, namespac
 
 	return ruleAction, nil
 }
+
+// getRulerActionAssociatedAlerts returns all alerts associated with the RulerAction
+func (r *RulerActionReconciler) getRulerActionAssociatedAlerts(resource *v1alpha1.RulerAction) (alerts []*pools.Alert, err error) {
+
+	// Get all alerts from the AlertsPool
+	alertsPool := r.AlertsPool.GetAll()
+
+	// Iterate over the alerts in the pool and check if the alert is associated with the RulerAction
+	for _, alert := range alertsPool {
+		if alert.RulerActionName == resource.Name {
+			alerts = append(alerts, alert)
+		}
+	}
+
+	return alerts, nil
+}
@@ -22,6 +22,7 @@ import (
 	"time"
 
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/watch"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
@@ -78,15 +79,17 @@ func (r *SearchRuleReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 	// 3. Check if the SearchRule instance is marked to be deleted: indicated by the deletion timestamp being set
 	if !searchRuleResource.DeletionTimestamp.IsZero() {
 		if controllerutil.ContainsFinalizer(searchRuleResource, resourceFinalizer) {
+
+			// 3.1 Delete the resources associated with the SearchRule
+			err = r.Sync(ctx, watch.Deleted, searchRuleResource)
+
 			// Remove the finalizers on Patch CR
 			controllerutil.RemoveFinalizer(searchRuleResource, resourceFinalizer)
 			err = r.Update(ctx, searchRuleResource)
 			if err != nil {
 				logger.Info(fmt.Sprintf(resourceFinalizersUpdateError, SearchRuleResourceType, req.NamespacedName, err.Error()))
 			}
 		}
-		// Delete credentials from pool
-		r.RulesPool.Delete(fmt.Sprintf("%s/%s", searchRuleResource.Namespace, searchRuleResource.Name))
 
 		result = ctrl.Result{}
 		err = nil
@@ -121,7 +124,7 @@ func (r *SearchRuleReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 	}
 
 	// 7. Check the rule
-	err = r.Sync(ctx, searchRuleResource)
+	err = r.Sync(ctx, watch.Modified, searchRuleResource)
 	if err != nil {
 		r.UpdateConditionKubernetesApiCallFailure(searchRuleResource)
 		logger.Info(fmt.Sprintf(syncTargetError, SearchRuleResourceType, req.NamespacedName, err.Error()))
 
@@ -1,3 +1,19 @@
+/*
+Copyright 2024.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
 package controller
 
 import (
@@ -7,38 +23,101 @@ import (
 	v1alpha1 "prosimcorp.com/SearchRuler/api/v1alpha1"
 )
 
-func (r *SearchRuleReconciler) UpdateConditionSuccess(searchRule *v1alpha1.SearchRule) {
+// UpdateConditionSuccess updates the status of the SearchRule resource with a success condition
+func (r *SearchRuleReconciler) UpdateConditionSuccess(SearchRule *v1alpha1.SearchRule) {
 
-	//
+	// Create the new condition with the success status
 	condition := globals.NewCondition(globals.ConditionTypeResourceSynced, metav1.ConditionTrue,
 		globals.ConditionReasonTargetSynced, globals.ConditionReasonTargetSyncedMessage)
 
-	globals.UpdateCondition(&searchRule.Status.Conditions, condition)
+	// Update the status of the SearchRule resource
+	globals.UpdateCondition(&SearchRule.Status.Conditions, condition)
 }
 
-func (r *SearchRuleReconciler) UpdateConditionKubernetesApiCallFailure(searchRule *v1alpha1.SearchRule) {
+// UpdateConditionKubernetesApiCallFailure updates the status of the SearchRule resource with a failure condition
+func (r *SearchRuleReconciler) UpdateConditionKubernetesApiCallFailure(SearchRule *v1alpha1.SearchRule) {
 
-	//
+	// Create the new condition with the failure status
 	condition := globals.NewCondition(globals.ConditionTypeResourceSynced, metav1.ConditionTrue,
 		globals.ConditionReasonKubernetesApiCallErrorType, globals.ConditionReasonKubernetesApiCallErrorMessage)
 
+	// Update the status of the SearchRule resource
+	globals.UpdateCondition(&SearchRule.Status.Conditions, condition)
+}
+
+// Note: No state status means no alert fired never for this rule
+// UpdateConditionNoCredsFound updates the status of the SearchRule resource with alert firing condition
+func (r *SearchRuleReconciler) UpdateConditionAlertFiring(searchRule *v1alpha1.SearchRule) {
+
+	// Create the new condition with the alert firing status
+	condition := globals.NewCondition(globals.ConditionTypeState, metav1.ConditionTrue,
+		globals.ConditionReasonAlertFiring, globals.ConditionReasonAlertFiringMessage)
+
+	// Update the status of the SearchRule resource
 	globals.UpdateCondition(&searchRule.Status.Conditions, condition)
 }
 
-func (r *SearchRuleReconciler) UpdateConditionAlertFiring(searchRule *v1alpha1.SearchRule, conditionReasonAlertFiringMessage string) {
+// UpdateConditionNoCredsFound updates the status of the SearchRule resource with alert resolved condition
+func (r *SearchRuleReconciler) UpdateConditionAlertResolved(searchRule *v1alpha1.SearchRule) {
 
-	//
+	// Create the new condition with the alert resolved status
 	condition := globals.NewCondition(globals.ConditionTypeState, metav1.ConditionTrue,
-		globals.ConditionReasonAlertFiring, conditionReasonAlertFiringMessage)
+		globals.ConditionReasonAlertResolved, globals.ConditionReasonAlertResolvedMessage)
 
+	// Update the status of the SearchRule resource
 	globals.UpdateCondition(&searchRule.Status.Conditions, condition)
 }
 
-func (r *SearchRuleReconciler) UpdateConditionAlertResolved(searchRule *v1alpha1.SearchRule, conditionReasonAlertResolvedMessage string) {
+// UpdateConditionConnectionError updates the status of the SearchRule resource with a QueryConnector not found condition
+func (r *SearchRuleReconciler) UpdateConditionQueryConnectorNotFound(searchRule *v1alpha1.SearchRule) {
 
-	//
+	// Create the new condition with the alert firing status
 	condition := globals.NewCondition(globals.ConditionTypeState, metav1.ConditionTrue,
-		globals.ConditionReasonAlertResolved, conditionReasonAlertResolvedMessage)
+		globals.ConditionReasonQueryConnectorNotFoundType, globals.ConditionReasonQueryConnectorNotFoundMessage)
 
+	// Update the status of the SearchRule resource
 	globals.UpdateCondition(&searchRule.Status.Conditions, condition)
 }
+
+// UpdateConditionNoCredsFound updates the status of the SearchRule resource with a NoCreds condition
+func (r *SearchRuleReconciler) UpdateConditionNoCredsFound(SearchRule *v1alpha1.SearchRule) {
+
+	// Create the new condition with the success status
+	condition := globals.NewCondition(globals.ConditionTypeState, metav1.ConditionTrue,
+		globals.ConditionReasonNoCredsFoundType, globals.ConditionReasonNoCredsFoundMessage)
+
+	// Update the status of the SearchRule resource
+	globals.UpdateCondition(&SearchRule.Status.Conditions, condition)
+}
+
+func (r *SearchRuleReconciler) UpdateConditionNoQueryFound(SearchRule *v1alpha1.SearchRule) {
+
+	// Create the new condition with the success status
+	condition := globals.NewCondition(globals.ConditionTypeState, metav1.ConditionTrue,
+		globals.ConditionReasonNoQueryFoundType, globals.ConditionReasonNoQueryFoundMessage)
+
+	// Update the status of the SearchRule resource
+	globals.UpdateCondition(&SearchRule.Status.Conditions, condition)
+}
+
+// UpdateConditionConnectionError updates the status of the SearchRule resource with a ConnectionError condition
+func (r *SearchRuleReconciler) UpdateConditionConnectionError(SearchRule *v1alpha1.SearchRule) {
+
+	// Create the new condition with the failure status
+	condition := globals.NewCondition(globals.ConditionTypeState, metav1.ConditionTrue,
+		globals.ConditionReasonConnectionErrorType, globals.ConditionReasonConnectionErrorMessage)
+
+	// Update the status of the SearchRule resource
+	globals.UpdateCondition(&SearchRule.Status.Conditions, condition)
+}
+
+// UpdateConditionEvaluateTemplateError updates the status of the SearchRule resource with a QueryError condition
+func (r *SearchRuleReconciler) UpdateConditionQueryError(SearchRule *v1alpha1.SearchRule) {
+
+	// Create the new condition with the failure status
+	condition := globals.NewCondition(globals.ConditionTypeState, metav1.ConditionTrue,
+		globals.ConditionReasonQueryErrorType, globals.ConditionReasonQueryErrorMessage)
+
+	// Update the status of the SearchRule resource
+	globals.UpdateCondition(&SearchRule.Status.Conditions, condition)
+}