Merge pull request #8 from metalbear-co/big-change

Big change

Author: vladrbg

README.md

@@ -239,3 +239,4 @@ task postgres:clean:gcp       # Clean up
 task postgres:deploy:gcp
 task postgres:run:local:gcp
 ```
+

Taskfile.yml

@@ -24,6 +24,9 @@ includes:
   multicluster:
     taskfile: ./tasks/Taskfile.multicluster.yml
     dir: ./tasks
+  eks:
+    taskfile: ./tasks/Taskfile.eks.yml
+    dir: ./tasks
 
 vars:
   ROOT_DIR:
@@ -50,7 +53,7 @@ tasks:
   license:create:secret:
     desc: Create license secret in cluster
     vars:
-      LICENSE_FILE: "{{.LICENSE_FILE | default .SCRIPTS_DIR}}/company-license.pem"
+      LICENSE_FILE: "{{.SCRIPTS_DIR}}/company-license.pem"
     preconditions:
       - sh: test -f {{.LICENSE_FILE}}
         msg: "License file not found. Run 'task license:generate' first"
@@ -60,15 +63,15 @@ tasks:
   build:operator:
     desc: Build operator image
     cmds:
-      - cd {{.OPERATOR_DIR}}/.. && {{.CONTAINER_RUNTIME}} build -f operator/Dockerfile -t {{.OPERATOR_IMAGE}}  --build-arg OPERATOR_LICENSE_ISSUER_PUBLIC_KEY="$(cat {{.SCRIPTS_DIR}}/license-issuer.pem)" operator
+      - cd {{.OPERATOR_DIR}}/.. && {{.CONTAINER_RUNTIME}} build --provenance=false -f operator/Dockerfile -t {{.OPERATOR_IMAGE}}  --build-arg OPERATOR_LICENSE_ISSUER_PUBLIC_KEY="$(cat {{.SCRIPTS_DIR}}/license-issuer.pem)" operator
       - task: operator:image:load
 
   build:operator:nocache:
     desc: Build operator without any cache (clears sccache + Docker layers)
     cmds:
       - echo "Clearing sccache and target cache mounts..."
       - docker builder prune --filter type=exec.cachemount --force || true
-      - cd {{.OPERATOR_DIR}}/.. && {{.CONTAINER_RUNTIME}} build --no-cache -f operator/Dockerfile -t {{.OPERATOR_IMAGE}} --build-arg OPERATOR_LICENSE_ISSUER_PUBLIC_KEY="$(cat {{.SCRIPTS_DIR}}/license-issuer.pem)" operator
+      - cd {{.OPERATOR_DIR}}/.. && {{.CONTAINER_RUNTIME}} build --provenance=false --no-cache -f operator/Dockerfile -t {{.OPERATOR_IMAGE}} --build-arg OPERATOR_LICENSE_ISSUER_PUBLIC_KEY="$(cat {{.SCRIPTS_DIR}}/license-issuer.pem)" operator
       - task: operator:image:load
 
   build:operator:gcs:
@@ -86,7 +89,7 @@ tasks:
         msg: "GCS_BUCKET required"
     cmds:
       - |
-        cd {{.OPERATOR_DIR}}/.. && docker build -f operator/Dockerfile -t {{.OPERATOR_IMAGE}} \
+        cd {{.OPERATOR_DIR}}/.. && docker build --provenance=false -f operator/Dockerfile -t {{.OPERATOR_IMAGE}} \
           --secret id=gcp_credentials,src={{.GCS_CREDENTIALS_FILE}} \
           --build-arg OPERATOR_LICENSE_ISSUER_PUBLIC_KEY="$(cat {{.SCRIPTS_DIR}}/license-issuer.pem)" \
           --build-arg GCS_BUCKET={{.GCS_BUCKET}} \
@@ -113,7 +116,7 @@ tasks:
         msg: "Custom issuer file not found"
     cmds:
       - |
-        cd {{.OPERATOR_DIR}}/.. && docker build -f operator/Dockerfile -t {{.OPERATOR_IMAGE}} \
+        cd {{.OPERATOR_DIR}}/.. && docker build --provenance=false -f operator/Dockerfile -t {{.OPERATOR_IMAGE}} \
           --secret id=gcp_credentials,src={{.GCS_CREDENTIALS_FILE}} \
           --build-arg OPERATOR_LICENSE_ISSUER_PUBLIC_KEY="$(cat {{.CUSTOM_ISSUER_FILE}})" \
           --build-arg GCS_BUCKET={{.GCS_BUCKET}} \
@@ -145,41 +148,41 @@ tasks:
           --build-arg GCS_PATH_PREFIX={{.MIRRORD_AGENT_GCS_PREFIX}} \
           .
       - task: mirrord:agent:image:load
-        vars: {AGENT_IMAGE: '{{.AGENT_IMAGE}}'}
+        vars: { AGENT_IMAGE: "{{.AGENT_IMAGE}}" }
 
   build:app:sqs:
     desc: Build SQS consumer app
     dir: "{{.ROOT_DIR}}/apps/sqs-consumer"
     cmds:
-      - '{{.CONTAINER_RUNTIME}} build -t sqs-consumer:local .'
+      - "{{.CONTAINER_RUNTIME}} build -t sqs-consumer:local ."
       - minikube -p {{.CLUSTER_NAME}} image load sqs-consumer:local
 
   build:app:kafka:
     desc: Build Kafka consumer app
     dir: "{{.ROOT_DIR}}/apps/kafka-consumer"
     cmds:
-      - '{{.CONTAINER_RUNTIME}} build -t kafka-consumer:local .'
+      - "{{.CONTAINER_RUNTIME}} build -t kafka-consumer:local ."
       - minikube -p {{.CLUSTER_NAME}} image load kafka-consumer:local
 
   build:app:mysql:
     desc: Build MySQL app
     dir: "{{.ROOT_DIR}}/apps/mysql-app"
     cmds:
-      - '{{.CONTAINER_RUNTIME}} build -t mysql-app:local .'
+      - "{{.CONTAINER_RUNTIME}} build -t mysql-app:local ."
       - minikube -p {{.CLUSTER_NAME}} image load mysql-app:local
 
   build:app:postgres:
     desc: Build PostgreSQL app
     dir: "{{.ROOT_DIR}}/apps/postgres-app"
     cmds:
-      - '{{.CONTAINER_RUNTIME}} build -t postgres-app:local .'
+      - "{{.CONTAINER_RUNTIME}} build -t postgres-app:local ."
       - minikube -p {{.CLUSTER_NAME}} image load postgres-app:local
 
   build:app:mongodb:
     desc: Build MongoDB app
     dir: "{{.ROOT_DIR}}/apps/mongodb-app"
     cmds:
-      - '{{.CONTAINER_RUNTIME}} build -t mongodb-app:local .'
+      - "{{.CONTAINER_RUNTIME}} build -t mongodb-app:local ."
       - minikube -p {{.CLUSTER_NAME}} image load mongodb-app:local
 
   build:apps:
@@ -348,20 +351,14 @@ tasks:
         echo "Press Ctrl+C to stop port-forward"
         wait $PF_PID
 
-  logs:operator:
-    desc: Query operator logs from Loki
-    cmds:
-      - |
-        echo "=== Operator Logs ==="
-        echo "Query: {namespace=\"mirrord\", app=\"mirrord-operator\"}"
-        kubectl logs -n mirrord -l app=mirrord-operator --tail=100 -f
-
   operator:install:
     desc: Install operator with custom image
     deps: [infra:all, build:operator]
     cmds:
       - helm upgrade --install mirrord-operator {{.CHARTS_DIR}} --namespace mirrord --create-namespace -f {{.ROOT_DIR}}/operator-values.yaml
       - task: license:create:secret
+      # Force pod restart to pick up the new image
+      - kubectl delete pods -n mirrord -l app=mirrord-operator --force --grace-period=0 2>/dev/null || true
       - task: _wait:operator
 
   operator:install:nocache:
@@ -370,6 +367,8 @@ tasks:
     cmds:
       - helm upgrade --install mirrord-operator {{.CHARTS_DIR}} --namespace mirrord --create-namespace -f {{.ROOT_DIR}}/operator-values.yaml
       - task: license:create:secret
+      # Force pod restart to pick up the new image
+      - kubectl delete pods -n mirrord -l app=mirrord-operator --force --grace-period=0 2>/dev/null || true
       - task: _wait:operator
 
   operator:install:nobuild:
@@ -379,6 +378,8 @@ tasks:
       - task: operator:image:load
       - helm upgrade --install mirrord-operator {{.CHARTS_DIR}} --namespace mirrord --create-namespace -f {{.ROOT_DIR}}/operator-values.yaml
       - task: license:create:secret
+      # Force pod restart to pick up the new image
+      - kubectl delete pods -n mirrord -l app=mirrord-operator --force --grace-period=0 2>/dev/null || true
       - task: _wait:operator
 
   operator:install:new:license:
@@ -404,7 +405,7 @@ tasks:
   operator:image:load:
     desc: Tag and load operator image into minikube
     cmds:
-      - '{{.CONTAINER_RUNTIME}} tag {{.OPERATOR_IMAGE}} mirrord-operator:{{.CHART_VERSION}}'
+      - "{{.CONTAINER_RUNTIME}} tag {{.OPERATOR_IMAGE}} mirrord-operator:{{.CHART_VERSION}}"
       - minikube -p {{.CLUSTER_NAME}} ssh "{{.CONTAINER_RUNTIME}} rmi mirrord-operator:{{.CHART_VERSION}} --force" || true
       - minikube -p {{.CLUSTER_NAME}} image load mirrord-operator:{{.CHART_VERSION}}
 
@@ -420,6 +421,8 @@ tasks:
     desc: Update helm chart only
     cmds:
       - helm upgrade --install mirrord-operator {{.CHARTS_DIR}} --namespace mirrord -f {{.ROOT_DIR}}/operator-values.yaml
+      # Force pod restart to pick up any changes
+      - kubectl delete pods -n mirrord -l app=mirrord-operator --force --grace-period=0 2>/dev/null || true
       - task: _wait:operator
 
   test:mysql:
@@ -502,7 +505,6 @@ tasks:
       - task: cluster:delete
       - task: cluster:create
       - task: build:app:postgres
-      - task: license:create:secret
       - task: operator:install:nobuild
       - task: postgres:test
 
@@ -743,7 +745,6 @@ tasks:
             sleep 2
           done
         done
-      - task: multicluster:kubeconfig:generate
       - task: multicluster:test:verify:clusters
       - echo "Loading images to minikube clusters..."
       - task: multicluster:operator:load:images
@@ -757,8 +758,8 @@ tasks:
       - echo "Deploying echo apps..."
       - task: multicluster:test:deploy:echo-apps
       - echo "Waiting for apps to be ready..."
-      - 'kubectl --context mirrord-primary wait --for=condition=available deploy/echo-app -n test-multicluster --timeout=120s'
-      - 'kubectl --context mirrord-remote-1 wait --for=condition=available deploy/echo-app -n test-multicluster --timeout=120s'
+      - "kubectl --context mirrord-primary wait --for=condition=available deploy/echo-app -n test-multicluster --timeout=120s"
+      - "kubectl --context mirrord-remote-1 wait --for=condition=available deploy/echo-app -n test-multicluster --timeout=120s"
       - echo ""
       - echo "============================================"
       - echo "  SETUP COMPLETE - Ready for testing!"
@@ -816,7 +817,6 @@ tasks:
             sleep 2
           done
         done
-      - task: multicluster:kubeconfig:generate
       - task: multicluster:test:verify:clusters
       - echo "Loading images to minikube clusters..."
       - task: multicluster:operator:load:images
@@ -829,8 +829,8 @@ tasks:
       - echo "Deploying echo apps..."
       - task: multicluster:test:deploy:echo-apps
       - echo "Waiting for apps to be ready..."
-      - 'kubectl --context mirrord-primary wait --for=condition=available deploy/echo-app -n test-multicluster --timeout=120s'
-      - 'kubectl --context mirrord-remote-1 wait --for=condition=available deploy/echo-app -n test-multicluster --timeout=120s'
+      - "kubectl --context mirrord-primary wait --for=condition=available deploy/echo-app -n test-multicluster --timeout=120s"
+      - "kubectl --context mirrord-remote-1 wait --for=condition=available deploy/echo-app -n test-multicluster --timeout=120s"
       - echo ""
       - echo "============================================"
       - echo "  SETUP COMPLETE - Ready for testing!"
@@ -901,12 +901,12 @@ tasks:
   test:tls:certs:
     desc: Test TLS certificate configuration
     cmds:
-      - '{{.SCRIPTS_DIR}}/test-tls-certificates.sh'
+      - "{{.SCRIPTS_DIR}}/test-tls-certificates.sh"
 
   test:tls:quick:
     desc: Quick TLS test
     cmds:
-      - '{{.SCRIPTS_DIR}}/quick-tls-test.sh'
+      - "{{.SCRIPTS_DIR}}/quick-tls-test.sh"
 
   clean:namespaces:
     desc: Delete all test namespaces
@@ -992,7 +992,7 @@ tasks:
   describe:pod:
     desc: Describe a pod (shows events and state history)
     vars:
-      POD: '{{.POD}}'
+      POD: "{{.POD}}"
       NAMESPACE: '{{.NAMESPACE | default "default"}}'
     preconditions:
       - sh: test -n "{{.POD}}"
@@ -1003,7 +1003,7 @@ tasks:
   logs:previous:
     desc: Show logs from previous container instance (after crash)
     vars:
-      POD: '{{.POD}}'
+      POD: "{{.POD}}"
       NAMESPACE: '{{.NAMESPACE | default "default"}}'
     preconditions:
       - sh: test -n "{{.POD}}"
@@ -1020,20 +1020,20 @@ tasks:
       - |
         echo "=== Finding last {{.COUNT}} crashed/restarted pods ==="
         echo ""
-        
+
         # Get pods with restarts > 0 or in error state, sorted by restart time
         PODS=$(kubectl get pods --all-namespaces --no-headers 2>/dev/null | \
           awk '($5 > 0) || ($4 ~ /Error|CrashLoop|OOMKilled/) {print $1, $2, $5}' | \
           head -{{.COUNT}})
-        
+
         if [ -z "$PODS" ]; then
           echo "No crashed or restarted pods found."
           echo ""
           echo "Looking for pods with any issues..."
           kubectl get pods --all-namespaces | grep -v "Running\|Completed\|NAMESPACE" | head -{{.COUNT}}
           exit 0
         fi
-        
+
         echo "$PODS" | while read ns pod restarts; do
           echo "=============================================="
           echo "POD: $pod"
@@ -1062,17 +1062,17 @@ tasks:
       - |
         echo "=== Pods with recent warning events ==="
         echo ""
-        
+
         # Get pods from recent warning events
         PODS=$(kubectl get events --all-namespaces --field-selector type!=Normal \
           --sort-by='.lastTimestamp' -o jsonpath='{range .items[*]}{.involvedObject.namespace}{" "}{.involvedObject.name}{"\n"}{end}' 2>/dev/null | \
           grep -v "^$" | tail -{{.COUNT}} | tac)
-        
+
         if [ -z "$PODS" ]; then
           echo "No recent warning events found."
           exit 0
         fi
-        
+
         echo "$PODS" | while read ns pod; do
           if [ -n "$pod" ] && kubectl get pod "$pod" -n "$ns" >/dev/null 2>&1; then
             echo "=============================================="
@@ -1130,6 +1130,14 @@ tasks:
     cmds:
       - redis-cli -p {{.REDIS_PORT}}
 
+  redis:local:cli:second:
+    desc: "Open redis-cli to local Redis"
+    vars:
+      REDIS_PORT: '{{.REDIS_PORT | default "6380"}}'
+    interactive: true
+    cmds:
+      - redis-cli -p {{.REDIS_PORT}}
+
   redis:local:test:
     desc: "Test local Redis connection"
     vars:

apps/echo-app/echo-app

@@ -112,25 +112,53 @@ func handleEcho(w http.ResponseWriter, r *http.Request) {
 	// Echo back the request with cluster info
 	body, _ := io.ReadAll(r.Body)
 
-	// Check for source cluster header (set by traffic generator)
-	sourceCluster := r.Header.Get("X-Source-Cluster")
-	if sourceCluster == "" {
-		sourceCluster = "unknown"
+	// Check for filter header (for HTTP filter testing)
+	filterHeader := r.Header.Get("X-My-Header")
+
+	// Print formatted multi-line log
+	log.Printf("━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━")
+	log.Printf("[%s] ECHO #%d", clusterID, reqNum)
+	log.Printf("  Method:  %s %s", r.Method, r.URL.Path)
+	if r.URL.RawQuery != "" {
+		log.Printf("  Query:   %s", r.URL.RawQuery)
+	}
+	if filterHeader != "" {
+		log.Printf("  Filter:  X-My-Header = %s ", filterHeader)
+	}
+	if len(body) > 0 {
+		if len(body) > 100 {
+			log.Printf("  Body:    (%d bytes) %s...", len(body), string(body[:100]))
+		} else {
+			log.Printf("  Body:    %s", string(body))
+		}
+	}
+	// Print other interesting headers
+	for _, h := range []string{"Content-Type", "User-Agent", "X-Request-Id"} {
+		if v := r.Header.Get(h); v != "" {
+			log.Printf("  %s: %s", h, v)
+		}
 	}
-
-	log.Printf("[%s] ECHO #%d: %s %s - From: %s - Body: %s",
-		clusterID, reqNum, r.Method, r.URL.Path, sourceCluster, string(body))
 
 	w.Header().Set("Content-Type", "application/json")
 	w.Header().Set("X-Cluster-ID", clusterID)
 
+	// Collect all headers for response
+	headers := make(map[string]string)
+	for key, values := range r.Header {
+		if len(values) > 0 {
+			headers[key] = values[0]
+		}
+	}
+
 	response := map[string]interface{}{
-		"cluster_id":  clusterID,
-		"request_num": reqNum,
-		"echo_body":   string(body),
-		"echo_path":   r.URL.Path,
-		"echo_method": r.Method,
-		"echo_query":  r.URL.RawQuery,
+		"cluster_id":    clusterID,
+		"request_num":   reqNum,
+		"filter_header": filterHeader,
+		"echo_body":     string(body),
+		"echo_path":     r.URL.Path,
+		"echo_method":   r.Method,
+		"echo_query":    r.URL.RawQuery,
+		"headers":       headers,
 	}
 
 	json.NewEncoder(w).Encode(response)

apps/echo-app/main.go

@@ -0,0 +1,13 @@
+{
+  "target": {
+    "path": "deploy/echo-app",
+    "namespace": "test-multicluster"
+  },
+  "feature": {
+    "network": {
+      "incoming": {
+        "mode": "steal"
+      }
+    }
+  }
+}