Add DatadogMonitor validate-only reconciliation mode#2704
Add DatadogMonitor validate-only reconciliation mode#2704fabioaraujopt wants to merge 3 commits intoDataDog:mainfrom
Conversation
Add a new operator flag to validate DatadogMonitor resources against the Datadog API without creating or updating monitors. This supports preflight-style deployments where teams want runtime query validation while preventing monitor mutations.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 986eb2a662
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| if r.validateOnly { | ||
| logger.V(1).Info("Validate-only mode enabled. Validating monitor without updating it in Datadog.") | ||
| if err = validateMonitor(r.datadogAuth, logger, r.datadogClient, instance); err == nil { | ||
| newStatus.MonitorStateSyncStatus = datadoghqv1alpha1.MonitorStateSyncStatusOK |
There was a problem hiding this comment.
When validateOnly is enabled in internalReconcile, the shouldUpdate path only calls ValidateMonitor and never updates status.MonitorLastForceSyncTime. Once a monitor hits the force-sync condition (MonitorLastForceSyncTime nil/expired), every later reconcile keeps taking that branch, so the MonitorStateLastUpdateTime branch is effectively starved and monitor state fields stop being refreshed for existing monitors. This creates stale status.monitorState/triggeredState data while reconciliation continues to report success.
Useful? React with 👍 / 👎.
|
Maintainers: this PR currently fails the PR linter due to missing metadata labels. As an external contributor I don't have permission to add labels/milestone on this repo.\n\nCould you please add:\n- \n- (or set an appropriate milestone)\n\nAlso, if signature verification is enforced, note the feature commit is signed but currently shows on GitHub because the public key has not yet been uploaded in this account context. |
|
Maintainers: this PR still fails the PR linter due to missing metadata labels. As an external contributor I do not have permission to add labels or milestone on this repo.\n\nCould you please add:\n- enhancement\n- qa/skip-qa (or set an appropriate milestone)\n\nIf signature verification is enforced, the feature commit is signed but currently shows reason unknown_key on GitHub because the public key has not yet been uploaded in this account context. |
1 participant
What does this PR do?
Adds an optional Datadog Operator mode for
DatadogMonitorreconciliation that validates monitor definitions against Datadog API without creating or updating monitors.Motivation
Some teams want a safe preflight workflow where monitor specs are runtime-validated (including Datadog API query validation) while preventing monitor mutations during early rollout phases.
Today, reconciliation validates and then creates/updates. This change introduces a dedicated validate-only path for monitor controller operations.
Additional Notes
-datadogMonitorValidateOnly(defaultfalse)DatadogMonitorreconcilerValidateMonitoronlyValidateMonitoronlyMinimum Agent Versions
Describe your test plan
TestReconcileDatadogMonitor_ValidateOnlyModeto ensure validate-only mode calls validate and does not create/update monitors.go test ./internal/controller/datadogmonitor -run TestReconcileDatadogMonitor_ValidateOnlyMode -count=1go test ./internal/controller/datadogmonitor -run TestReconciler_UpdateDatadogClient -count=1