Publish Instance resources to CloudInventory with Pod and SystemNode relationships #233
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jra3
force-pushed
the
feat/instance_cloudinventory_node
branch
4 times, most recently
from
9fff0d3 to
1a4ddec
Compare
haq204
reviewed
Oct 21, 2025
…and node relationships Publish antimetal.agent.v1.Instance resources to CloudInventory with graph relationships connecting Pod → Instance and SystemNode ↔ Instance. This enables the control plane to target agent configuration by pod name and track which system node hosts each agent instance. Implementation includes: - Add Pod metadata environment variables via Kubernetes downward API - Create environment package helpers for accessing pod metadata - Implement PublishInstance function with relationship creation - Use kubernetes.v1.RegisteredAs predicate for Pod → Instance edges - Use runtime.v1.Contains/ContainedBy for bidirectional SystemNode edges - Gracefully degrade when not running in Kubernetes - Refactor periodic publishing from bare goroutine to Instance Manager - Add K8s DNS-1123 validation for pod names and namespaces - Add comprehensive unit tests for publish.go (6 test cases) - Add debug logging when pod metadata unavailable - Document K8s Pod TypeUrl constant with API reference link - Add comment explaining Instance ResourceRef has no namespace The Instance resource is always published even if relationship creation fails, ensuring the agent is visible in CloudInventory regardless of deployment environment. The Instance Manager follows the controller- runtime manager pattern for lifecycle management and runs on all agent instances (not leader-elected). Closes ENG-2245 Co-Authored-By: Claude <[email protected]> Signed-off-by: John Allen <[email protected]>
Fix systemd-container package dependency conflict by upgrading libsystemd-shared and systemd packages before LVH VM setup. Error was: systemd-container depends on libsystemd-shared (= 255.4-1ubuntu8.11) but 255.4-1ubuntu8.10 was cached.
Address PR 233 review feedback with three refinements: 1. Adjust "Published Instance relationships" to debug log level (V(1)) for consistency with other relationship publishing operations 2. Add bidirectional Pod↔Instance relationship using both RegisteredAs (Pod→Instance) and Underlying (Instance→Pod) predicates to enable traversal from either direction in the resource graph 3. Replace inline machine ID logic with host.CanonicalName() for system node identification, providing proper fallback chain (MachineInfo → CloudProviderID → FQDN → MachineID) and consistency with other host identification code These changes improve codebase consistency and relationship model completeness without altering functional behavior. Co-Authored-By: Claude <[email protected]> Signed-off-by: John Allen <[email protected]>
jra3
force-pushed
the
feat/instance_cloudinventory_node
branch
from
d3e10ff to
ee6c4f3
Compare
…ationships Update TestCreatePodRelationships to correctly expect 2 bidirectional relationships (RegisteredAs and Underlying) instead of just 1. The test now validates both the forward relationship (Pod → Instance) and the inverse relationship (Instance → Pod), matching the pattern used in TestCreateSystemNodeRelationships. This aligns the test expectations with the actual implementation that creates bidirectional relationships for graph traversal in both directions.
Remove periodic instance resource republishing in favor of single publish at startup. The intake worker already handles TTL extension by sending delta version heartbeats to the backend, making periodic republishing unnecessary. This change removes the instance.Manager component and its 1-minute refresh interval, reducing architectural complexity and eliminating redundant overhead. Addresses PR #233 review feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Implements ENG-2245 to publish
antimetal.agent.v1.Instanceresources to CloudInventory with proper relationships to enable targeted agent configuration.Changes
Resource Publishing
Relationships Created
kubernetes.v1.RegisteredAspredicateantimetal.runtime.v1.Contains/ContainedByConfiguration
POD_NAME- for Pod → Instance relationshipsPOD_NAMESPACE- for proper namespace scopingPOD_UID- for unique pod identificationImplementation
internal/runtime/publish.go- Instance publishing logic with relationship creationpkg/config/environment/environment.go- Pod metadata helperscmd/main.go- Startup publish + periodic refresh goroutineconfig/agent/agent.yaml- Downward API configurationBehavior
Kubernetes Environment
Non-Kubernetes Environment
Testing
Related
Closes ENG-2245
Wiki Documentation
Companion wiki documentation committed separately: