From ad10212ba52ed08fb1f370d5213634b04e0eba7c Mon Sep 17 00:00:00 2001
From: Volodymyr Stoiko <me@volodymyrstoiko.com>
Date: Fri, 24 Jan 2025 19:14:08 +0200
Subject: [PATCH] Add dns config (#1698)

* Add dnsconfig

* Update templates

* Add dns configuration values

* readme
---
 config/configStructs/tapConfig.go             | 12 ++++++++++
 helm-chart/README.md                          |  3 +++
 helm-chart/templates/04-hub-deployment.yaml   | 24 +++++++++++++++++++
 helm-chart/templates/06-front-deployment.yaml | 24 +++++++++++++++++++
 .../templates/09-worker-daemon-set.yaml       | 24 +++++++++++++++++++
 helm-chart/values.yaml                        |  7 ++++++
 6 files changed, 94 insertions(+)

diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go
index 1e1b96b14..faaf4e8fe 100644
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -111,6 +111,17 @@ type DockerConfig struct {
 	OverrideTag      OverrideTagConfig   `yaml:"overrideTag" json:"overrideTag"`
 }
 
+type DnsConfig struct {
+	Nameservers []string          `yaml:"nameservers" json:"nameservers" default:"[]"`
+	Searches    []string          `yaml:"searches" json:"searches" default:"[]"`
+	Options     []DnsConfigOption `yaml:"options" json:"options" default:"[]"`
+}
+
+type DnsConfigOption struct {
+	Name  string `yaml:"name" json:"name"`
+	Value string `yaml:"value" json:"value"`
+}
+
 type ResourcesConfig struct {
 	Hub     ResourceRequirementsHub    `yaml:"hub" json:"hub"`
 	Sniffer ResourceRequirementsWorker `yaml:"sniffer" json:"sniffer"`
@@ -244,6 +255,7 @@ type TapConfig struct {
 	StorageLimit                 string                  `yaml:"storageLimit" json:"storageLimit" default:"5000Mi"`
 	StorageClass                 string                  `yaml:"storageClass" json:"storageClass" default:"standard"`
 	DryRun                       bool                    `yaml:"dryRun" json:"dryRun" default:"false"`
+	DnsConfig                    DnsConfig               `yaml:"dns" json:"dns"`
 	Resources                    ResourcesConfig         `yaml:"resources" json:"resources"`
 	Probes                       ProbesConfig            `yaml:"probes" json:"probes"`
 	ServiceMesh                  bool                    `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
diff --git a/helm-chart/README.md b/helm-chart/README.md
index 8df616a69..aba816ca0 100644
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -148,6 +148,9 @@ Example for overriding image names:
 | `tap.storageLimit`                        | Limit of either the `emptyDir` or `persistentVolumeClaim` | `500Mi`                                     |
 | `tap.storageClass`                        | Storage class of the `PersistentVolumeClaim`          | `standard`                                      |
 | `tap.dryRun`                              | Preview of all pods matching the regex, without tapping them    | `false`                               |
+| `tap.dnsConfig.nameservers`               | Nameservers to use for DNS resolution          | `[]`                                                    |
+| `tap.dnsConfig.searches`                  | Search domains to use for DNS resolution       | `[]`                                                    |
+| `tap.dnsConfig.options`                   | DNS options to use for DNS resolution          | `[]`                                                    |
 | `tap.resources.hub.limits.cpu`            | CPU limit for hub                             | `""`  (no limit)                                                 |
 | `tap.resources.hub.limits.memory`         | Memory limit for hub                          | `5Gi`                                                |
 | `tap.resources.hub.requests.cpu`          | CPU request for hub                           | `50m`                                                   |
diff --git a/helm-chart/templates/04-hub-deployment.yaml b/helm-chart/templates/04-hub-deployment.yaml
index bc89dfc96..311ce22b9 100644
--- a/helm-chart/templates/04-hub-deployment.yaml
+++ b/helm-chart/templates/04-hub-deployment.yaml
@@ -104,6 +104,30 @@ spec:
             nodeSelectorTerms:
               {{- toYaml .Values.tap.nodeSelectorTerms.hub | nindent 12 }}
 {{- end }}
+      {{- if or .Values.tap.dns.nameservers .Values.tap.dns.searches .Values.tap.dns.options }}
+      dnsConfig:
+        {{- if .Values.tap.dns.nameservers }}
+        nameservers:
+        {{- range .Values.tap.dns.nameservers }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.searches }}
+        searches:
+        {{- range .Values.tap.dns.searches }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.options }}
+        options:
+        {{- range .Values.tap.dns.options }}
+          - name: {{ .name | quote }}
+            {{- if .value }}
+            value: {{ .value | quote }}
+            {{- end }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
       volumes:
       - name: saml-x509-volume
         projected:
diff --git a/helm-chart/templates/06-front-deployment.yaml b/helm-chart/templates/06-front-deployment.yaml
index b7b59757f..d3f885dc2 100644
--- a/helm-chart/templates/06-front-deployment.yaml
+++ b/helm-chart/templates/06-front-deployment.yaml
@@ -115,6 +115,30 @@ spec:
             nodeSelectorTerms:
               {{- toYaml .Values.tap.nodeSelectorTerms.front | nindent 12 }}
 {{- end }}
+      {{- if or .Values.tap.dns.nameservers .Values.tap.dns.searches .Values.tap.dns.options }}
+      dnsConfig:
+        {{- if .Values.tap.dns.nameservers }}
+        nameservers:
+        {{- range .Values.tap.dns.nameservers }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.searches }}
+        searches:
+        {{- range .Values.tap.dns.searches }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.options }}
+        options:
+        {{- range .Values.tap.dns.options }}
+          - name: {{ .name | quote }}
+            {{- if .value }}
+            value: {{ .value | quote }}
+            {{- end }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
       volumes:
         - name: nginx-config
           configMap:
diff --git a/helm-chart/templates/09-worker-daemon-set.yaml b/helm-chart/templates/09-worker-daemon-set.yaml
index 092bc882b..c4f2723e6 100644
--- a/helm-chart/templates/09-worker-daemon-set.yaml
+++ b/helm-chart/templates/09-worker-daemon-set.yaml
@@ -293,6 +293,30 @@ spec:
             nodeSelectorTerms:
               {{- toYaml .Values.tap.nodeSelectorTerms.workers | nindent 12 }}
 {{- end }}
+      {{- if or .Values.tap.dns.nameservers .Values.tap.dns.searches .Values.tap.dns.options }}
+      dnsConfig:
+        {{- if .Values.tap.dns.nameservers }}
+        nameservers:
+        {{- range .Values.tap.dns.nameservers }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.searches }}
+        searches:
+        {{- range .Values.tap.dns.searches }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.tap.dns.options }}
+        options:
+        {{- range .Values.tap.dns.options }}
+          - name: {{ .name | quote }}
+            {{- if .value }}
+            value: {{ .value | quote }}
+            {{- end }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
       volumes:
         - hostPath:
             path: /proc
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
index f109180fd..d78c531b7 100644
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -37,6 +37,12 @@ tap:
   storageLimit: 5000Mi
   storageClass: standard
   dryRun: false
+  dns:
+    nameservers: []
+    searches: []
+    options:
+      - name: ndots
+        value: "2"
   resources:
     hub:
       limits:
@@ -159,6 +165,7 @@ tap:
   - ws
   - ldap
   - radius
+  - diameter
   customMacros:
     https: tls and (http or http2)
   metrics: