mirror of https://github.com/replicatedhq/troubleshoot.git synced 2026-04-15 07:16:34 +00:00

Go to file

Benjamin Yang 74811c669b Auto-collectors: foundational discovery, image metadata, CLI integrat… (#1845 )

* Auto-collectors: foundational discovery, image metadata, CLI integration; reset PRD markers

* Address PR review feedback

- Implement missing namespace exclude patterns functionality
- Fix image facts collector to use empty Data field instead of static string
- Correct APIVersion to use troubleshoot.sh/v1beta2 consistently

* Fix bug bot issues: API parsing, EOF error, and API group corrections

- Fix RBAC API parsing errors in rbac_checker.go (getAPIGroup/getAPIVersion functions)
- Fix FakeReader EOF error to use standard io.EOF instead of custom error
- Fix incorrect API group from troubleshoot.sh to troubleshoot.replicated.com in run.go

These changes address the issues identified by the bug bot and ensure proper
interface compliance and consistent API group usage.

* Fix multiple bug bot issues

- Fix RBAC API parsing errors in rbac_checker.go (getAPIGroup/getAPIVersion functions)
- Fix FakeReader EOF error to use standard io.EOF instead of custom error
- Fix incorrect API group from troubleshoot.sh to troubleshoot.replicated.com in run.go
- Fix image facts collector Data field to contain structured JSON instead of static strings

These changes address all issues identified by the bug bot and ensure proper
interface compliance, consistent API usage, and meaningful data fields.

* Update auto_discovery.go

* Fix TODO comments in Auto-collector section

Fixed 3 of 4 TODOs as requested in PR review:

1. pkg/collect/images/registry_client.go (line 46):
   - Implement custom CA certificate loading
   - Add x509 import and certificate parsing logic
   - Enables image collection from private registries with custom CAs

2. cmd/troubleshoot/cli/diff.go (line 209):
   - Implement bundle file count functionality
   - Add tar/gzip imports and getFileCountFromBundle() function
   - Properly counts files in support bundle archives (.gz/.tgz)

3. cmd/troubleshoot/cli/run.go (line 338):
   - Replace TODO with clarifying comment about RemoteCollectors usage
   - Confirmed RemoteCollectors are still actively used in preflights

The 4th TODO (diff.go line 196) is left as-is since it's explicitly marked
as Phase 4 future work (Support Bundle Differencing implementation).

Addresses PR review feedback about unimplemented TODO comments.

---------

Co-authored-by: Benjamin Yang <benjaminyang@Benjamins-MacBook-Pro.local>

2025-09-12 13:44:26 -06:00

.claude

Update Claude agents and commands (#1836 )

2025-09-08 11:46:30 -05:00

.devcontainer

Bump go version

2021-11-12 19:03:35 +00:00

.github

Change workflow branch from 'main' to 'v1beta3'

2025-09-12 11:08:16 -05:00

bin

feat: Add dry run flag to print support bundle specs to std out (#1337 )

2023-10-10 18:43:32 +01:00

cmd

Auto-collectors: foundational discovery, image metadata, CLI integrat… (#1845 )

2025-09-12 13:44:26 -06:00

config

Allow filtering node resources on taint. (#1840 )

2025-09-09 14:33:51 +01:00

deploy

chore(ci): fix go-release (#1814 )

2025-07-28 16:59:09 +01:00

design

Add sbctl integration proposal and move design directory into docs (#893 )

2022-12-14 14:52:40 +13:00

docs

Auto updater (#1849 )

2025-09-12 12:30:57 -06:00

examples

chore(deps): bump helm.sh/helm/v3 from 3.18.5 to 3.18.6 in /examples/sdk/helm-template in the security group (#1830 )

2025-08-26 14:07:58 -04:00

ffi

Add node analyzers

2020-01-29 13:49:02 -08:00

hack

First commit, scaffolding

2019-07-05 22:38:40 +00:00

internal

Ability to use sprig functions in analyzer templates (#1745 )

2025-02-21 08:10:46 -08:00

pkg

Auto-collectors: foundational discovery, image metadata, CLI integrat… (#1845 )

2025-09-12 13:44:26 -06:00

schemas

Allow filtering node resources on taint. (#1840 )

2025-09-09 14:33:51 +01:00

scripts

chore: Don't hardcode /bin/bash (#1011 )

2023-02-10 17:25:57 +00:00

test

fix(cluster_resources): pod disruption budgets for policy v1 not being collected (#1843 )

2025-09-10 16:30:06 +01:00

testdata

support adding a CA cert to http collector (#1624 )

2024-10-23 18:15:08 -04:00

.gitignore

feat: Add dry run flag to print support bundle specs to std out (#1337 )

2023-10-10 18:43:32 +01:00

.golangci.yaml

support adding a CA cert to http collector (#1624 )

2024-10-23 18:15:08 -04:00

CODE_OF_CONDUCT.md

added email alias to code of conduct (#420 )

2021-09-21 13:52:00 -05:00

CONTRIBUTING.md

chore: minor updates to docs and Makefile (#1433 )

2024-01-25 18:55:51 +00:00

go.mod

chore(deps): bump the security group across 1 directory with 9 updates (#1844 )

2025-09-10 09:23:53 -07:00

go.sum

chore(deps): bump the security group across 1 directory with 9 updates (#1844 )

2025-09-10 09:23:53 -07:00

LICENSE

Working on docs

2019-07-19 00:55:32 +00:00

Makefile

chore(deps): bump the security group with 16 updates (#1835 )

2025-09-08 09:32:56 -07:00

Person-2-PRD.md

Auto-collectors: foundational discovery, image metadata, CLI integrat… (#1845 )

2025-09-12 13:44:26 -06:00

PROJECT

First commit, scaffolding

2019-07-05 22:38:40 +00:00

README.md

chore: Upgrade sigstore and goreleaser binaries (#1104 )

2023-06-21 07:07:48 +12:00

sample-troubleshoot.yaml

Log non-existentent analyzers instead of adding to analyzer results (#1593 )

2024-08-14 15:34:36 -04:00

test-auto-collectors.sh

Auto-collectors: foundational discovery, image metadata, CLI integrat… (#1845 )

2025-09-12 13:44:26 -06:00

README.md

Replicated Troubleshoot

Replicated Troubleshoot is a framework for collecting, redacting, and analyzing highly customizable diagnostic information about a Kubernetes cluster. Troubleshoot specs are created by 3rd-party application developers/maintainers and run by cluster operators in the initial and ongoing operation of those applications.

Troubleshoot provides two CLI tools as kubectl plugins (using Krew): kubectl preflight and kubectl support-bundle. Preflight provides pre-installation cluster conformance testing and validation (preflight checks) and support-bundle provides post-installation troubleshooting and diagnostics (support bundles).

To know more about troubleshoot, please visit: https://troubleshoot.sh/

Preflight Checks

Preflight checks are an easy-to-run set of conformance tests that can be written to verify that specific requirements in a cluster are met.

To run a sample preflight check from a sample application, install the preflight kubectl plugin:

curl https://krew.sh/preflight | bash

and run, where https://preflight.replicated.com provides an example preflight spec:

kubectl preflight https://preflight.replicated.com

NOTE this is an example. Do not use to validate real scenarios.

For more details on creating the custom resource files that drive preflight checks, visit creating preflight checks.

Support Bundle

A support bundle is an archive that's created in-cluster, by collecting logs and cluster information, and executing specified commands (including redaction of sensitive information). After creating a support bundle, the cluster operator will normally deliver it to the 3rd-party application vendor for analysis and disconnected debugging. Another Replicated project, KOTS, provides k8s apps an in-cluster UI for processing support bundles and viewing analyzers (as well as support bundle collection).

To collect a sample support bundle, install the troubleshoot kubectl plugin:

curl https://krew.sh/support-bundle | bash

and run, where https://support-bundle.replicated.com provides an example support bundle spec:

kubectl support-bundle https://support-bundle.replicated.com

NOTE this is an example. Do not use to validate real scenarios.

For more details on creating the custom resource files that drive support-bundle collection, visit creating collectors and creating analyzers.

And see our other tool sbctl that makes it easier to interact with support bundles using kubectl commands you already know

Community

For questions about using Troubleshoot, how to contribute and engaging with the project in any other way, please refer to the following resources and channels.

Replicated Community forum
#app-troubleshoot channel in Kubernetes Slack
#Community meetings calendar. This happen monthly but dates may change and would be kept upto date in the calendar.

Software Bill of Materials

A signed SBOM that includes Troubleshoot dependencies is included in each release.

troubleshoot-sbom.tgz contains a software bill of materials for Troubleshoot.
troubleshoot-sbom.tgz.sig is the digital signature for troubleshoot-sbom.tgz
key.pub is the public key from the key pair used to sign troubleshoot-sbom.tgz

The following example illustrates using cosign to verify that troubleshoot-sbom.tgz has not been tampered with.

$ cosign verify-blob --key key.pub --signature troubleshoot-sbom.tgz.sig troubleshoot-sbom.tgz
Verified OK

If you were to get an error similar to the one below, it means you are verifying an SBOM signed using cosign v1 using a newer v2 of the binary. This version introduced breaking changes which require an additional flag --insecure-ignore-tlog=true to successfully verify SBOMs like so.

$ cosign verify-blob --key key.pub --signature troubleshoot-sbom.tgz.sig troubleshoot-sbom.tgz --insecure-ignore-tlog=true
WARNING: Skipping tlog verification is an insecure practice that lacks of transparency and auditability verification for the blob.
Verified OK