From 50b55f3b58838f6e01d6cae3d1bf59d882194512 Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Fri, 10 May 2024 01:51:42 +0600 Subject: [PATCH] Provide platform ca to monitoring operator (#128) Signed-off-by: Tamal Saha --- .../installer/v1alpha1/monitoring_operator_types.go | 2 ++ charts/grafana-operator/Chart.yaml | 4 ++-- charts/grafana-operator/README.md | 10 +++++----- charts/monitoring-operator/Chart.yaml | 4 ++-- charts/monitoring-operator/README.md | 11 ++++++----- .../monitoring-operator/templates/deployment.yaml | 13 +++++++++++++ .../templates/platform-ca-secret.yaml | 11 +++++++++++ .../values.openapiv3_schema.yaml | 2 ++ charts/monitoring-operator/values.yaml | 2 ++ 9 files changed, 45 insertions(+), 14 deletions(-) create mode 100644 charts/monitoring-operator/templates/platform-ca-secret.yaml diff --git a/apis/installer/v1alpha1/monitoring_operator_types.go b/apis/installer/v1alpha1/monitoring_operator_types.go index 21bd6a07..37858a8c 100644 --- a/apis/installer/v1alpha1/monitoring_operator_types.go +++ b/apis/installer/v1alpha1/monitoring_operator_types.go @@ -83,6 +83,8 @@ type MonitoringOperatorSpec struct { type PlatformSpec struct { BaseURL string `json:"baseURL"` Token string `json:"token"` + // +optional + CABundle string `json:"caBundle"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/charts/grafana-operator/Chart.yaml b/charts/grafana-operator/Chart.yaml index 1bc3af68..38427a73 100755 --- a/charts/grafana-operator/Chart.yaml +++ b/charts/grafana-operator/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: grafana-operator description: A Helm chart for Grafana Operator by AppsCode type: application -version: v0.0.5 -appVersion: v0.0.5 +version: v0.0.6 +appVersion: v0.0.6 home: https://github.com/open-viz/grafana-operator icon: https://cdn.appscode.com/images/products/searchlight/icons/android-icon-192x192.png sources: diff --git a/charts/grafana-operator/README.md b/charts/grafana-operator/README.md index c276f61b..6f89e7d8 100644 --- a/charts/grafana-operator/README.md +++ b/charts/grafana-operator/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/grafana-operator --version=v0.0.5 -$ helm upgrade -i grafana-operator appscode/grafana-operator -n kubeops --create-namespace --version=v0.0.5 +$ helm search repo appscode/grafana-operator --version=v0.0.6 +$ helm upgrade -i grafana-operator appscode/grafana-operator -n kubeops --create-namespace --version=v0.0.6 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys a Grafana operator on a [Kubernetes](http://kubernetes.io) cl To install/upgrade the chart with the release name `grafana-operator`: ```bash -$ helm upgrade -i grafana-operator appscode/grafana-operator -n kubeops --create-namespace --version=v0.0.5 +$ helm upgrade -i grafana-operator appscode/grafana-operator -n kubeops --create-namespace --version=v0.0.6 ``` The command deploys a Grafana operator on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. @@ -80,12 +80,12 @@ The following table lists the configurable parameters of the `grafana-operator` Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i grafana-operator appscode/grafana-operator -n kubeops --create-namespace --version=v0.0.5 --set replicaCount=1 +$ helm upgrade -i grafana-operator appscode/grafana-operator -n kubeops --create-namespace --version=v0.0.6 --set replicaCount=1 ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: ```bash -$ helm upgrade -i grafana-operator appscode/grafana-operator -n kubeops --create-namespace --version=v0.0.5 --values values.yaml +$ helm upgrade -i grafana-operator appscode/grafana-operator -n kubeops --create-namespace --version=v0.0.6 --values values.yaml ``` diff --git a/charts/monitoring-operator/Chart.yaml b/charts/monitoring-operator/Chart.yaml index 49b13918..7a3f231d 100755 --- a/charts/monitoring-operator/Chart.yaml +++ b/charts/monitoring-operator/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: monitoring-operator description: A Helm chart for monitoring-operator by AppsCode type: application -version: v0.0.5 -appVersion: v0.0.5 +version: v0.0.6 +appVersion: v0.0.6 home: https://github.com/kubeops/monitoring-operator icon: https://cdn.appscode.com/images/products/kubeops/icons/android-icon-192x192.png sources: diff --git a/charts/monitoring-operator/README.md b/charts/monitoring-operator/README.md index 937ea264..1e77cacb 100644 --- a/charts/monitoring-operator/README.md +++ b/charts/monitoring-operator/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/monitoring-operator --version=v0.0.5 -$ helm upgrade -i monitoring-operator appscode/monitoring-operator -n kubeops --create-namespace --version=v0.0.5 +$ helm search repo appscode/monitoring-operator --version=v0.0.6 +$ helm upgrade -i monitoring-operator appscode/monitoring-operator -n kubeops --create-namespace --version=v0.0.6 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys a Grafana UI Server on a [Kubernetes](http://kubernetes.io) c To install/upgrade the chart with the release name `monitoring-operator`: ```bash -$ helm upgrade -i monitoring-operator appscode/monitoring-operator -n kubeops --create-namespace --version=v0.0.5 +$ helm upgrade -i monitoring-operator appscode/monitoring-operator -n kubeops --create-namespace --version=v0.0.6 ``` The command deploys a Grafana UI Server on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. @@ -81,17 +81,18 @@ The following table lists the configurable parameters of the `monitoring-operato | monitoring.serviceMonitor.labels | Specify the labels for ServiceMonitor. Prometheus crd will select ServiceMonitor using these labels. Only usable when monitoring agent is `prometheus.io/operator`. | {} | | platform.baseURL | | "" | | platform.token | | "" | +| platform.caBundle | | "" | Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i monitoring-operator appscode/monitoring-operator -n kubeops --create-namespace --version=v0.0.5 --set replicaCount=1 +$ helm upgrade -i monitoring-operator appscode/monitoring-operator -n kubeops --create-namespace --version=v0.0.6 --set replicaCount=1 ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: ```bash -$ helm upgrade -i monitoring-operator appscode/monitoring-operator -n kubeops --create-namespace --version=v0.0.5 --values values.yaml +$ helm upgrade -i monitoring-operator appscode/monitoring-operator -n kubeops --create-namespace --version=v0.0.6 --values values.yaml ``` diff --git a/charts/monitoring-operator/templates/deployment.yaml b/charts/monitoring-operator/templates/deployment.yaml index 271d641b..963d3a6b 100644 --- a/charts/monitoring-operator/templates/deployment.yaml +++ b/charts/monitoring-operator/templates/deployment.yaml @@ -48,6 +48,9 @@ spec: - --use-kubeapiserver-fqdn-for-aks={{ .Values.apiserver.useKubeapiserverFqdnForAks }} - --baseURL={{ .Values.platform.baseURL }} - --token=$(PLATFORM_API_TOKEN) + {{- if .Values.platform.caBundle }} + - --platform-ca-file=/var/platform-ca/tls.crt + {{- end }} ports: - containerPort: 8443 env: @@ -85,11 +88,21 @@ spec: volumeMounts: - mountPath: /var/serving-cert name: serving-cert + {{- if .Values.platform.caBundle }} + - mountPath: /var/platform-ca + name: platform-ca + {{- end }} volumes: - name: serving-cert secret: defaultMode: 420 secretName: {{ include "monitoring-operator.fullname" . }}-apiserver-cert + {{- if .Values.platform.caBundle }} + - name: platform-ca + secret: + defaultMode: 420 + secretName: {{ include "monitoring-operator.fullname" . }}-platform-ca + {{- end }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} {{- if or .Values.tolerations $criticalAddon }} diff --git a/charts/monitoring-operator/templates/platform-ca-secret.yaml b/charts/monitoring-operator/templates/platform-ca-secret.yaml new file mode 100644 index 00000000..7f08464e --- /dev/null +++ b/charts/monitoring-operator/templates/platform-ca-secret.yaml @@ -0,0 +1,11 @@ +{{- if .Values.platform.caBundle }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "monitoring-operator.fullname" . }}-platform-ca + namespace: {{ .Release.Namespace }} + labels: + {{- include "monitoring-operator.labels" . | nindent 4 }} +data: + tls.crt: {{ .Values.platform.caBundle }} +{{- end }} diff --git a/charts/monitoring-operator/values.openapiv3_schema.yaml b/charts/monitoring-operator/values.openapiv3_schema.yaml index 16f5f4d8..acee5354 100644 --- a/charts/monitoring-operator/values.openapiv3_schema.yaml +++ b/charts/monitoring-operator/values.openapiv3_schema.yaml @@ -1170,6 +1170,8 @@ properties: properties: baseURL: type: string + caBundle: + type: string token: type: string required: diff --git a/charts/monitoring-operator/values.yaml b/charts/monitoring-operator/values.yaml index 6321d7c6..030f5809 100644 --- a/charts/monitoring-operator/values.yaml +++ b/charts/monitoring-operator/values.yaml @@ -102,3 +102,5 @@ monitoring: platform: baseURL: "" token: "" + caBundle: "" +