From 8d44a132d3766097c3afef5258dc3916c8fec3b7 Mon Sep 17 00:00:00 2001
From: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
Date: Tue, 9 Jan 2024 21:44:05 +0100
Subject: [PATCH] feat: add kube example

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
---
 deploy/charts/benthos-openmeter/README.md     |  8 ++
 .../benthos-openmeter/templates/_helpers.tpl  | 34 ++++++++
 .../templates/deployment.yaml                 | 26 +++++-
 .../benthos-openmeter/templates/rbac.yaml     | 27 ++++++
 .../benthos-openmeter/templates/secret.yaml   | 24 ++++++
 deploy/charts/benthos-openmeter/values.yaml   | 32 ++++++++
 examples/kubernetes-pod-exec-time/README.md   | 33 ++++++--
 .../kubernetes-pod-exec-time/seed/pod.yaml    | 82 +++++++++++++++++++
 8 files changed, 257 insertions(+), 9 deletions(-)
 create mode 100644 deploy/charts/benthos-openmeter/templates/rbac.yaml
 create mode 100644 deploy/charts/benthos-openmeter/templates/secret.yaml
 create mode 100644 examples/kubernetes-pod-exec-time/seed/pod.yaml

diff --git a/deploy/charts/benthos-openmeter/README.md b/deploy/charts/benthos-openmeter/README.md
index bb61c73..3a65775 100644
--- a/deploy/charts/benthos-openmeter/README.md
+++ b/deploy/charts/benthos-openmeter/README.md
@@ -25,6 +25,11 @@ helm install --generate-name --wait oci://ghcr.io/openmeterio/helm-charts/bentho
 | image.repository | string | `"ghcr.io/openmeterio/benthos-openmeter"` | Name of the image repository to pull the container image from. |
 | image.pullPolicy | string | `"IfNotPresent"` | [Image pull policy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) for updating already existing images on a node. |
 | image.tag | string | `""` | Image tag override for the default value (chart appVersion). |
+| openmeter.url | string | `"https://openmeter.cloud"` | OpenMeter API URL |
+| openmeter.token | string | `""` | OpenMeter token |
+| config | object | `{}` | Benthos configuration Takes precedence over `useExistingConfigFile` and `useExample`. |
+| useExistingConfigFile | string | `""` | Use an existing config file mounted via `volumes` and `volumeMounts`. Takes precedence over `useExample`. |
+| useExample | string | `""` | Use one of the predefined examples. Note: Read the documentation for the specific example to learn about configuration via env vars. |
 | imagePullSecrets | list | `[]` | Reference to one or more secrets to be used when [pulling images](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) (from private registries). |
 | nameOverride | string | `""` | A name in place of the chart name for `app:` labels. |
 | fullnameOverride | string | `""` | A name to substitute for the full names of resources. |
@@ -32,6 +37,7 @@ helm install --generate-name --wait oci://ghcr.io/openmeterio/helm-charts/bentho
 | serviceAccount.automount | bool | `true` | Automatically mount a ServiceAccount's API credentials? |
 | serviceAccount.annotations | object | `{}` | Annotations to add to the service account. |
 | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| rbac.create | bool | `true` | Specifies whether RBAC resources should be created. If disabled, the operator is responsible for creating the necessary resources based on the templates. |
 | podAnnotations | object | `{}` | Annotations to be added to pods. |
 | podLabels | object | `{}` | Labels to be added to pods. |
 | podSecurityContext | object | `{}` | Pod [security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod). See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context) for details. |
@@ -39,6 +45,8 @@ helm install --generate-name --wait oci://ghcr.io/openmeterio/helm-charts/bentho
 | resources | object | No requests or limits. | Container resource [requests and limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#resources) for details. |
 | volumes | list | `[]` | Additional volumes on the output Deployment definition. |
 | volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. |
+| envFrom | list | `[]` | Additional environment variables mounted from [secrets](https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-environment-variables) or [config maps](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables). See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#environment-variables) for details. |
+| env | object | `{}` | Additional environment variables passed directly to containers. See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#environment-variables) for details. |
 | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) configuration. |
 | tolerations | list | `[]` | [Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) for node taints. See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling) for details. |
 | affinity | object | `{}` | [Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) configuration. See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling) for details. |
diff --git a/deploy/charts/benthos-openmeter/templates/_helpers.tpl b/deploy/charts/benthos-openmeter/templates/_helpers.tpl
index 0d9da5d..358ab5a 100644
--- a/deploy/charts/benthos-openmeter/templates/_helpers.tpl
+++ b/deploy/charts/benthos-openmeter/templates/_helpers.tpl
@@ -60,3 +60,37 @@ Create the name of the service account to use
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
+
+{{/*
+Create a default fully qualified component name from the full app name and a component name.
+We truncate the full name at 63 - 1 (last dash) - len(component name) chars because some Kubernetes name fields are limited to this (by the DNS naming spec)
+and we want to make sure that the component is included in the name.
+
+Usage: {{ include "benthos-openmeter.componentName" (list . "component") }}
+*/}}
+{{- define "benthos-openmeter.componentName" -}}
+{{- $global := index . 0 -}}
+{{- $component := index . 1 | trimPrefix "-" -}}
+{{- printf "%s-%s" (include "benthos-openmeter.fullname" $global | trunc (sub 62 (len $component) | int) | trimSuffix "-" ) $component | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create args for the deployment
+*/}}
+{{- define "benthos-openmeter.args" -}}
+{{- if .Values.config -}}
+["benthos", "-c", "/etc/benthos/config.yaml"]
+{{- else if .Values.useExistingConfigFile -}}
+["benthos", "-c", "{{ .Values.useExistingConfigFile }}"]
+{{- else if .Values.useExample }}
+{{- if eq .Values.useExample "http-server" -}}
+["benthos", "streams", "--no-api", "/etc/benthos/examples/http-server/input.yaml", "/etc/benthos/examples/http-server/output.yaml"]
+{{- else if eq .Values.useExample "kubernetes-pod-exec-time" -}}
+["benthos", "-c", "/etc/benthos/examples/kubernetes-pod-exec-time/config.yaml"]
+{{- else }}
+{{- fail (printf "Invalid example '%s" .Values.useExample) }}
+{{- end }}
+{{- else }}
+{{- fail "One of 'config', 'useExistingConfigFile' or 'useExample' is required" }}
+{{- end }}
+{{- end }}
diff --git a/deploy/charts/benthos-openmeter/templates/deployment.yaml b/deploy/charts/benthos-openmeter/templates/deployment.yaml
index 82d879e..21f65a8 100644
--- a/deploy/charts/benthos-openmeter/templates/deployment.yaml
+++ b/deploy/charts/benthos-openmeter/templates/deployment.yaml
@@ -34,14 +34,36 @@ spec:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args: {{ include "benthos-openmeter.args" . }}
+          env:
+            {{- range $key, $value := .Values.env }}
+            - name: {{ $key }}
+              value: {{ $value | quote }}
+            {{- end }}
+          {{- with .Values.envVars }}
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          envFrom:
+            - secretRef:
+                name: {{ include "benthos-openmeter.fullname" . }}
+          {{- with .Values.envFrom }}
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
-          {{- with .Values.volumeMounts }}
           volumeMounts:
+            - name: config
+              mountPath: /etc/openmeter/config.yaml
+              readOnly: true
+              subPath: config.yaml
+          {{- with .Values.volumeMounts }}
             {{- toYaml . | nindent 12 }}
           {{- end }}
-      {{- with .Values.volumes }}
       volumes:
+        - name: config
+          secret:
+            secretName: {{ include "benthos-openmeter.componentName" (list . "config") }}
+      {{- with .Values.volumes }}
         {{- toYaml . | nindent 8 }}
       {{- end }}
       {{- with .Values.nodeSelector }}
diff --git a/deploy/charts/benthos-openmeter/templates/rbac.yaml b/deploy/charts/benthos-openmeter/templates/rbac.yaml
new file mode 100644
index 0000000..102e5c8
--- /dev/null
+++ b/deploy/charts/benthos-openmeter/templates/rbac.yaml
@@ -0,0 +1,27 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "benthos-openmeter.fullname" . }}
+  labels:
+    {{- include "benthos-openmeter.labels" . | nindent 4 }}
+rules:
+  - apiGroups: [""]
+    resources: ["pods"]
+    verbs: ["list"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "benthos-openmeter.fullname" . }}
+  labels:
+    {{- include "benthos-openmeter.labels" . | nindent 4 }}
+roleRef:
+  kind: ClusterRole
+  apiGroup: rbac.authorization.k8s.io
+  name: {{ include "benthos-openmeter.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  namespace: {{ .Release.Namespace }}
+  name: {{ include "benthos-openmeter.serviceAccountName" . }}
+{{- end }}
diff --git a/deploy/charts/benthos-openmeter/templates/secret.yaml b/deploy/charts/benthos-openmeter/templates/secret.yaml
new file mode 100644
index 0000000..24e1d13
--- /dev/null
+++ b/deploy/charts/benthos-openmeter/templates/secret.yaml
@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "benthos-openmeter.fullname" . }}
+  labels:
+    {{- include "benthos-openmeter.labels" . | nindent 4 }}
+type: Opaque
+data:
+  OPENMETER_URL: {{ required "OpenMeter URL is required" .Values.openmeter.url | b64enc | quote }}
+  {{- with .Values.openmeter.token }}
+  OPENMETER_TOKEN: {{ . | b64enc | quote }}
+  {{- end }}
+
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "benthos-openmeter.componentName" (list . "config") }}
+  labels:
+    {{- include "benthos-openmeter.labels" . | nindent 4 }}
+type: Opaque
+data:
+  config.yaml: {{ .Values.config | toYaml | b64enc | quote }}
diff --git a/deploy/charts/benthos-openmeter/values.yaml b/deploy/charts/benthos-openmeter/values.yaml
index 3627981..369c84b 100644
--- a/deploy/charts/benthos-openmeter/values.yaml
+++ b/deploy/charts/benthos-openmeter/values.yaml
@@ -12,6 +12,25 @@ image:
   # -- Image tag override for the default value (chart appVersion).
   tag: ""
 
+openmeter:
+  # -- OpenMeter API URL
+  url: https://openmeter.cloud
+
+  # -- OpenMeter token
+  token: ""
+
+# -- Benthos configuration
+# Takes precedence over `useExistingConfigFile` and `useExample`.
+config: {}
+
+# -- Use an existing config file mounted via `volumes` and `volumeMounts`.
+# Takes precedence over `useExample`.
+useExistingConfigFile: ""
+
+# -- Use one of the predefined examples.
+# Note: Read the documentation for the specific example to learn about configuration via env vars.
+useExample: ""
+
 # -- Reference to one or more secrets to be used when [pulling images](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) (from private registries).
 imagePullSecrets: []
 
@@ -32,6 +51,11 @@ serviceAccount:
   # If not set and create is true, a name is generated using the fullname template
   name: ""
 
+rbac:
+  # -- Specifies whether RBAC resources should be created.
+  # If disabled, the operator is responsible for creating the necessary resources based on the templates.
+  create: true
+
 # -- Annotations to be added to pods.
 podAnnotations: {}
 
@@ -82,6 +106,14 @@ volumeMounts: []
 #   mountPath: "/etc/foo"
 #   readOnly: true
 
+# -- Additional environment variables mounted from [secrets](https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-environment-variables) or [config maps](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables).
+# See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#environment-variables) for details.
+envFrom: []
+
+# -- Additional environment variables passed directly to containers.
+# See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#environment-variables) for details.
+env: {}
+
 # -- [Node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) configuration.
 nodeSelector: {}
 
diff --git a/examples/kubernetes-pod-exec-time/README.md b/examples/kubernetes-pod-exec-time/README.md
index 56b2e39..56f0613 100644
--- a/examples/kubernetes-pod-exec-time/README.md
+++ b/examples/kubernetes-pod-exec-time/README.md
@@ -13,7 +13,7 @@ Additional tools you are going to need:
 - [kubectl](https://kubernetes.io/docs/tasks/tools/)
 - [helm](https://helm.sh/docs/intro/install/)
 
-## Getting started
+## Preparations
 
 Create a new Kubernetes cluster using `kind`:
 
@@ -24,21 +24,40 @@ kind create cluster
 > [!TIP]
 > Alternatively, set up your `kubectl` context to point to your existing cluster.
 
-## Deploy Benthos
+Deploy the test Pods to the cluster:
+
+```shell
+kubectl apply -f seed/pod.yaml
+```
+
+## Deploy the example
 
 Deploy Benthos to your cluster:
 
 ```shell
-helm install --wait --namespace benthos --create-namespace benthos-openmeter oci://ghcr.io/openmeterio/helm-charts/benthos-openmeter
+helm install --wait --namespace benthos --create-namespace --set useExample=kubernetes-pod-exec-time --set openmeter.url=<OPENMETER URL> --set openmeter.token=<OPENMETER_TOKEN> benthos-openmeter oci://ghcr.io/openmeterio/helm-charts/benthos-openmeter
 ```
 
-TODO: add openmeter token
-TODO: add kube collector config
+> [!TIP]
+> If you use OpenMeter Cloud, you can omit the `openmeter.url` parameter.
 
-Deploy the test Pods to the cluster:
+
+## Cleanup
+
+Uninstall Benthos from the cluster:
 
 ```shell
+helm delete --namespace benthos benthos-openmeter
+```
 
+Remove the sample Pods from the cluster:
+
+```shell
+kubectl delete -f seed/pod.yaml
 ```
 
-## Cleanup
+Delete the cluster:
+
+```shell
+kind delete cluster
+```
diff --git a/examples/kubernetes-pod-exec-time/seed/pod.yaml b/examples/kubernetes-pod-exec-time/seed/pod.yaml
new file mode 100644
index 0000000..6974283
--- /dev/null
+++ b/examples/kubernetes-pod-exec-time/seed/pod.yaml
@@ -0,0 +1,82 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pod-1
+  labels:
+    openmeter.io/subject: customer-1
+    data.openmeter.io/customer_group: platinum
+spec:
+  containers:
+    - name: busybox
+      image: busybox
+      command: ["sh", "-c", "echo The app is running! && sleep 3600"]
+
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pod-2
+  labels:
+    openmeter.io/subject: customer-2
+    data.openmeter.io/customer_group: gold
+spec:
+  containers:
+    - name: busybox
+      image: busybox
+      command: ["sh", "-c", "echo The app is running! && sleep 3600"]
+
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pod-3
+  labels:
+    openmeter.io/subject: customer-3
+    data.openmeter.io/customer_group: platinum
+spec:
+  containers:
+    - name: busybox
+      image: busybox
+      command: ["sh", "-c", "echo The app is running! && sleep 3600"]
+
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pod-4
+  labels:
+    openmeter.io/subject: customer-4
+    data.openmeter.io/customer_group: platinum
+spec:
+  containers:
+    - name: busybox
+      image: busybox
+      command: ["sh", "-c", "echo The app is running! && sleep 3600"]
+
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pod-5
+  labels:
+    openmeter.io/subject: customer-5
+    data.openmeter.io/customer_group: gold
+spec:
+  containers:
+    - name: busybox
+      image: busybox
+      command: ["sh", "-c", "echo The app is running! && sleep 3600"]
+
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pod-6
+  labels:
+    openmeter.io/subject: customer-6
+    data.openmeter.io/customer_group: platinum
+spec:
+  containers:
+    - name: busybox
+      image: busybox
+      command: ["sh", "-c", "echo The app is running! && sleep 3600"]