diff --git a/charts/argus/Chart.yaml b/charts/argus/Chart.yaml index 8680905..bfaccd8 100644 --- a/charts/argus/Chart.yaml +++ b/charts/argus/Chart.yaml @@ -6,11 +6,11 @@ maintainers: - email: argus@logicmonitor.com name: LogicMonitor name: argus -version: 6.3.0 +version: 7.0.0 home: https://logicmonitor.github.io/helm-charts -appVersion: v11.3.0 +appVersion: v11.4.0 dependencies: - name: lmutil repository: https://logicmonitor.github.io/helm-charts # repository: file://../lmutil - version: 0.1.6 + version: 0.1.9 diff --git a/charts/argus/templates/_helpers.tpl b/charts/argus/templates/_helpers.tpl index fdfee22..f68c3ac 100644 --- a/charts/argus/templates/_helpers.tpl +++ b/charts/argus/templates/_helpers.tpl @@ -130,4 +130,62 @@ Collector Pod security context capabilities: drop: {{ toYaml .Values.collector.securityContext.capabilities.drop | nindent 4 }} add: {{ toYaml $addCaps | nindent 4 }} -{{- end }} \ No newline at end of file +{{- end }} + +{{/* +LM Credentials and Proxy Details. +The user can provide proxy details in values.yaml or by creating user defined secret. +Argus proxy takes precendence over the global proxy. We need to check if the user defined secret contains +Argus proxy details or not, for this we're using Lookup function in helm. +*/}} + +{{- define "lm-credentials-and-proxy-details" -}} +{{- $secretObj := (lookup "v1" "Secret" .Release.Namespace .Values.global.userDefinedSecret) | default dict }} +{{- $secretData := (get $secretObj "data") | default dict }} +{{- $data := dict "root" . "secretdata" $secretData }} +{{- include "lmutil.validate-user-provided-secret" $data }} +- name: ACCESS_ID + valueFrom: + secretKeyRef: + name: {{ include "lmutil.secret-name" . }} + key: accessID +- name: ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ include "lmutil.secret-name" . }} + key: accessKey +- name: ACCOUNT + valueFrom: + secretKeyRef: + name: {{ include "lmutil.secret-name" . }} + key: account +{{- if $secretData.etcdDiscoveryToken }} +- name: ETCD_DISCOVERY_TOKEN + valueFrom: + secretKeyRef: + name: {{ include "lmutil.secret-name" . }} + key: etcdDiscoveryToken +{{- end }} +{{- if or $secretData.argusProxyUser $secretData.proxyUser .Values.proxy.user .Values.global.proxy.user }} +- name: PROXY_USER + valueFrom: + secretKeyRef: + name: {{ include "lmutil.secret-name" . }} + {{- if $secretData.argusProxyUser }} + key: argusProxyUser + {{- else }} + key: proxyUser + {{- end }} +{{- end }} +{{- if or $secretData.argusProxyPass $secretData.proxyPass .Values.proxy.pass .Values.global.proxy.pass }} +- name: PROXY_PASS + valueFrom: + secretKeyRef: + name: {{ include "lmutil.secret-name" . }} + {{- if $secretData.argusProxyPass }} + key: argusProxyPass + {{- else }} + key: proxyPass + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/argus/templates/collectorset.yaml b/charts/argus/templates/collectorset.yaml index 518b250..b377f31 100644 --- a/charts/argus/templates/collectorset.yaml +++ b/charts/argus/templates/collectorset.yaml @@ -31,18 +31,22 @@ spec: {{- if .Values.collector.useEA }} useEA: {{ .Values.collector.useEA }} {{- end }} + {{/* TODO: create a function for the below logic */}} + {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace .Values.global.userDefinedSecret) | default dict }} + {{- $secretData := (get $secretObj "data") | default dict }} + {{- if or $secretData.collectorProxyUser $secretData.proxyUser }} + secretName: {{ .Values.global.userDefinedSecret }} + {{- else if and (not (empty .Values.collector.proxy.user)) (empty .Values.global.userDefinedSecret ) }} + secretName: {{ include "lmutil.fullname" . }}-collector + {{- else if and (not (empty .Values.global.proxy.user)) (empty .Values.global.userDefinedSecret ) }} + secretName: {{ include "lmutil.fullname" . }}-collector + {{- end }} {{- if .Values.collector.proxy.url }} proxy: url: {{ .Values.collector.proxy.url }} - {{- if .Values.collector.proxy.user }} - secretName: {{ include "lmutil.fullname" . }}-collector - {{- end }} {{- else if .Values.global.proxy.url }} proxy: url: {{ .Values.global.proxy.url }} - {{- if .Values.global.proxy.user }} - secretName: {{ include "lmutil.fullname" . }}-collector - {{- end }} {{- end }} labels: {{- include "collector.labels" . | nindent 4 }} diff --git a/charts/argus/templates/deployment.yaml b/charts/argus/templates/deployment.yaml index 40dcaf9..b0f832c 100644 --- a/charts/argus/templates/deployment.yaml +++ b/charts/argus/templates/deployment.yaml @@ -82,37 +82,4 @@ spec: value: {{ template "lmutil.name" . }} - name: APP_KUBERNETES_IO_INSTANCE value: {{ .Release.Name }} - - name: ACCESS_ID - valueFrom: - secretKeyRef: - name: {{ include "lmutil.fullname" . }} - key: accessID - - name: ACCESS_KEY - valueFrom: - secretKeyRef: - name: {{ include "lmutil.fullname" . }} - key: accessKey - - name: ACCOUNT - valueFrom: - secretKeyRef: - name: {{ include "lmutil.fullname" . }} - key: account - - name: ETCD_DISCOVERY_TOKEN - valueFrom: - secretKeyRef: - name: {{ include "lmutil.fullname" . }} - key: etcdDiscoveryToken - {{- if .Values.proxy.user }} - - name: PROXY_USER - valueFrom: - secretKeyRef: - name: {{ include "lmutil.fullname" . }} - key: proxyUser - {{- end }} - {{- if .Values.proxy.pass }} - - name: PROXY_PASS - valueFrom: - secretKeyRef: - name: {{ include "lmutil.fullname" . }} - key: proxyPass - {{- end }} + {{ include "lm-credentials-and-proxy-details" . | nindent 12 }} \ No newline at end of file diff --git a/charts/argus/templates/secret.yaml b/charts/argus/templates/secret.yaml index 047a859..2bf3f7b 100644 --- a/charts/argus/templates/secret.yaml +++ b/charts/argus/templates/secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.global.userDefinedSecret -}} apiVersion: v1 kind: Secret metadata: @@ -52,3 +53,4 @@ data: proxyPass: {{ default "" .Values.global.proxy.pass | b64enc }} {{- end }} {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argus/values.schema.json b/charts/argus/values.schema.json index 6774d8e..b7713f6 100644 --- a/charts/argus/values.schema.json +++ b/charts/argus/values.schema.json @@ -139,7 +139,8 @@ "image": { "pullPolicy": "Always" }, - "collectorsetServiceNameSuffix": "" + "collectorsetServiceNameSuffix": "", + "userDefinedSecret": "" }, "nameOverride": "", "fullnameOverride": "", @@ -2390,6 +2391,13 @@ "type": "string", "default": "", "description": "Suffix to be added to .Release.name to generate Collectorset controller service URL.\nKeep it empty while installing this chart individually, umbrella chart uses this to generate unique name across." + }, + "userDefinedSecret": { + "$id": "#/properties/global/properties/userDefinedSecret", + "$comment": "tf:optional", + "type": "string", + "default": "", + "description": "User can provide LM credentials in a Secret instead of plain text. The secret should contain 'accessID', 'accessKey', 'account' along with optional params e.g. 'etcdDiscoveryToken', proxy credentials" } } }, diff --git a/charts/argus/values.yaml b/charts/argus/values.yaml index 6b7694e..c957752 100644 --- a/charts/argus/values.yaml +++ b/charts/argus/values.yaml @@ -216,6 +216,7 @@ global: repository: "" pullPolicy: Always collectorsetServiceNameSuffix: "" + userDefinedSecret: "" imagePullSecrets: [] nameOverride: ""