From 40077150be9053562d7a63eb0d1d26102cc2897d Mon Sep 17 00:00:00 2001
From: Gabriel MATIAS <gabriel.matias@easymile.com>
Date: Fri, 23 Aug 2024 12:00:07 +0200
Subject: [PATCH] major(update): switch to go version of sentry-kubernetes with
 first minimal version of the chart

---
 charts/sentry-kubernetes/Chart.yaml           |   2 +-
 charts/sentry-kubernetes/README.md            | 100 +++++++++++++++---
 .../templates/clusterrole.yaml                |   4 +
 .../templates/deployment.yaml                 |  39 ++++++-
 charts/sentry-kubernetes/values.yaml          |  39 ++++++-
 5 files changed, 161 insertions(+), 23 deletions(-)

diff --git a/charts/sentry-kubernetes/Chart.yaml b/charts/sentry-kubernetes/Chart.yaml
index a50a9095c..bb19a8e26 100644
--- a/charts/sentry-kubernetes/Chart.yaml
+++ b/charts/sentry-kubernetes/Chart.yaml
@@ -3,7 +3,7 @@ name: sentry-kubernetes
 description: A Helm chart for sentry-kubernetes
   (https://github.com/getsentry/sentry-kubernetes)
 type: application
-version: 0.3.4
+version: 0.4.0
 appVersion: latest
 home: https://github.com/getsentry/sentry-kubernetes
 icon: https://sentry-brand.storage.googleapis.com/sentry-glyph-white.png
diff --git a/charts/sentry-kubernetes/README.md b/charts/sentry-kubernetes/README.md
index a79f63b37..6d1f072f1 100644
--- a/charts/sentry-kubernetes/README.md
+++ b/charts/sentry-kubernetes/README.md
@@ -10,18 +10,88 @@ $ helm install sentry/sentry-kubernetes --name my-release --set sentry.dsn=<your
 
 ## Configuration
 
-The following table lists the configurable parameters of the sentry-kubernetes chart and their default values.
-
-| Parameter               | Description                                                                                                                 | Default                       |
-| ----------------------- | --------------------------------------------------------------------------------------------------------------------------- | ----------------------------- |
-| `sentry.dsn`            | Sentry dsn                                                                                                                  | Empty                         |
-| `existingSecret`        | Existing secret to read DSN from                                                                                            | Empty                         |
-| `sentry.environment`    | Sentry environment                                                                                                          | Empty                         |
-| `sentry.release`        | Sentry release                                                                                                              | Empty                         |
-| `sentry.logLevel`       | Sentry log level                                                                                                            | Empty                         |
-| `image.repository`      | Container image name                                                                                                        | `getsentry/sentry-kubernetes` |
-| `image.tag`             | Container image tag                                                                                                         | `latest`                      |
-| `rbac.create`           | If `true`, create and use RBAC resources                                                                                    | `true`                        |
-| `serviceAccount.name`   | Service account to be used. If not set and serviceAccount.create is `true`, a name is generated using the fullname template | ``                            |
-| `serviceAccount.create` | If true, create a new service account                                                                                       | `true`                        |
-| `priorityClassName`     | pod priorityClassName                                                                                                       | Empty                         |
+The following table lists the configurable parameters of the sentry-kubernetes chart and their default values:
+
+| Parameter                       | Description                                                                                                                 | Default                       |
+| ------------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ----------------------------- |
+| `sentry.dsn`                    | Sentry DSN                                                                                                                  | Empty                         |
+| `existingSecret`                | Existing secret to read DSN from                                                                                            | Empty                         |
+| `sentry.environment`            | Sentry environment                                                                                                          | Empty                         |
+| `sentry.release`                | Sentry release version                                                                                                      | Empty                         |
+| `sentry.logLevel`               | Sentry log level (trace, debug, info, warn, error, disabled)                                                                | `info`                        |
+| `sentry.watchNamespaces`        | Comma-separated list of namespaces to watch (set to `__all__` to watch all namespaces)                                      | `default`                     |
+| `sentry.watchHistorical`        | Set to `1` to report all existing (old) events, `0` to only report new events                                               | `0`                           |
+| `sentry.clusterConfigType`      | Cluster configuration type (`auto`, `in-cluster`, `out-cluster`)                                                            | `auto`                        |
+| `sentry.kubeconfigPath`         | Filesystem path to the kubeconfig used to connect to the cluster (used if `clusterConfigType` is `out-cluster`)             | Empty                         |
+| `sentry.monitorCronjobs`        | Set to `1` to enable Sentry Crons integration for CronJob objects                                                           | `0`                           |
+| `sentry.customDsns`             | Set to `1` to enable custom DSN specified in annotations with the key `k8s.sentry.io/dsn`                                   | `0`                           |
+| `image.repository`              | Container image name                                                                                                        | `getsentry/sentry-kubernetes` |
+| `image.tag`                     | Container image tag                                                                                                         | `latest`                      |
+| `rbac.create`                   | If `true`, create and use RBAC resources                                                                                    | `true`                        |
+| `serviceAccount.name`           | Service account to be used. If not set and serviceAccount.create is `true`, a name is generated using the fullname template | Empty                         |
+| `serviceAccount.create`         | If true, create a new service account                                                                                       | `true`                        |
+| `priorityClassName`             | Pod priorityClassName                                                                                                       | Empty                         |
+| `resources`                     | Resource requests and limits                                                                                                | `{}`                          |
+| `nodeSelector`                  | Node labels for pod assignment                                                                                              | `{}`                          |
+| `tolerations`                   | Tolerations for pod assignment                                                                                              | `[]`                          |
+| `podAnnotations`                | Annotations to add to the pod                                                                                               | `{}`                          |
+| `podLabels`                     | Additional labels to add to the pod                                                                                         | `{}`                          |
+| `rbac.custom_rules` | List of custom RBAC rules to extend default permissions. Each rule can specify `apiGroups`, `resources`, and `verbs`. | `[]`    |
+| `sentry.appendEnv`  | List of custom environment variables to append. Each item can specify a `name` and either a `value` or a `valueFrom` reference. | `[]`    |
+
+## Usage
+
+After installing the chart, you can configure various aspects of the sentry-kubernetes integration by modifying the `values.yaml` file or using `--set` flags during installation.
+
+### Example `values.yaml` Configuration
+
+Here's an example `values.yaml` that sets up sentry-kubernetes with custom configurations (remove unused values for default values):
+
+```yaml
+
+sentry:
+  dsn: <your-dsn>
+  environment: production
+  release: "1.0.0"
+  logLevel: info
+  watchNamespaces: "default,production"
+  watchHistorical: "1"
+  clusterConfigType: auto
+  kubeconfigPath: "/path/to/kubeconfig"
+  monitorCronjobs: "1"
+  customDsns: "1"
+  appendEnv:
+    - name: SENTRY_NEW_ENV_1
+      value: "newvalues"
+    - name: SENTRY_NEW_ENV_2
+      value: "newvalues"
+
+
+rbac:
+  # Specifies whether RBAC resources should be created
+  create: true
+  custom_rules:
+   - verbs:
+       - get
+       - list
+       - watch
+     apiGroups:
+       - 'apps'
+       - 'batch'
+       - ''
+     resources:
+       - events
+       - jobs
+       - deployments
+       - replicasets
+       - cronjobs
+       - pods
+
+resources:
+  limits:
+    cpu: 500m
+    memory: 512Mi
+  requests:
+    cpu: 250m
+    memory: 256Mi
+
diff --git a/charts/sentry-kubernetes/templates/clusterrole.yaml b/charts/sentry-kubernetes/templates/clusterrole.yaml
index 2afc81ecd..0b9a9e414 100644
--- a/charts/sentry-kubernetes/templates/clusterrole.yaml
+++ b/charts/sentry-kubernetes/templates/clusterrole.yaml
@@ -13,4 +13,8 @@ rules:
       - get
       - list
       - watch
+  # Custom rules inclusion
+  {{ if .Values.sentry.custom_rules }}
+  {{ toYaml .Values.sentry.custom_rules | indent 4 }}
+  {{ end }}
 {{- end -}}
\ No newline at end of file
diff --git a/charts/sentry-kubernetes/templates/deployment.yaml b/charts/sentry-kubernetes/templates/deployment.yaml
index 189e6ccbd..11958d3c5 100644
--- a/charts/sentry-kubernetes/templates/deployment.yaml
+++ b/charts/sentry-kubernetes/templates/deployment.yaml
@@ -17,7 +17,7 @@ spec:
         {{- end }}
       labels:
         app: {{ template "sentry-kubernetes.name" . }}
-        release: {{.Release.Name }}
+        release: {{ .Release.Name }}
         {{- if .Values.podLabels }}
 {{ toYaml .Values.podLabels | indent 8 }}
         {{- end }}
@@ -30,23 +30,52 @@ spec:
         image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         env:
-          - name: DSN
+          {{ if .Values.sentry.dsn }}
+          - name: SENTRY_DSN
             valueFrom:
               secretKeyRef:
                 name: {{ template "sentry-kubernetes.secretName" . }}
                 key: sentry.dsn
+          {{ end }}
           {{ if .Values.sentry.environment }}
-          - name: ENVIRONMENT
+          - name: SENTRY_ENVIRONMENT
             value: {{ .Values.sentry.environment }}
           {{ end }}
           {{ if .Values.sentry.release }}
-          - name: RELEASE
+          - name: SENTRY_RELEASE
             value: {{ .Values.sentry.release }}
           {{ end }}
           {{ if .Values.sentry.logLevel }}
-          - name: LOG_LEVEL
+          - name: SENTRY_K8S_LOG_LEVEL
             value: {{ .Values.sentry.logLevel }}
           {{ end }}
+          {{ if .Values.sentry.watchNamespaces }}
+          - name: SENTRY_K8S_WATCH_NAMESPACES
+            value: {{ .Values.sentry.watchNamespaces }}
+          {{ end }}
+          {{ if .Values.sentry.watchHistorical }}
+          - name: SENTRY_K8S_WATCH_HISTORICAL
+            value: {{ .Values.sentry.watchHistorical }}
+          {{ end }}
+          {{ if .Values.sentry.clusterConfigType }}
+          - name: SENTRY_K8S_CLUSTER_CONFIG_TYPE
+            value: {{ .Values.sentry.clusterConfigType }}
+          {{ end }}
+          {{ if .Values.sentry.kubeconfigPath }}
+          - name: SENTRY_K8S_KUBECONFIG_PATH
+            value: {{ .Values.sentry.kubeconfigPath }}
+          {{ end }}
+          {{ if .Values.sentry.monitorCronjobs }}
+          - name: SENTRY_K8S_MONITOR_CRONJOBS
+            value: {{ .Values.sentry.monitorCronjobs }}
+          {{ end }}
+          {{ if .Values.sentry.customDsns }}
+          - name: SENTRY_K8S_CUSTOM_DSNS
+            value: {{ .Values.sentry.customDsns }}
+          {{ end }}
+          {{ if .Values.sentry.appendEnv }}
+          {{ toYaml .Values.sentry.appendEnv | indent 10 }}
+          {{ end }}
         resources:
 {{ toYaml .Values.resources | indent 10 }}
     {{- if .Values.nodeSelector }}
diff --git a/charts/sentry-kubernetes/values.yaml b/charts/sentry-kubernetes/values.yaml
index cfc6fa955..b382bb4fb 100644
--- a/charts/sentry-kubernetes/values.yaml
+++ b/charts/sentry-kubernetes/values.yaml
@@ -2,11 +2,26 @@
 
 sentry:
   dsn: <change-me>
-  logLevel: ~
+  # environment: production
+  # release: "1.0.0"
+  # logLevel: info
+  # watchNamespaces: "default,production"
+  # watchHistorical: "1"
+  # clusterConfigType: auto
+  # kubeconfigPath: "/path/to/kubeconfig"
+  # monitorCronjobs: "1"
+  # customDsns: "1"
+  # appendEnv:
+  #   - name: SENTRY_NEW_ENV_1
+  #     value: "newvalues"
+  #   - name: SENTRY_NEW_ENV_2
+  #     value: "newvalues"
+
 # Sentry DSN config using an existing secret:
 # existingSecret:
 image:
-  repository: getsentry/sentry-kubernetes
+  repository: ghcr.io/getsentry/sentry-kubernetes
+  # Tag should be set in hard in the charts when getsentry will do the job of releasing version.
   tag: latest
   pullPolicy: Always
 resources: {}
@@ -17,16 +32,36 @@ resources: {}
   #  cpu: 100m
   #  memory: 128Mi
 
+# This can be use to add custom env var to the pod if not yet supported by the chart.
+custom_env:
+
 serviceAccount:
   # Specifies whether a ServiceAccount should be created
   create: true
   # The name of the ServiceAccount to use.
   # If not set and create is true, a name is generated using the fullname template
   name:
+  # if your need more specific cluster_roles for security reason, custom will be used in place
 
 rbac:
   # Specifies whether RBAC resources should be created
   create: true
+  #custom_rules:
+  # - verbs:
+  #     - get
+  #     - list
+  #     - watch
+  #   apiGroups:
+  #     - 'apps'
+  #     - 'batch'
+  #     - ''
+  #   resources:
+  #     - events
+  #     - jobs
+  #     - deployments
+  #     - replicasets
+  #     - cronjobs
+  #     - pods
 
 # Set priorityCLassName in deployment
 # priorityClassName: ""