From 2fe9bbf1f1382ba32be17df309dded8fcc07a44a Mon Sep 17 00:00:00 2001 From: Diego Cristobal Date: Thu, 16 Nov 2023 09:07:31 +0100 Subject: [PATCH 1/2] Feat: create the logic to allow use a token from a secret --- wavefront/templates/api-token-secret.yaml | 2 +- wavefront/templates/proxy-deployment.yaml | 8 ++++++++ wavefront/values.yaml | 2 ++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/wavefront/templates/api-token-secret.yaml b/wavefront/templates/api-token-secret.yaml index f15534d6..2f23c903 100644 --- a/wavefront/templates/api-token-secret.yaml +++ b/wavefront/templates/api-token-secret.yaml @@ -1,4 +1,4 @@ -{{- if .Values.wavefront.token }} +{{- if and .Values.wavefront.token (not .Values.wavefront.tokenFromSecret) }} apiVersion: v1 kind: Secret metadata: diff --git a/wavefront/templates/proxy-deployment.yaml b/wavefront/templates/proxy-deployment.yaml index 9b1bf0d7..a2d82551 100644 --- a/wavefront/templates/proxy-deployment.yaml +++ b/wavefront/templates/proxy-deployment.yaml @@ -31,11 +31,19 @@ spec: env: - name: WAVEFRONT_URL value: {{ .Values.wavefront.url }}/api + {{- if .Values.wavefront.tokenFromSecret }} + - name: WAVEFRONT_TOKEN + valueFrom: + secretKeyRef: + name: {{ .Values.wavefront.tokenFromSecret }} + key: api-token + {{- else }} - name: WAVEFRONT_TOKEN valueFrom: secretKeyRef: name: {{ template "wavefront.fullname" . }} key: api-token + {{- end }} - name: WAVEFRONT_PROXY_ARGS value: {{ .Values.proxy.args }} {{- if .Values.proxy.tracePort }} --traceListenerPorts {{ .Values.proxy.tracePort }}{{- end -}} diff --git a/wavefront/values.yaml b/wavefront/values.yaml index 53640c7a..b57f2509 100644 --- a/wavefront/values.yaml +++ b/wavefront/values.yaml @@ -13,6 +13,8 @@ installationMethod: helm wavefront: url: https://YOUR_CLUSTER.wavefront.com token: YOUR_API_TOKEN +# OPTIONAL, Allow to use a secret to pull the credentials. + tokenFromSecret: "" ## Wavefront Collector is responsible to get all Kubernetes metrics from your cluster. From 44a07475b426d62baa36470e6f2dce845480e2f7 Mon Sep 17 00:00:00 2001 From: Diego Cristobal Date: Thu, 16 Nov 2023 09:12:06 +0100 Subject: [PATCH 2/2] Doc: add the variable in the Readme and some comments --- wavefront/README.md | 1 + wavefront/values.yaml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/wavefront/README.md b/wavefront/README.md index 91a3444e..da60944e 100644 --- a/wavefront/README.md +++ b/wavefront/README.md @@ -59,6 +59,7 @@ The following tables lists the configurable parameters of the Wavefront chart an | `clusterName` | Unique name for the Kubernetes cluster | `KUBERNETES_CLUSTER_NAME` | | `wavefront.url` | Wavefront URL for your cluster | `https://YOUR_CLUSTER.wavefront.com` | | `wavefront.token` | Wavefront API Token | `YOUR_API_TOKEN` | +| `wavefront.tokenFromSecret` | Wavefront API Token from a Secret | `nil` | | `collector.enabled` | Setup and enable the Wavefront collector to gather metrics | `true` | | `collector.image.repository` | Wavefront collector image registry and name | `projects.registry.vmware.com/tanzu_observability/kubernetes-collector` | | `collector.image.tag` | Wavefront collector image tag | `{TAG_NAME}` | diff --git a/wavefront/values.yaml b/wavefront/values.yaml index b57f2509..9b9b7d39 100644 --- a/wavefront/values.yaml +++ b/wavefront/values.yaml @@ -13,7 +13,7 @@ installationMethod: helm wavefront: url: https://YOUR_CLUSTER.wavefront.com token: YOUR_API_TOKEN -# OPTIONAL, Allow to use a secret to pull the credentials. +# OPTIONAL, Allow to use a secret to pull the credentials, the required key is `api-token` tokenFromSecret: ""