Skip to content

Commit

Permalink
load secrets dynamically for Confluent Metrics scraper (#1223)
Browse files Browse the repository at this point in the history
  • Loading branch information
@samidbb
samidbb authored Dec 7, 2023
1 parent 70f4061 commit 1da307b
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 26 deletions.
50 changes: 26 additions & 24 deletions compute/k8s-services/dependencies.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -274,30 +274,32 @@ locals {
}

atlantis_env_vars_default = {
PRODUCTION_AWS_ACCESS_KEY_ID = var.atlantis_aws_access_key
PRODUCTION_AWS_SECRET_ACCESS_KEY = var.atlantis_aws_secret
PRODUCTION_TF_VAR_slack_webhook_url = var.slack_webhook_url
PRODUCTION_TF_VAR_monitoring_kube_prometheus_stack_slack_webhook = var.monitoring_kube_prometheus_stack_slack_webhook
STAGING_AWS_ACCESS_KEY_ID = var.atlantis_staging_aws_access_key
STAGING_AWS_SECRET_ACCESS_KEY = var.atlantis_staging_aws_secret
STAGING_TF_VAR_slack_webhook_url = var.staging_slack_webhook_url
STAGING_TF_VAR_monitoring_kube_prometheus_stack_slack_webhook = var.monitoring_kube_prometheus_stack_staging_slack_webhook
SHARED_ARM_TENANT_ID = var.atlantis_arm_tenant_id
SHARED_ARM_SUBSCRIPTION_ID = var.atlantis_arm_subscription_id
SHARED_ARM_CLIENT_ID = var.atlantis_arm_client_id
SHARED_ARM_CLIENT_SECRET = var.atlantis_arm_client_secret
SHARED_TF_VAR_monitoring_kube_prometheus_stack_azure_tenant_id = var.monitoring_kube_prometheus_stack_azure_tenant_id
SHARED_TF_VAR_fluxcd_bootstrap_repo_owner_token = var.fluxcd_bootstrap_repo_owner_token
SHARED_TF_VAR_atlantis_github_token = var.atlantis_github_token
PRODUCTION_PRIME_AWS_ACCESS_KEY_ID = var.prime_aws_access_key
PRODUCTION_PRIME_AWS_SECRET_ACCESS_KEY = var.prime_aws_secret
PRODUCTION_PREPRIME_AWS_ACCESS_KEY_ID = var.preprime_aws_access_key
PRODUCTION_PREPRIME_AWS_SECRET_ACCESS_KEY = var.preprime_aws_secret
PRODUCTION_PREPRIME_BACKUP_REPORTS_SLACK_WEBHOOK_URL = var.preprime_backup_reports_slack_webhook_url
PRODUCTION_AWS_ACCOUNT_MANIFESTS_KAFKA_BROKER = var.aws_account_manifests_kafka_broker
PRODUCTION_AWS_ACCOUNT_MANIFESTS_KAFKA_USERNAME = var.aws_account_manifests_kafka_username
PRODUCTION_AWS_ACCOUNT_MANIFESTS_KAFKA_PASSWORD = var.aws_account_manifests_kafka_password
PRODUCTION_AWS_ACCOUNT_MANIFESTS_HARDENED_MONITORING_SLACK_TOKEN = var.aws_account_manifests_hardened_monitoring_slack_token
PRODUCTION_AWS_ACCESS_KEY_ID = var.atlantis_aws_access_key
PRODUCTION_AWS_SECRET_ACCESS_KEY = var.atlantis_aws_secret
PRODUCTION_TF_VAR_slack_webhook_url = var.slack_webhook_url
PRODUCTION_TF_VAR_monitoring_kube_prometheus_stack_slack_webhook = var.monitoring_kube_prometheus_stack_slack_webhook
STAGING_AWS_ACCESS_KEY_ID = var.atlantis_staging_aws_access_key
STAGING_AWS_SECRET_ACCESS_KEY = var.atlantis_staging_aws_secret
STAGING_TF_VAR_slack_webhook_url = var.staging_slack_webhook_url
STAGING_TF_VAR_monitoring_kube_prometheus_stack_slack_webhook = var.monitoring_kube_prometheus_stack_staging_slack_webhook
SHARED_ARM_TENANT_ID = var.atlantis_arm_tenant_id
SHARED_ARM_SUBSCRIPTION_ID = var.atlantis_arm_subscription_id
SHARED_ARM_CLIENT_ID = var.atlantis_arm_client_id
SHARED_ARM_CLIENT_SECRET = var.atlantis_arm_client_secret
SHARED_TF_VAR_monitoring_kube_prometheus_stack_azure_tenant_id = var.monitoring_kube_prometheus_stack_azure_tenant_id
SHARED_TF_VAR_fluxcd_bootstrap_repo_owner_token = var.fluxcd_bootstrap_repo_owner_token
SHARED_TF_VAR_atlantis_github_token = var.atlantis_github_token
PRODUCTION_PRIME_AWS_ACCESS_KEY_ID = var.prime_aws_access_key
PRODUCTION_PRIME_AWS_SECRET_ACCESS_KEY = var.prime_aws_secret
PRODUCTION_PREPRIME_AWS_ACCESS_KEY_ID = var.preprime_aws_access_key
PRODUCTION_PREPRIME_AWS_SECRET_ACCESS_KEY = var.preprime_aws_secret
PRODUCTION_PREPRIME_BACKUP_REPORTS_SLACK_WEBHOOK_URL = var.preprime_backup_reports_slack_webhook_url
PRODUCTION_AWS_ACCOUNT_MANIFESTS_KAFKA_BROKER = var.aws_account_manifests_kafka_broker
PRODUCTION_AWS_ACCOUNT_MANIFESTS_KAFKA_USERNAME = var.aws_account_manifests_kafka_username
PRODUCTION_AWS_ACCOUNT_MANIFESTS_KAFKA_PASSWORD = var.aws_account_manifests_kafka_password
PRODUCTION_AWS_ACCOUNT_MANIFESTS_HARDENED_MONITORING_SLACK_TOKEN = var.aws_account_manifests_hardened_monitoring_slack_token
CONFLUENT_KAFKA_PROD_PROMETHEUS_METRICS_EXPORTER_HELLMAN_API_KEY = var.monitoring_kube_prometheus_stack_prometheus_confluent_metrics_api_key
CONFLUENT_KAFKA_PROD_PROMETHEUS_METRICS_EXPORTER_HELLMAN_API_SECRET = var.monitoring_kube_prometheus_stack_prometheus_confluent_metrics_api_secret
}

atlantis_env_vars = var.crossplane_deploy ? merge(local.atlantis_env_vars_default, local.confluent_env_vars_for_atlantis) : local.atlantis_env_vars_default
Expand Down
4 changes: 2 additions & 2 deletions test/integration/eu-west-1/k8s-qa/services/terragrunt.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,8 +142,8 @@ inputs = {
monitoring_kube_prometheus_stack_prometheus_query_log_file_enabled = true
monitoring_kube_prometheus_stack_prometheus_enable_features = ["memory-snapshot-on-shutdown"]
monitoring_kube_prometheus_stack_prometheus_confluent_metrics_scrape_enabled = true
monitoring_kube_prometheus_stack_prometheus_confluent_metrics_api_key="fake"
monitoring_kube_prometheus_stack_prometheus_confluent_metrics_api_secret="fake"
monitoring_kube_prometheus_stack_prometheus_confluent_metrics_api_key = "fake"
monitoring_kube_prometheus_stack_prometheus_confluent_metrics_api_secret = "fake"

# --------------------------------------------------
# Goldpinger
Expand Down

0 comments on commit 1da307b

Please sign in to comment.