Skip to content
This repository has been archived by the owner on Oct 8, 2024. It is now read-only.

Add grafana-agent-logging-secret in the chart to store logging write credentials #21

Merged
merged 7 commits into from
Oct 26, 2023
Merged

Add grafana-agent-logging-secret in the chart to store logging write credentials #21

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
8107e6b
Add grafana-agent-logging-secret in the chart to store logging write …
Oct 25, 2023
e2f984b
EOF
Oct 25, 2023
2f0ea63
Fix tpl
Oct 25, 2023
db01263
Fix values to handle loggingSecret
Oct 25, 2023
253e271
Fix secret
Oct 25, 2023
6ff1027
Rename default secret name
Oct 26, 2023
7c42040
Update schema
Oct 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

### Added

- Add grafana-agent-secret in the chart to store logging write credentials.

### Changed

- Upgrade upstream chart to 0.27.0 and agent to 0.37.0.

## [0.2.0] - 2023-10-03

### Changed
Expand Down
2 changes: 1 addition & 1 deletion helm/grafana-agent/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
apiVersion: v2
appVersion: "v0.36.2"
appVersion: "v0.37.0"
name: grafana-agent
description: Giant Swarm's Grafana Agent Deployment
icon: https://s.giantswarm.io/app-icons/grafana/1/light.svg
Expand Down
14 changes: 14 additions & 0 deletions helm/grafana-agent/templates/logging-credentials-secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{{- if .Values.loggingSecret.enabled }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the idea of an extra secret but do not like the custom secret parameters. I would have liked to see a more generic approach that could have been proposed upstream as well like https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-prometheus-stack/templates/prometheus/extrasecret.yaml for the secret and this to read the secret data https://grafana.com/docs/agent/latest/flow/reference/components/remote.kubernetes.secret/#example ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like your idea :-)

apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.loggingSecret.secretName | default "grafana-agent-secret" }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "grafana-agent.labels" . | nindent 4 }}
stringData:
logging-url: {{ .Values.loggingSecret.url }}
logging-tenant-id: {{ .Values.loggingSecret.tenantId }}
logging-username: {{ .Values.loggingSecret.username }}
logging-password: {{ .Values.loggingSecret.password }}
marieroque marked this conversation as resolved.
Show resolved Hide resolved
{{- end }}
58 changes: 55 additions & 3 deletions helm/grafana-agent/values.schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,29 +5,81 @@
"global": {
"type": "object",
"properties": {
"imageRegistry": {
"type": "string"
"image": {
"type": "object",
"properties": {
"registry": {
"type": "string"
}
}
}
}
},
"grafana-agent": {
"type": "object",
"properties": {
"configReloader": {
"type": "object",
"properties": {
"image": {
"type": "object",
"properties": {
"repository": {
"type": "string"
}
}
}
}
},
"image": {
"type": "object",
"properties": {
"repository": {
"type": "string"
}
}
},
"serviceMonitor": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
}
}
}
}
},
"kyvernoPolicyExceptions": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"namespace": {
"type": "string"
}
}
},
"serviceMonitor": {
"loggingSecret": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"password": {
"type": "string"
},
"secretName": {
"type": "string"
},
"tenantId": {
"type": "string"
},
"url": {
"type": "string"
},
"username": {
"type": "string"
}
}
}
Expand Down
10 changes: 10 additions & 0 deletions helm/grafana-agent/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,16 @@ kyvernoPolicyExceptions:
enabled: true
namespace: giantswarm

# Block to manage a secret with logging credentials in order to push data to logging system
loggingSecret:
enabled: false
## Those values are set by the logging-operator because there are related to the cluster
# secretName: <secret name where are stored those credentials>
# url: <Loki url where to send data>
# tenantId: <Tenant ID>
# username: <user with write access>
# password: <user password>

grafana-agent:
image:
# -- Grafana Agent image repository.
Expand Down