Skip to content

Commit

Permalink
Backport of Add telemetryCollector.cloud.resourceId field that works …
Browse files Browse the repository at this point in the history 
…even when global.cloud.enabled is false into release/1.1.x (#3241)
  • Loading branch information
Joshua Timmons authored Nov 27, 2023
1 parent ab967c7 commit 848cfd1
Show file tree
Hide file tree
Showing 5 changed files with 256 additions and 60 deletions.
3 changes: 3 additions & 0 deletions .changelog/3219.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
consul-telemetry-collector: add telemetryCollector.cloud.resourceId that works even when not global.cloud.enabled
```
37 changes: 28 additions & 9 deletions charts/consul/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -431,7 +431,7 @@ Usage: {{ template "consul.validateCloudSecretKeys" . }}
{{/*
Fails if temeletryCollector.clientId or telemetryCollector.clientSecret exist and one of other secrets is nil or empty.
Fails if telemetryCollector.clientId or telemetryCollector.clientSecret exist and one of other secrets is nil or empty.
- telemetryCollector.cloud.clientId.secretName
- telemetryCollector.cloud.clientSecret.secretName
- global.cloud.resourceId.secretName
Expand All @@ -440,11 +440,11 @@ Usage: {{ template "consul.validateTelemetryCollectorCloud" . }}
*/}}
{{- define "consul.validateTelemetryCollectorCloud" -}}
{{- if (and .Values.telemetryCollector.cloud.clientId.secretName (or (not .Values.global.cloud.resourceId.secretName) (not .Values.telemetryCollector.cloud.clientSecret.secretName))) }}
{{fail "When telemetryCollector.cloud.clientId.secretName is set, global.cloud.resourceId.secretName, telemetryCollector.cloud.clientSecret.secretName must also be set."}}
{{- if (and .Values.telemetryCollector.cloud.clientId.secretName (and (not .Values.global.cloud.clientSecret.secretName) (not .Values.telemetryCollector.cloud.clientSecret.secretName))) }}
{{fail "When telemetryCollector.cloud.clientId.secretName is set, telemetryCollector.cloud.clientSecret.secretName must also be set."}}
{{- end }}
{{- if (and .Values.telemetryCollector.cloud.clientSecret.secretName (or (not .Values.global.cloud.resourceId.secretName) (not .Values.telemetryCollector.cloud.clientSecret.secretName))) }}
{{fail "When telemetryCollector.cloud.clientSecret.secretName is set, global.cloud.resourceId.secretName,telemetryCollector.cloud.clientId.secretName must also be set."}}
{{- if (and .Values.telemetryCollector.cloud.clientSecret.secretName (and (not .Values.global.cloud.clientId.secretName) (not .Values.telemetryCollector.cloud.clientId.secretName))) }}
{{fail "When telemetryCollector.cloud.clientSecret.secretName is set, telemetryCollector.cloud.clientId.secretName must also be set."}}
{{- end }}
{{- end }}
Expand All @@ -457,10 +457,29 @@ Usage: {{ template "consul.validateTelemetryCollectorCloud" . }}
{{- if or (and .Values.telemetryCollector.cloud.clientSecret.secretName (not .Values.telemetryCollector.cloud.clientSecret.secretKey)) (and .Values.telemetryCollector.cloud.clientSecret.secretKey (not .Values.telemetryCollector.cloud.clientSecret.secretName)) }}
{{fail "When either telemetryCollector.cloud.clientSecret.secretName or telemetryCollector.cloud.clientSecret.secretKey is defined, both must be set."}}
{{- end }}
{{- if or (and .Values.telemetryCollector.cloud.clientSecret.secretName .Values.telemetryCollector.cloud.clientSecret.secretKey .Values.telemetryCollector.cloud.clientId.secretName .Values.telemetryCollector.cloud.clientId.secretKey (not .Values.global.cloud.resourceId.secretName)) }}
{{fail "When telemetryCollector has clientId and clientSecret global.cloud.resourceId.secretName must be set"}}
{{- if or (and .Values.telemetryCollector.cloud.clientSecret.secretName .Values.telemetryCollector.cloud.clientSecret.secretKey .Values.telemetryCollector.cloud.clientId.secretName .Values.telemetryCollector.cloud.clientId.secretKey (not (or .Values.telemetryCollector.cloud.resourceId.secretName .Values.global.cloud.resourceId.secretName))) }}
{{fail "When telemetryCollector has clientId and clientSecret, telemetryCollector.cloud.resourceId.secretName or global.cloud.resourceId.secretName must be set"}}
{{- end }}
{{- if or (and .Values.telemetryCollector.cloud.clientSecret.secretName .Values.telemetryCollector.cloud.clientSecret.secretKey .Values.telemetryCollector.cloud.clientId.secretName .Values.telemetryCollector.cloud.clientId.secretKey (not .Values.global.cloud.resourceId.secretKey)) }}
{{fail "When telemetryCollector has clientId and clientSecret .global.cloud.resourceId.secretKey must be set"}}
{{- if or (and .Values.telemetryCollector.cloud.clientSecret.secretName .Values.telemetryCollector.cloud.clientSecret.secretKey .Values.telemetryCollector.cloud.clientId.secretName .Values.telemetryCollector.cloud.clientId.secretKey (not (or .Values.telemetryCollector.cloud.resourceId.secretKey .Values.global.cloud.resourceId.secretKey))) }}
{{fail "When telemetryCollector has clientId and clientSecret, telemetryCollector.cloud.resourceId.secretKey or global.cloud.resourceId.secretKey must be set"}}
{{- end }}
{{- end -}}
{{/*
Fails if telemetryCollector.cloud.resourceId is set but differs from global.cloud.resourceId. This should never happen. Either one or both are set, but they should never differ.
If they differ, that implies we're configuring servers for one HCP Consul cluster but pushing envoy metrics for a different HCP Consul cluster. A user could set the same value
in two secrets (it's questionable whether resourceId should be a secret at all) but we won't know at this point, so we just check secret name+key.
Usage: {{ template "consul.validateTelemetryCollectorResourceId" . }}

*/}}
{{- define "consul.validateTelemetryCollectorResourceId" -}}
{{- if and (and .Values.telemetryCollector.cloud.resourceId.secretName .Values.global.cloud.resourceId.secretName) (not (eq .Values.telemetryCollector.cloud.resourceId.secretName .Values.global.cloud.resourceId.secretName)) }}
{{fail "When both global.cloud.resourceId.secretName and telemetryCollector.cloud.resourceId.secretName are set, they should be the same."}}
{{- end }}
{{- if and (and .Values.telemetryCollector.cloud.resourceId.secretKey .Values.global.cloud.resourceId.secretKey) (not (eq .Values.telemetryCollector.cloud.resourceId.secretKey .Values.global.cloud.resourceId.secretKey)) }}
{{fail "When both global.cloud.resourceId.secretKey and telemetryCollector.cloud.resourceId.secretKey are set, they should be the same."}}
{{- end }}
{{- end }}

{{/**/}}
35 changes: 27 additions & 8 deletions charts/consul/templates/telemetry-collector-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
{{ template "consul.validateCloudSecretKeys" . }}
{{ template "consul.validateTelemetryCollectorCloud" . }}
{{ template "consul.validateTelemetryCollectorCloudSecretKeys" . }}
{{ template "consul.validateTelemetryCollectorResourceId" . }}
apiVersion: apps/v1
kind: Deployment
metadata:
Expand Down Expand Up @@ -165,28 +166,46 @@ spec:
# These are mounted as secrets so that the telemetry-collector can use them when cloud is enabled.
# - the hcp-go-sdk in consul agent will already look for HCP_CLIENT_ID, HCP_CLIENT_SECRET, HCP_AUTH_URL,
# HCP_SCADA_ADDRESS, and HCP_API_HOST. so nothing more needs to be done.
# - HCP_RESOURCE_ID is created for use in the global cloud section but we will share it here
# - HCP_RESOURCE_ID is created either in the global cloud section or in telemetryCollector.cloud
{{- if .Values.telemetryCollector.cloud.resourceId.secretName }}
- name: HCP_RESOURCE_ID
valueFrom:
secretKeyRef:
name: {{ .Values.telemetryCollector.cloud.resourceId.secretName }}
key: {{ .Values.telemetryCollector.cloud.resourceId.secretKey }}
{{- else if .Values.global.cloud.resourceId.secretName }}
- name: HCP_RESOURCE_ID
valueFrom:
secretKeyRef:
name: {{ .Values.global.cloud.resourceId.secretName }}
key: {{ .Values.global.cloud.resourceId.secretKey }}
{{- end }}
{{- if .Values.telemetryCollector.cloud.clientId.secretName }}
- name: HCP_CLIENT_ID
valueFrom:
secretKeyRef:
name: {{ .Values.telemetryCollector.cloud.clientId.secretName }}
key: {{ .Values.telemetryCollector.cloud.clientId.secretKey }}
{{- else if .Values.global.cloud.clientId.secretName }}
- name: HCP_CLIENT_ID
valueFrom:
secretKeyRef:
name: {{ .Values.global.cloud.clientId.secretName }}
key: {{ .Values.global.cloud.clientId.secretKey }}
{{- end }}
{{- if .Values.telemetryCollector.cloud.clientSecret.secretName }}
- name: HCP_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.telemetryCollector.cloud.clientSecret.secretName }}
key: {{ .Values.telemetryCollector.cloud.clientSecret.secretKey }}
{{- end}}
{{- if .Values.global.cloud.resourceId.secretName }}
- name: HCP_RESOURCE_ID
{{- else if .Values.global.cloud.clientSecret.secretName }}
- name: HCP_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.global.cloud.resourceId.secretName }}
key: {{ .Values.global.cloud.resourceId.secretKey }}
{{- end }}
name: {{ .Values.global.cloud.clientSecret.secretName }}
key: {{ .Values.global.cloud.clientSecret.secretKey }}
{{- end}}
{{- if .Values.global.cloud.authUrl.secretName }}
- name: HCP_AUTH_URL
valueFrom:
Expand Down Expand Up @@ -227,7 +246,7 @@ spec:
consul-telemetry-collector agent \
{{- if .Values.telemetryCollector.customExporterConfig }}
-config-file-path /consul/config/config.json \
-config-file-path /consul/config/config.json \
{{ end }}
volumeMounts:
{{- if .Values.telemetryCollector.customExporterConfig }}
Expand Down
Loading

0 comments on commit 848cfd1

Please sign in to comment.