From f46edd22e0830d928cecd6e9e876e75b2c2afe43 Mon Sep 17 00:00:00 2001 From: Michael Weibel Date: Mon, 23 Jan 2023 13:28:44 +0100 Subject: [PATCH] fix: component vault keys & pod args --- component/class/defaults.yml | 16 ++++++++-------- component/component/main.jsonnet | 12 +++++------- .../objectStorageCronjob.yaml | 5 +++-- .../cloudscale-metrics-collector/secrets.yaml | 6 +++--- .../objectStorageCronjob.yaml | 5 +++-- .../collector-cloudscale-lpg-2/secrets.yaml | 8 ++++---- .../exoscale-metrics-collector/dbaasCronjob.yaml | 5 +++-- .../objectStorageCronjob.yaml | 5 +++-- .../exoscale-metrics-collector/secrets.yaml | 8 ++++---- 9 files changed, 36 insertions(+), 34 deletions(-) diff --git a/component/class/defaults.yml b/component/class/defaults.yml index 4eacb92..8a22539 100644 --- a/component/class/defaults.yml +++ b/component/class/defaults.yml @@ -7,21 +7,21 @@ parameters: exoscale: credentials: stringData: - EXOSCALE_API_KEY: "?{vaultkv:${cluster:tenant}/${cluster:name}/exoscale-metrics-collector/${_instance}/exoscale-key}" - EXOSCALE_API_SECRET: "?{vaultkv:${cluster:tenant}/${cluster:name}/exoscale-metrics-collector/${_instance}/exoscale-secret}" - KUBERNETES_SERVER_URL: "?{vaultkv:${cluster:tenant}/${cluster:name}/exoscale-metrics-collector/${_instance}/cluster-server}" - KUBERNETES_SERVER_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/exoscale-metrics-collector/${_instance}/cluster-token}" + EXOSCALE_API_KEY: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/exoscale-key}" + EXOSCALE_API_SECRET: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/exoscale-secret}" + KUBERNETES_SERVER_URL: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/cluster-server}" + KUBERNETES_SERVER_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/cluster-token}" cloudscale: credentials: stringData: - CLOUDSCALE_API_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/cloudscale-metrics-collector/${_instance}/token}" - KUBERNETES_SERVER_URL: "?{vaultkv:${cluster:tenant}/${cluster:name}/cloudscale-metrics-collector/${_instance}/cluster-server}" - KUBERNETES_SERVER_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/cloudscale-metrics-collector/${_instance}/cluster-token}" + CLOUDSCALE_API_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/token}" + KUBERNETES_SERVER_URL: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/cluster-server}" + KUBERNETES_SERVER_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/cluster-token}" images: collector: registry: 'ghcr.io' repository: 'vshn/billing-collector-cloudservices' - tag: 'v1.0.0' + tag: 'v1.0.1' exoscale: enabled: false diff --git a/component/component/main.jsonnet b/component/component/main.jsonnet index 70ef598..082f3a7 100644 --- a/component/component/main.jsonnet +++ b/component/component/main.jsonnet @@ -28,7 +28,7 @@ local secret(key) = [ for s in std.objectFields(params.secrets[key]) ]; -local cronjob(name, subcommand, schedule) = { +local cronjob(name, args, schedule) = { kind: 'CronJob', apiVersion: 'batch/v1', metadata: { @@ -48,9 +48,7 @@ local cronjob(name, subcommand, schedule) = { { name: 'billing-collector-cloudservices-backfill', image: collectorImage, - args: [ - subcommand, - ], + args: args, envFrom: [ { secretRef: { @@ -107,8 +105,8 @@ assert params.exoscale.enabled != params.cloudscale.enabled : 'only one of the c assert secrets.credentials.stringData.KUBERNETES_SERVER_TOKEN != null : 'secrets.credentials.stringData.KUBERNETES_SERVER_TOKEN must be set.', secrets: std.filter(function(it) it != null, secret('exoscale')), - objectStorageCronjob: cronjob(alias + '-objectstorage', 'exoscale objectstorage', params.exoscale.objectStorage.schedule), - [if params.exoscale.dbaas.enabled then 'dbaasCronjob']: cronjob(alias + '-dbaas', 'exoscale dbaas', params.exoscale.dbaas.schedule), + objectStorageCronjob: cronjob(alias + '-objectstorage', ['exoscale', 'objectstorage'], params.exoscale.objectStorage.schedule), + [if params.exoscale.dbaas.enabled then 'dbaasCronjob']: cronjob(alias + '-dbaas', ['exoscale', 'dbaas'], params.exoscale.dbaas.schedule), } else {}) + (if params.cloudscale.enabled then { @@ -121,5 +119,5 @@ assert params.exoscale.enabled != params.cloudscale.enabled : 'only one of the c assert secrets.credentials.stringData.KUBERNETES_SERVER_TOKEN != null : 'secrets.credentials.stringData.KUBERNETES_SERVER_TOKEN must be set.', secrets: std.filter(function(it) it != null, secret('cloudscale')), - [if params.cloudscale.objectStorage.enabled then 'objectStorageCronjob']: cronjob(alias + '-objectstorage', 'cloudscale objectstorage', params.cloudscale.objectStorage.schedule), + [if params.cloudscale.objectStorage.enabled then 'objectStorageCronjob']: cronjob(alias + '-objectstorage', ['cloudscale', 'objectstorage'], params.cloudscale.objectStorage.schedule), } else {}) diff --git a/component/tests/golden/cloudscale-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/objectStorageCronjob.yaml b/component/tests/golden/cloudscale-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/objectStorageCronjob.yaml index d0fa01e..669b1a6 100644 --- a/component/tests/golden/cloudscale-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/objectStorageCronjob.yaml +++ b/component/tests/golden/cloudscale-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/objectStorageCronjob.yaml @@ -17,7 +17,8 @@ spec: spec: containers: - args: - - cloudscale objectstorage + - cloudscale + - objectstorage env: - name: password valueFrom: @@ -34,7 +35,7 @@ spec: envFrom: - secretRef: name: credentials-cloudscale-metrics-collector - image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.0 + image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.1 name: billing-collector-cloudservices-backfill resources: {} restartPolicy: OnFailure diff --git a/component/tests/golden/cloudscale-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/secrets.yaml b/component/tests/golden/cloudscale-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/secrets.yaml index 3326c39..2c4a4da 100644 --- a/component/tests/golden/cloudscale-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/secrets.yaml +++ b/component/tests/golden/cloudscale-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/secrets.yaml @@ -8,7 +8,7 @@ metadata: name: credentials-cloudscale-metrics-collector namespace: appuio-cloud-reporting stringData: - CLOUDSCALE_API_TOKEN: t-silent-test-1234/c-green-test-1234/cloudscale-metrics-collector/cloudscale-metrics-collector/token - KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/cloudscale-metrics-collector/cloudscale-metrics-collector/cluster-token - KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/cloudscale-metrics-collector/cloudscale-metrics-collector/cluster-server + CLOUDSCALE_API_TOKEN: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/cloudscale-metrics-collector/token + KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/cloudscale-metrics-collector/cluster-token + KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/cloudscale-metrics-collector/cluster-server type: Opaque diff --git a/component/tests/golden/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/objectStorageCronjob.yaml b/component/tests/golden/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/objectStorageCronjob.yaml index e84dfe6..58ecf21 100644 --- a/component/tests/golden/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/objectStorageCronjob.yaml +++ b/component/tests/golden/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/objectStorageCronjob.yaml @@ -17,7 +17,8 @@ spec: spec: containers: - args: - - exoscale objectstorage + - exoscale + - objectstorage env: - name: password valueFrom: @@ -34,7 +35,7 @@ spec: envFrom: - secretRef: name: credentials-collector-cloudscale-lpg-2 - image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.0 + image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.1 name: billing-collector-cloudservices-backfill resources: {} restartPolicy: OnFailure diff --git a/component/tests/golden/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/secrets.yaml b/component/tests/golden/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/secrets.yaml index 4019e06..5c039ed 100644 --- a/component/tests/golden/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/secrets.yaml +++ b/component/tests/golden/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/secrets.yaml @@ -8,8 +8,8 @@ metadata: name: credentials-collector-cloudscale-lpg-2 namespace: appuio-cloud-reporting stringData: - EXOSCALE_API_KEY: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/collector-cloudscale-lpg-2/exoscale-key - EXOSCALE_API_SECRET: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/collector-cloudscale-lpg-2/exoscale-secret - KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/collector-cloudscale-lpg-2/cluster-token - KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/collector-cloudscale-lpg-2/cluster-server + EXOSCALE_API_KEY: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/collector-cloudscale-lpg-2/exoscale-key + EXOSCALE_API_SECRET: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/collector-cloudscale-lpg-2/exoscale-secret + KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/collector-cloudscale-lpg-2/cluster-token + KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/collector-cloudscale-lpg-2/cluster-server type: Opaque diff --git a/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/dbaasCronjob.yaml b/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/dbaasCronjob.yaml index b5c5600..6ddfdcc 100644 --- a/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/dbaasCronjob.yaml +++ b/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/dbaasCronjob.yaml @@ -17,7 +17,8 @@ spec: spec: containers: - args: - - exoscale dbaas + - exoscale + - dbaas env: - name: password valueFrom: @@ -34,7 +35,7 @@ spec: envFrom: - secretRef: name: credentials-exoscale-metrics-collector - image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.0 + image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.1 name: billing-collector-cloudservices-backfill resources: {} restartPolicy: OnFailure diff --git a/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/objectStorageCronjob.yaml b/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/objectStorageCronjob.yaml index f4b5c9f..c9cc6d9 100644 --- a/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/objectStorageCronjob.yaml +++ b/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/objectStorageCronjob.yaml @@ -17,7 +17,8 @@ spec: spec: containers: - args: - - exoscale objectstorage + - exoscale + - objectstorage env: - name: password valueFrom: @@ -34,7 +35,7 @@ spec: envFrom: - secretRef: name: credentials-exoscale-metrics-collector - image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.0 + image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.1 name: billing-collector-cloudservices-backfill resources: {} restartPolicy: OnFailure diff --git a/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/secrets.yaml b/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/secrets.yaml index 583aeb0..717c4db 100644 --- a/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/secrets.yaml +++ b/component/tests/golden/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/secrets.yaml @@ -8,8 +8,8 @@ metadata: name: credentials-exoscale-metrics-collector namespace: appuio-cloud-reporting stringData: - EXOSCALE_API_KEY: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-key - EXOSCALE_API_SECRET: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-secret - KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/exoscale-metrics-collector/cluster-token - KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/exoscale-metrics-collector/cluster-server + EXOSCALE_API_KEY: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/exoscale-metrics-collector/exoscale-key + EXOSCALE_API_SECRET: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/exoscale-metrics-collector/exoscale-secret + KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/exoscale-metrics-collector/cluster-token + KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/exoscale-metrics-collector/cluster-server type: Opaque