[charts/nri-kube-events] imported (#33)

jorikvdwerf · web-flow · commit 6b47d58e0907 · 2020-05-21T15:59:25.000+02:00
* [charts/nri-kube-events] imported nri-kube-events from nri-bundle

* [charts/nri-kube-events] added maintainer + home to Chart.yaml, added CI test values

* [charts/nri-kube-events] CI test
diff --git a/charts/nri-kube-events/Chart.yaml b/charts/nri-kube-events/Chart.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+appVersion: 1.1.0
+description: A Helm chart to deploy the New Relic Kube Events
+name: nri-kube-events
+version: 1.0.0
+engine: gotpl
+home: https://docs.newrelic.com/docs/integrations/kubernetes-integration/kubernetes-events/install-kubernetes-events-integration
+icon: https://newrelic.com/assets/newrelic/source/NewRelic-logo-square.svg
+keywords:
+  - events
+  - newrelic
+  - monitoring
+maintainers:
+- name: douglascamata
+- name: jorikvdwerf
diff --git a/charts/nri-kube-events/README.md b/charts/nri-kube-events/README.md
@@ -0,0 +1,40 @@
+# nri-kube-events
+
+## Chart Details
+
+This chart will deploy the New Relic Events Routers as a Deployment.
+
+## Configuration
+
+| Parameter                                                  | Description                                                                                                                                                                                                                                    | Default                         |
+|------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------|
+| `global.cluster` - `cluster`                               | The cluster name for the Kubernetes cluster.                                                                                                                                                                                                   |                                 |
+| `global.licenseKey` - `licenseKey`                         | The [license key](https://docs.newrelic.com/docs/accounts/install-new-relic/account-setup/license-key) for your New Relic Account. This will be preferred configuration option if both `licenseKey` and `customSecret` are specified. |                                 |
+| `global.customSecretName` - `customSecretName`             | Name of the Secret object where the license key is stored                                                                                                                                                                                      |                                 |
+| `global.customSecretLicenseKey` - `customSecretLicenseKey` | Key in the Secret object where the license key is stored.                                                                                                                                                                                      |                                 |
+| `agentHTTPTimeout`                                         | The timeout for the events-router to reach the infra-agent                                                                                                                                                                                     | `30s`                           |
+| `sinks.stdout`                                             | When enabled all routed events are also logged.                                                                                                                                                                                                | `false`                         |
+| `nameOverride`                                             | The name that should be used for the deployment.                                                                                                                                                                                               |                                 |
+| `image.kubeEvents.repository`                              | The events-router image name.                                                                                                                                                                                                                  | `newrelic/nri-kube-events`      |
+| `image.kubeEvents.tag`                                     | The events-router image tag.                                                                                                                                                                                                                   | `1.1.0`                         |
+| `image.infraAgent.repository`                              | The infra-agent image name.                                                                                                                                                                                                                    | `newrelic/k8s-events-forwarder` |
+| `image.infraAgent.tag`                                     | The infra-agent image tag.                                                                                                                                                                                                                     | `1.11.24`                        |
+| `resources`                                                | A yaml defining the resources for the events-router container.                                                                                                                                                                                 | {}                              |
+| `rbac.create`                                              | Enable Role-based authentication                                                                                                                                                                                                               | `true`                          |
+| `serviveAccount.create`                                    | If true, a service account would be created and assigned to the deployment                                                                                                                                                                     | true                            |
+| `serviveAccount.name`                                      | The service account to assign to the deployment. If `serviveAccount.create` is true then this name will be used when creating the service account                                                                                              |                                 |
+| `nodeSelector`                                             | Node label to use for scheduling                                                                                                                                                                                                               | `{}`                            |
+| `tolerations`                                              | List of node taints to tolerate (requires Kubernetes >= 1.6)                                                                                                                                                                                   | `[]`                            |
+| `affinity`                                                 | Node affinity to use for scheduling                                                                                                                                                                                                            | `{}`                            |
+
+## Example
+
+Make sure you have [added the New Relic chart repository.](../../README.md#installing-charts)
+
+Then, to install this chart, run the following command:
+
+```sh
+helm install newrelic/nri-kube-events \
+--set licenseKey=<enter_new_relic_license_key> \
+--set cluster=my-k8s-cluster
+```
diff --git a/charts/nri-kube-events/ci/test-values.yaml b/charts/nri-kube-events/ci/test-values.yaml
@@ -0,0 +1,9 @@
+global:
+  licenseKey: 1234567890abcdef1234567890abcdef12345678
+  cluster: test-cluster
+
+sinks:
+  # Enable the stdout sink to also see all events in the logs.
+  stdout: true
+  # The newRelicInfra sink sends all events to New relic.
+  newRelicInfra: true
diff --git a/charts/nri-kube-events/templates/NOTES.txt b/charts/nri-kube-events/templates/NOTES.txt
@@ -0,0 +1,16 @@
+{{- if (include "nri-kube-events.areValuesValid" .) }}
+Your deployment of New Relic Kube Events is complete.
+{{- else -}}
+##############################################################################
+####       ERROR: You did not set a licenseKey and/or cluster name.       ####
+##############################################################################
+
+This deployment will be incomplete until you get your license key from New Relic.
+
+Then run:
+
+    helm upgrade {{ .Release.Name }} \
+        --set licenseKey=YOUR-KEY-HERE \
+        --set cluster=YOUR-CLUSTER-NAME \
+        newrelic/nri-kube-events
+{{- end -}}
diff --git a/charts/nri-kube-events/templates/_helpers.tpl b/charts/nri-kube-events/templates/_helpers.tpl
@@ -0,0 +1,129 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "nri-kube-events.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "nri-kube-events.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "nri-kube-events.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "nri-kube-events.labels" -}}
+app: {{ include "nri-kube-events.name" . }}
+app.kubernetes.io/name: {{ include "nri-kube-events.name" . }}
+helm.sh/chart: {{ include "nri-kube-events.chart" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "nri-kube-events.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+{{ default (include "nri-kube-events.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+{{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the licenseKey
+*/}}
+{{- define "nri-kube-events.licenseKey" -}}
+{{- if .Values.global}}
+  {{- if .Values.global.licenseKey }}
+      {{- .Values.global.licenseKey -}}
+  {{- else -}}
+      {{- .Values.licenseKey | default "" -}}
+  {{- end -}}
+{{- else -}}
+    {{- .Values.licenseKey | default "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the cluster
+*/}}
+{{- define "nri-kube-events.cluster" -}}
+{{- if .Values.global -}}
+  {{- if .Values.global.cluster -}}
+      {{- .Values.global.cluster -}}
+  {{- else -}}
+      {{- .Values.cluster | default "" -}}
+  {{- end -}}
+{{- else -}}
+  {{- .Values.cluster | default "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the customSecretName
+*/}}
+{{- define "nri-kube-events.customSecretName" -}}
+{{- if .Values.global }}
+  {{- if .Values.global.customSecretName }}
+      {{- .Values.global.customSecretName -}}
+  {{- else -}}
+      {{- .Values.customSecretName | default "" -}}
+  {{- end -}}
+{{- else -}}
+    {{- .Values.customSecretName | default "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the customSecretLicenseKey
+*/}}
+{{- define "nri-kube-events.customSecretLicenseKey" -}}
+{{- if .Values.global }}
+  {{- if .Values.global.customSecretLicenseKey }}
+      {{- .Values.global.customSecretLicenseKey -}}
+  {{- else -}}
+      {{- .Values.customSecretLicenseKey | default "" -}}
+  {{- end -}}
+{{- else -}}
+    {{- .Values.customSecretLicenseKey | default "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Returns if the template should render, it checks if the required values
+licenseKey and cluster are set.
+*/}}
+{{- define "nri-kube-events.areValuesValid" -}}
+{{- $cluster := include "nri-kube-events.cluster" . -}}
+{{- $licenseKey := include "nri-kube-events.licenseKey" . -}}
+{{- $customSecretName := include "nri-kube-events.customSecretName" . -}}
+{{- $customSecretLicenseKey := include "nri-kube-events.customSecretLicenseKey" . -}}
+{{- and (or $licenseKey (and $customSecretName $customSecretLicenseKey)) $cluster}}
+{{- end -}}
diff --git a/charts/nri-kube-events/templates/clusterrole.yaml b/charts/nri-kube-events/templates/clusterrole.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+{{ include "nri-kube-events.labels" . | indent 4 }}
+  name: {{ template "nri-kube-events.fullname" . }}
+rules:
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["get", "watch", "list"]
+{{- end -}}
diff --git a/charts/nri-kube-events/templates/clusterrolebinding.yaml b/charts/nri-kube-events/templates/clusterrolebinding.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+{{ include "nri-kube-events.labels" . | indent 4 }}
+  name: {{ template "nri-kube-events.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "nri-kube-events.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "nri-kube-events.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end -}}
diff --git a/charts/nri-kube-events/templates/configmap.yaml b/charts/nri-kube-events/templates/configmap.yaml
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: ConfigMap
+data:
+  config.yaml: |-
+    sinks:
+    {{- if .Values.sinks.stdout }}
+    - name: stdout
+    {{- end }}
+    {{- if .Values.sinks.newRelicInfra}}
+    - name: newRelicInfra
+      config:
+        agentEndpoint: http://localhost:8001/v1/data
+        clusterName: {{ include "nri-kube-events.cluster" . }}
+        agentHTTPTimeout: {{ .Values.agentHTTPTimeout }}
+    {{- end }}
+metadata:
+  name: {{ template "nri-kube-events.fullname" . }}-config
+  namespace: {{ .Release.Namespace }}
+  labels:
+{{ include "nri-kube-events.labels" . | indent 4 }}
diff --git a/charts/nri-kube-events/templates/deployment.yaml b/charts/nri-kube-events/templates/deployment.yaml
@@ -0,0 +1,82 @@
+{{- if (include "nri-kube-events.areValuesValid" .) }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "nri-kube-events.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+{{ include "nri-kube-events.labels" . | indent 4 }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ template "nri-kube-events.name" . }}
+  template:
+    metadata:
+      labels:
+{{ include "nri-kube-events.labels" . | indent 8 }}
+    spec:
+      containers:
+        - name: kube-events
+          image: {{ .Values.image.kubeEvents.repository }}:{{ .Values.image.kubeEvents.tag }}
+          {{- if .Values.resources }}
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+          {{- end }}
+          imagePullPolicy: IfNotPresent
+          args: ["-config", "/app/config/config.yaml", "-loglevel", "debug"]
+          volumeMounts:
+            - name: config-volume
+              mountPath: /app/config
+        - name: infra-agent
+          image: {{ .Values.image.infraAgent.repository }}:{{ .Values.image.infraAgent.tag }}
+          securityContext:
+            privileged: false
+            runAsUser: 1000 # nri-kube-events
+            runAsNonRoot: false
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
+          ports:
+            - containerPort: 8001
+          env:
+            - name: NRIA_LICENSE_KEY
+              valueFrom:
+                secretKeyRef:
+                  {{- if (include "nri-kube-events.licenseKey" .) }}
+                  name: {{ template "nri-kube-events.fullname" . }}-config
+                  key: licenseKey
+                  {{- else }}
+                  name: {{ include "nri-kube-events.customSecretName" . }}
+                  key: {{ include "nri-kube-events.customSecretLicenseKey" . }}
+                  {{- end }}
+          volumeMounts:
+            - mountPath: /var/db/newrelic-infra/data
+              name: tmpfs-data
+            - mountPath: /var/db/newrelic-infra/user_data
+              name: tmpfs-user-data
+            - mountPath: /tmp
+              name: tmpfs-tmp
+      serviceAccountName: {{ template "nri-kube-events.serviceAccountName" . }}
+      volumes:
+        - name: config-volume
+          configMap:
+            name: {{ template "nri-kube-events.fullname" . }}-config
+        - name: tmpfs-data
+          emptyDir: {}
+        - name: tmpfs-user-data
+          emptyDir: {}
+        - name: tmpfs-tmp
+          emptyDir: {}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end }}
+      {{- if .Values.tolerations }}
+      tolerations:
+{{ toYaml .Values.tolerations | indent 8 }}
+      {{- end }}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+      {{- end }}
+{{- end }}
diff --git a/charts/nri-kube-events/templates/secret.yaml b/charts/nri-kube-events/templates/secret.yaml
@@ -0,0 +1,13 @@
+{{- $licenseKey := include "nri-kube-events.licenseKey" . -}}
+{{- if $licenseKey }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "nri-kube-events.fullname" . }}-config
+  namespace: {{ .Release.Namespace }}
+  labels:
+{{ include "nri-kube-events.labels" . | indent 4 }}
+type: Opaque
+data:
+  licenseKey: {{ $licenseKey | b64enc }}
+{{- end }}
diff --git a/charts/nri-kube-events/templates/serviceaccount.yaml b/charts/nri-kube-events/templates/serviceaccount.yaml
@@ -0,0 +1,9 @@
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+{{ include "nri-kube-events.labels" . | indent 4 }}
+  name: {{ template "nri-kube-events.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end -}}
diff --git a/charts/nri-kube-events/values.yaml b/charts/nri-kube-events/values.yaml
