diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 5d1c07a58ae1dbf7ca6586baf15f9f29322465ce..6ebd77da288f2cd351313643071f609f589c3252 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -42,6 +42,12 @@ helm_lint:
- helm dep update .
- helm lint --strict .
+unittest:
+ stage: test
+ image: registry.cern.ch/docker.io/helmunittest/helm-unittest:3.17.0-0.7.2
+ script:
+ - helm unittest -f 'tests/**/*.yaml' .
+
version_test:
stage: test
rules:
diff --git a/.helmignore b/.helmignore
index df65d1087ee2367ca1d075fa9076635836ae0dff..f72da3305333c2c1bbd8ebb596c4b092f6fa3617 100644
--- a/.helmignore
+++ b/.helmignore
@@ -27,4 +27,5 @@ README.md
.idea/
*.tmproj
.vscode/
-config
\ No newline at end of file
+config
+tests/
\ No newline at end of file
diff --git a/docs/values.md b/docs/values.md
index 4d3d066c249dc6f46382a3cbe8280a4a01f574b9..5d9ac7707f6f2586e05062dbb5983efabc37ef0c 100644
--- a/docs/values.md
+++ b/docs/values.md
@@ -3,7 +3,7 @@ This file contains the markdown version of the default values that this chart ta
| Key | Type | Default | Description |
|-----|------|---------|-------------|
-| kubernetes.clusterName | string | `"nil"` | name of the kubernetes cluster to monitor. This value will be appended tovery metric and log via k8s_cluster_name label |
+| kubernetes.clusterName | string | - | name of the kubernetes cluster to monitor. This value will be appended tovery metric and log via k8s_cluster_name label |
| logs.enabled | bool | `false` | indicates if logs components should be enabled or not. If set to false no logs component will be installed nor configured |
| logs.fluentbit.customParsers | string | `""` | |
| logs.fluentbit.enabled | bool | `false` | indicates if fluentbit logs component should be installed or not |
@@ -81,8 +81,8 @@ This file contains the markdown version of the default values that this chart ta
| metrics.alertmanager.nodeSelector | Hash | `{}` | node selector configuration for the alertmanager |
| otlp.endpoint | string | `"monit-otlp.cern.ch"` | otlp endpoint where the otlp receivers are listening |
| otlp.port | int | `4319` | otlp port where the otlp receivers are listening |
-| tenant.name | string | `"nil"` | username used for authenitcating in the MONIT infrastructure |
-| tenant.password | string | `"nil"` | password (plain) used for authenitcating in the MONIT infrastructure |
+| tenant.name | string | - | username used for authenitcating in the MONIT infrastructure |
+| tenant.password | string | - | password (plain) used for authenitcating in the MONIT infrastructure |
| crds.enabled | bool | `true` | whether to install Prometheus operator's CRDs |
----------------------------------------------
diff --git a/templates/prometheus/prometheus.yaml b/templates/prometheus/prometheus.yaml
index 24f10566bfd3de61f30bd1fce8cc604534cad4c4..b53ca4eb3c75d583a732d5800d1f05b8af68fce0 100644
--- a/templates/prometheus/prometheus.yaml
+++ b/templates/prometheus/prometheus.yaml
@@ -11,7 +11,9 @@ spec:
scrapeTimeout: {{ .Values.metrics.prometheus.server.scrapeTimeout }}
retention: {{ .Values.metrics.prometheus.server.retention }}
externalLabels:
- k8s_cluster_name: {{ .Values.kubernetes.clusterName }}
+ {{- if and .Values.metrics.fluentbit.enabled }}
+ k8s_cluster_name: {{ required "kubernetes.clusterName is missing" (.Values.kubernetes).clusterName -}}
+ {{- end -}}
{{- with .Values.metrics.prometheus.server.extraLabelsForMetrics }}
{{- toYaml . | nindent 4 }}
{{- end }}
diff --git a/templates/prometheus/remotewritesecret.yaml b/templates/prometheus/remotewritesecret.yaml
index 2c973aafe516daca410bcaf96a3accff7a48b36f..59eca9b751365e1797e0622fcd469fb617d894aa 100644
--- a/templates/prometheus/remotewritesecret.yaml
+++ b/templates/prometheus/remotewritesecret.yaml
@@ -11,8 +11,8 @@ data:
username: {{ .Values.metrics.prometheus.server.remoteWrite.username | b64enc }}
password: {{ .Values.metrics.prometheus.server.remoteWrite.password | b64enc }}
{{- else }}
- username: {{ .Values.tenantName | b64enc }}
- password: {{ .Values.tenantPassword | b64enc }}
+ username: {{ required "Tenant name is required" (.Values.tenant).name | b64enc }}
+ password: {{ required "Tenant password is required" (.Values.tenant).password | b64enc }}
{{- end }}
{{ end }}
{{- end -}}
diff --git a/tests/fluentbit-logs/configmap.yaml b/tests/fluentbit-logs/configmap.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1627cb78f96cd84fb07b1f84c9cbc4605c8f5647
--- /dev/null
+++ b/tests/fluentbit-logs/configmap.yaml
@@ -0,0 +1,51 @@
+suite: test fluentbit-logs configmap
+templates:
+ - fluentbit-logs/configmap.yaml
+tests:
+ - it: should deploy nothing by default
+ asserts:
+ - containsDocument:
+ kind: ConfigMap
+ apiVersion: "apps/v1"
+ name: it-monit-logs-collector-fluentbit
+ not: true
+ - it: should fail to deploy if enabled due to missing cluster name
+ set:
+ logs.enabled: true
+ logs.fluentbit.enabled: true
+ asserts:
+ - failedTemplate:
+ errorMessage: "kubernetes.clusterName is missing"
+ - it: should fail to deploy if enabled due to missing tenant details
+ set:
+ logs.enabled: true
+ logs.fluentbit.enabled: true
+ kubernetes.clusterName: test
+ asserts:
+ - failedTemplate:
+ errorMessage: "Tenant name is required"
+ - it: should fail to deploy if enabled when tenant name available but no tenant password
+ set:
+ logs.enabled: true
+ logs.fluentbit.enabled: true
+ tenant.name: test
+ kubernetes.clusterName: test
+ asserts:
+ - failedTemplate:
+ errorMessage: "Tenant password is required"
+ - it: should deploy if logs processing is enabled and required values are fed
+ set:
+ tenant.name: test
+ tenant.password: test
+ kubernetes.clusterName: test
+ logs.enabled: true
+ logs.fluentbit.enabled: true
+ asserts:
+ - containsDocument:
+ kind: ConfigMap
+ apiVersion: v1
+ name: it-monit-logs-collector-fluentbit
+ - exists:
+ path: data["custom_parsers.conf"]
+ - exists:
+ path: data["fluent-bit.conf"]
diff --git a/tests/fluentbit-logs/daemonset.yaml b/tests/fluentbit-logs/daemonset.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..4669c91976fe0faa44f0a84cf480148fe3c4dd15
--- /dev/null
+++ b/tests/fluentbit-logs/daemonset.yaml
@@ -0,0 +1,38 @@
+suite: test fluentbit-logs daemonset
+templates:
+ - fluentbit-logs/daemonset.yaml
+tests:
+ - it: should not be deployed by default
+ asserts:
+ - containsDocument:
+ kind: DaemonSet
+ apiVersion: "apps/v1"
+ name: it-monit-logs-collector-fluentbit
+ not: true
+ - it: should be deployed if logs.enabled and logs.fluentbit.enabled is true
+ set:
+ logs.enabled: true
+ logs.fluentbit.enabled: true
+ asserts:
+ - containsDocument:
+ kind: DaemonSet
+ apiVersion: "apps/v1"
+ name: it-monit-logs-collector-fluentbit
+ - it: should not be deployed if logs.enabled is false
+ set:
+ logs.enabled: false
+ asserts:
+ - containsDocument:
+ kind: DaemonSet
+ apiVersion: "apps/v1"
+ not: true
+ - it: should not be deployed if logs.enabled is true and logs.fluentbit.enabled is false
+ set:
+ logs.enabled: true
+ logs.fluentbit.enabled: false
+ asserts:
+ - containsDocument:
+ kind: DaemonSet
+ apiVersion: "apps/v1"
+ name: it-monit-logs-collector-fluentbit
+ not: true
diff --git a/tests/fluentbit-metrics/configmap.yaml b/tests/fluentbit-metrics/configmap.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..82e9a843fb2280a87ca49742e1be32c89e3d3dfe
--- /dev/null
+++ b/tests/fluentbit-metrics/configmap.yaml
@@ -0,0 +1,35 @@
+suite: test fluentbit-metrics configmap
+templates:
+ - fluentbit-metrics/configmap.yaml
+tests:
+ - it: should fail to deploy by default due to missing tenant details
+ asserts:
+ - failedTemplate:
+ errorMessage: "Tenant name is required"
+ - it: should fail to deploy if tenant name available but no tenant password
+ set:
+ tenant.name: test
+ asserts:
+ - failedTemplate:
+ errorMessage: "Tenant password is required"
+ - it: should deploy by default when required values are fed
+ set:
+ tenant.name: test
+ tenant.password: test
+ asserts:
+ - containsDocument:
+ kind: ConfigMap
+ apiVersion: v1
+ - it: should deploy if metrics processing is enabled and required values are fed
+ set:
+ tenant.name: test
+ tenant.password: test
+ metrics.enabled: true
+ metrics.fluentbit.enabled: true
+ asserts:
+ - containsDocument:
+ kind: ConfigMap
+ apiVersion: v1
+ name: it-monit-metrics-collector-fluentbit
+ - exists:
+ path: data["fluent-bit.yaml"]
diff --git a/tests/fluentbit-metrics/statefulset.yaml b/tests/fluentbit-metrics/statefulset.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..56f19e06a37f517a6b0565b5a5138f340cb87c32
--- /dev/null
+++ b/tests/fluentbit-metrics/statefulset.yaml
@@ -0,0 +1,29 @@
+suite: test fluentbit-metrics statefulset
+templates:
+ - fluentbit-metrics/statefulset.yaml
+tests:
+ - it: should be deployed by default
+ asserts:
+ - containsDocument:
+ kind: StatefulSet
+ apiVersion: "apps/v1"
+ name: it-monit-metrics-collector-fluentbit
+ - it: should not be deployed if metrics.enabled is false
+ set:
+ metrics.enabled: false
+ asserts:
+ - containsDocument:
+ kind: StatefulSet
+ apiVersion: "apps/v1"
+ name: it-monit-metrics-collector-fluentbit
+ not: true
+ - it: should not be deployed if metrics.enabled is true and metrics.fluentbit.enabled is false
+ set:
+ metrics.enabled: true
+ metrics.fluentbit.enabled: false
+ asserts:
+ - containsDocument:
+ kind: StatefulSet
+ apiVersion: "apps/v1"
+ name: it-monit-metrics-collector-fluentbit
+ not: true
diff --git a/tests/prometheus/prometheus.yaml b/tests/prometheus/prometheus.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..a019b61ac8bf169c433bb950d0abc5132d6eab2e
--- /dev/null
+++ b/tests/prometheus/prometheus.yaml
@@ -0,0 +1,75 @@
+suite: test prometheus prometheus
+templates:
+ - prometheus/prometheus.yaml
+tests:
+ - it: should not be deployed if metrics are disabled
+ set:
+ metrics.enabled: false
+ asserts:
+ - containsDocument:
+ kind: Prometheus
+ apiVersion: "monitoring.coreos.com/v1"
+ name: it-monit-metrics-collector-prometheus
+ not: true
+ - it: should not be deployed if Prometheus is disabled
+ set:
+ metrics.enabled: true
+ metrics.prometheus.enabled: false
+ asserts:
+ - containsDocument:
+ kind: Prometheus
+ apiVersion: "monitoring.coreos.com/v1"
+ name: it-monit-metrics-collector-prometheus
+ not: true
+ - it: should be deployed with cluster-local remote write by default
+ set:
+ kubernetes.clusterName: test
+ asserts:
+ - containsDocument:
+ kind: Prometheus
+ apiVersion: "monitoring.coreos.com/v1"
+ name: it-monit-metrics-collector-prometheus
+ - lengthEqual:
+ path: spec.remoteWrite
+ count: 1
+ - equal:
+ path: spec.remoteWrite[0].url
+ value: "http://it-monit-metrics-fluentbit:8080/api/prom/push"
+ - it: should be deployed with no remoteWrites if no fluentbit is available
+ set:
+ kubernetes.clusterName: test
+ metrics.fluentbit.enabled: false
+ asserts:
+ - containsDocument:
+ kind: Prometheus
+ apiVersion: "monitoring.coreos.com/v1"
+ name: it-monit-metrics-collector-prometheus
+ - lengthEqual:
+ path: spec.remoteWrite
+ count: 0
+ - it: should be deployed with external remote write if configured
+ set:
+ kubernetes.clusterName: test
+ metrics.fluentbit.enabled: false
+ metrics.prometheus.server.remoteWrite.endpoint: "http://foo:123"
+ asserts:
+ - containsDocument:
+ kind: Prometheus
+ apiVersion: "monitoring.coreos.com/v1"
+ name: it-monit-metrics-collector-prometheus
+ - contains:
+ path: spec.remoteWrite
+ content:
+ url: "http://foo:123"
+ tlsConfig:
+ insecureSkipVerify: true
+ basicAuth:
+ username:
+ name: it-monit-metrics-collector-prometheus
+ key: username
+ password:
+ name: it-monit-metrics-collector-prometheus
+ key: password
+ - lengthEqual:
+ path: spec.remoteWrite
+ count: 1
diff --git a/tests/prometheus/remotewritesecret.yaml b/tests/prometheus/remotewritesecret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1db96d7d614d36124bd3c31df7c3f3385bd36a07
--- /dev/null
+++ b/tests/prometheus/remotewritesecret.yaml
@@ -0,0 +1,36 @@
+suite: test prometheus remotewritesecret
+templates:
+ - prometheus/remotewritesecret.yaml
+tests:
+ - it: should be deployed with remote write specific creds if they're provided
+ set:
+ kubernetes.clusterName: test
+ tenant.name: test
+ tenant.password: tset
+ metrics.prometheus.server.remoteWrite.endpoint: "http://foo:123"
+ metrics.prometheus.server.remoteWrite.username: higgs
+ metrics.prometheus.server.remoteWrite.password: boson
+ asserts:
+ - containsDocument:
+ kind: Secret
+ apiVersion: "v1"
+ - equal:
+ path: data
+ value:
+ username: "aGlnZ3M=" # higgs
+ password: "Ym9zb24=" # boson
+ - it: should be deployed with tenant creds as user/password if provided
+ set:
+ kubernetes.clusterName: test
+ tenant.name: test
+ tenant.password: tset
+ metrics.prometheus.server.remoteWrite.endpoint: "http://foo:123"
+ asserts:
+ - containsDocument:
+ kind: Secret
+ apiVersion: "v1"
+ - equal:
+ path: data
+ value:
+ username: "dGVzdA==" # test
+ password: "dHNldA==" # tset
diff --git a/values.yaml b/values.yaml
index a755779416379ab025c632d78c8b64ee1a0e5d44..d9f8842dc6c46e3e1b7d90030d6d70cb16221a87 100644
--- a/values.yaml
+++ b/values.yaml
@@ -10,17 +10,17 @@ otlp:
port: 4319
# Tenant configuration. Username and Password are provided via CERN Central IT
-# Monitoring service.
-tenant:
+# Monitoring service. This bit is required if fluentbit is enabled (default)
+# tenant:
# -- username used for authenitcating in the MONIT infrastructure
- name: nil
+ # name: example
# -- password (plain) used for authenitcating in the MONIT infrastructure
- password: nil
+ # password: example
# Kubernetes configuration.
-kubernetes:
- # -- name of the kubernetes cluster to monitor. This value will be appended to very metric and log via k8sClusterName label
- clusterName: nil
+# kubernetes:
+ # -- name of the kubernetes cluster to monitor. This value will be appended to very metric and log via k8sClusterName label. This bit is required if fluentbit is enabled (default)
+ # clusterName: nil
# The metrics section includes all the components meant to produce, scrape,
# collect or forward metrics. You can configure all components independently.
@@ -101,7 +101,7 @@ metrics:
remoteWrite: {}
# endpoint: "https://monit-prom-mom.cern.ch:9090/api/v1/write"
# username: "your user" # If user and password are not provided then
- # tenantName and tenantPassword will be used.
+ # tenant.name and tenant.password will be used.
# password: "your password"
resources:
requests:
@@ -220,8 +220,8 @@ metrics:
traces_uri: /v1/traces
tls: on
tls.verify: off
- http_user: {{ .Values.tenant.name }}
- http_passwd: {{ .Values.tenant.password }}
+ http_user: {{ required "Tenant name is required" (.Values.tenant).name }}
+ http_passwd: {{ required "Tenant password is required" (.Values.tenant).password }}
storage.total_limit_size: {{ .Values.metrics.fluentbit.diskMaxCache }}
header: User-Agent {{ .Chart.Name }}/{{ .Chart.Version }}
@@ -381,7 +381,7 @@ logs:
[FILTER]
Name modify
Match *
- Add kubernetes_cluster_name {{ .Values.kubernetes.clusterName }}
+ Add kubernetes_cluster_name {{ required "kubernetes.clusterName is missing" (.Values.kubernetes).clusterName }}
Add monit_type kubernetes
Remove kubernetes_container_hash
Remove kubernetes_docker_id
@@ -414,8 +414,8 @@ logs:
traces_uri /v1/traces
tls on
tls.verify off
- http_user {{ .Values.tenant.name }}
- http_passwd {{ .Values.tenant.password }}
+ http_user {{ required "Tenant name is required" (.Values.tenant).name }}
+ http_passwd {{ required "Tenant password is required" (.Values.tenant).password }}
header tag monit
header log_type kubernetes
header User-Agent {{ .Chart.Name }}/{{ .Chart.Version }}