streamnative · jrsdav · Apr 27, 2022 · Apr 22, 2022 · Apr 22, 2022 · Apr 22, 2022
@@ -98,6 +98,7 @@ module "terraform-helm-charts" {
 
 While this pattern has [some limitations](https://github.com/hashicorp/terraform/issues/24142#issuecomment-938106778), it is a sufficient workaround for our (opinionated) needs in these modules.
 
+<!-- BEGIN_TF_DOCS -->
 ## Requirements
 
 | Name | Version |
@@ -114,6 +115,7 @@ No providers.
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_cloud-manager-agent"></a> [cloud-manager-agent](#module\_cloud-manager-agent) | ./modules/cloud-manager-agent | n/a |
 | <a name="module_function_mesh_operator"></a> [function\_mesh\_operator](#module\_function\_mesh\_operator) | ./modules/function-mesh-operator | n/a |
 | <a name="module_istio_operator"></a> [istio\_operator](#module\_istio\_operator) | ./modules/istio-operator | n/a |
 | <a name="module_olm"></a> [olm](#module\_olm) | ./modules/operator-lifecycle-manager | n/a |
@@ -133,6 +135,10 @@ No resources.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_cma_environment"></a> [cma\_environment](#input\_cma\_environment) | Whether this is for a test, staging, or production environment. | `string` | `"production"` | no |
+| <a name="input_cma_namespace"></a> [cma\_namespace](#input\_cma\_namespace) | The namespace used by cloud-manager-agent and its resources | `string` | `"sn-system"` | no |
+| <a name="input_cma_settings"></a> [cma\_settings](#input\_cma\_settings) | Additional key value settings which will be passed to the Helm chart values, e.g. { "namespace" = "kube-system" }. | `map(any)` | `null` | no |
+| <a name="input_cma_values"></a> [cma\_values](#input\_cma\_values) | A list of values in raw YAML to be applied to the helm release. Merges with the settings input, can also be used with the `file()` function, i.e. `file("my/values.yaml")` | `any` | `null` | no |
 | <a name="input_create_function_mesh_operator_namespace"></a> [create\_function\_mesh\_operator\_namespace](#input\_create\_function\_mesh\_operator\_namespace) | Create a namespace for the deployment. | `bool` | `false` | no |
 | <a name="input_create_istio_operator_namespace"></a> [create\_istio\_operator\_namespace](#input\_create\_istio\_operator\_namespace) | Create a namespace for the deployment. Defaults to "true". | `bool` | `true` | no |
 | <a name="input_create_istio_system_namespace"></a> [create\_istio\_system\_namespace](#input\_create\_istio\_system\_namespace) | Create a namespace where istio components will be installed. | `bool` | `false` | no |
@@ -146,6 +152,7 @@ No resources.
 | <a name="input_create_vault_operator_namespace"></a> [create\_vault\_operator\_namespace](#input\_create\_vault\_operator\_namespace) | Create a namespace for the deployment. | `bool` | `false` | no |
 | <a name="input_create_vector_agent_namespace"></a> [create\_vector\_agent\_namespace](#input\_create\_vector\_agent\_namespace) | Create a namespace for the deployment. | `bool` | `false` | no |
 | <a name="input_create_vmagent_namespace"></a> [create\_vmagent\_namespace](#input\_create\_vmagent\_namespace) | Create a namespace for the deployment. | `bool` | `false` | no |
+| <a name="input_enable_cma"></a> [enable\_cma](#input\_enable\_cma) | Enables Cloud Manager Agent. Disabled by default. | `bool` | `false` | no |
 | <a name="input_enable_function_mesh_operator"></a> [enable\_function\_mesh\_operator](#input\_enable\_function\_mesh\_operator) | Enables the StreamNative Function Mesh Operator. Set to "true" by default, but disabled if OLM is enabled. | `bool` | `true` | no |
 | <a name="input_enable_istio_operator"></a> [enable\_istio\_operator](#input\_enable\_istio\_operator) | Enables the Istio Operator. Set to "false" by default. | `bool` | `false` | no |
 | <a name="input_enable_kiali_operator"></a> [enable\_kiali\_operator](#input\_enable\_kiali\_operator) | Enables the Kiali Operator. Set to "false" by default. | `bool` | `false` | no |
@@ -251,6 +258,8 @@ No resources.
 | <a name="input_vmagent_chart_repository"></a> [vmagent\_chart\_repository](#input\_vmagent\_chart\_repository) | The repository containing the Helm chart to install. | `string` | `null` | no |
 | <a name="input_vmagent_chart_version"></a> [vmagent\_chart\_version](#input\_vmagent\_chart\_version) | The version of the Helm chart to install. Set to the submodule default. | `string` | `null` | no |
 | <a name="input_vmagent_gsa_audience"></a> [vmagent\_gsa\_audience](#input\_vmagent\_gsa\_audience) | If using GSA for auth to send metrics, the audience to use for token generation | `string` | `null` | no |
+| <a name="input_vmagent_gtoken_image"></a> [vmagent\_gtoken\_image](#input\_vmagent\_gtoken\_image) | The image URL to use for the gtoken container | `string` | `null` | no |
+| <a name="input_vmagent_gtoken_image_version"></a> [vmagent\_gtoken\_image\_version](#input\_vmagent\_gtoken\_image\_version) | The image version to use for the gtoken container | `string` | `null` | no |
 | <a name="input_vmagent_namespace"></a> [vmagent\_namespace](#input\_vmagent\_namespace) | The namespace used for the operator deployment. | `string` | `"sn-system"` | no |
 | <a name="input_vmagent_oauth2_client_id"></a> [vmagent\_oauth2\_client\_id](#input\_vmagent\_oauth2\_client\_id) | If OAuth2 is enabled, provide the client id for the VMAgent client | `string` | `null` | no |
 | <a name="input_vmagent_oauth2_client_secret"></a> [vmagent\_oauth2\_client\_secret](#input\_vmagent\_oauth2\_client\_secret) | If OAuth2 is enabled, provide a base64 encoded secret to use for the VMAgent client connection. | `string` | `null` | no |
@@ -266,3 +275,4 @@ No resources.
 ## Outputs
 
 No outputs.
+<!-- END_TF_DOCS -->
@@ -122,6 +122,16 @@ module "otel_collector" {
   values           = var.otel_collector_values
 }
 
+module "cloud-manager-agent" {
+  count  = var.enable_cma ? 1 : 0
+  source = "./modules/cloud-manager-agent"
+
+  namespace              = var.cma_namespace
+  settings               = var.cma_settings
+  environment            = var.cma_environment
+  values                 = var.cma_values
+}
+
 locals {
   prometheus_operator_values = var.prometheus_operator_values != null ? var.prometheus_operator_values : [yamlencode({
     grafana = {

@@ -0,0 +1,44 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >=1.0.0 |
+| <a name="requirement_helm"></a> [helm](#requirement\_helm) | >=2.2.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_helm"></a> [helm](#provider\_helm) | >=2.2.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [helm_release.cloud-manager-agent](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_atomic"></a> [atomic](#input\_atomic) | Purge the chart on a failed installation. | `any` | `null` | no |
+| <a name="input_chart_name"></a> [chart\_name](#input\_chart\_name) | The name of the chart to install. | `string` | `null` | no |
+| <a name="input_chart_repository"></a> [chart\_repository](#input\_chart\_repository) | The repository to install the chart from. | `string` | `null` | no |
+| <a name="input_chart_version"></a> [chart\_version](#input\_chart\_version) | The version of the chart to install. | `string` | `null` | no |
+| <a name="input_cleanup_on_fail"></a> [cleanup\_on\_fail](#input\_cleanup\_on\_fail) | Allow deletion of new resources created in this upgrade when upgrade fails. | `bool` | `null` | no |
+| <a name="input_environment"></a> [environment](#input\_environment) | Whether this is for a test, staging, or production environment. | `string` | `"production"` | no |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | The namespace used for installing cloud-manager-agent in. | `string` | `null` | no |
+| <a name="input_release_name"></a> [release\_name](#input\_release\_name) | The name of the helm release. | `string` | `null` | no |
+| <a name="input_settings"></a> [settings](#input\_settings) | Additional settings which will be passed to the Helm chart values. | `map(any)` | `null` | no |
+| <a name="input_timeout"></a> [timeout](#input\_timeout) | Time in seconds to wait for any individual kubernetes operation. | `number` | `null` | no |
+| <a name="input_values"></a> [values](#input\_values) | A list of values in raw YAML to be applied to the helm release. Merges with the settings input, can also be used with the `file()` function, i.e. `file("my/values.yaml")`. | `any` | `null` | no |
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->
@@ -0,0 +1,42 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
@@ -0,0 +1,25 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+apiVersion: v2
+name: cloud-manager-agent
+description: cloud-manager-agent helm chart to install on hosted clusters
+type: application
+version: 1.0.0
+appVersion: "v2.0.5"
@@ -0,0 +1,26 @@
+{{- /*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+***********************************************************************
+* Cloud Manager Agent                                                 *
+***********************************************************************
+  Chart version: {{ .Chart.Version }}
+  App version:   {{ .Chart.AppVersion }}
+  Image tag:     {{ include "cloud-manager-agent.image" . }}
+***********************************************************************
@@ -0,0 +1,120 @@
+{{- /*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "cloud-manager-agent.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "cloud-manager-agent.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "cloud-manager-agent.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "cloud-manager-agent.labels" -}}
+helm.sh/chart: {{ include "cloud-manager-agent.chart" . }}
+{{ include "cloud-manager-agent.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "cloud-manager-agent.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "cloud-manager-agent.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "cloud-manager-agent.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "cloud-manager-agent.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+
+{{- define "cloud-manager-agent.image" -}}
+{{- $image := .Values.image }}
+{{- $tag := empty $image.tag | ternary "" (print ":" $image.tag)}}
+{{- $digest :=  empty $image.digest | ternary "" (print "@" $image.digest) }}
+{{- $image.repository }}{{ $digest }}{{ $tag }}
+{{- end}}
+
+{{/*
+Return the proper Docker Image Registry Secret Names
+*/}}
+{{- define "cloud-manager-agent.imagePullSecrets" -}}
+{{/*
+Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
+but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
+Also, we can not use a single if because lazy evaluation is not an option
+*/}}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{- range .Values.global.imagePullSecrets }}
+  - name: {{ . }}
+{{- end }}
+
+{{- else if .Values.image.pullSecrets }}
+imagePullSecrets:
+{{- range .Values.image.pullSecrets }}
+  - name: {{ . }}
+{{- end }}
+
+{{- else if .Values.imagePullSecrets }}
+imagePullSecrets:
+{{- range .Values.imagePullSecrets }}
+  - name: {{ . }}
+{{- end }}
+
+{{- end -}} # end if/elseif/elseif
+
+{{- end -}} # end define
@@ -0,0 +1,27 @@
+{{- /*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+*/}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "cloud-manager-agent.fullname" . }}
+  namespace: {{ .Release.Namespace | quote }}
+  labels: {{- include "cloud-manager-agent.labels" . | nindent 4 }}
+data:
+  application.properties: |
+{{ .Values.appConfig.applicationProperties | indent 4 }}