address PR comments

newrelic · Sep 23, 2024 · d598ded · d598ded
1 parent f11ce5a
commit d598ded
Show file tree

Hide file tree

Showing 5 changed files with 84 additions and 71 deletions.
diff --git a/charts/super-agent/Chart.yaml b/charts/super-agent/Chart.yaml
@@ -23,9 +23,15 @@ keywords:
   - super-agent
 
 maintainers:
-  - name: sigilioso
-    url: https://github.com/sigilioso
-  - name: kang-makes
-    url: https://github.com/kang-makes
+  - name: alvarocabanas
+    url: https://github.com/alvarocabanas
+  - name: DavSanchez
+    url: https://github.com/DavSanchez
+  - name: gsanchezgavier
+    url: https://github.com/gsanchezgavier
   - name: paologallinaharbur
     url: https://github.com/paologallinaharbur
+  - name: rubenruizdegauna
+    url: https://github.com/rubenruizdegauna
+  - name: sigilioso
+    url: https://github.com/sigilioso
diff --git a/charts/super-agent/README.md b/charts/super-agent/README.md
@@ -51,18 +51,18 @@ As of the creation of the chart, it has no particularities and this section can
 | super-agent-deployment.affinity | object | `{}` | Sets pod/node affinities. Can be configured also with `global.affinity` |
 | super-agent-deployment.cleanupManagedResources | bool | `true` | Enable the cleanup of super-agent managed resources when the chart is uninstalled. If disabled, agents and/or agent configurations managed by the super-agent will not be deleted when the chart is uninstalled. |
 | super-agent-deployment.cluster | string | `""` | Name of the Kubernetes cluster monitored. Can be configured also with `global.cluster`. |
-| super-agent-deployment.config.auth.organization_id | string | `""` | Organization ID where fleets will live. |
-| super-agent-deployment.config.auth.secret.client_id.base64 | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as base64. This options is mutually exclusive with `plain`. |
-| super-agent-deployment.config.auth.secret.client_id.plain | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as plain text. This options is mutually exclusive with `base64`. |
-| super-agent-deployment.config.auth.secret.client_id.secret_key | string | `client_id` | Key inside the secret containing the client ID. |
-| super-agent-deployment.config.auth.secret.name | string | release name suffixed with "-auth" | Name auth' secret provided by the user. If the creation of this secret is set to `true`, this is the same the secret will have. |
-| super-agent-deployment.config.auth.secret.private_key.base64_pem | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as base64. This options is mutually exclusive with `plain_pem`. |
-| super-agent-deployment.config.auth.secret.private_key.plain_pem | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as plain text. This options is mutually exclusive with `base64_pem`. |
-| super-agent-deployment.config.auth.secret.private_key.secret_key | string | `private_key` | Key inside the secret containing the private key. |
+| super-agent-deployment.config.opamp.auth.organization_id | string | `""` | Organization ID where fleets will live. |
+| super-agent-deployment.config.opamp.auth.secret.client_id.base64 | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as base64. This options is mutually exclusive with `plain`. |
+| super-agent-deployment.config.opamp.auth.secret.client_id.plain | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as plain text. This options is mutually exclusive with `base64`. |
+| super-agent-deployment.config.opamp.auth.secret.client_id.secret_key | string | `client_id` | Key inside the secret containing the client ID. |
+| super-agent-deployment.config.opamp.auth.secret.name | string | release name suffixed with "-auth" | Name auth' secret provided by the user. If the creation of this secret is set to `true`, this is the same the secret will have. |
+| super-agent-deployment.config.opamp.auth.secret.private_key.base64_pem | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as base64. This options is mutually exclusive with `plain_pem`. |
+| super-agent-deployment.config.opamp.auth.secret.private_key.plain_pem | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as plain text. This options is mutually exclusive with `base64_pem`. |
+| super-agent-deployment.config.opamp.auth.secret.private_key.secret_key | string | `private_key` | Key inside the secret containing the private key. |
 | super-agent-deployment.config.opamp.enabled | bool | `true` | Enables or disables the auth against fleet control. It implies to disable any fleet communication and running the agent in stand alone mode where only the agents specified on `.config.subAgents` will be launched. |
 | super-agent-deployment.config.subAgents | string | `newrelic/io.opentelemetry.collector` (See `values.yaml`) | Values that the fleet is going to have in the deployment. If empty, chart will automatically add `newrelic/io.opentelemetry.collector` subagent. On the other hand, if populated the list of agent created is the one specified overwriting the default. |
 | super-agent-deployment.config.superAgent | object | See `values.yaml` | Configuration for the Super Agent. |
-| super-agent-deployment.config.superAgent.content | object | `{}` | It you are a PowerUser, you can use this to override the configuration that has been created automatically by the chart. This configuration here will be **MERGED** with the configuration specified above. If you need to have you own configuration, disabled the creation of this configMap and create your own. |
+| super-agent-deployment.config.superAgent.content | object | `{}` | Overrides the configuration that has been created automatically by the chart. This configuration here will be **MERGED** with the configuration specified above. If you need to have you own configuration, disabled the creation of this configMap and create your own. |
 | super-agent-deployment.config.superAgent.create | bool | `true` | Set if the configMap is going to be created by this chart or the user will provide its own. |
 | super-agent-deployment.containerSecurityContext | object | `{}` | Sets security context (at container level). Can be configured also with `global.containerSecurityContext` |
 | super-agent-deployment.customAttributes | object | `{}` | TODO: Adds extra attributes to the cluster and all the metrics emitted to the backend. Can be configured also with `global.customAttributes` |
@@ -96,6 +96,9 @@ As of the creation of the chart, it has no particularities and this section can
 
 ## Maintainers
 
-* [sigilioso](https://github.com/sigilioso)
-* [kang-makes](https://github.com/kang-makes)
+* [alvarocabanas](https://github.com/alvarocabanas)
+* [DavSanchez](https://github.com/DavSanchez)
+* [gsanchezgavier](https://github.com/gsanchezgavier)
 * [paologallinaharbur](https://github.com/paologallinaharbur)
+* [rubenruizdegauna](https://github.com/rubenruizdegauna)
+* [sigilioso](https://github.com/sigilioso)
diff --git a/charts/super-agent/charts/super-agent-deployment/templates/_helpers.tpl b/charts/super-agent/charts/super-agent-deployment/templates/_helpers.tpl
@@ -174,7 +174,7 @@ readOnlyRootFilesystem: true
 Return .Values.config.auth.organizationId and fails if it does not exists
 */ -}}
 {{- define "newrelic-super-agent.auth.organizationId" -}}
-{{- if ((.Values.config).auth).organizationId -}}
+{{- if (((.Values.config).opamp).auth).organizationId -}}
   {{- .Values.config.auth.organizationId -}}
 {{- else -}}
   {{- fail ".config.auth.organizationId is required." -}}
@@ -188,7 +188,7 @@ Check if .Values.config.auth.secret.name exists and use it to name auth' secret.
 of the releases with "-auth" suffix.
 */ -}}
 {{- define "newrelic-super-agent.auth.secret.name" -}}
-{{- $secretName := ((((.Values.config).auth).secret).name) -}}
+{{- $secretName := (((((.Values.config).opamp).auth).secret).name) -}}
 {{- if $secretName -}}
   {{- $secretName -}}
 {{- else -}}
@@ -205,7 +205,7 @@ Helper to toggle the creation of the job that creates and registers the system i
 {{- $privateKey := include "newrelic-super-agent.auth.secret.privateKey.data" . -}}
 {{- $clientId := include "newrelic-super-agent.auth.secret.clientId.data" . -}}
 
-{{- if and ((.Values.config).opamp).enabled (((.Values.config).auth).secret).create (not $privateKey) (not $clientId) -}}
+{{- if and ((.Values.config).opamp).enabled ((((.Values.config).opamp).auth).secret).create (not $privateKey) (not $clientId) -}}
   true
 {{- end -}}
 {{- end -}}
@@ -216,7 +216,7 @@ Helper to toggle the creation of the job that creates and registers the system i
 Helper to toggle the creation of the secret that has the system identity as values.
 */ -}}
 {{- define "newrelic-super-agent.auth.secret.shouldTemplate" -}}
-{{- if and ((.Values.config).opamp).enabled (((.Values.config).auth).secret).create -}}
+{{- if and ((.Values.config).opamp).enabled ((((.Values.config).opamp).auth).secret).create -}}
   {{- $privateKey := include "newrelic-super-agent.auth.secret.privateKey.data" . -}}
   {{- $clientId := include "newrelic-super-agent.auth.secret.clientId.data" . -}}
 
@@ -235,7 +235,7 @@ Check if .Values.config.auth.secret.private_key.secret_key exists and use it for
 key needed for the system identity. Fallbacks to `private_key`.
 */ -}}
 {{- define "newrelic-super-agent.auth.secret.privateKey.key" -}}
-{{- $key := (((((.Values.config).auth).secret).private_key).secret_key) -}}
+{{- $key := ((((((.Values.config).opamp).auth).secret).private_key).secret_key) -}}
 {{- if $key -}}
   {{- $key -}}
 {{- else -}}
@@ -250,8 +250,8 @@ Check if .Values.config.auth.secret.private_key.(plain_pem or base64_pem) exists
 auth. If no ceritifcate is provided, it defaults to `""` (empty string) so this helper can be used directly as a test.
 */ -}}
 {{- define "newrelic-super-agent.auth.secret.privateKey.data" -}}
-{{- $plain_pem := (((((.Values.config).auth).secret).private_key).plain_pem) -}}
-{{- $base64_pem := (((((.Values.config).auth).secret).private_key).base64_pem) -}}
+{{- $plain_pem := ((((((.Values.config).opamp).auth).secret).private_key).plain_pem) -}}
+{{- $base64_pem := ((((((.Values.config).opamp).auth).secret).private_key).base64_pem) -}}
 {{- if and $plain_pem $base64_pem -}}
   {{- fail "Only one of base64_pem or plain_pem should be provided it you want to provide your own certificate." -}}
 {{- else if $base64_pem -}}
@@ -270,7 +270,7 @@ Check if .Values.config.auth.secret.client_id.secret_key exists and use it for t
 needed for the system identity. Fallbacks to `client_id`.
 */ -}}
 {{- define "newrelic-super-agent.auth.secret.clientId.key" -}}
-{{- $key := (((((.Values.config).auth).secret).client_id).secret_key) -}}
+{{- $key := ((((((.Values.config).opamp).auth).secret).client_id).secret_key) -}}
 {{- if $key -}}
   {{- $key -}}
 {{- else -}}
@@ -285,8 +285,8 @@ Check if .Values.config.auth.secret.client_id.(plain or base64) exists and use i
 value is provided, it defaults to `""` (empty string) so this helper can be used directly as a test.
 */ -}}
 {{- define "newrelic-super-agent.auth.secret.clientId.data" -}}
-{{- $plain := (((((.Values.config).auth).secret).client_id).plain) -}}
-{{- $base64 := (((((.Values.config).auth).secret).client_id).base64) -}}
+{{- $plain := ((((((.Values.config).opamp).auth).secret).client_id).plain) -}}
+{{- $base64 := ((((((.Values.config).opamp).auth).secret).client_id).base64) -}}
 {{- if and $plain $base64 -}}
   {{- fail "Only one of base64 or plain should be provided it you want to provide your own client id." -}}
 {{- else if $base64 -}}

diff --git a/charts/super-agent/charts/super-agent-deployment/tests/auth_secret_test.yaml b/charts/super-agent/charts/super-agent-deployment/tests/auth_secret_test.yaml
@@ -13,12 +13,13 @@ tests:
     set:
       cluster: test
       config:
-        auth:
-          secret:
-            private_key:
-              base64_pem: dGVzdC1rZXk=
-            client_id:
-              base64: dGVzdC1rZXk=
+        opamp:
+          auth:
+            secret:
+              private_key:
+                base64_pem: dGVzdC1rZXk=
+              client_id:
+                base64: dGVzdC1rZXk=
     asserts:
       - template: templates/deployment-superagent.yaml
         equal:
@@ -66,8 +67,9 @@ tests:
     set:
       cluster: test
       config:
-        auth:
-          enable: false
+        opamp:
+          auth:
+            enable: false
     asserts:
       - template: templates/deployment-superagent.yaml
         notContains:
@@ -84,10 +86,11 @@ tests:
     set:
       cluster: test
       config:
-        auth:
-          secret:
-            private_key:
-              base64_pem: dGVzdC1rZXk=
+        opamp:
+          auth:
+            secret:
+              private_key:
+                base64_pem: dGVzdC1rZXk=
     asserts:
       - template: templates/secret-sa-auth.yaml
         failedTemplate:
@@ -97,10 +100,11 @@ tests:
     set:
       cluster: test
       config:
-        auth:
-          secret:
-            client_id:
-              base64: dGVzdC1rZXk=
+        opamp:
+          auth:
+            secret:
+              client_id:
+                base64: dGVzdC1rZXk=
     asserts:
       - template: templates/secret-sa-auth.yaml
         failedTemplate:

diff --git a/charts/super-agent/values.yaml b/charts/super-agent/values.yaml
@@ -113,7 +113,7 @@ super-agent-deployment:
     superAgent:
       # -- Set if the configMap is going to be created by this chart or the user will provide its own.
       create: true
-      # -- It you are a PowerUser, you can use this to override the configuration that has been created automatically by the chart.
+      # -- Overrides the configuration that has been created automatically by the chart.
       # This configuration here will be **MERGED** with the configuration specified above.
       # If you need to have you own configuration, disabled the creation of this configMap and create your own.
       content: {}
@@ -143,35 +143,35 @@ super-agent-deployment:
       # in stand alone mode where only the agents specified on `.config.subAgents` will be launched.
       enabled: true
 
-    auth:
-      # -- Organization ID where fleets will live.
-      organization_id: ""
-      secret:
-        create: true
-        # -- Name auth' secret provided by the user. If the creation of this secret is set to `true`, this is the same the secret
-        # will have.
-        # @default -- release name suffixed with "-auth"
-        name:
-        private_key:
-          # -- Key inside the secret containing the private key.
-          # @default -- `private_key`
-          secret_key:
-          # -- In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as base64.
-          # This options is mutually exclusive with `plain_pem`.
-          base64_pem:
-          # -- In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as plain text.
-          # This options is mutually exclusive with `base64_pem`.
-          plain_pem:
-        client_id:
-          # -- Key inside the secret containing the client ID.
-          # @default -- `client_id`
-          secret_key:
-          # -- In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as base64.
-          # This options is mutually exclusive with `plain`.
-          base64:
-          # -- In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as plain text.
-          # This options is mutually exclusive with `base64`.
-          plain:
+      auth:
+        # -- Organization ID where fleets will live.
+        organization_id: ""
+        secret:
+          create: true
+          # -- Name auth' secret provided by the user. If the creation of this secret is set to `true`, this is the same the secret
+          # will have.
+          # @default -- release name suffixed with "-auth"
+          name:
+          private_key:
+            # -- Key inside the secret containing the private key.
+            # @default -- `private_key`
+            secret_key:
+            # -- In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as base64.
+            # This options is mutually exclusive with `plain_pem`.
+            base64_pem:
+            # -- In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as plain text.
+            # This options is mutually exclusive with `base64_pem`.
+            plain_pem:
+          client_id:
+            # -- Key inside the secret containing the client ID.
+            # @default -- `client_id`
+            secret_key:
+            # -- In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as base64.
+            # This options is mutually exclusive with `plain`.
+            base64:
+            # -- In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as plain text.
+            # This options is mutually exclusive with `base64`.
+            plain:
 
 
 # -- Values for the Flux chat. Ref.: https://github.com/fluxcd-community/helm-charts/blob/flux2-2.10.2/charts/flux2/values.yaml