From c2792bb7ffbf4bbebe16849b4b561188a18e6964 Mon Sep 17 00:00:00 2001
From: Shivangi <spandey.04.1998@gmail.com>
Date: Wed, 8 Jan 2025 15:57:13 +0100
Subject: [PATCH] [egressd] add support for clusterIDSecretRef (#621)

* [egressd] add support for clusterIDSecretRef

* [egressd] add support for clusterIDSecretRef

- fix bug allow passing of both apiKey and apiKeySecretRef

* Add support for clusterIdSecretKeyRef.key

* Bump version in Chart.yaml

---------

Co-authored-by: Shivangi Pandey <shivangi.pandey@swisscom.com>
Co-authored-by: Shivangi Pandey <shivangi@Shivangis-MacBook-Air.local>
---
 charts/egressd/Chart.yaml                     |  2 +-
 .../templates/exporter/deployment.yaml        | 19 +++++++++++++++++++
 charts/egressd/values.yaml                    |  8 +++++++-
 3 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/charts/egressd/Chart.yaml b/charts/egressd/Chart.yaml
index ec99b59c..5656b584 100644
--- a/charts/egressd/Chart.yaml
+++ b/charts/egressd/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v2
 name: egressd
 description: Kubernetes aware network traffic monitoring
 type: application
-version: 0.1.40
+version: 0.2.0
 appVersion: "v0.13.2"
diff --git a/charts/egressd/templates/exporter/deployment.yaml b/charts/egressd/templates/exporter/deployment.yaml
index dafdbc05..44710612 100644
--- a/charts/egressd/templates/exporter/deployment.yaml
+++ b/charts/egressd/templates/exporter/deployment.yaml
@@ -61,6 +61,22 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: metadata.namespace
+        {{- if .Values.castai.clusterID }}
+        {{- if ne .Values.castai.clusterIdSecretKeyRef.name "" }}
+        {{- fail "clusterID and clusterIdSecretKeyRef are mutually exclusive" }}
+        {{- end }}
+        - name: CLUSTER_ID
+          value: {{ .Values.castai.clusterID | quote }}
+        {{- else }}
+        {{- if not .Values.castai.clusterIdSecretKeyRef.name }}
+        {{- fail "either clusterID or clusterIdSecretKeyRef should be passed" }}
+        {{- end }}
+        - name: CLUSTER_ID     
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.castai.clusterIdSecretKeyRef.name }}
+              key: {{ .Values.castai.clusterIdSecretKeyRef.key }}       
+        {{- end }}
         {{- if or .Values.castai.apiKey .Values.castai.apiKeySecretRef }}
         - name: API_KEY
           valueFrom:
@@ -69,6 +85,9 @@ spec:
                 {{- fail "`collector.extraArgs.send-traffic-delta` should be set to `true` when CAST AI is used as sink" }}
               {{- else }}
                 {{- if .Values.castai.apiKey }}
+                {{- if ne .Values.castai.apiKeySecretRef "" }}
+                {{- fail "apiKey and apiKeySecretRef are mutually exclusive" }}
+                {{- end }}
                 name: "{{- include "egressd.fullname" . }}"
                 key: API_KEY
                 {{- else if  .Values.castai.apiKeySecretRef }}
diff --git a/charts/egressd/values.yaml b/charts/egressd/values.yaml
index bc6b6ea7..43fad7b6 100644
--- a/charts/egressd/values.yaml
+++ b/charts/egressd/values.yaml
@@ -15,7 +15,13 @@ castai:
   apiURL: "https://api.cast.ai"
 
   # CASTAI Cluster unique identifier.
+  # clusterID and clusterIdSecretKeyRef are mutually exclusive
   clusterID: ""
+  # clusterIdSecretKeyRef -- Name of secret with ClusterID
+  # The referenced secret must provide the ClusterID in .data[<<.Values.castai.clusterIdSecretKeyRef.key>>]
+  clusterIdSecretKeyRef:
+    name: ""
+    key: "CLUSTER_ID"
 
 imagePullSecrets: []
 nameOverride: ""
@@ -126,7 +132,7 @@ exporter:
     {{- if or .Values.castai.apiKey .Values.castai.apiKeySecretRef }}
       castai:
         http:
-          url: "{{.Values.castai.apiURL}}/v1/kubernetes/clusters/{{.Values.castai.clusterID}}/egressd-metrics"
+          url: "{{.Values.castai.apiURL}}/v1/kubernetes/clusters/${CLUSTER_ID}/egressd-metrics"
           compression: gzip
           encoding: protobuf
           method: POST