Merge pull request #31 from denis-ryzhkov/multiple-sveltos-profiles

Generate multiple sveltos `ClusterProfile`-s to distribute `external-dns-aws-credentials` to "storage" cluster only
k0rdent · Jan 16, 2025 · 787404e · 787404e
2 parents a26e10e + ea983ea
commit 787404e
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 24 deletions.
diff --git a/Makefile b/Makefile
@@ -105,6 +105,7 @@ dev-storage-deploy: dev ## Deploy kof-storage helm chart to the K8s cluster spec
 dev-ms-deploy-aws: dev ## Deploy Mothership helm chart to the K8s cluster specified in ~/.kube/config for a remote storage cluster
 	cp -f $(TEMPLATES_DIR)/kof-mothership/values.yaml dev/mothership-values.yaml
 	@$(YQ) eval -i '.kcm.installTemplates = true' dev/mothership-values.yaml
+	@$(YQ) eval -i '.kcm.kof.clusterProfiles.kofAwsDnsSecrets = {"matchLabels": {"k0rdent.mirantis.com/kof-aws-dns-secrets": "true"}, "secrets": ["external-dns-aws-credentials"]}' dev/mothership-values.yaml
 	@$(YQ) eval -i '.grafana.logSources = [{"name": "$(USER)-aws-storage", "url": "https://vmauth.$(STORAGE_DOMAIN)/vls", "type": "victoriametrics-logs-datasource", "auth": {"credentials_secret_name": "storage-vmuser-credentials", "username_key": "username", "password_key": "password"}}]' dev/mothership-values.yaml
 	@$(YQ) eval -i '.promxy.config.serverGroups = [{"clusterName": "$(USER)-aws-storage", "targets": ["vmauth.$(STORAGE_DOMAIN):443"], "auth": {"credentials_secret_name": "storage-vmuser-credentials", "create_secret": true, "username_key": "username", "password_key": "password"}}]' dev/mothership-values.yaml
 

diff --git a/charts/kof-mothership/Chart.yaml b/charts/kof-mothership/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: kof-mothership
 description: A Helm chart that deploys Grafana, Promxy, and VictoriaMetrics.
-version: 0.1.8
+version: 0.1.9
 appVersion: "1.0"
 dependencies:
   - name: grafana-operator

diff --git a/charts/kof-mothership/templates/kcm/sveltos/copy-template.yaml b/charts/kof-mothership/templates/kcm/sveltos/copy-template.yaml
diff --git a/charts/kof-mothership/templates/sveltos/copy-secrets-cluster-profile.yaml b/charts/kof-mothership/templates/sveltos/copy-secrets-cluster-profile.yaml
@@ -1,24 +1,39 @@
-{{- if .Values.kcm.kof.secrets_copy.secrets }}
+{{- range $name, $value := .Values.kcm.kof.clusterProfiles }}
 {{- /* Distributing secrets to clusters automatically*/}}
 ---
 apiVersion: config.projectsveltos.io/v1beta1
 kind: ClusterProfile
 metadata:
-  name: kof-secrets
+  name: {{ $name }}
 spec:
   clusterSelector:
-    matchLabels: {{ .Values.kcm.kof.secrets_copy.matchLabels | toYaml | nindent 6 }}
+    matchLabels: {{ $value.matchLabels | toYaml | nindent 6 }}
   templateResourceRefs:
-{{- range .Values.kcm.kof.secrets_copy.secrets }}
-    - resource:
+    {{- range $value.secrets }}
+    - identifier: secret-{{ . }}
+      resource:
         apiVersion: v1
         kind: Secret
         name: {{ . }}
         namespace: {{ $.Release.Namespace }}
-      identifier: Resource
-{{- end }}
+    {{- end }}
   policyRefs:
+    {{- range $value.secrets }}
     - kind: ConfigMap
-      name: copy-resource-template
+      name: secret-template-{{ . }}
       namespace: {{ $.Release.Namespace }}
+    {{- end }}
+{{- range $value.secrets }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: secret-template-{{ . }}
+  namespace: {{ $.Release.Namespace }}
+  annotations:
+    projectsveltos.io/template: "true"
+data:
+  secret.yaml: |
+    {{` {{ copy "`}}secret-{{ . }}{{`" }} `}}
+{{- end }}
 {{- end }}
diff --git a/charts/kof-mothership/values.yaml b/charts/kof-mothership/values.yaml
@@ -20,11 +20,12 @@ kcm:
         version: 0.0.2
       storage:
         version: 0.1.4
-    secrets_copy:
-      matchLabels:
-        k0rdent.mirantis.com/kof-storage-secrets: "true"
-      secrets:
-        - storage-vmuser-credentials
+    clusterProfiles:
+      kofStorageSecrets:
+        matchLabels:
+          k0rdent.mirantis.com/kof-storage-secrets: "true"
+        secrets:
+          - storage-vmuser-credentials
 victoriametrics:
   enabled: true
   vmcluster:

diff --git a/demo/cluster/aws-storage.yaml b/demo/cluster/aws-storage.yaml
@@ -21,6 +21,7 @@ spec:
     workersNumber: 3
     clusterLabels:
       k0rdent.mirantis.com/kof-storage-secrets: "true"
+      k0rdent.mirantis.com/kof-aws-dns-secrets: "true"
   template: aws-standalone-cp-0-0-5
   serviceSpec:
     priority: 100