Merge branch '41799-managed-prometheus-deployment-install-a-lot-of-extra-stuff' into 'master'

lib/gitlab/kubernetes/helm/install_command.rb

@@ -36,7 +36,11 @@ module Gitlab
         def complete_command(namespace_name)
           return unless chart
 
-          "helm install #{chart} --name #{name} --namespace #{namespace_name} >/dev/null"
+          if chart_values_file
+            "helm install #{chart} --name #{name} --namespace #{namespace_name} -f /data/helm/#{name}/config/values.yaml >/dev/null"
+          else
+            "helm install #{chart} --name #{name} --namespace #{namespace_name} >/dev/null"
+          end
         end
 
         def install_dps_command

lib/gitlab/kubernetes/helm/pod.rb

@@ -10,9 +10,10 @@ module Gitlab
 
         def generate
           spec = { containers: [container_specification], restartPolicy: 'Never' }
+
           if command.chart_values_file
-            generate_config_map
-            spec['volumes'] = volumes_specification
+            create_config_map
+            spec[:volumes] = volumes_specification
           end
 
           ::Kubeclient::Resource.new(metadata: metadata, spec: spec)
@@ -35,19 +36,39 @@ module Gitlab
         end
 
         def labels
-          { 'gitlab.org/action': 'install', 'gitlab.org/application': command.name }
+          {
+            'gitlab.org/action': 'install',
+            'gitlab.org/application': command.name
+          }
         end
 
         def metadata
-          { name: command.pod_name, namespace: namespace_name, labels: labels }
+          {
+            name: command.pod_name,
+            namespace: namespace_name,
+            labels: labels
+          }
         end
 
         def volume_mounts_specification
-          [{ name: 'config-volume', mountPath: '/etc/config' }]
+          [
+            {
+              name: 'configuration-volume',
+              mountPath: "/data/helm/#{command.name}/config"
+            }
+          ]
         end
 
         def volumes_specification
-          [{ name: 'config-volume', configMap: { name: 'values-config' } }]
+          [
+            {
+              name: 'configuration-volume',
+              configMap: {
+                name: 'values-content-configuration',
+                items: [{ key: 'values', path: 'values.yaml' }]
+              }
+            }
+          ]
         end
 
         def generate_pod_env(command)
@@ -58,10 +79,10 @@ module Gitlab
           }.map { |key, value| { name: key, value: value } }
         end
 
-        def generate_config_map
+        def create_config_map
           resource = ::Kubeclient::Resource.new
-          resource.metadata = { name: 'values-config', namespace: namespace_name }
-          resource.data = YAML.load_file(command.chart_values_file)
+          resource.metadata = { name: 'values-content-configuration', namespace: namespace_name, labels: { name: 'values-content-configuration' } }
+          resource.data = { values: File.read(command.chart_values_file) }
           kubeclient.create_config_map(resource)
         end
       end

spec/lib/gitlab/kubernetes/helm/install_command_spec.rb

@@ -100,6 +100,25 @@ describe Gitlab::Kubernetes::Helm::InstallCommand do
         is_expected.to eq(command)
       end
     end
+
+    context 'when chart values file is present' do
+      let(:install_command) { described_class.new(prometheus.name, chart: prometheus.chart, chart_values_file: prometheus.chart_values_file) }
+      let(:command) do
+        <<~MSG.chomp
+        set -eo pipefail
+        apk add -U ca-certificates openssl >/dev/null
+        wget -q -O - https://kubernetes-helm.storage.googleapis.com/helm-v2.7.0-linux-amd64.tar.gz | tar zxC /tmp >/dev/null
+        mv /tmp/linux-amd64/helm /usr/bin/
+
+        helm init --client-only >/dev/null
+        helm install #{prometheus.chart} --name #{prometheus.name} --namespace #{namespace.name} -f /data/helm/#{prometheus.name}/config/values.yaml >/dev/null
+        MSG
+      end
+
+      it 'should return appropriate command' do
+        is_expected.to eq(command)
+      end
+    end
   end
 
   describe "#pod_name" do

spec/lib/gitlab/kubernetes/helm/pod_spec.rb

@@ -52,18 +52,20 @@ describe Gitlab::Kubernetes::Helm::Pod do
 
       it 'should include volumes for the container' do
         container = subject.generate.spec.containers.first
-        expect(container.volumeMounts.first['name']).to eq('config-volume')
-        expect(container.volumeMounts.first['mountPath']).to eq('/etc/config')
+        expect(container.volumeMounts.first['name']).to eq('configuration-volume')
+        expect(container.volumeMounts.first['mountPath']).to eq("/data/helm/#{app.name}/config")
       end
 
       it 'should include a volume inside the specification' do
         spec = subject.generate.spec
-        expect(spec.volumes.first['name']).to eq('config-volume')
+        expect(spec.volumes.first['name']).to eq('configuration-volume')
       end
 
       it 'should mount configMap specification in the volume' do
         spec = subject.generate.spec
-        expect(spec.volumes.first.configMap['name']).to eq('values-config')
+        expect(spec.volumes.first.configMap['name']).to eq('values-content-configuration')
+        expect(spec.volumes.first.configMap['items'].first['key']).to eq('values')
+        expect(spec.volumes.first.configMap['items'].first['path']).to eq('values.yaml')
       end
     end
 

vendor/prometheus/values.yaml

-alertmanager: |
+alertmanager:
   enabled: false
 
-kubeStateMetrics: |
-  enabled: 'false'
+kubeStateMetrics:
+  enabled: false
 
-nodeExporter: |
-  enabled: 'false'
+nodeExporter:
+  enabled: false
 
-pushgateway: |
-  enabled: 'false'
+pushgateway:
+  enabled: false
 
-serverFiles: |
-  alerts: ''
-  rules: ''
+serverFiles:
+  alerts: ""
+  rules: ""
 
   prometheus.yml: |-
-    rule_files: |
+    rule_files:
       - /etc/config/rules
       - /etc/config/alerts
-    scrape_configs: |
+
+    scrape_configs:
       - job_name: prometheus
-        static_configs: |
+        static_configs:
           - targets:
             - localhost:9090
 
       - job_name: 'kubernetes-apiservers'
-        kubernetes_sd_configs: |
+
+        kubernetes_sd_configs:
           - role: endpoints
+
         scheme: https
 
         tls_config:
@@ -37,14 +40,17 @@ serverFiles: |
           - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]
             action: keep
             regex: default;kubernetes;https
+
       - job_name: 'kubernetes-nodes'
         scheme: https
         tls_config:
           ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
           insecure_skip_verify: true
         bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+
         kubernetes_sd_configs:
           - role: node
+
         relabel_configs:
           - action: labelmap
             regex: __meta_kubernetes_node_label_(.+)
@@ -54,14 +60,15 @@ serverFiles: |
             regex: (.+)
             target_label: __metrics_path__
             replacement: /api/v1/nodes/${1}/proxy/metrics
- 
       - job_name: 'kubernetes-service-endpoints'
+
         kubernetes_sd_configs:
           - role: endpoints
-        relabel_configs: |
+
+        relabel_configs:
           - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
             action: keep
-            regex: 'true'
+            regex: true
           - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme]
             action: replace
             target_label: __scheme__
@@ -83,24 +90,30 @@ serverFiles: |
           - source_labels: [__meta_kubernetes_service_name]
             action: replace
             target_label: kubernetes_name
+
       - job_name: 'prometheus-pushgateway'
         honor_labels: true
-        kubernetes_sd_configs: |
+
+        kubernetes_sd_configs:
           - role: service
-        relabel_configs: |
+
+        relabel_configs:
           - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_probe]
             action: keep
             regex: pushgateway
       - job_name: 'kubernetes-services'
+
         metrics_path: /probe
-        params: |
+        params:
           module: [http_2xx]
-        kubernetes_sd_configs: |
+
+        kubernetes_sd_configs:
           - role: service
-        relabel_configs: |
+
+        relabel_configs:
           - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_probe]
             action: keep
-            regex: 'true'
+            regex: true
           - source_labels: [__address__]
             target_label: __param_target
           - target_label: __address__
@@ -113,17 +126,25 @@ serverFiles: |
             target_label: kubernetes_namespace
           - source_labels: [__meta_kubernetes_service_name]
             target_label: kubernetes_name
+
       - job_name: 'kubernetes-pods'
+
         kubernetes_sd_configs:
           - role: pod
+
         relabel_configs:
           - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
             action: keep
-            regex: 'true'
+            regex: true
           - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
             action: replace
             target_label: __metrics_path__
             regex: (.+)
+          - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
+            action: replace
+            regex: (.+):(?:\d+);(\d+)
+            replacement: ${1}:${2}
+            target_label: __address__
           - action: labelmap
             regex: __meta_kubernetes_pod_label_(.+)
           - source_labels: [__meta_kubernetes_namespace]