diff --git a/README.md b/README.md index 8031c1a..703098e 100644 --- a/README.md +++ b/README.md @@ -67,8 +67,8 @@ The first example shows how to deploy the metric exporter with TLS encryption. T certification will be skipped by Prometheus. > [!WARNING] -> A TLS secret with the name `prometheus-postgresql-exporter-http` containing a `ca.crt`, `tls.key` and `tls.crt` is -> already present. +> The secret `prometheus-postgresql-exporter-http` containing the TLS certificate is already present. The keys `ca.crt`, +> `tls.key` and `tls.crt` of the secret can be mounted into the container filesystem for TLS authentication / encryption. ```bash helm install prometheus-exporters/prometheus-postgres-exporter prometheus-postgres-exporter \ diff --git a/templates/prometheus-postgres-exporter/_deployment.tpl b/templates/prometheus-postgres-exporter/_deployment.tpl index 55da6a2..92b0798 100644 --- a/templates/prometheus-postgres-exporter/_deployment.tpl +++ b/templates/prometheus-postgres-exporter/_deployment.tpl @@ -50,10 +50,9 @@ {{- end }} {{/* volumeMounts */}} - {{- define "prometheus-postgres-exporter.deployment.volumeMounts" -}} {{- $volumeMounts := dict "volumeMounts" (.Values.deployment.postgresExporter.volumeMounts | default (list) ) }} -{{- $volumeMounts = merge $volumeMounts (dict "volumeMounts" (list (dict "name" "exporter-config" "mountPath" "/etc/prometheus-postgres-exporter/config.d" ))) }} +{{- $volumeMounts = merge $volumeMounts (dict "volumeMounts" (list (dict "name" "config.d" "mountPath" "/etc/prometheus-postgres-exporter/config.d" ))) }} {{ toYaml $volumeMounts }} {{- end -}} @@ -61,10 +60,18 @@ {{- define "prometheus-postgres-exporter.deployment.volumes" -}} {{- $volumes := dict "volumes" (.Values.deployment.volumes | default (list) ) }} -{{- $secretName := .Values.config.exporterConfig.existingSecret.secretName -}} -{{- if not .Values.config.exporterConfig.existingSecret.enabled }} + +{{- if and (not .Values.config.exporterConfig.existingSecret.enabled) (not .Values.config.webConfig.existingSecret.enabled) (not .Values.config.webConfig.secret.webConfig) }} {{- $secretName = printf "%s-exporter-config" (include "prometheus-postgres-exporter.fullname" . ) }} +{{- $volumes = merge $volumes (dict "volumes" (list (dict "name" "config.d" "secret" (dict "secretName" $secretName)))) }} +{{- end }} + +{{- if and (not .Values.config.exporterConfig.existingSecret.enabled) (or .Values.config.webConfig.existingSecret.enabled .Values.config.webConfig.secret.webConfig) }} +{{- $exporterConfigSecretName = .Values.config.exporterConfig.existingSecret.secretName }} +{{- $webConfigSecretName = .Values.config.webConfig.existingSecret.secretName }} + +{{- if -}} + {{- end }} -{{- $volumes = merge $volumes (dict "volumes" (list (dict "name" "exporter-config" "secret" (dict "secretName" $secretName)))) }} {{ toYaml $volumes }} {{- end -}} \ No newline at end of file diff --git a/templates/prometheus-postgres-exporter/deployment.yaml b/templates/prometheus-postgres-exporter/deployment.yaml index 60b3390..b97faa5 100644 --- a/templates/prometheus-postgres-exporter/deployment.yaml +++ b/templates/prometheus-postgres-exporter/deployment.yaml @@ -23,7 +23,12 @@ spec: containers: - name: postgres-exporter args: + {{- if or .Values.config.exporterConfig.existingSecret.enabled .Values.config.exporterConfig.secret.exporterConfig }} - "--config.file=/etc/prometheus-postgres-exporter/config.d/exporterConfig.yaml" + {{- end }} + {{- if or .Values.config.webConfig.existingSecret.enabled .Values.config.webConfig.secret.webConfig }} + - "--web.config.file=/etc/prometheus-postgres-exporter/config.d/webConfig.yaml" + {{- end }} - "--web.listen-address=:9187" {{- range .Values.deployment.postgresExporter.args }} - {{ . | quote }} diff --git a/unittests/deployment/deployment.yaml b/unittests/deployment/deployment.yaml index 8872f5f..34b5f8b 100644 --- a/unittests/deployment/deployment.yaml +++ b/unittests/deployment/deployment.yaml @@ -43,3 +43,82 @@ tests: content: secretRef: name: custom-database-secret + +- it: Test mount exporterConfig.yaml + set: + config.exporterConfig.existingSecret.enabled: false + config.exporterConfig.secret.exporterConfig: + foo: bar + asserts: + - equal: + path: spec.template.spec.containers[0].args + value: + - --config.file=/etc/prometheus-postgres-exporter/config.d/exporterConfig.yaml + - --web.listen-address=:9187 + - contains: + path: spec.template.spec.containers[0].volumeMounts + content: + mountPath: /etc/prometheus-postgres-exporter/config.d + name: config.d + - contains: + path: spec.template.spec.volumes + content: + name: config.d + secret: + secretName: prometheus-postgres-exporter-unittest-exporter-config + +- it: Test mount exporterConfig.yaml from secret + set: + config.exporterConfig.existingSecret.enabled: true + config.exporterConfig.existingSecret.secretName: my-secret + asserts: + - equal: + path: spec.template.spec.containers[0].args + value: + - --config.file=/etc/prometheus-postgres-exporter/config.d/exporterConfig.yaml + - --web.listen-address=:9187 + - contains: + path: spec.template.spec.containers[0].volumeMounts + content: + mountPath: /etc/prometheus-postgres-exporter/config.d + name: config.d + - contains: + path: spec.template.spec.volumes + content: + name: config.d + secret: + secretName: my-secret + +- it: Test mount webConfig.yaml + set: + config.webConfig.existingSecret.enabled: false + config.webConfig.secret.webConfig: + foo: bar + asserts: + - equal: + path: spec.template.spec.containers[0].args + value: + - --web.config.file=/etc/prometheus-postgres-exporter/config.d/webConfig.yaml + - --web.listen-address=:9187 + - contains: + path: spec.template.spec.containers[0].volumeMounts + content: + mountPath: /etc/prometheus-postgres-exporter/config.d + name: config.d + - contains: + path: spec.template.spec.volumes + content: + name: config.d + secret: + secretName: prometheus-postgres-exporter-unittest-web-config + +# - it: Test mount webConfig.yaml from secret +# set: +# config.webConfig.existingSecret.enabled: true +# config.webConfig.existingSecret.secretName: my-secret +# asserts: +# - equal: +# path: spec.template.spec.containers[0].args +# value: +# - --web.config.file=/etc/prometheus-postgres-exporter/config.d/webConfig.yaml +# - --web.listen-address=:9187 \ No newline at end of file