implement plugin support in helm chart (#180)

* implement plugin support in helm chart Signed-off-by: Alex Meijer <[email protected]> * added missing files Signed-off-by: Alex Meijer <[email protected]> * bump chart ver * fix CI * code review fixes * code review fixes * debugged --------- Signed-off-by: Alex Meijer <[email protected]>
opencost · Mar 8, 2024 · a2b2992 · a2b2992
1 parent aacbdeb
commit a2b2992
Show file tree

Hide file tree

Showing 5 changed files with 134 additions and 3 deletions.
diff --git a/charts/opencost/Chart.yaml b/charts/opencost/Chart.yaml
@@ -9,7 +9,7 @@ keywords:
   - finops
   - monitoring
   - opencost
-version: 1.30.0
+version: 1.31.0
 maintainers:
   - name: mattray
   - name: toscott

diff --git a/charts/opencost/templates/deployment.yaml b/charts/opencost/templates/deployment.yaml
@@ -46,6 +46,20 @@ spec:
       {{- with.Values.opencost.topologySpreadConstraints }}
       topologySpreadConstraints: {{- toYaml . | nindent 8 }}
       {{- end }}
+      {{- if (and .Values.plugins.enabled .Values.plugins.install.enabled )}}
+      initContainers:
+        - name: plugin-installer
+          image: {{ .Values.plugins.install.fullImageName }}
+          command: ["sh", "/install/install_plugins.sh"]
+      {{- with .Values.plugins.install.securityContext }}
+          securityContext: {{- toYaml . | nindent 12 }}
+      {{- end }}
+          volumeMounts:
+            - name: install-script
+              mountPath: /install
+            - name: plugins-dir
+              mountPath: {{ .Values.plugins.folder }}
+      {{- end }}
       containers:
         - name: {{ include "opencost.fullname" . }}
           {{- if .Values.opencost.exporter.image.fullImageName }}
@@ -93,6 +107,10 @@ spec:
           securityContext: {{- toYaml . | nindent 12 }}
           {{- end }}
           env:
+            - name: LOG_LEVEL
+              value: {{ .Values.loglevel }}
+            - name: CUSTOM_COST_ENABLED
+              value: {{ .Values.plugins.enabled | quote }}
             {{- if .Values.opencost.exporter.apiPort }}
             - name: API_PORT
               value: {{ .Values.opencost.exporter.apiPort | quote }}
@@ -185,8 +203,19 @@ spec:
             - name: {{ $key }}
               value: {{ $value | quote }}
             {{- end }}
-          {{- if or .Values.opencost.exporter.persistence.enabled .Values.opencost.exporter.extraVolumeMounts .Values.opencost.customPricing.enabled .Values.opencost.cloudIntegrationSecret}}
+          {{- if or .Values.plugins.enabled .Values.opencost.exporter.persistence.enabled .Values.opencost.exporter.extraVolumeMounts .Values.opencost.customPricing.enabled .Values.opencost.cloudIntegrationSecret}}
           volumeMounts:
+            {{- if .Values.plugins.enabled }} 
+            - mountPath: /opt/opencost/plugin
+              name: plugins-dir
+              readOnly: false
+            {{- range $key, $config := .Values.plugins.configs }}
+            - mountPath: /opt/opencost/plugin/config/{{$key}}_config.json
+              subPath: {{$key}}_config.json
+              name: plugins-config
+              readOnly: true
+            {{- end }}
+            {{- end }}
             {{- if .Values.opencost.exporter.persistence.enabled }}
             - mountPath: /mnt/export
               name: opencost-export
@@ -294,8 +323,20 @@ spec:
           {{- toYaml . | nindent 12 }}
           {{- end }}
         {{- end }}
-      {{- if or .Values.opencost.exporter.persistence.enabled .Values.extraVolumes .Values.opencost.customPricing.enabled .Values.opencost.cloudIntegrationSecret}}
+      {{- if or .Values.plugins.enabled .Values.opencost.exporter.persistence.enabled .Values.extraVolumes .Values.opencost.customPricing.enabled .Values.opencost.cloudIntegrationSecret}}
       volumes:
+        {{- if .Values.plugins.enabled  }}
+        {{- if .Values.plugins.install.enabled}}
+        - name: install-script
+          configMap:
+            name: {{ template "opencost.fullname" . }}-install-plugins
+        {{- end }}
+        - name: plugins-dir
+          emptyDir: {}
+        - name: plugins-config
+          secret:
+            secretName:  {{ template "opencost.fullname" . }}-plugins-config
+        {{- end }}
         {{- if .Values.opencost.customPricing.enabled }}
         - name: custom-configs
           configMap:

diff --git a/charts/opencost/templates/install-plugins.yaml b/charts/opencost/templates/install-plugins.yaml
@@ -0,0 +1,46 @@
+{{- if .Values.plugins.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "opencost.fullname" . }}-install-plugins
+  labels:
+    app: {{ template "opencost.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+  install_plugins.sh: |-
+    {{- if .Values.plugins.install.enabled }}
+      set -ex
+      rm -f {{ .Values.plugins.folder }}/bin/*
+      mkdir -p {{ .Values.plugins.folder }}/bin
+      cd {{ .Values.plugins.folder }}/bin
+      OSTYPE=$(cat /etc/os-release)
+      OS=''
+      case "$OSTYPE" in
+        *Linux*) OS='linux';;
+        *)         echo "$OSTYPE is unsupported" && exit 1 ;;
+      esac
+
+      UNAME_OUTPUT=$(uname -m)
+      ARCH=''
+      case "$UNAME_OUTPUT" in
+        *x86_64*) ARCH='amd64';;
+        *amd64*) ARCH='amd64';;
+        *aarch64*) ARCH='arm64';;
+        *arm64*) ARCH='arm64';;
+        *)         echo "$UNAME_OUTPUT is unsupported" && exit 1 ;;
+      esac
+
+      {{- if .Values.plugins.version  }}
+      VER={{ .Values.plugins.version | quote}}
+      {{- else }}
+      VER=$(curl --silent https://api.github.com/repos/opencost/opencost-plugins/releases/latest | grep ".tag_name" | awk -F\" '{print $4}')
+      {{- end }}
+
+      {{- range $pluginName, $config := .Values.plugins.configs }}
+      curl -fsSLO "https://github.com/opencost/opencost-plugins/releases/download/$VER/{{ $pluginName }}.ocplugin.$OS.$ARCH"
+      chmod a+rx "{{ $pluginName }}.ocplugin.$OS.$ARCH"
+      {{- end }}
+    {{- end }}
+{{- end }}
diff --git a/charts/opencost/templates/plugins-config.yaml b/charts/opencost/templates/plugins-config.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.plugins.enabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "opencost.fullname" . }}-plugins-config
+  labels:
+    app: {{ template "opencost.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+  {{- range $key, $config := .Values.plugins.configs }}
+  {{ $key }}_config.json:
+    {{ $config | b64enc | indent 4}}
+  {{- end }}
+{{- end }}
diff --git a/charts/opencost/values.yaml b/charts/opencost/values.yaml
@@ -5,6 +5,34 @@ fullnameOverride: ""
 # -- Override the deployment namespace
 namespaceOverride: ""
 
+loglevel: info
+
+plugins:
+  enabled: false
+  install:
+    enabled: true
+    fullImageName: curlimages/curl:latest
+    securityContext:
+      allowPrivilegeEscalation: false
+      seccompProfile:
+        type: RuntimeDefault
+      capabilities:
+        drop:
+        - ALL
+      readOnlyRootFilesystem: true
+      runAsNonRoot: true
+      runAsUser: 1000
+  folder: /opt/opencost/plugin
+  # leave this commented to always download most recent version of plugins
+  # version: <INSERT_SPECIFIC_PLUGINS_VERSION>
+  configs:
+    # datadog: |
+    #   {
+    #   "datadog_site": "<INSERT_DATADOG_SITE>",
+    #   "datadog_api_key": "<INSERT_DATADOG_API_KEY>",
+    #   "datadog_app_key": "<INSERT_DATADOG_APP_KEY>"
+    #   }
+
 # -- List of secret names to use for pulling the images
 imagePullSecrets: []