wiegee
/
keptn-terraform
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

first commit

main
ermisw 2023-11-22 09:18:34 +01:00
commit 123a9e79ad
21 changed files with 1030 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
.gitignore vendored Normal file
View File

@ -0,0 +1,33 @@
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
*.tfplan
# Crash log files
crash.log
# Exclude all .tfvars files, which are likely to contain sentitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
*.tfvars
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Ignore CLI configuration files
.terraformrc
terraform.rc
.env
venv
.helm

83
.terraform.lock.hcl Normal file
View File

@ -0,0 +1,83 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/aws" {
version = "5.7.0"
constraints = "~> 5.7.0"
hashes = [
"h1:SReCEKB29vK0duwz7Pk2bSCa2M2BqvtlFwS9Bqs3ADw=",
"zh:03240d7fc041d5331db7fd5f2ca4fe031321d07d2a6ca27085c5020dae13f211",
"zh:0b5252b14c354636fe0348823195dd901b457de1a033015f4a7d11cfe998c766",
"zh:2bfb62325b0487be8d1850a964f09cca0d45148faec577459c2a24334ec9977b",
"zh:2f9e317ffc57d2b5117cfe8dc266f88aa139b760bc93d8adeed7ad533a78b5a3",
"zh:36512725c9d7c559927b98fead04be58494a3a997e5270b905a75a468e307427",
"zh:5483e696d3ea764f746d3fe439f7dcc49001c3c774122d7baa51ce01011f0075",
"zh:5967635cc14f969ea26622863a2e3f9d6a7ddd3e7d35a29a7275c5e10579ac8c",
"zh:7e63c94a64af5b7aeb36ea6e3719962f65a7c28074532c02549a67212d410bb8",
"zh:8a7d5f33b11a3f5c7281413b431fa85de149ed8493ec1eea73d50d2d80a475e6",
"zh:8e2ed2d986aaf590975a79a2f6b5e60e0dc7d804ab01a8c03ab181e41cfe9b0f",
"zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
"zh:9c7b8ca1b17489f16a6d0f1fc2aa9c130978ea74c9c861d8435410567a0a888f",
"zh:a54385896a70524063f0c5420be26ff6f88909bd8e6902dd3e922577b21fd546",
"zh:aecd3a8fb70b938b58d93459bfb311540fd6aaf981924bf34abd48f953b4be0d",
"zh:f3de076fa3402768d27af0187c6a677777b47691d1f0f84c9b259ff66e65953e",
]
}
provider "registry.terraform.io/hashicorp/external" {
version = "2.3.1"
hashes = [
"h1:0/VG+zmBcGhAof8g5k9R7HYyotYs6KPqnQKnz6XBiAg=",
"zh:001e2886dc81fc98cf17cf34c0d53cb2dae1e869464792576e11b0f34ee92f54",
"zh:2eeac58dd75b1abdf91945ac4284c9ccb2bfb17fa9bdb5f5d408148ff553b3ee",
"zh:2fc39079ba61411a737df2908942e6970cb67ed2f4fb19090cd44ce2082903dd",
"zh:472a71c624952cff7aa98a7b967f6c7bb53153dbd2b8f356ceb286e6743bb4e2",
"zh:4cff06d31272aac8bc35e9b7faec42cf4554cbcbae1092eaab6ab7f643c215d9",
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
"zh:7ed16ccd2049fa089616b98c0bd57219f407958f318f3c697843e2397ddf70df",
"zh:842696362c92bf2645eb85c739410fd51376be6c488733efae44f4ce688da50e",
"zh:8985129f2eccfd7f1841ce06f3bf2bbede6352ec9e9f926fbaa6b1a05313b326",
"zh:a5f0602d8ec991a5411ef42f872aa90f6347e93886ce67905c53cfea37278e05",
"zh:bf4ab82cbe5256dcef16949973bf6aa1a98c2c73a98d6a44ee7bc40809d002b8",
"zh:e70770be62aa70198fa899526d671643ff99eecf265bf1a50e798fc3480bd417",
]
}
provider "registry.terraform.io/hashicorp/helm" {
version = "2.11.0"
constraints = "2.11.0"
hashes = [
"h1:l+2Ni3UyoFRxyvxRblPQQYck1/iFmZKFy/UcI3ZRtjg=",
"zh:013857c88f3e19a4b162344e21dc51891c4ac8b600da8391f7fb2b6d234961e1",
"zh:044fffa233a93cdcf8384afbe9e1ab6c9d0b5b176cbae56ff465eb9611302975",
"zh:208b7cdd4fa3a1b25ae817dc00a9198ef98be0ddc3a577b5b72bc0f006afb997",
"zh:3e8b33f56cfe387277572a92037a1ca1cbe4e3aa6b5c19a8c2431193b07f7865",
"zh:7dd663d5619bd71676899b05b19d36f585189fdabc6b0b03c23579524a8fd9bf",
"zh:ae5329cb3e5bf0b86b02e823aac3ef3bd0d4b1618ff013cd0076dca0be8322e4",
"zh:ba6201695b55d51bedacdb017cb8d03d7a8ada51d0168ac44fef3fa791a85ab4",
"zh:c61285c8b1ba10f50cf94c9dcf98f2f3b720f14906a18be71b9b422279b5d806",
"zh:d522d388246f38b9f329c511ec579b516d212670b954f9dab64efb27e51862af",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
"zh:f92546e26b670da61437ae2cbd038427c9374ce5f7a78df52193397da90bd997",
"zh:f9ad1407e5c0d5e3474094491025bf100828e8c1a01acdf9591d7dd1eb59f961",
]
}
provider "registry.terraform.io/hashicorp/kubernetes" {
version = "2.23.0"
hashes = [
"h1:S0dS3oy5c6ma2JUzpbtO45wb5iSCJdFFiUDf/t99tws=",
"zh:10488a12525ed674359585f83e3ee5e74818b5c98e033798351678b21b2f7d89",
"zh:1102ba5ca1a595f880e67102bbf999cc8b60203272a078a5b1e896d173f3f34b",
"zh:1347cf958ed3f3f80b3c7b3e23ddda3d6c6573a81847a8ee92b7df231c238bf6",
"zh:2cb18e9f5156bc1b1ee6bc580a709f7c2737d142722948f4a6c3c8efe757fa8d",
"zh:5506aa6f28dcca2a265ccf8e34478b5ec2cb43b867fe6d93b0158f01590fdadd",
"zh:6217a20686b631b1dcb448ee4bc795747ebc61b56fbe97a1ad51f375ebb0d996",
"zh:8accf916c00579c22806cb771e8909b349ffb7eb29d9c5468d0a3f3166c7a84a",
"zh:9379b0b54a0fa030b19c7b9356708ec8489e194c3b5e978df2d31368563308e5",
"zh:aa99c580890691036c2931841e88e7ee80d59ae52289c8c2c28ea0ac23e31520",
"zh:c57376d169875990ac68664d227fb69cd0037b92d0eba6921d757c3fd1879080",
"zh:e6068e3f94f6943b5586557b73f109debe19d1a75ca9273a681d22d1ce066579",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

1
INPUT.TXT Normal file
View File

@ -0,0 +1 @@
{"namespace":"keptn","name":"bridge-credentials","key":"BASIC_AUTH_USERNAME","context":"arn:aws:eks:us-west-2:277980527364:cluster/xOps"}

91
dynatrace-service.tf Normal file
View File

@ -0,0 +1,91 @@
resource "helm_release" "dynatrace-service" {
name = "dynatrace-service"
chart = "./dynatrace-service"
namespace = var.KEPTN_NAMESPACE
timeout = 500
set {
name = "tolerations[0].key"
value = "dedicated"
}
set {
name = "tolerations[0].value"
value = "group2"
}
set {
name = "tolerations[0].operator"
value = "Equal"
}
set {
name = "tolerations[0].effect"
value = "NoSchedule"
}
set {
name = "nodeSelector.role"
value = "group2"
}
set {
name = "dynatraceService.config.keptnApiUrl"
value = "https://keptn.nttdata-xlabs.com/api"
}
set {
name = "dynatraceService.config.keptnBridgeUrl"
value = "https://keptn.nttdata-xlabs.com/bridge"
}
set {
name = "dynatraceService.config.logLevel"
value = "debug"
}
depends_on = [
helm_release.keptn
]
}
# resource "null_resource" "kubectl" {
# provisioner "local-exec" {
# command = "kubectl -n keptn get secret bridge-credentials -o jsonpath={.data.BASIC_AUTH_USERNAME}"
# # interpreter = ["/bin/bash", "-c"]environment = {
# # KUBECONFIG = base64encode(var.kubeconfig)
# }
# }
# resource "kubernetes_secret" "bridge" {
# metadata {
# name = "bridge-credentials"
# namespace = "keptn"
# }
# }
# output "bridge" {
# value = kubernetes_secret.bridge.data.BASIC_AUTH_USERNAME
# }
resource "kubernetes_secret" "dynatrace-service" {
metadata {
name = "dynatrace-service"
namespace=var.KEPTN_NAMESPACE
labels = {
"app.kubernetes.io/scope"="dynatrace-service"
}
#scope="dynatrace-service"
}
data = {
DT_API_TOKEN = var.DT_API_TOKEN
DT_TENANT = var.DT_TENANT
}
depends_on = [
helm_release.keptn
]
}

23
dynatrace-service/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

6
dynatrace-service/Chart.yaml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: v2
appVersion: 0.27.1
description: Helm Chart for the keptn-contrib dynatrace-service
name: dynatrace-service
type: application
version: 0.27.1

46
dynatrace-service/README.md Normal file
View File

@ -0,0 +1,46 @@
Dynatrace-service
===========
Helm Chart for the *keptn-contrib* *dynatrace-service*
## Configuration
The following table lists the configurable parameters of the *dynatrace-service* chart and their default values.
| Parameter | Description | Default |
| ------------------------ | ----------------------- | -------------- |
| `dynatraceService.image.repository` | Container image name | `"docker.io/keptncontrib/dynatrace-service"` |
| `dynatraceService.image.pullPolicy` | Kubernetes image pull policy | `"IfNotPresent"` |
| `dynatraceService.image.tag` | Container tag | `""` |
| `dynatraceService.service.enabled` | Creates a kubernetes service for the *dynatrace-service* | `true` |
| `dynatraceService.config.generateTaggingRules` | Generate Tagging Rules in Dynatrace Tenant | `false` |
| `dynatraceService.config.generateProblemNotifications` | Generate Problem Notifications in Dynatrace Tenant | `false` |
| `dynatraceService.config.generateManagementZones` | Generate Management Zones in Dynatrace Tenant | `false` |
| `dynatraceService.config.generateDashboards` | Generate Dashboards in Dynatrace Tenant | `false` |
| `dynatraceService.config.generateMetricEvents` | Generate Metric Events in Dynatrace Tenant | `false` |
| `dynatraceService.config.synchronizeDynatraceServices` | Synchronize Service Entities between Dynatrace and Keptn | `true` |
| `dynatraceService.config.synchronizeDynatraceServicesIntervalSeconds` | Synchronization Interval | `300` |
| `dynatraceService.config.httpSSLVerify` | Verify HTTPS SSL certificates | `true` |
| `dynatraceService.config.httpProxy` | Proxy for HTTP requests | `""` |
| `dynatraceService.config.httpsProxy` | Proxy for HTTPS requests | `""` |
| `dynatraceService.config.noProxy` | Proxy exceptions for HTTP and HTTPS requests | `""` |
| `dynatraceService.config.logLevel`| Minimum log level to log | `info` |
| `imagePullSecrets` | Secrets to use for container registry credentials | `[]` |
| `serviceAccount.create` | Enables the service account creation | `true` |
| `serviceAccount.annotations` | Annotations to add to the service account | `{}` |
| `podAnnotations` | Annotations to add to the created pods | `{}` |
| `podSecurityContext` | Set the pod security context (e.g. `fsgroups`) | `{}` |
| `securityContext` | Set the security context (e.g. `runasuser`) | `{}` |
| `resources` | Resource limits and requests | `{}` |
| `nodeSelector` | Node selector configuration | `{}` |
| `tolerations` | Tolerations for the pods | `[]` |
| `affinity` | Affinity rules | `{}` |
| `terminationGracePeriodSeconds` | Termination grace period (in seconds) | `30` |
| `workGracePeriodSeconds` | Seconds allocated to completing work in the event of a graceful shutdown | `20` |
| `replyGracePeriodSeconds` | Seconds allocated to replying in the event of a graceful shutdown | `5` |

52
dynatrace-service/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,52 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "dynatrace-service.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "dynatrace-service.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "dynatrace-service.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "dynatrace-service.labels" -}}
dynatrace-sli.sh/chart: {{ include "dynatrace-service.chart" . }}
{{ include "dynatrace-service.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "dynatrace-service.selectorLabels" -}}
app.kubernetes.io/name: {{ include "dynatrace-service.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

160
dynatrace-service/templates/deployment.yaml Normal file
View File

@ -0,0 +1,160 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "dynatrace-service.fullname" . }}
labels:
{{- include "dynatrace-service.labels" . | nindent 4 }}
spec:
replicas: 1
selector:
matchLabels:
{{- include "dynatrace-service.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "dynatrace-service.labels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: dynatrace-service
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: dynatrace-service
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
{{- if .Values.image }}
image: {{ .Values.image }} # use image from .Values.image (e.g., when starting via skaffold)
{{- else }}
image: "{{ .Values.dynatraceService.image.repository }}:{{ .Values.dynatraceService.image.tag | default .Chart.AppVersion }}"
{{ end }}
imagePullPolicy: {{ .Values.dynatraceService.image.pullPolicy }}
ports:
- containerPort: 80
env:
- name: DATASTORE
value: ''
- name: RESOURCE_SERVICE
value: ''
- name: SHIPYARD_CONTROLLER
value: ''
- name: K8S_DEPLOYMENT_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: 'metadata.labels[''app.kubernetes.io/name'']'
- name: K8S_DEPLOYMENT_VERSION
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: 'metadata.labels[''app.kubernetes.io/version'']'
- name: K8S_DEPLOYMENT_COMPONENT
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: 'metadata.labels[''app.kubernetes.io/component'']'
- name: K8S_NAMESPACE
{{- if .Values.distributor.metadata.namespace }}
value: {{ .Values.distributor.metadata.namespace }}
{{- else }}
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
{{- end }}
- name: K8S_NODE_NAME
{{- if .Values.distributor.metadata.hostname }}
value: {{ .Values.distributor.metadata.hostname }}
{{- else }}
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
{{- end }}
- name: K8S_POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: GENERATE_TAGGING_RULES
value: '{{ .Values.dynatraceService.config.generateTaggingRules }}'
- name: GENERATE_PROBLEM_NOTIFICATIONS
value: '{{ .Values.dynatraceService.config.generateProblemNotifications }}'
- name: GENERATE_MANAGEMENT_ZONES
value: '{{ .Values.dynatraceService.config.generateManagementZones }}'
- name: GENERATE_DASHBOARDS
value: '{{ .Values.dynatraceService.config.generateDashboards }}'
- name: GENERATE_METRIC_EVENTS
value: '{{ .Values.dynatraceService.config.generateMetricEvents }}'
- name: SYNCHRONIZE_DYNATRACE_SERVICES
value: '{{ .Values.dynatraceService.config.synchronizeDynatraceServices }}'
- name: SYNCHRONIZE_DYNATRACE_SERVICES_INTERVAL_SECONDS
value: '{{ .Values.dynatraceService.config.synchronizeDynatraceServicesIntervalSeconds }}'
- name: HTTP_SSL_VERIFY
value: '{{ .Values.dynatraceService.config.httpSSLVerify }}'
- name: HTTP_PROXY
value: '{{ .Values.dynatraceService.config.httpProxy }}'
- name: HTTPS_PROXY
value: '{{ .Values.dynatraceService.config.httpsProxy }}'
- name: NO_PROXY
value: '{{ .Values.dynatraceService.config.noProxy }}'
- name: LOG_LEVEL_DYNATRACE_SERVICE
value: '{{ .Values.dynatraceService.config.logLevel }}'
- name: KEPTN_API_URL
value: '{{ .Values.dynatraceService.config.keptnApiUrl }}'
- name: KEPTN_BRIDGE_URL
value: '{{ .Values.dynatraceService.config.keptnBridgeUrl }}'
- name: KEPTN_API_TOKEN
valueFrom:
secretKeyRef:
name: keptn-api-token
key: keptn-api-token
- name: WORK_GRACE_PERIOD_SECONDS
value: '{{ .Values.workGracePeriodSeconds }}'
- name: REPLY_GRACE_PERIOD_SECONDS
value: '{{ .Values.replyGracePeriodSeconds }}'
- name: SKIP_LOWERCASE_SLI_NAMES
value: '{{ .Values.dynatraceService.config.skipLowercaseSLINames | default false }}'
- name: SKIP_INCLUDE_SLO_DISPLAY_NAMES
value: '{{ .Values.dynatraceService.config.skipIncludeSLODisplayNames | default false }}'
- name: SKIP_CHECK_DUPLICATE_SLI_AND_DISPLAY_NAMES
value: '{{ .Values.dynatraceService.config.skipCheckDuplicateSLIAndDisplayNames | default false }}'
livenessProbe:
httpGet:
path: /health
port: 8070
initialDelaySeconds: 0
periodSeconds: 5
readinessProbe:
httpGet:
path: /ready
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

15
dynatrace-service/templates/service.yaml Normal file
View File

@ -0,0 +1,15 @@
{{- if .Values.dynatraceService.service.enabled -}}
apiVersion: v1
kind: Service
metadata:
name: {{ include "dynatrace-service.fullname" . }}
labels:
{{- include "dynatrace-service.labels" . | nindent 4 }}
spec:
type: ClusterIP
ports:
- port: 8080
protocol: TCP
selector:
{{- include "dynatrace-service.selectorLabels" . | nindent 4 }}
{{- end }}

10
dynatrace-service/templates/serviceaccount.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynatrace-service
labels:
{{- include "dynatrace-service.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}

82
dynatrace-service/values.schema.json Normal file
View File

@ -0,0 +1,82 @@
{
"$schema": "http://json-schema.org/draft-07/schema",
"properties": {
"dynatraceService": {
"type": "object",
"required": [
"image"
],
"properties": {
"image": {
"properties": {
"repository": {
"pattern": "^[a-z0-9][a-z0-9-./]{0,511}$"
},
"pullPolicy": {
"enum": [
"IfNotPresent",
"Always"
]
}
}
},
"service": {
"properties": {
"enabled": {
"type": "boolean"
}
}
},
"config": {
"properties": {
"generateTaggingRules": {
"type": "boolean"
},
"generateProblemNotifications": {
"type": "boolean"
},
"generateManagementZones": {
"type": "boolean"
},
"generateDashboards": {
"type": "boolean"
},
"generateMetricEvents": {
"type": "boolean"
},
"synchronizeDynatraceServices": {
"type": "boolean"
},
"synchronizeDynatraceServicesIntervalSeconds": {
"type": "integer"
},
"httpSSLVerify": {
"type": "boolean"
},
"httpProxy": {
"type": "string"
},
"httpsProxy": {
"type": "string"
},
"noProxy": {
"type": "string"
},
"logLevel": {
"type": "string"
}
}
}
}
},
"terminationGracePeriodSeconds": {
"type": "integer"
},
"workGracePeriodSeconds": {
"type": "integer"
},
"replyGracePeriodSeconds": {
"type": "integer"
}
}
}

68
dynatrace-service/values.yaml Normal file
View File

@ -0,0 +1,68 @@
dynatraceService:
image:
repository: docker.io/keptncontrib/dynatrace-service # Container Image Name
pullPolicy: IfNotPresent # Kubernetes Image Pull Policy
tag: "" # Container Tag
service:
enabled: true # Creates a Kubernetes Service for the dynatrace-service
config:
generateTaggingRules: true # Generate Tagging Rules in Dynatrace Tenant
generateProblemNotifications: true # Generate Problem Notifications in Dynatrace Tenant
generateManagementZones: true # Generate Management Zones in Dynatrace Tenant
generateDashboards: true # Generate Dashboards in Dynatrace Tenant
generateMetricEvents: true # Generate Metric Events in Dynatrace Tenant
synchronizeDynatraceServices: true # Synchronize Service Entities between Dynatrace and Keptn
synchronizeDynatraceServicesIntervalSeconds: 60 # Synchronization Interval
httpSSLVerify: true # Verify HTTPS SSL certificates
httpProxy: "" # Proxy for HTTP requests
httpsProxy: "" # Proxy for HTTPS requests
noProxy: "" # Proxy exceptions for HTTP and HTTPS requests
logLevel: "info" # Minimum log level to log
keptnApiUrl: "" # URL of keptn API
keptnBridgeUrl: "" # URL of keptn bridge
skipLowercaseSLINames: false # Skip to apply a lower-case operation on SLI names
skipIncludeSLODisplayNames: false # Skip to include display names for SLO files produced by dynatrace-service
skipCheckDuplicateSLIAndDisplayNames: false # Skip check for duplicate SLI and display names in dashboard use-case
imagePullSecrets: [ ] # Secrets to use for container registry credentials
serviceAccount:
create: true # Enables the service account creation
annotations: { } # Annotations to add to the service account
podAnnotations: { } # Annotations to add to the created pods
podSecurityContext: # Set the pod security context (e.g. fsGroups)
fsGroup: 65532
securityContext: # Set the security context (e.g. runAsUser)
runAsNonRoot: true
runAsUser: 65532
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
privileged: false
seccompProfile:
type: RuntimeDefault
distributor:
metadata:
hostname: "" # Sets the hostname sent by the distributor to the control-plane
namespace: "" # Sets the namespace sent by the distributor to the control-plane
resources: # Set resources limits and requests
limits:
cpu: 128m
memory: 200Mi
requests:
cpu: 32m
memory: 50Mi
nodeSelector: { } # Node selector configuration
tolerations: [ ] # Tolerations for the pods
affinity: { } # Affinity rules
terminationGracePeriodSeconds: 30 # Pod termination grace period in seconds
workGracePeriodSeconds: 20 # Seconds allocated to completing work in the event of a graceful shutdown
replyGracePeriodSeconds: 5 # Seconds allocated to replying in the event of a graceful shutdown

48
jenkinsfile Normal file
View File

@ -0,0 +1,48 @@
pipeline {
agent {
label 'terraform-slave'
}
environment {
TF_VAR_KEPTN_NAMESPACE="keptn"
TF_VAR_KEPTN_VERSION="1.4.0"
TF_VAR_KEPTN_DOMAIN="keptn.nttdata-xlabs.com"
TF_VAR_DT_TENANT="https://elw69065.live.dynatrace.com"
TF_VAR_DT_API_TOKEN="dt0c01.N2PBLK767N76X77W4DKPZBW3.RPIRL6HTSX6OOPFB4REGWBQEN62LYYVYYR3O5VAWGFW37OVXKB4G6ZQUHPL33LMP"
}
// parameters {
// booleanParam(name: 'refresh', defaultValue: false, description: 'Refresh pipeline properties')
// }
stages {
// stage('Refresh properties') {
// steps {
// script {
// if (Refresh) {
// currentBuild.result = 'ABORTED'
// error('Stopping early…')
// }
// }
// }
// }
stage('TF Plan') {
steps {
container('terraform') {
withCredentials([[
$class: 'AmazonWebServicesCredentialsBinding',
credentialsId: "f89b3f7d-23ec-42b9-9687-e4acf01d7507",
accessKeyVariable: 'AWS_ACCESS_KEY_ID',
secretKeyVariable: 'AWS_SECRET_ACCESS_KEY']]) {
sh 'terraform version'
sh 'terraform init -backend-config="key=keptn-demo"'
sh 'terraform get'
sh 'terraform apply -auto-approve'
}
}
}
}
}
}

51
job-executer-service.tf Normal file
View File

@ -0,0 +1,51 @@
resource "helm_release" "job-executer-service" {
name = "job-executer-service"
chart = "https://github.com/keptn-contrib/job-executor-service/releases/download/0.3.0/job-executor-service-0.3.0.tgz"
namespace = var.KEPTN_NAMESPACE
timeout = 500
set {
name = "tolerations[0].key"
value = "dedicated"
}
set {
name = "tolerations[0].value"
value = "group2"
}
set {
name = "tolerations[0].operator"
value = "Equal"
}
set {
name = "tolerations[0].effect"
value = "NoSchedule"
}
set {
name = "nodeSelector.role"
value = "group2"
}
set {
name = "remoteControlPlane.api.hostname"
value = "api-gateway-nginx.keptn"
}
set {
name = "remoteControlPlane.api.token"
value = module.keptn-api-token.result
}
set {
name = "remoteControlPlane.topicSubscription"
value = "sh.keptn.event.deployment.triggered\\,sh.keptn.event.test.triggered\\,sh.keptn.event.action.triggered"
}
depends_on = [
helm_release.keptn,
module.keptn-api-token
]
}

114
keptn.tf Normal file
View File

@ -0,0 +1,114 @@
resource "helm_release" "keptn" {
name = "keptn"
repository = "https://charts.keptn.sh"
chart = "keptn"
namespace = var.KEPTN_NAMESPACE
timeout = 500
version = var.KEPTN_VERSION
create_namespace = true
set {
name = "tolerations[0].key"
value = "dedicated"
}
set {
name = "tolerations[0].value"
value = "group2"
}
set {
name = "tolerations[0].operator"
value = "Equal"
}
set {
name = "tolerations[0].effect"
value = "NoSchedule"
}
set {
name = "nodeSelector.role"
value = "group2"
}
set {
name ="ingress.enabled"
value = "true"
}
set {
name ="ingress.className"
value = "nginx"
}
set {
name ="ingress.path"
value = "/"
}
set {
name ="ingress.host"
value = var.KEPTN_DOMAIN
}
set {
name ="ingress.annotations.cert-manager\\.io/cluster-issuer"
value ="letsencrypt-prod"
}
set {
name = "ingress.tls[0].hosts[0]"
value = var.KEPTN_DOMAIN
}
set {
name = "ingress.tls[0].secretName"
value = "letsencrypt-prod"
}
}
module "keptn-bridge-userneame" {
source = "./terraform-kubernetes-get-secret"
namespace = "keptn"
name = "bridge-credentials"
key = "BASIC_AUTH_USERNAME"
context = var.k8S_CONTEXT
#context = "arn:aws:eks:us-west-2:277980527364:cluster/xOps"
depends_on = [
helm_release.keptn
]
}
module "keptn-bridge-pwd" {
source = "./terraform-kubernetes-get-secret"
namespace = "keptn"
name = "bridge-credentials"
key = "BASIC_AUTH_PASSWORD"
context = var.k8S_CONTEXT
#context = "arn:aws:eks:us-west-2:277980527364:cluster/xOps"
depends_on = [
helm_release.keptn
]
}
module "keptn-api-token" {
source = "./terraform-kubernetes-get-secret"
namespace = "keptn"
name = "keptn-api-token"
key = "keptn-api-token"
context = var.k8S_CONTEXT
#context = "arn:aws:eks:us-west-2:277980527364:cluster/xOps"
depends_on = [
helm_release.keptn
]
}

11
ouput.tf Normal file
View File

@ -0,0 +1,11 @@
output "Keptn_Bridge_Url" {
value = format("https://%s",var.KEPTN_DOMAIN)
}
output "Keptn_Bridge_USER" {
value = module.keptn-bridge-userneame.result
}
output "Keptn_Bridge_PWD" {
value = module.keptn-bridge-pwd.result
}

1
readme Normal file
View File

@ -0,0 +1 @@
terraform init -backend-config="key=keptn-sockshop"

80
terraform.tf Normal file
View File

@ -0,0 +1,80 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0
data "aws_eks_cluster" "xOps" {
name = var.CLUSTER_NAME
}
data "aws_eks_cluster_auth" "example" {
name = var.CLUSTER_NAME
}
terraform {
backend "s3" {
bucket = "terraform-xops-demos"
#key = var.DEMO_NAME
region = "us-west-2"
dynamodb_table = "terraform-xops-lock-state"
encrypt = true
}
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.7.0"
}
helm = {
version = "2.11.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = ">= 2.0.0"
}
# kubectl = {
# source = "gavinbunney/kubectl"
# version = ">= 1.7.0"
# }
}
required_version = "~> 1.3"
}
provider "aws" {
region = "us-west-2"
}
provider "helm" {
repository_config_path = "${path.module}/.helm/repositories.yaml"
repository_cache = "${path.module}/.helm"
kubernetes {
host = data.aws_eks_cluster.xOps.endpoint
cluster_ca_certificate = base64decode(data.aws_eks_cluster.xOps.certificate_authority[0].data)
token = data.aws_eks_cluster_auth.example.token
}
}
provider "kubernetes" {
# kubernetes {
host = data.aws_eks_cluster.xOps.endpoint
cluster_ca_certificate = base64decode(data.aws_eks_cluster.xOps.certificate_authority[0].data)
token = data.aws_eks_cluster_auth.example.token
# }
}
# provider "kubectl" {
# kubernetes {
# host = data.aws_eks_cluster.xOps.endpoint
# cluster_ca_certificate = base64decode(data.aws_eks_cluster.xOps.certificate_authority[0].data)
# token = data.aws_eks_cluster_auth.example.token
# }
# }

14
trace.log Normal file
View File

@ -0,0 +1,14 @@
Acquiring state lock. This may take a few moments...
module.keptn-bridge-userneame.data.external.secret-win[0]: Reading...
data.aws_eks_cluster_auth.example: Reading...
data.aws_eks_cluster_auth.example: Read complete after 0s [id=xOps]
data.aws_eks_cluster.xOps: Reading...
module.keptn-bridge-userneame.data.external.secret-win[0]: Still reading... [10s elapsed]
data.aws_eks_cluster.xOps: Read complete after 1s [id=xOps]
helm_release.keptn: Refreshing state... [id=keptn]
kubernetes_secret.dynatrace-service: Refreshing state... [id=keptn/dynatrace-service]
helm_release.dynatrace-service: Refreshing state... [id=dynatrace-service]
Planning failed. Terraform encountered an error while generating this plan.
Releasing state lock. This may take a few moments...

41
variables.tf Normal file
View File

@ -0,0 +1,41 @@
variable "KEPTN_VERSION" {
type = string
description = "Version Keptn"
default = "1.4.0"
}
variable "KEPTN_NAMESPACE" {
type = string
description = ""
default = "keptn"
}
variable "KEPTN_DOMAIN" {
type = string
description = "Version Keptn"
}
variable "CLUSTER_NAME" {
type = string
description = ""
default = "xOps"
}
variable "DT_TENANT" {
type = string
description = ""
default = "https://elw69065.live.dynatrace.com"
}
variable "DT_API_TOKEN" {
type = string
description = ""
}
variable "k8S_CONTEXT" {
type = string
description = ""
default=null
}