Cloud Integration Update (#3055) (#3063)

* add support for defining cloud integration contents in values
* fix aws cloud cost

---------

Signed-off-by: chipzoller <[email protected]>
Co-authored-by: Chip Zoller <[email protected]>
Co-authored-by: jesse goodier <[email protected]>

cost-analyzer/templates/NOTES.txt

@@ -1,5 +1,6 @@
 --------------------------------------------------
 {{- include "kubecostV2-preconditions" . -}}
+{{- include "cloudIntegrationSourceCheck" . -}}
 {{- include "eksCheck" . -}}
 {{- include "cloudIntegrationSecretCheck" . -}}
 {{- $servicePort := .Values.service.port | default 9090 }}

cost-analyzer/templates/_helpers.tpl

@@ -93,6 +93,39 @@ Kubecost 2.0 preconditions
 
 {{- end -}}
 
+{{- define "cloudIntegrationFromProductConfigs" }}
+  {
+    "aws": [
+      {
+          "athenaBucketName": "{{ .Values.kubecostProductConfigs.athenaBucketName }}",
+          "athenaRegion": "{{ .Values.kubecostProductConfigs.athenaRegion }}",
+          "athenaDatabase": "{{ .Values.kubecostProductConfigs.athenaDatabase }}",
+          "athenaTable": "{{ .Values.kubecostProductConfigs.athenaTable }}",
+          "projectID": "{{ .Values.kubecostProductConfigs.athenaProjectID }}"
+          {{- if and ((.Values.kubecostProductConfigs).awsServiceKeyName) ((.Values.kubecostProductConfigs).awsServiceKeyPassword) }},
+          "serviceKeyName": "{{ .Values.kubecostProductConfigs.awsServiceKeyName }}",
+          "serviceKeySecret": "{{ .Values.kubecostProductConfigs.awsServiceKeyPassword }}"
+          {{- end }}
+      }
+    ]
+  }
+{{- end }}
+
+{{/*
+Cloud integration source contents check. Either the Secret must be specified or the JSON, not both.
+Additionally, for upgrade protection, certain individual values populated under the kubecostProductConfigs map, if found,
+will result in failure. Users are asked to select one of the two presently-available sources for cloud integration information.
+*/}}
+{{- define "cloudIntegrationSourceCheck" -}}
+  {{- if and (.Values.kubecostProductConfigs).cloudIntegrationSecret (.Values.kubecostProductConfigs).cloudIntegrationJSON -}}
+    {{- fail "\ncloudIntegrationSecret and cloudIntegrationJSON are mutually exclusive. Please specify only one." -}}
+  {{- end -}}
+{{- if and (.Values.kubecostProductConfigs).cloudIntegrationSecret ((.Values.kubecostProductConfigs).athenaProjectID) }}
+    {{- fail "\nUsing a cloud-integration secret and kubecostProductConfigs.athena* values are mutually exclusive. Please specifiy only one." -}}
+  {{- end -}}
+{{- end -}}
+
+
 {{/*
 Print a warning if PV is enabled AND EKS is detected AND the EBS-CSI driver is not installed
 */}}
@@ -1005,7 +1038,7 @@ Begin Kubecost 2.0 templates
       mountPath: /var/configs/etl
       readOnly: true
   {{- end }}
-  {{- if (.Values.kubecostProductConfigs).cloudIntegrationSecret }}
+  {{- if or (.Values.kubecostProductConfigs).cloudIntegrationSecret (.Values.kubecostProductConfigs).cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaProjectID) }}
     - name: cloud-integration
       mountPath: /var/configs/cloud-integration
   {{- end }}

cost-analyzer/templates/aggregator-cloud-cost-deployment.yaml

@@ -3,7 +3,7 @@
 {{/*
   A cloud integration secret is required for cloud cost to function as a dedicated pod.
 */}}
-{{- if (.Values.kubecostProductConfigs).cloudIntegrationSecret }}
+{{- if or (.Values.kubecostProductConfigs).cloudIntegrationSecret (.Values.kubecostProductConfigs).cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaProjectID) }}
 
 apiVersion: apps/v1
 kind: Deployment
@@ -51,12 +51,21 @@ spec:
             defaultMode: 420
             secretName: {{ .Values.kubecostModel.federatedStorageConfigSecret }}
         {{- end }}
+        {{- if .Values.kubecostProductConfigs.cloudIntegrationSecret }}
         - name: cloud-integration
           secret:
             secretName: {{ .Values.kubecostProductConfigs.cloudIntegrationSecret }}
             items:
               - key: cloud-integration.json
                 path: cloud-integration.json
+        {{- else if or .Values.kubecostProductConfigs.cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaProjectID) }}
+        - name: cloud-integration
+          secret:
+            secretName: cloud-integration
+            items:
+              - key: cloud-integration.json
+                path: cloud-integration.json
+        {{- end }}
         {{/* Titled persistent-configs to be compatible with single-pod install.
         All data stored here is ephemeral, and does not require a PV. */}}
         - name: persistent-configs

cost-analyzer/templates/cloud-integration-secret.yaml

@@ -0,0 +1,16 @@
+{{- if or ((.Values.kubecostProductConfigs).cloudIntegrationJSON) ((.Values.kubecostProductConfigs).athenaProjectID) }}
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: cloud-integration
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "cost-analyzer.commonLabels" . | nindent 4 }}
+data:
+  {{- if (.Values.kubecostProductConfigs).cloudIntegrationJSON }}
+  cloud-integration.json: {{ .Values.kubecostProductConfigs.cloudIntegrationJSON | replace "\n" "" | b64enc }}
+    {{- else }}
+  cloud-integration.json: {{ include "cloudIntegrationFromProductConfigs" . |nindent 4| replace "\n" "" | b64enc }}
+  {{- end }}
+{{- end -}}

cost-analyzer/templates/cost-analyzer-deployment-template.yaml

@@ -158,6 +158,13 @@ spec:
             items:
               - key: cloud-integration.json
                 path: cloud-integration.json
+        {{- else if or .Values.kubecostProductConfigs.cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaProjectID) }}
+        - name: cloud-integration
+          secret:
+            secretName: cloud-integration
+            items:
+              - key: cloud-integration.json
+                path: cloud-integration.json
         {{- end }}
         {{- if .Values.kubecostProductConfigs.clusters }}
         - name: kubecost-clusters
@@ -553,7 +560,7 @@ spec:
             - name: azure-storage-config
               mountPath: /var/azure-storage-config
             {{- end }}
-            {{- if .Values.kubecostProductConfigs.cloudIntegrationSecret }}
+            {{- if or (.Values.kubecostProductConfigs.cloudIntegrationSecret) (.Values.kubecostProductConfigs.cloudIntegrationJSON) }}
             - name: cloud-integration
               mountPath: /var/configs/cloud-integration
             {{- end }}

cost-analyzer/templates/kubecost-metrics-deployment-template.yaml

@@ -106,6 +106,13 @@ spec:
             items:
               - key: cloud-integration.json
                 path: cloud-integration.json
+        {{- else if or .Values.kubecostProductConfigs.cloudIntegrationJSON  ((.Values.kubecostProductConfigs).athenaProjectID) }}
+        - name: cloud-integration
+          secret:
+            secretName: cloud-integration
+            items:
+              - key: cloud-integration.json
+                path: cloud-integration.json
         {{- end }}
         {{- end }}
         - name: persistent-configs
@@ -190,7 +197,7 @@ spec:
             - name: azure-storage-config
               mountPath: /var/azure-storage-config
             {{- end }}
-            {{- if .Values.kubecostProductConfigs.cloudIntegrationSecret }}
+            {{- if or (.Values.kubecostProductConfigs.cloudIntegrationSecret) (.Values.kubecostProductConfigs.cloudIntegrationJSON) ((.Values.kubecostProductConfigs).athenaProjectID) }}
             - name: cloud-integration
               mountPath: /var/configs/cloud-integration
             {{- end }}