From 166357a2479bb60820f9e665e7ce111174132263 Mon Sep 17 00:00:00 2001
From: Arthur Bogin <arthur@viz.ai>
Date: Tue, 30 Jul 2024 13:49:57 +0300
Subject: [PATCH] Add Ingress for Alertmanager and Grafana

---
 apps/monitoring/templates/ingresses.yaml | 40 ++++++++++++++++++++++++
 apps/monitoring/templates/secrets.yaml   | 11 +++++++
 apps/monitoring/values.yaml              | 21 +++++++++++++
 3 files changed, 72 insertions(+)
 create mode 100644 apps/monitoring/templates/ingresses.yaml
 create mode 100644 apps/monitoring/templates/secrets.yaml

diff --git a/apps/monitoring/templates/ingresses.yaml b/apps/monitoring/templates/ingresses.yaml
new file mode 100644
index 00000000..6e2e2f35
--- /dev/null
+++ b/apps/monitoring/templates/ingresses.yaml
@@ -0,0 +1,40 @@
+{{ if .Values.ingresses }}
+{{ range .Values.ingresses }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ .name }}
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+  {{ if .ssl }}
+    cert-manager.io/cluster-issuer: letsencrypt
+  {{ end }}
+  {{ if .httpauth }}
+    nginx.ingress.kubernetes.io/auth-type: basic
+    nginx.ingress.kubernetes.io/auth-secret: {{ .httpauth.secretName | quote }}
+    nginx.ingress.kubernetes.io/auth-realm: {{ .httpauth.message | quote }}
+  {{ end }}
+  {{ if .permanentRedirect }}
+    nginx.ingress.kubernetes.io/permanent-redirect: {{ .permanentRedirect | quote }}
+  {{ end }}
+spec:
+  rules:
+  {{ range .rules }}
+  - host: {{ .host }}
+    http:
+      paths:
+      - backend:
+          serviceName: {{ .serviceName }}
+          servicePort: {{ .servicePort }}
+  {{ end }}
+  {{ if .ssl }}
+  tls:
+  - hosts:
+    {{ range .rules }}
+    - {{ .host }}
+    {{ end }}
+    secretName: {{ .name }}-cert
+  {{ end }}
+---
+{{ end }}
+{{ end }}
diff --git a/apps/monitoring/templates/secrets.yaml b/apps/monitoring/templates/secrets.yaml
new file mode 100644
index 00000000..1fa50f3c
--- /dev/null
+++ b/apps/monitoring/templates/secrets.yaml
@@ -0,0 +1,11 @@
+{{ if .Values.secrets }}
+{{ range .Values.secrets }}
+kind: Secret
+apiVersion: v1
+metadata:
+  name: {{ .name }}
+type: Opaque
+data: {{ toJson .data }}
+---
+{{ end }}
+{{ end }}
diff --git a/apps/monitoring/values.yaml b/apps/monitoring/values.yaml
index d63848d3..090618bc 100644
--- a/apps/monitoring/values.yaml
+++ b/apps/monitoring/values.yaml
@@ -25,6 +25,8 @@ kube-prometheus-stack:
     persistence:
       enabled: true
       storageClassName: nfs-client
+    admin:
+      existingSecret: "grafana-admin-password"
 
   prometheusOperator:
     resources:
@@ -43,3 +45,22 @@ kube-prometheus-stack:
           memory: 600Mi
         limits:
           memory: 1200Mi
+
+ingresses:
+  - name: alertmanager
+    ssl: true
+    rules:
+      - host: xxx
+        serviceName: http-web
+        servicePort: 3000
+  - name: grafana
+    ssl: true
+    rules:
+      - host: xxx
+        serviceName: http-web
+        servicePort: 9093
+
+secrets:
+  - name: grafana-admin-password
+    data:
+      GRAFANA_ADMIN_PASSWORD: "~vault:Projects/monitoring/k8s-secrets:GRAFANA_ADMIN_PASSWORD~"