fix: component vault keys & pod args

vshn · Jan 23, 2023 · f46edd2 · f46edd2
1 parent 91f3ce9
commit f46edd2
Show file tree

Hide file tree

Showing 9 changed files with 36 additions and 34 deletions.
diff --git a/component/class/defaults.yml b/component/class/defaults.yml
@@ -7,21 +7,21 @@ parameters:
       exoscale:
         credentials:
           stringData:
-            EXOSCALE_API_KEY: "?{vaultkv:${cluster:tenant}/${cluster:name}/exoscale-metrics-collector/${_instance}/exoscale-key}"
-            EXOSCALE_API_SECRET: "?{vaultkv:${cluster:tenant}/${cluster:name}/exoscale-metrics-collector/${_instance}/exoscale-secret}"
-            KUBERNETES_SERVER_URL: "?{vaultkv:${cluster:tenant}/${cluster:name}/exoscale-metrics-collector/${_instance}/cluster-server}"
-            KUBERNETES_SERVER_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/exoscale-metrics-collector/${_instance}/cluster-token}"
+            EXOSCALE_API_KEY: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/exoscale-key}"
+            EXOSCALE_API_SECRET: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/exoscale-secret}"
+            KUBERNETES_SERVER_URL: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/cluster-server}"
+            KUBERNETES_SERVER_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/cluster-token}"
       cloudscale:
         credentials:
           stringData:
-            CLOUDSCALE_API_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/cloudscale-metrics-collector/${_instance}/token}"
-            KUBERNETES_SERVER_URL: "?{vaultkv:${cluster:tenant}/${cluster:name}/cloudscale-metrics-collector/${_instance}/cluster-server}"
-            KUBERNETES_SERVER_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/cloudscale-metrics-collector/${_instance}/cluster-token}"
+            CLOUDSCALE_API_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/token}"
+            KUBERNETES_SERVER_URL: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/cluster-server}"
+            KUBERNETES_SERVER_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/billing-collector-cloudservices/${_instance}/cluster-token}"
     images:
       collector:
         registry: 'ghcr.io'
         repository: 'vshn/billing-collector-cloudservices'
-        tag: 'v1.0.0'
+        tag: 'v1.0.1'
 
     exoscale:
       enabled: false

diff --git a/component/component/main.jsonnet b/component/component/main.jsonnet
@@ -28,7 +28,7 @@ local secret(key) = [
   for s in std.objectFields(params.secrets[key])
 ];
 
-local cronjob(name, subcommand, schedule) = {
+local cronjob(name, args, schedule) = {
   kind: 'CronJob',
   apiVersion: 'batch/v1',
   metadata: {
@@ -48,9 +48,7 @@ local cronjob(name, subcommand, schedule) = {
               {
                 name: 'billing-collector-cloudservices-backfill',
                 image: collectorImage,
-                args: [
-                  subcommand,
-                ],
+                args: args,
                 envFrom: [
                   {
                     secretRef: {
@@ -107,8 +105,8 @@ assert params.exoscale.enabled != params.cloudscale.enabled : 'only one of the c
   assert secrets.credentials.stringData.KUBERNETES_SERVER_TOKEN != null : 'secrets.credentials.stringData.KUBERNETES_SERVER_TOKEN must be set.',
 
   secrets: std.filter(function(it) it != null, secret('exoscale')),
-  objectStorageCronjob: cronjob(alias + '-objectstorage', 'exoscale objectstorage', params.exoscale.objectStorage.schedule),
-  [if params.exoscale.dbaas.enabled then 'dbaasCronjob']: cronjob(alias + '-dbaas', 'exoscale dbaas', params.exoscale.dbaas.schedule),
+  objectStorageCronjob: cronjob(alias + '-objectstorage', ['exoscale', 'objectstorage'], params.exoscale.objectStorage.schedule),
+  [if params.exoscale.dbaas.enabled then 'dbaasCronjob']: cronjob(alias + '-dbaas', ['exoscale', 'dbaas'], params.exoscale.dbaas.schedule),
 } else {})
 +
 (if params.cloudscale.enabled then {
@@ -121,5 +119,5 @@ assert params.exoscale.enabled != params.cloudscale.enabled : 'only one of the c
   assert secrets.credentials.stringData.KUBERNETES_SERVER_TOKEN != null : 'secrets.credentials.stringData.KUBERNETES_SERVER_TOKEN must be set.',
 
   secrets: std.filter(function(it) it != null, secret('cloudscale')),
-  [if params.cloudscale.objectStorage.enabled then 'objectStorageCronjob']: cronjob(alias + '-objectstorage', 'cloudscale objectstorage', params.cloudscale.objectStorage.schedule),
+  [if params.cloudscale.objectStorage.enabled then 'objectStorageCronjob']: cronjob(alias + '-objectstorage', ['cloudscale', 'objectstorage'], params.cloudscale.objectStorage.schedule),
 } else {})
diff --git a/...ector/cloudscale-metrics-collector/cloudscale-metrics-collector/objectStorageCronjob.yaml b/...ector/cloudscale-metrics-collector/cloudscale-metrics-collector/objectStorageCronjob.yaml
@@ -17,7 +17,8 @@ spec:
         spec:
           containers:
             - args:
-                - cloudscale objectstorage
+                - cloudscale
+                - objectstorage
               env:
                 - name: password
                   valueFrom:
@@ -34,7 +35,7 @@ spec:
               envFrom:
                 - secretRef:
                     name: credentials-cloudscale-metrics-collector
-              image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.0
+              image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.1
               name: billing-collector-cloudservices-backfill
               resources: {}
           restartPolicy: OnFailure

diff --git a/...-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/secrets.yaml b/...-metrics-collector/cloudscale-metrics-collector/cloudscale-metrics-collector/secrets.yaml
@@ -8,7 +8,7 @@ metadata:
   name: credentials-cloudscale-metrics-collector
   namespace: appuio-cloud-reporting
 stringData:
-  CLOUDSCALE_API_TOKEN: t-silent-test-1234/c-green-test-1234/cloudscale-metrics-collector/cloudscale-metrics-collector/token
-  KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/cloudscale-metrics-collector/cloudscale-metrics-collector/cluster-token
-  KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/cloudscale-metrics-collector/cloudscale-metrics-collector/cluster-server
+  CLOUDSCALE_API_TOKEN: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/cloudscale-metrics-collector/token
+  KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/cloudscale-metrics-collector/cluster-token
+  KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/cloudscale-metrics-collector/cluster-server
 type: Opaque
diff --git a/...ale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/objectStorageCronjob.yaml b/...ale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/objectStorageCronjob.yaml
@@ -17,7 +17,8 @@ spec:
         spec:
           containers:
             - args:
-                - exoscale objectstorage
+                - exoscale
+                - objectstorage
               env:
                 - name: password
                   valueFrom:
@@ -34,7 +35,7 @@ spec:
               envFrom:
                 - secretRef:
                     name: credentials-collector-cloudscale-lpg-2
-              image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.0
+              image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.1
               name: billing-collector-cloudservices-backfill
               resources: {}
           restartPolicy: OnFailure

diff --git a/...ector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/secrets.yaml b/...ector-cloudscale-lpg-2/collector-cloudscale-lpg-2/collector-cloudscale-lpg-2/secrets.yaml
@@ -8,8 +8,8 @@ metadata:
   name: credentials-collector-cloudscale-lpg-2
   namespace: appuio-cloud-reporting
 stringData:
-  EXOSCALE_API_KEY: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/collector-cloudscale-lpg-2/exoscale-key
-  EXOSCALE_API_SECRET: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/collector-cloudscale-lpg-2/exoscale-secret
-  KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/collector-cloudscale-lpg-2/cluster-token
-  KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/collector-cloudscale-lpg-2/cluster-server
+  EXOSCALE_API_KEY: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/collector-cloudscale-lpg-2/exoscale-key
+  EXOSCALE_API_SECRET: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/collector-cloudscale-lpg-2/exoscale-secret
+  KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/collector-cloudscale-lpg-2/cluster-token
+  KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/collector-cloudscale-lpg-2/cluster-server
 type: Opaque
diff --git a/...metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/dbaasCronjob.yaml b/...metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/dbaasCronjob.yaml
@@ -17,7 +17,8 @@ spec:
         spec:
           containers:
             - args:
-                - exoscale dbaas
+                - exoscale
+                - dbaas
               env:
                 - name: password
                   valueFrom:
@@ -34,7 +35,7 @@ spec:
               envFrom:
                 - secretRef:
                     name: credentials-exoscale-metrics-collector
-              image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.0
+              image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.1
               name: billing-collector-cloudservices-backfill
               resources: {}
           restartPolicy: OnFailure

diff --git a/...collector/exoscale-metrics-collector/exoscale-metrics-collector/objectStorageCronjob.yaml b/...collector/exoscale-metrics-collector/exoscale-metrics-collector/objectStorageCronjob.yaml
@@ -17,7 +17,8 @@ spec:
         spec:
           containers:
             - args:
-                - exoscale objectstorage
+                - exoscale
+                - objectstorage
               env:
                 - name: password
                   valueFrom:
@@ -34,7 +35,7 @@ spec:
               envFrom:
                 - secretRef:
                     name: credentials-exoscale-metrics-collector
-              image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.0
+              image: ghcr.io/vshn/billing-collector-cloudservices:v1.0.1
               name: billing-collector-cloudservices-backfill
               resources: {}
           restartPolicy: OnFailure

diff --git a/...cale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/secrets.yaml b/...cale-metrics-collector/exoscale-metrics-collector/exoscale-metrics-collector/secrets.yaml
@@ -8,8 +8,8 @@ metadata:
   name: credentials-exoscale-metrics-collector
   namespace: appuio-cloud-reporting
 stringData:
-  EXOSCALE_API_KEY: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-key
-  EXOSCALE_API_SECRET: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/exoscale-metrics-collector/exoscale-secret
-  KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/exoscale-metrics-collector/cluster-token
-  KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/exoscale-metrics-collector/exoscale-metrics-collector/cluster-server
+  EXOSCALE_API_KEY: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/exoscale-metrics-collector/exoscale-key
+  EXOSCALE_API_SECRET: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/exoscale-metrics-collector/exoscale-secret
+  KUBERNETES_SERVER_TOKEN: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/exoscale-metrics-collector/cluster-token
+  KUBERNETES_SERVER_URL: t-silent-test-1234/c-green-test-1234/billing-collector-cloudservices/exoscale-metrics-collector/cluster-server
 type: Opaque