Add Zuul Jobs for apparmor to alerta and Prometheus black-box

1)Moved Apparmor changes to overides so as to use experimental Jobs.
2)Changed Numerical Convention to openstack exporterw

Change-Id: I9ac1f6399c09fc54fcdb98eb0c6cf91912bc93c1
Signed-off-by: diwakar thyagaraj <diwakar.chitoor.thyagaraj@att.com>
This commit is contained in:
diwakar thyagaraj 2020-08-31 17:20:13 +00:00
parent dc58ef9ddd
commit 6dd08e84ca
8 changed files with 82 additions and 6 deletions
alerta
templates
values_overrides
prometheus-blackbox-exporter
values.yaml
values_overrides
tools/deployment/apparmor
zuul.d

View File

@ -35,7 +35,7 @@ spec:
labels: labels:
{{ tuple $envAll "alerta" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} {{ tuple $envAll "alerta" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations: annotations:
{{ dict "envAll" $envAll "podName" "alerta" "containerNames" (list "alerta" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} {{ dict "envAll" $envAll "podName" "alerta" "containerNames" (list "alerta") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec: spec:

View File

@ -0,0 +1,7 @@
---
pod:
mandatory_access_control:
type: apparmor
alerta:
alerta: runtime/default
...

View File

@ -55,10 +55,6 @@ pod:
blackbox_exporter: blackbox_exporter:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
mandatory_access_control:
type: apparmor
prometheus-blackbox-exporter:
blackbox-exporter: runtime/default
replicas: replicas:
prometheus_blackbox_exporter: 1 prometheus_blackbox_exporter: 1
annotations: annotations:

View File

@ -0,0 +1,7 @@
---
pod:
mandatory_access_control:
type: apparmor
prometheus-blackbox-exporter:
blackbox-exporter: runtime/default
...

View File

@ -0,0 +1,33 @@
#!/bin/bash
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Lint and package chart
make prometheus-blackbox-exporter
: ${OSH_INFRA_EXTRA_HELM_ARGS_PROMETHEUS_BLACKBOX_EXPORTER:="$(./tools/deployment/common/get-values-overrides.sh prometheus-blackbox-exporter)"}
#NOTE: Deploy command
helm upgrade --install prometheus-blackbox-exporter \
./prometheus-blackbox-exporter \
--namespace=openstack \
${OSH_INFRA_EXTRA_HELM_ARGS} \
${OSH_INFRA_EXTRA_HELM_ARGS_PROMETHEUS_BLACKBOX_EXPORTER}
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
helm status prometheus-blackbox-exporter

View File

@ -1 +0,0 @@
../common/alerta.sh

View File

@ -0,0 +1,33 @@
#!/bin/bash
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Lint and package chart
make alerta
#NOTE: Deploy command
: ${OSH_INFRA_EXTRA_HELM_ARGS:=""}
: ${OSH_INFRA_EXTRA_HELM_ARGS_ALERTA:="$(./tools/deployment/common/get-values-overrides.sh alerta)"}
helm upgrade --install alerta ./alerta \
--namespace=osh-infra \
${OSH_INFRA_EXTRA_HELM_ARGS} \
${OSH_INFRA_EXTRA_HELM_ARGS_ALERTA}
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh osh-infra
#NOTE: Validate Deployment info
helm status alerta

View File

@ -289,6 +289,7 @@
- ./tools/deployment/apparmor/050-prometheus-alertmanager.sh - ./tools/deployment/apparmor/050-prometheus-alertmanager.sh
- ./tools/deployment/apparmor/055-prometheus.sh - ./tools/deployment/apparmor/055-prometheus.sh
- ./tools/deployment/apparmor/060-prometheus-node-exporter.sh - ./tools/deployment/apparmor/060-prometheus-node-exporter.sh
- ./tools/deployment/apparmor/070-prometheus-blackbox-exporter.sh
- ./tools/deployment/apparmor/075-prometheus-process-exporter.sh - ./tools/deployment/apparmor/075-prometheus-process-exporter.sh
- ./tools/deployment/apparmor/080-grafana.sh - ./tools/deployment/apparmor/080-grafana.sh
- ./tools/deployment/apparmor/085-rabbitmq.sh - ./tools/deployment/apparmor/085-rabbitmq.sh