iits-consulting · erjondibraniiits · Jul 22, 2024 · Jul 22, 2024 · Jul 26, 2024 · Jul 26, 2024
diff --git a/modules/otc-prometheus-exporter/README.md b/modules/otc-prometheus-exporter/README.md
@@ -0,0 +1,63 @@
+## otc-prometheus-exporter
+
+This module deploys our [otc-prometheus-exporter](https://github.com/iits-consulting/otc-prometheus-exporter) with wich metrics on the open telekom cloud can be monitored
+
+Example:
+```
+module "otc_prometheus_exporter" {
+  source          = "registry.terraform.io/iits-consulting/project-factory/opentelekomcloud//modules/otc-prometheus-exporter"
+  name_prefix     = "${var.context}-${var.stage}"
+  domain_name     = var.otc_domain_name
+  release_version = local.chart_versions.otc_prometheus_exporter
+}
+```
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_opentelekomcloud"></a> [opentelekomcloud](#requirement\_opentelekomcloud) | >1.31.5 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_helm"></a> [helm](#provider\_helm) | n/a |
+| <a name="provider_opentelekomcloud"></a> [opentelekomcloud](#provider\_opentelekomcloud) | >1.31.5 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [helm_release.otc-prometheus-exporter](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [opentelekomcloud_identity_credential_v3.user_aksk](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/identity_credential_v3) | resource |
+| [opentelekomcloud_identity_group_v3.ces_group](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/identity_group_v3) | resource |
+| [opentelekomcloud_identity_role_assignment_v3.ces_role_to_ces_group](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/identity_role_assignment_v3) | resource |
+| [opentelekomcloud_identity_user_group_membership_v3.user_to_ces_group](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/identity_user_group_membership_v3) | resource |
+| [opentelekomcloud_identity_user_v3.user](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/identity_user_v3) | resource |
+| [opentelekomcloud_identity_project_v3.project](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/data-sources/identity_project_v3) | data source |
+| [opentelekomcloud_identity_role_v3.ces_role](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/data-sources/identity_role_v3) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | Domain name of the OTC | `string` | n/a | yes |
+| <a name="input_name_prefix"></a> [name\_prefix](#input\_name\_prefix) | Prefix of the OTC ressources created. | `string` | n/a | yes |
+| <a name="input_release_version"></a> [release\_version](#input\_release\_version) | Release version of the chart (see releases on https://github.com/iits-consulting/otc-prometheus-exporter/tree/gh-pages) | `string` | n/a | yes |
+| <a name="input_chart_name"></a> [chart\_name](#input\_chart\_name) | Name of the IITS otc-prometheus-exporter chart. | `string` | `"otc-prometheus-exporter"` | no |
+| <a name="input_chart_repository"></a> [chart\_repository](#input\_chart\_repository) | Chart repository of the IITS otc-prometheus-exporter chart. | `string` | `"https://iits-consulting.github.io/otc-prometheus-exporter/"` | no |
+| <a name="input_chart_set_parameter"></a> [chart\_set\_parameter](#input\_chart\_set\_parameter) | Override the values of the IITS otc-prometheus-exporter chart using set. | <pre>list(object({<br>    name  = string<br>    value = string<br>  }))</pre> | `[]` | no |
+| <a name="input_chart_set_sensitive_parameter"></a> [chart\_set\_sensitive\_parameter](#input\_chart\_set\_sensitive\_parameter) | Override the values of the IITS otc-prometheus-exporter chart using set\_sensitive. | <pre>list(object({<br>    name  = string<br>    value = string<br>  }))</pre> | `[]` | no |
+| <a name="input_release_name"></a> [release\_name](#input\_release\_name) | Name ot the release namespace. | `string` | `"otc-prometheus-exporter"` | no |
+| <a name="input_release_namespace"></a> [release\_namespace](#input\_release\_namespace) | Kubernetes namespace to install the chart to. | `string` | `"monitoring"` | no |
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->
diff --git a/modules/otc-prometheus-exporter/main.tf b/modules/otc-prometheus-exporter/main.tf
@@ -0,0 +1,47 @@
+
+resource "helm_release" "otc-prometheus-exporter" {
+  name       = var.release_name
+  repository = var.chart_repository
+  chart      = var.chart_name
+  version    = var.release_version
+
+  namespace             = var.release_namespace
+  create_namespace      = true
+  wait                  = true
+  atomic                = true
+  timeout               = 900 // 15 Minutes
+  render_subchart_notes = true
+  dependency_update     = true
+  wait_for_jobs         = true
+
+  dynamic "set" {
+    for_each = toset(var.chart_set_parameter)
+    content {
+      name  = set.value.name
+      value = set.value.value
+    }
+  }
+  dynamic "set_sensitive" {
+    for_each = toset(var.chart_set_sensitive_parameter)
+    content {
+      name  = set_sensitive.value.name
+      value = set_sensitive.value.value
+    }
+  }
+
+  values = [yamlencode({
+    deployment = {
+      env = {
+        OS_ACCESS_KEY  = opentelekomcloud_identity_credential_v3.user_aksk.access
+        OS_SECRET_KEY  = opentelekomcloud_identity_credential_v3.user_aksk.secret
+        OS_PROJECT_ID  = data.opentelekomcloud_identity_project_v3.project.id
+        OS_DOMAIN_NAME = var.domain_name
+      }
+    }
+    serviceMonitor = {
+      labels = {
+        release = "kube-prom-stack"
+      }
+    }
+  })]
+}
diff --git a/modules/otc-prometheus-exporter/otc-user.tf b/modules/otc-prometheus-exporter/otc-user.tf
@@ -0,0 +1,43 @@
+data "opentelekomcloud_identity_project_v3" "project" {}
+
+
+resource "opentelekomcloud_identity_user_v3" "user" {
+  name        = "${var.name_prefix}-prom"
+  description = "CES admin access programmatic user for ${var.release_name}."
+  enabled     = true
+}
+
+
+data "opentelekomcloud_identity_role_v3" "ces_role" {
+  name = "system_all_61" #CES Admin Role
+}
+
+
+resource "opentelekomcloud_identity_group_v3" "ces_group" {
+  name        = "${var.name_prefix}-prom"
+  description = "CES admin access group for ${var.release_name}."
+}
+
+
+resource "opentelekomcloud_identity_role_assignment_v3" "ces_role_to_ces_group" {
+  group_id   = opentelekomcloud_identity_group_v3.ces_group.id
+  role_id    = data.opentelekomcloud_identity_role_v3.ces_role.id
+  project_id = data.opentelekomcloud_identity_project_v3.project.name == data.opentelekomcloud_identity_project_v3.project.region ? data.opentelekomcloud_identity_project_v3.project.id : data.opentelekomcloud_identity_project_v3.project.parent_id
+  lifecycle {
+    ignore_changes = [project_id]
+  }
+}
+
+
+resource "opentelekomcloud_identity_user_group_membership_v3" "user_to_ces_group" {
+  user = opentelekomcloud_identity_user_v3.user.id
+  groups = [
+    opentelekomcloud_identity_group_v3.ces_group.id,
+  ]
+}
+
+
+resource "opentelekomcloud_identity_credential_v3" "user_aksk" {
+  user_id     = opentelekomcloud_identity_user_v3.user.id
+  description = "Created by terraform"
+}
diff --git a/modules/otc-prometheus-exporter/variables.tf b/modules/otc-prometheus-exporter/variables.tf
@@ -0,0 +1,64 @@
+variable "name_prefix" {
+  type        = string
+  description = "Prefix of the OTC ressources created."
+}
+
+
+variable "release_name" {
+  default     = "otc-prometheus-exporter"
+  type        = string
+  description = "Name ot the release namespace."
+}
+
+
+variable "release_namespace" {
+  type        = string
+  default     = "monitoring"
+  description = "Kubernetes namespace to install the chart to."
+}
+
+
+variable "domain_name" {
+  type        = string
+  description = "Domain name of the OTC"
+}
+
+
+variable "release_version" {
+  type        = string
+  description = "Release version of the chart (see releases on https://github.com/iits-consulting/otc-prometheus-exporter/tree/gh-pages)"
+}
+
+
+variable "chart_repository" {
+  type        = string
+  default     = "https://iits-consulting.github.io/otc-prometheus-exporter/"
+  description = "Chart repository of the IITS otc-prometheus-exporter chart."
+}
+
+
+variable "chart_name" {
+  type        = string
+  default     = "otc-prometheus-exporter"
+  description = "Name of the IITS otc-prometheus-exporter chart."
+}
+
+
+variable "chart_set_parameter" {
+  type = list(object({
+    name  = string
+    value = string
+  }))
+  default     = []
+  description = "Override the values of the IITS otc-prometheus-exporter chart using set."
+}
+
+
+variable "chart_set_sensitive_parameter" {
+  type = list(object({
+    name  = string
+    value = string
+  }))
+  default     = []
+  description = "Override the values of the IITS otc-prometheus-exporter chart using set_sensitive."
+}
diff --git a/modules/otc-prometheus-exporter/versions.tf b/modules/otc-prometheus-exporter/versions.tf
@@ -0,0 +1,11 @@
+terraform {
+  required_providers {
+    helm = {
+      source = "hashicorp/helm"
+    }
+    opentelekomcloud = {
+      source  = "opentelekomcloud/opentelekomcloud"
+      version = ">1.31.5"
+    }
+  }
+}