SSPROD-29521: add agent tags to kspm-collector and node-analyzer charts

sysdiglabs · Aug 30, 2023 · afccf4a · afccf4a
1 parent 99501c7
commit afccf4a
Show file tree

Hide file tree

Showing 6 changed files with 146 additions and 0 deletions.
diff --git a/charts/kspm-collector/templates/_helpers.tpl b/charts/kspm-collector/templates/_helpers.tpl
@@ -178,3 +178,18 @@ KSPM Collector nodeSelector
 true
 {{- end }}
 {{- end }}
+
+{{/*
+Return agent tags if available
+*/}}
+{{- define "agent.tags" }}
+{{- $globalSettings := .Values.settings | default dict }}
+{{- $agentSettings := .Values.agent | default dict }}
+{{- $globalTags :=  dig "global" "settings" "tags" "" $globalSettings }}
+{{- $agentTags  :=  dig "agent" "sysdig" "settings" "tags" "" $agentSettings }}
+{{- if ne $globalTags "" -}}
+    {{ $globalTags }}
+{{- else if ne $agentTags "" -}}
+    {{ $agentTags }}
+{{- end }}
+{{- end }}
diff --git a/charts/kspm-collector/templates/deployment.yaml b/charts/kspm-collector/templates/deployment.yaml
@@ -165,6 +165,10 @@ spec:
                 key: agent_port
                 name: {{ template "kspmCollector.fullname" . }}
                 optional: true
+          {{- if ne (include "agent.tags" .) "" }}
+          - name: TAGS
+            value: {{ include "agent.tags" . }}
+          {{- end }}
           {{- if eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
           - name: SSL_CERT_FILE
             value: /ca-certs/{{- include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.ssl) -}}

diff --git a/charts/kspm-collector/tests/agent_tags_test.yaml b/charts/kspm-collector/tests/agent_tags_test.yaml
@@ -0,0 +1,66 @@
+suite: Test kspm-collector Agent Tags
+templates:
+  - deployment.yaml
+tests:
+  - it: Check agent tags are set from global.settings.tags
+    documentIndex: 0
+    set:
+      clusterName: "test-k8s"
+      scanner:
+        enabled: true
+      webhook:
+        enabled: true
+      sysdig:
+        accessKey: standard-key
+        secureAPIToken: standard-token
+      global:
+        ssl:
+        settings:
+          tags: tag:value
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: TAGS
+            value: tag:value
+        template: deployment.yaml
+  - it: Check agent tags are set from agent.sysdig.settings.tags
+    documentIndex: 0
+    set:
+      clusterName: "test-k8s"
+      scanner:
+        enabled: true
+      webhook:
+        enabled: true
+      sysdig:
+        accessKey: standard-key
+        secureAPIToken: standard-token
+      agent:
+        sysdig:
+          settings:
+            tags: tag:value
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: TAGS
+            value: tag:value
+        template: deployment.yaml
+  - it: Check agent tags are not set
+    documentIndex: 0
+    set:
+      clusterName: "test-k8s"
+      scanner:
+        enabled: true
+      webhook:
+        enabled: true
+      sysdig:
+        accessKey: standard-key
+        secureAPIToken: standard-token
+    asserts:
+      - isNullOrEmpty:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: TAGS
+            value: tag:value
+        template: deployment.yaml
diff --git a/charts/node-analyzer/templates/_helpers.tpl b/charts/node-analyzer/templates/_helpers.tpl
@@ -288,3 +288,19 @@ Returns the namespace for installing components
 true
 {{- end }}
 {{- end }}
+
+
+{{/*
+Return agent tags if available
+*/}}
+{{- define "agent.tags" }}
+{{- $globalSettings := .Values.settings | default dict }}
+{{- $agentSettings := .Values.agent | default dict }}
+{{- $globalTags :=  dig "global" "settings" "tags" "" $globalSettings }}
+{{- $agentTags  :=  dig "agent" "sysdig" "settings" "tags" "" $agentSettings }}
+{{- if ne $globalTags "" -}}
+    {{ $globalTags }}
+{{- else if ne $agentTags "" -}}
+    {{ $agentTags }}
+{{- end }}
+{{- end }}
diff --git a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml
@@ -237,6 +237,10 @@ spec:
                 name: {{ .Release.Name }}-kspm-analyzer
                 key: agent_port
                 optional: true
+          {{- if ne (include "agent.tags" .) "" }}
+          - name: TAGS
+            value: {{ include "agent.tags" . }}
+          {{- end }}
           {{- if eq (include "sysdig.custom_ca.enabled"  (dict "global" .Values.global.ssl "component" .Values.nodeAnalyzer.ssl)) "true" }}
           - name: SSL_CERT_FILE
             value: /ca-certs/{{- include "sysdig.custom_ca.keyName"  (dict "global" .Values.global.ssl "component" .Values.nodeAnalyzer.ssl) -}}

diff --git a/charts/node-analyzer/tests/agent_tags_test.yaml b/charts/node-analyzer/tests/agent_tags_test.yaml
@@ -0,0 +1,41 @@
+suite: Test kspm-collector Agent Tags
+templates:
+  - daemonset-node-analyzer.yaml
+tests:
+  - it: Check agent tags are set from global.settings.tags
+    documentIndex: 0
+    set:
+      global:
+        ssl:
+        settings:
+          tags: tag:value
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: TAGS
+            value: tag:value
+        template: deployment.yaml
+  - it: Check agent tags are set from agent.sysdig.settings.tags
+    documentIndex: 0
+    set:
+      agent:
+        sysdig:
+          settings:
+            tags: tag:value
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: TAGS
+            value: tag:value
+        template: deployment.yaml
+  - it: Check agent tags are not set
+    documentIndex: 0
+    asserts:
+      - isNullOrEmpty:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: TAGS
+            value: tag:value
+        template: deployment.yaml