From 0a433ab59975f78b00d4393a74d943ab57fe9d9d Mon Sep 17 00:00:00 2001 From: Hitesh Nayak Date: Thu, 4 Apr 2024 02:16:56 +0530 Subject: [PATCH] feat(service-monitor): support bearer token authentication on metrics endpoint Signed-off-by: Hitesh Nayak --- templates/_helpers.tpl | 4 ++++ templates/gitea/metrics-secret.yaml | 11 +++++++++++ templates/gitea/servicemonitor.yaml | 8 ++++++++ 3 files changed, 23 insertions(+) create mode 100644 templates/gitea/metrics-secret.yaml diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 45e7a28..cede1b8 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -389,6 +389,10 @@ https {{ default (printf "%s-gpg-key" (include "gitea.fullname" .)) .Values.signing.existingSecret }} {{- end -}} +{{- define "gitea.metrics-secret-name" -}} +{{ default (printf "%s-metrics-secret" (include "gitea.fullname" .)) }} +{{- end -}} + {{- define "gitea.serviceAccountName" -}} {{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }} {{- end -}} diff --git a/templates/gitea/metrics-secret.yaml b/templates/gitea/metrics-secret.yaml new file mode 100644 index 0000000..2698c1a --- /dev/null +++ b/templates/gitea/metrics-secret.yaml @@ -0,0 +1,11 @@ +{{- if and (.Values.gitea.config.metrics) (.Values.gitea.config.metrics.TOKEN) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "gitea.metrics-secret-name" . }} + labels: + {{- include "gitea.labels" . | nindent 4 }} +type: Opaque +data: + token: {{ .Values.gitea.config.metrics.TOKEN | b64enc }} +{{- end }} diff --git a/templates/gitea/servicemonitor.yaml b/templates/gitea/servicemonitor.yaml index 02750d0..5f3a3f0 100644 --- a/templates/gitea/servicemonitor.yaml +++ b/templates/gitea/servicemonitor.yaml @@ -14,4 +14,12 @@ spec: {{- include "gitea.selectorLabels" . | nindent 6 }} endpoints: - port: http +{{- if and (.Values.gitea.config.metrics) (.Values.gitea.config.metrics.TOKEN) }} + authorization: + type: Bearer + credentials: + name: {{ include "gitea.metrics-secret-name" . }} + key: token + optional: true +{{- end -}} {{- end -}} \ No newline at end of file