some unfinished and untested work over helm mirror

2023-06-22 19:36:59 +03:00
parent 3bf5fb4076
commit c2a0d759bc
38 changed files with 8027 additions and 15 deletions
--- a/config/helm/scraper/test/examples/security/Makefile
+++ b/config/helm/scraper/test/examples/security/Makefile
@@ -0,0 +1,13 @@
+default: test
+
+include ../../../helpers/examples.mk
+
+RELEASE := helm-apm-server-security
+
+install:
+	helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../
+
+test: install goss
+
+purge:
+	helm del $(RELEASE)
--- a/config/helm/scraper/test/examples/security/README.md
+++ b/config/helm/scraper/test/examples/security/README.md
@@ -0,0 +1,28 @@
+# Security
+
+This example deploy APM Server 8.5.1 using authentication and TLS to connect to
+Elasticsearch (see [values][]).
+
+
+## Usage
+
+* Deploy [Elasticsearch Helm chart][].
+
+* Deploy APM Server chart with security: `make install`
+
+* You can now setup a port forward to query APM indices:
+
+  ```
+  kubectl port-forward svc/security-master 9200
+  curl -u elastic:changeme https://localhost:9200/_cat/indices
+  ```
+
+
+## Testing
+
+You can also run [goss integration tests][] using `make test`
+
+
+[elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/main/elasticsearch/examples/security/
+[goss integration tests]: https://github.com/elastic/helm-charts/tree/main/apm-server/examples/security/test/goss.yaml
+[values]: https://github.com/elastic/helm-charts/tree/main/apm-server/examples/security/values.yaml
--- a/config/helm/scraper/test/examples/security/test/goss.yaml
+++ b/config/helm/scraper/test/examples/security/test/goss.yaml
@@ -0,0 +1,6 @@
+http:
+  http://localhost:8200?pretty:
+    status: 200
+    timeout: 2000
+    body:
+      - "8.5.1"
--- a/config/helm/scraper/test/examples/security/values.yaml
+++ b/config/helm/scraper/test/examples/security/values.yaml
@@ -0,0 +1,29 @@
+apmConfig:
+  apm-server.yml: |
+    apm-server:
+      host: "0.0.0.0:8200"
+    queue: {}
+    output.elasticsearch:
+      username: '${ELASTICSEARCH_USERNAME}'
+      password: '${ELASTICSEARCH_PASSWORD}'
+      protocol: https
+      hosts: ["security-master:9200"]
+      ssl.certificate_authorities:
+        - /usr/share/apm-server/config/certs/elastic-certificate.pem
+
+secretMounts:
+  - name: elastic-certificate-pem
+    secretName: elastic-certificate-pem
+    path: /usr/share/apm-server/config/certs
+
+extraEnvs:
+  - name: "ELASTICSEARCH_USERNAME"
+    valueFrom:
+      secretKeyRef:
+        name: security-master-credentials
+        key: username
+  - name: "ELASTICSEARCH_PASSWORD"
+    valueFrom:
+      secretKeyRef:
+        name: security-master-credentials
+        key: password