diff --git a/charts/super-agent/.helmignore b/charts/agent-control/.helmignore similarity index 100% rename from charts/super-agent/.helmignore rename to charts/agent-control/.helmignore diff --git a/charts/super-agent/Chart.lock b/charts/agent-control/Chart.lock similarity index 91% rename from charts/super-agent/Chart.lock rename to charts/agent-control/Chart.lock index fa8007141..55987be81 100644 --- a/charts/super-agent/Chart.lock +++ b/charts/agent-control/Chart.lock @@ -2,7 +2,7 @@ dependencies: - name: flux2 repository: https://fluxcd-community.github.io/helm-charts version: 2.13.0 -- name: super-agent-deployment +- name: agent-control-deployment repository: "" version: 0.0.25-beta - name: common-library diff --git a/charts/super-agent/Chart.yaml b/charts/agent-control/Chart.yaml similarity index 74% rename from charts/super-agent/Chart.yaml rename to charts/agent-control/Chart.yaml index 0670d4ed1..deb6fd582 100644 --- a/charts/super-agent/Chart.yaml +++ b/charts/agent-control/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: super-agent -description: Bootstraps New Relic' Super Agent +name: agent-control +description: Bootstraps New Relic' Agent Control type: application version: 0.0.22-beta @@ -10,17 +10,17 @@ dependencies: repository: https://fluxcd-community.github.io/helm-charts version: 2.13.0 condition: flux2.enabled - - name: super-agent-deployment + - name: agent-control-deployment version: 0.0.25-beta - condition: super-agent-deployment.enabled - # The following dependency is needed as sub-dependency of super-agent-deployment + condition: agent-control-deployment.enabled + # The following dependency is needed as sub-dependency of agent-control-deployment - name: common-library version: 1.3.0 repository: https://helm-charts.newrelic.com keywords: - newrelic - - super-agent + - agent-control maintainers: - name: alvarocabanas diff --git a/charts/agent-control/README.md b/charts/agent-control/README.md new file mode 100644 index 000000000..930b0104a --- /dev/null +++ b/charts/agent-control/README.md @@ -0,0 +1,104 @@ +[![Community Plus header](https://github.com/newrelic/opensource-website/raw/master/src/images/categories/Community_Plus.png)](https://opensource.newrelic.com/oss-category/#community-plus) + +# agent-control + +Bootstraps New Relic' Agent Control + +# Helm installation + +You can install this chart using directly this Helm repository: + +```shell +helm repo add newrelic https://helm-charts.newrelic.com +helm upgrade --install agent-control newrelic/agent-control -f your-custom-values.yaml +``` + +## Values managed globally + +This chart implements the [New Relic's common Helm library](https://github.com/newrelic/helm-charts/tree/master/library/common-library) which +means that it honors a wide range of defaults and globals common to most New Relic Helm charts. + +> **Warning**: Note that the flux chart is not maintained by New Relic and thus does not support the `common-library`. Everything under the +`flux2` belongs to the upstream chart and does not honor the [New Relic's common Helm library](https://github.com/newrelic/helm-charts/tree/master/library/common-library). +> +> For a complete list of `values.yaml` of this chart you can refer to the [upstream chart's `values.yaml`](https://github.com/fluxcd-community/helm-charts/blob/flux2-2.10.2/charts/flux2/values.yaml). + +Options that can be defined globally include `affinity`, `nodeSelector`, `tolerations`, `proxy` and others. The full list can be found at +[user's guide of the common library](https://github.com/newrelic/helm-charts/blob/master/library/common-library/README.md). + +## Chart particularities + +> **TODO:** Here is where you should add particularities for this chart like what does the chart do with the privileged and +low data modes or any other quirk that it could have. + +As of the creation of the chart, it has no particularities and this section can be removed safely. + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| flux2 | object | See `values.yaml` | Values for the Flux chat. Ref.: https://github.com/fluxcd-community/helm-charts/blob/flux2-2.10.2/charts/flux2/values.yaml | +| flux2.clusterDomain | string | `"cluster.local"` | This is the domain name of the cluster. | +| flux2.enabled | bool | `true` | Enable or disable FluxCD installation. New Relic' Agent Control need Flux to work, but the user can use an already existing Flux deployment. With that use case, the use can disable Flux and use this chart to only install the CRs to deploy the Agent Control. | +| flux2.helmController | object | Enabled | Helm controller is a Kubernetes operator that allows to declaratively manage Helm chart releases with Kubernetes manifests. The Helm release is defined in a CR ([Custom Resource](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/#custom-resources)) named `HelmRelease` that the operator will reconcile on the apply, edit, or deletion of a `HelmRelease` resource. New Relic' Agent Control will use this controller by creating `HelmRelease` CRs based in the configuration stored on OpAmp. This is the only controller that the Agent Control need for now, the other controllers are disabled by default. On the other hand, user might want to leverage having FluxCD installed for their own purposes. Take a look to the `values.yaml` to see how to enable other controllers. | +| flux2.installCRDs | bool | `true` | The installation of the CRDs is managed by the chart itself. | +| flux2.rbac | object | Enabled (See `values.yaml`) | Create RBAC rules for FluxCD is able to deploy all kind of workloads on the cluster. | +| flux2.sourceController | object | Enabled | Source controller provides a way to fetch artifacts to the rest of controllers. The source API (which reference [can be read here](https://fluxcd.io/flux/components/source/api/v1/)) is used by admins and various automated operators to offload the Git, OCO, and Helm repositories management. | +| flux2.watchAllNamespaces | bool | `false` | As we are using Flux as a tool from the agent control to release new workloads, we do not want Flux to listen to all CRs created on the whole cluster. If the user does not want to use Flux and is only using it because of the agent control, this is the way to go so the cluster has deployed all operators needed by the agent control. But if the user want to use Flux for other purposes besides the agent control, this toggle can be used to allow Flux to work on the whole cluster. | +| fullnameOverride | string | `""` | Override the full name of the release | +| nameOverride | string | `""` | Override the name of the chart | +| agent-control-deployment | object | See `values.yaml` | Values related to the agent control's Helm chart release. | +| agent-control-deployment.affinity | object | `{}` | Sets pod/node affinities. Can be configured also with `global.affinity` | +| agent-control-deployment.cleanupManagedResources | bool | `true` | Enable the cleanup of agent-control managed resources when the chart is uninstalled. If disabled, agents and/or agent configurations managed by the agent-control will not be deleted when the chart is uninstalled. | +| agent-control-deployment.cluster | string | `""` | Name of the Kubernetes cluster monitored. Can be configured also with `global.cluster`. | +| agent-control-deployment.config.opamp.auth.organizationId | string | `""` | Organization ID where fleets will live. | +| agent-control-deployment.config.opamp.auth.secret.client_id.base64 | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as base64. This options is mutually exclusive with `plain`. | +| agent-control-deployment.config.opamp.auth.secret.client_id.plain | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as plain text. This options is mutually exclusive with `base64`. | +| agent-control-deployment.config.opamp.auth.secret.client_id.secret_key | string | `client_id` | Key inside the secret containing the client ID. | +| agent-control-deployment.config.opamp.auth.secret.name | string | release name suffixed with "-auth" | Name auth' secret provided by the user. If the creation of this secret is set to `true`, this is the same the secret will have. | +| agent-control-deployment.config.opamp.auth.secret.private_key.base64_pem | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as base64. This options is mutually exclusive with `plain_pem`. | +| agent-control-deployment.config.opamp.auth.secret.private_key.plain_pem | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as plain text. This options is mutually exclusive with `base64_pem`. | +| agent-control-deployment.config.opamp.auth.secret.private_key.secret_key | string | `private_key` | Key inside the secret containing the private key. | +| agent-control-deployment.config.opamp.enabled | bool | `true` | Enables or disables the auth against fleet control. It implies to disable any fleet communication and running the agent in stand alone mode where only the agents specified on `.config.subAgents` will be launched. | +| agent-control-deployment.config.subAgents | string | `newrelic/io.opentelemetry.collector` (See `values.yaml`) | Values that the fleet is going to have in the deployment. If empty, chart will automatically add `newrelic/io.opentelemetry.collector` subagent. On the other hand, if populated the list of agent created is the one specified overwriting the default. | +| agent-control-deployment.config.agentControl | object | See `values.yaml` | Configuration for the Agent Control. | +| agent-control-deployment.config.agentControl.content | object | `{}` | Overrides the configuration that has been created automatically by the chart. This configuration here will be **MERGED** with the configuration specified above. If you need to have you own configuration, disabled the creation of this configMap and create your own. | +| agent-control-deployment.config.agentControl.create | bool | `true` | Set if the configMap is going to be created by this chart or the user will provide its own. | +| agent-control-deployment.containerSecurityContext | object | `{}` | Sets security context (at container level). Can be configured also with `global.containerSecurityContext` | +| agent-control-deployment.customAttributes | object | `{}` | TODO: Adds extra attributes to the cluster and all the metrics emitted to the backend. Can be configured also with `global.customAttributes` | +| agent-control-deployment.customSecretLicenseKey | string | `""` | In case you don't want to have the license key in you values, this allows you to point to which secret key is the license key located. Can be configured also with `global.customSecretLicenseKey` | +| agent-control-deployment.customSecretName | string | `""` | In case you don't want to have the license key in you values, this allows you to point to a user created secret to get the key from there. Can be configured also with `global.customSecretName` | +| agent-control-deployment.dnsConfig | object | `{}` | Sets pod's dnsConfig. Can be configured also with `global.dnsConfig` | +| agent-control-deployment.enabled | bool | `true` | Enable the installation of the Agent Control. This an advanced/debug flag. It should be always be true unless you know what you are going. | +| agent-control-deployment.extraEnv | list | `[]` | Add user environment variables to the agent | +| agent-control-deployment.extraEnvFrom | list | `[]` | Add user environment from configMaps or secrets as variables to the agent | +| agent-control-deployment.extraVolumeMounts | list | `[]` | Defines where to mount volumes specified with `extraVolumes` | +| agent-control-deployment.extraVolumes | list | `[]` | Volumes to mount in the containers | +| agent-control-deployment.fedramp.enabled | bool | `false` | TODO: Enables FedRAMP. Can be configured also with `global.fedramp.enabled` | +| agent-control-deployment.hostNetwork | bool | `false` | Sets pod's hostNetwork. Can be configured also with `global.hostNetwork` | +| agent-control-deployment.image | object | See `values.yaml` | Image for the New Relic Agent Control | +| agent-control-deployment.image.pullSecrets | list | `[]` | The secrets that are needed to pull images from a custom registry. | +| agent-control-deployment.labels | object | `{}` | Additional labels for chart objects. Can be configured also with `global.labels` | +| agent-control-deployment.licenseKey | string | `""` | This set this license key to use. Can be configured also with `global.licenseKey` | +| agent-control-deployment.nodeSelector | object | `{}` | Sets pod's node selector. Can be configured also with `global.nodeSelector` | +| agent-control-deployment.nrStaging | bool | `false` | Send the metrics to the staging backend. Requires a valid staging license key. Can be configured also with `global.nrStaging` | +| agent-control-deployment.podAnnotations | object | `{}` | Annotations to be added to all pods created by the integration. | +| agent-control-deployment.podLabels | object | `{}` | Additional labels for chart pods. Can be configured also with `global.podLabels` | +| agent-control-deployment.podSecurityContext | object | `{}` | Sets security context (at pod level). Can be configured also with `global.podSecurityContext` | +| agent-control-deployment.priorityClassName | string | `""` | Sets pod's priorityClassName. Can be configured also with `global.priorityClassName` | +| agent-control-deployment.proxy | string | `""` | TODO: Configures the integration to send all HTTP/HTTPS request through the proxy in that URL. The URL should have a standard format like `https://user:password@hostname:port`. Can be configured also with `global.proxy` | +| agent-control-deployment.rbac.create | bool | `true` | Whether the chart should automatically create the RBAC objects required to run. | +| agent-control-deployment.resources | object | `{}` | Resource limits to be added to all pods created by the integration. | +| agent-control-deployment.serviceAccount | object | See `values.yaml` | Settings controlling ServiceAccount creation. | +| agent-control-deployment.serviceAccount.create | bool | `true` | Whether the chart should automatically create the ServiceAccount objects required to run. | +| agent-control-deployment.tolerations | list | `[]` | Sets pod's tolerations to node taints. Can be configured also with `global.tolerations` | +| agent-control-deployment.verboseLog | bool | `false` | Sets the debug logs to this integration or all integrations if it is set globally. Can be configured also with `global.verboseLog` | + +## Maintainers + +* [alvarocabanas](https://github.com/alvarocabanas) +* [DavSanchez](https://github.com/DavSanchez) +* [gsanchezgavier](https://github.com/gsanchezgavier) +* [paologallinaharbur](https://github.com/paologallinaharbur) +* [rubenruizdegauna](https://github.com/rubenruizdegauna) +* [sigilioso](https://github.com/sigilioso) diff --git a/charts/super-agent/README.md.gotmpl b/charts/agent-control/README.md.gotmpl similarity index 96% rename from charts/super-agent/README.md.gotmpl rename to charts/agent-control/README.md.gotmpl index 47049b3d6..be35742ba 100644 --- a/charts/super-agent/README.md.gotmpl +++ b/charts/agent-control/README.md.gotmpl @@ -13,7 +13,7 @@ You can install this chart using directly this Helm repository: ```shell helm repo add newrelic https://helm-charts.newrelic.com -helm upgrade --install super-agent newrelic/super-agent -f your-custom-values.yaml +helm upgrade --install agent-control newrelic/agent-control -f your-custom-values.yaml ``` {{ template "chart.sourcesSection" . }} diff --git a/charts/super-agent/charts/super-agent-deployment/.helmignore b/charts/agent-control/charts/agent-control-deployment/.helmignore similarity index 100% rename from charts/super-agent/charts/super-agent-deployment/.helmignore rename to charts/agent-control/charts/agent-control-deployment/.helmignore diff --git a/charts/super-agent/charts/super-agent-deployment/Chart.yaml b/charts/agent-control/charts/agent-control-deployment/Chart.yaml similarity index 89% rename from charts/super-agent/charts/super-agent-deployment/Chart.yaml rename to charts/agent-control/charts/agent-control-deployment/Chart.yaml index bf78195ac..228122078 100644 --- a/charts/super-agent/charts/super-agent-deployment/Chart.yaml +++ b/charts/agent-control/charts/agent-control-deployment/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: super-agent-deployment +name: agent-control-deployment description: A Helm chart to install New Relic Super agent on Kubernetes type: application @@ -8,7 +8,7 @@ version: 0.0.25-beta keywords: - newrelic - - super-agent + - agent-control maintainers: - name: sigilioso diff --git a/charts/super-agent/charts/super-agent-deployment/templates/_helpers.tpl b/charts/agent-control/charts/agent-control-deployment/templates/_helpers.tpl similarity index 77% rename from charts/super-agent/charts/super-agent-deployment/templates/_helpers.tpl rename to charts/agent-control/charts/agent-control-deployment/templates/_helpers.tpl index c10f6ffb3..8b48ea869 100644 --- a/charts/super-agent/charts/super-agent-deployment/templates/_helpers.tpl +++ b/charts/agent-control/charts/agent-control-deployment/templates/_helpers.tpl @@ -1,8 +1,8 @@ {{- /* -Return the name of the configMap holding the Super Agent's config. Defaults to release's fill name suffiexed with "-config" +Return the name of the configMap holding the Agent Control's config. Defaults to release's fill name suffiexed with "-config" */ -}} -{{- define "newrelic-super-agent.config.name" -}} -{{- include "newrelic.common.naming.truncateToDNSWithSuffix" ( dict "name" "local-data" "suffix" "superagent-config" ) -}} +{{- define "newrelic-agent-control.config.name" -}} +{{- include "newrelic.common.naming.truncateToDNSWithSuffix" ( dict "name" "local-data" "suffix" "agentcontrol-config" ) -}} {{- end -}} @@ -10,7 +10,7 @@ Return the name of the configMap holding the Super Agent's config. Defaults to r {{- /* Test that the value of `.Values.config.subAgents` exists and its valid. If empty, returns the default. */ -}} -{{- define "newrelic-super-agent.config.agents.yaml" -}} +{{- define "newrelic-agent-control.config.agents.yaml" -}} {{- if (.Values.config).subAgents -}} {{- $agents := dict -}} {{- range $subAgentName, $subAgentConfig := (.Values.config).subAgents -}} @@ -38,9 +38,9 @@ open-telemetry: {{- /* -Return to which endpoint should the super agent connect to get opamp data +Return to which endpoint should the agent control connect to get opamp data */ -}} -{{- define "newrelic-super-agent.config.endpoints.opamp" -}} +{{- define "newrelic-agent-control.config.endpoints.opamp" -}} {{- $region := include "newrelic.common.region" . -}} {{- if eq $region "Staging" -}} @@ -60,9 +60,9 @@ Return to which endpoint should the super agent connect to get opamp data {{- /* -Return to which endpoint should the super agent ask to renew its token +Return to which endpoint should the agent control ask to renew its token */ -}} -{{- define "newrelic-super-agent.config.endpoints.tokenRenewal" -}} +{{- define "newrelic-agent-control.config.endpoints.tokenRenewal" -}} {{- $region := include "newrelic.common.region" . -}} {{- if eq $region "Staging" -}} @@ -82,9 +82,9 @@ Return to which endpoint should the super agent ask to renew its token {{- /* -Return to which endpoint should the super agent register its system identity +Return to which endpoint should the agent control register its system identity */ -}} -{{- define "newrelic-super-agent.config.endpoints.systemIdentityRegistration" -}} +{{- define "newrelic-agent-control.config.endpoints.systemIdentityRegistration" -}} {{- $region := include "newrelic.common.region" . -}} {{- if eq $region "Staging" -}} @@ -107,7 +107,7 @@ Return to which endpoint should the super agent register its system identity Builds the configuration from config on the values and add more config options like cluster name, licenses, and custom attributes */ -}} -{{- define "newrelic-super-agent.config.content" -}} +{{- define "newrelic-agent-control.config.content" -}} {{- /* TODO: There are a lot of TODOs to be made in this chart yet and some of them are going to impact the YAML that holds the config. @@ -124,9 +124,9 @@ If you need a list of TODOs, just `grep TODO` on the `values.yaml` and look for {{- /* Add opamp if enabled */ -}} {{- if ((.Values.config).opamp).enabled -}} - {{- $opamp := (dict "endpoint" (include "newrelic-super-agent.config.endpoints.opamp" .)) -}} + {{- $opamp := (dict "endpoint" (include "newrelic-agent-control.config.endpoints.opamp" .)) -}} - {{- $auth_config := dict "token_url" (include "newrelic-super-agent.config.endpoints.tokenRenewal" .) "provider" "local" "private_key_path" "/etc/newrelic-super-agent/keys/from-secret.key" -}} + {{- $auth_config := dict "token_url" (include "newrelic-agent-control.config.endpoints.tokenRenewal" .) "provider" "local" "private_key_path" "/etc/newrelic-agent-control/keys/from-secret.key" -}} {{- $opamp = mustMerge $opamp (dict "auth_config" $auth_config) -}} {{- $config = mustMerge $config (dict "opamp" $opamp) -}} @@ -134,20 +134,20 @@ If you need a list of TODOs, just `grep TODO` on the `values.yaml` and look for {{- /* Add subagents to the config */ -}} {{- $agents := dict -}} -{{- range $subagent, $object := (include "newrelic-super-agent.config.agents.yaml" . | fromYaml) -}} +{{- range $subagent, $object := (include "newrelic-agent-control.config.agents.yaml" . | fromYaml) -}} {{- $agents = mustMerge $agents (dict $subagent (dict "agent_type" $object.type)) -}} {{- end -}} {{- $config = mustMerge $config (dict "agents" $agents) -}} -{{- /* Overwrite $config with everything in `config.superAgent.content` if present */ -}} -{{- $config = mustMergeOverwrite $config (deepCopy (((.Values.config).superAgent).content | default dict)) -}} +{{- /* Overwrite $config with everything in `config.agentControl.content` if present */ -}} +{{- $config = mustMergeOverwrite $config (deepCopy (((.Values.config).agentControl).content | default dict)) -}} {{- $config | toYaml -}} {{- end -}} {{- /* These are the defaults that are used for all the containers in this chart */ -}} -{{- define "newrelic-super-agent.securityContext.containerDefaults" -}} +{{- define "newrelic-agent-control.securityContext.containerDefaults" -}} runAsUser: 1000 runAsGroup: 2000 allowPrivilegeEscalation: false @@ -157,8 +157,8 @@ readOnlyRootFilesystem: true {{- /* Allow to change pod defaults dynamically */ -}} -{{- define "newrelic-super-agent.securityContext.container" -}} -{{- $defaults := fromYaml ( include "newrelic-super-agent.securityContext.containerDefaults" . ) -}} +{{- define "newrelic-agent-control.securityContext.container" -}} +{{- $defaults := fromYaml ( include "newrelic-agent-control.securityContext.containerDefaults" . ) -}} {{- $commonLibrary := include "newrelic.common.securityContext.container" . | fromYaml -}} {{- if $commonLibrary -}} @@ -173,7 +173,7 @@ readOnlyRootFilesystem: true {{- /* Return .Values.config.auth.organizationId and fails if it does not exists */ -}} -{{- define "newrelic-super-agent.auth.organizationId" -}} +{{- define "newrelic-agent-control.auth.organizationId" -}} {{- if (((.Values.config).opamp).auth).organizationId -}} {{- .Values.config.opamp.auth.organizationId -}} {{- else -}} @@ -187,7 +187,7 @@ Return .Values.config.auth.organizationId and fails if it does not exists Check if .Values.config.auth.secret.name exists and use it to name auth' secret. If it does not exist, fallback to the name of the releases with "-auth" suffix. */ -}} -{{- define "newrelic-super-agent.auth.secret.name" -}} +{{- define "newrelic-agent-control.auth.secret.name" -}} {{- $secretName := (((((.Values.config).opamp).auth).secret).name) -}} {{- if $secretName -}} {{- $secretName -}} @@ -201,9 +201,9 @@ of the releases with "-auth" suffix. {{- /* Helper to toggle the creation of the job that creates and registers the system identity. */ -}} -{{- define "newrelic-super-agent.auth.secret.shouldRunJob" -}} -{{- $privateKey := include "newrelic-super-agent.auth.secret.privateKey.data" . -}} -{{- $clientId := include "newrelic-super-agent.auth.secret.clientId.data" . -}} +{{- define "newrelic-agent-control.auth.secret.shouldRunJob" -}} +{{- $privateKey := include "newrelic-agent-control.auth.secret.privateKey.data" . -}} +{{- $clientId := include "newrelic-agent-control.auth.secret.clientId.data" . -}} {{- if and ((.Values.config).opamp).enabled ((((.Values.config).opamp).auth).secret).create (not $privateKey) (not $clientId) -}} true @@ -215,10 +215,10 @@ Helper to toggle the creation of the job that creates and registers the system i {{- /* Helper to toggle the creation of the secret that has the system identity as values. */ -}} -{{- define "newrelic-super-agent.auth.secret.shouldTemplate" -}} +{{- define "newrelic-agent-control.auth.secret.shouldTemplate" -}} {{- if and ((.Values.config).opamp).enabled ((((.Values.config).opamp).auth).secret).create -}} - {{- $privateKey := include "newrelic-super-agent.auth.secret.privateKey.data" . -}} - {{- $clientId := include "newrelic-super-agent.auth.secret.clientId.data" . -}} + {{- $privateKey := include "newrelic-agent-control.auth.secret.privateKey.data" . -}} + {{- $clientId := include "newrelic-agent-control.auth.secret.clientId.data" . -}} {{- if and $privateKey $clientId -}} true @@ -234,7 +234,7 @@ Helper to toggle the creation of the secret that has the system identity as valu Check if .Values.config.auth.secret.private_key.secret_key exists and use it for the key in the secret containing the private key needed for the system identity. Fallbacks to `private_key`. */ -}} -{{- define "newrelic-super-agent.auth.secret.privateKey.key" -}} +{{- define "newrelic-agent-control.auth.secret.privateKey.key" -}} {{- $key := ((((((.Values.config).opamp).auth).secret).private_key).secret_key) -}} {{- if $key -}} {{- $key -}} @@ -249,7 +249,7 @@ key needed for the system identity. Fallbacks to `private_key`. Check if .Values.config.auth.secret.private_key.(plain_pem or base64_pem) exists and use it for as the private certificate for auth. If no ceritifcate is provided, it defaults to `""` (empty string) so this helper can be used directly as a test. */ -}} -{{- define "newrelic-super-agent.auth.secret.privateKey.data" -}} +{{- define "newrelic-agent-control.auth.secret.privateKey.data" -}} {{- $plain_pem := ((((((.Values.config).opamp).auth).secret).private_key).plain_pem) -}} {{- $base64_pem := ((((((.Values.config).opamp).auth).secret).private_key).base64_pem) -}} {{- if and $plain_pem $base64_pem -}} @@ -269,7 +269,7 @@ auth. If no ceritifcate is provided, it defaults to `""` (empty string) so this Check if .Values.config.auth.secret.client_id.secret_key exists and use it for the key in the secret containing the client id needed for the system identity. Fallbacks to `client_id`. */ -}} -{{- define "newrelic-super-agent.auth.secret.clientId.key" -}} +{{- define "newrelic-agent-control.auth.secret.clientId.key" -}} {{- $key := ((((((.Values.config).opamp).auth).secret).client_id).secret_key) -}} {{- if $key -}} {{- $key -}} @@ -284,7 +284,7 @@ needed for the system identity. Fallbacks to `client_id`. Check if .Values.config.auth.secret.client_id.(plain or base64) exists and use it for as the client id for auth. If no value is provided, it defaults to `""` (empty string) so this helper can be used directly as a test. */ -}} -{{- define "newrelic-super-agent.auth.secret.clientId.data" -}} +{{- define "newrelic-agent-control.auth.secret.clientId.data" -}} {{- $plain := ((((((.Values.config).opamp).auth).secret).client_id).plain) -}} {{- $base64 := ((((((.Values.config).opamp).auth).secret).client_id).base64) -}} {{- if and $plain $base64 -}} diff --git a/charts/super-agent/charts/super-agent-deployment/templates/configmap-superagent-config.yaml b/charts/agent-control/charts/agent-control-deployment/templates/configmap-agentcontrol-config.yaml similarity index 55% rename from charts/super-agent/charts/super-agent-deployment/templates/configmap-superagent-config.yaml rename to charts/agent-control/charts/agent-control-deployment/templates/configmap-agentcontrol-config.yaml index 621c3f5b8..37bb21788 100644 --- a/charts/super-agent/charts/super-agent-deployment/templates/configmap-superagent-config.yaml +++ b/charts/agent-control/charts/agent-control-deployment/templates/configmap-agentcontrol-config.yaml @@ -1,13 +1,13 @@ -{{- if .Values.config.superAgent.create -}} +{{- if .Values.config.agentControl.create -}} --- kind: ConfigMap metadata: - name: local-data-super-agent + name: local-data-agent-control namespace: {{ .Release.Namespace }} labels: {{- include "newrelic.common.labels" . | nindent 4 }} apiVersion: v1 data: local_config: | - {{- include "newrelic-super-agent.config.content" . | nindent 4 }} + {{- include "newrelic-agent-control.config.content" . | nindent 4 }} {{- end }} diff --git a/charts/super-agent/charts/super-agent-deployment/templates/configmap-subagent-configs.yaml b/charts/agent-control/charts/agent-control-deployment/templates/configmap-subagent-configs.yaml similarity index 81% rename from charts/super-agent/charts/super-agent-deployment/templates/configmap-subagent-configs.yaml rename to charts/agent-control/charts/agent-control-deployment/templates/configmap-subagent-configs.yaml index cf12cea3e..090fe843e 100644 --- a/charts/super-agent/charts/super-agent-deployment/templates/configmap-subagent-configs.yaml +++ b/charts/agent-control/charts/agent-control-deployment/templates/configmap-subagent-configs.yaml @@ -1,4 +1,4 @@ -{{- range $subAgentName, $subAgentConfig := (include "newrelic-super-agent.config.agents.yaml" . | fromYaml) -}} +{{- range $subAgentName, $subAgentConfig := (include "newrelic-agent-control.config.agents.yaml" . | fromYaml) -}} {{- $name := include "newrelic.common.naming.truncateToDNSWithSuffix" (dict "name" "local-data" "suffix" $subAgentName) }} --- kind: ConfigMap diff --git a/charts/super-agent/charts/super-agent-deployment/templates/deployment-superagent.yaml b/charts/agent-control/charts/agent-control-deployment/templates/deployment-agentcontrol.yaml similarity index 83% rename from charts/super-agent/charts/super-agent-deployment/templates/deployment-superagent.yaml rename to charts/agent-control/charts/agent-control-deployment/templates/deployment-agentcontrol.yaml index da7154c61..df2991add 100644 --- a/charts/super-agent/charts/super-agent-deployment/templates/deployment-superagent.yaml +++ b/charts/agent-control/charts/agent-control-deployment/templates/deployment-agentcontrol.yaml @@ -20,8 +20,8 @@ spec: This comment (and the mechanisim added in the PR when we left this comment) block the automatic upgrade feature. - See: charts/super-agent/charts/super-agent-deployment/templates/preinstall-job-register-system-identity.yaml */ -}} - checksum/agent-config: {{ include (print $.Template.BasePath "/configmap-superagent-config.yaml") . | sha256sum }} + See: charts/agent-control/charts/agent-control-deployment/templates/preinstall-job-register-system-identity.yaml */ -}} + checksum/agent-config: {{ include (print $.Template.BasePath "/configmap-agentcontrol-config.yaml") . | sha256sum }} checksum/subagent-config: {{ include (print $.Template.BasePath "/configmap-subagent-configs.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} @@ -56,7 +56,7 @@ spec: containers: - name: {{ .Chart.Name }} - {{- with include "newrelic-super-agent.securityContext.container" . | fromYaml }} + {{- with include "newrelic-agent-control.securityContext.container" . | fromYaml }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} @@ -68,8 +68,8 @@ spec: - name: NR_SA_OPAMP__AUTH_CONFIG__CLIENT_ID valueFrom: secretKeyRef: - name: {{ include "newrelic-super-agent.auth.secret.name" . }} - key: {{ include "newrelic-super-agent.auth.secret.clientId.key" . }} + name: {{ include "newrelic-agent-control.auth.secret.name" . }} + key: {{ include "newrelic-agent-control.auth.secret.clientId.key" . }} - name: NR_SA_OPAMP__HEADERS__API-KEY valueFrom: secretKeyRef: @@ -102,16 +102,16 @@ spec: # TODO: Probe the status server. volumeMounts: - - name: super-agent-config - mountPath: /etc/newrelic-super-agent + - name: agent-control-config + mountPath: /etc/newrelic-agent-control readOnly: true # TODO: when releasing we should check if this is still needed and/or if we need to persist the data. - - mountPath: /var/lib/newrelic-super-agent - name: var-lib-newrelic-super-agent + - mountPath: /var/lib/newrelic-agent-control + name: var-lib-newrelic-agent-control readOnly: false {{- if ((.Values.config).opamp).enabled }} - name: auth-secret-private-key - mountPath: "/etc/newrelic-super-agent/keys" + mountPath: "/etc/newrelic-agent-control/keys" readOnly: true {{- end }} {{- with .Values.extraVolumeMounts }} @@ -121,20 +121,20 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} volumes: - - name: super-agent-config + - name: agent-control-config configMap: - name: local-data-super-agent + name: local-data-agent-control items: - key: local_config path: config.yaml - - name: var-lib-newrelic-super-agent + - name: var-lib-newrelic-agent-control emptyDir: {} {{- if ((.Values.config).opamp).enabled }} - name: auth-secret-private-key secret: - secretName: {{ include "newrelic-super-agent.auth.secret.name" . }} + secretName: {{ include "newrelic-agent-control.auth.secret.name" . }} items: - - key: {{ include "newrelic-super-agent.auth.secret.privateKey.key" . }} + - key: {{ include "newrelic-agent-control.auth.secret.privateKey.key" . }} path: from-secret.key {{- end }} {{- with .Values.extraVolumes }} diff --git a/charts/super-agent/charts/super-agent-deployment/templates/preinstall-job-register-system-identity.yaml b/charts/agent-control/charts/agent-control-deployment/templates/preinstall-job-register-system-identity.yaml similarity index 92% rename from charts/super-agent/charts/super-agent-deployment/templates/preinstall-job-register-system-identity.yaml rename to charts/agent-control/charts/agent-control-deployment/templates/preinstall-job-register-system-identity.yaml index 8b1acd977..55ecee466 100644 --- a/charts/super-agent/charts/super-agent-deployment/templates/preinstall-job-register-system-identity.yaml +++ b/charts/agent-control/charts/agent-control-deployment/templates/preinstall-job-register-system-identity.yaml @@ -1,4 +1,4 @@ -{{- if include "newrelic-super-agent.auth.secret.shouldRunJob" . -}} +{{- if include "newrelic-agent-control.auth.secret.shouldRunJob" . -}} {{- /* User key secret is used only in the step that create the system identity. The secret that is created by the common-library does not allow to add annotations so the secret is removed @@ -65,8 +65,8 @@ spec: apk update apk add kubectl - echo Checking if the secret '{{ include "newrelic-super-agent.auth.secret.name" . }}' is already present in the cluster - if kubectl get secret {{ include "newrelic-super-agent.auth.secret.name" . }}; then + echo Checking if the secret '{{ include "newrelic-agent-control.auth.secret.name" . }}' is already present in the cluster + if kubectl get secret {{ include "newrelic-agent-control.auth.secret.name" . }}; then echo System identity already exists. Exiting gracefully... exit 0 fi @@ -84,7 +84,7 @@ spec: "mutation { systemIdentityCreate( name: \"System Identity for Kubernetes cluster '{{ include "newrelic.common.cluster" . }}'\", - organizationId: \"{{ include "newrelic-super-agent.auth.organizationId" . }}\", + organizationId: \"{{ include "newrelic-agent-control.auth.organizationId" . }}\", publicKey: \"'$(openssl enc -base64 -A -in "$TEMPORAL_FOLDER/pub")'\" ) { clientId, @@ -98,7 +98,7 @@ spec: -H "API-Key: $USER_KEY" \ -o "$TEMPORAL_FOLDER/response.json" \ --data @- \ - "{{ include "newrelic-super-agent.config.endpoints.systemIdentityRegistration" . }}" + "{{ include "newrelic-agent-control.config.endpoints.systemIdentityRegistration" . }}" ) if [ $HTTP_CODE -eq 200 ]; then break @@ -114,9 +114,9 @@ spec: exit 1 fi - echo Creating the secret '{{ include "newrelic-super-agent.auth.secret.name" . }}'... + echo Creating the secret '{{ include "newrelic-agent-control.auth.secret.name" . }}'... kubectl create secret generic --dry-run=client -o json \ - {{ include "newrelic-super-agent.auth.secret.name" . }} \ + {{ include "newrelic-agent-control.auth.secret.name" . }} \ --from-literal=CLIENT_ID=$(jq -r '.data.systemIdentityCreate.clientId' "$TEMPORAL_FOLDER/response.json") \ --from-file="private_key=$TEMPORAL_FOLDER/key" | \ jq '.metadata.labels |= {{ include "newrelic.common.labels" . | fromYaml | toJson }}' | \ diff --git a/charts/super-agent/charts/super-agent-deployment/templates/rbac.yaml b/charts/agent-control/charts/agent-control-deployment/templates/rbac.yaml similarity index 97% rename from charts/super-agent/charts/super-agent-deployment/templates/rbac.yaml rename to charts/agent-control/charts/agent-control-deployment/templates/rbac.yaml index 18ea14873..b82460048 100644 --- a/charts/super-agent/charts/super-agent-deployment/templates/rbac.yaml +++ b/charts/agent-control/charts/agent-control-deployment/templates/rbac.yaml @@ -66,7 +66,7 @@ rules: verbs: - delete resourceNames: - - {{ include "newrelic-super-agent.auth.secret.name" . }} + - {{ include "newrelic-agent-control.auth.secret.name" . }} --- apiVersion: rbac.authorization.k8s.io/v1 diff --git a/charts/agent-control/charts/agent-control-deployment/templates/secret-sa-auth.yaml b/charts/agent-control/charts/agent-control-deployment/templates/secret-sa-auth.yaml new file mode 100644 index 000000000..76a8dc29e --- /dev/null +++ b/charts/agent-control/charts/agent-control-deployment/templates/secret-sa-auth.yaml @@ -0,0 +1,13 @@ +{{- if include "newrelic-agent-control.auth.secret.shouldTemplate" . -}} +--- +kind: Secret +metadata: + name: {{ include "newrelic-agent-control.auth.secret.name" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "newrelic.common.labels" . | nindent 4 }} +apiVersion: v1 +data: + {{ include "newrelic-agent-control.auth.secret.privateKey.key" . }}: {{ include "newrelic-agent-control.auth.secret.privateKey.data" . }} + {{ include "newrelic-agent-control.auth.secret.clientId.key" . }}: {{ include "newrelic-agent-control.auth.secret.clientId.data" . }} +{{- end }} diff --git a/charts/super-agent/charts/super-agent-deployment/templates/secret.yaml b/charts/agent-control/charts/agent-control-deployment/templates/secret.yaml similarity index 100% rename from charts/super-agent/charts/super-agent-deployment/templates/secret.yaml rename to charts/agent-control/charts/agent-control-deployment/templates/secret.yaml diff --git a/charts/super-agent/charts/super-agent-deployment/templates/serviceaccount.yaml b/charts/agent-control/charts/agent-control-deployment/templates/serviceaccount.yaml similarity index 100% rename from charts/super-agent/charts/super-agent-deployment/templates/serviceaccount.yaml rename to charts/agent-control/charts/agent-control-deployment/templates/serviceaccount.yaml diff --git a/charts/super-agent/charts/super-agent-deployment/templates/uninstall-job.yaml b/charts/agent-control/charts/agent-control-deployment/templates/uninstall-job.yaml similarity index 84% rename from charts/super-agent/charts/super-agent-deployment/templates/uninstall-job.yaml rename to charts/agent-control/charts/agent-control-deployment/templates/uninstall-job.yaml index e63718c52..4e4a4da9a 100644 --- a/charts/super-agent/charts/super-agent-deployment/templates/uninstall-job.yaml +++ b/charts/agent-control/charts/agent-control-deployment/templates/uninstall-job.yaml @@ -1,10 +1,10 @@ {{- if .Values.cleanupManagedResources -}} {{- $uninstallJobName := include "newrelic.common.naming.truncateToDNSWithSuffix" ( dict "name" (include "newrelic.common.naming.fullname" .) "suffix" "deployment-uninstall" ) -}} {{- /* -The resources managed by the super-agent and the label selector are hardcoded on the super-agent. +The resources managed by the agent-control and the label selector are hardcoded on the agent-control. */ -}} {{- $saCRList := (list "helmreleases.helm.toolkit.fluxcd.io" "helmrepositories.source.toolkit.fluxcd.io") -}} -{{- $saResourcesLabelSelector := "app.kubernetes.io/managed-by=newrelic-super-agent" -}} +{{- $saResourcesLabelSelector := "app.kubernetes.io/managed-by=newrelic-agent-control" -}} {{- /* To understand why this job installs manifests instead of using Helm, read the comment at `job-manifests.yaml`. */ -}} @@ -36,18 +36,18 @@ spec: # We want to avoid having the SA recreating some of the resources we are deleting running this job kubectl scale deployment --replicas=0 {{ include "newrelic.common.naming.fullname" . }} -n {{ $.Release.Namespace }} --timeout=60s - # Delete the standard resources (configmaps) managed by the super-agent + # Delete the standard resources (configmaps) managed by the agent-control kubectl delete configmaps -n {{ .Release.Namespace }} -l {{ $saResourcesLabelSelector }} - # Delete the CRs managed by the super-agent if the corresponding CRDs exist + # Delete the CRs managed by the agent-control if the corresponding CRDs exist {{ range $i, $cr := $saCRList }} if kubectl api-resources -o name |grep {{ $cr }}; then kubectl -n {{ $.Release.Namespace }} delete {{ $cr }} -l {{ $saResourcesLabelSelector }} fi {{ end }} - {{- if include "newrelic-super-agent.auth.secret.shouldRunJob" . }} + {{- if include "newrelic-agent-control.auth.secret.shouldRunJob" . }} # Delete the secrets created in the cluster - kubectl -n {{ $.Release.Namespace }} delete secret {{ include "newrelic-super-agent.auth.secret.name" . }} + kubectl -n {{ $.Release.Namespace }} delete secret {{ include "newrelic-agent-control.auth.secret.name" . }} {{- end }} {{- end -}} diff --git a/charts/super-agent/charts/super-agent-deployment/tests/__snapshot__/.gitignore b/charts/agent-control/charts/agent-control-deployment/tests/__snapshot__/.gitignore similarity index 100% rename from charts/super-agent/charts/super-agent-deployment/tests/__snapshot__/.gitignore rename to charts/agent-control/charts/agent-control-deployment/tests/__snapshot__/.gitignore diff --git a/charts/super-agent/charts/super-agent-deployment/tests/auth_secret_test.yaml b/charts/agent-control/charts/agent-control-deployment/tests/auth_secret_test.yaml similarity index 74% rename from charts/super-agent/charts/super-agent-deployment/tests/auth_secret_test.yaml rename to charts/agent-control/charts/agent-control-deployment/tests/auth_secret_test.yaml index 64a708f3c..4974fde99 100644 --- a/charts/super-agent/charts/super-agent-deployment/tests/auth_secret_test.yaml +++ b/charts/agent-control/charts/agent-control-deployment/tests/auth_secret_test.yaml @@ -1,9 +1,9 @@ -suite: test super agent deployment's auth configurations +suite: test agent control deployment's auth configurations templates: - templates/secret-sa-auth.yaml - - templates/configmap-superagent-config.yaml + - templates/configmap-agentcontrol-config.yaml - templates/configmap-subagent-configs.yaml - - templates/deployment-superagent.yaml + - templates/deployment-agentcontrol.yaml release: name: my-release namespace: my-namespace @@ -21,41 +21,41 @@ tests: client_id: base64: dGVzdC1rZXk= asserts: - - template: templates/deployment-superagent.yaml + - template: templates/deployment-agentcontrol.yaml equal: path: spec.template.spec.containers[0].volumeMounts value: - - name: super-agent-config - mountPath: /etc/newrelic-super-agent + - name: agent-control-config + mountPath: /etc/newrelic-agent-control readOnly: true - - mountPath: /var/lib/newrelic-super-agent - name: var-lib-newrelic-super-agent + - mountPath: /var/lib/newrelic-agent-control + name: var-lib-newrelic-agent-control readOnly: false - - mountPath: /etc/newrelic-super-agent/keys + - mountPath: /etc/newrelic-agent-control/keys name: auth-secret-private-key readOnly: true - - template: templates/deployment-superagent.yaml + - template: templates/deployment-agentcontrol.yaml equal: path: spec.template.spec.volumes value: - - name: super-agent-config + - name: agent-control-config configMap: - name: local-data-super-agent + name: local-data-agent-control items: - key: local_config path: config.yaml - - name: var-lib-newrelic-super-agent + - name: var-lib-newrelic-agent-control emptyDir: {} - name: auth-secret-private-key secret: - secretName: my-release-super-agent-deployment-auth + secretName: my-release-agent-control-deployment-auth items: - key: private_key path: from-secret.key - template: templates/secret-sa-auth.yaml equal: path: metadata.name - value: my-release-super-agent-deployment-auth + value: my-release-agent-control-deployment-auth - template: templates/secret-sa-auth.yaml equal: path: data.private_key @@ -73,12 +73,12 @@ tests: auth: enable: false asserts: - - template: templates/deployment-superagent.yaml + - template: templates/deployment-agentcontrol.yaml notContains: path: spec.template.spec.containers[0].volumeMounts content: name: auth-secret-private-key - - template: templates/deployment-superagent.yaml + - template: templates/deployment-agentcontrol.yaml notContains: path: spec.template.spec.volumes content: diff --git a/charts/super-agent/charts/super-agent-deployment/tests/configmap_superagent_config_test.yaml b/charts/agent-control/charts/agent-control-deployment/tests/configmap_agentcontrol_config_test.yaml similarity index 82% rename from charts/super-agent/charts/super-agent-deployment/tests/configmap_superagent_config_test.yaml rename to charts/agent-control/charts/agent-control-deployment/tests/configmap_agentcontrol_config_test.yaml index a889a30cc..ddcfbd5e6 100644 --- a/charts/super-agent/charts/super-agent-deployment/tests/configmap_superagent_config_test.yaml +++ b/charts/agent-control/charts/agent-control-deployment/tests/configmap_agentcontrol_config_test.yaml @@ -1,14 +1,14 @@ -suite: super agent's config +suite: agent control's config templates: - - templates/configmap-superagent-config.yaml + - templates/configmap-agentcontrol-config.yaml release: name: my-release namespace: my-namespace tests: - - it: super agent's config can be disabled + - it: agent control's config can be disabled set: config: - superAgent: + agentControl: create: false asserts: - hasDocuments: @@ -33,11 +33,11 @@ tests: server: enabled: true - - it: super agent's config always include cluster_name, namespace and defaults + - it: agent control's config always include cluster_name, namespace and defaults set: cluster: my-cluster config: - superAgent: {} + agentControl: {} asserts: - equal: path: data["local_config"] @@ -50,18 +50,18 @@ tests: namespace: my-namespace opamp: auth_config: - private_key_path: /etc/newrelic-super-agent/keys/from-secret.key + private_key_path: /etc/newrelic-agent-control/keys/from-secret.key provider: local token_url: https://system-identity-oauth.service.newrelic.com/oauth2/token endpoint: https://opamp.service.newrelic.com/v1/opamp server: enabled: true - - it: super agent's config templates + - it: agent control's config templates set: cluster: my-cluster config: - superAgent: + agentControl: content: test: value test2: value2 @@ -77,7 +77,7 @@ tests: namespace: my-namespace opamp: auth_config: - private_key_path: /etc/newrelic-super-agent/keys/from-secret.key + private_key_path: /etc/newrelic-agent-control/keys/from-secret.key provider: local token_url: https://system-identity-oauth.service.newrelic.com/oauth2/token endpoint: https://opamp.service.newrelic.com/v1/opamp @@ -90,7 +90,7 @@ tests: set: cluster: my-cluster config: - superAgent: + agentControl: content: test: value test2: value2 @@ -109,7 +109,7 @@ tests: namespace: config-namespace opamp: auth_config: - private_key_path: /etc/newrelic-super-agent/keys/from-secret.key + private_key_path: /etc/newrelic-agent-control/keys/from-secret.key provider: local token_url: https://system-identity-oauth.service.newrelic.com/oauth2/token endpoint: https://opamp.service.newrelic.com/v1/opamp @@ -118,7 +118,7 @@ tests: test: value test2: value2 - - it: super agent's config always include cluster_name, namespace, defaults, and honor the EU endpoint. + - it: agent control's config always include cluster_name, namespace, defaults, and honor the EU endpoint. set: cluster: my-cluster region: eu @@ -134,15 +134,15 @@ tests: namespace: my-namespace opamp: auth_config: - private_key_path: /etc/newrelic-super-agent/keys/from-secret.key + private_key_path: /etc/newrelic-agent-control/keys/from-secret.key provider: local token_url: https://system-identity-oauth.service.newrelic.com/oauth2/token endpoint: https://opamp.service.eu.newrelic.com/v1/opamp server: enabled: true - - it: default config for super agent can be overridden - template: templates/configmap-superagent-config.yaml + - it: default config for agent control can be overridden + template: templates/configmap-agentcontrol-config.yaml set: cluster: my-cluster region: eu diff --git a/charts/super-agent/charts/super-agent-deployment/tests/configmap_fleet_configs_test.yaml b/charts/agent-control/charts/agent-control-deployment/tests/configmap_fleet_configs_test.yaml similarity index 100% rename from charts/super-agent/charts/super-agent-deployment/tests/configmap_fleet_configs_test.yaml rename to charts/agent-control/charts/agent-control-deployment/tests/configmap_fleet_configs_test.yaml diff --git a/charts/super-agent/charts/super-agent-deployment/tests/deployment_superagent_env_test.yaml b/charts/agent-control/charts/agent-control-deployment/tests/deployment_agentcontrol_env_test.yaml similarity index 78% rename from charts/super-agent/charts/super-agent-deployment/tests/deployment_superagent_env_test.yaml rename to charts/agent-control/charts/agent-control-deployment/tests/deployment_agentcontrol_env_test.yaml index 8a937ec24..140734d59 100644 --- a/charts/super-agent/charts/super-agent-deployment/tests/deployment_superagent_env_test.yaml +++ b/charts/agent-control/charts/agent-control-deployment/tests/deployment_agentcontrol_env_test.yaml @@ -1,7 +1,7 @@ -suite: test super agent deployment's env vars are injected +suite: test agent control deployment's env vars are injected templates: - - templates/deployment-superagent.yaml - - templates/configmap-superagent-config.yaml + - templates/deployment-agentcontrol.yaml + - templates/configmap-agentcontrol-config.yaml - templates/configmap-subagent-configs.yaml release: name: my-release @@ -19,8 +19,8 @@ tests: valueFrom: secretKeyRef: key: licenseKey - name: my-release-super-agent-deployment-license - template: templates/deployment-superagent.yaml + name: my-release-agent-control-deployment-license + template: templates/deployment-agentcontrol.yaml - it: license key gets added as env var from custom secret set: @@ -37,14 +37,14 @@ tests: secretKeyRef: key: custom-key name: custom-secret - template: templates/deployment-superagent.yaml + template: templates/deployment-agentcontrol.yaml - it: api-key config gets added as env var from secret set: cluster: test licenseKey: fake-license config: - superAgent: + agentControl: content: opamp: endpoint: test @@ -56,8 +56,8 @@ tests: valueFrom: secretKeyRef: key: licenseKey - name: my-release-super-agent-deployment-license - template: templates/deployment-superagent.yaml + name: my-release-agent-control-deployment-license + template: templates/deployment-agentcontrol.yaml - it: api-key config gets added as env var from custom secret set: @@ -66,7 +66,7 @@ tests: customSecretLicenseKey: "custom-key" region: us # With a custom secret we cannot know the region so we have to ask for it. config: - superAgent: + agentControl: content: opamp: endpoint: test @@ -79,7 +79,7 @@ tests: secretKeyRef: key: custom-key name: custom-secret - template: templates/deployment-superagent.yaml + template: templates/deployment-agentcontrol.yaml - it: cluster name added as env var set: cluster: test @@ -89,4 +89,4 @@ tests: content: name: NR_CLUSTER_NAME value: test - template: templates/deployment-superagent.yaml + template: templates/deployment-agentcontrol.yaml diff --git a/charts/super-agent/charts/super-agent-deployment/tests/deployment_superagent_securityContext_test.yaml b/charts/agent-control/charts/agent-control-deployment/tests/deployment_agentcontrol_securityContext_test.yaml similarity index 79% rename from charts/super-agent/charts/super-agent-deployment/tests/deployment_superagent_securityContext_test.yaml rename to charts/agent-control/charts/agent-control-deployment/tests/deployment_agentcontrol_securityContext_test.yaml index bedffdf8b..c9faf4c9f 100644 --- a/charts/super-agent/charts/super-agent-deployment/tests/deployment_superagent_securityContext_test.yaml +++ b/charts/agent-control/charts/agent-control-deployment/tests/deployment_agentcontrol_securityContext_test.yaml @@ -1,7 +1,7 @@ -suite: test super agent deployment's securityContext +suite: test agent control deployment's securityContext templates: - - templates/deployment-superagent.yaml - - templates/configmap-superagent-config.yaml + - templates/deployment-agentcontrol.yaml + - templates/configmap-agentcontrol-config.yaml - templates/configmap-subagent-configs.yaml tests: - it: securityContext.runAsUser is populated with defaults @@ -11,7 +11,7 @@ tests: - equal: path: spec.template.spec.containers[0].securityContext.runAsUser value: 1000 - template: templates/deployment-superagent.yaml + template: templates/deployment-agentcontrol.yaml - it: securityContext from the common library is templated set: @@ -26,7 +26,7 @@ tests: value: runAsUser: 200 runAsGroup: 2000 - template: templates/deployment-superagent.yaml + template: templates/deployment-agentcontrol.yaml - it: global securityContext is ignored if local value is present set: @@ -46,4 +46,4 @@ tests: allowPrivilegeEscalation: false readOnlyRootFilesystem: true runAsUser: 300 - template: templates/deployment-superagent.yaml + template: templates/deployment-agentcontrol.yaml diff --git a/charts/super-agent/charts/super-agent-deployment/tests/deployment_superagent_subagent_configs_test.yaml b/charts/agent-control/charts/agent-control-deployment/tests/deployment_agentcontrol_subagent_configs_test.yaml similarity index 63% rename from charts/super-agent/charts/super-agent-deployment/tests/deployment_superagent_subagent_configs_test.yaml rename to charts/agent-control/charts/agent-control-deployment/tests/deployment_agentcontrol_subagent_configs_test.yaml index 38768f56c..1a660ae42 100644 --- a/charts/super-agent/charts/super-agent-deployment/tests/deployment_superagent_subagent_configs_test.yaml +++ b/charts/agent-control/charts/agent-control-deployment/tests/deployment_agentcontrol_subagent_configs_test.yaml @@ -1,7 +1,7 @@ -suite: test super agent deployment's subagent configurations +suite: test agent control deployment's subagent configurations templates: - - templates/deployment-superagent.yaml - - templates/configmap-superagent-config.yaml + - templates/deployment-agentcontrol.yaml + - templates/configmap-agentcontrol-config.yaml - templates/configmap-subagent-configs.yaml release: name: my-release @@ -29,34 +29,34 @@ tests: aYAML: canI: HaveSomeYAML asserts: - - template: templates/deployment-superagent.yaml + - template: templates/deployment-agentcontrol.yaml equal: path: spec.template.spec.containers[0].volumeMounts value: - - name: super-agent-config - mountPath: /etc/newrelic-super-agent + - name: agent-control-config + mountPath: /etc/newrelic-agent-control readOnly: true - - mountPath: /var/lib/newrelic-super-agent - name: var-lib-newrelic-super-agent + - mountPath: /var/lib/newrelic-agent-control + name: var-lib-newrelic-agent-control readOnly: false - - mountPath: /etc/newrelic-super-agent/keys + - mountPath: /etc/newrelic-agent-control/keys name: auth-secret-private-key readOnly: true - - template: templates/deployment-superagent.yaml + - template: templates/deployment-agentcontrol.yaml equal: path: spec.template.spec.volumes value: - - name: super-agent-config + - name: agent-control-config configMap: - name: local-data-super-agent + name: local-data-agent-control items: - key: local_config path: config.yaml - - name: var-lib-newrelic-super-agent + - name: var-lib-newrelic-agent-control emptyDir: {} - name: auth-secret-private-key secret: - secretName: my-release-super-agent-deployment-auth + secretName: my-release-agent-control-deployment-auth items: - key: private_key path: from-secret.key diff --git a/charts/super-agent/charts/super-agent-deployment/tests/licenseKey_test.yaml b/charts/agent-control/charts/agent-control-deployment/tests/licenseKey_test.yaml similarity index 100% rename from charts/super-agent/charts/super-agent-deployment/tests/licenseKey_test.yaml rename to charts/agent-control/charts/agent-control-deployment/tests/licenseKey_test.yaml diff --git a/charts/super-agent/charts/super-agent-deployment/tests/preinstall_job_test.yaml b/charts/agent-control/charts/agent-control-deployment/tests/preinstall_job_test.yaml similarity index 100% rename from charts/super-agent/charts/super-agent-deployment/tests/preinstall_job_test.yaml rename to charts/agent-control/charts/agent-control-deployment/tests/preinstall_job_test.yaml diff --git a/charts/super-agent/charts/super-agent-deployment/tests/rbac_test.yaml b/charts/agent-control/charts/agent-control-deployment/tests/rbac_test.yaml similarity index 100% rename from charts/super-agent/charts/super-agent-deployment/tests/rbac_test.yaml rename to charts/agent-control/charts/agent-control-deployment/tests/rbac_test.yaml diff --git a/charts/super-agent/ci/test-values.yaml b/charts/agent-control/ci/test-values.yaml similarity index 92% rename from charts/super-agent/ci/test-values.yaml rename to charts/agent-control/ci/test-values.yaml index 1adfd5d73..459c20da1 100644 --- a/charts/super-agent/ci/test-values.yaml +++ b/charts/agent-control/ci/test-values.yaml @@ -2,7 +2,7 @@ global: cluster: sa-cluster licenseKey: test -super-agent-deployment: +agent-control-deployment: config: # There is no way to test the auth flow for now. Tests get stuck as the pre-install job cannot succeed to create a new system identity. # Until we have a better idea or we are able to create a fake oauth server, we have to disable opamp. diff --git a/charts/super-agent/tests/placeholder b/charts/agent-control/tests/placeholder similarity index 100% rename from charts/super-agent/tests/placeholder rename to charts/agent-control/tests/placeholder diff --git a/charts/super-agent/values.yaml b/charts/agent-control/values.yaml similarity index 89% rename from charts/super-agent/values.yaml rename to charts/agent-control/values.yaml index 688e3baff..b16232d32 100644 --- a/charts/super-agent/values.yaml +++ b/charts/agent-control/values.yaml @@ -3,10 +3,10 @@ nameOverride: "" # -- Override the full name of the release fullnameOverride: "" -# -- Values related to the super agent's Helm chart release. +# -- Values related to the agent control's Helm chart release. # @default -- See `values.yaml` -super-agent-deployment: - # -- Enable the installation of the Super Agent. This an advanced/debug flag. It should be always be true unless +agent-control-deployment: + # -- Enable the installation of the Agent Control. This an advanced/debug flag. It should be always be true unless # you know what you are going. enabled: true @@ -19,11 +19,11 @@ super-agent-deployment: # -- In case you don't want to have the license key in you values, this allows you to point to which secret key is the license key located. Can be configured also with `global.customSecretLicenseKey` customSecretLicenseKey: "" - # -- Image for the New Relic Super Agent + # -- Image for the New Relic Agent Control # @default -- See `values.yaml` image: registry: - repository: newrelic/newrelic-super-agent + repository: newrelic/newrelic-agent-control tag: 0.24.1 imagePullPolicy: IfNotPresent # -- The secrets that are needed to pull images from a custom registry. @@ -103,14 +103,14 @@ super-agent-deployment: # @default -- `false` verboseLog: - # -- Enable the cleanup of super-agent managed resources when the chart is uninstalled. - # If disabled, agents and/or agent configurations managed by the super-agent will not be deleted when the chart is uninstalled. + # -- Enable the cleanup of agent-control managed resources when the chart is uninstalled. + # If disabled, agents and/or agent configurations managed by the agent-control will not be deleted when the chart is uninstalled. cleanupManagedResources: true config: - # -- Configuration for the Super Agent. + # -- Configuration for the Agent Control. # @default -- See `values.yaml` - superAgent: + agentControl: # -- Set if the configMap is going to be created by this chart or the user will provide its own. create: true # -- Overrides the configuration that has been created automatically by the chart. @@ -174,9 +174,9 @@ super-agent-deployment: # -- Values for the Flux chat. Ref.: https://github.com/fluxcd-community/helm-charts/blob/flux2-2.10.2/charts/flux2/values.yaml # @default -- See `values.yaml` flux2: - # -- Enable or disable FluxCD installation. New Relic' Super Agent need Flux to work, but the user can use an already + # -- Enable or disable FluxCD installation. New Relic' Agent Control need Flux to work, but the user can use an already # existing Flux deployment. With that use case, the use can disable Flux and use this chart to only install the CRs - # to deploy the Super Agent. + # to deploy the Agent Control. enabled: true # -- The installation of the CRDs is managed by the chart itself. @@ -198,8 +198,8 @@ flux2: # manifests. The Helm release is defined in a CR ([Custom Resource](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/#custom-resources)) # named `HelmRelease` that the operator will reconcile on the apply, edit, or deletion of a `HelmRelease` resource. # - # New Relic' Super Agent will use this controller by creating `HelmRelease` CRs based in the configuration stored on - # OpAmp. This is the only controller that the Super Agent need for now, the other controllers are disabled by default. + # New Relic' Agent Control will use this controller by creating `HelmRelease` CRs based in the configuration stored on + # OpAmp. This is the only controller that the Agent Control need for now, the other controllers are disabled by default. # # On the other hand, user might want to leverage having FluxCD installed for their own purposes. Take a look to the # `values.yaml` to see how to enable other controllers. @@ -246,9 +246,9 @@ flux2: create: true createAggregation: true - # -- As we are using Flux as a tool from the super agent to release new workloads, we do not want Flux to listen to + # -- As we are using Flux as a tool from the agent control to release new workloads, we do not want Flux to listen to # all CRs created on the whole cluster. If the user does not want to use Flux and is only using it because of the - # super agent, this is the way to go so the cluster has deployed all operators needed by the super agent. But if the - # user want to use Flux for other purposes besides the super agent, this toggle can be used to allow Flux to work on + # agent control, this is the way to go so the cluster has deployed all operators needed by the agent control. But if the + # user want to use Flux for other purposes besides the agent control, this toggle can be used to allow Flux to work on # the whole cluster. watchAllNamespaces: false diff --git a/charts/super-agent/README.md b/charts/super-agent/README.md deleted file mode 100644 index 5b18a9a09..000000000 --- a/charts/super-agent/README.md +++ /dev/null @@ -1,104 +0,0 @@ -[![Community Plus header](https://github.com/newrelic/opensource-website/raw/master/src/images/categories/Community_Plus.png)](https://opensource.newrelic.com/oss-category/#community-plus) - -# super-agent - -Bootstraps New Relic' Super Agent - -# Helm installation - -You can install this chart using directly this Helm repository: - -```shell -helm repo add newrelic https://helm-charts.newrelic.com -helm upgrade --install super-agent newrelic/super-agent -f your-custom-values.yaml -``` - -## Values managed globally - -This chart implements the [New Relic's common Helm library](https://github.com/newrelic/helm-charts/tree/master/library/common-library) which -means that it honors a wide range of defaults and globals common to most New Relic Helm charts. - -> **Warning**: Note that the flux chart is not maintained by New Relic and thus does not support the `common-library`. Everything under the -`flux2` belongs to the upstream chart and does not honor the [New Relic's common Helm library](https://github.com/newrelic/helm-charts/tree/master/library/common-library). -> -> For a complete list of `values.yaml` of this chart you can refer to the [upstream chart's `values.yaml`](https://github.com/fluxcd-community/helm-charts/blob/flux2-2.10.2/charts/flux2/values.yaml). - -Options that can be defined globally include `affinity`, `nodeSelector`, `tolerations`, `proxy` and others. The full list can be found at -[user's guide of the common library](https://github.com/newrelic/helm-charts/blob/master/library/common-library/README.md). - -## Chart particularities - -> **TODO:** Here is where you should add particularities for this chart like what does the chart do with the privileged and -low data modes or any other quirk that it could have. - -As of the creation of the chart, it has no particularities and this section can be removed safely. - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| flux2 | object | See `values.yaml` | Values for the Flux chat. Ref.: https://github.com/fluxcd-community/helm-charts/blob/flux2-2.10.2/charts/flux2/values.yaml | -| flux2.clusterDomain | string | `"cluster.local"` | This is the domain name of the cluster. | -| flux2.enabled | bool | `true` | Enable or disable FluxCD installation. New Relic' Super Agent need Flux to work, but the user can use an already existing Flux deployment. With that use case, the use can disable Flux and use this chart to only install the CRs to deploy the Super Agent. | -| flux2.helmController | object | Enabled | Helm controller is a Kubernetes operator that allows to declaratively manage Helm chart releases with Kubernetes manifests. The Helm release is defined in a CR ([Custom Resource](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/#custom-resources)) named `HelmRelease` that the operator will reconcile on the apply, edit, or deletion of a `HelmRelease` resource. New Relic' Super Agent will use this controller by creating `HelmRelease` CRs based in the configuration stored on OpAmp. This is the only controller that the Super Agent need for now, the other controllers are disabled by default. On the other hand, user might want to leverage having FluxCD installed for their own purposes. Take a look to the `values.yaml` to see how to enable other controllers. | -| flux2.installCRDs | bool | `true` | The installation of the CRDs is managed by the chart itself. | -| flux2.rbac | object | Enabled (See `values.yaml`) | Create RBAC rules for FluxCD is able to deploy all kind of workloads on the cluster. | -| flux2.sourceController | object | Enabled | Source controller provides a way to fetch artifacts to the rest of controllers. The source API (which reference [can be read here](https://fluxcd.io/flux/components/source/api/v1/)) is used by admins and various automated operators to offload the Git, OCO, and Helm repositories management. | -| flux2.watchAllNamespaces | bool | `false` | As we are using Flux as a tool from the super agent to release new workloads, we do not want Flux to listen to all CRs created on the whole cluster. If the user does not want to use Flux and is only using it because of the super agent, this is the way to go so the cluster has deployed all operators needed by the super agent. But if the user want to use Flux for other purposes besides the super agent, this toggle can be used to allow Flux to work on the whole cluster. | -| fullnameOverride | string | `""` | Override the full name of the release | -| nameOverride | string | `""` | Override the name of the chart | -| super-agent-deployment | object | See `values.yaml` | Values related to the super agent's Helm chart release. | -| super-agent-deployment.affinity | object | `{}` | Sets pod/node affinities. Can be configured also with `global.affinity` | -| super-agent-deployment.cleanupManagedResources | bool | `true` | Enable the cleanup of super-agent managed resources when the chart is uninstalled. If disabled, agents and/or agent configurations managed by the super-agent will not be deleted when the chart is uninstalled. | -| super-agent-deployment.cluster | string | `""` | Name of the Kubernetes cluster monitored. Can be configured also with `global.cluster`. | -| super-agent-deployment.config.opamp.auth.organizationId | string | `""` | Organization ID where fleets will live. | -| super-agent-deployment.config.opamp.auth.secret.client_id.base64 | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as base64. This options is mutually exclusive with `plain`. | -| super-agent-deployment.config.opamp.auth.secret.client_id.plain | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set client ID directly as plain text. This options is mutually exclusive with `base64`. | -| super-agent-deployment.config.opamp.auth.secret.client_id.secret_key | string | `client_id` | Key inside the secret containing the client ID. | -| super-agent-deployment.config.opamp.auth.secret.name | string | release name suffixed with "-auth" | Name auth' secret provided by the user. If the creation of this secret is set to `true`, this is the same the secret will have. | -| super-agent-deployment.config.opamp.auth.secret.private_key.base64_pem | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as base64. This options is mutually exclusive with `plain_pem`. | -| super-agent-deployment.config.opamp.auth.secret.private_key.plain_pem | string | `nil` | In case `.config.auth.secret.create` is true, you can set these keys to set private key directly as plain text. This options is mutually exclusive with `base64_pem`. | -| super-agent-deployment.config.opamp.auth.secret.private_key.secret_key | string | `private_key` | Key inside the secret containing the private key. | -| super-agent-deployment.config.opamp.enabled | bool | `true` | Enables or disables the auth against fleet control. It implies to disable any fleet communication and running the agent in stand alone mode where only the agents specified on `.config.subAgents` will be launched. | -| super-agent-deployment.config.subAgents | string | `newrelic/io.opentelemetry.collector` (See `values.yaml`) | Values that the fleet is going to have in the deployment. If empty, chart will automatically add `newrelic/io.opentelemetry.collector` subagent. On the other hand, if populated the list of agent created is the one specified overwriting the default. | -| super-agent-deployment.config.superAgent | object | See `values.yaml` | Configuration for the Super Agent. | -| super-agent-deployment.config.superAgent.content | object | `{}` | Overrides the configuration that has been created automatically by the chart. This configuration here will be **MERGED** with the configuration specified above. If you need to have you own configuration, disabled the creation of this configMap and create your own. | -| super-agent-deployment.config.superAgent.create | bool | `true` | Set if the configMap is going to be created by this chart or the user will provide its own. | -| super-agent-deployment.containerSecurityContext | object | `{}` | Sets security context (at container level). Can be configured also with `global.containerSecurityContext` | -| super-agent-deployment.customAttributes | object | `{}` | TODO: Adds extra attributes to the cluster and all the metrics emitted to the backend. Can be configured also with `global.customAttributes` | -| super-agent-deployment.customSecretLicenseKey | string | `""` | In case you don't want to have the license key in you values, this allows you to point to which secret key is the license key located. Can be configured also with `global.customSecretLicenseKey` | -| super-agent-deployment.customSecretName | string | `""` | In case you don't want to have the license key in you values, this allows you to point to a user created secret to get the key from there. Can be configured also with `global.customSecretName` | -| super-agent-deployment.dnsConfig | object | `{}` | Sets pod's dnsConfig. Can be configured also with `global.dnsConfig` | -| super-agent-deployment.enabled | bool | `true` | Enable the installation of the Super Agent. This an advanced/debug flag. It should be always be true unless you know what you are going. | -| super-agent-deployment.extraEnv | list | `[]` | Add user environment variables to the agent | -| super-agent-deployment.extraEnvFrom | list | `[]` | Add user environment from configMaps or secrets as variables to the agent | -| super-agent-deployment.extraVolumeMounts | list | `[]` | Defines where to mount volumes specified with `extraVolumes` | -| super-agent-deployment.extraVolumes | list | `[]` | Volumes to mount in the containers | -| super-agent-deployment.fedramp.enabled | bool | `false` | TODO: Enables FedRAMP. Can be configured also with `global.fedramp.enabled` | -| super-agent-deployment.hostNetwork | bool | `false` | Sets pod's hostNetwork. Can be configured also with `global.hostNetwork` | -| super-agent-deployment.image | object | See `values.yaml` | Image for the New Relic Super Agent | -| super-agent-deployment.image.pullSecrets | list | `[]` | The secrets that are needed to pull images from a custom registry. | -| super-agent-deployment.labels | object | `{}` | Additional labels for chart objects. Can be configured also with `global.labels` | -| super-agent-deployment.licenseKey | string | `""` | This set this license key to use. Can be configured also with `global.licenseKey` | -| super-agent-deployment.nodeSelector | object | `{}` | Sets pod's node selector. Can be configured also with `global.nodeSelector` | -| super-agent-deployment.nrStaging | bool | `false` | Send the metrics to the staging backend. Requires a valid staging license key. Can be configured also with `global.nrStaging` | -| super-agent-deployment.podAnnotations | object | `{}` | Annotations to be added to all pods created by the integration. | -| super-agent-deployment.podLabels | object | `{}` | Additional labels for chart pods. Can be configured also with `global.podLabels` | -| super-agent-deployment.podSecurityContext | object | `{}` | Sets security context (at pod level). Can be configured also with `global.podSecurityContext` | -| super-agent-deployment.priorityClassName | string | `""` | Sets pod's priorityClassName. Can be configured also with `global.priorityClassName` | -| super-agent-deployment.proxy | string | `""` | TODO: Configures the integration to send all HTTP/HTTPS request through the proxy in that URL. The URL should have a standard format like `https://user:password@hostname:port`. Can be configured also with `global.proxy` | -| super-agent-deployment.rbac.create | bool | `true` | Whether the chart should automatically create the RBAC objects required to run. | -| super-agent-deployment.resources | object | `{}` | Resource limits to be added to all pods created by the integration. | -| super-agent-deployment.serviceAccount | object | See `values.yaml` | Settings controlling ServiceAccount creation. | -| super-agent-deployment.serviceAccount.create | bool | `true` | Whether the chart should automatically create the ServiceAccount objects required to run. | -| super-agent-deployment.tolerations | list | `[]` | Sets pod's tolerations to node taints. Can be configured also with `global.tolerations` | -| super-agent-deployment.verboseLog | bool | `false` | Sets the debug logs to this integration or all integrations if it is set globally. Can be configured also with `global.verboseLog` | - -## Maintainers - -* [alvarocabanas](https://github.com/alvarocabanas) -* [DavSanchez](https://github.com/DavSanchez) -* [gsanchezgavier](https://github.com/gsanchezgavier) -* [paologallinaharbur](https://github.com/paologallinaharbur) -* [rubenruizdegauna](https://github.com/rubenruizdegauna) -* [sigilioso](https://github.com/sigilioso) diff --git a/charts/super-agent/charts/super-agent-deployment/templates/secret-sa-auth.yaml b/charts/super-agent/charts/super-agent-deployment/templates/secret-sa-auth.yaml deleted file mode 100644 index 206058082..000000000 --- a/charts/super-agent/charts/super-agent-deployment/templates/secret-sa-auth.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if include "newrelic-super-agent.auth.secret.shouldTemplate" . -}} ---- -kind: Secret -metadata: - name: {{ include "newrelic-super-agent.auth.secret.name" . }} - namespace: {{ .Release.Namespace }} - labels: - {{- include "newrelic.common.labels" . | nindent 4 }} -apiVersion: v1 -data: - {{ include "newrelic-super-agent.auth.secret.privateKey.key" . }}: {{ include "newrelic-super-agent.auth.secret.privateKey.data" . }} - {{ include "newrelic-super-agent.auth.secret.clientId.key" . }}: {{ include "newrelic-super-agent.auth.secret.clientId.data" . }} -{{- end }}