Merge branch 'main' into gh-pages

# Conflicts:
#	index.yaml

.gitignore

@@ -1,2 +1,7 @@
 .DS_Store
 _build
+.vscode/
+.cr-release-packages/
+charts/cloudhealth-collector/charts/
+Chart.lock
+*.tgz

CODEOWNERS

@@ -1 +1 @@
-* @CloudHealth/team-cheapsk8s
+* @Cloudhealth/team-sudo

NOTICE

@@ -1,4 +1,4 @@
-Copyright 2021 VMware, Inc. 
+Copyright 2023 VMware, Inc. 
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

README.md

@@ -1,4 +1,4 @@
-<!-- Copyright 2021 VMware, Inc. -->
+<!-- Copyright 2023 VMware, Inc. -->
 <!-- SPDX-License-Identifier: Apache-2.0 -->
 # CloudHealth Kubernetes Collector Agent Helm Chart
 
@@ -10,7 +10,7 @@ To avail this functionality, use this helm chart to deploy the collector agent i
 
 ```console
 $ helm repo add cloudhealth https://cloudhealth.github.io/helm/
-$ helm install cloudhealth-collector --set apiToken=<Unique Customer API Token>,clusterName=<Cluster Name> cloudhealth/cloudhealth-collector
+$ helm install cloudhealth-collector --set apiToken=<Unique Customer API Token>,clusterName=<Cluster Name>,chtEndpointPrefix=<Cloudhealth Endpoint Prefix> cloudhealth/cloudhealth-collector
 ```
 
 ## Getting Started
@@ -25,18 +25,18 @@ Use the helm chart to deploy the CloudHealth Collector into each [Kubernetes](ht
 
 ## Installing the Chart
 
-To install the chart with the release name `cloudhealth-collector`, run the following command:
+To install the chart with the release name `cloudhealth-collector` in a particular namespace `<target_namespace>` (create if it does not exist), run the following commands:
 
 ```console
 $ helm repo add cloudhealth https://cloudhealth.github.io/helm/
-$ helm install cloudhealth-collector --set apiToken=<Unique Customer API Token>,clusterName=<Cluster Name> cloudhealth/cloudhealth-collector
+$ helm install cloudhealth-collector -n <target_namespace> --create-namespace --set apiToken=<Unique Customer API Token>,clusterName=<Cluster Name>,chtEndpointPrefix=<Cloudhealth Endpoint Prefix> cloudhealth/cloudhealth-collector --debug
 ```
 
-To install the chart with the release name `cloudhealth-collector` in a particular namespace `<target_namespace>`, run the following commands:
+To install the chart with the release name `cloudhealth-collector` in `default` namespace, run the following command:
 
 ```console
 $ helm repo add cloudhealth https://cloudhealth.github.io/helm/
-$ helm install cloudhealth-collector -n <target_namespace> --set apiToken=<Unique Customer API Token>,clusterName=<Cluster Name> cloudhealth/cloudhealth-collector
+$ helm install cloudhealth-collector --set apiToken=<Unique Customer API Token>,clusterName=<Cluster Name>,chtEndpointPrefix=<Cloudhealth Endpoint Prefix> cloudhealth/cloudhealth-collector
 ```
 
 The `apiToken` is required for `cloudhealth-collector` to work and should be either set while running helm install command as in the example above or in a secret object with the following data structure:
@@ -69,33 +69,32 @@ $ helm repo remove cloudhealth
 
 ### Required parameters
 
-| Name             | Description                                              | Value    |
-| ---------------- | -------------------------------------------------------- | -------- |
-| `clusterName`    | Name of the cluster to be shown on the CloudHealth UI    | `""`     |
+| Name          | Description                                           | Value    |
+|---------------|-------------------------------------------------------| -------- |
+| `clusterName` | Name of the cluster to be shown on the CloudHealth UI | `""`     |
 
 
 ### Other parameters
 
 | Name                        | Description                                                                                       | Value                             |
-| --------------------------- | ------------------------------------------------------------------------------------------------- | --------------------------------- |
+|-----------------------------|---------------------------------------------------------------------------------------------------|-----------------------------------|
 | `apiToken`                  | Unique Customer API Token provided by CloudHealth                                                 | `""`                              |
+| `chtEndpointPrefix`         | CloudHealth Endpoint prefix provided by CloudHealth                                               | `use1`                            |
 | `image.repository`          | CloudHealth Collector image repository                                                            | `cloudhealth/container-collector` |
-| `image.tag`                 | CloudHealth Collector image tag                                                                   | `1203`                          |
-| `image.pullPolicy`          | CloudHealth Collector image pull policy                                                           | `IfNotPresent`                          |
+| `image.tag`                 | CloudHealth Collector image tag                                                                   | `1398`                            |
+| `image.pullPolicy`          | CloudHealth Collector image pull policy                                                           | `IfNotPresent`                    |
 | `image.pullSecrets`         | CloudHealth Collector image pull secrets                                                          | `[]`                              |
-| `replicaCount`              | Number of CloudHealth Collector replicas to deploy                                                | `1`                               |
 | `resources.limits.cpu`      | The CPU limits for CloudHealth Collector containers                                               | `1000m`                           |
 | `resources.requests.cpu`    | The requested CPU for CloudHealth Collector containers                                            | `500m`                            |
 | `resources.limits.memory`   | The Memory limits for CloudHealth Collector containers                                            | `1024Mi`                          |
 | `resources.requests.memory` | The requested Memory for CloudHealth Collector containers                                         | `512Mi`                           |
 | `nameOverride`              | String to override common.names.fullname                                                          | `""`                              |
 | `fullnameOverride`          | String to fully override common.names.fullname                                                    | `""`                              |
 | `secretName`                | Kubernetes secret name created to store CloudHealth API Token & Secret                            | `cloudhealth-config`              |
-| `service.type`              | CloudHealth Collector UI Service Type                                                             | `ClusterIP`                       |
-| `service.port`              | CloudHealth Collector UI Service Type                                                             | `80`                              |
 | `podAnnotations`            | Additional pod annotations                                                                        | `{}`                              |
 | `podSecurityContext`        | Enable security context for CloudHealth Collector pods                                            | `{}`                              |
 | `securityContext`           | Enable security context for CloudHealth Collector                                                 | `{}`                              |
+| `hostNetwork`               | Run collector pod on Host Network                                                                 | `false`                           |
 | `affinity`                  | Affinity for pod assignment                                                                       | `{}`                              |
 | `nodeSelector`              | Node labels for pod assignment                                                                    | `{}`                              |
 | `tolerations`               | Tolerations for pod assignment                                                                    | `[]`                              |
@@ -106,7 +105,7 @@ $ helm repo remove cloudhealth
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, the following command sets the CloudHealth Collector API Token to `sample_token` and sets the cluster name to `mega-cluster`.
 
 ```console
-$ helm install cloudhealth-collector --set apiToken=sample_token,clusterName=mega-cluster cloudhealth/cloudhealth-collector
+$ helm install cloudhealth-collector --set apiToken=sample_token,clusterName=mega-cluster,chtEndpointPrefix=use1 cloudhealth/cloudhealth-collector
 ```
 
 Example with `customEnvVars`
@@ -120,7 +119,7 @@ You can also use YAML file to specify the parameters while installing the chart.
 $ helm install cloudhealth-collector -f values.yaml cloudhealth/cloudhealth-collector
 ```
 
-> **Tip**: You can use the default [values.yaml](cloudhealth-collector/values.yaml)
+> **Tip**: You can use the default [values.yaml](charts/cloudhealth-collector/values.yaml)
 
 ## Troubleshooting
 

cloudhealth-collector/.helmignore → charts/cloudhealth-collector/.helmignore

@@ -1,4 +1,4 @@
-# Copyright 2021 VMware, Inc.
+# Copyright 2023 VMware, Inc.
 # SPDX-License-Identifier: Apache-2.0
 
 # Patterns to ignore when building packages.

cloudhealth-collector/Chart.yaml → charts/cloudhealth-collector/Chart.yaml

@@ -1,15 +1,18 @@
-# Copyright 2021 VMware, Inc.
+# Copyright 2023 VMware, Inc.
 # SPDX-License-Identifier: Apache-2.0
 
 apiVersion: v2
 name: cloudhealth-collector
 description: A Helm chart for CloudHealth's Kubernetes Collector Agent
 type: application
-version: 2.0.9
-appVersion: "3.2.5"
+version: 4.6.5
+appVersion: "7.2.0"
 home: https://cloudhealth.vmware.com/
+icon: https://d1fto35gcfffzn.cloudfront.net/images/Tanzu-Logomark.svg
 sources:
 - https://github.com/CloudHealth/helm
 maintainers:
   - name: CloudHealth Team
-    email: cht-core-containers@groups.vmware.com
+    email: cht-core-containers.pdl@broadcom.com
+annotations:
+  category: Cost

charts/cloudhealth-collector/NOTES.txt

@@ -0,0 +1,33 @@
+Some commands for developers to work with:
+
+helm repo add cloudhealth https://cloudhealth.github.io/helm/
+
+
+To dry-run the helm chart:
+
+helm install cloudhealth-collector --debug --dry-run --set apiToken=$CHT_API_TOKEN,clusterName=$CHT_CLUSTER_NAME,chtEndpointPrefix=$CHT_ENDPOINT_PREFIX cloudhealth/cloudhealth-collector
+
+
+To install helm for local collection dev testing:
+
+helm install cloudhealth-collector --set apiToken=$CHT_API_TOKEN,clusterName=$CHT_CLUSTER_NAME,chtEndpointPrefix=$CHT_ENDPOINT_PREFIX --set devArgs="\['upload_k8s_state_v4'\,'--verbose'\,'--endpoint'\,'http://<your_ip_address>:9292'\]" cloudhealth/cloudhealth-collector
+
+helm upgrade cloudhealth-collector -n dmz --set apiToken=$CHT_API_TOKEN,clusterName=$CHT_CLUSTER_NAME,chtEndpointPrefix=$CHT_ENDPOINT_PREFIX --set devArgs="\['upload_k8s_state_v4'\,'--verbose'\]" cloudhealth/cloudhealth-collector
+
+helm install cloudhealth-collector --set apiToken=$CHT_API_TOKEN,clusterName=$CHT_CLUSTER_NAME,chtEndpointPrefix=$CHT_ENDPOINT_PREFIX,image.repository=cloudhealth/container-collector-dev cloudhealth/cloudhealth-collector
+
+
+helm install cloudhealth-collector --set apiToken=$CHT_API_TOKEN,clusterName=$CHT_CLUSTER_NAME,chtEndpointPrefix=$CHT_ENDPOINT_PREFIX,image.repository=latest-libs,image.pullPolicy=Never --set devArgs="\['upload_k8s_state_v4'\,'--verbose'\,'--endpoint'\,'http://<your_ip_address>:9292'\]" cloudhealth/cloudhealth-collector
+
+helm install cloudhealth-collector --set apiToken=$CHT_API_TOKEN,clusterName=$CHT_CLUSTER_NAME,chtEndpointPrefix=$CHT_ENDPOINT_PREFIX,image.repository=metrics-collector-1,image.pullPolicy=Never --set devArgs="\['upload_k8s_state_v4'\,'--verbose'\,'--endpoint'\,'http://<your_ip_address>:9292'\]" cloudhealth/cloudhealth-collector
+helm install cloudhealth-collector --set apiToken=$CHT_API_TOKEN,clusterName=$CHT_CLUSTER_NAME,chtEndpointPrefix=$CHT_ENDPOINT_PREFIX,image.repository=latest-libs-1,image.pullPolicy=Never --set devArgs="\['upload_k8s_state_v4'\,'--verbose'\,'--endpoint'\,'http://<your_ip_address>:9292'\]" cloudhealth/cloudhealth-collector
+
+
+--set "customEnvVars[0].name=ENV4" --set "customEnvVars[0].value=VALUE4"
+
+upload_k8s_state_v4 --verbose --endpoint http://<your_ip_address>:9292
+
+
+helm install cloudhealth-collector --debug --dry-run --set apiToken=$CHT_API_TOKEN,clusterName=$CHT_CLUSTER_NAME,chtEndpointPrefix=$CHT_ENDPOINT_PREFIX,image.repository=latest-libs-06-13-3,image.pullPolicy=Never --set devArgs="\['upload_k8s_state_v4'\,'--verbose'\,'--endpoint'\,'http://<your_ip_address>:9292'\]",podSecurityContext.fsGroup=2000,containerSecurityContext.readOnlyRootFilesystem=true,containerSecurityContext.runAsNonRoot=true,containerSecurityContext.runAsUser=1000,containerSecurityContext.capabilities.drop={ALL} ./cloudhealth-collector-1.1.3.tgz
+
+helm install cloudhealth-collector --debug --dry-run --set apiToken=$CHT_API_TOKEN,clusterName=$CHT_CLUSTER_NAME,chtEndpointPrefix=$CHT_ENDPOINT_PREFIX,image.repository=latest-libs-06-13-3,image.pullPolicy=Never --set devArgs="\['upload_k8s_state_v4'\,'--verbose'\,'--endpoint'\,'http://<your_ip_address>:9292'\]" --set "customEnvVars[0].name=ENV4" --set "customEnvVars[0].value=VALUE4" --set serviceAccount.name=sample_service_account ./cloudhealth-collector-1.1.2.tgz

cloudhealth-collector/templates/_helpers.tpl → charts/cloudhealth-collector/templates/_helpers.tpl

@@ -1,4 +1,4 @@
-{{/* Copyright 2021 VMware, Inc. */}}
+{{/* Copyright 2023 VMware, Inc. */}}
 {{/* SPDX-License-Identifier: Apache-2.0 */}}
 
 {{/*

cloudhealth-collector/templates/clusterrole.yaml → charts/cloudhealth-collector/templates/clusterrole.yaml

@@ -1,5 +1,5 @@
 {{- /*
-Copyright 2021 VMware, Inc.
+Copyright 2023 VMware, Inc.
 SPDX-License-Identifier: Apache-2.0
 */}}
 
@@ -11,7 +11,7 @@ metadata:
     {{- include "cloudhealth-collector.labels" . | nindent 4 }}
 rules:
 - apiGroups: [""]
-  resources: ["pods", "nodes", "namespaces", "services", "resourcequotas", "limitranges"]
+  resources: ["pods", "nodes", "namespaces", "services", "resourcequotas", "limitranges", "persistentvolumes", "persistentvolumeclaims"]
   verbs: ["get", "list"]
 - apiGroups: ["metrics.k8s.io"]
   resources: ["pods", "nodes"]
@@ -22,3 +22,6 @@ rules:
 - apiGroups: ["batch"]
   resources: ["cronjobs", "jobs"]
   verbs: ["get", "list"]
+- apiGroups: ["networking.k8s.io"]
+  resources: ["ingresses"]
+  verbs: ["get", "list"]

cloudhealth-collector/templates/clusterrolebinding.yaml → charts/cloudhealth-collector/templates/clusterrolebinding.yaml

@@ -1,9 +1,8 @@
 {{- /*
-Copyright 2021 VMware, Inc.
+Copyright 2023 VMware, Inc.
 SPDX-License-Identifier: Apache-2.0
 */}}
 
-{{- if .Values.rbac.create -}}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
@@ -18,4 +17,3 @@ roleRef:
   kind: ClusterRole
   name: {{ include "cloudhealth-collector.fullname" . }}
   apiGroup: rbac.authorization.k8s.io
-{{- end }}

cloudhealth-collector/templates/deployment.yaml → charts/cloudhealth-collector/templates/deployment.yaml

@@ -1,5 +1,5 @@
 {{- /*
-Copyright 2021 VMware, Inc.
+Copyright 2023 VMware, Inc.
 SPDX-License-Identifier: Apache-2.0
 */}}
 
@@ -9,10 +9,12 @@ metadata:
   name: {{ include "cloudhealth-collector.fullname" . }}
   labels:
     {{- include "cloudhealth-collector.labels" . | nindent 4 }}
-spec:
-  {{- if not .Values.autoscaling.enabled }}
-  replicas: {{ .Values.replicaCount }}
+  {{- with .Values.deployAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
   {{- end }}
+spec:
+  replicas: 1
   selector:
     matchLabels:
       {{- include "cloudhealth-collector.selectorLabels" . | nindent 6 }}
@@ -26,8 +28,30 @@ spec:
         {{- include "cloudhealth-collector.labels" . | nindent 8 }}
     spec:
       serviceAccountName: {{ include "cloudhealth-collector.serviceAccountName" . }}
-      {{- with .Values.podSecurityContext }} 
-      securityContext: {{- toYaml . | nindent 8 }} 
+      {{- with .Values.podSecurityContext }}
+      securityContext: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      priorityClassName: {{ .Values.priorityClassName }}
+      hostNetwork: {{ .Values.hostNetwork }}
+      {{- if .Values.proxy.sslCert }}
+      initContainers:
+        - name: "{{ .Chart.Name }}-pem-to-truststore"
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          env:
+            - name: ca_bundle
+              value: {{ .Values.proxy.caBundlePath }}
+            - name: truststore_jks
+              value: {{ .Values.proxy.truststorePath }}
+            - name: truststore_pwd
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "cloudhealth-collector.secretName" . }}
+                  key: certPassword    
+          command: ['/bin/bash']
+          args: ['-c', "csplit -z -f crt- $ca_bundle '/-----BEGIN CERTIFICATE-----/' '{*}' && for file in crt-*; do keytool -import -noprompt -keystore $truststore_jks -file $file -storepass $truststore_pwd -alias service-$file; done"]
+          volumeMounts:
+            - name: truststore-volume
+              mountPath: /etc/ssl/certs 
       {{- end }}
       containers:
         - name: {{ .Chart.Name }}
@@ -44,13 +68,13 @@ spec:
             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
             failureThreshold: {{ .Values.liveness.failureThreshold }}
             periodSeconds: {{ .Values.liveness.periodSeconds }}
-          {{- with .Values.containerSecurityContext }} 
-          securityContext: {{- toYaml . | nindent 12 }} 
+          {{- with .Values.containerSecurityContext }}
+          securityContext: {{- toYaml . | nindent 12 }}
           {{- end }}
           {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }}
-          volumeMounts: 
-            - mountPath: /tmp 
-              name: tmpfs 
+          volumeMounts:
+            - mountPath: /tmp
+              name: tmpfs
           {{- end }}
           env:
             - name: CHT_API_TOKEN
@@ -60,27 +84,33 @@ spec:
                   key: apiToken
             - name: CHT_CLUSTER_NAME
               value: {{.Values.clusterName | required "A valid clusterName required!" | quote }}
+            - name: CHT_ENDPOINT_PREFIX
+              value: {{.Values.chtEndpointPrefix | default "use1" }}
             - name: CHT_INTERVAL
               value: {{ .Values.collectionIntervalSecs | quote }}
             - name: CHT_JVM_MEM
               value: {{ .Values.jvmMemory }}
+            {{- if .Values.proxy.sslCert }}
+            - name: JAVA_OPTS
+              value: {{ .Values.proxy.params }}
+            {{- end }}
             {{- range .Values.customEnvVars}}
             - name: {{ .name }}
               value: {{ .value }}
             {{- end }}
           args: {{ .Values.devArgs }}
-      {{- with .Values.nodeSelector }}
 
       # Modify /etc/resolv.conf ndots
       {{ if .Values.dnsConfig }}
-          dnsConfig:
+      dnsConfig:
       {{- if .Values.dnsConfig.ndots }}
-            options:
-              - name: ndots
-                value: {{ .Values.dnsConfig.ndots | quote}}
+        options:
+          - name: ndots
+            value: {{ .Values.dnsConfig.ndots | quote}}
       {{- end }}
       {{- end }}
 
+      {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
       {{- end }}
@@ -92,8 +122,13 @@ spec:
       tolerations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
-      {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }} 
-      volumes: 
-        - name: tmpfs 
-          emptyDir: {} 
+      {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }}
+      volumes:
+        - name: tmpfs
+          emptyDir:
+            sizeLimit: 500Mi
+        {{- if .Values.proxy.sslCert }}
+        - name: truststore-volume
+          emptyDir: {}
+        {{- end }}
       {{- end }}

cloudhealth-collector/templates/secrets.yaml → charts/cloudhealth-collector/templates/secrets.yaml

@@ -1,5 +1,5 @@
 {{- /*
-Copyright 2021 VMware, Inc.
+Copyright 2023 VMware, Inc.
 SPDX-License-Identifier: Apache-2.0
 */}}
 
@@ -13,4 +13,7 @@ metadata:
 type: Opaque
 data:
   apiToken:  {{ .Values.apiToken | b64enc | quote }}
+  {{- if .Values.proxy.sslCert }}
+  certPassword:  {{ .Values.proxy.certPassword | quote }}
+  {{- end }}
 {{- end }}

cloudhealth-collector/templates/serviceaccount.yaml → charts/cloudhealth-collector/templates/serviceaccount.yaml

@@ -1,5 +1,5 @@
 {{- /*
-Copyright 2021 VMware, Inc.
+Copyright 2023 VMware, Inc.
 SPDX-License-Identifier: Apache-2.0
 */}}