From 8d6b2d133c8b4a000b247feacf1678426d7746f4 Mon Sep 17 00:00:00 2001
From: Tobias Ollmann <tobias.ollmann@instahelp.me>
Date: Tue, 8 Oct 2024 13:54:28 +0200
Subject: [PATCH] feat: allow to use prometheus credentials from helm chart

---
 livekit-server/templates/_helpers.tpl            | 16 ++++++++++++++++
 livekit-server/templates/deployment.yaml         |  6 +++---
 livekit-server/templates/service.yaml            |  4 ++--
 livekit-server/templates/servicemonitor.yaml     | 11 ++++++++++-
 .../templates/servicemonitorsecret.yaml          | 11 +++++++++++
 livekit-server/values.yaml                       |  4 ++++
 6 files changed, 46 insertions(+), 6 deletions(-)
 create mode 100644 livekit-server/templates/servicemonitorsecret.yaml

diff --git a/livekit-server/templates/_helpers.tpl b/livekit-server/templates/_helpers.tpl
index e136477..7de8a93 100644
--- a/livekit-server/templates/_helpers.tpl
+++ b/livekit-server/templates/_helpers.tpl
@@ -71,3 +71,19 @@ Create the name of the service monitor to use
 {{- default "default" .Values.serviceMonitor.name }}
 {{- end }}
 {{- end }}
+
+{{/*
+Create the name of the service monitor secret to use
+*/}}
+{{- define "livekit-server.serviceMonitorSecretName" -}}
+{{- default (print (include "livekit-server.fullname" .) "-service-monitor-secret") .Values.serviceMonitor.secretName }}
+{{- end }}
+
+{{/*
+Load prometheus port from old or new config
+*/}}
+{{- define "livekit-server.prometheus_port" -}}
+{{- if or .Values.livekit.prometheus_port (and .Values.livekit.prometheus .Values.livekit.prometheus.port) }}
+{{- default .Values.livekit.prometheus_port .Values.livekit.prometheus.port }}
+{{- end }}
+{{- end }}
diff --git a/livekit-server/templates/deployment.yaml b/livekit-server/templates/deployment.yaml
index 7b35cee..a61aa28 100644
--- a/livekit-server/templates/deployment.yaml
+++ b/livekit-server/templates/deployment.yaml
@@ -76,10 +76,10 @@ spec:
               hostPort: {{ .Values.livekit.rtc.tcp_port }}
               protocol: TCP
             {{- end }}
-            {{- if .Values.livekit.prometheus_port }}
+            {{- if (include "livekit-server.prometheus_port" .) }}
             - name: metrics
-              containerPort: {{ .Values.livekit.prometheus_port }}
-              hostPort: {{ .Values.livekit.prometheus_port }}
+              containerPort: {{ include "livekit-server.prometheus_port" . }}
+              hostPort: {{ include "livekit-server.prometheus_port" . }}
               protocol: TCP
             {{- end }}
             {{- if .Values.livekit.turn.enabled }}
diff --git a/livekit-server/templates/service.yaml b/livekit-server/templates/service.yaml
index 6601943..dd354f0 100644
--- a/livekit-server/templates/service.yaml
+++ b/livekit-server/templates/service.yaml
@@ -40,8 +40,8 @@ spec:
       protocol: UDP
       targetPort: rtc-udp
     {{- end }}
-    {{- if .Values.livekit.prometheus_port }}
-    - port: {{ .Values.livekit.prometheus_port }}
+    {{- if (include "livekit-server.prometheus_port" .) }}
+    - port: {{ include "livekit-server.prometheus_port" . }}
       targetPort: metrics
       protocol: TCP
       name: metrics
diff --git a/livekit-server/templates/servicemonitor.yaml b/livekit-server/templates/servicemonitor.yaml
index 73b62a9..c1d9685 100644
--- a/livekit-server/templates/servicemonitor.yaml
+++ b/livekit-server/templates/servicemonitor.yaml
@@ -1,4 +1,4 @@
-{{- if and .Values.serviceMonitor.create .Values.livekit.prometheus_port -}}
+{{- if and .Values.serviceMonitor.create (include "livekit-server.prometheus_port" .) -}}
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
@@ -14,6 +14,15 @@ spec:
     - port: metrics
       path: /
       interval: {{ .Values.serviceMonitor.interval }}
+      {{- if and .Values.livekit.prometheus.username .Values.livekit.prometheus.password }}
+      basicAuth:
+        password:
+          name: {{ include "livekit-server.serviceMonitorSecretName" . }}
+          key: password
+        username:
+          name: {{ include "livekit-server.serviceMonitorSecretName" . }}
+          key: username
+      {{- end }}
   selector:
     matchLabels:
       {{- include "livekit-server.selectorLabels" . | nindent 6 }}
diff --git a/livekit-server/templates/servicemonitorsecret.yaml b/livekit-server/templates/servicemonitorsecret.yaml
new file mode 100644
index 0000000..84df29e
--- /dev/null
+++ b/livekit-server/templates/servicemonitorsecret.yaml
@@ -0,0 +1,11 @@
+{{- if and .Values.serviceMonitor.create .Values.livekit.prometheus .Values.livekit.prometheus.username .Values.livekit.prometheus.password }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "livekit-server.serviceMonitorSecretName" . }}
+  labels:
+    {{- include "livekit-server.labels" . | nindent 4 }}
+data:
+    username: {{ .Values.livekit.prometheus.username | b64enc }}
+    password: {{ .Values.livekit.prometheus.password | b64enc }}
+{{- end }}
diff --git a/livekit-server/values.yaml b/livekit-server/values.yaml
index bcf6d51..f2e5faf 100644
--- a/livekit-server/values.yaml
+++ b/livekit-server/values.yaml
@@ -150,3 +150,7 @@ serviceMonitor:
   name: ""
   # The scrape interval
   interval: 30s
+
+  # The name of the secret to use.
+  # If not set and create is true, a name is generated using the fullname template
+  secretName: ""