add seperate openshift block to handle openshift related configurations

opencost · Dec 26, 2024 · ae349ee · ae349ee
1 parent 9911dbc
commit ae349ee
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 15 deletions.
diff --git a/charts/opencost/templates/clusterrolebinding.yaml b/charts/opencost/templates/clusterrolebinding.yaml
@@ -17,7 +17,7 @@ subjects:
     namespace: {{ include "opencost.namespace" . }}
 ---
 {{- end }}
-{{- if .Values.opencost.prometheus.createMonitoringClusterRoleBinding }}
+{{- if and .Values.opencost.platforms.openshift.enabled .Values.opencost.platforms.openshift.createMonitoringClusterRoleBinding }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:

diff --git a/charts/opencost/templates/deployment.yaml b/charts/opencost/templates/deployment.yaml
@@ -312,8 +312,13 @@ spec:
           {{- with .Values.opencost.ui.securityContext }}
           securityContext: {{- toYaml . | nindent 12 }}
           {{- end }}
+          volumeMounts:
           {{- with .Values.opencost.ui.extraVolumeMounts }}
-          volumeMounts: {{- toYaml . | nindent 12 }}
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- if .Values.opencost.platforms.openshift.enabled }}
+          - name: empty-var-www
+            mountPath: /var/www
           {{- end }}
         {{- end }}
         {{- with .Values.opencost.extraContainers }}
@@ -389,6 +394,10 @@ spec:
               - key: cloud-integration.json
                 path: cloud-integration.json
           {{- end }}
+          {{- if .Values.opencost.platforms.openshift.enabled }}
+          - name: empty-var-www
+            emptyDir: {}
+          {{- end }}
         {{- with .Values.extraVolumes }}
           {{- toYaml . | nindent 8 }}
         {{- end }}

diff --git a/charts/opencost/templates/monitoring-role-binding-template.yaml b/charts/opencost/templates/monitoring-role-binding-template.yaml
@@ -1,13 +1,13 @@
-{{- if (.Values.opencost.prometheus.createMonitoringResourceReaderRoleBinding) }}
+{{- if and .Values.opencost.platforms.openshift.enabled .Values.opencost..platforms.openshift.createMonitoringResourceReaderRoleBinding }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   namespace: {{ include "opencost.namespace" . }}
   name: {{ include "opencost.fullname" . }}-reader
 subjects:
 - kind: ServiceAccount
-  name: {{ .Values.opencost.prometheus.monitoringServiceAccountName | quote }}
-  namespace: {{ .Values.opencost.prometheus.monitoringServiceAccountNamespace | quote }}
+  name: {{ .Values.opencost.platforms.openshift.monitoringServiceAccountName | quote }}
+  namespace: {{ .Values.opencost.platforms.openshift.monitoringServiceAccountNamespace | quote }}
 roleRef:
   kind: Role
   name: {{ include "opencost.fullname" . }}-reader

diff --git a/charts/opencost/templates/monitoring-role-template.yaml b/charts/opencost/templates/monitoring-role-template.yaml
@@ -1,4 +1,4 @@
-{{- if (.Values.opencost.prometheus.createMonitoringResourceReaderRoleBinding) }}
+{{- if and .Values.opencost.platforms.openshift.enabled .Values.opencost.platforms.openshift.createMonitoringResourceReaderRoleBinding }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:

diff --git a/charts/opencost/values.yaml b/charts/opencost/values.yaml
@@ -335,15 +335,6 @@ opencost:
     bearer_token_key: DB_BEARER_TOKEN
     # -- If true, opencost will use kube-rbac-proxy to authenticate with in cluster Prometheus for openshift
     kubeRBACProxy: false
-    # OPTIONAL. The following configs only to be enabled when using a Prometheus instance already installed in the cluster.
-    # -- If true, the helm chart will create a ClusterRoleBinding to grant the OpenCost ServiceAccount access to query Prometheus.
-    createMonitoringClusterRoleBinding: false
-    # -- If true, create a Role and RoleBinding to allow Prometheus to list and watch OpenCost resources.
-    createMonitoringResourceReaderRoleBinding: false
-    # -- Name of the Prometheus serviceaccount to bind to the Resource Reader Role Binding.
-    monitoringServiceAccountName: prometheus-k8s
-    # -- Namespace of the Prometheus serviceaccount to bind to the Resource Reader Role Binding.
-    monitoringServiceAccountNamespace: openshift-monitoring
     external:
       # -- Use external Prometheus (eg. Grafana Cloud)
       enabled: false
@@ -519,5 +510,19 @@ opencost:
     #       protocol: TCP
     #   resources: {}
 
+  platforms:
+    openshift:
+      # -- Enable OpenShift specific configurations
+      enabled: false
+      # OPTIONAL. The following configs only to be enabled when using a Prometheus instance already installed in the cluster.
+      # -- If true, the helm chart will create a ClusterRoleBinding to grant the OpenCost ServiceAccount access to query Prometheus.
+      createMonitoringClusterRoleBinding: false
+      # -- If true, create a Role and RoleBinding to allow Prometheus to list and watch OpenCost resources.
+      createMonitoringResourceReaderRoleBinding: false
+      # -- Name of the Prometheus serviceaccount to bind to the Resource Reader Role Binding.
+      monitoringServiceAccountName: prometheus-k8s
+      # -- Namespace of the Prometheus serviceaccount to bind to the Resource Reader Role Binding.
+      monitoringServiceAccountNamespace: openshift-monitoring
+
 # -- A list of volumes to be added to the pod
 extraVolumes: []