[plutono] Plugin initialization (#283)

* plutono plugin init

* feat(plutono): re-initialise plugin

* chore(plutono): update readme, set more default values

* chore(plutono): codeowners updated

* chore(plutono): fix oci registry

* run helm lint and test once

* Automatic application of license header

* enable helm lint and test

* chore(plutono): remove image renderer manifests

---------

Co-authored-by: License Bot <[email protected]>

.github/CODEOWNERS

@@ -29,6 +29,7 @@ ct.yaml                   @cloudoperators/greenhouse-backend
 /kubeconfig-generator/    @Nuckal777 @ivogoman @uwe-mayer
 /logshipper/              @cloudoperators/greenhouse-observability @cloudoperators/greenhouse-backend
 /opentelemetry-operator   @cloudoperators/greenhouse-observability
+/plutono                  @cloudoperators/greenhouse-observability 
 /service-proxy/           @cloudoperators/greenhouse-backend @databus23 
 /teams2slack/             @cloudoperators/greenhouse-backend @voigts 
 /thanos/                  @cloudoperators/greenhouse-observability

plutono/charts/Chart.yaml

@@ -0,0 +1,19 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+apiVersion: v2
+name: plutono
+version: 0.1.0
+description: Plutono is a fork of Grafana v7.5.17 keeping the Apache License
+type: application
+maintainers:
+  - name: Richard Tief (I520251)
+    email: [email protected]
+name: plutono
+appVersion: v7.5.32
+sources:
+  - ghcr.io/cloudoperators/greenhouse-extensions
+keywords:
+  - visualization
+  - querying
+

plutono/charts/templates/NOTES.txt

@@ -0,0 +1,55 @@
+1. Get your '{{ .Values.plutono.adminUser }}' user password by running:
+
+   kubectl get secret --namespace {{ include "plutono.namespace" . }} {{ .Values.plutono.admin.existingSecret | default (include "plutono.fullname" .) }} -o jsonpath="{.data.{{ .Values.plutono.admin.passwordKey | default "admin-password" }}}" | base64 --decode ; echo
+
+
+2. The Plutono server can be accessed via port {{ .Values.plutono.service.port }} on the following DNS name from within your cluster:
+
+   {{ include "plutono.fullname" . }}.{{ include "plutono.namespace" . }}.svc.cluster.local
+{{ if .Values.plutono.ingress.enabled }}
+   If you bind plutono to 80, please update values in values.yaml and reinstall:
+   ```
+   securityContext:
+     runAsUser: 0
+     runAsGroup: 0
+     fsGroup: 0
+
+   command:
+   - "setcap"
+   - "'cap_net_bind_service=+ep'"
+   - "/usr/sbin/plutono-server &&"
+   - "sh"
+   - "/run.sh"
+   ```
+   Details refer to https://plutono.com/docs/installation/configuration/#http-port.
+   Or plutono would always crash.
+
+   From outside the cluster, the server URL(s) are:
+     {{- range .Values.plutono.ingress.hosts }}
+     http://{{ . }}
+     {{- end }}
+{{- else }}
+   Get the Plutono URL to visit by running these commands in the same shell:
+   {{- if contains "NodePort" .Values.plutono.service.type }}
+     export NODE_PORT=$(kubectl get --namespace {{ include "plutono.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "plutono.fullname" . }})
+     export NODE_IP=$(kubectl get nodes --namespace {{ include "plutono.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+     echo http://$NODE_IP:$NODE_PORT
+   {{- else if contains "LoadBalancer" .Values.plutono.service.type }}
+   NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+        You can watch the status of by running 'kubectl get svc --namespace {{ include "plutono.namespace" . }} -w {{ include "plutono.fullname" . }}'
+     export SERVICE_IP=$(kubectl get svc --namespace {{ include "plutono.namespace" . }} {{ include "plutono.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+     http://$SERVICE_IP:{{ .Values.plutono.service.port -}}
+   {{- else if contains "ClusterIP"  .Values.plutono.service.type }}
+     export POD_NAME=$(kubectl get pods --namespace {{ include "plutono.namespace" . }} -l "app.kubernetes.io/name={{ include "plutono.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+     kubectl --namespace {{ include "plutono.namespace" . }} port-forward $POD_NAME 3000
+   {{- end }}
+{{- end }}
+
+3. Login with the password from step 1 and the username: {{ .Values.plutono.adminUser }}
+
+{{- if and (not .Values.plutono.persistence.enabled) (not .Values.plutono.persistence.disableWarning) }}
+#################################################################################
+######   WARNING: Persistence is disabled!!! You will lose your data when   #####
+######            the Plutono pod is terminated.                            #####
+#################################################################################
+{{- end }}

plutono/charts/templates/_config.tpl

@@ -0,0 +1,172 @@
+{{/*
+ Generate config map data
+ */}}
+{{- define "plutono.configData" -}}
+{{ include "plutono.assertNoLeakedSecrets" . }}
+{{- $files := .Files }}
+{{- $root := . -}}
+{{- with .Values.plutono.plugins }}
+plugins: {{ join "," . }}
+{{- end }}
+plutono.ini: |
+{{- range $elem, $elemVal := index .Values.plutono "plutono.ini" }}
+  {{- if not (kindIs "map" $elemVal) }}
+  {{- if kindIs "invalid" $elemVal }}
+  {{ $elem }} =
+  {{- else if kindIs "string" $elemVal }}
+  {{ $elem }} = {{ tpl $elemVal $ }}
+  {{- else }}
+  {{ $elem }} = {{ $elemVal }}
+  {{- end }}
+  {{- end }}
+{{- end }}
+{{- range $key, $value := index .Values.plutono "plutono.ini" }}
+  {{- if kindIs "map" $value }}
+  [{{ $key }}]
+  {{- range $elem, $elemVal := $value }}
+  {{- if kindIs "invalid" $elemVal }}
+  {{ $elem }} =
+  {{- else if kindIs "string" $elemVal }}
+  {{ $elem }} = {{ tpl $elemVal $ }}
+  {{- else }}
+  {{ $elem }} = {{ $elemVal }}
+  {{- end }}
+  {{- end }}
+  {{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.plutono.datasources }}
+{{- if not (hasKey $value "secret") }}
+{{ $key }}: |
+  {{- tpl (toYaml $value | nindent 2) $root }}
+{{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.plutono.notifiers }}
+{{- if not (hasKey $value "secret") }}
+{{ $key }}: |
+  {{- toYaml $value | nindent 2 }}
+{{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.plutono.alerting }}
+{{- if (hasKey $value "file") }}
+{{ $key }}:
+{{- toYaml ( $files.Get $value.file ) | nindent 2 }}
+{{- else if (or (hasKey $value "secret") (hasKey $value "secretFile"))}}
+{{/*  will be stored inside secret generated by "configSecret.yaml"*/}}
+{{- else }}
+{{ $key }}: |
+  {{- tpl (toYaml $value | nindent 2) $root }}
+{{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.plutono.dashboardProviders }}
+{{ $key }}: |
+  {{- toYaml $value | nindent 2 }}
+{{- end }}
+
+{{- if .Values.plutono.dashboards  }}
+download_dashboards.sh: |
+  #!/usr/bin/env sh
+  set -euf
+  {{- if .Values.plutono.dashboardProviders }}
+    {{- range $key, $value := .Values.plutono.dashboardProviders }}
+      {{- range $value.providers }}
+  mkdir -p {{ .options.path }}
+      {{- end }}
+    {{- end }}
+  {{- end }}
+{{ $dashboardProviders := .Values.plutono.dashboardProviders }}
+{{- range $provider, $dashboards := .Values.plutono.dashboards }}
+  {{- range $key, $value := $dashboards }}
+    {{- if (or (hasKey $value "gnetId") (hasKey $value "url")) }}
+  curl -skf \
+  --connect-timeout 60 \
+  --max-time 60 \
+    {{- if not $value.b64content }}
+      {{- if not $value.acceptHeader }}
+  -H "Accept: application/json" \
+      {{- else }}
+  -H "Accept: {{ $value.acceptHeader }}" \
+      {{- end }}
+      {{- if $value.token }}
+  -H "Authorization: token {{ $value.token }}" \
+      {{- end }}
+      {{- if $value.bearerToken }}
+  -H "Authorization: Bearer {{ $value.bearerToken }}" \
+      {{- end }}
+      {{- if $value.basic }}
+  -H "Authorization: Basic {{ $value.basic }}" \
+      {{- end }}
+      {{- if $value.gitlabToken }}
+  -H "PRIVATE-TOKEN: {{ $value.gitlabToken }}" \
+      {{- end }}
+  -H "Content-Type: application/json;charset=UTF-8" \
+    {{- end }}
+  {{- $dpPath := "" -}}
+  {{- range $kd := (index $dashboardProviders "dashboardproviders.yaml").providers }}
+    {{- if eq $kd.name $provider }}
+    {{- $dpPath = $kd.options.path }}
+    {{- end }}
+  {{- end }}
+  {{- if $value.url }}
+    "{{ $value.url }}" \
+  {{- else }}
+    "https://plutono.com/api/dashboards/{{ $value.gnetId }}/revisions/{{- if $value.revision -}}{{ $value.revision }}{{- else -}}1{{- end -}}/download" \
+  {{- end }}
+  {{- if $value.datasource }}
+    {{- if kindIs "string" $value.datasource }}
+    | sed '/-- .* --/! s/"datasource":.*,/"datasource": "{{ $value.datasource }}",/g' \
+    {{- end }}
+    {{- if kindIs "slice" $value.datasource }}
+      {{- range $value.datasource }}
+        | sed '/-- .* --/! s/${{"{"}}{{ .name }}}/{{ .value }}/g' \
+      {{- end }}
+    {{- end }}
+  {{- end }}
+  {{- if $value.b64content }}
+    | base64 -d \
+  {{- end }}
+  > "{{- if $dpPath -}}{{ $dpPath }}{{- else -}}/var/lib/plutono/dashboards/{{ $provider }}{{- end -}}/{{ $key }}.json"
+    {{ end }}
+  {{- end }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+ Generate dashboard json config map data
+ */}}
+{{- define "plutono.configDashboardProviderData" -}}
+provider.yaml: |-
+  apiVersion: 1
+  providers:
+    - name: '{{ .Values.plutono.sidecar.dashboards.provider.name }}'
+      orgId: {{ .Values.plutono.sidecar.dashboards.provider.orgid }}
+      {{- if not .Values.plutono.sidecar.dashboards.provider.foldersFromFilesStructure }}
+      folder: '{{ .Values.plutono.sidecar.dashboards.provider.folder }}'
+      folderUid: '{{ .Values.plutono.sidecar.dashboards.provider.folderUid }}'
+      {{- end }}
+      type: {{ .Values.plutono.sidecar.dashboards.provider.type }}
+      disableDeletion: {{ .Values.plutono.sidecar.dashboards.provider.disableDelete }}
+      allowUiUpdates: {{ .Values.plutono.sidecar.dashboards.provider.allowUiUpdates }}
+      updateIntervalSeconds: {{ .Values.plutono.sidecar.dashboards.provider.updateIntervalSeconds | default 30 }}
+      options:
+        foldersFromFilesStructure: {{ .Values.plutono.sidecar.dashboards.provider.foldersFromFilesStructure }}
+        path: {{ .Values.plutono.sidecar.dashboards.folder }}{{- with .Values.plutono.sidecar.dashboards.defaultFolderName }}/{{ . }}{{- end }}
+{{- end -}}
+
+{{- define "plutono.secretsData" -}}
+{{- if and (not .Values.plutono.env.PL_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) (not .Values.plutono.admin.existingSecret) (not .Values.plutono.env.PL_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.plutono.env.PL_SECURITY_ADMIN_PASSWORD) }}
+admin-user: {{ .Values.plutono.adminUser | b64enc | quote }}
+{{- if .Values.plutono.adminPassword }}
+admin-password: {{ .Values.plutono.adminPassword | b64enc | quote }}
+{{- else }}
+admin-password: {{ include "plutono.password" . }}
+{{- end }}
+{{- end }}
+{{- if not .Values.plutono.ldap.existingSecret }}
+ldap-toml: {{ tpl .Values.plutono.ldap.config $ | b64enc | quote }}
+{{- end }}
+{{- end -}}