diff --git a/CHANGELOG.md b/CHANGELOG.md index 8c38010d0e..d624a4eced 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added - feat(fluentd): expose extra configuration for fluentd output plugin [#2244][#2244] +- feat(monitors): the Sumo Logic monitors installation as part of the setup job [#2250][#2250] ### Changed @@ -34,6 +35,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 [#2244]: https://github.com/SumoLogic/sumologic-kubernetes-collection/pull/2244 [#2245]: https://github.com/SumoLogic/sumologic-kubernetes-collection/pull/2245 [#2246]: https://github.com/SumoLogic/sumologic-kubernetes-collection/pull/2246 +[#2250]: https://github.com/SumoLogic/sumologic-kubernetes-collection/pull/2250 [#2254]: https://github.com/SumoLogic/sumologic-kubernetes-collection/pull/2254 [#2255]: https://github.com/SumoLogic/sumologic-kubernetes-collection/pull/2255 [Unreleased]: https://github.com/SumoLogic/sumologic-kubernetes-collection/compare/v2.6.0...main diff --git a/ci/shellcheck.sh b/ci/shellcheck.sh index 16e8a2ba0c..4d8a6fd75d 100755 --- a/ci/shellcheck.sh +++ b/ci/shellcheck.sh @@ -3,7 +3,7 @@ set -e echo "Checking the bash scripts with shellcheck..." -find . ! -path '*deploy/helm/sumologic/conf/setup/setup.sh' ! -path "*/tmp/*" -name '*.sh' -type 'f' -print | +find . ! -path '*deploy/helm/sumologic/conf/setup/setup.sh' ! -path '*deploy/helm/sumologic/conf/setup/monitors.sh' ! -path "*/tmp/*" -name '*.sh' -type 'f' -print | while read -r file; do # Run tests in their own context echo "Checking ${file} with shellcheck" @@ -17,6 +17,13 @@ find . -path '*tests/helm/terraform/static/*.output.yaml' -type 'f' -print | yq r "${file}" "data[setup.sh]" | shellcheck --enable all --external-sources --exclude SC2155 - done +find . -path '*tests/helm/terraform/static/*.output.yaml' -type 'f' -print | + while read -r file; do + # Run tests in their own context + echo "Checking ${file} with shellcheck" + yq r "${file}" "data[monitors.sh]" | shellcheck --enable all --external-sources --exclude SC2155 - + done + find . -path '*tests/helm/terraform_custom/static/*.output.yaml' ! -path "./tests/helm/terraform_custom/static/empty.output.yaml" -type 'f' -print | while read -r file; do # Run tests in their own context diff --git a/deploy/helm/sumologic/README.md b/deploy/helm/sumologic/README.md index 19c073d50b..b91f6c5196 100644 --- a/deploy/helm/sumologic/README.md +++ b/deploy/helm/sumologic/README.md @@ -61,6 +61,9 @@ The following table lists the configurable parameters of the Sumo Logic chart an | `sumologic.setup.job.image.repository` | Image repository for Sumo Logic setup job docker container. | `sumologic/kubernetes-fluentd` | | `sumologic.setup.job.image.tag` | Image tag for Sumo Logic setup job docker container. | `1.3.0` | | `sumologic.setup.job.image.pullPolicy` | Image pullPolicy for Sumo Logic docker container. | `IfNotPresent` | +| `sumologic.setup.monitors.enabled` | If enabled, a pre-install hook will create k8s monitors in Sumo Logic. | `true` | +| `sumologic.setup.monitors.monitorStatus` | The installed monitors default status: enabled/disabled. | `enabled` | +| `sumologic.setup.monitors.notificationEmails` | A list of emails to send notifications from monitors. | `[]` | | `fluentd.image.repository` | Image repository for Sumo Logic docker container. | `sumologic/kubernetes-fluentd` | | `fluentd.image.tag` | Image tag for Sumo Logic docker container. | `1.3.0` | | `fluentd.image.pullPolicy` | Image pullPolicy for Sumo Logic docker container. | `IfNotPresent` | diff --git a/deploy/helm/sumologic/conf/setup/monitors.sh b/deploy/helm/sumologic/conf/setup/monitors.sh new file mode 100644 index 0000000000..5004d9452a --- /dev/null +++ b/deploy/helm/sumologic/conf/setup/monitors.sh @@ -0,0 +1,70 @@ +#!/bin/bash + +SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} +readonly SUMOLOGIC_ACCESSID +SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} +readonly SUMOLOGIC_ACCESSKEY +SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} +readonly SUMOLOGIC_BASE_URL + +MONITORS_FOLDER_NAME="Kubernetes" +{{- if eq .Values.sumologic.setup.monitors.monitorStatus "enabled" }} +MONITORS_DISABLED="false" +{{- else }} +MONITORS_DISABLED="true" +{{- end}} + +# verify if the k8s monitors folder already exists +MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" +readonly MONITORS_RESPONSE +MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" +readonly MONITORS_ROOT_ID + +MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" +readonly MONITORS_FOLDER_ID + +if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + +{{- if not (.Values.sumologic.setup.monitors.notificationEmails | empty) }} + + NOTIFICATIONS_RECIPIENTS='{{- .Values.sumologic.setup.monitors.notificationEmails | toRawJson }}' + NOTIFICATIONS_CONTENT="subject=\"Monitor Alert: {{ printf `{{ TriggerType }}` }} on {{ printf `{{ Name }}` }}\",message_body=\"Triggered {{ printf `{{ TriggerType }}` }} Alert on {{ printf `{{ Name }}` }}: {{ printf `{{ QueryURL }}` }}\"" + NOTIFICATIONS_SETTINGS="recipients=${NOTIFICATIONS_RECIPIENTS},connection_type=\"Email\",time_zone=\"UTC\"" +{{- end }} + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ +{{- if not (.Values.sumologic.setup.monitors.notificationEmails | empty) }} + -var="email_notifications_critical=[{${NOTIFICATIONS_SETTINGS},${NOTIFICATIONS_CONTENT},run_for_trigger_types=[\"Critical\", \"ResolvedCritical\"]}]" \ + -var="email_notifications_warning=[{${NOTIFICATIONS_SETTINGS},${NOTIFICATIONS_CONTENT},run_for_trigger_types=[\"Warning\", \"ResolvedWarning\"]}]" \ + -var="email_notifications_missingdata=[{${NOTIFICATIONS_SETTINGS},${NOTIFICATIONS_CONTENT},run_for_trigger_types=[\"MissingData\", \"ResolvedMissingData\"]}]" \ +{{- end }} + || { echo "Error during applying Terraform monitors."; exit 1; } +else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" +fi diff --git a/deploy/helm/sumologic/conf/setup/setup.sh b/deploy/helm/sumologic/conf/setup/setup.sh index 7dce5f755d..054f3972e1 100755 --- a/deploy/helm/sumologic/conf/setup/setup.sh +++ b/deploy/helm/sumologic/conf/setup/setup.sh @@ -142,6 +142,15 @@ TF_LOG_PROVIDER=DEBUG terraform apply \ -var="create_fields=${CREATE_FIELDS}" \ || { echo "Error during applying Terraform changes"; exit 1; } +# Setup Sumo Logic monitors if enabled +{{- if .Values.sumologic.setup.monitors.enabled }} +bash /etc/terraform/monitors.sh +{{- else }} +echo "Installation of the Sumo Logic monitors is disabled." +echo "You can install them manually later with:" +echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" +{{- end }} + # Cleanup env variables export SUMOLOGIC_BASE_URL= export SUMOLOGIC_ACCESSKEY= diff --git a/deploy/helm/sumologic/templates/NOTES.txt b/deploy/helm/sumologic/templates/NOTES.txt index 3bb6e496df..3536cdb86c 100644 --- a/deploy/helm/sumologic/templates/NOTES.txt +++ b/deploy/helm/sumologic/templates/NOTES.txt @@ -26,3 +26,9 @@ We recommend turning this property on for production environments by setting met We've tried to automatically create fields. In an unlikely scenario that this fails please refer to the following to create them manually: https://github.com/SumoLogic/sumologic-kubernetes-collection/blob/2b3ca63/deploy/docs/Installation_with_Helm.md#prerequisite + +{{- if not (.Values.sumologic.setup.monitors.enabled) }} +echo "Installation of the Sumo Logic monitors is disabled." +echo "You can install them with:" +echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" +{{- end }} \ No newline at end of file diff --git a/deploy/helm/sumologic/values.yaml b/deploy/helm/sumologic/values.yaml index 69dadf569f..35e4107520 100644 --- a/deploy/helm/sumologic/values.yaml +++ b/deploy/helm/sumologic/values.yaml @@ -122,6 +122,16 @@ sumologic: ## uncomment for the debug mode (disables the automatic run of the setup.sh script) # debug: true + monitors: + ## If enabled, a pre-install hook will create k8s monitors in Sumo Logic + enabled: true + + ## The installed monitors default status: enabled/disabled + monitorStatus: enabled + + ## A list of emails to send notifications from monitors + notificationEmails: [] + collector: ## Configuration of additional collector fields ## https://help.sumologic.com/Manage/Fields#http-source-fields diff --git a/tests/helm/terraform/static/all_fields.output.yaml b/tests/helm/terraform/static/all_fields.output.yaml index cb0ca01354..88ac341a75 100644 --- a/tests/helm/terraform/static/all_fields.output.yaml +++ b/tests/helm/terraform/static/all_fields.output.yaml @@ -145,6 +145,61 @@ data: } } } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="false" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi providers.tf: |- provider "sumologic" {} @@ -426,6 +481,9 @@ data: -var="create_fields=${CREATE_FIELDS}" \ || { echo "Error during applying Terraform changes"; exit 1; } + # Setup Sumo Logic monitors if enabled + bash /etc/terraform/monitors.sh + # Cleanup env variables export SUMOLOGIC_BASE_URL= export SUMOLOGIC_ACCESSKEY= diff --git a/tests/helm/terraform/static/collector_fields.output.yaml b/tests/helm/terraform/static/collector_fields.output.yaml index b4d3aa0693..dcdcd1da71 100644 --- a/tests/helm/terraform/static/collector_fields.output.yaml +++ b/tests/helm/terraform/static/collector_fields.output.yaml @@ -144,6 +144,61 @@ data: } } } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="false" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi providers.tf: |- provider "sumologic" {} @@ -380,6 +435,9 @@ data: -var="create_fields=${CREATE_FIELDS}" \ || { echo "Error during applying Terraform changes"; exit 1; } + # Setup Sumo Logic monitors if enabled + bash /etc/terraform/monitors.sh + # Cleanup env variables export SUMOLOGIC_BASE_URL= export SUMOLOGIC_ACCESSKEY= diff --git a/tests/helm/terraform/static/conditional_sources.output.yaml b/tests/helm/terraform/static/conditional_sources.output.yaml index 1e44f2405c..e229aecebb 100644 --- a/tests/helm/terraform/static/conditional_sources.output.yaml +++ b/tests/helm/terraform/static/conditional_sources.output.yaml @@ -134,6 +134,61 @@ data: } } } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="false" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi providers.tf: |- provider "sumologic" {} @@ -298,6 +353,9 @@ data: -var="create_fields=${CREATE_FIELDS}" \ || { echo "Error during applying Terraform changes"; exit 1; } + # Setup Sumo Logic monitors if enabled + bash /etc/terraform/monitors.sh + # Cleanup env variables export SUMOLOGIC_BASE_URL= export SUMOLOGIC_ACCESSKEY= diff --git a/tests/helm/terraform/static/custom.output.yaml b/tests/helm/terraform/static/custom.output.yaml index 1e44f2405c..e229aecebb 100644 --- a/tests/helm/terraform/static/custom.output.yaml +++ b/tests/helm/terraform/static/custom.output.yaml @@ -134,6 +134,61 @@ data: } } } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="false" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi providers.tf: |- provider "sumologic" {} @@ -298,6 +353,9 @@ data: -var="create_fields=${CREATE_FIELDS}" \ || { echo "Error during applying Terraform changes"; exit 1; } + # Setup Sumo Logic monitors if enabled + bash /etc/terraform/monitors.sh + # Cleanup env variables export SUMOLOGIC_BASE_URL= export SUMOLOGIC_ACCESSKEY= diff --git a/tests/helm/terraform/static/default.output.yaml b/tests/helm/terraform/static/default.output.yaml index 8742b7be3a..9ac535817f 100644 --- a/tests/helm/terraform/static/default.output.yaml +++ b/tests/helm/terraform/static/default.output.yaml @@ -144,6 +144,61 @@ data: } } } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="false" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi providers.tf: |- provider "sumologic" {} @@ -378,6 +433,9 @@ data: -var="create_fields=${CREATE_FIELDS}" \ || { echo "Error during applying Terraform changes"; exit 1; } + # Setup Sumo Logic monitors if enabled + bash /etc/terraform/monitors.sh + # Cleanup env variables export SUMOLOGIC_BASE_URL= export SUMOLOGIC_ACCESSKEY= diff --git a/tests/helm/terraform/static/disable_default_metrics.output.yaml b/tests/helm/terraform/static/disable_default_metrics.output.yaml index 0d68fb6378..1ac3f0c3f0 100644 --- a/tests/helm/terraform/static/disable_default_metrics.output.yaml +++ b/tests/helm/terraform/static/disable_default_metrics.output.yaml @@ -143,6 +143,61 @@ data: } } } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="false" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi providers.tf: |- provider "sumologic" {} @@ -370,6 +425,9 @@ data: -var="create_fields=${CREATE_FIELDS}" \ || { echo "Error during applying Terraform changes"; exit 1; } + # Setup Sumo Logic monitors if enabled + bash /etc/terraform/monitors.sh + # Cleanup env variables export SUMOLOGIC_BASE_URL= export SUMOLOGIC_ACCESSKEY= diff --git a/tests/helm/terraform/static/disabled_monitors.input.yaml b/tests/helm/terraform/static/disabled_monitors.input.yaml new file mode 100644 index 0000000000..25eabd332e --- /dev/null +++ b/tests/helm/terraform/static/disabled_monitors.input.yaml @@ -0,0 +1,5 @@ +sumologic: + setup: + monitors: + enabled: false + monitorStatus: disabled diff --git a/tests/helm/terraform/static/disabled_monitors.output.yaml b/tests/helm/terraform/static/disabled_monitors.output.yaml new file mode 100644 index 0000000000..11ea8115bb --- /dev/null +++ b/tests/helm/terraform/static/disabled_monitors.output.yaml @@ -0,0 +1,467 @@ +--- +# Source: sumologic/templates/setup/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: RELEASE-NAME-sumologic-setup + annotations: + helm.sh/hook: pre-install,pre-upgrade + helm.sh/hook-weight: "2" + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + labels: + app: RELEASE-NAME-sumologic + chart: "sumologic-%CURRENT_CHART_VERSION%" + release: "RELEASE-NAME" + heritage: "Helm" +data: + custom.sh: | + #!/bin/bash + # + # This script copies files from /customer-scripts to /scripts/ basing on the filename + # + # Example file structure: + # + # /customer-scripts + # ├── dir1_main.tf + # ├── dir1_setup.sh + # ├── dir2_list.txt + # └── dir2_setup.sh + # + # Expected structure: + # + # /scripts + # ├── dir1 + # │ ├── main.tf + # │ └── setup.sh + # └── dir2 + # ├── list.txt + # └── setup.sh + # + # shellcheck disable=SC2010 + # extract target directory names from the file names using _ as separator + err_report() { + echo "Custom script error on line $1" + exit 1 + } + trap 'err_report $LINENO' ERR + + for dir in $(ls -1 /customer-scripts | grep _ | grep -oE '^.*?_' | sed 's/_//g' | sort | uniq); do + target="/scripts/${dir}" + mkdir "${target}" + # shellcheck disable=SC2010 + # Get files for given directory and take only filename part (after first _) + for file in $(ls -1 "/customer-scripts/${dir}_"* | grep -oE '_.*' | sed 's/_//g'); do + cp "/customer-scripts/${dir}_${file}" "${target}/${file}" + done + + if [[ ! -f setup.sh ]]; then + echo "You're missing setup.sh script in custom scripts directory: '${dir}'" + continue + fi + + cd "${target}" && bash setup.sh + done + fields.tf: | + resource "sumologic_field" "cluster" { + count = var.create_fields ? 1 : 0 + + field_name = "cluster" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "container" { + count = var.create_fields ? 1 : 0 + + field_name = "container" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "deployment" { + count = var.create_fields ? 1 : 0 + + field_name = "deployment" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "host" { + count = var.create_fields ? 1 : 0 + + field_name = "host" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "namespace" { + count = var.create_fields ? 1 : 0 + + field_name = "namespace" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "node" { + count = var.create_fields ? 1 : 0 + + field_name = "node" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "pod" { + count = var.create_fields ? 1 : 0 + + field_name = "pod" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "service" { + count = var.create_fields ? 1 : 0 + + field_name = "service" + data_type = "String" + state = "Enabled" + } + locals.tf: | + locals { + default_events_source = "events" + default_logs_source = "logs" + apiserver_metrics_source = "apiserver-metrics" + control_plane_metrics_source = "control-plane-metrics" + controller_metrics_source = "kube-controller-manager-metrics" + default_metrics_source = "(default-metrics)" + kubelet_metrics_source = "kubelet-metrics" + node_metrics_source = "node-exporter-metrics" + scheduler_metrics_source = "kube-scheduler-metrics" + state_metrics_source = "kube-state-metrics" + } + main.tf: | + terraform { + required_providers { + sumologic = { + source = "sumologic/sumologic" + version = "~> 2.11" + } + kubernetes = { + source = "hashicorp/kubernetes" + version = "~> 1.13" + } + } + } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="true" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi + providers.tf: |- + provider "sumologic" {} + + provider "kubernetes" { + + cluster_ca_certificate = file("/var/run/secrets/kubernetes.io/serviceaccount/ca.crt") + host = "https://kubernetes.default.svc" + load_config_file = "false" + token = file("/var/run/secrets/kubernetes.io/serviceaccount/token") + } + resources.tf: | + resource "sumologic_collector" "collector" { + name = var.collector_name + fields = { + cluster = var.cluster_name + } + } + + resource "sumologic_http_source" "default_events_source" { + name = local.default_events_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "default_logs_source" { + name = local.default_logs_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "apiserver_metrics_source" { + name = local.apiserver_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "control_plane_metrics_source" { + name = local.control_plane_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "controller_metrics_source" { + name = local.controller_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "default_metrics_source" { + name = local.default_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "kubelet_metrics_source" { + name = local.kubelet_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "node_metrics_source" { + name = local.node_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "scheduler_metrics_source" { + name = local.scheduler_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "state_metrics_source" { + name = local.state_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "kubernetes_secret" "sumologic_collection_secret" { + metadata { + name = "sumologic" + namespace = var.namespace_name + } + + data = { + endpoint-events = sumologic_http_source.default_events_source.url + endpoint-logs = sumologic_http_source.default_logs_source.url + endpoint-metrics-apiserver = sumologic_http_source.apiserver_metrics_source.url + endpoint-control_plane_metrics_source = sumologic_http_source.control_plane_metrics_source.url + endpoint-metrics-kube-controller-manager = sumologic_http_source.controller_metrics_source.url + endpoint-metrics = sumologic_http_source.default_metrics_source.url + endpoint-metrics-kubelet = sumologic_http_source.kubelet_metrics_source.url + endpoint-metrics-node-exporter = sumologic_http_source.node_metrics_source.url + endpoint-metrics-kube-scheduler = sumologic_http_source.scheduler_metrics_source.url + endpoint-metrics-kube-state = sumologic_http_source.state_metrics_source.url + } + + type = "Opaque" + } + setup.sh: | + #!/bin/bash + + readonly DEBUG_MODE=${DEBUG_MODE:="false"} + readonly DEBUG_MODE_ENABLED_FLAG="true" + + # Let's compare the variables ignoring the case with help of ${VARIABLE,,} which makes the string lowercased + # so that we don't have to deal with True vs true vs TRUE + if [[ ${DEBUG_MODE,,} == "${DEBUG_MODE_ENABLED_FLAG}" ]]; then + echo "Entering the debug mode with continuous sleep. No setup will be performed." + echo "Please exec into the setup container and run the setup.sh by hand or set the sumologic.setup.debug=false and reinstall." + + while true; do + sleep 10 + echo "$(date) Sleeping in the debug mode..." + done + fi + + function fix_sumo_base_url() { + local BASE_URL + BASE_URL=${SUMOLOGIC_BASE_URL} + + if [[ "${BASE_URL}" =~ ^\s*$ ]]; then + BASE_URL="https://api.sumologic.com/api/" + fi + + OPTIONAL_REDIRECTION="$(curl -XGET -s -o /dev/null -D - \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${BASE_URL}"v1/collectors \ + | grep -Fi location )" + + if [[ ! ${OPTIONAL_REDIRECTION} =~ ^\s*$ ]]; then + BASE_URL=$( echo "${OPTIONAL_REDIRECTION}" | sed -E 's/.*: (https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)?\.sumologic\.com\/api\/).*/\1/' ) + fi + + BASE_URL=${BASE_URL%v1*} + + echo "${BASE_URL}" + } + + SUMOLOGIC_BASE_URL=$(fix_sumo_base_url) + export SUMOLOGIC_BASE_URL + # Support proxy for Terraform + export HTTP_PROXY=${HTTP_PROXY:=""} + export HTTPS_PROXY=${HTTPS_PROXY:=""} + export NO_PROXY=${NO_PROXY:=""} + + function get_remaining_fields() { + local RESPONSE + RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/fields/quota)" + readonly RESPONSE + + echo "${RESPONSE}" + } + + # Check if we'd have at least 10 fields remaining after additional fields + # would be created for the collection + function should_create_fields() { + local RESPONSE + RESPONSE=$(get_remaining_fields) + readonly RESPONSE + + if ! jq -e <<< "${RESPONSE}" ; then + printf "Failed requesting fields API:\n%s\n" "${RESPONSE}" + return 1 + fi + + if ! jq -e '.remaining' <<< "${RESPONSE}" ; then + printf "Failed requesting fields API:\n%s\n" "${RESPONSE}" + return 1 + fi + + local REMAINING + REMAINING=$(jq -e '.remaining' <<< "${RESPONSE}") + readonly REMAINING + if [[ $(( REMAINING - 8 )) -ge 10 ]] ; then + return 0 + else + return 1 + fi + } + + cp /etc/terraform/{locals,main,providers,resources,variables,fields}.tf /terraform/ + cd /terraform || exit 1 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false -get=false || terraform init -input=false -upgrade + + # Sumo Logic fields + if should_create_fields ; then + readonly CREATE_FIELDS=1 + FIELDS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/fields | jq '.data[]' )" + readonly FIELDS_RESPONSE + + declare -ra FIELDS=("cluster" "container" "deployment" "host" "namespace" "node" "pod" "service") + for FIELD in "${FIELDS[@]}" ; do + FIELD_ID=$( echo "${FIELDS_RESPONSE}" | jq -r "select(.fieldName == \"${FIELD}\") | .fieldId" ) + # Don't try to import non existing fields + if [[ -z "${FIELD_ID}" ]]; then + continue + fi + + terraform import \ + -var="create_fields=1" \ + sumologic_field."${FIELD}" "${FIELD_ID}" + done + else + readonly CREATE_FIELDS=0 + echo "Couldn't automatically create fields" + echo "You do not have enough field capacity to create the required fields automatically." + echo "Please refer to https://help.sumologic.com/Manage/Fields to manually create the fields after you have removed unused fields to free up capacity." + fi + + readonly COLLECTOR_NAME="kubernetes" + + # Sumo Logic Collector and HTTP sources + # Only import sources when collector exists. + if terraform import sumologic_collector.collector "${COLLECTOR_NAME}"; then + true # prevent to render empty if; then + terraform import sumologic_http_source.default_events_source "${COLLECTOR_NAME}/events" + terraform import sumologic_http_source.default_logs_source "${COLLECTOR_NAME}/logs" + terraform import sumologic_http_source.apiserver_metrics_source "${COLLECTOR_NAME}/apiserver-metrics" + terraform import sumologic_http_source.control_plane_metrics_source "${COLLECTOR_NAME}/control-plane-metrics" + terraform import sumologic_http_source.controller_metrics_source "${COLLECTOR_NAME}/kube-controller-manager-metrics" + terraform import sumologic_http_source.default_metrics_source "${COLLECTOR_NAME}/(default-metrics)" + terraform import sumologic_http_source.kubelet_metrics_source "${COLLECTOR_NAME}/kubelet-metrics" + terraform import sumologic_http_source.node_metrics_source "${COLLECTOR_NAME}/node-exporter-metrics" + terraform import sumologic_http_source.scheduler_metrics_source "${COLLECTOR_NAME}/kube-scheduler-metrics" + terraform import sumologic_http_source.state_metrics_source "${COLLECTOR_NAME}/kube-state-metrics" + fi + + # Kubernetes Secret + terraform import kubernetes_secret.sumologic_collection_secret sumologic/sumologic + + # Apply planned changes + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="create_fields=${CREATE_FIELDS}" \ + || { echo "Error during applying Terraform changes"; exit 1; } + + # Setup Sumo Logic monitors if enabled + echo "Installation of the Sumo Logic monitors is disabled." + echo "You can install them manually later with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + + # Cleanup env variables + export SUMOLOGIC_BASE_URL= + export SUMOLOGIC_ACCESSKEY= + export SUMOLOGIC_ACCESSID= + + bash /etc/terraform/custom.sh + variables.tf: | + variable "cluster_name" { + type = string + default = "kubernetes" + } + + variable "collector_name" { + type = string + default = "kubernetes" + } + + variable "namespace_name" { + type = string + default = "sumologic" + } + + variable "create_fields" { + description = "If set, Terraform will attempt to create fields at Sumo Logic" + type = bool + default = true + } diff --git a/tests/helm/terraform/static/monitors_with_email_notifications.input.yaml b/tests/helm/terraform/static/monitors_with_email_notifications.input.yaml new file mode 100644 index 0000000000..e12df8b245 --- /dev/null +++ b/tests/helm/terraform/static/monitors_with_email_notifications.input.yaml @@ -0,0 +1,4 @@ +sumologic: + setup: + monitors: + notificationEmails: ["test@test.lh", "email@locahost.lh"] diff --git a/tests/helm/terraform/static/monitors_with_email_notifications.output.yaml b/tests/helm/terraform/static/monitors_with_email_notifications.output.yaml new file mode 100644 index 0000000000..f880e4541a --- /dev/null +++ b/tests/helm/terraform/static/monitors_with_email_notifications.output.yaml @@ -0,0 +1,472 @@ +--- +# Source: sumologic/templates/setup/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: RELEASE-NAME-sumologic-setup + annotations: + helm.sh/hook: pre-install,pre-upgrade + helm.sh/hook-weight: "2" + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + labels: + app: RELEASE-NAME-sumologic + chart: "sumologic-%CURRENT_CHART_VERSION%" + release: "RELEASE-NAME" + heritage: "Helm" +data: + custom.sh: | + #!/bin/bash + # + # This script copies files from /customer-scripts to /scripts/ basing on the filename + # + # Example file structure: + # + # /customer-scripts + # ├── dir1_main.tf + # ├── dir1_setup.sh + # ├── dir2_list.txt + # └── dir2_setup.sh + # + # Expected structure: + # + # /scripts + # ├── dir1 + # │ ├── main.tf + # │ └── setup.sh + # └── dir2 + # ├── list.txt + # └── setup.sh + # + # shellcheck disable=SC2010 + # extract target directory names from the file names using _ as separator + err_report() { + echo "Custom script error on line $1" + exit 1 + } + trap 'err_report $LINENO' ERR + + for dir in $(ls -1 /customer-scripts | grep _ | grep -oE '^.*?_' | sed 's/_//g' | sort | uniq); do + target="/scripts/${dir}" + mkdir "${target}" + # shellcheck disable=SC2010 + # Get files for given directory and take only filename part (after first _) + for file in $(ls -1 "/customer-scripts/${dir}_"* | grep -oE '_.*' | sed 's/_//g'); do + cp "/customer-scripts/${dir}_${file}" "${target}/${file}" + done + + if [[ ! -f setup.sh ]]; then + echo "You're missing setup.sh script in custom scripts directory: '${dir}'" + continue + fi + + cd "${target}" && bash setup.sh + done + fields.tf: | + resource "sumologic_field" "cluster" { + count = var.create_fields ? 1 : 0 + + field_name = "cluster" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "container" { + count = var.create_fields ? 1 : 0 + + field_name = "container" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "deployment" { + count = var.create_fields ? 1 : 0 + + field_name = "deployment" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "host" { + count = var.create_fields ? 1 : 0 + + field_name = "host" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "namespace" { + count = var.create_fields ? 1 : 0 + + field_name = "namespace" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "node" { + count = var.create_fields ? 1 : 0 + + field_name = "node" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "pod" { + count = var.create_fields ? 1 : 0 + + field_name = "pod" + data_type = "String" + state = "Enabled" + } + resource "sumologic_field" "service" { + count = var.create_fields ? 1 : 0 + + field_name = "service" + data_type = "String" + state = "Enabled" + } + locals.tf: | + locals { + default_events_source = "events" + default_logs_source = "logs" + apiserver_metrics_source = "apiserver-metrics" + control_plane_metrics_source = "control-plane-metrics" + controller_metrics_source = "kube-controller-manager-metrics" + default_metrics_source = "(default-metrics)" + kubelet_metrics_source = "kubelet-metrics" + node_metrics_source = "node-exporter-metrics" + scheduler_metrics_source = "kube-scheduler-metrics" + state_metrics_source = "kube-state-metrics" + } + main.tf: | + terraform { + required_providers { + sumologic = { + source = "sumologic/sumologic" + version = "~> 2.11" + } + kubernetes = { + source = "hashicorp/kubernetes" + version = "~> 1.13" + } + } + } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="false" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + NOTIFICATIONS_RECIPIENTS='["test@test.lh","email@locahost.lh"]' + NOTIFICATIONS_CONTENT="subject=\"Monitor Alert: {{ TriggerType }} on {{ Name }}\",message_body=\"Triggered {{ TriggerType }} Alert on {{ Name }}: {{ QueryURL }}\"" + NOTIFICATIONS_SETTINGS="recipients=${NOTIFICATIONS_RECIPIENTS},connection_type=\"Email\",time_zone=\"UTC\"" + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + -var="email_notifications_critical=[{${NOTIFICATIONS_SETTINGS},${NOTIFICATIONS_CONTENT},run_for_trigger_types=[\"Critical\", \"ResolvedCritical\"]}]" \ + -var="email_notifications_warning=[{${NOTIFICATIONS_SETTINGS},${NOTIFICATIONS_CONTENT},run_for_trigger_types=[\"Warning\", \"ResolvedWarning\"]}]" \ + -var="email_notifications_missingdata=[{${NOTIFICATIONS_SETTINGS},${NOTIFICATIONS_CONTENT},run_for_trigger_types=[\"MissingData\", \"ResolvedMissingData\"]}]" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi + providers.tf: |- + provider "sumologic" {} + + provider "kubernetes" { + + cluster_ca_certificate = file("/var/run/secrets/kubernetes.io/serviceaccount/ca.crt") + host = "https://kubernetes.default.svc" + load_config_file = "false" + token = file("/var/run/secrets/kubernetes.io/serviceaccount/token") + } + resources.tf: | + resource "sumologic_collector" "collector" { + name = var.collector_name + fields = { + cluster = var.cluster_name + } + } + + resource "sumologic_http_source" "default_events_source" { + name = local.default_events_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "default_logs_source" { + name = local.default_logs_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "apiserver_metrics_source" { + name = local.apiserver_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "control_plane_metrics_source" { + name = local.control_plane_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "controller_metrics_source" { + name = local.controller_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "default_metrics_source" { + name = local.default_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "kubelet_metrics_source" { + name = local.kubelet_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "node_metrics_source" { + name = local.node_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "scheduler_metrics_source" { + name = local.scheduler_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "sumologic_http_source" "state_metrics_source" { + name = local.state_metrics_source + collector_id = sumologic_collector.collector.id + } + + resource "kubernetes_secret" "sumologic_collection_secret" { + metadata { + name = "sumologic" + namespace = var.namespace_name + } + + data = { + endpoint-events = sumologic_http_source.default_events_source.url + endpoint-logs = sumologic_http_source.default_logs_source.url + endpoint-metrics-apiserver = sumologic_http_source.apiserver_metrics_source.url + endpoint-control_plane_metrics_source = sumologic_http_source.control_plane_metrics_source.url + endpoint-metrics-kube-controller-manager = sumologic_http_source.controller_metrics_source.url + endpoint-metrics = sumologic_http_source.default_metrics_source.url + endpoint-metrics-kubelet = sumologic_http_source.kubelet_metrics_source.url + endpoint-metrics-node-exporter = sumologic_http_source.node_metrics_source.url + endpoint-metrics-kube-scheduler = sumologic_http_source.scheduler_metrics_source.url + endpoint-metrics-kube-state = sumologic_http_source.state_metrics_source.url + } + + type = "Opaque" + } + setup.sh: | + #!/bin/bash + + readonly DEBUG_MODE=${DEBUG_MODE:="false"} + readonly DEBUG_MODE_ENABLED_FLAG="true" + + # Let's compare the variables ignoring the case with help of ${VARIABLE,,} which makes the string lowercased + # so that we don't have to deal with True vs true vs TRUE + if [[ ${DEBUG_MODE,,} == "${DEBUG_MODE_ENABLED_FLAG}" ]]; then + echo "Entering the debug mode with continuous sleep. No setup will be performed." + echo "Please exec into the setup container and run the setup.sh by hand or set the sumologic.setup.debug=false and reinstall." + + while true; do + sleep 10 + echo "$(date) Sleeping in the debug mode..." + done + fi + + function fix_sumo_base_url() { + local BASE_URL + BASE_URL=${SUMOLOGIC_BASE_URL} + + if [[ "${BASE_URL}" =~ ^\s*$ ]]; then + BASE_URL="https://api.sumologic.com/api/" + fi + + OPTIONAL_REDIRECTION="$(curl -XGET -s -o /dev/null -D - \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${BASE_URL}"v1/collectors \ + | grep -Fi location )" + + if [[ ! ${OPTIONAL_REDIRECTION} =~ ^\s*$ ]]; then + BASE_URL=$( echo "${OPTIONAL_REDIRECTION}" | sed -E 's/.*: (https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)?\.sumologic\.com\/api\/).*/\1/' ) + fi + + BASE_URL=${BASE_URL%v1*} + + echo "${BASE_URL}" + } + + SUMOLOGIC_BASE_URL=$(fix_sumo_base_url) + export SUMOLOGIC_BASE_URL + # Support proxy for Terraform + export HTTP_PROXY=${HTTP_PROXY:=""} + export HTTPS_PROXY=${HTTPS_PROXY:=""} + export NO_PROXY=${NO_PROXY:=""} + + function get_remaining_fields() { + local RESPONSE + RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/fields/quota)" + readonly RESPONSE + + echo "${RESPONSE}" + } + + # Check if we'd have at least 10 fields remaining after additional fields + # would be created for the collection + function should_create_fields() { + local RESPONSE + RESPONSE=$(get_remaining_fields) + readonly RESPONSE + + if ! jq -e <<< "${RESPONSE}" ; then + printf "Failed requesting fields API:\n%s\n" "${RESPONSE}" + return 1 + fi + + if ! jq -e '.remaining' <<< "${RESPONSE}" ; then + printf "Failed requesting fields API:\n%s\n" "${RESPONSE}" + return 1 + fi + + local REMAINING + REMAINING=$(jq -e '.remaining' <<< "${RESPONSE}") + readonly REMAINING + if [[ $(( REMAINING - 8 )) -ge 10 ]] ; then + return 0 + else + return 1 + fi + } + + cp /etc/terraform/{locals,main,providers,resources,variables,fields}.tf /terraform/ + cd /terraform || exit 1 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false -get=false || terraform init -input=false -upgrade + + # Sumo Logic fields + if should_create_fields ; then + readonly CREATE_FIELDS=1 + FIELDS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/fields | jq '.data[]' )" + readonly FIELDS_RESPONSE + + declare -ra FIELDS=("cluster" "container" "deployment" "host" "namespace" "node" "pod" "service") + for FIELD in "${FIELDS[@]}" ; do + FIELD_ID=$( echo "${FIELDS_RESPONSE}" | jq -r "select(.fieldName == \"${FIELD}\") | .fieldId" ) + # Don't try to import non existing fields + if [[ -z "${FIELD_ID}" ]]; then + continue + fi + + terraform import \ + -var="create_fields=1" \ + sumologic_field."${FIELD}" "${FIELD_ID}" + done + else + readonly CREATE_FIELDS=0 + echo "Couldn't automatically create fields" + echo "You do not have enough field capacity to create the required fields automatically." + echo "Please refer to https://help.sumologic.com/Manage/Fields to manually create the fields after you have removed unused fields to free up capacity." + fi + + readonly COLLECTOR_NAME="kubernetes" + + # Sumo Logic Collector and HTTP sources + # Only import sources when collector exists. + if terraform import sumologic_collector.collector "${COLLECTOR_NAME}"; then + true # prevent to render empty if; then + terraform import sumologic_http_source.default_events_source "${COLLECTOR_NAME}/events" + terraform import sumologic_http_source.default_logs_source "${COLLECTOR_NAME}/logs" + terraform import sumologic_http_source.apiserver_metrics_source "${COLLECTOR_NAME}/apiserver-metrics" + terraform import sumologic_http_source.control_plane_metrics_source "${COLLECTOR_NAME}/control-plane-metrics" + terraform import sumologic_http_source.controller_metrics_source "${COLLECTOR_NAME}/kube-controller-manager-metrics" + terraform import sumologic_http_source.default_metrics_source "${COLLECTOR_NAME}/(default-metrics)" + terraform import sumologic_http_source.kubelet_metrics_source "${COLLECTOR_NAME}/kubelet-metrics" + terraform import sumologic_http_source.node_metrics_source "${COLLECTOR_NAME}/node-exporter-metrics" + terraform import sumologic_http_source.scheduler_metrics_source "${COLLECTOR_NAME}/kube-scheduler-metrics" + terraform import sumologic_http_source.state_metrics_source "${COLLECTOR_NAME}/kube-state-metrics" + fi + + # Kubernetes Secret + terraform import kubernetes_secret.sumologic_collection_secret sumologic/sumologic + + # Apply planned changes + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="create_fields=${CREATE_FIELDS}" \ + || { echo "Error during applying Terraform changes"; exit 1; } + + # Setup Sumo Logic monitors if enabled + bash /etc/terraform/monitors.sh + + # Cleanup env variables + export SUMOLOGIC_BASE_URL= + export SUMOLOGIC_ACCESSKEY= + export SUMOLOGIC_ACCESSID= + + bash /etc/terraform/custom.sh + variables.tf: | + variable "cluster_name" { + type = string + default = "kubernetes" + } + + variable "collector_name" { + type = string + default = "kubernetes" + } + + variable "namespace_name" { + type = string + default = "sumologic" + } + + variable "create_fields" { + description = "If set, Terraform will attempt to create fields at Sumo Logic" + type = bool + default = true + } diff --git a/tests/helm/terraform/static/strip_extrapolation.output.yaml b/tests/helm/terraform/static/strip_extrapolation.output.yaml index bc3ea19646..bc9f83a56b 100644 --- a/tests/helm/terraform/static/strip_extrapolation.output.yaml +++ b/tests/helm/terraform/static/strip_extrapolation.output.yaml @@ -144,6 +144,61 @@ data: } } } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="false" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi providers.tf: |- provider "sumologic" {} @@ -379,6 +434,9 @@ data: -var="create_fields=${CREATE_FIELDS}" \ || { echo "Error during applying Terraform changes"; exit 1; } + # Setup Sumo Logic monitors if enabled + bash /etc/terraform/monitors.sh + # Cleanup env variables export SUMOLOGIC_BASE_URL= export SUMOLOGIC_ACCESSKEY= diff --git a/tests/helm/terraform/static/traces.output.yaml b/tests/helm/terraform/static/traces.output.yaml index dc745e9c2a..3ea7c249ff 100644 --- a/tests/helm/terraform/static/traces.output.yaml +++ b/tests/helm/terraform/static/traces.output.yaml @@ -136,6 +136,61 @@ data: } } } + monitors.sh: | + #!/bin/bash + + SUMOLOGIC_ACCESSID=${SUMOLOGIC_ACCESSID:=""} + readonly SUMOLOGIC_ACCESSID + SUMOLOGIC_ACCESSKEY=${SUMOLOGIC_ACCESSKEY:=""} + readonly SUMOLOGIC_ACCESSKEY + SUMOLOGIC_BASE_URL=${SUMOLOGIC_BASE_URL:=""} + readonly SUMOLOGIC_BASE_URL + + MONITORS_FOLDER_NAME="Kubernetes" + MONITORS_DISABLED="false" + + # verify if the k8s monitors folder already exists + MONITORS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/search?query=type:folder%20"${MONITORS_FOLDER_NAME}" | jq '.[]' )" + readonly MONITORS_RESPONSE + MONITORS_ROOT_ID="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/monitors/root | jq -r '.id' )" + readonly MONITORS_ROOT_ID + + MONITORS_FOLDER_ID="$( echo "${MONITORS_RESPONSE}" | \ + jq -r "select(.item.name == \"${MONITORS_FOLDER_NAME}\") | select(.item.parentId == \"${MONITORS_ROOT_ID}\") | .item.id" )" + readonly MONITORS_FOLDER_ID + + if [[ -z "${MONITORS_FOLDER_ID}" ]]; then + # go to monitors directory + cd /monitors || exit 2 + + # Fall back to init -upgrade to prevent: + # Error: Inconsistent dependency lock file + terraform init -input=false || terraform init -input=false -upgrade + + # extract environment from SUMOLOGIC_BASE_URL + # see: https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-by-Deployment-and-Firewall-Security + SUMOLOGIC_ENV=$( echo "${SUMOLOGIC_BASE_URL}" | sed -E 's/https:\/\/.*(au|ca|de|eu|fed|in|jp|us2)\.sumologic\.com.*/\1/' ) + if [[ "${SUMOLOGIC_BASE_URL}" == "${SUMOLOGIC_ENV}" ]] ; then + SUMOLOGIC_ENV="us1" + fi + + TF_LOG_PROVIDER=DEBUG terraform apply \ + -auto-approve \ + -var="access_id=${SUMOLOGIC_ACCESSID}" \ + -var="access_key=${SUMOLOGIC_ACCESSKEY}" \ + -var="environment=${SUMOLOGIC_ENV}" \ + -var="folder=${MONITORS_FOLDER_NAME}" \ + -var="monitors_disabled=${MONITORS_DISABLED}" \ + || { echo "Error during applying Terraform monitors."; exit 1; } + else + echo "The monitors were already installed in ${MONITORS_FOLDER_NAME}." + echo "You can (re)install them manually with:" + echo "https://github.com/SumoLogic/terraform-sumologic-sumo-logic-monitor/tree/main/monitor_packages/kubernetes" + fi providers.tf: |- provider "sumologic" {} @@ -314,6 +369,9 @@ data: -var="create_fields=${CREATE_FIELDS}" \ || { echo "Error during applying Terraform changes"; exit 1; } + # Setup Sumo Logic monitors if enabled + bash /etc/terraform/monitors.sh + # Cleanup env variables export SUMOLOGIC_BASE_URL= export SUMOLOGIC_ACCESSKEY=