chart: Create actionsmetrics.secrets.yaml (#2208)

Co-authored-by: Dhawal Seth <dseth@linkedin.com>
Co-authored-by: Yusuke Kuoka <ykuoka@gmail.com>

acceptance/deploy.sh

@@ -35,7 +35,7 @@ else
   echo 'Skipped deploying secret "github-webhook-server". Set WEBHOOK_GITHUB_TOKEN to deploy.' 1>&2
 fi
 
-if [ -n "${WEBHOOK_GITHUB_TOKEN}" ]; then
+if [ -n "${WEBHOOK_GITHUB_TOKEN}" ] && [ -z "${CREATE_SECRETS_USING_HELM}" ]; then
   kubectl -n actions-runner-system delete secret \
       actions-metrics-server || :
   kubectl -n actions-runner-system create secret generic \
@@ -69,6 +69,14 @@ if [ "${tool}" == "helm" ]; then
     flags+=( --set githubWebhookServer.logFormat=${LOG_FORMAT})
     flags+=( --set actionsMetricsServer.logFormat=${LOG_FORMAT})
   fi
+  if [ -n "${CREATE_SECRETS_USING_HELM}" ]; then
+    if [ -z "${WEBHOOK_GITHUB_TOKEN}" ]; then
+      echo 'Failed deploying secret "actions-metrics-server" using helm. Set WEBHOOK_GITHUB_TOKEN to deploy.' 1>&2
+      exit 1
+    fi
+    flags+=( --set actionsMetricsServer.secret.create=true)
+    flags+=( --set actionsMetricsServer.secret.github_token=${WEBHOOK_GITHUB_TOKEN})
+  fi
 
   set -vx
 

charts/actions-runner-controller/templates/actionsmetrics.deployment.yaml

@@ -15,7 +15,7 @@ spec:
     metadata:
       {{- with .Values.actionsMetricsServer.podAnnotations }}
       annotations:
-        kubectl.kubernetes.io/default-logs-container: "github-webhook-server"
+        kubectl.kubernetes.io/default-container: "actions-metrics-server"
         {{- toYaml . | nindent 8 }}
       {{- end }}
       labels:
@@ -74,25 +74,25 @@ spec:
           valueFrom:
             secretKeyRef:
               key: github_token
-              name: {{ include "actions-runner-controller.githubWebhookServerSecretName" . }}
+              name: {{ include "actions-runner-controller-actions-metrics-server.secretName" . }}
               optional: true
         - name: GITHUB_APP_ID
           valueFrom:
             secretKeyRef:
               key: github_app_id
-              name: {{ include "actions-runner-controller.githubWebhookServerSecretName" . }}
+              name: {{ include "actions-runner-controller-actions-metrics-server.secretName" . }}
               optional: true
         - name: GITHUB_APP_INSTALLATION_ID
           valueFrom:
             secretKeyRef:
               key: github_app_installation_id
-              name: {{ include "actions-runner-controller.githubWebhookServerSecretName" . }}
+              name: {{ include "actions-runner-controller-actions-metrics-server.secretName" . }}
               optional: true
         - name: GITHUB_APP_PRIVATE_KEY
           valueFrom:
             secretKeyRef:
               key: github_app_private_key
-              name: {{ include "actions-runner-controller.githubWebhookServerSecretName" . }}
+              name: {{ include "actions-runner-controller-actions-metrics-server.secretName" . }}
               optional: true
         {{- if .Values.authSecret.github_basicauth_username }}
         - name: GITHUB_BASICAUTH_USERNAME

charts/actions-runner-controller/templates/actionsmetrics.secrets.yaml

@@ -0,0 +1,28 @@
+{{- if .Values.actionsMetricsServer.enabled }}
+{{- if .Values.actionsMetricsServer.secret.create }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "actions-runner-controller-actions-metrics-server.secretName" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "actions-runner-controller.labels" . | nindent 4 }}
+type: Opaque
+data:
+{{- if .Values.actionsMetricsServer.secret.github_webhook_secret_token }}
+  github_webhook_secret_token: {{ .Values.actionsMetricsServer.secret.github_webhook_secret_token | toString | b64enc }}
+{{- end }}
+{{- if .Values.actionsMetricsServer.secret.github_app_id }}
+  github_app_id: {{ .Values.actionsMetricsServer.secret.github_app_id | toString | b64enc }}
+{{- end }}
+{{- if .Values.actionsMetricsServer.secret.github_app_installation_id }}
+  github_app_installation_id: {{ .Values.actionsMetricsServer.secret.github_app_installation_id | toString | b64enc }}
+{{- end }}
+{{- if .Values.actionsMetricsServer.secret.github_app_private_key }}
+  github_app_private_key: {{ .Values.actionsMetricsServer.secret.github_app_private_key | toString | b64enc }}
+{{- end }}
+{{- if .Values.actionsMetricsServer.secret.github_token }}
+  github_token: {{ .Values.actionsMetricsServer.secret.github_token | toString | b64enc }}
+{{- end }}
+{{- end }}
+{{- end }}

test/e2e/e2e_test.go

@@ -398,6 +398,7 @@ type env struct {
 	appID, appInstallationID, appPrivateKeyFile string
 	githubToken, testRepo, testOrg, testOrgRepo string
 	githubTokenWebhook                          string
+	createSecretsUsingHelm                      string
 	testEnterprise                              string
 	testEphemeral                               string
 	scaleDownDelaySecondsAfterScaleOut          int64
@@ -533,6 +534,7 @@ func initTestEnv(t *testing.T, k8sMinorVer string, vars vars) *env {
 	e.appInstallationID = testing.Getenv(t, "GITHUB_APP_INSTALLATION_ID")
 	e.appPrivateKeyFile = testing.Getenv(t, "GITHUB_APP_PRIVATE_KEY_FILE")
 	e.githubTokenWebhook = testing.Getenv(t, "WEBHOOK_GITHUB_TOKEN")
+	e.createSecretsUsingHelm = testing.Getenv(t, "CREATE_SECRETS_USING_HELM")
 	e.repoToCommit = testing.Getenv(t, "TEST_COMMIT_REPO")
 	e.testRepo = testing.Getenv(t, "TEST_REPO", "")
 	e.testOrg = testing.Getenv(t, "TEST_ORG", "")
@@ -718,6 +720,7 @@ func (e *env) installActionsRunnerController(t *testing.T, repo, tag, testID, ch
 
 	varEnv := []string{
 		"WEBHOOK_GITHUB_TOKEN=" + e.githubTokenWebhook,
+		"CREATE_SECRETS_USING_HELM=" + e.createSecretsUsingHelm,
 		"TEST_ID=" + testID,
 		"NAME=" + repo,
 		"VERSION=" + tag,