Validate Monitoring for SonarQube

[zachariahmiller]

Describe what should be investigated or refactored

We need to validate that monitoring is setup correctly for SonarQube when on top of uds-core. Links to any relevant code

https://github.com/defenseunicorns/uds-core/issues/17

Additional context

This should just using the monitoring stack from uds-core

Additional context based on initial research:

SonarQube doesnt use a service monitor or expose the monitoring endpoints as part of the service, rather it uses a pod monitor. Additionally, out of the box it does not expose the monitoring ports or even include the necessary jar to emit metrics for Prometheus.

The current helm chart curls the jar from maven, which will not work in an airgap.

The repo1 helm chart does not have the pod monitor in the templates, only upstream.

1. Implement logic to pull the jar in on create and load it in the container at deploy time via ConfigMap (jar is ~ 500kb). The repo1 and sonarsource charts both expose extraInitContainers: and volumes: so this should be feasible.
2. Implement additional logic to configure to use prometheus as we wont be relying on the existing functionality that tries to curl the jar.
3. PR to uds-core to add pod-monitor as a kind supported by monitoring and additionally allow .spec.endpoints[].bearerTokenSecret to be defined as part of the uds-package monitoring spec.
4. update package cr in sonarqube repo to generate pod monitor with authentication.

[zachariahmiller]

moved to blocked as this:

1. PR to uds-core to add pod-monitor as a kind supported by monitoring and additionally allow .spec.endpoints[].bearerTokenSecret to be defined as part of the uds-package monitoring spec.

will need to happen first. I will create an issue in uds-core for it.

[Racer159]

Linking to here: https://github.com/defenseunicorns/uds-core/issues/417