search

jangraefen / hcloud-pricing-exporter

A prometheus exporter for the current pricing and costs of your HCloud account
MIT License
56 stars 8 forks source link

feat: read HCLOUD_TOKEN from file #142

Closed simonostendorf closed 6 months ago

simonostendorf commented 6 months ago

This allows the HCLOUD_TOKEN to be read from a file. This can be useful if the token is injected using secret injection (e.g. with the vault agent injector).

I tested the changes on my dev cluster. If someone is interested in using this with the vault agent injector, I used the following helm values:

image:
  repository: <custom-image-because-changes-are-not-released>
  tag: <custom-image-because-changes-are-not-released>
secret:
  create: false
  file: /vault/secrets/token
podAnnotations:
  vault.hashicorp.com/agent-inject: "true"
  vault.hashicorp.com/log-format: json
  vault.hashicorp.com/role: <your-vault-role-name>
  vault.hashicorp.com/secret-volume-path-token: /vault/secrets
  vault.hashicorp.com/agent-inject-file-token: token
  vault.hashicorp.com/agent-inject-secret-token: <your-vault-mount>/data/<your-vault-path>
  vault.hashicorp.com/agent-inject-template-token: |
    {{ with secret "<your-vault-mount>/data/<your-vault-path>" -}}
      {{ .Data.data.token }}
    {{- end }}
serviceAccount:
  create: true
rbac:
  create: true
  kind: ClusterRole
  rules:
    - apiGroups:
        - authorization.k8s.io
      resources:
        - subjectaccessreviews
      verbs:
        - create
    - apiGroups:
        - authentication.k8s.io
      resources:
        - tokenreviews
      verbs:
        - create

This change is inspired from external-dns cloudflare provider. I requested the same change for the hcloud-cloud-controller-manager and hetzner-csi-driver to keep consistency in reading HCLOUD_TOKEN from file.

jangraefen commented 6 months ago

Hey @simonostendorf,

thank you for submitting this awesome PR! 🙂 I will merge your changes and will build a new release today.

With kind regards, Jan

jangraefen commented 6 months ago

Hey @simonostendorf,

after some troubles while dusting off the release process, your changes are now released as part of the 0.9.0 release. I also released the helm chart for that.

Thanks again, have fun and "viele Grüße aus Aachen 😉"

simonostendorf commented 6 months ago

Hey @jangraefen,

thanks for reviewing and releasing this PR so fast.

(Ebenfalls viele Grüße aus Aachen :D )