diff --git a/charts/k8s-monitoring/destinations/faro-values.yaml b/charts/k8s-monitoring/destinations/faro-values.yaml new file mode 100644 index 0000000000..ab9ad73f1f --- /dev/null +++ b/charts/k8s-monitoring/destinations/faro-values.yaml @@ -0,0 +1,303 @@ +--- +# -- The name for this Faro destination. +# @section -- General +name: "" + +# -- The URL for the Faro destination. +# @section -- General +url: "" + +# -- Raw config for accessing the URL. +# @section -- General +urlFrom: "" + +# -- HTTP proxy to send requests through +# @section -- General +proxyURL: "" + +# -- The tenant ID for the Faro destination. +# @section -- General +tenantId: "" +# -- The key for storing the tenant ID in the secret. +# @section -- General +tenantIdKey: "tenantId" +# -- Raw config for accessing the tenant ID. +# @section -- General +tenantIdFrom: "" + +# -- Extra headers to be set when sending data. +# All values are treated as strings and automatically quoted. +# @section -- General +extraHeaders: {} +# -- Extra headers to be set when sending data through a dynamic reference. +# All values are treated as raw strings and not quoted. +# @section -- General +extraHeadersFrom: {} + +# -- Labels to be set with the cluster name as the value. +# @section -- General +clusterLabels: [cluster, k8s.cluster.name] + +auth: + # -- The type of authentication to do. + # Options are "none" (default), "basic", "bearerToken", "oauth2", "sigv4". + # @section -- Authentication + type: none + + # -- The username for basic authentication. + # @section -- Authentication - Basic + username: "" + # -- The key for storing the username in the secret. + # @section -- Authentication - Basic + usernameKey: username + # -- Raw config for accessing the username. + # @section -- Authentication - Basic + usernameFrom: "" + + # -- The password for basic authentication. + # @section -- Authentication - Basic + password: "" + # -- The key for storing the password in the secret. + # @section -- Authentication - Basic + passwordKey: password + # -- Raw config for accessing the password. + # @section -- Authentication - Basic + passwordFrom: "" + + # -- The bearer token for bearer token authentication. + # @section -- Authentication - Bearer Token + bearerToken: "" + # -- The key for storing the bearer token in the secret. + # @section -- Authentication - Bearer Token + bearerTokenKey: bearerToken + # -- Raw config for accessing the bearer token. + # @section -- Authentication - Bearer Token + bearerTokenFrom: "" + # -- Path to a file that containers the bearer token. + # @section -- Authentication - Bearer Token + bearerTokenFile: "" + + # Authenticate to Prometheus using OAuth2 + # @section -- Authentication - OAuth2 + oauth2: + # -- OAuth2 client ID + # @section -- Authentication - OAuth2 + clientId: "" + # -- The key for the client ID property in the secret + # @section -- Authentication - OAuth2 + clientIdKey: clientId + # -- Raw config for accessing the client ID + # @section -- Authentication - OAuth2 + clientIdFrom: "" + # -- OAuth2 client secret + # @section -- Authentication - OAuth2 + clientSecret: "" + # -- The key for the client secret property in the secret + # @section -- Authentication - OAuth2 + clientSecretKey: clientSecret + # -- Raw config for accessing the client secret + # @section -- Authentication - OAuth2 + clientSecretFrom: "" + # -- File containing the OAuth2 client secret. + # @section -- Authentication - OAuth2 + clientSecretFile: "" + # -- OAuth2 endpoint parameters + # @section -- Authentication - OAuth2 + endpointParams: {} + # -- HTTP proxy to send requests through. + # @section -- Authentication - OAuth2 + proxyURL: "" + # -- Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. + # @section -- Authentication - OAuth2 + noProxy: "" + # -- Use the proxy URL indicated by environment variables. + # @section -- Authentication - OAuth2 + proxyFromEnvironment: false + # -- Specifies headers to send to proxies during CONNECT requests. + # @section -- Authentication - OAuth2 + proxyConnectHeader: {} + # -- List of scopes to authenticate with. + # @section -- Authentication - OAuth2 + scopes: [] + # -- URL to fetch the token from. + # @section -- Authentication - OAuth2 + tokenURL: "" + +secret: + # -- Whether to create a secret for this Faro destination. + # @section -- Secret + create: true + # -- If true, skip secret creation and embed the credentials directly into the configuration. + # @section -- Secret + embed: false + # -- The name of the secret to create. + # @section -- Secret + name: "" + # -- The namespace for the secret. + # @section -- Secret + namespace: "" + + # Authentication using AWS Signature Version 4 + sigv4: + # -- The AWS region for sigv4 authentication. + # @section -- Authentication - SigV4 + region: "" + + # -- The AWS service for sigv4 authentication. + # @section -- Authentication - SigV4 + service: "" + + assumeRole: + # -- The Amazon Resource Name (ARN) of a role to assume. + # @section -- Authentication - SigV4 + arn: "" + + # -- The name of a role session. + # @section -- Authentication - SigV4 + sessionName: "" + + # -- The AWS region where STS is used to assume the configured role. + # @section -- Authentication - SigV4 + stsRegion: "" + +tls: + # -- Whether to use TLS for the Faro destination. + # @section -- TLS + insecure: false + + # -- Disables validation of the server certificate. + # @section -- TLS + insecureSkipVerify: false + + # -- The CA certificate for the server (as a string). + # @section -- TLS + ca: "" + # -- The CA certificate for the server (as a path to a file). + # @section -- TLS + caFile: "" + # -- Raw config for accessing the server CA certificate. + # @section -- TLS + caFrom: "" + + # -- The client certificate for the server (as a string). + # @section -- TLS + cert: "" + # -- The client certificate for the server (as a path to a file). + # @section -- TLS + certFile: "" + # -- Raw config for accessing the client certificate. + # @section -- TLS + certFrom: "" + + # -- The client key for the server (as a string). + # @section -- TLS + key: "" + # -- The client key for the server (as a path to a file). + # @section -- TLS + keyFile: "" + # -- Raw config for accessing the client key. + # @section -- TLS + keyFrom: "" + +retryOnFailure: + # -- Should failed requests be retried? + # @section -- General + enabled: true + # -- The initial time to wait before retrying a failed request to the Faro destination. + # @section -- General + initialInterval: 5s + # -- The maximum time to wait before retrying a failed request to the Faro destination. + # @section -- General + maxInterval: 30s + # -- The maximum amount of time to wait before discarding a failed batch. + # @section -- General + maxElapsedTime: 5m + +# -- Size of the read buffer the HTTP client uses for reading server responses. +# @section -- General +readBufferSize: "" + +# -- Size of the write buffer the HTTP client uses for writing requests. +# @section -- General +writeBufferSize: "" + +# Processors to apply to the data before delivering it to its destination. +processors: + attributes: + # -- Attribute processor actions + # Format: { key: "", value: "", action: "", pattern: "", fromAttribute: "", fromContext: "", convertedType: "" } + # Can also use `valueFrom` instead of value to use a raw reference. + # @section -- Attributes Processor + actions: [] + + transform: + # -- How to react to errors if they occur while processing a statement. Valid options are "ignore", "silent", and + # "propagate". + # @section -- Transform Processor + errorMode: ignore + + # -- Metric transforms, context is inferred. + # @section -- Transform Processor + metrics: [] + + # -- Log transforms, context is inferred. + # @section -- Transform Processor + logs: [] + + # -- Trace transforms, context is inferred. + # @section -- Transform Processor + traces: [] + + filters: + # -- Enable the filter processor. Any rules that evaluate to true will drop the matching telemetry data. + # @section -- Filter Processor + enabled: false + + # -- How to react to errors if they occur while processing a statement. Valid options are "ignore", "silent", and + # "propagate". + # @section -- Filter Processor + errorMode: ignore + + # -- Metric filters + # @section -- Filter Processor + metrics: + metric: [] + datapoint: [] + + # -- Log filters + # @section -- Filter Processor + logs: + logRecord: [] + + # -- Trace filters + # @section -- Filter Processor + traces: + span: [] + spanevent: [] + + batch: + # -- Whether to use a batch processor. + # @section -- Batch Processor + enabled: true + # -- Number of spans, metric data points, or log records after which a batch will be sent regardless of the timeout. + # This setting acts as a trigger and does not affect the size of the batch. If you need to enforce batch size limit, + # use `maxSize`. + # @section -- Batch Processor + size: 8192 + # -- Maximum number of spans, metric data points, or log records to send in a single batch. This number must be + # greater than or equal to the `size` setting. If set to 0, the batch processor will not enforce a maximum size. + # @section -- Batch Processor + maxSize: 0 + # -- How long to wait before flushing the batch. + # @section -- Batch Processor + timeout: 2s + memoryLimiter: + # -- Whether to use a memory limiter. + # @section -- Memory Limiter + enabled: false + # -- How often to check memory usage. + # @section -- Memory Limiter + checkInterval: 1s + # -- Maximum amount of memory targeted to be allocated by the process heap. + # @section -- Memory Limiter + limit: 0MiB diff --git a/charts/k8s-monitoring/docs/destinations/faro.md b/charts/k8s-monitoring/docs/destinations/faro.md new file mode 100644 index 0000000000..e8fbd98c2d --- /dev/null +++ b/charts/k8s-monitoring/docs/destinations/faro.md @@ -0,0 +1,148 @@ +# faro + + +## Values + +### Authentication - Bearer Token + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| auth.bearerToken | string | `""` | The bearer token for bearer token authentication. | +| auth.bearerTokenFile | string | `""` | Path to a file that containers the bearer token. | +| auth.bearerTokenFrom | string | `""` | Raw config for accessing the bearer token. | +| auth.bearerTokenKey | string | `"bearerToken"` | The key for storing the bearer token in the secret. | + +### Authentication - OAuth2 + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| auth.oauth2.clientId | string | `""` | OAuth2 client ID | +| auth.oauth2.clientIdFrom | string | `""` | Raw config for accessing the client ID | +| auth.oauth2.clientIdKey | string | `"clientId"` | The key for the client ID property in the secret | +| auth.oauth2.clientSecret | string | `""` | OAuth2 client secret | +| auth.oauth2.clientSecretFile | string | `""` | File containing the OAuth2 client secret. | +| auth.oauth2.clientSecretFrom | string | `""` | Raw config for accessing the client secret | +| auth.oauth2.clientSecretKey | string | `"clientSecret"` | The key for the client secret property in the secret | +| auth.oauth2.endpointParams | object | `{}` | OAuth2 endpoint parameters | +| auth.oauth2.noProxy | string | `""` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | +| auth.oauth2.proxyConnectHeader | object | `{}` | Specifies headers to send to proxies during CONNECT requests. | +| auth.oauth2.proxyFromEnvironment | bool | `false` | Use the proxy URL indicated by environment variables. | +| auth.oauth2.proxyURL | string | `""` | HTTP proxy to send requests through. | +| auth.oauth2.scopes | list | `[]` | List of scopes to authenticate with. | +| auth.oauth2.tokenURL | string | `""` | URL to fetch the token from. | + +### Authentication - Basic + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| auth.password | string | `""` | The password for basic authentication. | +| auth.passwordFrom | string | `""` | Raw config for accessing the password. | +| auth.passwordKey | string | `"password"` | The key for storing the password in the secret. | +| auth.username | string | `""` | The username for basic authentication. | +| auth.usernameFrom | string | `""` | Raw config for accessing the username. | +| auth.usernameKey | string | `"username"` | The key for storing the username in the secret. | + +### Authentication + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| auth.type | string | `"none"` | The type of authentication to do. Options are "none" (default), "basic", "bearerToken", "oauth2", "sigv4". | + +### General + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| clusterLabels | list | `["cluster","k8s.cluster.name"]` | Labels to be set with the cluster name as the value. | +| extraHeaders | object | `{}` | Extra headers to be set when sending data. All values are treated as strings and automatically quoted. | +| extraHeadersFrom | object | `{}` | Extra headers to be set when sending data through a dynamic reference. All values are treated as raw strings and not quoted. | +| name | string | `""` | The name for this Faro destination. | +| proxyURL | string | `""` | HTTP proxy to send requests through | +| readBufferSize | string | `""` | Size of the read buffer the HTTP client uses for reading server responses. | +| retryOnFailure.enabled | bool | `true` | Should failed requests be retried? | +| retryOnFailure.initialInterval | string | `"5s"` | The initial time to wait before retrying a failed request to the Faro destination. | +| retryOnFailure.maxElapsedTime | string | `"5m"` | The maximum amount of time to wait before discarding a failed batch. | +| retryOnFailure.maxInterval | string | `"30s"` | The maximum time to wait before retrying a failed request to the Faro destination. | +| tenantId | string | `""` | The tenant ID for the Faro destination. | +| tenantIdFrom | string | `""` | Raw config for accessing the tenant ID. | +| tenantIdKey | string | `"tenantId"` | The key for storing the tenant ID in the secret. | +| url | string | `""` | The URL for the Faro destination. | +| urlFrom | string | `""` | Raw config for accessing the URL. | +| writeBufferSize | string | `""` | Size of the write buffer the HTTP client uses for writing requests. | + +### Attributes Processor + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| processors.attributes.actions | list | `[]` | Attribute processor actions Format: { key: "", value: "", action: "", pattern: "", fromAttribute: "", fromContext: "", convertedType: "" } Can also use `valueFrom` instead of value to use a raw reference. | + +### Batch Processor + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| processors.batch.enabled | bool | `true` | Whether to use a batch processor. | +| processors.batch.maxSize | int | `0` | Maximum number of spans, metric data points, or log records to send in a single batch. This number must be greater than or equal to the `size` setting. If set to 0, the batch processor will not enforce a maximum size. | +| processors.batch.size | int | `8192` | Number of spans, metric data points, or log records after which a batch will be sent regardless of the timeout. This setting acts as a trigger and does not affect the size of the batch. If you need to enforce batch size limit, use `maxSize`. | +| processors.batch.timeout | string | `"2s"` | How long to wait before flushing the batch. | + +### Filter Processor + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| processors.filters.enabled | bool | `false` | Enable the filter processor. Any rules that evaluate to true will drop the matching telemetry data. | +| processors.filters.errorMode | string | `"ignore"` | How to react to errors if they occur while processing a statement. Valid options are "ignore", "silent", and "propagate". | +| processors.filters.logs | object | `{"logRecord":[]}` | Log filters | +| processors.filters.metrics | object | `{"datapoint":[],"metric":[]}` | Metric filters | +| processors.filters.traces | object | `{"span":[],"spanevent":[]}` | Trace filters | + +### Memory Limiter + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| processors.memoryLimiter.checkInterval | string | `"1s"` | How often to check memory usage. | +| processors.memoryLimiter.enabled | bool | `false` | Whether to use a memory limiter. | +| processors.memoryLimiter.limit | string | `"0MiB"` | Maximum amount of memory targeted to be allocated by the process heap. | + +### Transform Processor + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| processors.transform.errorMode | string | `"ignore"` | How to react to errors if they occur while processing a statement. Valid options are "ignore", "silent", and "propagate". | +| processors.transform.logs | list | `[]` | Log transforms, context is inferred. | +| processors.transform.metrics | list | `[]` | Metric transforms, context is inferred. | +| processors.transform.traces | list | `[]` | Trace transforms, context is inferred. | + +### Secret + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| secret.create | bool | `true` | Whether to create a secret for this Faro destination. | +| secret.embed | bool | `false` | If true, skip secret creation and embed the credentials directly into the configuration. | +| secret.name | string | `""` | The name of the secret to create. | +| secret.namespace | string | `""` | The namespace for the secret. | + +### Authentication - SigV4 + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| secret.sigv4.assumeRole.arn | string | `""` | The Amazon Resource Name (ARN) of a role to assume. | +| secret.sigv4.assumeRole.sessionName | string | `""` | The name of a role session. | +| secret.sigv4.assumeRole.stsRegion | string | `""` | The AWS region where STS is used to assume the configured role. | +| secret.sigv4.region | string | `""` | The AWS region for sigv4 authentication. | +| secret.sigv4.service | string | `""` | The AWS service for sigv4 authentication. | + +### TLS + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| tls.ca | string | `""` | The CA certificate for the server (as a string). | +| tls.caFile | string | `""` | The CA certificate for the server (as a path to a file). | +| tls.caFrom | string | `""` | Raw config for accessing the server CA certificate. | +| tls.cert | string | `""` | The client certificate for the server (as a string). | +| tls.certFile | string | `""` | The client certificate for the server (as a path to a file). | +| tls.certFrom | string | `""` | Raw config for accessing the client certificate. | +| tls.insecure | bool | `false` | Whether to use TLS for the Faro destination. | +| tls.insecureSkipVerify | bool | `false` | Disables validation of the server certificate. | +| tls.key | string | `""` | The client key for the server (as a string). | +| tls.keyFile | string | `""` | The client key for the server (as a path to a file). | +| tls.keyFrom | string | `""` | Raw config for accessing the client key. | + diff --git a/charts/k8s-monitoring/docs/destinations/otlp.md b/charts/k8s-monitoring/docs/destinations/otlp.md index d67d947620..877fc9f2b8 100644 --- a/charts/k8s-monitoring/docs/destinations/otlp.md +++ b/charts/k8s-monitoring/docs/destinations/otlp.md @@ -171,7 +171,7 @@ This defines the options for defining a destination for OpenTelemetry data that | Key | Type | Default | Description | |-----|------|---------|-------------| -| secret.create | bool | `true` | Whether to create a secret for this Prometheus destination. | +| secret.create | bool | `true` | Whether to create a secret for this OTLP destination. | | secret.embed | bool | `false` | If true, skip secret creation and embed the credentials directly into the configuration. | | secret.name | string | `""` | The name of the secret to create. | | secret.namespace | string | `""` | The namespace for the secret. | diff --git a/charts/k8s-monitoring/schema-mods/definitions/faro-destination.schema.json b/charts/k8s-monitoring/schema-mods/definitions/faro-destination.schema.json new file mode 100644 index 0000000000..bc138ad117 --- /dev/null +++ b/charts/k8s-monitoring/schema-mods/definitions/faro-destination.schema.json @@ -0,0 +1,329 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "auth": { + "type": "object", + "properties": { + "bearerToken": { + "type": "string" + }, + "bearerTokenFile": { + "type": "string" + }, + "bearerTokenFrom": { + "type": "string" + }, + "bearerTokenKey": { + "type": "string" + }, + "oauth2": { + "type": "object", + "properties": { + "clientId": { + "type": "string" + }, + "clientIdFrom": { + "type": "string" + }, + "clientIdKey": { + "type": "string" + }, + "clientSecret": { + "type": "string" + }, + "clientSecretFile": { + "type": "string" + }, + "clientSecretFrom": { + "type": "string" + }, + "clientSecretKey": { + "type": "string" + }, + "endpointParams": { + "type": "object" + }, + "noProxy": { + "type": "string" + }, + "proxyConnectHeader": { + "type": "object" + }, + "proxyFromEnvironment": { + "type": "boolean" + }, + "proxyURL": { + "type": "string" + }, + "scopes": { + "type": "array" + }, + "tokenURL": { + "type": "string" + } + } + }, + "password": { + "type": "string" + }, + "passwordFrom": { + "type": "string" + }, + "passwordKey": { + "type": "string" + }, + "type": { + "type": "string" + }, + "username": { + "type": "string" + }, + "usernameFrom": { + "type": "string" + }, + "usernameKey": { + "type": "string" + } + } + }, + "clusterLabels": { + "type": "array", + "items": { + "type": "string" + } + }, + "extraHeaders": { + "type": "object" + }, + "extraHeadersFrom": { + "type": "object" + }, + "name": { + "type": "string" + }, + "processors": { + "type": "object", + "properties": { + "attributes": { + "type": "object", + "properties": { + "actions": { + "type": "array" + } + } + }, + "batch": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "maxSize": { + "type": "integer" + }, + "size": { + "type": "integer" + }, + "timeout": { + "type": "string" + } + } + }, + "filters": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "errorMode": { + "type": "string" + }, + "logs": { + "type": "object", + "properties": { + "logRecord": { + "type": "array" + } + } + }, + "metrics": { + "type": "object", + "properties": { + "datapoint": { + "type": "array" + }, + "metric": { + "type": "array" + } + } + }, + "traces": { + "type": "object", + "properties": { + "span": { + "type": "array" + }, + "spanevent": { + "type": "array" + } + } + } + } + }, + "memoryLimiter": { + "type": "object", + "properties": { + "checkInterval": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "limit": { + "type": "string" + } + } + }, + "transform": { + "type": "object", + "properties": { + "errorMode": { + "type": "string" + }, + "logs": { + "type": "array" + }, + "metrics": { + "type": "array" + }, + "traces": { + "type": "array" + } + } + } + } + }, + "proxyURL": { + "type": "string" + }, + "readBufferSize": { + "type": "string" + }, + "retryOnFailure": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "initialInterval": { + "type": "string" + }, + "maxElapsedTime": { + "type": "string" + }, + "maxInterval": { + "type": "string" + } + } + }, + "secret": { + "type": "object", + "properties": { + "create": { + "type": "boolean" + }, + "embed": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "sigv4": { + "type": "object", + "properties": { + "assumeRole": { + "type": "object", + "properties": { + "arn": { + "type": "string" + }, + "sessionName": { + "type": "string" + }, + "stsRegion": { + "type": "string" + } + } + }, + "region": { + "type": "string" + }, + "service": { + "type": "string" + } + } + } + } + }, + "tenantId": { + "type": "string" + }, + "tenantIdFrom": { + "type": "string" + }, + "tenantIdKey": { + "type": "string" + }, + "tls": { + "type": "object", + "properties": { + "ca": { + "type": "string" + }, + "caFile": { + "type": "string" + }, + "caFrom": { + "type": "string" + }, + "cert": { + "type": "string" + }, + "certFile": { + "type": "string" + }, + "certFrom": { + "type": "string" + }, + "insecure": { + "type": "boolean" + }, + "insecureSkipVerify": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "keyFile": { + "type": "string" + }, + "keyFrom": { + "type": "string" + } + } + }, + "url": { + "type": "string" + }, + "urlFrom": { + "type": "string" + }, + "writeBufferSize": { + "type": "string" + } + } +} diff --git a/charts/k8s-monitoring/schema-mods/destination.json b/charts/k8s-monitoring/schema-mods/destination.json index ac25be8ff0..a930dea923 100644 --- a/charts/k8s-monitoring/schema-mods/destination.json +++ b/charts/k8s-monitoring/schema-mods/destination.json @@ -4,6 +4,7 @@ "type": "object", "anyOf": [ { "$ref": "#/definitions/invalid-destination"}, + { "$ref": "#/definitions/faro-destination"}, { "$ref": "#/definitions/loki-destination"}, { "$ref": "#/definitions/otlp-destination"}, { "$ref": "#/definitions/prometheus-destination"}, @@ -22,6 +23,7 @@ "$ref": "#/definitions/destination" } }, + "faro-destination": {"properties": {"type": {"type": "string", "const": "faro"}}}, "loki-destination": {"properties": {"type": {"type": "string", "const": "loki"}}}, "otlp-destination": {"properties": {"type": {"type": "string", "const": "otlp"}}}, "prometheus-destination": {"properties": {"type": {"type": "string", "const": "prometheus"}}}, diff --git a/charts/k8s-monitoring/templates/destinations/_destination_faro.tpl b/charts/k8s-monitoring/templates/destinations/_destination_faro.tpl new file mode 100644 index 0000000000..e42696a37b --- /dev/null +++ b/charts/k8s-monitoring/templates/destinations/_destination_faro.tpl @@ -0,0 +1,310 @@ +{{- define "destinations.faro.alloy" }} +{{- with .destination }} +otelcol.receiver.loki {{ include "helper.alloy_name" .name | quote }} { + output { + logs = [{{ include "destinations.faro.alloy.otlp.logs.target" . | trim }}] + } +} + +otelcol.processor.attributes {{ include "helper.alloy_name" .name | quote }} { +{{- range $action := .processors.attributes.actions }} + action { + key = {{ $action.key | quote }} + action = {{ $action.action | quote }} + {{- if $action.value }} + value = {{ $action.value | quote }} + {{- else if $action.valueFrom }} + value = {{ $action.valueFrom }} + {{- end }} + {{- if $action.pattern }} + pattern = {{ $action.pattern | quote }} + {{- end }} + {{- if $action.fromAttribute }} + from_attribute = {{ $action.fromAttribute | quote }} + {{- end }} + {{- if $action.fromContext }} + from_context = {{ $action.fromContext | quote }} + {{- end }} + {{- if $action.convertedType }} + converted_type = {{ $action.convertedType | quote }} + {{- end }} + } +{{- end }} + output { + logs = [otelcol.processor.transform.{{ include "helper.alloy_name" .name }}.input] + traces = [otelcol.processor.transform.{{ include "helper.alloy_name" .name }}.input] + } +} + +otelcol.processor.transform {{ include "helper.alloy_name" .name | quote }} { + error_mode = {{ .processors.transform.errorMode | quote }} + statements { + logs = [ +{{- range $label := .clusterLabels }} + `set(attributes[{{ $label | quote }}], {{ $.Values.cluster.name | quote }})`, +{{- end }} +{{- range $transform := .processors.transform.logs }} +{{ $transform | quote | indent 6 }}, +{{- end }} + ] + traces = [ +{{- range $label := .clusterLabels }} + `set(attributes[{{ $label | quote }}], {{ $.Values.cluster.name | quote }})`, +{{- end }} +{{- range $transform := .processors.transform.traces }} +{{ $transform | quote | indent 6 }}, +{{- end }} + ] + } +{{- end }} +{{- if .processors.filters.enabled }} + + output { + logs = [otelcol.processor.filter.{{ include "helper.alloy_name" .name }}.input] + traces = [otelcol.processor.filter.{{ include "helper.alloy_name" .name }}.input] + } +} + +otelcol.processor.filter {{ include "helper.alloy_name" .name | quote }} { + error_mode = {{ .processors.filters.errorMode | quote }} + +{{- if .processors.filters.logs.logRecord }} + logs { + log_record = [ +{{- range $filter := .processors.filters.logs.logRecord }} +{{ $filter | quote | indent 6 }}, +{{- end }} + ] + } +{{- end }} +{{- if or .processors.filters.traces.span .processors.filters.traces.spanevent }} + traces { +{{- if .processors.filters.traces.span }} + span = [ +{{- range $filter := .processors.filters.traces.span }} +{{ $filter | quote | indent 6 }}, +{{- end }} + ] +{{- end }} +{{- if .processors.filters.traces.spanevent }} + spanevent = [ +{{- range $filter := .processors.filters.traces.spanevent }} +{{ $filter | quote | indent 6 }}, +{{- end }} + ] +{{- end }} + } +{{- end }} +{{- end }} + +{{- if .processors.batch.enabled -}} + output { + logs = [otelcol.processor.batch.{{ include "helper.alloy_name" .name }}.input] + traces = [otelcol.processor.batch.{{ include "helper.alloy_name" .name }}.input] + } +} + +otelcol.processor.batch {{ include "helper.alloy_name" .name | quote }} { + timeout = {{ .processors.batch.timeout | quote }} + send_batch_size = {{ .processors.batch.size | int }} + send_batch_max_size = {{ .processors.batch.maxSize | int }} + +{{- end }} +{{- if .processors.memoryLimiter.enabled }} + output { + logs = [otelcol.processor.memory_limiter.{{ include "helper.alloy_name" .name }}.input] + traces = [otelcol.processor.memory_limiter.{{ include "helper.alloy_name" .name }}.input] + } +} + +otelcol.processor.memory_limiter {{ include "helper.alloy_name" .name | quote }} { + check_interval = {{ .processors.memoryLimiter.checkInterval | quote }} + limit = {{ .processors.memoryLimiter.limit | quote }} + +{{- end }} + output { + logs = [otelcol.exporter.faro.{{ include "helper.alloy_name" .name }}.input] + traces = [otelcol.exporter.faro.{{ include "helper.alloy_name" .name }}.input] + } +} + +otelcol.exporter.faro {{ include "helper.alloy_name" .name | quote }} { + client { +{{- if .urlFrom }} + endpoint = {{ .urlFrom }} +{{- else }} + endpoint = {{ .url | quote }} +{{- end }} +{{- if .proxyURL }} + proxy_url = {{ .proxyURL | quote }} +{{- end }} +{{- if eq .auth.type "basic" }} + auth = otelcol.auth.basic.{{ include "helper.alloy_name" .name }}.handler +{{- else if eq .auth.type "bearerToken" }} + auth = otelcol.auth.bearer.{{ include "helper.alloy_name" .name }}.handler +{{- else if eq .auth.type "oauth2" }} + auth = otelcol.auth.oauth2.{{ include "helper.alloy_name" .name }}.handler +{{- else if eq .auth.type "sigv4" }} + auth = otelcol.auth.sigv4.{{ include "helper.alloy_name" .name }}.handler +{{- end }} +{{- if or (eq (include "secrets.usesSecret" (dict "object" . "key" "tenantId")) "true") .extraHeaders .extraHeadersFrom }} + headers = { +{{- if eq (include "secrets.usesSecret" (dict "object" . "key" "tenantId")) "true" }} + "X-Scope-OrgID" = {{ include "secrets.read" (dict "object" . "key" "tenantId" "nonsensitive" true) }}, +{{- end }} +{{- range $key, $value := .extraHeaders }} + {{ $key | quote }} = {{ $value | quote }}, +{{- end }} +{{- range $key, $value := .extraHeadersFrom }} + {{ $key | quote }} = {{ $value }}, +{{- end }} + } +{{- end }} +{{- if .readBufferSize }} + read_buffer_size = {{ .readBufferSize | quote }} +{{- end }} +{{- if .writeBufferSize }} + write_buffer_size = {{ .writeBufferSize | quote }} +{{- end }} + +{{- if .tls }} + tls { + insecure = {{ .tls.insecure | default false }} + insecure_skip_verify = {{ .tls.insecureSkipVerify | default false }} + {{- if .tls.caFile }} + ca_file = {{ .tls.caFile | quote }} + {{- else if eq (include "secrets.usesSecret" (dict "object" . "key" "tls.ca")) "true" }} + ca_pem = {{ include "secrets.read" (dict "object" . "key" "tls.ca" "nonsensitive" true) }} + {{- end }} + {{- if .tls.certFile }} + cert_file = {{ .tls.certFile | quote }} + {{- else if eq (include "secrets.usesSecret" (dict "object" . "key" "tls.cert")) "true" }} + cert_pem = {{ include "secrets.read" (dict "object" . "key" "tls.cert" "nonsensitive" true) }} + {{- end }} + {{- if .tls.keyFile }} + key_file = {{ .tls.keyFile | quote }} + {{- else if eq (include "secrets.usesSecret" (dict "object" . "key" "tls.key")) "true" }} + key_pem = {{ include "secrets.read" (dict "object" . "key" "tls.key") }} + {{- end }} + } +{{- end }} + } + + retry_on_failure { + enabled = {{ .retryOnFailure.enabled }} + initial_interval = {{ .retryOnFailure.initialInterval | quote }} + max_interval = {{ .retryOnFailure.maxInterval | quote }} + max_elapsed_time = {{ .retryOnFailure.maxElapsedTime | quote }} + } +} +{{- if eq (include "secrets.authType" .) "basic" }} + +otelcol.auth.basic {{ include "helper.alloy_name" .name | quote }} { + username = {{ include "secrets.read" (dict "object" . "key" "auth.username" "nonsensitive" true) }} + password = {{ include "secrets.read" (dict "object" . "key" "auth.password") }} +} +{{- else if eq (include "secrets.authType" .) "bearerToken" }} +{{- if .auth.bearerTokenFile }} + +local.file {{ include "helper.alloy_name" .name | quote }} { + filename = {{ .auth.bearerTokenFile | quote }} +} + +otelcol.auth.bearer {{ include "helper.alloy_name" .name | quote }} { + token = local.file.{{ include "helper.alloy_name" .name }}.content +} +{{- else }} + +otelcol.auth.bearer {{ include "helper.alloy_name" .name | quote }} { + token = {{ include "secrets.read" (dict "object" . "key" "auth.bearerToken") }} +} +{{- end }} +{{- else if eq (include "secrets.authType" .) "oauth2" }} + +otelcol.auth.oauth2 {{ include "helper.alloy_name" .name | quote }} { + {{- if eq (include "secrets.usesSecret" (dict "object" . "key" "auth.oauth2.clientId")) "true" }} + client_id = {{ include "secrets.read" (dict "object" . "key" "auth.oauth2.clientId" "nonsensitive" true) }} + {{- end }} + {{- if .auth.oauth2.clientSecretFile }} + client_secret_file = {{ .auth.oauth2.clientSecretFile | quote }} + {{- else if eq (include "secrets.usesSecret" (dict "object" . "key" "auth.oauth2.clientSecret")) "true" }} + client_secret = {{ include "secrets.read" (dict "object" . "key" "auth.oauth2.clientSecret") }} + {{- end }} + {{- if .auth.oauth2.endpointParams }} + endpoint_params = { + {{- range $k, $v := .auth.oauth2.endpointParams }} + {{ $k }} = {{ $v | toJson }}, + {{- end }} + } + {{- end }} + {{- if .auth.oauth2.proxyURL }} + proxy_url = {{ .auth.oauth2.proxyURL | quote }} + {{- end }} + {{- if .auth.oauth2.noProxy }} + no_proxy = {{ .auth.oauth2.noProxy | quote }} + {{- end }} + {{- if .auth.oauth2.proxyFromEnvironment }} + proxyFromEnvironment = {{ .auth.oauth2.proxyFromEnvironment }} + {{- end }} + {{- if .auth.oauth2.proxyConnectHeader }} + proxy_connect_header = { + {{- range $k, $v := .auth.oauth2.proxyConnectHeader }} + {{ $k | quote }} = {{ $v | toJson }}, + {{- end }} + } + {{- end }} + {{- if .auth.oauth2.scopes }} + scopes = {{ .auth.oauth2.scopes | toJson }} + {{- end }} + {{- if .auth.oauth2.tokenURL }} + token_url = {{ .auth.oauth2.tokenURL | quote }} + {{- end }} +} +{{- else if eq (include "secrets.authType" .) "sigv4" }} + +otelcol.auth.sigv4 {{ include "helper.alloy_name" .name | quote }} { + {{- if .auth.sigv4.region }} + region = {{ .auth.sigv4.region | quote }} + {{- end }} + {{- if .auth.sigv4.service }} + service = {{ .auth.sigv4.service | quote }} + {{- end }} + {{- if (or .auth.sigv4.assumeRole.arn .auth.sigv4.assumeRole.sessionName .auth.sigv4.assumeRole.stsRegion) }} + assume_role { + {{- if .auth.sigv4.assumeRole.arn }} + arn = {{ .auth.sigv4.assumeRole.arn | quote }} + {{- end }} + {{- if .auth.sigv4.assumeRole.sessionName }} + session_name = {{ .auth.sigv4.assumeRole.sessionName | quote }} + {{- end }} + {{- if .auth.sigv4.assumeRole.stsRegion }} + sts_region = {{ .auth.sigv4.assumeRole.stsRegion | quote }} + {{- end }} + {{- end }} +} +{{- end }} +{{- end }} + +{{- define "secrets.list.faro" -}} +- tenantId +- auth.username +- auth.password +- auth.bearerToken +- auth.oauth2.clientId +- auth.oauth2.clientSecret +- tls.ca +- tls.cert +- tls.key +{{- end -}} + +{{- define "destinations.faro.alloy.faro.logs.target" }}otelcol.receiver.loki.{{ include "helper.alloy_name" .name }}.receiver{{ end }} +{{- define "destinations.faro.alloy.faro.traces.target" }}otelcol.receiver.loki.{{ include "helper.alloy_name" .name }}.receiver{{ end }} +{{/*{{- define "destinations.faro.alloy.otlp.target" }}otelcol.processor.attributes.{{ include "helper.alloy_name" .name }}.input{{ end }}*/}} +{{- define "destinations.faro.alloy.otlp.logs.target" }}{{ include "destinations.faro.alloy.otlp.target" . }}{{- end }} +{{- define "destinations.faro.alloy.otlp.traces.target" }}{{ include "destinations.faro.alloy.otlp.target" . }}{{- end }} + +{{- define "destinations.faro.supports_metrics" }}false{{ end -}} +{{- define "destinations.faro.supports_logs" }}true{{ end -}} +{{- define "destinations.faro.supports_traces" }}true{{ end -}} +{{- define "destinations.faro.supports_profiles" }}false{{ end -}} +{{- define "destinations.faro.ecosystem" }}faro{{ end -}} diff --git a/charts/k8s-monitoring/templates/destinations/_destination_types.tpl b/charts/k8s-monitoring/templates/destinations/_destination_types.tpl index 0a5f269cef..48ef661bf9 100644 --- a/charts/k8s-monitoring/templates/destinations/_destination_types.tpl +++ b/charts/k8s-monitoring/templates/destinations/_destination_types.tpl @@ -1,5 +1,6 @@ {{/* Do not edit this file. It is generated by the Makefile */}} {{- define "destinations.types" -}} +- faro - loki - otlp - prometheus diff --git a/charts/k8s-monitoring/tests/destination_validations_test.yaml b/charts/k8s-monitoring/tests/destination_validations_test.yaml index 532c0ae518..888d26293f 100644 --- a/charts/k8s-monitoring/tests/destination_validations_test.yaml +++ b/charts/k8s-monitoring/tests/destination_validations_test.yaml @@ -46,7 +46,7 @@ tests: Please set: destinations: - name: a destination with no type - type: loki, otlp, prometheus, or pyroscope + type: faro, loki, otlp, prometheus, or pyroscope - it: validates the destination type set: @@ -63,7 +63,7 @@ tests: Please set: destinations: - name: a destination with an invalid type - type: "[loki, otlp, prometheus, or pyroscope]" + type: "[faro, loki, otlp, prometheus, or pyroscope]" - it: allows destination names with alphanumeric, underscores, dashes, and spaces set: diff --git a/charts/k8s-monitoring/values.schema.json b/charts/k8s-monitoring/values.schema.json index 8a7e043f6d..92f2633406 100644 --- a/charts/k8s-monitoring/values.schema.json +++ b/charts/k8s-monitoring/values.schema.json @@ -557,6 +557,338 @@ } } }, + "faro-destination": { + "type": "object", + "properties": { + "auth": { + "type": "object", + "properties": { + "bearerToken": { + "type": "string" + }, + "bearerTokenFile": { + "type": "string" + }, + "bearerTokenFrom": { + "type": "string" + }, + "bearerTokenKey": { + "type": "string" + }, + "oauth2": { + "type": "object", + "properties": { + "clientId": { + "type": "string" + }, + "clientIdFrom": { + "type": "string" + }, + "clientIdKey": { + "type": "string" + }, + "clientSecret": { + "type": "string" + }, + "clientSecretFile": { + "type": "string" + }, + "clientSecretFrom": { + "type": "string" + }, + "clientSecretKey": { + "type": "string" + }, + "endpointParams": { + "type": "object" + }, + "noProxy": { + "type": "string" + }, + "proxyConnectHeader": { + "type": "object" + }, + "proxyFromEnvironment": { + "type": "boolean" + }, + "proxyURL": { + "type": "string" + }, + "scopes": { + "type": "array" + }, + "tokenURL": { + "type": "string" + } + } + }, + "password": { + "type": "string" + }, + "passwordFrom": { + "type": "string" + }, + "passwordKey": { + "type": "string" + }, + "type": { + "type": "string" + }, + "username": { + "type": "string" + }, + "usernameFrom": { + "type": "string" + }, + "usernameKey": { + "type": "string" + } + } + }, + "clusterLabels": { + "type": "array", + "items": { + "type": "string" + } + }, + "extraHeaders": { + "type": "object" + }, + "extraHeadersFrom": { + "type": "object" + }, + "name": { + "type": "string" + }, + "processors": { + "type": "object", + "properties": { + "attributes": { + "type": "object", + "properties": { + "actions": { + "type": "array" + } + } + }, + "batch": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "maxSize": { + "type": "integer" + }, + "size": { + "type": "integer" + }, + "timeout": { + "type": "string" + } + } + }, + "filters": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "errorMode": { + "type": "string" + }, + "logs": { + "type": "object", + "properties": { + "logRecord": { + "type": "array" + } + } + }, + "metrics": { + "type": "object", + "properties": { + "datapoint": { + "type": "array" + }, + "metric": { + "type": "array" + } + } + }, + "traces": { + "type": "object", + "properties": { + "span": { + "type": "array" + }, + "spanevent": { + "type": "array" + } + } + } + } + }, + "memoryLimiter": { + "type": "object", + "properties": { + "checkInterval": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "limit": { + "type": "string" + } + } + }, + "transform": { + "type": "object", + "properties": { + "errorMode": { + "type": "string" + }, + "logs": { + "type": "array" + }, + "metrics": { + "type": "array" + }, + "traces": { + "type": "array" + } + } + } + } + }, + "proxyURL": { + "type": "string" + }, + "readBufferSize": { + "type": "string" + }, + "retryOnFailure": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "initialInterval": { + "type": "string" + }, + "maxElapsedTime": { + "type": "string" + }, + "maxInterval": { + "type": "string" + } + } + }, + "secret": { + "type": "object", + "properties": { + "create": { + "type": "boolean" + }, + "embed": { + "type": "boolean" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "sigv4": { + "type": "object", + "properties": { + "assumeRole": { + "type": "object", + "properties": { + "arn": { + "type": "string" + }, + "sessionName": { + "type": "string" + }, + "stsRegion": { + "type": "string" + } + } + }, + "region": { + "type": "string" + }, + "service": { + "type": "string" + } + } + } + } + }, + "tenantId": { + "type": "string" + }, + "tenantIdFrom": { + "type": "string" + }, + "tenantIdKey": { + "type": "string" + }, + "tls": { + "type": "object", + "properties": { + "ca": { + "type": "string" + }, + "caFile": { + "type": "string" + }, + "caFrom": { + "type": "string" + }, + "cert": { + "type": "string" + }, + "certFile": { + "type": "string" + }, + "certFrom": { + "type": "string" + }, + "insecure": { + "type": "boolean" + }, + "insecureSkipVerify": { + "type": "boolean" + }, + "key": { + "type": "string" + }, + "keyFile": { + "type": "string" + }, + "keyFrom": { + "type": "string" + } + } + }, + "url": { + "type": "string" + }, + "urlFrom": { + "type": "string" + }, + "writeBufferSize": { + "type": "string" + }, + "type": { + "type": "string", + "const": "faro" + } + } + }, "invalid-destination": { "type": "object", "properties": { @@ -1967,6 +2299,9 @@ { "$ref": "#/definitions/invalid-destination" }, + { + "$ref": "#/definitions/faro-destination" + }, { "$ref": "#/definitions/loki-destination" },