opentelemetry-helm-charts
opentelemetry-helm-charts copied to clipboard
open-telemetry
Provide ability to Load an Existing Secret or Create a New Secret to Datadog.
Need a way to load the api-key into the config. Dont want to stick an api-key into the config section of the values file.
Preferably https://github.com/external-secrets/kubernetes-external-secrets
If we could mount a Kubernetes Secret into the collector pod as a volume, we could then define environment variables using "spec.containers.env.valueFrom.secretKeyRef" and "spec.containers.envFrom."
There is a way to mount secrets with secretMounts option, but we need to make it possible to mount as env var, not only as a file
hi folks
I saw that #133 is closed. Is my assumption correct that it's currently not possible to mount the secrets as env vars?
We're aware that we can solve the issue by creating the config file in a secret ourselves and mounting it (instead of having the helm chart create it), but ideally we would want to reuse the helm charts config generation: https://github.com/open-telemetry/opentelemetry-helm-charts/blob/main/charts/opentelemetry-collector/templates/_config.tpl
would you welcome a PR for that (i.e. adding extraEnvFrom)?
I think it's the last missing piece to inject secrets into the otel config while still reusing the helm chart config .
nevermind - it is actually already possible. one can use the combination of extraEnvs with secretKeyRef:
values.yaml:
mode: "deployment"
...
config:
exporters:
otlphttp:
headers:
Authorization: "Api-Token $OPEN_TELEMETRY_COLLECTOR_DYNATRACE_TOKEN"
...
extraEnvs:
- name: OPEN_TELEMETRY_COLLECTOR_DYNATRACE_TOKEN
valueFrom:
secretKeyRef:
name: dynatraceapitoken
key: OPEN_TELEMETRY_COLLECTOR_DYNATRACE_TOKEN
with a secret (manually created):
apiVersion: v1
kind: Secret
metadata:
name: dynatraceapitoken
type: Opaque
stringData:
OPEN_TELEMETRY_COLLECTOR_DYNATRACE_TOKEN: "<my dynatrace token>"
