From ed0971f23aa47276e8acbe25ee2c5e816a223559 Mon Sep 17 00:00:00 2001 From: Ian Davis <18375+iand@users.noreply.github.com> Date: Thu, 9 Nov 2023 14:33:06 +0000 Subject: [PATCH] Use probelab prometheus server --- cmd/thunderdome/infra/base.go | 2 +- cmd/thunderdome/infra/dealgood.go | 12 ++++++++---- cmd/thunderdome/infra/target.go | 12 ++++++++---- tf/files/grafana-agent-config/dealgood.yaml | 8 ++++---- tf/files/grafana-agent-config/ironbar.yaml | 6 +++--- tf/files/grafana-agent-config/skyfish.yaml | 8 ++++---- tf/files/grafana-agent-config/target.yaml | 8 ++++---- tf/iam.tf | 2 +- tf/ironbar.tf | 5 +++-- tf/locals.tf | 2 +- tf/main.tf | 4 ++-- tf/skyfish.tf | 5 +++-- 12 files changed, 42 insertions(+), 32 deletions(-) diff --git a/cmd/thunderdome/infra/base.go b/cmd/thunderdome/infra/base.go index 60c7282..52451d8 100644 --- a/cmd/thunderdome/infra/base.go +++ b/cmd/thunderdome/infra/base.go @@ -23,7 +23,7 @@ type BaseInfra struct { EcsExecutionRoleArn string EfsFileSystemID string ExperimentsTableName string - GrafanaPushSecretArn string + PrometheusSecretArn string IronbarAddr string LogGroupName string RequestSNSTopicArn string diff --git a/cmd/thunderdome/infra/dealgood.go b/cmd/thunderdome/infra/dealgood.go index a959605..b9eed98 100644 --- a/cmd/thunderdome/infra/dealgood.go +++ b/cmd/thunderdome/infra/dealgood.go @@ -334,12 +334,16 @@ func (d *Dealgood) createTaskDefinition() Task { }, Secrets: []*ecs.Secret{ { - Name: aws.String("GRAFANA_USER"), - ValueFrom: aws.String(d.base.GrafanaPushSecretArn + ":username::"), + Name: aws.String("PROMETHEUS_URL"), + ValueFrom: aws.String(d.base.PrometheusSecretArn + ":url::"), }, { - Name: aws.String("GRAFANA_PASS"), - ValueFrom: aws.String(d.base.GrafanaPushSecretArn + ":password::"), + Name: aws.String("PROMETHEUS_USER"), + ValueFrom: aws.String(d.base.PrometheusSecretArn + ":username::"), + }, + { + Name: aws.String("PROMETHEUS_PASS"), + ValueFrom: aws.String(d.base.PrometheusSecretArn + ":password::"), }, }, }, diff --git a/cmd/thunderdome/infra/target.go b/cmd/thunderdome/infra/target.go index 8c46aaf..efc05d9 100644 --- a/cmd/thunderdome/infra/target.go +++ b/cmd/thunderdome/infra/target.go @@ -313,12 +313,16 @@ func (t *Target) createTaskDefinition() Task { }, Secrets: []*ecs.Secret{ { - Name: aws.String("GRAFANA_USER"), - ValueFrom: aws.String(t.base.GrafanaPushSecretArn + ":username::"), + Name: aws.String("PROMETHEUS_URL"), + ValueFrom: aws.String(t.base.PrometheusSecretArn + ":url::"), }, { - Name: aws.String("GRAFANA_PASS"), - ValueFrom: aws.String(t.base.GrafanaPushSecretArn + ":password::"), + Name: aws.String("PROMETHEUS_USER"), + ValueFrom: aws.String(t.base.PrometheusSecretArn + ":username::"), + }, + { + Name: aws.String("PROMETHEUS_PASS"), + ValueFrom: aws.String(t.base.PrometheusSecretArn + ":password::"), }, }, }, diff --git a/tf/files/grafana-agent-config/dealgood.yaml b/tf/files/grafana-agent-config/dealgood.yaml index dd5d43a..9ab8928 100644 --- a/tf/files/grafana-agent-config/dealgood.yaml +++ b/tf/files/grafana-agent-config/dealgood.yaml @@ -3,10 +3,10 @@ metrics: scrape_interval: 30s scrape_timeout: 30s remote_write: - - url: https://prometheus-us-central1.grafana.net/api/prom/push + - url: ${PROMETHEUS_URL} basic_auth: - username: ${GRAFANA_USER} - password: ${GRAFANA_PASS} + username: ${PROMETHEUS_USER} + password: ${PROMETHEUS_PASS} configs: - name: thunderdome host_filter: false @@ -41,5 +41,5 @@ traces: - endpoint: tempo-eu-west-0.grafana.net:443 basic_auth: username: 263936 - password: ${GRAFANA_PASS} + password: ${PROMETHEUS_PASS} diff --git a/tf/files/grafana-agent-config/ironbar.yaml b/tf/files/grafana-agent-config/ironbar.yaml index b5fa9b6..4e89a47 100644 --- a/tf/files/grafana-agent-config/ironbar.yaml +++ b/tf/files/grafana-agent-config/ironbar.yaml @@ -3,10 +3,10 @@ metrics: scrape_interval: 30s scrape_timeout: 30s remote_write: - - url: https://prometheus-us-central1.grafana.net/api/prom/push + - url: ${PROMETHEUS_URL} basic_auth: - username: ${GRAFANA_USER} - password: ${GRAFANA_PASS} + username: ${PROMETHEUS_USER} + password: ${PROMETHEUS_PASS} configs: - name: thunderdome host_filter: false diff --git a/tf/files/grafana-agent-config/skyfish.yaml b/tf/files/grafana-agent-config/skyfish.yaml index a96056f..1e3ba98 100644 --- a/tf/files/grafana-agent-config/skyfish.yaml +++ b/tf/files/grafana-agent-config/skyfish.yaml @@ -3,10 +3,10 @@ metrics: scrape_interval: 30s scrape_timeout: 30s remote_write: - - url: https://prometheus-us-central1.grafana.net/api/prom/push + - url: ${PROMETHEUS_URL} basic_auth: - username: ${GRAFANA_USER} - password: ${GRAFANA_PASS} + username: ${PROMETHEUS_USER} + password: ${PROMETHEUS_PASS} configs: - name: thunderdome host_filter: false @@ -39,5 +39,5 @@ traces: - endpoint: tempo-eu-west-0.grafana.net:443 basic_auth: username: 263936 - password: ${GRAFANA_PASS} + password: ${PROMETHEUS_PASS} diff --git a/tf/files/grafana-agent-config/target.yaml b/tf/files/grafana-agent-config/target.yaml index fa7905e..837631c 100644 --- a/tf/files/grafana-agent-config/target.yaml +++ b/tf/files/grafana-agent-config/target.yaml @@ -3,10 +3,10 @@ metrics: scrape_interval: 30s scrape_timeout: 30s remote_write: - - url: https://prometheus-us-central1.grafana.net/api/prom/push + - url: ${PROMETHEUS_URL} basic_auth: - username: ${GRAFANA_USER} - password: ${GRAFANA_PASS} + username: ${PROMETHEUS_USER} + password: ${PROMETHEUS_PASS} configs: - name: thunderdome host_filter: false @@ -64,4 +64,4 @@ traces: - endpoint: tempo-eu-west-0.grafana.net:443 basic_auth: username: 263936 - password: ${GRAFANA_PASS} + password: ${PROMETHEUS_PASS} diff --git a/tf/iam.tf b/tf/iam.tf index c223d36..450371e 100644 --- a/tf/iam.tf +++ b/tf/iam.tf @@ -22,7 +22,7 @@ data "aws_iam_policy_document" "ecsTaskExecutionRole_secretsmanager" { statement { actions = ["kms:Decrypt", "secretsmanager:GetSecretValue"] resources = [ - data.aws_secretsmanager_secret.grafana-push-secret.arn, + data.aws_secretsmanager_secret.prometheus-secret.arn, data.aws_secretsmanager_secret.dealgood-loki-secret.arn, data.aws_kms_key.default_secretsmanager_key.arn, ] diff --git a/tf/ironbar.tf b/tf/ironbar.tf index 1935546..1849f57 100644 --- a/tf/ironbar.tf +++ b/tf/ironbar.tf @@ -144,8 +144,9 @@ resource "aws_ecs_task_definition" "ironbar" { ] portMappings = [] secrets = [ - { name = "GRAFANA_USER", valueFrom = "${data.aws_secretsmanager_secret.grafana-push-secret.arn}:username::" }, - { name = "GRAFANA_PASS", valueFrom = "${data.aws_secretsmanager_secret.grafana-push-secret.arn}:password::" } + { name = "PROMETHEUS_URL", valueFrom = "${data.aws_secretsmanager_secret.prometheus-secret.arn}:url::" }, + { name = "PROMETHEUS_USER", valueFrom = "${data.aws_secretsmanager_secret.prometheus-secret.arn}:username::" }, + { name = "PROMETHEUS_PASS", valueFrom = "${data.aws_secretsmanager_secret.prometheus-secret.arn}:password::" } ] volumesFrom = [] } diff --git a/tf/locals.tf b/tf/locals.tf index 4e59329..4dcff72 100644 --- a/tf/locals.tf +++ b/tf/locals.tf @@ -17,7 +17,7 @@ locals { EcsExecutionRoleArn = aws_iam_role.ecsTaskExecutionRole.arn EfsFileSystemID = aws_efs_file_system.thunderdome.id ExperimentsTableName = aws_dynamodb_table.experiments.name - GrafanaPushSecretArn = data.aws_secretsmanager_secret.grafana-push-secret.arn + PrometheusSecretArn = data.aws_secretsmanager_secret.prometheus-secret.arn IronbarAddr = "${aws_eip.ecs[0].public_ip}:${local.ironbar_port_number}" LogGroupName = aws_cloudwatch_log_group.logs.name RequestSNSTopicArn = aws_sns_topic.gateway_requests.arn diff --git a/tf/main.tf b/tf/main.tf index 718ff1d..f1c7a58 100644 --- a/tf/main.tf +++ b/tf/main.tf @@ -24,8 +24,8 @@ data "aws_kms_key" "default_secretsmanager_key" { key_id = "arn:aws:kms:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:key/d32eafb8-e9b3-44f2-9703-fd4663949020" } -data "aws_secretsmanager_secret" "grafana-push-secret" { - arn = "arn:aws:secretsmanager:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:secret:grafana-push-MxjNiv" +data "aws_secretsmanager_secret" "prometheus-secret" { + arn = "arn:aws:secretsmanager:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:secret:prometheus_credentials-ujqWDl" } data "aws_secretsmanager_secret" "dealgood-loki-secret" { diff --git a/tf/skyfish.tf b/tf/skyfish.tf index 2b2e3d6..ed51425 100644 --- a/tf/skyfish.tf +++ b/tf/skyfish.tf @@ -126,8 +126,9 @@ resource "aws_ecs_task_definition" "skyfish" { ] portMappings = [] secrets = [ - { name = "GRAFANA_USER", valueFrom = "${data.aws_secretsmanager_secret.grafana-push-secret.arn}:username::" }, - { name = "GRAFANA_PASS", valueFrom = "${data.aws_secretsmanager_secret.grafana-push-secret.arn}:password::" } + { name = "PROMETHEUS_URL", valueFrom = "${data.aws_secretsmanager_secret.prometheus-secret.arn}:url::" }, + { name = "PROMETHEUS_USER", valueFrom = "${data.aws_secretsmanager_secret.prometheus-secret.arn}:username::" }, + { name = "PROMETHEUS_PASS", valueFrom = "${data.aws_secretsmanager_secret.prometheus-secret.arn}:password::" } ] volumesFrom = [] }