-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #176 from flanksource/fix/config-db-examples
configdb: update docs & examples
- Loading branch information
Showing
19 changed files
with
762 additions
and
469 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
[*.{md,js}] | ||
quote_type = single | ||
indent_size = 2 | ||
end_of_line = lf | ||
insert_final_newline = true | ||
trim_trailing_whitespace = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,3 +6,4 @@ site/ | |
**/build/ | ||
.docusaurus | ||
node_modules | ||
.vscode |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
# Exclude fields | ||
|
||
In the following scrape config for Kubernetes, the transformation will delete the `.metadata.ownerReferences` field from all the scraped items and `.metadata.generateName` field will be removed only from Pods. | ||
|
||
```yaml title="kubernetes-exclude-superfluous-fields.yaml" | ||
apiVersion: configs.flanksource.com/v1 | ||
kind: ScrapeConfig | ||
metadata: | ||
name: kubernetes-scraper | ||
spec: | ||
kubernetes: | ||
- clusterName: local-kind-cluster | ||
transform: | ||
exclude: | ||
- jsonpath: '.metadata.ownerReferences' | ||
- types: | ||
- Kubernetes::Pod | ||
jsonpath: '.metadata.generateName' | ||
``` | ||
Field exclusions are also helpful when you want to exclude sensitive fields from the scraped data. | ||
```yaml title="kubernetes-exclude-sensitive-fields.yaml" | ||
apiVersion: configs.flanksource.com/v1 | ||
kind: ScrapeConfig | ||
metadata: | ||
name: kubernetes-scraper | ||
spec: | ||
kubernetes: | ||
- clusterName: local-kind-cluster | ||
transform: | ||
exclude: | ||
- types: | ||
- Kubernetes::Secret | ||
jsonpath: '.data' | ||
``` |
53 changes: 53 additions & 0 deletions
53
mission-control/docs/config-db/examples/forming-relationship.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
# Forming Relationships | ||
|
||
## Kubernetes | ||
|
||
This example demonstrates 2 different ways you can form relationships between config items. | ||
|
||
The first relationship is formed between a Kubernetes service and its corresponding deployment using the inline relationship selector _(type & name)_ while the second relationship is formed between Pods and PVCs using the `expr` way. | ||
|
||
```yaml title="kubernetes-scraper.yaml" | ||
apiVersion: configs.flanksource.com/v1 | ||
kind: ScrapeConfig | ||
metadata: | ||
name: kubernetes-scraper | ||
spec: | ||
kubernetes: | ||
- clusterName: local-kind-cluster | ||
transform: | ||
relationship: | ||
# Link a service to a deployment (adjust the label selector accordingly) | ||
- filter: config_type == "Kubernetes::Service" | ||
type: | ||
value: 'Kubernetes::Deployment' | ||
name: | ||
expr: | | ||
has(config.spec.selector) && has(config.spec.selector.name) ? config.spec.selector.name : '' | ||
# Link Pods to PVCs | ||
- filter: config_type == 'Kubernetes::Pod' | ||
expr: | | ||
config.spec.volumes. | ||
filter(item, has(item.persistentVolumeClaim)). | ||
map(item, {"type": "Kubernetes::PersistentVolumeClaim", "name": item.persistentVolumeClaim.claimName}). | ||
toJSON() | ||
``` | ||
## AWS | ||
```yaml title='aws-scraper.yaml' | ||
apiVersion: configs.flanksource.com/v1 | ||
kind: ScrapeConfig | ||
metadata: | ||
name: aws-scraper | ||
spec: | ||
aws: | ||
- region: | ||
- eu-west-2 | ||
- us-east-1 | ||
transform: | ||
relationship: | ||
# Region to ZoneID | ||
- filter: config_type == 'AWS::Region' | ||
expr: | | ||
[{"type": "AWS::AvailabilityZoneID", "labels": {"region": name}}].toJSON() | ||
``` |
32 changes: 32 additions & 0 deletions
32
mission-control/docs/config-db/examples/kubernetes-relationship.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
# Kubernetes Relationship | ||
|
||
Kubernetes scraper offers a more tailored relationship selector in addition to the [general relationship selector](../concepts/transform.md#relationshipconfig). | ||
|
||
```yaml title="kubernetes-relationship.yaml" | ||
kubernetes: | ||
- clusterName: 'eks' | ||
relationships: | ||
# If object has spec.claimRef field, use its kind, name and namespace | ||
- kind: | ||
expr: "has(spec.claimRef) ? spec.claimRef.kind : ''" | ||
name: | ||
expr: "has(spec.claimRef) ? spec.claimRef.name : ''" | ||
namespace: | ||
expr: "has(spec.claimRef) ? spec.claimRef.namespace : ''" | ||
|
||
# If object flux kustomize labels, link it to the parent Kustomization object | ||
- kind: | ||
value: Kustomization | ||
name: | ||
label: kustomize.toolkit.fluxcd.io/name | ||
namespace: | ||
label: kustomize.toolkit.fluxcd.io/namespace | ||
|
||
# If object helm kustomize labels, link it to the parent HelmRelease object | ||
- kind: | ||
value: HelmRelease | ||
name: | ||
label: helm.toolkit.fluxcd.io/name | ||
namespace: | ||
label: helm.toolkit.fluxcd.io/namespace | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
# Masking sensitive fields | ||
|
||
```yaml title="file-mask-scraper.yaml" | ||
apiVersion: configs.flanksource.com/v1 | ||
kind: ScrapeConfig | ||
metadata: | ||
name: file-mask-scraper | ||
spec: | ||
file: | ||
- type: Config | ||
id: $.id | ||
name: $.name | ||
transform: | ||
mask: | ||
- selector: config.name == 'Config1' | ||
jsonpath: $.password | ||
value: md5sum | ||
- selector: config.name == 'Config1' | ||
jsonpath: $.secret | ||
value: '***' | ||
paths: | ||
- fixtures/data/single-config.json | ||
``` | ||
This configuration specifies 2 different masks. The first one will replace the value of the field `password` with the md5sum of the value. The second one will replace the value of the field `secret` with `***`. | ||
|
||
```yaml title="kubernetes-mask-secrets.yaml" | ||
apiVersion: configs.flanksource.com/v1 | ||
kind: ScrapeConfig | ||
metadata: | ||
name: kubernetes-scraper | ||
spec: | ||
kubernetes: | ||
- clusterName: local-kind-cluster | ||
transform: | ||
mask: | ||
- selector: config.type == 'Kubernetes::Secret' | ||
jsonpath: .data | ||
value: md5sum | ||
``` |
Oops, something went wrong.