From 1c4084bdc099493a8c774fc0c3fdd83e8322085c Mon Sep 17 00:00:00 2001
From: Randeep Jalli <rj2083@att.com>
Date: Fri, 5 Apr 2019 12:18:39 -0400
Subject: [PATCH] add docker-default apparmor profile for
 prometheus-alertmanager Add in prometheus-alertmanager gate script as a
 script

Change-Id: I3c10f9a9d4403fd91da292a50d204f73a9295611
---
 prometheus-alertmanager/values.yaml           |  4 --
 .../apparmor/050-prometheus-alertmanager.sh   | 40 +++++++++++++++++++
 zuul.d/jobs.yaml                              |  1 +
 3 files changed, 41 insertions(+), 4 deletions(-)
 create mode 100755 tools/deployment/apparmor/050-prometheus-alertmanager.sh

diff --git a/prometheus-alertmanager/values.yaml b/prometheus-alertmanager/values.yaml
index c7f3c4198..083e7b56c 100644
--- a/prometheus-alertmanager/values.yaml
+++ b/prometheus-alertmanager/values.yaml
@@ -38,10 +38,6 @@ labels:
     node_selector_value: enabled
 
 pod:
-  mandatory_access_control:
-    type: apparmor
-    alertmanager:
-      alertmanager: localhost/docker-default
   security_context:
     server:
       pod:
diff --git a/tools/deployment/apparmor/050-prometheus-alertmanager.sh b/tools/deployment/apparmor/050-prometheus-alertmanager.sh
new file mode 100755
index 000000000..7a90edd5b
--- /dev/null
+++ b/tools/deployment/apparmor/050-prometheus-alertmanager.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# Copyright 2019 The Openstack-Helm Authors.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+set -xe
+
+#NOTE: Lint and package chart
+make prometheus-alertmanager
+
+#NOTE: Deploy command
+tee /tmp/prometheus-alertmanager.yaml << EOF
+pod:
+  mandatory_access_control:
+    type: apparmor
+    alertmanager:
+      alertmanager: localhost/docker-default
+storage:
+  enabled: false
+EOF
+helm upgrade --install prometheus-alertmanager ./prometheus-alertmanager \
+    --namespace=osh-infra \
+    --values=/tmp/prometheus-alertmanager.yaml
+
+#NOTE: Wait for deploy
+./tools/deployment/common/wait-for-pods.sh osh-infra
+
+#NOTE: Validate Deployment info
+helm status prometheus-alertmanager
diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml
index 1ae9d9e9f..d39ebf7a2 100644
--- a/zuul.d/jobs.yaml
+++ b/zuul.d/jobs.yaml
@@ -215,6 +215,7 @@
         - ./tools/deployment/apparmor/005-deploy-k8s.sh
         - ./tools/deployment/apparmor/020-ceph.sh
         - ./tools/deployment/apparmor/040-memcached.sh
+        - ./tools/deployment/apparmor/050-prometheus-alertmanager.sh
         - ./tools/deployment/apparmor/060-prometheus-node-exporter.sh
         - ./tools/deployment/apparmor/070-prometheus-openstack-exporter.sh
         - ./tools/deployment/apparmor/080-prometheus-process-exporter.sh