From 0ac9a87a783314121fe412c235040d246c3ac422 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Mon, 9 Sep 2024 09:50:02 -0400
Subject: [PATCH] update to use ssm/secret

---
 examples/extras/datadog-agent/data.datadog.tf | 27 +++++++++
 examples/extras/datadog-agent/main.tf         | 20 +++----
 .../variables.datadog.auto.tfvars             |  9 +--
 .../extras/datadog-agent/variables.datadog.tf | 57 ++++++++++---------
 4 files changed, 65 insertions(+), 48 deletions(-)
 create mode 100644 examples/extras/datadog-agent/data.datadog.tf

diff --git a/examples/extras/datadog-agent/data.datadog.tf b/examples/extras/datadog-agent/data.datadog.tf
new file mode 100644
index 0000000..9a727da
--- /dev/null
+++ b/examples/extras/datadog-agent/data.datadog.tf
@@ -0,0 +1,27 @@
+data "aws_ssm_parameter" "datadog" {
+  name = "/enterprise/terraform/providers/datadog"
+}
+
+data "aws_secretsmanager_secret_version" "datadog" {
+  secret_id = local.datadog_config.arn
+}
+
+locals {
+  datadog_config   = jsondecode(data.aws_ssm_parameter.datadog.value)
+  datadog_settings = jsondecode(data.aws_secretsmanager_secret_version.datadog.secret_string)
+}
+
+# datadogg_settings
+# * api_key  
+# * app_key  
+# * api_url  
+# * site_url 
+# * site     
+
+locals {
+  datadog_api_key  = local.datadog_settings.api_key
+  datadog_app_key  = local.datadog_settings.app_key
+  datadog_site     = local.datadog_settings.site
+  datadog_site_url = local.datadog_settings.site_url
+  datadog_api_url  = local.datadog_settings.api_url
+}
diff --git a/examples/extras/datadog-agent/main.tf b/examples/extras/datadog-agent/main.tf
index 768224a..8ea479c 100644
--- a/examples/extras/datadog-agent/main.tf
+++ b/examples/extras/datadog-agent/main.tf
@@ -36,30 +36,26 @@ resource "helm_release" "datadog" {
   depends_on = [module.images, kubernetes_namespace.namespace]
 
   values = [
-    templatefile("datadog.values.yml.tpl", {
-      datadog_env      = local.datadog_env
-      clusteragent_env = local.clusteragent_env
-    })
+    file("datadog.values.yml"),
+    #    templatefile("${path.root}/templates/fluentbit.env.yml.tpl", {
+    #      region       = local.region
+    #      cluster_name = var.cluster_name
+    #    })
   ]
 
   set_sensitive {
     name  = "datadog.apiKey"
-    value = var.datadog_api_key
+    value = local.datadog_api_key
   }
 
   set_sensitive {
     name  = "datadog.appKey"
-    value = var.datadog_app_key
+    value = local.datadog_app_key
   }
 
   set {
     name  = "datadog.site"
-    value = var.datadog_site
-  }
-
-  set {
-    name  = "datadog.clusterName"
-    value = var.cluster_name
+    value = local.datadog_site
   }
 
   ##   set {
diff --git a/examples/extras/datadog-agent/variables.datadog.auto.tfvars b/examples/extras/datadog-agent/variables.datadog.auto.tfvars
index ce3e707..1588996 100644
--- a/examples/extras/datadog-agent/variables.datadog.auto.tfvars
+++ b/examples/extras/datadog-agent/variables.datadog.auto.tfvars
@@ -1,13 +1,6 @@
 namespace        = "monitoring"
 create_namespace = true
-#name             = "datadog-agent"
-
-# get keys from proper source
-#datadog_api_key  = ""
-#datadog_app_key  = ""
-datadog_site     = "ddog-gov.com"
-datadog_site_url = "https://app.ddog-gov.com"
-datadog_api_url  = "https://api.ddog-gov.com"
+name             = "datadog-agent"
 datadog_proxy = {
   http  = "http://proxy.tco.census.gov:3128"
   https = "http://proxy.tco.census.gov:3128"
diff --git a/examples/extras/datadog-agent/variables.datadog.tf b/examples/extras/datadog-agent/variables.datadog.tf
index faa3756..2652504 100644
--- a/examples/extras/datadog-agent/variables.datadog.tf
+++ b/examples/extras/datadog-agent/variables.datadog.tf
@@ -1,34 +1,35 @@
-variable "datadog_api_key" {
-  description = "Datadog API Key"
-  type        = string
-}
-
-variable "datadog_app_key" {
-  description = "Datadog Application Key"
-  type        = string
-}
-
-variable "datadog_site" {
-  description = "Datadog Site Parameter"
-  type        = string
-  default     = "ddog-gov.com"
-}
-
-variable "datadog_site_url" {
-  description = "Datadog APP URL"
-  type        = string
-  default     = "https://app.ddog-gov.com"
-}
-
-variable "datadog_api_url" {
-  description = "Datadog API URL"
-  type        = string
-  default     = "https://api.ddog-gov.com"
-}
-
 variable "datadog_proxy" {
   description = "Map of http, https to proxy for each protocol"
   type        = map(string)
   default     = {}
 }
 
+## these now come from an ssm param and secrets manager secret
+## variable "datadog_api_key" {
+##   description = "Datadog API Key"
+##   type        = string
+## }
+## 
+## variable "datadog_app_key" {
+##   description = "Datadog Application Key"
+##   type        = string
+## }
+## 
+## variable "datadog_site" {
+##   description = "Datadog Site Parameter"
+##   type        = string
+##   default     = "ddog-gov.com"
+## }
+## 
+## variable "datadog_site_url" {
+##   description = "Datadog APP URL"
+##   type        = string
+##   default     = "https://app.ddog-gov.com"
+## }
+## 
+## variable "datadog_api_url" {
+##   description = "Datadog API URL"
+##   type        = string
+##   default     = "https://api.ddog-gov.com"
+## }
+##