From 053dde43657d4d265bb816ef74828b6d0352481e Mon Sep 17 00:00:00 2001
From: ThameezBo <thameezbo@double.cloud>
Date: Mon, 23 Oct 2023 11:03:10 +0200
Subject: [PATCH] fix: cater for prom.promSpec.thanos

Signed-off-by: ThameezBo <thameezbo@double.cloud>
---
 charts/kube-prometheus-stack/README.md          |  5 +++--
 .../templates/prometheus/prometheus.yaml        | 11 ++++++++++-
 .../templates/prometheus/secret.yaml            | 17 +++++++++++++++++
 charts/kube-prometheus-stack/values.yaml        | 17 +++++++++++++++++
 4 files changed, 47 insertions(+), 3 deletions(-)
 create mode 100644 charts/kube-prometheus-stack/templates/prometheus/secret.yaml

diff --git a/charts/kube-prometheus-stack/README.md b/charts/kube-prometheus-stack/README.md
index 16f20b0c3123..43e1b8ae4ff1 100644
--- a/charts/kube-prometheus-stack/README.md
+++ b/charts/kube-prometheus-stack/README.md
@@ -84,11 +84,12 @@ A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
 
 ### From 51.x to 52.x
 
-This includes the ability to select between using existing secrets or create new secret objects for various thanosrule config. The defaults have not changed but if you were setting:
+This includes the ability to select between using existing secrets or create new secret objects for various thanos config. The defaults have not changed but if you were setting:
 
 - `thanosRuler.thanosRulerSpec.alertmanagersConfig` or
 - `thanosRuler.thanosRulerSpec.objectStorageConfig` or
-- `thanosRuler.thanosRulerSpec.queryConfig`
+- `thanosRuler.thanosRulerSpec.queryConfig` or
+- `prometheus.prometheusSpec.thanos.objectStorageConfig`
 
 you will have to need to set `existingSecret` or `secret` based on your requirement
 
diff --git a/charts/kube-prometheus-stack/templates/prometheus/prometheus.yaml b/charts/kube-prometheus-stack/templates/prometheus/prometheus.yaml
index 6c0920058b70..8360d7db0e2d 100644
--- a/charts/kube-prometheus-stack/templates/prometheus/prometheus.yaml
+++ b/charts/kube-prometheus-stack/templates/prometheus/prometheus.yaml
@@ -356,7 +356,16 @@ spec:
 {{- if not .Values.prometheus.agentMode }}
 {{- if .Values.prometheus.prometheusSpec.thanos }}
   thanos:
-{{ toYaml .Values.prometheus.prometheusSpec.thanos | indent 4 }}
+{{- omit .Values.prometheus.prometheusSpec.thanos "objectStorageConfig" | toYaml | indent 4 }}
+{{- if .Values.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret }}
+    objectStorageConfig:
+      key: "{{.Values.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret.key }}"
+      name: "{{.Values.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret.name }}"
+{{- else if .Values.prometheus.prometheusSpec.thanos.objectStorageConfig.secret}}
+    objectStorageConfig:
+      key: object-storage-configs.yaml
+      name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+{{- end }}
 {{- end }}
 {{- if .Values.prometheus.prometheusSpec.disableCompaction }}
   disableCompaction: {{ .Values.prometheus.prometheusSpec.disableCompaction }}
diff --git a/charts/kube-prometheus-stack/templates/prometheus/secret.yaml b/charts/kube-prometheus-stack/templates/prometheus/secret.yaml
new file mode 100644
index 000000000000..b6d183af6c14
--- /dev/null
+++ b/charts/kube-prometheus-stack/templates/prometheus/secret.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.thanosRuler.enabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    app.kubernetes.io/component: prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+  {{- with .Values.prometheusspec.thanos.objectStorageConfig }}
+  {{- if and .secret (not .existingSecret) }}
+  object-storage-configs.yaml: {{ toYaml .secret | b64enc | quote }}
+  {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/kube-prometheus-stack/values.yaml b/charts/kube-prometheus-stack/values.yaml
index 80dd43a3aeea..e5805b502ee4 100644
--- a/charts/kube-prometheus-stack/values.yaml
+++ b/charts/kube-prometheus-stack/values.yaml
@@ -3431,6 +3431,23 @@ prometheus:
       #       - resourceName: "projects/$PROJECT_ID/secrets/testsecret/versions/latest"
       #         fileName: "objstore.yaml"
       # objectStorageConfigFile: /var/secrets/object-store.yaml
+      ## ObjectStorageConfig configures object storage in Thanos. Alternative to ObjectStorageConfigFile, and lower order priority.
+      # objectStorageConfig:
+      #   # use existing secret, if configured, objectStorageConfig.secret will not be used
+      #   existingSecret: {}
+      #     # name: ""
+      #     # key: ""
+      #   # will render objectStorageConfig secret data and configure it to be used by Thanos custom resource, 
+      #   # ignored when prometheusspec.thanos.objectStorageConfig.existingSecret is set
+      #   # https://thanos.io/tip/thanos/storage.md/#s3
+      #   secret: {}
+      #     # type: S3
+      #     # config:
+      #     #   bucket: ""
+      #     #   endpoint: ""
+      #     #   region: ""
+      #     #   access_key: ""
+      #     #   secret_key: ""
 
     ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod.
     ## if using proxy extraContainer update targetPort with proxy container port