Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • ibarrien/kubernetes-monitoring
  • monitoring/helm-charts/kubernetes-monitoring
2 results
Show changes
Commits on Source (120)
20 additional commits have been omitted to prevent performance issues.
Hide whitespace changes
Inline Side-by-side
Showing
with 17801 additions and 87 deletions
.dir-locals.el 0 → 100644
View file @ 25f706e7
((yaml-mode . ((eglot-workspace-configuration . ((yaml schemas . ((
.yaml_schemas/helm-testsuite-0.7.2.json "tests/**/*"
))))))))
.gitignore 0 → 100644
View file @ 25f706e7
charts/*
!charts/crds/
!charts/crds/**
Chart.lock
.gitlab-ci.yml 0 → 100644
View file @ 25f706e7
image: gitlab-registry.cern.ch/linuxsupport/alma9-base
include:
- project : 'ci-tools/container-image-ci-templates'
file : 'helm.gitlab-ci.yml'
ref: master
stages:
- lint
- validate
- test
- build
- deploy
docs_lint:
stage: lint
rules:
- if: '$CI_COMMIT_TAG'
when: never
- if: $CI_PIPELINE_SOURCE == "push"
script:
- dnf install -y python-pip
- python3 -m pip install linkcheckmd
- python3 -m linkcheckmd -v README.md
- python3 -m linkcheckmd -v docs
yaml_lint:
stage: lint
rules:
- if: '$CI_COMMIT_TAG'
when: never
- if: $CI_PIPELINE_SOURCE == "push"
script:
- dnf install -y epel-release
- dnf install -y yamllint
- yamllint .
helm_lint:
stage: lint
rules:
- if: '$CI_COMMIT_TAG'
when: never
- if: $CI_PIPELINE_SOURCE == "push"
image: alpine/helm
script:
- helm dep update .
- helm lint --strict .
helm_docs_needs_running:
stage: validate
image: registry.cern.ch/docker.io/jnorwood/helm-docs:v1.14.2
rules:
- if: '$CI_COMMIT_TAG'
when: never
- if: $CI_PIPELINE_SOURCE == "push"
script:
- helm-docs -o test.md
- diff -ura test.md README.md
unittest:
stage: test
image: registry.cern.ch/docker.io/helmunittest/helm-unittest:3.17.0-0.7.2
script:
- helm unittest -f 'tests/**/*.yaml' .
helm_deploy:
stage: deploy
image: registry.cern.ch/docker.io/alpine/helm:3
rules:
- if: '$CI_COMMIT_TAG'
script: |
sed -i "s/^version:.*/version: ${CI_COMMIT_TAG}/" Chart.yaml
helm package .
echo ${REGISTRY_PASSWORD} | helm registry login registry.cern.ch -u $REGISTRY_USER --password-stdin
helm push cern-it-monitoring-kubernetes-$CI_COMMIT_TAG.tgz oci://registry.cern.ch/monit
.gitlab/merge_request_templates/main_template.md 0 → 100644
View file @ 25f706e7
### Description
<!-- Please provide a detailed description of the changes you are proposing. Include the motivation for the change, any new features introduced, and/or bug fixes. -->
### Motivation
<!-- Why is this change necessary? What issue does it address? -->
### Potential Impact
<!-- Does this change affect other components or features? Are there any known drawbacks or trade-offs? -->
### Merge Request Checklist
- [ ] Documentation has been updated, if applicable.
- [ ] Changes have been tested locally using `helm install . ...`.
### Additional Notes <!-- Remove if not required. -->
<!-- Add any additional notes or context here, such as screenshots, logs, etc., to help reviewers. -->
.helmdocsignore 0 → 100644
View file @ 25f706e7
charts/*
\ No newline at end of file
.helmignore
View file @ 25f706e7
......@@ -4,6 +4,13 @@
.DS_Store
# Common VCS dirs
.git/
.gitlab-ci-local/
.gitlab-ci.yml
.helmignore
.yamllint
config
README.md
README.md.gotmpl
.gitignore
.bzr/
.bzrignore
......@@ -21,3 +28,6 @@
.idea/
*.tmproj
.vscode/
config
tests/
Makefile
\ No newline at end of file
.yaml_schemas/helm-testsuite-0.7.2.json 0 → 100644
View file @ 25f706e7
{
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"description": "A helm test suite is a collection of tests with the same purpose and scope defined in one single file.",
"required": [
"tests"
],
"additionalProperties": false,
"properties": {
"suite": {
"type": "string",
"description": "The suite name to show on test result output.",
"markdownDescription": "**suite** (string) _optional_\n\nThe suite name to show on test result output."
},
"snapshotId": {
"type": "string",
"description": "A suffix to your snapshot file for the tests. Ideal for helm tests.",
"markdownDescription": "**snapshotId** (string) _optional_\n\nA suffix to your snapshot file for the tests. Ideal for helm tests."
},
"values": {
"$ref": "#/definitions/values"
},
"set": {
"$ref": "#/definitions/set"
},
"templates": {
"$ref": "#/definitions/templates"
},
"release": {
"$ref": "#/definitions/release"
},
"capabilities": {
"$ref": "#/definitions/capabilities"
},
"chart": {
"$ref": "#/definitions/chart"
},
"kubernetesProvider": {
"$ref": "#/definitions/kubernetesProvider"
},
"tests": {
"type": "array",
"description": "Where you define your test jobs to run",
"markdownDescription": "**tests** (array<object>) _required_\n\nWhere you define your test jobs to run",
"required": [
"asserts"
],
"items": {
"type": "object",
"properties": {
"it": {
"type": "string",
"description": "Define the name of the test with TDD style or any message you like.",
"markdownDescription": "**it** (string) _recommended_\n\nDefine the name of the test with TDD style or any message you like."
},
"values": {
"$ref": "#/definitions/values"
},
"set": {
"$ref": "#/definitions/set"
},
"template": {
"type": "string",
"description": "The template file(s) which render the manifest to be tested, default to the list of template file defined in templates of suite file, unless template is defined in the assertion(s).",
"markdownDescription": "**template** (string) _optional_\n\nThe template file(s) which render the manifest to be tested, default to the list of template file defined in templates of suite file, unless template is defined in the assertion(s)."
},
"templates": {
"$ref": "#/definitions/templates"
},
"documentIndex": {
"$ref": "#/definitions/documentIndex"
},
"documentSelector": {
"$ref": "#/definitions/documentSelector"
},
"release": {
"$ref": "#/definitions/release"
},
"capabilities": {
"$ref": "#/definitions/capabilities"
},
"chart": {
"$ref": "#/definitions/chart"
},
"kubernetesProvider": {
"$ref": "#/definitions/kubernetesProvider"
},
"asserts": {
"type": "array",
"description": "The assertions to validate the rendered chart.",
"markdownDescription": "**asserts** (array<object>) _required_\n\nThe assertions to validate the rendered chart.",
"items": {
"type": "object",
"properties": {
"containsDocument": true,
"contains": true,
"notContains": true,
"equal": true,
"notEqual": true,
"equalRaw": true,
"notEqualRaw": true,
"exists": true,
"notExists": true,
"failedTemplate": true,
"notFailedTemplate": true,
"greaterOrEqual": true,
"notGreaterOrEqual": true,
"hasDocuments": true,
"lessOrEqual": true,
"notLessOrEqual": true,
"isAPIVersion": true,
"isKind": true,
"isNullOrEmpty": true,
"isNotNullOrEmpty": true,
"isSubset": true,
"isNotSubset": true,
"isType": true,
"isNotType": true,
"lengthEqual": true,
"notLengthEqual": true,
"matchRegex": true,
"notMatchRegex": true,
"matchRegexRaw": true,
"notMatchRegexRaw": true,
"matchSnapshot": true,
"matchSnapshotRaw": true,
"not": {
"type": "boolean",
"description": "Set to true to assert contrarily, default to false.",
"markdownDescription": "**not** (boolean) _optional_\n\nSet to `true` to assert contrarily, default to `false`."
},
"template": {
"type": "string",
"description": "The template file which render the manifest to be asserted, default to the list of template files defined in templates of the suite file, unless the template is in the testjob.",
"markdownDescription": "**template** (string) _optional_\n\nThe template file which render the manifest to be asserted, default to the list of template files defined in `templates` of the suite file, unless the template is in the testjob."
},
"documentIndex": {
"$ref": "#/definitions/documentIndex"
},
"documentSelector": {
"$ref": "#/definitions/documentSelector"
}
},
"additionalProperties": false,
"oneOf": [
{
"properties": {
"containsDocument": {
"type": "object",
"description": "Asserts the documents rendered by the kind and apiVersion specified.",
"markdownDescription": "**containsDocument** (object)\n\nAsserts the documents rendered by the `kind` and `apiVersion` specified.",
"properties": {
"kind": {
"type": "string",
"description": "Expected kind of manifest.",
"markdownDescription": "**kind** (string) _required_\n\nExpected `kind` of manifest.",
"examples": [
"Deployment"
]
},
"apiVersion": {
"type": "string",
"description": "Expected apiVersion of manifest.",
"markdownDescription": "**apiVersion** (string) _required_\n\nExpected `apiVersion` of manifest.",
"examples": [
"apps/v1"
]
},
"name": {
"type": "string",
"description": "The value of the metadata.name.",
"markdownDescription": "**name** (string) _optional_\n\nThe value of the `metadata.name`.",
"examples": [
"foo"
]
},
"namespace": {
"type": "string",
"description": "The value of the metadata.namespace.",
"markdownDescription": "**namespace** (string) _optional_\n\nThe value of the `metadata.namespace`.",
"examples": [
"bar"
]
},
"any": {
"type": "boolean",
"description": "Ignores any other documents.",
"markdownDescription": "**any** (boolean) _optional_\n\nIgnores any other documents."
}
},
"additionalProperties": false
}
},
"required": [
"containsDocument"
]
},
{
"properties": {
"contains": {
"type": "object",
"description": "Assert the array as the value of specified path contains the content.",
"markdownDescription": "**contains** (object)\n\nAssert the array as the value of specified path contains the content.",
"required": [
"path",
"content"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"content": {
"description": "The content to be contained.",
"markdownDescription": "**content** (object) _required_\n\nThe content to be contained."
},
"count": {
"type": "integer",
"description": "The count of content to be contained.",
"markdownDescription": "**count** (integer) _optional_\n\nThe count of content to be contained."
},
"any": {
"type": "boolean",
"description": "Ignores any other values within the found content.",
"markdownDescription": "**any** (boolean) _optional_\n\nIgnores any other values within the found content."
}
},
"additionalProperties": false
}
},
"required": [
"contains"
]
},
{
"properties": {
"notContains": {
"type": "object",
"description": "Assert the array as the value of specified path NOT contains the content.",
"markdownDescription": "**notContains** (object)\n\nAssert the array as the value of specified path NOT contains the content.",
"required": [
"path",
"content"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"content": {
"description": "The content NOT to be contained.",
"markdownDescription": "**content** (object) _required_\n\nThe content NOT to be contained."
},
"any": {
"type": "boolean",
"description": "Ignores any other values within the found content.",
"markdownDescription": "**any** (boolean) _optional_\n\nIgnores any other values within the found content."
}
},
"additionalProperties": false
}
},
"required": [
"notContains"
]
},
{
"properties": {
"equal": {
"type": "object",
"description": "Assert the value of the specified path is equal to the value.",
"markdownDescription": "**equal** (object)\n\nAssert the value of the specified path is equal to the value.",
"required": [
"path",
"value"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"value": {
"description": "The expected value.",
"markdownDescription": "**value** (object) _requried_\n\nThe expected value."
},
"decodeBase64": {
"type": "boolean",
"description": "Decode the base64 before checking.",
"markdownDescription": "**decodeBase64** (boolean) _optional_\n\nDecode the base64 before checking."
}
},
"additionalProperties": false
}
},
"required": [
"equal"
]
},
{
"properties": {
"notEqual": {
"type": "object",
"description": "Assert the value of specified path NOT equal to the value.",
"markdownDescription": "**notEqual** (object)\n\nAssert the value of specified path NOT equal to the value.",
"required": [
"path",
"value"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"value": {
"description": "The value expected not to be.",
"markdownDescription": "**value** (object) _required_\n\nThe value expected not to be."
},
"decodeBase64": {
"type": "boolean",
"description": "Decode the base64 before checking.",
"markdownDescription": "**decodeBase64** (boolean) _optional_\n\nDecode the base64 before checking."
}
},
"additionalProperties": false
}
},
"required": [
"notEqual"
]
},
{
"properties": {
"equalRaw": {
"type": "object",
"description": "Assert equal to the raw value.",
"markdownDescription": "**equal** (object)\n\nAssert equal to the raw value.",
"required": [
"value"
],
"properties": {
"value": {
"type": "string",
"description": "Assert the expected value in a NOTES.txt file.",
"markdownDescription": "**value** (string) _required_\n\nAssert the expected value in a `NOTES.txt` file."
}
},
"additionalProperties": false
}
},
"required": [
"equalRaw"
]
},
{
"properties": {
"notEqualRaw": {
"type": "object",
"description": "Assert equal NOT to the value.",
"markdownDescription": "**notEqualRaw** (object)\n\nAssert equal NOT to the value.",
"required": [
"value"
],
"properties": {
"value": {
"type": "string",
"description": "Assert the expected value in a NOTES.txt file not to be.",
"markdownDescription": "**value** (string) _required_\n\nAssert the expected value in a `NOTES.txt` file not to be."
}
},
"additionalProperties": false
}
},
"required": [
"notEqualRaw"
]
},
{
"properties": {
"exists": {
"type": "object",
"description": "Assert if the specified path exists.",
"markdownDescription": "**exists** (object)\n\nAssert if the specified path `exists`.",
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
}
},
"additionalProperties": false
}
},
"required": [
"exists"
]
},
{
"properties": {
"notExists": {
"type": "object",
"description": "Assert if the specified path NOT exists.",
"markdownDescription": "**notExists** (object)\n\nAssert if the specified path NOT `exists`.",
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
}
},
"additionalProperties": false
}
},
"required": [
"notExists"
]
},
{
"properties": {
"failedTemplate": {
"type": "object",
"description": "Assert the value of errorMessage is the same as the human readable template error, or assert that a template failure occurs.",
"markdownDescription": "**failedTemplate** (object)\n\nAssert the value of `errorMessage` is the same as the human readable template error.",
"oneOf": [
{
"additionalProperties": false,
"properties": {
"errorMessage": {
"type": "string",
"description": "The (human readable) errorMessage that should occur.",
"markdownDescription": "**errorMessage** (string) _required_\n\nThe (human readable) `errorMessage` that should occur.",
"examples": [
"Required value"
]
}
},
"required": [
"errorMessage"
]
},
{
"additionalProperties": false,
"properties": {
"errorPattern": {
"type": "string",
"description": "The regex pattern to match the error (without quoting /).",
"markdownDescription": "**pattern** (string) _required_\n\nThe regex pattern to match the error (without quoting `/`).",
"examples": [
"Required Pattern"
]
}
},
"required": [
"errorPattern"
]
},
{
"additionalProperties": false,
"type": "object",
"description": "Assert that a failure occurs while templating",
"markdownDescription": "**failedTemplate** (object)\n\nAssert that a failure occurs while templating."
}
]
}
},
"required": [
"failedTemplate"
],
"additionalProperties": false
},
{
"properties": {
"notFailedTemplate": {
"type": "object",
"description": "Assert that no failure occurs while templating.",
"markdownDescription": "**notFailedTemplate** (object)\n\nAssert that no failure occurs while templating.",
"additionalProperties": false
}
},
"required": [
"notFailedTemplate"
],
"additionalProperties": false
},
{
"properties": {
"greaterOrEqual": {
"type": "object",
"description": "Assert the value of specified path is greater or equal to the value.",
"markdownDescription": "**greaterOrEqual** (object)\n\nAssert the value of specified path is greater or equal to the value.",
"required": [
"path",
"value"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"value": {
"description": "The expected value.",
"markdownDescription": "**value** (number|string) _required_\n\nThe expected value."
}
},
"additionalProperties": false
}
},
"required": [
"greaterOrEqual"
]
},
{
"properties": {
"notGreaterOrEqual": {
"type": "object",
"description": "Assert the value of specified path is NOT greater or equal to the value.",
"markdownDescription": "**notGreaterOrEqual** (object)\n\nAssert the value of specified path is NOT greater or equal to the value.",
"required": [
"path",
"value"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"value": {
"description": "The expected value.",
"markdownDescription": "**value** (number|string) _required_\n\nThe expected value."
}
},
"additionalProperties": false
}
},
"required": [
"notGreaterOrEqual"
]
},
{
"properties": {
"hasDocuments": {
"type": "object",
"description": "Assert the documents count rendered by the template specified. The documentIndex option is ignored here.",
"markdownDescription": "**hasDocuments** (object)\n\nAssert the documents count rendered by the `template` specified. The `documentIndex` option is ignored here.",
"properties": {
"count": {
"type": "integer",
"description": "Expected count of documents rendered.",
"markdownDescription": "**count** (integer) _required_\n\nExpected count of documents rendered."
}
},
"additionalProperties": false
}
},
"required": [
"hasDocuments"
]
},
{
"properties": {
"lessOrEqual": {
"type": "object",
"description": "Assert the value of specified path is less or equal to the value.",
"markdownDescription": "**lessOrEqual** (object)\n\nAssert the value of specified path is less or equal to the value.",
"required": [
"path",
"value"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"value": {
"description": "The expected value.",
"markdownDescription": "**value** (number|string) _required_\n\nThe expected value."
}
},
"additionalProperties": false
}
},
"required": [
"lessOrEqual"
]
},
{
"properties": {
"notLessOrEqual": {
"type": "object",
"description": "Assert the value of specified path is NOT less or equal to the value.",
"markdownDescription": "**notLessOrEqual** (object)\n\nAssert the value of specified path is NOT less or equal to the value.",
"required": [
"path",
"value"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"value": {
"description": "The expected value.",
"markdownDescription": "**value** (number|string) _required_\n\nThe expected value."
}
},
"additionalProperties": false
}
},
"required": [
"notLessOrEqual"
]
},
{
"properties": {
"isAPIVersion": {
"type": "object",
"description": "Assert the apiVersion value of manifest.",
"markdownDescription": "**isAPIVersion** (object)\n\nAssert the `apiVersion` value of manifest.",
"properties": {
"of": {
"type": "string",
"description": "Expected apiVersion of manifest.",
"markdownDescription": "**of** (string) _required_\n\nExpected `apiVersion` of manifest."
}
},
"additionalProperties": false
}
},
"required": [
"isAPIVersion"
]
},
{
"properties": {
"isKind": {
"type": "object",
"description": "Assert the kind value of manifest.",
"markdownDescription": "**isKind** (object)\n\nAssert the `kind` value of manifest.",
"properties": {
"of": {
"type": "string",
"description": "Expected kind of manifest.",
"markdownDescription": "**of** (string) _required_\n\nExpected `kind` of manifest."
}
},
"additionalProperties": false
}
},
"required": [
"isKind"
]
},
{
"properties": {
"isNullOrEmpty": {
"type": "object",
"description": "Assert the value of specified path is null or empty (null, \"\", 0, [], {}).",
"markdownDescription": "**isNullOrEmpty** (object)\n\nAssert the value of specified path is null or empty (`null`, `\"\"`, `0`, `[]`, `{}`).",
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
}
},
"additionalProperties": false
}
},
"required": [
"isNullOrEmpty"
]
},
{
"properties": {
"isNotNullOrEmpty": {
"type": "object",
"description": "Assert the value of specified path is NOT null or empty (null, \"\", 0, [], {}).",
"markdownDescription": "**isNotNullOrEmpty** (object)\n\nAssert the value of specified path is NOT null or empty (`null`, `\"\"`, `0`, `[]`, `{}`).",
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
}
},
"additionalProperties": false
}
},
"required": [
"isNotNullOrEmpty"
]
},
{
"properties": {
"isSubset": {
"type": "object",
"description": "Assert the object as the value of specified path that contains the content.",
"markdownDescription": "**isSubset** (object)\n\nAssert the object as the value of specified path that contains the content.",
"required": [
"path",
"content"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"content": {
"description": "The content to be contained.",
"markdownDescription": "**content** (object) _required_\n\nThe content to be contained."
}
},
"additionalProperties": false
}
},
"required": [
"isSubset"
]
},
{
"properties": {
"isNotSubset": {
"type": "object",
"description": "Assert the object as the value of specified path that NOT contains the content.",
"markdownDescription": "**isNotSubset** (object)\n\nAssert the object as the value of specified path that NOT contains the content.",
"required": [
"path",
"content"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"content": {
"description": "The content NOT to be contained.",
"markdownDescription": "**content** (object) _required_\n\nThe content NOT to be contained."
}
},
"additionalProperties": false
}
},
"required": [
"isNotSubset"
]
},
{
"properties": {
"isType": {
"type": "object",
"description": "Assert the value of specified path is the type.",
"markdownDescription": "**isType** (object)\n\nAssert the value of specified path is the type.",
"required": [
"path",
"type"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"type": {
"type": "string",
"description": "The expected type.",
"markdownDescription": "**type** (string) _required_\n\nThe expected type."
}
},
"additionalProperties": false
}
},
"required": [
"isType"
]
},
{
"properties": {
"isNotType": {
"type": "object",
"description": "Assert the value of specified path is NOT the type.",
"markdownDescription": "**isNotType** (object)\n\nAssert the value of specified path is NOT the type.",
"required": [
"path",
"type"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"type": {
"type": "string",
"description": "The expected type.",
"markdownDescription": "**type** (string) _required_\n\nThe expected type."
}
},
"additionalProperties": false
}
},
"required": [
"isNotType"
]
},
{
"properties": {
"lengthEqual": {
"type": "object",
"description": "Assert the documents count rendered by the template specified. The documentIndex option is ignored here.",
"markdownDescription": "**lengthEqual** (object)\n\nAssert the spec count rendered by the `path|paths` specified.",
"properties": {
"count": {
"type": "integer",
"description": "Expected count of spec rendered.",
"markdownDescription": "**count** (integer) _required_\n\nExpected count of spec rendered."
},
"path": {
"$ref": "#/definitions/assertion/path"
},
"paths": {
"$ref": "#/definitions/assertion/paths"
}
},
"additionalProperties": false
}
},
"required": [
"lengthEqual"
]
},
{
"properties": {
"notLengthEqual": {
"type": "object",
"description": "Assert the count rendered by the template specified to be equal. The documentIndex option is ignored here.",
"markdownDescription": "**notLengthEqual** (object)\n\nAssert the spec count rendered by the `path|paths` specified NOT to be equal.",
"properties": {
"count": {
"type": "integer",
"description": "Expected count of spec rendered.",
"markdownDescription": "**count** (integer) _required_\n\nExpected count of spec rendered."
},
"path": {
"$ref": "#/definitions/assertion/path"
},
"paths": {
"$ref": "#/definitions/assertion/paths"
}
},
"additionalProperties": false
}
},
"required": [
"notLengthEqual"
]
},
{
"properties": {
"matchRegex": {
"type": "object",
"description": "Assert the value of specified path match pattern.",
"markdownDescription": "**matchRegex** (object)\n\nAssert the value of specified path match pattern.",
"required": [
"path",
"pattern"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"pattern": {
"type": "string",
"description": "The regex pattern to match (without quoting /).",
"markdownDescription": "**pattern** (string) _required_\n\nThe regex pattern to match (without quoting `/`).",
"examples": [
"-my-chart$"
]
},
"decodeBase64": {
"type": "boolean",
"description": "Decode the base64 before checking.",
"markdownDescription": "**decodeBase64** (boolean) _optional_\n\nDecode the base64 before checking."
}
},
"additionalProperties": false
}
},
"required": [
"matchRegex"
]
},
{
"properties": {
"notMatchRegex": {
"type": "object",
"description": "Assert the value of specified path NOT match pattern.",
"markdownDescription": "**notMatchRegex** (object)\n\nAssert the value of specified path NOT match pattern.",
"required": [
"path",
"pattern"
],
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
},
"pattern": {
"type": "string",
"description": "The regex pattern NOT to match (without quoting /).",
"markdownDescription": "**pattern** (string) _required_\n\nThe regex pattern NOT to match (without quoting `/`).",
"examples": [
"-my-chart$"
]
},
"decodeBase64": {
"type": "boolean",
"description": "Decode the base64 before checking.",
"markdownDescription": "**decodeBase64** (boolean) _optional_\n\nDecode the base64 before checking."
}
},
"additionalProperties": false
}
},
"required": [
"notMatchRegex"
]
},
{
"properties": {
"matchRegexRaw": {
"type": "object",
"description": "Assert the value match pattern.",
"markdownDescription": "**matchRegexRaw** (object)\n\nAssert the value match pattern.",
"required": [
"pattern"
],
"properties": {
"pattern": {
"type": "string",
"description": "The regex pattern to match (without quoting /) in a NOTES.txt file.",
"markdownDescription": "**pattern** (string) _required_\n\nThe regex pattern to match (without quoting `/`) in a `NOTES.txt` file.",
"examples": [
"-my-notes$"
]
}
},
"additionalProperties": false
}
},
"required": [
"matchRegexRaw"
]
},
{
"properties": {
"notMatchRegexRaw": {
"type": "object",
"description": "Assert the value NOT match pattern.",
"markdownDescription": "**notMatchRegexRaw** (object)\n\nAssert the value NOT match pattern.",
"required": [
"pattern"
],
"properties": {
"pattern": {
"type": "string",
"description": "The regex pattern NOT to match (without quoting /) in a NOTES.txt file.",
"markdownDescription": "**pattern** (string) _required_\n\nThe regex pattern NOT to match (without quoting `/`) in a `NOTES.txt` file.",
"examples": [
"-my-notes$"
]
}
},
"additionalProperties": false
}
},
"required": [
"notMatchRegexRaw"
]
},
{
"properties": {
"matchSnapshot": {
"type": "object",
"description": "Assert the value of path is the same as snapshotted last time. ",
"markdownDescription": "**matchSnapshot** (object)\n\nAssert the value of `path` is the same as snapshotted last time.",
"properties": {
"path": {
"$ref": "#/definitions/assertion/path"
}
},
"additionalProperties": false
}
},
"required": [
"matchSnapshot"
]
},
{
"properties": {
"matchSnapshotRaw": {
"type": "object",
"description": "Assert the value in the NOTES.txt is the same as snapshotted last time. ",
"markdownDescription": "**matchSnapshotRaw**\n\nAssert the value in the NOTES.txt is the same as snapshotted last time.",
"additionalProperties": false
}
},
"required": [
"matchSnapshotRaw"
]
}
]
}
}
},
"additionalProperties": false
}
}
},
"definitions": {
"assertion": {
"paths": {
"type": "array",
"description": "The set of paths to assert.Map keys in path containing periods (.) are supported with the use of a jq-like syntax.",
"markdownDescription": "**templates** (array<string>) _optional_\n. List of specs for length comparison. ",
"items": {
"type": "string"
}
},
"path": {
"type": "string",
"description": "The set path to assert. Map keys in path containing periods (.) are supported with the use of a jq-like syntax.",
"markdownDescription": "**path** (string) _required_\n\nThe `set` path to assert.\n\nMap keys in path containing periods (.) are supported with the use of a jq-like syntax."
}
},
"capabilities": {
"type": "object",
"description": "Define the {{ .Capabilities }} object.",
"markdownDescription": "**capabilities** (object) _optional_\n\nDefine the `{{ .Capabilities }}` object.",
"properties": {
"majorVersion": {
"type": "integer",
"description": "The kubernetes major version, default to the major version which is set by helm.",
"markdownDescription": "**majorVersion** (integer) _optional_\n\nThe kubernetes major version, default to the major version which is set by helm."
},
"minorVersion": {
"type": "integer",
"description": "The kubernetes minor version, default to the minor version which is set by helm.",
"markdownDescription": "**minorVersion** (integer) _optional_\n\nThe kubernetes minor version, default to the minor version which is set by helm."
},
"apiVersions": {
"type": [
"array",
"null"
],
"description": "A set of versions, default to the versionset used by the defined kubernetes version.",
"markdownDescription": "**apiVersions** (array<string>) _optional_\n\nA set of versions, default to the versionset used by the defined kubernetes version.",
"items": {
"type": "string"
}
}
},
"additionalProperties": false
},
"chart": {
"type": "object",
"description": "Define the {{ .Chart }} object.",
"markdownDescription": "**chart** (object) _optional_\n\nDefine the `{{ .Chart }}` object.",
"properties": {
"version": {
"type": "string",
"description": "The semantic version of the chart, default to the version set in the Chart.",
"markdownDescription": "**version** (string) _optional_\n\nThe semantic version of the chart, default to the version set in the Chart."
},
"appVersion": {
"type": "string",
"description": "The app-version of the chart, default to the app-version set in the Chart.",
"markdownDescription": "**appVersion** (string) _optional_\n\nThe app-version of the chart, default to the app-version set in the Chart."
}
},
"additionalProperties": false
},
"documentIndex": {
"type": "integer",
"description": "The index of rendered documents (divided by ---) to be tested, default to -1, which results in asserting all documents (see Assertion). Generally you can ignored this field if the template file render only one document.",
"markdownDescription": "**documentIndex** (integer) _optional_\n\nThe index of rendered documents (divided by ---) to be tested, default to -1, which results in asserting all documents (see Assertion).\n\nGenerally you can ignored this field if the template file render only one document."
},
"documentSelector": {
"type": "object",
"description": "The path of the key to be match and the match value to assert. Using this information, helm-unittest will automatically discover the documentIndex. Generally you can ignored this field if the template file render only one document.",
"markdownDescription": "**documentSelector** (object) _optional_\n\nThe path of the key to be match and the match value to assert.\n\nUsing this information, helm-unittest will automatically discover the documentIndex.\n\nGenerally you can ignored this field if the template file render only one document.",
"properties": {
"path": {
"type": "string",
"description": "The `documentSelector` path to assert.",
"markdownDescription": "**path** (string)\n\nThe `documentSelector` path to assert."
},
"value": {
"type": [
"string",
"object"
],
"description": "The expected value.",
"markdownDescription": "**value** (string|object)\n\nThe expected value.",
"additionalProperties": true
},
"matchMany": {
"type": "boolean",
"description": "Set to true to allow matching multiple documents.",
"markdownDescription": "**matchMany** (boolean) _optional_\n\nSet to **true* to allow matching multiple documents. Defaults to **false** which means selector has to match single document across all templates."
},
"skipEmptyTemplates": {
"type": "boolean",
"description": "Set to true to skip asserting templates which didn't render any matching documents.",
"markdownDescription": "**skipEmptyTemplates** (boolean) _optional_\n\nSet to **true** to skip asserting templates which didn't render any matching documents. Defaults to **false* which means selector have to find at least one document in every template."
}
},
"required": [
"path",
"value"
],
"additionalProperties": false
},
"kubernetesProvider": {
"type": "object",
"description": "Define Kubernetes resources to fake.",
"markdownDescription": "**kubernetesProvider**: (object) _optional_\n\nDefine Kubernetes resources to fake.",
"properties": {
"scheme": {
"type": "object",
"description": "Define the Kubernetes schema to fake",
"markdownDescription": "**scheme**: (object)\n\nDefine the Kubernetes schema to fake",
"additionalProperties": true
},
"objects": {
"type": "array",
"description": "Define the Kubernetes objects to fake",
"markdownDescription": "**objects**: (array of objects)\n\nDefine the Kubernetes objects to fake",
"minItems": 1,
"items": {
"type": "object",
"additionalProperties": true
}
}
},
"required": [
"objects"
],
"additionalProperties": false
},
"release": {
"type": "object",
"description": "Define the {{ .Release }} object.",
"markdownDescription": "**release** (object) _optional_\n\nDefine the `{{ .Release }}` object.",
"properties": {
"name": {
"type": "string",
"description": "The release name, default to \"RELEASE-NAME\".",
"markdownDescription": "**name** (string) _optional_\n\nThe release name, default to `\"RELEASE-NAME\"`."
},
"namespace": {
"type": "string",
"description": "The namespace which release be installed to, default to \"NAMESPACE\".",
"markdownDescription": "**namespace** (string) _optional_\n\nThe namespace which release be installed to, default to `\"NAMESPACE\"`."
},
"revision": {
"type": "integer",
"description": "The revision of current build, default to 0.",
"markdownDescription": "**revision** (integer) _optional_\n\nThe revision of current build, default to `0`."
},
"upgrade": {
"type": "boolean",
"description": "Whether the build is an upgrade, default to false.",
"markdownDescription": "**upgrade** (boolean) _optional_\n\nWhether the build is an upgrade, default to `false`."
}
},
"additionalProperties": false
},
"templates": {
"type": "array",
"description": "The template files scope to test in this suite. The full chart will be rendered, however only the listed templates are filtered for validation. Template files that are put in a templates sub-folder can be addressed with a linux path separator. Also the templates/ can be omitted. Partial templates (which are prefixed with and _) are added automatically even if it is in a templates sub-folder, you don't need to add them again.",
"markdownDescription": "**templates** (array<string>) _recommended_\n\nThe template files scope to test in this suite. The full chart will be rendered, however only the listed templates are filtered for validation.\n\n Template files that are put in a templates sub-folder can be addressed with a linux path separator. Also the `templates/` can be omitted.\n\nPartial templates (which are prefixed with and _) are added automatically even if it is in a templates sub-folder, you don't need to add them again.",
"items": {
"type": "string"
}
},
"set": {
"type": "object",
"description": "Set the values directly in the suite file. The key is the value path with the format just like --set option of helm install, for example image.pullPolicy. The value is anything you want to set to the path specified by the key, which can be even an array or an object.",
"markdownDescription": "**set** (object) _optional_\n\nSet the values directly in the suite file. The key is the value path with the format just like `--set` option of `helm install`, for example `image.pullPolicy`.\n\nThe value is anything you want to set to the path specified by the key, which can be even an array or an object.",
"additionalProperties": true
},
"values": {
"type": "array",
"description": "The test values to apply for rendering of this chart.",
"markdownDescription": "**values** (array<string>) _recommended_\n\n.The test values to apply for rendering of this chart.",
"items": {
"type": "string"
}
}
}
}
\ No newline at end of file
.yamllint 0 → 100644
View file @ 25f706e7
rules:
line-length: disable
indentation:
spaces: 2
ignore:
- templates/*
- charts/crds/crds/*
CHANGELOG.md 0 → 100644
View file @ 25f706e7
# Change Log
All releases of this chart come with annotated Git tags which serve as
a change log so please take a look at those if you're looking for
release notes.
CONTRIBUTING.md 0 → 100644
View file @ 25f706e7
# Contributing to Kubernetes Monitoring Helm Chart
Thank you for your interest in contributing to the Kubernetes Monitoring Helm Chart project, maintained by the CERN IT Monitoring team. This Helm chart facilitates the collection of both metrics and logs from Kubernetes clusters and the applications running on them. We appreciate your efforts to improve and maintain the chart!
Below are the guidelines to help you contribute effectively.
## How to Contribute
### 1. Fork the Repository
Begin by creating a fork of the main repository hosted on GitLab at:
`gitlab.cern.ch/monitoring/helm-charts/kubernetes-monitoring`
Forking the repository allows you to freely experiment with changes without affecting the original repository.
### 2. Create a Branch for Your Changes
Once you've forked the repository, create a feature branch from the `master` branch. A good practice is to name the branch based on the feature or fix you're working on, e.g., `feature/log-enhancement` or `fix/documentation-typo`.
```bash
git checkout -b feature/my-awesome-feature
```
### 3. Implement and Test Your Changes
Develop your changes locally. Please include all the necessary unit tests covering your new feature. Before submitting your contribution, please ensure that you validate your changes thoroughly by running the chart locally.
See [getting started](docs/getting_started.md) for hints on how to install the chart.
This procedure ensures that your changes do not introduce any unintended issues.
### 4. Update Documentation
If your changes modify or extend the functionality of the chart, do not forget to update the relevant documentation. `README.md` is autogenerated using [helm-docs](https://github.com/norwoodj/helm-docs) so please don't edit this file by hand (modify instead `values.yaml` or `README.md.gotmpl` as needed). Then re-generate the final `README.md` using helm-docs and add those changes too to your change request.
### 5. Submit a Merge Request
Once your changes are ready, push your branch to your fork and create a Merge Request (MR) targeting the `master` branch of the main repository.
In your MR, provide a clear and detailed explanation of your changes. Include the motivation behind the change, a description of what was modified, and any potential impact or known drawbacks. Make sure to tag the appropriate reviewers from the CERN IT Monitoring team for review.
\ No newline at end of file
Chart.yaml
View file @ 25f706e7
apiVersion: v2
name: cern-it-monitoring-kubernetes
version: 0.0.0 # DO NOT UPDATE MANUALLY!
type: application
appVersion: v0.1.0
version: 0.1.0
kubeVersion: ">=1.21.0-0"
description: Helm Chart provided by IT Monitoring Service to install and configure required components to gather and send monitoring data from kubernetes clusters to central service.
kubeVersion: ">=1.27.0-0"
description: Helm Chart provided by the IT Monitoring Service to install and configure the required components to gather and send monitoring data from Kubernetes clusters to the central service.
home: https://cern.ch/monitoring
dependencies:
- name: prometheus-operator-crds
repository: https://prometheus-community.github.io/helm-charts
version: 11.0.0
\ No newline at end of file
- name: crds
version: "0.0.0"
condition: crds.enabled
LICENSE 0 → 100644
View file @ 25f706e7
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2024 European Council for Nuclear Research (CERN)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
\ No newline at end of file
Makefile 0 → 100644
View file @ 25f706e7
.PHONY: fetch_crds all
# https://github.com/prometheus-community/helm-charts/releases
VERSION ?= 13.0.2
CRDS_PATH = charts/crds/crds
URL = https://github.com/prometheus-community/helm-charts/releases/download/prometheus-operator-crds-$(VERSION)/prometheus-operator-crds-$(VERSION).tgz
fetch_crds:
rm -rf ${CRDS_PATH}/*.yaml
curl -s -L -o - ${URL} | tar -C ${CRDS_PATH} --strip-components=4 -xzf - prometheus-operator-crds/charts/crds/templates
find ${CRDS_PATH} -type f -name '*.yaml' -exec sed -i '/{{- with .Values.annotations }}/d' {} +
find ${CRDS_PATH} -type f -name '*.yaml' -exec sed -i '/{{- toYaml . | nindent 4 }}/d' {} +
find ${CRDS_PATH} -type f -name '*.yaml' -exec sed -i '/{{- end }}/d' {} +
sed -i '/^ annotations:/a \ argocd.argoproj.io/sync-options: ServerSideApply=true' ${CRDS_PATH}/*.yaml
all: fetch_crds
README.md
View file @ 25f706e7
# Helm Chart for Kubernetes Monitoring
## Getting started
To make it easy for you to get started with GitLab, here's a list of recommended next steps.
Already a pro? Just edit this README.md and make it your own. Want to make it easy? [Use the template at the bottom](#editing-this-readme)!
## Add your files
- [ ] [Create](https://docs.gitlab.com/ee/user/project/repository/web_editor.html#create-a-file) or [upload](https://docs.gitlab.com/ee/user/project/repository/web_editor.html#upload-a-file) files
- [ ] [Add files using the command line](https://docs.gitlab.com/ee/gitlab-basics/add-file.html#add-a-file-using-the-command-line) or push an existing Git repository with the following command:
```
cd existing_repo
git remote add origin https://gitlab.cern.ch/monitoring/helm-charts/kubernetes-monitoring.git
git branch -M master
git push -uf origin master
```
## Integrate with your tools
- [ ] [Set up project integrations](https://gitlab.cern.ch/monitoring/helm-charts/kubernetes-monitoring/-/settings/integrations)
## Collaborate with your team
- [ ] [Invite team members and collaborators](https://docs.gitlab.com/ee/user/project/members/)
- [ ] [Create a new merge request](https://docs.gitlab.com/ee/user/project/merge_requests/creating_merge_requests.html)
- [ ] [Automatically close issues from merge requests](https://docs.gitlab.com/ee/user/project/issues/managing_issues.html#closing-issues-automatically)
- [ ] [Enable merge request approvals](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/)
- [ ] [Set auto-merge](https://docs.gitlab.com/ee/user/project/merge_requests/merge_when_pipeline_succeeds.html)
## Test and Deploy
Use the built-in continuous integration in GitLab.
- [ ] [Get started with GitLab CI/CD](https://docs.gitlab.com/ee/ci/quick_start/index.html)
- [ ] [Analyze your code for known vulnerabilities with Static Application Security Testing (SAST)](https://docs.gitlab.com/ee/user/application_security/sast/)
- [ ] [Deploy to Kubernetes, Amazon EC2, or Amazon ECS using Auto Deploy](https://docs.gitlab.com/ee/topics/autodevops/requirements.html)
- [ ] [Use pull-based deployments for improved Kubernetes management](https://docs.gitlab.com/ee/user/clusters/agent/)
- [ ] [Set up protected environments](https://docs.gitlab.com/ee/ci/environments/protected_environments.html)
***
# Editing this README
When you're ready to make this README your own, just edit this file and use the handy template below (or feel free to structure it however you want - this is just a starting point!). Thanks to [makeareadme.com](https://www.makeareadme.com/) for this template.
## Suggestions for a good README
Every project is different, so consider which of these sections apply to yours. The sections used in the template are suggestions for most open source projects. Also keep in mind that while a README can be too long and detailed, too long is better than too short. If you think your README is too long, consider utilizing another form of documentation rather than cutting out information.
## Name
Choose a self-explaining name for your project.
# cern-it-monitoring-kubernetes
## Description
Let people know what your project can do specifically. Provide context and add a link to any reference visitors might be unfamiliar with. A list of Features or a Background subsection can also be added here. If there are alternatives to your project, this is a good place to list differentiating factors.
## Badges
On some READMEs, you may see small images that convey metadata, such as whether or not all the tests are passing for the project. You can use Shields to add some to your README. Many services also have instructions for adding a badge.
## Visuals
Depending on what you are making, it can be a good idea to include screenshots or even a video (you'll frequently see GIFs rather than actual videos). Tools like ttygif can help, but check out Asciinema for a more sophisticated method.
The **CERN IT Monitoring Kubernetes Helm Chart** provides a solution
for monitoring Kubernetes clusters at CERN. It enables the collection
of **metrics**, **logs**, and future support for **traces**, which are
forwarded to the central CERN monitoring infrastructure. From there
users can consume them using the day-to-day tools that they already
user like [Grafana](https://monit-docs.web.cern.ch/access/grafana/) or
[OpenSearch](https://monit-docs.web.cern.ch/access/opensearch/).
This Helm chart simplifies the deployment and configuration of
necessary components for observability, making it easier to manage
monitoring across various Kubernetes clusters and their applications.
## Quick Start
See [getting started](docs/getting_started.md).
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| crds.enabled | bool | `true` | whether to install Prometheus operator's CRDs |
| events.enabled | bool | `false` | indicates if components to capture Kubernetes events should be enabled or not. |
| events.fluentbit.enabled | bool | `false` | indicates if fluentbit Kubernetes events component should be installed or not |
| events.fluentbit.extraVolumeMounts | list | `[]` | |
| events.fluentbit.extraVolumes | list | `[]` | |
| events.fluentbit.filters | string | partly autogenerated -- see values.yaml | fluentbit filters as a yaml list in a multiline string |
| events.fluentbit.image.imagePullPolicy | string | `""` | image pull policy for Fluent Bit |
| events.fluentbit.image.repository | string | `""` | repository to use for Fluent Bit |
| events.fluentbit.image.tag | string | `""` | tag to use for Fluent Bit |
| events.fluentbit.inputs | string | partly autogenerated -- see values.yaml | fluentbit inputs as a yaml list in a multiline string |
| events.fluentbit.luaScripts | object | `{}` | extra Lua scripts for user-provided transformations |
| events.fluentbit.outputs | string | partly autogenerated -- see values.yaml | fluentbit outputs as a yaml list in a multiline string |
| events.fluentbit.resources.limits.cpu | string | `"20m"` | |
| events.fluentbit.resources.limits.memory | string | `"25Mi"` | |
| events.fluentbit.resources.requests.cpu | string | `"5m"` | |
| events.fluentbit.resources.requests.memory | string | `"15Mi"` | |
| events.fluentbit.service | string | partly autogenerated -- see values.yaml | fluentbit service configuration options in a multiline string |
| fluentbit.image.imagePullPolicy | string | `"IfNotPresent"` | image pull policy applied to all Fluent Bit instances |
| fluentbit.image.repository | string | `"registry.cern.ch/monit/cern-it-monitoring-fluent-bit"` | image repository applied to all Fluent Bit instances |
| fluentbit.image.tag | string | `"3.2.6"` | image tag applied to all Fluent Bit instances |
| kubernetes.clusterName | string | `""` | name of the kubernetes cluster to monitor. This value will be appended to very metric and log via k8s_cluster_name label. This bit is required if fluentbit is enabled (default) |
| logs.collectedNamespaces | list | `["default"]` | restrict log sending from pods in these namespaces. you can provide literals or regular expressions. |
| logs.enabled | bool | `false` | indicates if logs metrics components should be enabled or not. If set to false no logs component will be installed nor configured |
| logs.fluentbit.customParsers | string | `""` | |
| logs.fluentbit.enabled | bool | `false` | indicates if fluentbit logs component should be installed or not |
| logs.fluentbit.extraVolumeMounts | list | `[]` | |
| logs.fluentbit.extraVolumes | list | `[]` | |
| logs.fluentbit.filters | string | partly autogenerated -- see values.yaml | fluentbit filters as a yaml list in a multiline string |
| logs.fluentbit.image.imagePullPolicy | string | `""` | image pull policy for Fluent Bit (logs) |
| logs.fluentbit.image.repository | string | `""` | repository to use for Fluent Bit (logs) |
| logs.fluentbit.image.tag | string | `""` | tag to use for Fluent Bit (logs) |
| logs.fluentbit.inputs | string | partly autogenerated -- see values.yaml | fluentbit inputs as a yaml list in a multiline string |
| logs.fluentbit.luaScripts | object | `{}` | extra Lua scripts for user-provided transformations |
| logs.fluentbit.outputs | string | partly autogenerated -- see values.yaml | fluentbit outputs as a yaml list in a multiline string |
| logs.fluentbit.resources.limits.cpu | string | `"20m"` | |
| logs.fluentbit.resources.limits.memory | string | `"25Mi"` | |
| logs.fluentbit.resources.requests.cpu | string | `"5m"` | |
| logs.fluentbit.resources.requests.memory | string | `"15Mi"` | |
| logs.fluentbit.service | string | partly autogenerated -- see values.yaml | fluentbit service configuration options in a multiline string |
| metrics.alertmanager.enabled | bool | `false` | if true alertmanager will be installed and prometheus reconfigured to use it as the alerting endpoint |
| metrics.alertmanager.image | string | `"registry.cern.ch/monit/cern-it-monitoring-alertmanager"` | alertmanager image to use by the local cluster alertmanager |
| metrics.alertmanager.ingress.className | string | `""` | class name to be used by the alertmanager ingress |
| metrics.alertmanager.ingress.enabled | bool | `false` | if set to true an ingress will be created for the alertmanager service |
| metrics.alertmanager.ingress.hosts | list | `[]` | list of hosts for the alertmanager ingress |
| metrics.alertmanager.ingress.path | string | `"/"` | entry path for the alertmanager ingress |
| metrics.alertmanager.ingress.pathType | string | `"ImplementationSpecific"` | path type for the alertmanager ingress |
| metrics.alertmanager.ingress.tls | object | `{}` | tls configuration for the alertmanager ingress |
| metrics.alertmanager.nodeSelector | object | `{}` | node selector configuration for the alertmanager |
| metrics.alertmanager.pullPolicy | string | `"IfNotPresent"` | pull policy for the alertmanager image |
| metrics.alertmanager.replicas | int | `3` | number of replicas for the alertmanager deployment |
| metrics.alertmanager.tag | string | `"v0.27.0"` | alertmanager image tag to be used when pulling it |
| metrics.alertmanager.volumeMounts | list | `[]` | list of volumes to be mounted |
| metrics.alertmanager.volumes | list | `[]` | list of volumes to be declared |
| metrics.apiServer.serviceMonitor.relabelings | list | `[]` | |
| metrics.coredns.serviceMonitor.relabelings | list | `[]` | |
| metrics.defaultNodeSelector | object | `{}` | the default node selector will be applied when possible. In to the following components: metrics collectors (prometheus and fluentbit), metrics exporters (kube state). |
| metrics.enabled | bool | `true` | indicates if all metrics components should be enabled or not. If set to false no metrics component will be installed nor configured |
| metrics.etcd.serviceMonitor.relabelings | list | `[]` | |
| metrics.fluentbit.diskMaxCache | string | `"5G"` | max size for in-disk storage for fluent-bit |
| metrics.fluentbit.enabled | bool | `true` | if true fluentbit metrics forwarder will be installed |
| metrics.fluentbit.filters | string | partly autogenerated -- see values.yaml | fluentbit filters as a yaml list in a multiline string |
| metrics.fluentbit.image.imagePullPolicy | string | `""` | image pull policy for Fluent Bit (metrics) |
| metrics.fluentbit.image.repository | string | `""` | repository to use for Fluent Bit (metrics) |
| metrics.fluentbit.image.tag | string | `""` | tag to use for Fluent Bit (metrics) |
| metrics.fluentbit.inputs | string | partly autogenerated -- see values.yaml | fluentbit inputs as a yaml list in a multiline string |
| metrics.fluentbit.luaScripts | object | `{}` | extra Lua scripts for user-provided transformations |
| metrics.fluentbit.nodeSelector | object | `{}` | |
| metrics.fluentbit.outputs | string | partly autogenerated -- see values.yaml | fluentbit outputs as a yaml list in a multiline string |
| metrics.fluentbit.prometheusRemoteWriteInputConfig.bufferChunkSize | string | `"128M"` | |
| metrics.fluentbit.prometheusRemoteWriteInputConfig.bufferMaxSize | string | `"2G"` | |
| metrics.fluentbit.prometheusRemoteWriteInputConfig.listen | string | `"0.0.0.0"` | |
| metrics.fluentbit.prometheusRemoteWriteInputConfig.port | int | `8080` | |
| metrics.fluentbit.prometheusRemoteWriteInputConfig.successfulResponseCode | int | `201` | |
| metrics.fluentbit.prometheusRemoteWriteInputConfig.tag | string | `"monit.prom.k8s"` | |
| metrics.fluentbit.prometheusRemoteWriteInputConfig.tagFromUri | bool | `false` | |
| metrics.fluentbit.prometheusRemoteWriteInputConfig.threaded | bool | `false` | |
| metrics.fluentbit.prometheusRemoteWriteInputConfig.uri | string | `"/api/prom/push"` | |
| metrics.fluentbit.replicas | int | `2` | |
| metrics.fluentbit.resources.limits.cpu | string | `"1"` | |
| metrics.fluentbit.resources.limits.memory | string | `"1Gi"` | |
| metrics.fluentbit.resources.requests.cpu | string | `"1"` | |
| metrics.fluentbit.resources.requests.memory | string | `"512Mi"` | |
| metrics.fluentbit.service | string | partly autogenerated -- see values.yaml | fluentbit service configuration options in a multiline string |
| metrics.ingress.nginx.serviceMonitor.relabelings | list | `[]` | |
| metrics.kubeProxy.serviceMonitor.relabelings | list | `[]` | |
| metrics.kubeState.enabled | bool | `true` | if true kube state will be installed together with a service monitor |
| metrics.kubeState.nodeSelector | object | `{}` | |
| metrics.kubeState.resources.limits.cpu | string | `"20m"` | |
| metrics.kubeState.resources.limits.memory | string | `"25Mi"` | |
| metrics.kubeState.resources.requests.cpu | string | `"5m"` | |
| metrics.kubeState.resources.requests.memory | string | `"15Mi"` | |
| metrics.kubeState.scrapeInterval | string | `"30s"` | indicates how often this exporter will be scraped by the local prometheus |
| metrics.kubeState.serviceMonitor.relabelings | list | `[]` | |
| metrics.kubecontroller.serviceMonitor.relabelings | list | `[]` | |
| metrics.kubelet.serviceMonitor.relabelings | list | `[]` | |
| metrics.nodeExporter.enabled | bool | `true` | if true node exporter will be installed as a daemon set together with a pod monitor |
| metrics.nodeExporter.resources.limits.cpu | string | `"20m"` | |
| metrics.nodeExporter.resources.limits.memory | string | `"25Mi"` | |
| metrics.nodeExporter.resources.requests.cpu | string | `"5m"` | |
| metrics.nodeExporter.resources.requests.memory | string | `"15Mi"` | |
| metrics.nodeExporter.scrapeInterval | string | `""` | indicates how often this exporter will be scraped by the local prometheus |
| metrics.nodeExporter.serviceMonitor.relabelings | list | `[]` | |
| metrics.prometheus.enabled | bool | `true` | if true prometheus operator and a prometheus server will be installed |
| metrics.prometheus.operator.nodeSelector | object | `{}` | |
| metrics.prometheus.operator.resources.limits.cpu | string | `"100m"` | |
| metrics.prometheus.operator.resources.limits.memory | string | `"100Mi"` | |
| metrics.prometheus.operator.resources.requests.cpu | string | `"5m"` | |
| metrics.prometheus.operator.resources.requests.memory | string | `"25Mi"` | |
| metrics.prometheus.server.extraLabelsForMetrics | object | `{}` | set of static labels and values to add to all the metrics gathered by the in-cluster prometheus when exported to central monitoring |
| metrics.prometheus.server.image | string | `"registry.cern.ch/monit/cern-it-monitoring-prometheus:v2.53.3"` | prometheus image to use by the local cluster prometheus |
| metrics.prometheus.server.nodeSelector | object | `{}` | prometheus operator node selectors. If set it will override the metrics.defaultNodeSelector |
| metrics.prometheus.server.relabelings | list | `[]` | allows to drop / relabel node Exporter metrics. |
| metrics.prometheus.server.remoteWrite | object | `{}` | remote write prometheus configuration |
| metrics.prometheus.server.resources.limits.cpu | string | `"500m"` | |
| metrics.prometheus.server.resources.limits.memory | string | `"5Gi"` | |
| metrics.prometheus.server.resources.requests.cpu | string | `"100m"` | |
| metrics.prometheus.server.resources.requests.memory | string | `"2Gi"` | |
| metrics.prometheus.server.retention | string | `"24h"` | interval during which local cluster prometheus will store metrics |
| metrics.prometheus.server.scrapeInterval | string | `"10s"` | interval used to self scrape metrics |
| metrics.prometheus.server.scrapeTimeout | string | `"5s"` | timeout for self scraped metrics |
| metrics.prometheus.server.serviceMonitors | list | `[]` | service monitors to be created |
| metrics.prometheus.server.version | string | `"v2.53.3"` | prometheus version to use by the local cluster prometheus |
| metrics.pushgateway.enabled | bool | `false` | pushgateway allows you to send metrics to the monitoring infrastructure by pushing them to the local cluster service it-monit-metrics-collector-pushgateway. |
| metrics.pushgateway.image.pullPolicy | string | `"IfNotPresent"` | |
| metrics.pushgateway.image.repository | string | `"registry.cern.ch/monit/cern-it-monitoring-pushgateway"` | |
| metrics.pushgateway.image.tag | string | `"v1.10.0"` | |
| metrics.pushgateway.ingress.className | string | `""` | |
| metrics.pushgateway.ingress.enabled | bool | `false` | if set to true will install register a new ingress with the given configuration. |
| metrics.pushgateway.ingress.hosts | list | `[]` | |
| metrics.pushgateway.ingress.path | string | `"/"` | |
| metrics.pushgateway.ingress.pathType | string | `"ImplementationSpecific"` | |
| metrics.pushgateway.ingress.tls | object | `{}` | |
| metrics.pushgateway.nodeSelector | object | `{}` | if given will override the defaultNodeSelector and install the component only on the nodes that match the given condition. |
| metrics.pushgateway.resources.limits.cpu | float | `0.2` | |
| metrics.pushgateway.resources.limits.memory | string | `"100Mi"` | |
| metrics.pushgateway.resources.requests.cpu | float | `0.2` | |
| metrics.pushgateway.resources.requests.memory | string | `"100Mi"` | |
| metrics.scheduler.serviceMonitor.relabelings | list | `[]` | |
| otlp.endpoint | string | `"monit-otlp.cern.ch"` | otlp endpoint where the otlp receivers are listening |
| otlp.port | int | `4319` | otlp port where the otlp receivers are listening |
| tenant.name | string | `""` | username used for authenitcating in the MONIT infrastructure |
| tenant.password | string | `""` | password (plain) used for authenticating in the MONIT infrastructure |
## Installation
Within a particular ecosystem, there may be a common way of installing things, such as using Yarn, NuGet, or Homebrew. However, consider the possibility that whoever is reading your README is a novice and would like more guidance. Listing specific steps helps remove ambiguity and gets people to using your project as quickly as possible. If it only runs in a specific context like a particular programming language version or operating system or has dependencies that have to be installed manually, also add a Requirements subsection.
## Usage
Use examples liberally, and show the expected output if you can. It's helpful to have inline the smallest example of usage that you can demonstrate, while providing links to more sophisticated examples if they are too long to reasonably include in the README.
## Contributing
## Support
Tell people where they can go to for help. It can be any combination of an issue tracker, a chat room, an email address, etc.
We welcome contributions! If you're interested in helping improve this project, please review our [contribution guidelines](CONTRIBUTING.md). In brief:
## Roadmap
If you have ideas for releases in the future, it is a good idea to list them in the README.
1. **Fork** the repository.
2. Create a **feature branch**.
3. Implement, provide tests and validate your changes.
4. Submit a **Merge Request (MR)** to the `master` branch.
## Contributing
State if you are open to contributions and what your requirements are for accepting them.
For a full contribution workflow, visit the [contribution guide](CONTRIBUTING.md).
For people who want to make changes to your project, it's helpful to have some documentation on how to get started. Perhaps there is a script that they should run or some environment variables that they need to set. Make these steps explicit. These instructions could also be useful to your future self.
## Documentation
You can also document commands to lint the code or run tests. These steps help to ensure high code quality and reduce the likelihood that the changes inadvertently break something. Having instructions for running tests is especially helpful if it requires external setup, such as starting a Selenium server for testing in a browser.
The main source of documentation for this chart is this
README. There's some extra details about the components being deployed
in the [docs](docs) directory, though.
## Authors and acknowledgment
Show your appreciation to those who have contributed to the project.
The [MONIT project documentation](https://monit-docs.web.cern.ch)
contains useful bits complementing this chart.
## License
For open source projects, say how it is licensed.
## Project status
If you have run out of energy or time for your project, put a note at the top of the README saying that development has slowed down or stopped completely. Someone may choose to fork your project or volunteer to step in as a maintainer or owner, allowing your project to keep going. You can also make an explicit request for maintainers.
This repository is licensed under the [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0). See the [LICENSE](LICENSE) file for more information.
README.md.gotmpl 0 → 100644
View file @ 25f706e7
{{ template "chart.header" . }}
## Description
The **CERN IT Monitoring Kubernetes Helm Chart** provides a solution
for monitoring Kubernetes clusters at CERN. It enables the collection
of **metrics**, **logs**, and future support for **traces**, which are
forwarded to the central CERN monitoring infrastructure. From there
users can consume them using the day-to-day tools that they already
user like [Grafana](https://monit-docs.web.cern.ch/access/grafana/) or
[OpenSearch](https://monit-docs.web.cern.ch/access/opensearch/).
This Helm chart simplifies the deployment and configuration of
necessary components for observability, making it easier to manage
monitoring across various Kubernetes clusters and their applications.
## Quick Start
See [getting started](docs/getting_started.md).
{{ template "chart.valuesSection" . }}
## Contributing
We welcome contributions! If you're interested in helping improve this project, please review our [contribution guidelines](CONTRIBUTING.md). In brief:
1. **Fork** the repository.
2. Create a **feature branch**.
3. Implement, provide tests and validate your changes.
4. Submit a **Merge Request (MR)** to the `master` branch.
For a full contribution workflow, visit the [contribution guide](CONTRIBUTING.md).
## Documentation
The main source of documentation for this chart is this
README. There's some extra details about the components being deployed
in the [docs](docs) directory, though.
The [MONIT project documentation](https://monit-docs.web.cern.ch)
contains useful bits complementing this chart.
## License
This repository is licensed under the [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0). See the [LICENSE](LICENSE) file for more information.
charts/crds/.helmignore 0 → 100644
View file @ 25f706e7
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitlab-ci-local/
.gitlab-ci.yml
.helmignore
.yamllint
config
README.md
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
config
\ No newline at end of file
charts/crds/Chart.yaml 0 → 100644
View file @ 25f706e7
apiVersion: v2
name: crds
version: 0.0.0
charts/crds/crds/crd-alertmanagerconfigs.yaml 0 → 100644
View file @ 25f706e7
source diff could not be displayed: it is too large. Options to address this: view the blob.
charts/crds/crds/crd-alertmanagers.yaml 0 → 100644
View file @ 25f706e7
source diff could not be displayed: it is too large. Options to address this: view the blob.
charts/crds/crds/crd-podmonitors.yaml 0 → 100644
View file @ 25f706e7
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.75.2/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
argocd.argoproj.io/sync-options: ServerSideApply=true
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.2
name: podmonitors.monitoring.coreos.com
spec:
group: monitoring.coreos.com
names:
categories:
- prometheus-operator
kind: PodMonitor
listKind: PodMonitorList
plural: podmonitors
shortNames:
- pmon
singular: podmonitor
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: PodMonitor defines monitoring for a set of pods.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: Specification of desired Pod selection for target discovery
by Prometheus.
properties:
attachMetadata:
description: |-
`attachMetadata` defines additional metadata which is added to the
discovered targets.
It requires Prometheus >= v2.37.0.
properties:
node:
description: |-
When set to true, Prometheus must have the `get` permission on the
`Nodes` objects.
type: boolean
type: object
bodySizeLimit:
description: |-
When defined, bodySizeLimit specifies a job level limit on the size
of uncompressed response body that will be accepted by Prometheus.
It requires Prometheus >= v2.28.0.
pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
type: string
jobLabel:
description: |-
The label to use to retrieve the job name from.
`jobLabel` selects the label from the associated Kubernetes `Pod`
object which will be used as the `job` label for all metrics.
For example if `jobLabel` is set to `foo` and the Kubernetes `Pod`
object is labeled with `foo: bar`, then Prometheus adds the `job="bar"`
label to all ingested metrics.
If the value of this field is empty, the `job` label of the metrics
defaults to the namespace and name of the PodMonitor object (e.g. `<namespace>/<name>`).
type: string
keepDroppedTargets:
description: |-
Per-scrape limit on the number of targets dropped by relabeling
that will be kept in memory. 0 means no limit.
It requires Prometheus >= v2.47.0.
format: int64
type: integer
labelLimit:
description: |-
Per-scrape limit on number of labels that will be accepted for a sample.
It requires Prometheus >= v2.27.0.
format: int64
type: integer
labelNameLengthLimit:
description: |-
Per-scrape limit on length of labels name that will be accepted for a sample.
It requires Prometheus >= v2.27.0.
format: int64
type: integer
labelValueLengthLimit:
description: |-
Per-scrape limit on length of labels value that will be accepted for a sample.
It requires Prometheus >= v2.27.0.
format: int64
type: integer
namespaceSelector:
description: |-
Selector to select which namespaces the Kubernetes `Pods` objects
are discovered from.
properties:
any:
description: |-
Boolean describing whether all namespaces are selected in contrast to a
list restricting them.
type: boolean
matchNames:
description: List of namespace names to select from.
items:
type: string
type: array
type: object
podMetricsEndpoints:
description: List of endpoints part of this PodMonitor.
items:
description: |-
PodMetricsEndpoint defines an endpoint serving Prometheus metrics to be scraped by
Prometheus.
properties:
authorization:
description: |-
`authorization` configures the Authorization header credentials to use when
scraping the target.
Cannot be set at the same time as `basicAuth`, or `oauth2`.
properties:
credentials:
description: Selects a key of a Secret in the namespace
that contains the credentials for authentication.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type:
description: |-
Defines the authentication type. The value is case-insensitive.
"Basic" is not a supported value.
Default: "Bearer"
type: string
type: object
basicAuth:
description: |-
`basicAuth` configures the Basic Authentication credentials to use when
scraping the target.
Cannot be set at the same time as `authorization`, or `oauth2`.
properties:
password:
description: |-
`password` specifies a key of a Secret containing the password for
authentication.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
username:
description: |-
`username` specifies a key of a Secret containing the username for
authentication.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
bearerTokenSecret:
description: |-
`bearerTokenSecret` specifies a key of a Secret containing the bearer
token for scraping targets. The secret needs to be in the same namespace
as the PodMonitor object and readable by the Prometheus Operator.
Deprecated: use `authorization` instead.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
enableHttp2:
description: '`enableHttp2` can be used to disable HTTP2 when
scraping the target.'
type: boolean
filterRunning:
description: |-
When true, the pods which are not running (e.g. either in Failed or
Succeeded state) are dropped during the target discovery.
If unset, the filtering is enabled.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
type: boolean
followRedirects:
description: |-
`followRedirects` defines whether the scrape requests should follow HTTP
3xx redirects.
type: boolean
honorLabels:
description: |-
When true, `honorLabels` preserves the metric's labels when they collide
with the target's labels.
type: boolean
honorTimestamps:
description: |-
`honorTimestamps` controls whether Prometheus preserves the timestamps
when exposed by the target.
type: boolean
interval:
description: |-
Interval at which Prometheus scrapes the metrics from the target.
If empty, Prometheus uses the global scrape interval.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
metricRelabelings:
description: |-
`metricRelabelings` configures the relabeling rules to apply to the
samples before ingestion.
items:
description: |-
RelabelConfig allows dynamic rewriting of the label set for targets, alerts,
scraped samples and remote write samples.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
properties:
action:
default: replace
description: |-
Action to perform based on the regex matching.
`Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0.
`DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0.
Default: "Replace"
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: |-
Modulus to take of the hash of the source label values.
Only applicable when the action is `HashMod`.
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched.
type: string
replacement:
description: |-
Replacement value against which a Replace action is performed if the
regular expression matches.
Regex capture groups are available.
type: string
separator:
description: Separator is the string between concatenated
SourceLabels.
type: string
sourceLabels:
description: |-
The source labels select values from existing labels. Their content is
concatenated using the configured Separator and matched against the
configured regular expression.
items:
description: |-
LabelName is a valid Prometheus label name which may only contain ASCII
letters, numbers, as well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: |-
Label to which the resulting string is written in a replacement.
It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`,
`KeepEqual` and `DropEqual` actions.
Regex capture groups are available.
type: string
type: object
type: array
oauth2:
description: |-
`oauth2` configures the OAuth2 settings to use when scraping the target.
It requires Prometheus >= 2.27.0.
Cannot be set at the same time as `authorization`, or `basicAuth`.
properties:
clientId:
description: |-
`clientId` specifies a key of a Secret or ConfigMap containing the
OAuth2 client's ID.
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
clientSecret:
description: |-
`clientSecret` specifies a key of a Secret containing the OAuth2
client's secret.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
endpointParams:
additionalProperties:
type: string
description: |-
`endpointParams` configures the HTTP parameters to append to the token
URL.
type: object
scopes:
description: '`scopes` defines the OAuth2 scopes used for
the token request.'
items:
type: string
type: array
tokenUrl:
description: '`tokenURL` configures the URL to fetch the
token from.'
minLength: 1
type: string
required:
- clientId
- clientSecret
- tokenUrl
type: object
params:
additionalProperties:
items:
type: string
type: array
description: '`params` define optional HTTP URL parameters.'
type: object
path:
description: |-
HTTP path from which to scrape for metrics.
If empty, Prometheus uses the default value (e.g. `/metrics`).
type: string
port:
description: |-
Name of the Pod port which this endpoint refers to.
It takes precedence over `targetPort`.
type: string
proxyUrl:
description: |-
`proxyURL` configures the HTTP Proxy URL (e.g.
"http://proxyserver:2195") to go through when scraping the target.
type: string
relabelings:
description: |-
`relabelings` configures the relabeling rules to apply the target's
metadata labels.
The Operator automatically adds relabelings for a few standard Kubernetes fields.
The original scrape job's name is available via the `__tmp_prometheus_job_name` label.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
items:
description: |-
RelabelConfig allows dynamic rewriting of the label set for targets, alerts,
scraped samples and remote write samples.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
properties:
action:
default: replace
description: |-
Action to perform based on the regex matching.
`Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0.
`DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0.
Default: "Replace"
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: |-
Modulus to take of the hash of the source label values.
Only applicable when the action is `HashMod`.
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched.
type: string
replacement:
description: |-
Replacement value against which a Replace action is performed if the
regular expression matches.
Regex capture groups are available.
type: string
separator:
description: Separator is the string between concatenated
SourceLabels.
type: string
sourceLabels:
description: |-
The source labels select values from existing labels. Their content is
concatenated using the configured Separator and matched against the
configured regular expression.
items:
description: |-
LabelName is a valid Prometheus label name which may only contain ASCII
letters, numbers, as well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: |-
Label to which the resulting string is written in a replacement.
It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`,
`KeepEqual` and `DropEqual` actions.
Regex capture groups are available.
type: string
type: object
type: array
scheme:
description: |-
HTTP scheme to use for scraping.
`http` and `https` are the expected values unless you rewrite the
`__scheme__` label via relabeling.
If empty, Prometheus uses the default value `http`.
enum:
- http
- https
type: string
scrapeTimeout:
description: |-
Timeout after which Prometheus considers the scrape to be failed.
If empty, Prometheus uses the global scrape timeout unless it is less
than the target's scrape interval value in which the latter is used.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
targetPort:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the target port of the `Pod` object behind the Service, the
port must be specified with container port property.
Deprecated: use 'port' instead.
x-kubernetes-int-or-string: true
tlsConfig:
description: TLS configuration to use when scraping the target.
properties:
ca:
description: Certificate authority used when verifying server
certificates.
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
cert:
description: Client certificate to present when doing client-authentication.
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keySecret:
description: Secret containing the client key file for the
targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
TODO: Add other useful fields. apiVersion, kind, uid?
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
trackTimestampsStaleness:
description: |-
`trackTimestampsStaleness` defines whether Prometheus tracks staleness of
the metrics that have an explicit timestamp present in scraped data.
Has no effect if `honorTimestamps` is false.
It requires Prometheus >= v2.48.0.
type: boolean
type: object
type: array
podTargetLabels:
description: |-
`podTargetLabels` defines the labels which are transferred from the
associated Kubernetes `Pod` object onto the ingested metrics.
items:
type: string
type: array
sampleLimit:
description: |-
`sampleLimit` defines a per-scrape limit on the number of scraped samples
that will be accepted.
format: int64
type: integer
scrapeClass:
description: The scrape class to apply.
minLength: 1
type: string
scrapeProtocols:
description: |-
`scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the
protocols supported by Prometheus in order of preference (from most to least preferred).
If unset, Prometheus uses its default value.
It requires Prometheus >= v2.49.0.
items:
description: |-
ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.
Supported values are:
* `OpenMetricsText0.0.1`
* `OpenMetricsText1.0.0`
* `PrometheusProto`
* `PrometheusText0.0.4`
enum:
- PrometheusProto
- OpenMetricsText0.0.1
- OpenMetricsText1.0.0
- PrometheusText0.0.4
type: string
type: array
x-kubernetes-list-type: set
selector:
description: Label selector to select the Kubernetes `Pod` objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
targetLimit:
description: |-
`targetLimit` defines a limit on the number of scraped targets that will
be accepted.
format: int64
type: integer
required:
- selector
type: object
required:
- spec
type: object
served: true
storage: true