From 54e00220bd1278d092c38128da95b1ecd4e8e188 Mon Sep 17 00:00:00 2001 From: Simon Pasquier Date: Thu, 12 Oct 2023 15:32:57 +0200 Subject: [PATCH] feat: bump Prometheus operator to v0.68.0 Signed-off-by: Simon Pasquier --- .../monitoring.rhobs_alertmanagerconfigs.yaml | 2421 +++++++++++------ .../monitoring.rhobs_alertmanagers.yaml | 275 +- .../monitoring.rhobs_monitoringstacks.yaml | 66 +- .../monitoring.rhobs_podmonitors.yaml | 99 +- bundle/manifests/monitoring.rhobs_probes.yaml | 138 +- .../monitoring.rhobs_prometheusagents.yaml | 333 ++- .../monitoring.rhobs_prometheuses.yaml | 414 ++- .../monitoring.rhobs_scrapeconfigs.yaml | 884 +++++- .../monitoring.rhobs_servicemonitors.yaml | 99 +- .../monitoring.rhobs_thanosrulers.yaml | 185 +- ...webhook_policy_v1_poddisruptionbudget.yaml | 2 +- ...operator-admission-webhook_v1_service.yaml | 2 +- .../obo-prometheus-operator_v1_service.yaml | 2 +- ...bility-operator.clusterserviceversion.yaml | 16 +- .../monitoring.rhobs_monitoringstacks.yaml | 66 +- deploy/dependencies/kustomization.yaml | 42 +- docs/api.md | 39 +- go.mod | 10 +- go.sum | 22 +- 19 files changed, 3654 insertions(+), 1461 deletions(-) diff --git a/bundle/manifests/monitoring.rhobs_alertmanagerconfigs.yaml b/bundle/manifests/monitoring.rhobs_alertmanagerconfigs.yaml index 4d6989f31..e1b894ffc 100644 --- a/bundle/manifests/monitoring.rhobs_alertmanagerconfigs.yaml +++ b/bundle/manifests/monitoring.rhobs_alertmanagerconfigs.yaml @@ -210,39 +210,15 @@ spec: items: description: Receiver defines one or more notification integrations. properties: - emailConfigs: - description: List of Email configurations. + discordConfigs: + description: List of Discord configurations. items: - description: EmailConfig configures notifications via Email. + description: DiscordConfig configures notifications via Discord. + See https://prometheus.io/docs/alerting/latest/configuration/#discord_config properties: - authIdentity: - description: The identity to use for authentication. - type: string - authPassword: - description: The secret's key that contains the password - to use for authentication. The secret needs to be in - the same namespace as the AlertmanagerConfig object - and accessible by the Prometheus Operator. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - authSecret: - description: The secret's key that contains the CRAM-MD5 - secret. The secret needs to be in the same namespace + apiURL: + description: The secret's key that contains the Discord + webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -262,64 +238,23 @@ spec: required: - key type: object - authUsername: - description: The username to use for authentication. - type: string - from: - description: The sender address. - type: string - headers: - description: Further headers email header key/value pairs. - Overrides any headers previously set by the notification - implementation. - items: - description: KeyValue defines a (key, value) tuple. - properties: - key: - description: Key of the tuple. - minLength: 1 - type: string - value: - description: Value of the tuple. - type: string - required: - - key - - value - type: object - type: array - hello: - description: The hostname to identify to the SMTP server. - type: string - html: - description: The HTML body of the email notification. - type: string - requireTLS: - description: The SMTP TLS requirement. Note that Go does - not support unencrypted connections to remote SMTP endpoints. - type: boolean - sendResolved: - description: Whether or not to notify about resolved alerts. - type: boolean - smarthost: - description: The SMTP host and port through which emails - are sent. E.g. example.com:25 - type: string - text: - description: The text body of the email notification. - type: string - tlsConfig: - description: TLS configuration + httpConfig: + description: HTTP client configuration. properties: - ca: - description: Certificate authority used when verifying - server certificates. + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. properties: - configMap: - description: ConfigMap containing data to use - for the targets. + credentials: + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: - description: The key to select. + description: The key of the secret to select + from. Must be a valid secret key. type: string name: description: 'Name of the referent. More info: @@ -328,16 +263,49 @@ spec: kind, uid?' type: string optional: - description: Specify whether the ConfigMap - or its key must be defined + description: Specify whether the Secret or + its key must be defined type: boolean required: - key type: object x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for - the targets. + type: + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. properties: key: description: The key of the secret to select @@ -358,16 +326,94 @@ spec: type: object x-kubernetes-map-type: atomic type: object - cert: - description: Client certificate to present when doing - client-authentication. + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. properties: - configMap: - description: ConfigMap containing data to use - for the targets. + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret properties: key: - description: The key to select. + description: The key of the secret to select + from. Must be a valid secret key. type: string name: description: 'Name of the referent. More info: @@ -376,16 +422,799 @@ spec: kind, uid?' type: string optional: - description: Specify whether the ConfigMap - or its key must be defined + description: Specify whether the Secret or + its key must be defined type: boolean required: - key type: object x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use for - the targets. + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Certificate authority used when verifying + server certificates. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when + doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The template of the message's body. + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + title: + description: The template of the message's title. + type: string + required: + - apiURL + type: object + type: array + emailConfigs: + description: List of Email configurations. + items: + description: EmailConfig configures notifications via Email. + properties: + authIdentity: + description: The identity to use for authentication. + type: string + authPassword: + description: The secret's key that contains the password + to use for authentication. The secret needs to be in + the same namespace as the AlertmanagerConfig object + and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + authSecret: + description: The secret's key that contains the CRAM-MD5 + secret. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + authUsername: + description: The username to use for authentication. + type: string + from: + description: The sender address. + type: string + headers: + description: Further headers email header key/value pairs. + Overrides any headers previously set by the notification + implementation. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + hello: + description: The hostname to identify to the SMTP server. + type: string + html: + description: The HTML body of the email notification. + type: string + requireTLS: + description: The SMTP TLS requirement. Note that Go does + not support unencrypted connections to remote SMTP endpoints. + type: boolean + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + smarthost: + description: The SMTP host and port through which emails + are sent. E.g. example.com:25 + type: string + text: + description: The text body of the email notification. + type: string + tlsConfig: + description: TLS configuration + properties: + ca: + description: Certificate authority used when verifying + server certificates. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when doing + client-authentication. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file + for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + to: + description: The email address to send notifications to. + type: string + type: object + type: array + name: + description: Name of the receiver. Must be unique across all + items from the list. + minLength: 1 + type: string + opsgenieConfigs: + description: List of OpsGenie configurations. + items: + description: OpsGenieConfig configures notifications via OpsGenie. + See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config + properties: + actions: + description: Comma separated list of actions that will + be available for the alert. + type: string + apiKey: + description: The secret's key that contains the OpsGenie + API key. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + apiURL: + description: The URL to send OpsGenie API requests to. + type: string + description: + description: Description of the incident. + type: string + details: + description: A set of arbitrary key/value pairs that provide + further detail about the incident. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + entity: + description: Optional field that can be used to specify + which domain alert is related to. + type: string + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Certificate authority used when verifying + server certificates. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when + doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. properties: key: description: The key of the secret to select @@ -405,87 +1234,95 @@ spec: - key type: object x-kubernetes-map-type: atomic - type: object - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keySecret: - description: Secret containing the client key file - for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + serverName: + description: Used to verify the hostname for the + targets. type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the targets. - type: string type: object - to: - description: The email address to send notifications to. + message: + description: Alert text limited to 130 characters. + type: string + note: + description: Additional alert note. + type: string + priority: + description: Priority level of alert. Possible values + are P1, P2, P3, P4, and P5. + type: string + responders: + description: List of responders responsible for notifications. + items: + description: OpsGenieConfigResponder defines a responder + to an incident. One of `id`, `name` or `username` + has to be defined. + properties: + id: + description: ID of the responder. + type: string + name: + description: Name of the responder. + type: string + type: + description: Type of responder. + enum: + - team + - teams + - user + - escalation + - schedule + minLength: 1 + type: string + username: + description: Username of the responder. + type: string + required: + - type + type: object + type: array + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + source: + description: Backlink to the sender of the notification. + type: string + tags: + description: Comma separated list of tags attached to + the notifications. type: string + updateAlerts: + description: Whether to update message and description + of the alert in OpsGenie if it already exists By default, + the alert is never updated in OpsGenie, the new message + only appears in activity log. + type: boolean type: object type: array - name: - description: Name of the receiver. Must be unique across all - items from the list. - minLength: 1 - type: string - opsgenieConfigs: - description: List of OpsGenie configurations. + pagerdutyConfigs: + description: List of PagerDuty configurations. items: - description: OpsGenieConfig configures notifications via OpsGenie. - See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config + description: PagerDutyConfig configures notifications via + PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config properties: - actions: - description: Comma separated list of actions that will - be available for the alert. + class: + description: The class/type of the event. type: string - apiKey: - description: The secret's key that contains the OpsGenie - API key. The secret needs to be in the same namespace - as the AlertmanagerConfig object and accessible by the - Prometheus Operator. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - apiURL: - description: The URL to send OpsGenie API requests to. + client: + description: Client identification. + type: string + clientURL: + description: Backlink to the sender of notification. + type: string + component: + description: The part or component of the affected system + that is broken. type: string description: description: Description of the incident. type: string details: - description: A set of arbitrary key/value pairs that provide - further detail about the incident. + description: Arbitrary key/value pairs that provide further + detail about the incident. items: description: KeyValue defines a (key, value) tuple. properties: @@ -501,9 +1338,8 @@ spec: - value type: object type: array - entity: - description: Optional field that can be used to specify - which domain alert is related to. + group: + description: A cluster or grouping of sources. type: string httpConfig: description: HTTP client configuration. @@ -515,8 +1351,9 @@ spec: v0.22+. properties: credentials: - description: The secret's key that contains the - credentials of the request + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select @@ -537,8 +1374,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -850,107 +1688,117 @@ spec: type: string type: object type: object - message: - description: Alert text limited to 130 characters. - type: string - note: - description: Additional alert note. - type: string - priority: - description: Priority level of alert. Possible values - are P1, P2, P3, P4, and P5. - type: string - responders: - description: List of responders responsible for notifications. + pagerDutyImageConfigs: + description: A list of image details to attach that provide + further detail about an incident. items: - description: OpsGenieConfigResponder defines a responder - to an incident. One of `id`, `name` or `username` - has to be defined. + description: PagerDutyImageConfig attaches images to + an incident properties: - id: - description: ID of the responder. + alt: + description: Alt is the optional alternative text + for the image. type: string - name: - description: Name of the responder. + href: + description: Optional URL; makes the image a clickable + link. type: string - type: - description: Type of responder. - enum: - - team - - teams - - user - - escalation - - schedule - minLength: 1 + src: + description: Src of the image being attached to + the incident type: string - username: - description: Username of the responder. + type: object + type: array + pagerDutyLinkConfigs: + description: A list of link details to attach that provide + further detail about an incident. + items: + description: PagerDutyLinkConfig attaches text links + to an incident + properties: + alt: + description: Text that describes the purpose of + the link, and can be used as the link's text. + type: string + href: + description: Href is the URL of the link to be attached type: string - required: - - type type: object type: array + routingKey: + description: The secret's key that contains the PagerDuty + integration key (when using Events API v2). Either this + field or `serviceKey` needs to be defined. The secret + needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object sendResolved: description: Whether or not to notify about resolved alerts. type: boolean - source: - description: Backlink to the sender of the notification. + serviceKey: + description: The secret's key that contains the PagerDuty + service key (when using integration type "Prometheus"). + Either this field or `routingKey` needs to be defined. + The secret needs to be in the same namespace as the + AlertmanagerConfig object and accessible by the Prometheus + Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + severity: + description: Severity of the incident. type: string - tags: - description: Comma separated list of tags attached to - the notifications. + url: + description: The URL to send requests to. type: string - updateAlerts: - description: Whether to update message and description - of the alert in OpsGenie if it already exists By default, - the alert is never updated in OpsGenie, the new message - only appears in activity log. - type: boolean type: object type: array - pagerdutyConfigs: - description: List of PagerDuty configurations. + pushoverConfigs: + description: List of Pushover configurations. items: - description: PagerDutyConfig configures notifications via - PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config + description: PushoverConfig configures notifications via Pushover. + See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config properties: - class: - description: The class/type of the event. - type: string - client: - description: Client identification. - type: string - clientURL: - description: Backlink to the sender of notification. - type: string - component: - description: The part or component of the affected system - that is broken. - type: string - description: - description: Description of the incident. - type: string - details: - description: Arbitrary key/value pairs that provide further - detail about the incident. - items: - description: KeyValue defines a (key, value) tuple. - properties: - key: - description: Key of the tuple. - minLength: 1 - type: string - value: - description: Value of the tuple. - type: string - required: - - key - - value - type: object - type: array - group: - description: A cluster or grouping of sources. + expire: + description: How long your notification will continue + to be retried for, unless the user acknowledges the + notification. + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ type: string + html: + description: Whether notification message is HTML or plain + text. + type: boolean httpConfig: description: HTTP client configuration. properties: @@ -961,8 +1809,9 @@ spec: v0.22+. properties: credentials: - description: The secret's key that contains the - credentials of the request + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select @@ -983,8 +1832,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -1296,49 +2146,35 @@ spec: type: string type: object type: object - pagerDutyImageConfigs: - description: A list of image details to attach that provide - further detail about an incident. - items: - description: PagerDutyImageConfig attaches images to - an incident - properties: - alt: - description: Alt is the optional alternative text - for the image. - type: string - href: - description: Optional URL; makes the image a clickable - link. - type: string - src: - description: Src of the image being attached to - the incident - type: string - type: object - type: array - pagerDutyLinkConfigs: - description: A list of link details to attach that provide - further detail about an incident. - items: - description: PagerDutyLinkConfig attaches text links - to an incident - properties: - alt: - description: Text that describes the purpose of - the link, and can be used as the link's text. - type: string - href: - description: Href is the URL of the link to be attached - type: string - type: object - type: array - routingKey: - description: The secret's key that contains the PagerDuty - integration key (when using Events API v2). Either this - field or `serviceKey` needs to be defined. The secret - needs to be in the same namespace as the AlertmanagerConfig - object and accessible by the Prometheus Operator. + message: + description: Notification message. + type: string + priority: + description: Priority, see https://pushover.net/api#priority + type: string + retry: + description: How often the Pushover servers will send + the same notification to the user. Must be at least + 30 seconds. + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + sound: + description: The name of one of the sounds supported by + device clients to override the user's default sound + choice + type: string + title: + description: Notification title. + type: string + token: + description: The secret's key that contains the registered + application's API token, see https://pushover.net/apps. + The secret needs to be in the same namespace as the + AlertmanagerConfig object and accessible by the Prometheus + Operator. properties: key: description: The key of the secret to select from. Must @@ -1356,16 +2192,18 @@ spec: required: - key type: object - sendResolved: - description: Whether or not to notify about resolved alerts. - type: boolean - serviceKey: - description: The secret's key that contains the PagerDuty - service key (when using integration type "Prometheus"). - Either this field or `routingKey` needs to be defined. - The secret needs to be in the same namespace as the - AlertmanagerConfig object and accessible by the Prometheus - Operator. + url: + description: A supplementary URL shown alongside the message. + type: string + urlTitle: + description: A title for supplementary URL, otherwise + just the URL is shown + type: string + userKey: + description: The secret's key that contains the recipient + user's user key. The secret needs to be in the same + namespace as the AlertmanagerConfig object and accessible + by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must @@ -1383,30 +2221,120 @@ spec: required: - key type: object - severity: - description: Severity of the incident. + type: object + type: array + slackConfigs: + description: List of Slack configurations. + items: + description: SlackConfig configures notifications via Slack. + See https://prometheus.io/docs/alerting/latest/configuration/#slack_config + properties: + actions: + description: A list of Slack actions that are sent with + each notification. + items: + description: SlackAction configures a single Slack action + that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields + and https://api.slack.com/docs/message-buttons for + more information. + properties: + confirm: + description: SlackConfirmationField protect users + from destructive actions or particularly distinguished + decisions by asking them to confirm their button + click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields + for more information. + properties: + dismissText: + type: string + okText: + type: string + text: + minLength: 1 + type: string + title: + type: string + required: + - text + type: object + name: + type: string + style: + type: string + text: + minLength: 1 + type: string + type: + minLength: 1 + type: string + url: + type: string + value: + type: string + required: + - text + - type + type: object + type: array + apiURL: + description: The secret's key that contains the Slack + webhook URL. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + callbackId: type: string - url: - description: The URL to send requests to. + channel: + description: The channel or user to send notifications + to. + type: string + color: + type: string + fallback: type: string - type: object - type: array - pushoverConfigs: - description: List of Pushover configurations. - items: - description: PushoverConfig configures notifications via Pushover. - See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config - properties: - expire: - description: How long your notification will continue - to be retried for, unless the user acknowledges the - notification. - pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + fields: + description: A list of Slack fields that are sent with + each notification. + items: + description: SlackField configures a single Slack field + that is sent with each notification. Each field must + contain a title, value, and optionally, a boolean + value to indicate if the field is short enough to + be displayed next to other fields designated as short. + See https://api.slack.com/docs/message-attachments#fields + for more information. + properties: + short: + type: boolean + title: + minLength: 1 + type: string + value: + minLength: 1 + type: string + required: + - title + - value + type: object + type: array + footer: type: string - html: - description: Whether notification message is HTML or plain - text. - type: boolean httpConfig: description: HTTP client configuration. properties: @@ -1417,8 +2345,9 @@ spec: v0.22+. properties: credentials: - description: The secret's key that contains the - credentials of the request + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select @@ -1439,8 +2368,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -1691,256 +2621,114 @@ spec: type: string optional: description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - secret: - description: Secret containing data to use - for the targets. - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keySecret: - description: Secret containing the client key - file for the targets. - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - serverName: - description: Used to verify the hostname for the - targets. - type: string - type: object - type: object - message: - description: Notification message. - type: string - priority: - description: Priority, see https://pushover.net/api#priority - type: string - retry: - description: How often the Pushover servers will send - the same notification to the user. Must be at least - 30 seconds. - pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ - type: string - sendResolved: - description: Whether or not to notify about resolved alerts. - type: boolean - sound: - description: The name of one of the sounds supported by - device clients to override the user's default sound - choice - type: string - title: - description: Notification title. - type: string - token: - description: The secret's key that contains the registered - application's API token, see https://pushover.net/apps. - The secret needs to be in the same namespace as the - AlertmanagerConfig object and accessible by the Prometheus - Operator. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - url: - description: A supplementary URL shown alongside the message. - type: string - urlTitle: - description: A title for supplementary URL, otherwise - just the URL is shown - type: string - userKey: - description: The secret's key that contains the recipient - user's user key. The secret needs to be in the same - namespace as the AlertmanagerConfig object and accessible - by the Prometheus Operator. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - type: object - type: array - slackConfigs: - description: List of Slack configurations. - items: - description: SlackConfig configures notifications via Slack. - See https://prometheus.io/docs/alerting/latest/configuration/#slack_config - properties: - actions: - description: A list of Slack actions that are sent with - each notification. - items: - description: SlackAction configures a single Slack action - that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields - and https://api.slack.com/docs/message-buttons for - more information. - properties: - confirm: - description: SlackConfirmationField protect users - from destructive actions or particularly distinguished - decisions by asking them to confirm their button - click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields - for more information. - properties: - dismissText: - type: string - okText: - type: string - text: - minLength: 1 - type: string - title: - type: string - required: - - text - type: object - name: - type: string - style: - type: string - text: - minLength: 1 - type: string - type: - minLength: 1 - type: string - url: - type: string - value: - type: string - required: - - text - - type - type: object - type: array - apiURL: - description: The secret's key that contains the Slack - webhook URL. The secret needs to be in the same namespace - as the AlertmanagerConfig object and accessible by the - Prometheus Operator. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object type: object - callbackId: - type: string - channel: - description: The channel or user to send notifications - to. + iconEmoji: type: string - color: + iconURL: type: string - fallback: + imageURL: type: string - fields: - description: A list of Slack fields that are sent with - each notification. + linkNames: + type: boolean + mrkdwnIn: items: - description: SlackField configures a single Slack field - that is sent with each notification. Each field must - contain a title, value, and optionally, a boolean - value to indicate if the field is short enough to - be displayed next to other fields designated as short. - See https://api.slack.com/docs/message-attachments#fields - for more information. - properties: - short: - type: boolean - title: - minLength: 1 - type: string - value: - minLength: 1 - type: string - required: - - title - - value - type: object + type: string type: array - footer: + pretext: + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + shortFields: + type: boolean + text: + type: string + thumbURL: + type: string + title: + type: string + titleLink: type: string + username: + type: string + type: object + type: array + snsConfigs: + description: List of SNS configurations + items: + description: SNSConfig configures notifications via AWS SNS. + See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs + properties: + apiURL: + description: The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. + If not specified, the SNS API URL from the SNS SDK will + be used. + type: string + attributes: + additionalProperties: + type: string + description: SNS message attributes. + type: object httpConfig: description: HTTP client configuration. properties: @@ -1951,8 +2739,9 @@ spec: v0.22+. properties: credentials: - description: The secret's key that contains the - credentials of the request + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select @@ -1973,8 +2762,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -2286,53 +3076,143 @@ spec: type: string type: object type: object - iconEmoji: - type: string - iconURL: - type: string - imageURL: + message: + description: The message content of the SNS notification. type: string - linkNames: - type: boolean - mrkdwnIn: - items: - type: string - type: array - pretext: + phoneNumber: + description: Phone number if message is delivered via + SMS in E.164 format. If you don't specify this value, + you must specify a value for the TopicARN or TargetARN. type: string sendResolved: description: Whether or not to notify about resolved alerts. type: boolean - shortFields: - type: boolean - text: - type: string - thumbURL: - type: string - title: + sigv4: + description: Configures AWS's Signature Verification 4 + signing process to sign requests. + properties: + accessKey: + description: AccessKey is the AWS API key. If not + specified, the environment variable `AWS_ACCESS_KEY_ID` + is used. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + profile: + description: Profile is the named AWS profile used + to authenticate. + type: string + region: + description: Region is the AWS region. If blank, the + region from the default credentials chain used. + type: string + roleArn: + description: RoleArn is the named AWS profile used + to authenticate. + type: string + secretKey: + description: SecretKey is the AWS API secret. If not + specified, the environment variable `AWS_SECRET_ACCESS_KEY` + is used. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + subject: + description: Subject line when the message is delivered + to email endpoints. type: string - titleLink: + targetARN: + description: The mobile platform endpoint ARN if message + is delivered via mobile notifications. If you don't + specify this value, you must specify a value for the + topic_arn or PhoneNumber. type: string - username: + topicARN: + description: SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic + If you don't specify this value, you must specify a + value for the PhoneNumber or TargetARN. type: string type: object type: array - snsConfigs: - description: List of SNS configurations + telegramConfigs: + description: List of Telegram configurations. items: - description: SNSConfig configures notifications via AWS SNS. - See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs + description: TelegramConfig configures notifications via Telegram. + See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config properties: apiURL: - description: The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. - If not specified, the SNS API URL from the SNS SDK will - be used. + description: The Telegram API URL i.e. https://api.telegram.org. + If not specified, default API URL will be used. type: string - attributes: - additionalProperties: - type: string - description: SNS message attributes. + botToken: + description: "Telegram bot token. It is mutually exclusive + with `botTokenFile`. The secret needs to be in the same + namespace as the AlertmanagerConfig object and accessible + by the Prometheus Operator. \n Either `botToken` or + `botTokenFile` is required." + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key type: object + botTokenFile: + description: "File to read the Telegram bot token from. + It is mutually exclusive with `botToken`. Either `botToken` + or `botTokenFile` is required. \n It requires Alertmanager + >= v0.26.0." + type: string + chatID: + description: The Telegram chat ID. + format: int64 + type: integer + disableNotifications: + description: Disable telegram notifications + type: boolean httpConfig: description: HTTP client configuration. properties: @@ -2343,8 +3223,9 @@ spec: v0.22+. properties: credentials: - description: The secret's key that contains the - credentials of the request + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select @@ -2365,8 +3246,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -2679,110 +3561,31 @@ spec: type: object type: object message: - description: The message content of the SNS notification. + description: Message template type: string - phoneNumber: - description: Phone number if message is delivered via - SMS in E.164 format. If you don't specify this value, - you must specify a value for the TopicARN or TargetARN. + parseMode: + description: Parse mode for telegram message + enum: + - MarkdownV2 + - Markdown + - HTML type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: Whether to notify about resolved alerts. type: boolean - sigv4: - description: Configures AWS's Signature Verification 4 - signing process to sign requests. - properties: - accessKey: - description: AccessKey is the AWS API key. If not - specified, the environment variable `AWS_ACCESS_KEY_ID` - is used. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - profile: - description: Profile is the named AWS profile used - to authenticate. - type: string - region: - description: Region is the AWS region. If blank, the - region from the default credentials chain used. - type: string - roleArn: - description: RoleArn is the named AWS profile used - to authenticate. - type: string - secretKey: - description: SecretKey is the AWS API secret. If not - specified, the environment variable `AWS_SECRET_ACCESS_KEY` - is used. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - subject: - description: Subject line when the message is delivered - to email endpoints. - type: string - targetARN: - description: The mobile platform endpoint ARN if message - is delivered via mobile notifications. If you don't - specify this value, you must specify a value for the - topic_arn or PhoneNumber. - type: string - topicARN: - description: SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic - If you don't specify this value, you must specify a - value for the PhoneNumber or TargetARN. - type: string type: object type: array - telegramConfigs: - description: List of Telegram configurations. + victoropsConfigs: + description: List of VictorOps configurations. items: - description: TelegramConfig configures notifications via Telegram. - See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config + description: VictorOpsConfig configures notifications via + VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config properties: - apiURL: - description: The Telegram API URL i.e. https://api.telegram.org. - If not specified, default API URL will be used. - type: string - botToken: - description: Telegram bot token The secret needs to be - in the same namespace as the AlertmanagerConfig object - and accessible by the Prometheus Operator. + apiKey: + description: The secret's key that contains the API key + to use when talking to the VictorOps API. The secret + needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must @@ -2800,15 +3603,31 @@ spec: required: - key type: object - chatID: - description: The Telegram chat ID. - format: int64 - type: integer - disableNotifications: - description: Disable telegram notifications - type: boolean + apiUrl: + description: The VictorOps API URL. + type: string + customFields: + description: Additional custom fields for notification. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + entityDisplayName: + description: Contains summary of the alerted problem. + type: string httpConfig: - description: HTTP client configuration. + description: The HTTP client's configuration. properties: authorization: description: Authorization header configuration for @@ -2817,8 +3636,9 @@ spec: v0.22+. properties: credentials: - description: The secret's key that contains the - credentials of the request + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select @@ -2839,8 +3659,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -3152,74 +3973,41 @@ spec: type: string type: object type: object - message: - description: Message template + messageType: + description: Describes the behavior of the alert (CRITICAL, + WARNING, INFO). type: string - parseMode: - description: Parse mode for telegram message - enum: - - MarkdownV2 - - Markdown - - HTML + monitoringTool: + description: The monitoring tool the state message is + from. + type: string + routingKey: + description: A key used to map the alert to a team. type: string sendResolved: - description: Whether to notify about resolved alerts. + description: Whether or not to notify about resolved alerts. type: boolean + stateMessage: + description: Contains long explanation of the alerted + problem. + type: string type: object type: array - victoropsConfigs: - description: List of VictorOps configurations. + webexConfigs: + description: List of Webex configurations. items: - description: VictorOpsConfig configures notifications via - VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config + description: WebexConfig configures notification via Cisco + Webex See https://prometheus.io/docs/alerting/latest/configuration/#webex_config properties: - apiKey: - description: The secret's key that contains the API key - to use when talking to the VictorOps API. The secret - needs to be in the same namespace as the AlertmanagerConfig - object and accessible by the Prometheus Operator. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - apiUrl: - description: The VictorOps API URL. - type: string - customFields: - description: Additional custom fields for notification. - items: - description: KeyValue defines a (key, value) tuple. - properties: - key: - description: Key of the tuple. - minLength: 1 - type: string - value: - description: Value of the tuple. - type: string - required: - - key - - value - type: object - type: array - entityDisplayName: - description: Contains summary of the alerted problem. + apiURL: + description: The Webex Teams API URL i.e. https://webexapis.com/v1/messages + Provide if different from the default API URL. + pattern: ^https?://.+$ type: string httpConfig: - description: The HTTP client's configuration. + description: The HTTP client's configuration. You must + supply the bot token via the `httpConfig.authorization` + field. properties: authorization: description: Authorization header configuration for @@ -3228,8 +4016,9 @@ spec: v0.22+. properties: credentials: - description: The secret's key that contains the - credentials of the request + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select @@ -3250,8 +4039,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -3563,24 +4353,19 @@ spec: type: string type: object type: object - messageType: - description: Describes the behavior of the alert (CRITICAL, - WARNING, INFO). - type: string - monitoringTool: - description: The monitoring tool the state message is - from. + message: + description: Message template type: string - routingKey: - description: A key used to map the alert to a team. + roomID: + description: ID of the Webex Teams room where to send + the messages. + minLength: 1 type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: Whether to notify about resolved alerts. type: boolean - stateMessage: - description: Contains long explanation of the alerted - problem. - type: string + required: + - roomID type: object type: array webhookConfigs: @@ -3599,8 +4384,9 @@ spec: v0.22+. properties: credentials: - description: The secret's key that contains the - credentials of the request + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select @@ -3621,8 +4407,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -4020,8 +4807,9 @@ spec: v0.22+. properties: credentials: - description: The secret's key that contains the - credentials of the request + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select @@ -4042,8 +4830,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: diff --git a/bundle/manifests/monitoring.rhobs_alertmanagers.yaml b/bundle/manifests/monitoring.rhobs_alertmanagers.yaml index 039b7f142..64681361e 100644 --- a/bundle/manifests/monitoring.rhobs_alertmanagers.yaml +++ b/bundle/manifests/monitoring.rhobs_alertmanagers.yaml @@ -1026,8 +1026,8 @@ spec: is only available starting from Alertmanager v0.22+. properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1048,8 +1048,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults - to Bearer, Basic will cause an error + description: "Defines the authentication type. The + value is case-insensitive. \n \"Basic\" is not a + supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -1422,6 +1423,88 @@ spec: - key type: object x-kubernetes-map-type: atomic + smtp: + description: Configures global SMTP parameters. + properties: + authIdentity: + description: SMTP Auth using PLAIN + type: string + authPassword: + description: SMTP Auth using LOGIN and PLAIN. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + authSecret: + description: SMTP Auth using CRAM-MD5. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + authUsername: + description: SMTP Auth using CRAM-MD5, LOGIN and PLAIN. + If empty, Alertmanager doesn't authenticate to the SMTP + server. + type: string + from: + description: The default SMTP From header field. + type: string + hello: + description: The default hostname to identify to the SMTP + server. + type: string + requireTLS: + description: The default SMTP TLS requirement. Note that + Go does not support unencrypted connections to remote + SMTP endpoints. + type: boolean + smartHost: + description: The default SMTP smarthost used for sending + emails. + properties: + host: + description: Defines the host's address, it can be + a DNS name or a literal IP address. + minLength: 1 + type: string + port: + description: Defines the host's port, it can be a + literal port number or a port name. + minLength: 1 + type: string + required: + - host + - port + type: object + type: object type: object name: description: The name of the AlertmanagerConfig resource which @@ -2359,6 +2442,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -2480,8 +2582,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -2514,16 +2616,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -3702,6 +3800,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -3823,8 +3940,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -3857,16 +3974,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -4384,7 +4497,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". + location. Must be set if type is "Localhost". Must NOT be + set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -4448,14 +4562,11 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is alpha-level - and will only be honored by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without the feature flag - will result in errors when validating the Pod. All of a - Pod's containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess containers - and non-HostProcess containers). In addition, if HostProcess - is true then HostNetwork must also be set to true. + be run as a 'Host Process' container. All of a Pod's containers + must have the same effective HostProcess value (it is not + allowed to have a mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true then HostNetwork + must also be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -5043,6 +5154,51 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore + that update and let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n ClaimResourceStatus can be + in any of following states: - ControllerResizeInProgress: + State set when resize controller starts resizing the + volume in control-plane. - ControllerResizeFailed: State + set when resize has failed in resize controller with + a terminal error. - NodeResizePending: State set when + resize controller has finished resizing the volume but + further resizing of volume is needed on the node. - + NodeResizeInProgress: State set when kubelet starts + resizing the volume. - NodeResizeFailed: State set when + resizing has failed in kubelet with a terminal error. + Transient errors don't set NodeResizeFailed. For example: + if expanding a PVC for more capacity - this field can + be one of the following states: - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\" When this field is not set, it + means that no resize operation is in progress for the + given PVC. \n A controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus + should ignore the update for the purpose it was designed. + For example - a controller that only is responsible + for resizing capacity of the volume, should ignore PVC + updates that change other valid resources associated + with PVC. \n This is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -5050,19 +5206,31 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. For - storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for quota - calculation. If a volume expansion capacity request - is lowered, allocatedResources is only lowered if there - are no expansion operations in progress and if the actual - volume capacity is equal or lower than the requested - capacity. This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n Capacity reported here may + be larger than the actual capacity when a volume expansion + operation is requested. For storage quota, the larger + value from allocatedResources and PVC.spec.resources + is used. If allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation. If a volume expansion + capacity request is lowered, allocatedResources is only + lowered if there are no expansion operations in progress + and if the actual volume capacity is equal or lower + than the requested capacity. \n A controller that receives + PVC update with previously unknown resourceName should + ignore the update for the purpose it was designed. For + example - a controller that only is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid resources associated with PVC. + \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." type: object capacity: additionalProperties: @@ -5117,13 +5285,6 @@ spec: phase: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize operation. - ResizeStatus is not set by default but when expansion - is complete resizeStatus is set to empty string by resize - controller or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. - type: string type: object type: object type: object diff --git a/bundle/manifests/monitoring.rhobs_monitoringstacks.yaml b/bundle/manifests/monitoring.rhobs_monitoringstacks.yaml index fb9d6abd2..9d2baf683 100644 --- a/bundle/manifests/monitoring.rhobs_monitoringstacks.yaml +++ b/bundle/manifests/monitoring.rhobs_monitoringstacks.yaml @@ -336,8 +336,8 @@ spec: as `sigv4`, `basicAuth`, or `oauth2`." properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -358,11 +358,12 @@ spec: x-kubernetes-map-type: atomic credentialsFile: description: File to read a secret from, mutually exclusive - with Credentials (from SafeAuthorization) + with `credentials`. type: string type: - description: Set the authentication type. Defaults to - Bearer, Basic will cause an error + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported + value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -414,7 +415,7 @@ spec: x-kubernetes-map-type: atomic type: object bearerToken: - description: "*Warning: this field shouldn't used because + description: "*Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* \n *Deprecated: this will be removed in a future release.*" type: string @@ -436,12 +437,12 @@ spec: metadata to the remote storage. properties: send: - description: Whether metric metadata is sent to the - remote storage or not. + description: Defines whether metric metadata is sent + to the remote storage or not. type: boolean sendInterval: - description: How frequently metric metadata is sent - to the remote storage. + description: Defines how frequently metric metadata + is sent to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object @@ -810,16 +811,17 @@ spec: writeRelabelConfigs: description: The list of remote write relabel configurations. items: - description: 'RelabelConfig allows dynamic rewriting of - the label set, being applied to samples before ingestion. - It defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of + the label set for targets, alerts, scraped samples and + remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex + matching. \n `Uppercase` and `Lowercase` actions + require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` + actions require Prometheus >= v2.41.0. \n Default: + \"Replace\"" enum: - replace - Replace @@ -845,29 +847,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action + is `HashMod`." format: int64 type: integer regex: description: Regular expression against which the - extracted value is matched. Default is '(.*)' + extracted value is matched. type: string replacement: - description: Replacement value against which a regex - replace is performed if the regular expression matches. - Regex capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated - source label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using - the configured separator and matched against the - configured regular expression for the replace, keep, - and drop actions. + the configured Separator and matched against the + configured regular expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, @@ -876,9 +878,11 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is - written in a replace action. It is mandatory for - replace actions. Regex capture groups are available. + description: "Label to which the resulting string + is written in a replacement. \n It is mandatory + for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. \n Regex capture + groups are available." type: string type: object type: array diff --git a/bundle/manifests/monitoring.rhobs_podmonitors.yaml b/bundle/manifests/monitoring.rhobs_podmonitors.yaml index f3abf8fea..d5c02ed95 100644 --- a/bundle/manifests/monitoring.rhobs_podmonitors.yaml +++ b/bundle/manifests/monitoring.rhobs_podmonitors.yaml @@ -51,6 +51,12 @@ spec: jobLabel: description: The label to use to retrieve the job name from. type: string + keepDroppedTargets: + description: "Per-scrape limit on the number of targets dropped by + relabeling that will be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer labelLimit: description: Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. @@ -92,8 +98,8 @@ spec: description: Authorization section for this endpoint properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -112,8 +118,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -210,16 +217,16 @@ spec: description: MetricRelabelConfigs to apply to samples before ingestion. items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It - defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -245,28 +252,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated source - label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using the configured - separator and matched against the configured regular - expression for the replace, keep, and drop actions. + Separator and matched against the configured regular + expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as @@ -275,9 +283,10 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." type: string type: object type: array @@ -394,16 +403,16 @@ spec: is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It - defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -429,28 +438,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated source - label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using the configured - separator and matched against the configured regular - expression for the replace, keep, and drop actions. + Separator and matched against the configured regular + expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as @@ -459,9 +469,10 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." type: string type: object type: array diff --git a/bundle/manifests/monitoring.rhobs_probes.yaml b/bundle/manifests/monitoring.rhobs_probes.yaml index 4943417f2..91f85a282 100644 --- a/bundle/manifests/monitoring.rhobs_probes.yaml +++ b/bundle/manifests/monitoring.rhobs_probes.yaml @@ -43,8 +43,8 @@ spec: description: Authorization section for this endpoint properties: credentials: - description: The secret's key that contains the credentials of - the request + description: Selects a key of a Secret in the namespace that contains + the credentials for authentication. properties: key: description: The key of the secret to select from. Must be @@ -63,8 +63,8 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value is case-insensitive. + \n \"Basic\" is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -140,6 +140,12 @@ spec: jobName: description: The job name assigned to scraped metrics by default. type: string + keepDroppedTargets: + description: "Per-scrape limit on the number of targets dropped by + relabeling that will be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer labelLimit: description: Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. @@ -160,15 +166,16 @@ spec: metricRelabelings: description: MetricRelabelConfigs to apply to samples before ingestion. items: - description: 'RelabelConfig allows dynamic rewriting of the label - set, being applied to samples before ingestion. It defines ``-section - of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of the label + set for targets, alerts, scraped samples and remote write samples. + \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. Default - is 'replace'. uppercase and lowercase actions require Prometheus - >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus + >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -194,28 +201,26 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source label - values. + description: "Modulus to take of the hash of the source label + values. \n Only applicable when the action is `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex capture - groups are available. Default is '$1' + description: "Replacement value against which a Replace action + is performed if the regular expression matches. \n Regex capture + groups are available." type: string separator: - description: Separator placed between concatenated source label - values. default is ';'. + description: Separator is the string between concatenated SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. - Their content is concatenated using the configured separator - and matched against the configured regular expression for - the replace, keep, and drop actions. + Their content is concatenated using the configured Separator + and matched against the configured regular expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores. @@ -223,9 +228,10 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written in - a replace action. It is mandatory for replace actions. Regex - capture groups are available. + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, `HashMod`, + `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. + \n Regex capture groups are available." type: string type: object type: array @@ -390,16 +396,16 @@ spec: scrape job''s name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' items: - description: 'RelabelConfig allows dynamic rewriting of - the label set, being applied to samples before ingestion. - It defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of + the label set for targets, alerts, scraped samples and + remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -425,28 +431,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex - replace is performed if the regular expression matches. - Regex capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated source - label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using the configured - separator and matched against the configured regular - expression for the replace, keep, and drop actions. + Separator and matched against the configured regular + expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, @@ -455,9 +462,10 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + description: "Label to which the resulting string is + written in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." type: string type: object type: array @@ -523,16 +531,16 @@ spec: description: 'RelabelConfigs to apply to the label set of the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' items: - description: 'RelabelConfig allows dynamic rewriting of - the label set, being applied to samples before ingestion. - It defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of + the label set for targets, alerts, scraped samples and + remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -558,28 +566,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex - replace is performed if the regular expression matches. - Regex capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated source - label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using the configured - separator and matched against the configured regular - expression for the replace, keep, and drop actions. + Separator and matched against the configured regular + expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, @@ -588,9 +597,10 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + description: "Label to which the resulting string is + written in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." type: string type: object type: array diff --git a/bundle/manifests/monitoring.rhobs_prometheusagents.yaml b/bundle/manifests/monitoring.rhobs_prometheusagents.yaml index 1268bb6f9..3340a797f 100644 --- a/bundle/manifests/monitoring.rhobs_prometheusagents.yaml +++ b/bundle/manifests/monitoring.rhobs_prometheusagents.yaml @@ -954,11 +954,12 @@ spec: and use the Pod''s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.' properties: authorization: - description: Authorization section for accessing apiserver + description: "Authorization section for the API server. \n Cannot + be set at the same time as `basicAuth`, `bearerToken`, or `bearerTokenFile`." properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace that + contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -978,16 +979,18 @@ spec: x-kubernetes-map-type: atomic credentialsFile: description: File to read a secret from, mutually exclusive - with Credentials (from SafeAuthorization) + with `credentials`. type: string type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value is + case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" type: string type: object basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication + description: "BasicAuth configuration for the API server. \n Cannot + be set at the same time as `authorization`, `bearerToken`, or + `bearerTokenFile`." properties: password: description: The secret in the service monitor namespace that @@ -1031,17 +1034,22 @@ spec: x-kubernetes-map-type: atomic type: object bearerToken: - description: Bearer token for accessing apiserver. + description: "*Warning: this field shouldn't be used because the + token value appears in clear-text. Prefer using `authorization`.* + \n *Deprecated: this will be removed in a future release.*" type: string bearerTokenFile: - description: File to read bearer token for accessing apiserver. + description: "File to read bearer token for accessing apiserver. + \n Cannot be set at the same time as `basicAuth`, `authorization`, + or `bearerToken`. \n *Deprecated: this will be removed in a + future release. Prefer using `authorization`.*" type: string host: - description: Host of apiserver. A valid string consisting of a - hostname or IP followed by an optional port number + description: Kubernetes API address consisting of a hostname or + IP address followed by an optional port number. type: string tlsConfig: - description: TLS Config to use for accessing apiserver. + description: TLS Config to use for the API server. properties: ca: description: Certificate authority used when verifying server @@ -1187,6 +1195,11 @@ spec: deny: type: boolean type: object + bodySizeLimit: + description: BodySizeLimit defines per-scrape on response body size. + Only valid in Prometheus versions 2.45.0 and newer. + pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ + type: string configMaps: description: ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus @@ -2032,6 +2045,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -2153,8 +2185,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -2187,16 +2219,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -2501,6 +2529,15 @@ spec: v2.28.0." pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string + enforcedKeepDroppedTargets: + description: "When defined, enforcedKeepDroppedTargets specifies a + global limit on the number of targets dropped by relabeling that + will be kept in memory. The value overrides any `spec.keepDroppedTargets` + set by ServiceMonitor, PodMonitor, Probe objects unless `spec.keepDroppedTargets` + is greater than zero and less than `spec.enforcedKeepDroppedTargets`. + \n It requires Prometheus >= v2.47.0." + format: int64 + type: integer enforcedLabelLimit: description: "When defined, enforcedLabelLimit specifies a global limit on the number of labels per sample. The value overrides any @@ -2589,6 +2626,7 @@ spec: - servicemonitors - podmonitors - probes + - scrapeconfigs type: string required: - namespace @@ -3514,6 +3552,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -3635,8 +3692,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -3669,16 +3726,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -3957,6 +4010,29 @@ spec: - name type: object type: array + keepDroppedTargets: + description: "Per-scrape limit on the number of targets dropped by + relabeling that will be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer + labelLimit: + description: Per-scrape limit on number of labels that will be accepted + for a sample. Only valid in Prometheus versions 2.45.0 and newer. + format: int64 + type: integer + labelNameLengthLimit: + description: Per-scrape limit on length of labels name that will be + accepted for a sample. Only valid in Prometheus versions 2.45.0 + and newer. + format: int64 + type: integer + labelValueLengthLimit: + description: Per-scrape limit on length of labels value that will + be accepted for a sample. Only valid in Prometheus versions 2.45.0 + and newer. + format: int64 + type: integer listenLocal: description: When true, the Prometheus server listens on the loopback address instead of the Pod IP's address. @@ -4271,8 +4347,8 @@ spec: `sigv4`, `basicAuth`, or `oauth2`." properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -4292,11 +4368,12 @@ spec: x-kubernetes-map-type: atomic credentialsFile: description: File to read a secret from, mutually exclusive - with Credentials (from SafeAuthorization) + with `credentials`. type: string type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -4345,8 +4422,8 @@ spec: x-kubernetes-map-type: atomic type: object bearerToken: - description: "*Warning: this field shouldn't used because the - token value appears in clear-text. Prefer using `authorization`.* + description: "*Warning: this field shouldn't be used because + the token value appears in clear-text. Prefer using `authorization`.* \n *Deprecated: this will be removed in a future release.*" type: string bearerTokenFile: @@ -4367,12 +4444,12 @@ spec: metadata to the remote storage. properties: send: - description: Whether metric metadata is sent to the remote - storage or not. + description: Defines whether metric metadata is sent to + the remote storage or not. type: boolean sendInterval: - description: How frequently metric metadata is sent to the - remote storage. + description: Defines how frequently metric metadata is sent + to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object @@ -4723,16 +4800,16 @@ spec: writeRelabelConfigs: description: The list of remote write relabel configurations. items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It - defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -4758,28 +4835,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated source - label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using the configured - separator and matched against the configured regular - expression for the replace, keep, and drop actions. + Separator and matched against the configured regular + expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as @@ -4788,9 +4866,10 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." type: string type: object type: array @@ -4865,6 +4944,12 @@ spec: is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`." type: string + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. Only valid in Prometheus versions + 2.45.0 and newer. + format: int64 + type: integer scrapeConfigNamespaceSelector: description: Namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches @@ -5073,7 +5158,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". + location. Must be set if type is "Localhost". Must NOT be + set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -5137,14 +5223,11 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is alpha-level - and will only be honored by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without the feature flag - will result in errors when validating the Pod. All of a - Pod's containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess containers - and non-HostProcess containers). In addition, if HostProcess - is true then HostNetwork must also be set to true. + be run as a 'Host Process' container. All of a Pod's containers + must have the same effective HostProcess value (it is not + allowed to have a mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true then HostNetwork + must also be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -5839,6 +5922,51 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore + that update and let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n ClaimResourceStatus can be + in any of following states: - ControllerResizeInProgress: + State set when resize controller starts resizing the + volume in control-plane. - ControllerResizeFailed: State + set when resize has failed in resize controller with + a terminal error. - NodeResizePending: State set when + resize controller has finished resizing the volume but + further resizing of volume is needed on the node. - + NodeResizeInProgress: State set when kubelet starts + resizing the volume. - NodeResizeFailed: State set when + resizing has failed in kubelet with a terminal error. + Transient errors don't set NodeResizeFailed. For example: + if expanding a PVC for more capacity - this field can + be one of the following states: - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\" When this field is not set, it + means that no resize operation is in progress for the + given PVC. \n A controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus + should ignore the update for the purpose it was designed. + For example - a controller that only is responsible + for resizing capacity of the volume, should ignore PVC + updates that change other valid resources associated + with PVC. \n This is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -5846,19 +5974,31 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. For - storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for quota - calculation. If a volume expansion capacity request - is lowered, allocatedResources is only lowered if there - are no expansion operations in progress and if the actual - volume capacity is equal or lower than the requested - capacity. This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n Capacity reported here may + be larger than the actual capacity when a volume expansion + operation is requested. For storage quota, the larger + value from allocatedResources and PVC.spec.resources + is used. If allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation. If a volume expansion + capacity request is lowered, allocatedResources is only + lowered if there are no expansion operations in progress + and if the actual volume capacity is equal or lower + than the requested capacity. \n A controller that receives + PVC update with previously unknown resourceName should + ignore the update for the purpose it was designed. For + example - a controller that only is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid resources associated with PVC. + \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." type: object capacity: additionalProperties: @@ -5913,16 +6053,15 @@ spec: phase: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize operation. - ResizeStatus is not set by default but when expansion - is complete resizeStatus is set to empty string by resize - controller or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. - type: string type: object type: object type: object + targetLimit: + description: TargetLimit defines a limit on the number of scraped + targets that will be accepted. Only valid in Prometheus versions + 2.45.0 and newer. + format: int64 + type: integer tolerations: description: Defines the Pods' tolerations if specified. items: diff --git a/bundle/manifests/monitoring.rhobs_prometheuses.yaml b/bundle/manifests/monitoring.rhobs_prometheuses.yaml index 6ee121726..c73e6f493 100644 --- a/bundle/manifests/monitoring.rhobs_prometheuses.yaml +++ b/bundle/manifests/monitoring.rhobs_prometheuses.yaml @@ -1009,7 +1009,7 @@ spec: against. items: description: AlertmanagerEndpoints defines a selection of a - single Endpoints object containing alertmanager IPs to fire + single Endpoints object containing Alertmanager IPs to fire alerts against. properties: apiVersion: @@ -1017,12 +1017,12 @@ spec: uses to send alerts. It can be "v1" or "v2". type: string authorization: - description: Authorization section for this alertmanager - endpoint + description: "Authorization section for Alertmanager. \n + Cannot be set at the same time as `basicAuth`, or `bearerTokenFile`." properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1042,13 +1042,15 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults to - Bearer, Basic will cause an error + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported + value. \n Default: \"Bearer\"" type: string type: object basicAuth: - description: BasicAuth allow an endpoint to authenticate - over basic authentication + description: "BasicAuth configuration for Alertmanager. + \n Cannot be set at the same time as `bearerTokenFile`, + or `authorization`." properties: password: description: The secret in the service monitor namespace @@ -1094,17 +1096,19 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenFile: - description: BearerTokenFile to read from filesystem to - use when authenticating to Alertmanager. + description: "File to read bearer token for Alertmanager. + \n Cannot be set at the same time as `basicAuth`, or `authorization`. + \n *Deprecated: this will be removed in a future release. + Prefer using `authorization`.*" type: string enableHttp2: description: Whether to enable HTTP2. type: boolean name: - description: Name of Endpoints object in Namespace. + description: Name of the Endpoints object in the namespace. type: string namespace: - description: Namespace of Endpoints object. + description: Namespace of the Endpoints object. type: string pathPrefix: description: Prefix for the HTTP path alerts are pushed @@ -1114,7 +1118,7 @@ spec: anyOf: - type: integer - type: string - description: Port the Alertmanager API is exposed on. + description: Port on which the Alertmanager API is exposed. x-kubernetes-int-or-string: true scheme: description: Scheme to use when firing alerts. @@ -1125,7 +1129,7 @@ spec: pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS Config to use for alertmanager connection. + description: TLS Config to use for Alertmanager. properties: ca: description: Certificate authority used when verifying @@ -1285,11 +1289,12 @@ spec: and use the Pod''s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.' properties: authorization: - description: Authorization section for accessing apiserver + description: "Authorization section for the API server. \n Cannot + be set at the same time as `basicAuth`, `bearerToken`, or `bearerTokenFile`." properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace that + contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1309,16 +1314,18 @@ spec: x-kubernetes-map-type: atomic credentialsFile: description: File to read a secret from, mutually exclusive - with Credentials (from SafeAuthorization) + with `credentials`. type: string type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value is + case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" type: string type: object basicAuth: - description: BasicAuth allow an endpoint to authenticate over - basic authentication + description: "BasicAuth configuration for the API server. \n Cannot + be set at the same time as `authorization`, `bearerToken`, or + `bearerTokenFile`." properties: password: description: The secret in the service monitor namespace that @@ -1362,17 +1369,22 @@ spec: x-kubernetes-map-type: atomic type: object bearerToken: - description: Bearer token for accessing apiserver. + description: "*Warning: this field shouldn't be used because the + token value appears in clear-text. Prefer using `authorization`.* + \n *Deprecated: this will be removed in a future release.*" type: string bearerTokenFile: - description: File to read bearer token for accessing apiserver. + description: "File to read bearer token for accessing apiserver. + \n Cannot be set at the same time as `basicAuth`, `authorization`, + or `bearerToken`. \n *Deprecated: this will be removed in a + future release. Prefer using `authorization`.*" type: string host: - description: Host of apiserver. A valid string consisting of a - hostname or IP followed by an optional port number + description: Kubernetes API address consisting of a hostname or + IP address followed by an optional port number. type: string tlsConfig: - description: TLS Config to use for accessing apiserver. + description: TLS Config to use for the API server. properties: ca: description: Certificate authority used when verifying server @@ -1521,6 +1533,11 @@ spec: baseImage: description: '*Deprecated: use ''spec.image'' instead.*' type: string + bodySizeLimit: + description: BodySizeLimit defines per-scrape on response body size. + Only valid in Prometheus versions 2.45.0 and newer. + pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ + type: string configMaps: description: ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus @@ -2366,6 +2383,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -2487,8 +2523,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -2521,16 +2557,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -2846,6 +2878,15 @@ spec: v2.28.0." pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string + enforcedKeepDroppedTargets: + description: "When defined, enforcedKeepDroppedTargets specifies a + global limit on the number of targets dropped by relabeling that + will be kept in memory. The value overrides any `spec.keepDroppedTargets` + set by ServiceMonitor, PodMonitor, Probe objects unless `spec.keepDroppedTargets` + is greater than zero and less than `spec.enforcedKeepDroppedTargets`. + \n It requires Prometheus >= v2.47.0." + format: int64 + type: integer enforcedLabelLimit: description: "When defined, enforcedLabelLimit specifies a global limit on the number of labels per sample. The value overrides any @@ -2939,6 +2980,7 @@ spec: - servicemonitors - podmonitors - probes + - scrapeconfigs type: string required: - namespace @@ -2951,9 +2993,11 @@ spec: effective. properties: maxSize: - description: Maximum number of exemplars stored in memory for - all series. If not set, Prometheus uses its default value. A - value of zero or less than zero disables the storage. + description: "Maximum number of exemplars stored in memory for + all series. \n exemplar-storage itself must be enabled using + the `spec.enableFeature` option for exemplars to be scraped + in the first place. \n If not set, Prometheus uses its default + value. A value of zero or less than zero disables the storage." format: int64 type: integer type: object @@ -3876,6 +3920,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -3997,8 +4060,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -4031,16 +4094,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -4319,6 +4378,29 @@ spec: - name type: object type: array + keepDroppedTargets: + description: "Per-scrape limit on the number of targets dropped by + relabeling that will be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer + labelLimit: + description: Per-scrape limit on number of labels that will be accepted + for a sample. Only valid in Prometheus versions 2.45.0 and newer. + format: int64 + type: integer + labelNameLengthLimit: + description: Per-scrape limit on length of labels name that will be + accepted for a sample. Only valid in Prometheus versions 2.45.0 + and newer. + format: int64 + type: integer + labelValueLengthLimit: + description: Per-scrape limit on length of labels value that will + be accepted for a sample. Only valid in Prometheus versions 2.45.0 + and newer. + format: int64 + type: integer listenLocal: description: When true, the Prometheus server listens on the loopback address instead of the Pod IP's address. @@ -4690,8 +4772,8 @@ spec: `basicAuth`, or `oauth2`." properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -4711,11 +4793,12 @@ spec: x-kubernetes-map-type: atomic credentialsFile: description: File to read a secret from, mutually exclusive - with Credentials (from SafeAuthorization) + with `credentials`. type: string type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -4764,13 +4847,13 @@ spec: x-kubernetes-map-type: atomic type: object bearerToken: - description: "*Warning: this field shouldn't used because the - token value appears in clear-text. Prefer using `authorization`.* + description: "*Warning: this field shouldn't be used because + the token value appears in clear-text. Prefer using `authorization`.* \n *Deprecated: this will be removed in a future release.*" type: string bearerTokenFile: - description: "File from which to read bearer token for the URL. - \n *Deprecated: this will be removed in a future release. + description: "File from which to read the bearer token for the + URL. \n *Deprecated: this will be removed in a future release. Prefer using `authorization`.*" type: string filterExternalLabels: @@ -5051,8 +5134,8 @@ spec: `sigv4`, `basicAuth`, or `oauth2`." properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -5072,11 +5155,12 @@ spec: x-kubernetes-map-type: atomic credentialsFile: description: File to read a secret from, mutually exclusive - with Credentials (from SafeAuthorization) + with `credentials`. type: string type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -5125,8 +5209,8 @@ spec: x-kubernetes-map-type: atomic type: object bearerToken: - description: "*Warning: this field shouldn't used because the - token value appears in clear-text. Prefer using `authorization`.* + description: "*Warning: this field shouldn't be used because + the token value appears in clear-text. Prefer using `authorization`.* \n *Deprecated: this will be removed in a future release.*" type: string bearerTokenFile: @@ -5147,12 +5231,12 @@ spec: metadata to the remote storage. properties: send: - description: Whether metric metadata is sent to the remote - storage or not. + description: Defines whether metric metadata is sent to + the remote storage or not. type: boolean sendInterval: - description: How frequently metric metadata is sent to the - remote storage. + description: Defines how frequently metric metadata is sent + to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object @@ -5503,16 +5587,16 @@ spec: writeRelabelConfigs: description: The list of remote write relabel configurations. items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It - defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -5538,28 +5622,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated source - label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using the configured - separator and matched against the configured regular - expression for the replace, keep, and drop actions. + Separator and matched against the configured regular + expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as @@ -5568,9 +5653,10 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." type: string type: object type: array @@ -5752,12 +5838,14 @@ spec: description: Defines the configuration of the Prometheus rules' engine. properties: alert: - description: /--rules.alert.*/ command-line arguments + description: "Defines the parameters of the Prometheus rules' + engine. \n Any update to these parameters trigger a restart + of the pods." properties: forGracePeriod: - description: Minimum duration between alert and restored 'for' - state. This is maintained only for alerts with configured - 'for' time greater than grace period. + description: "Minimum duration between alert and restored + 'for' state. \n This is maintained only for alerts with + a configured 'for' time greater than the grace period." type: string forOutageTolerance: description: Max time to tolerate prometheus outage for restoring @@ -5769,6 +5857,12 @@ spec: type: string type: object type: object + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. Only valid in Prometheus versions + 2.45.0 and newer. + format: int64 + type: integer scrapeConfigNamespaceSelector: description: Namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches @@ -5977,7 +6071,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". + location. Must be set if type is "Localhost". Must NOT be + set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -6041,14 +6136,11 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is alpha-level - and will only be honored by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without the feature flag - will result in errors when validating the Pod. All of a - Pod's containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess containers - and non-HostProcess containers). In addition, if HostProcess - is true then HostNetwork must also be set to true. + be run as a 'Host Process' container. All of a Pod's containers + must have the same effective HostProcess value (it is not + allowed to have a mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true then HostNetwork + must also be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -6747,6 +6839,51 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore + that update and let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n ClaimResourceStatus can be + in any of following states: - ControllerResizeInProgress: + State set when resize controller starts resizing the + volume in control-plane. - ControllerResizeFailed: State + set when resize has failed in resize controller with + a terminal error. - NodeResizePending: State set when + resize controller has finished resizing the volume but + further resizing of volume is needed on the node. - + NodeResizeInProgress: State set when kubelet starts + resizing the volume. - NodeResizeFailed: State set when + resizing has failed in kubelet with a terminal error. + Transient errors don't set NodeResizeFailed. For example: + if expanding a PVC for more capacity - this field can + be one of the following states: - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\" When this field is not set, it + means that no resize operation is in progress for the + given PVC. \n A controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus + should ignore the update for the purpose it was designed. + For example - a controller that only is responsible + for resizing capacity of the volume, should ignore PVC + updates that change other valid resources associated + with PVC. \n This is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -6754,19 +6891,31 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. For - storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for quota - calculation. If a volume expansion capacity request - is lowered, allocatedResources is only lowered if there - are no expansion operations in progress and if the actual - volume capacity is equal or lower than the requested - capacity. This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n Capacity reported here may + be larger than the actual capacity when a volume expansion + operation is requested. For storage quota, the larger + value from allocatedResources and PVC.spec.resources + is used. If allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation. If a volume expansion + capacity request is lowered, allocatedResources is only + lowered if there are no expansion operations in progress + and if the actual volume capacity is equal or lower + than the requested capacity. \n A controller that receives + PVC update with previously unknown resourceName should + ignore the update for the purpose it was designed. For + example - a controller that only is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid resources associated with PVC. + \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." type: object capacity: additionalProperties: @@ -6821,13 +6970,6 @@ spec: phase: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize operation. - ResizeStatus is not set by default but when expansion - is complete resizeStatus is set to empty string by resize - controller or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. - type: string type: object type: object type: object @@ -6835,6 +6977,12 @@ spec: description: '*Deprecated: use ''spec.image'' instead. The image''s tag can be specified as part of the image name.*' type: string + targetLimit: + description: TargetLimit defines a limit on the number of scraped + targets that will be accepted. Only valid in Prometheus versions + 2.45.0 and newer. + format: int64 + type: integer thanos: description: "Defines the configuration of the optional Thanos sidecar. \n This section is experimental, it may change significantly without @@ -7632,12 +7780,12 @@ spec: database (TSDB). properties: outOfOrderTimeWindow: - description: Configures how old an out-of-order/out-of-bounds - sample can be w.r.t. the TSDB max time. An out-of-order/out-of-bounds + description: "Configures how old an out-of-order/out-of-bounds + sample can be with respect to the TSDB max time. \n An out-of-order/out-of-bounds sample is ingested into the TSDB as long as the timestamp of - the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). Out - of order ingestion is an experimental feature and requires Prometheus - >= v2.39.0. + the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). \n Out + of order ingestion is an experimental feature. \n It requires + Prometheus >= v2.39.0." pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object diff --git a/bundle/manifests/monitoring.rhobs_scrapeconfigs.yaml b/bundle/manifests/monitoring.rhobs_scrapeconfigs.yaml index eefbde9dd..209e77412 100644 --- a/bundle/manifests/monitoring.rhobs_scrapeconfigs.yaml +++ b/bundle/manifests/monitoring.rhobs_scrapeconfigs.yaml @@ -44,8 +44,8 @@ spec: description: Authorization header to use on every scrape request. properties: credentials: - description: The secret's key that contains the credentials of - the request + description: Selects a key of a Secret in the namespace that contains + the credentials for authentication. properties: key: description: The key of the secret to select from. Must be @@ -64,8 +64,8 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value is case-insensitive. + \n \"Basic\" is not a supported value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -112,6 +112,456 @@ spec: type: object x-kubernetes-map-type: atomic type: object + consulSDConfigs: + description: ConsulSDConfigs defines a list of Consul service discovery + configurations. + items: + description: ConsulSDConfig defines a Consul service discovery configuration + See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#consul_sd_config + properties: + allow_stale: + description: Allow stale Consul results (see https://www.consul.io/api/features/consistency.html). + Will reduce load on Consul. If unset, Prometheus uses its + default value. + type: boolean + authorization: + description: Authorization header configuration to authenticate + against the Consul Server. + properties: + credentials: + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: 'BasicAuth information to authenticate against + the Consul Server. More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: The secret in the service monitor namespace + that contains the password for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor namespace + that contains the username for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + datacenter: + description: Consul Datacenter name, if not provided it will + use the local Consul Agent Datacenter. + type: string + enable_http2: + description: Whether to enable HTTP2. If unset, Prometheus uses + its default value. + type: boolean + follow_redirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. If unset, Prometheus uses its default value. + type: boolean + namespace: + description: Namespaces are only supported in Consul Enterprise. + type: string + no_proxy: + description: Comma-separated string that can contain IPs, CIDR + notation, domain names that should be excluded from proxying. + IP and domain names can contain port numbers. + type: string + node_meta: + additionalProperties: + type: string + description: Node metadata key/value pairs to filter nodes for + a given service. + type: object + x-kubernetes-map-type: atomic + oauth2: + description: Optional OAuth 2.0 configuration. + properties: + clientId: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + partition: + description: Admin Partitions are only supported in Consul Enterprise. + type: string + proxy_connect_header: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + description: Specifies headers to send to proxies during CONNECT + requests. + type: object + x-kubernetes-map-type: atomic + proxy_from_environment: + description: Use proxy URL indicated by environment variables + (HTTP_PROXY, https_proxy, HTTPs_PROXY, https_proxy, and no_proxy) + If unset, Prometheus uses its default value. + type: boolean + proxy_url: + description: Optional proxy URL. + type: string + refresh_interval: + description: The time after which the provided names are refreshed. + On large setup it might be a good idea to increase this value + because the catalog will change all the time. If unset, Prometheus + uses its default value. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + scheme: + description: HTTP Scheme default "http" + enum: + - HTTP + - HTTPS + type: string + server: + description: A valid string consisting of a hostname or IP followed + by an optional port number. + minLength: 1 + type: string + services: + description: A list of services for which targets are retrieved. + If omitted, all services are scraped. + items: + type: string + type: array + x-kubernetes-list-type: atomic + tag_separator: + description: The string by which Consul tags are joined into + the tag label. If unset, Prometheus uses its default value. + type: string + tags: + description: An optional list of tags used to filter nodes for + a given service. Services must contain all tags in the list. + items: + type: string + type: array + x-kubernetes-list-type: atomic + tlsConfig: + description: TLS Config + properties: + ca: + description: Certificate authority used when verifying server + certificates. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tokenRef: + description: Consul ACL TokenRef, if not provided it will use + the ACL from the local Consul Agent. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + required: + - server + type: object + type: array + dnsSDConfigs: + description: DNSSDConfigs defines a list of DNS service discovery + configurations. + items: + description: DNSSDConfig allows specifying a set of DNS domain names + which are periodically queried to discover a list of targets. + The DNS servers to be contacted are read from /etc/resolv.conf. + See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config + properties: + names: + description: A list of DNS domain names to be queried. + items: + type: string + minItems: 1 + type: array + port: + description: The port number used if the query type is not SRV + Ignored for SRV records + type: integer + refreshInterval: + description: RefreshInterval configures the time after which + the provided names are refreshed. If not set, Prometheus uses + its default value. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: + description: The type of DNS query to perform. One of SRV, A, + AAAA or MX. If not set, Prometheus uses its default value. + enum: + - SRV + - A + - AAAA + - MX + type: string + required: + - names + type: object + type: array fileSDConfigs: description: FileSDConfigs defines a list of file service discovery configurations. @@ -160,8 +610,8 @@ spec: against the target HTTP endpoint. properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -180,8 +630,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -235,6 +686,125 @@ spec: target list. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string + tlsConfig: + description: TLS configuration applying to the target HTTP endpoint. + properties: + ca: + description: Certificate authority used when verifying server + certificates. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object url: description: URL from which the targets are fetched. minLength: 1 @@ -244,10 +814,130 @@ spec: - url type: object type: array + keepDroppedTargets: + description: "Per-scrape limit on the number of targets dropped by + relabeling that will be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer + kubernetesSDConfigs: + description: KubernetesSDConfigs defines a list of Kubernetes service + discovery configurations. + items: + description: KubernetesSDConfig allows retrieving scrape targets + from Kubernetes' REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config + properties: + role: + description: Role of the Kubernetes entities that should be + discovered. Currently the only supported role is "Node". + enum: + - Node + type: string + required: + - role + type: object + type: array + labelLimit: + description: Per-scrape limit on number of labels that will be accepted + for a sample. Only valid in Prometheus versions 2.27.0 and newer. + format: int64 + type: integer + labelNameLengthLimit: + description: Per-scrape limit on length of labels name that will be + accepted for a sample. Only valid in Prometheus versions 2.27.0 + and newer. + format: int64 + type: integer + labelValueLengthLimit: + description: Per-scrape limit on length of labels value that will + be accepted for a sample. Only valid in Prometheus versions 2.27.0 + and newer. + format: int64 + type: integer + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: "RelabelConfig allows dynamic rewriting of the label + set for targets, alerts, scraped samples and remote write samples. + \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus + >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source label + values. \n Only applicable when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace action + is performed if the regular expression matches. \n Regex capture + groups are available." + type: string + separator: + description: Separator is the string between concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing labels. + Their content is concatenated using the configured Separator + and matched against the configured regular expression. + items: + description: LabelName is a valid Prometheus label name which + may only contain ASCII letters, numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, `HashMod`, + `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. + \n Regex capture groups are available." + type: string + type: object + type: array metricsPath: description: MetricsPath HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. /metrics). type: string + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + x-kubernetes-map-type: atomic relabelings: description: 'RelabelConfigs defines how to rewrite the target''s labels before scraping. Prometheus Operator automatically adds relabelings @@ -255,15 +945,16 @@ spec: name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' items: - description: 'RelabelConfig allows dynamic rewriting of the label - set, being applied to samples before ingestion. It defines ``-section - of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of the label + set for targets, alerts, scraped samples and remote write samples. + \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. Default - is 'replace'. uppercase and lowercase actions require Prometheus - >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus + >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -289,28 +980,26 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source label - values. + description: "Modulus to take of the hash of the source label + values. \n Only applicable when the action is `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex capture - groups are available. Default is '$1' + description: "Replacement value against which a Replace action + is performed if the regular expression matches. \n Regex capture + groups are available." type: string separator: - description: Separator placed between concatenated source label - values. default is ';'. + description: Separator is the string between concatenated SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. - Their content is concatenated using the configured separator - and matched against the configured regular expression for - the replace, keep, and drop actions. + Their content is concatenated using the configured Separator + and matched against the configured regular expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores. @@ -318,12 +1007,34 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written in - a replace action. It is mandatory for replace actions. Regex - capture groups are available. + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, `HashMod`, + `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. + \n Regex capture groups are available." type: string type: object type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: Configures the protocol scheme used for requests. If + empty, Prometheus uses HTTP by default. + enum: + - HTTP + - HTTPS + type: string + scrapeInterval: + description: ScrapeInterval is the interval between consecutive scrapes. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + scrapeTimeout: + description: ScrapeTimeout is the number of seconds to wait until + a scrape request times out. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string staticConfigs: description: StaticConfigs defines a list of static targets with a common label set. @@ -347,6 +1058,123 @@ spec: type: array type: object type: array + targetLimit: + description: TargetLimit defines a limit on the number of scraped + targets that will be accepted. + format: int64 + type: integer + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Certificate authority used when verifying server + certificates. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object type: object required: - spec diff --git a/bundle/manifests/monitoring.rhobs_servicemonitors.yaml b/bundle/manifests/monitoring.rhobs_servicemonitors.yaml index fce63b882..aeedd8157 100644 --- a/bundle/manifests/monitoring.rhobs_servicemonitors.yaml +++ b/bundle/manifests/monitoring.rhobs_servicemonitors.yaml @@ -58,8 +58,8 @@ spec: description: Authorization section for this endpoint properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -78,8 +78,9 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: Set the authentication type. Defaults to Bearer, - Basic will cause an error + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -179,16 +180,16 @@ spec: description: MetricRelabelConfigs to apply to samples before ingestion. items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It - defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -214,28 +215,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated source - label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using the configured - separator and matched against the configured regular - expression for the replace, keep, and drop actions. + Separator and matched against the configured regular + expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as @@ -244,9 +246,10 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." type: string type: object type: array @@ -363,16 +366,16 @@ spec: is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It - defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" enum: - replace - Replace @@ -398,28 +401,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." format: int64 type: integer regex: description: Regular expression against which the extracted - value is matched. Default is '(.*)' + value is matched. type: string replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated source - label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using the configured - separator and matched against the configured regular - expression for the replace, keep, and drop actions. + Separator and matched against the configured regular + expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as @@ -428,9 +432,10 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." type: string type: object type: array @@ -599,6 +604,12 @@ spec: the given Service, the `job` label of the metrics defaults to the name of the Kubernetes Service." type: string + keepDroppedTargets: + description: "Per-scrape limit on the number of targets dropped by + relabeling that will be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer labelLimit: description: Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. diff --git a/bundle/manifests/monitoring.rhobs_thanosrulers.yaml b/bundle/manifests/monitoring.rhobs_thanosrulers.yaml index c4ed1a553..b80dbb9b9 100644 --- a/bundle/manifests/monitoring.rhobs_thanosrulers.yaml +++ b/bundle/manifests/monitoring.rhobs_thanosrulers.yaml @@ -1820,6 +1820,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -1941,8 +1960,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -1975,16 +1994,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -2303,6 +2318,7 @@ spec: - servicemonitors - podmonitors - probes + - scrapeconfigs type: string required: - namespace @@ -3324,6 +3340,25 @@ spec: cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior of + individual containers in a pod. This field may only be set + for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod''s restart policy + and the container type. Setting the RestartPolicy as "Always" + for the init container will have the following effect: this + init container will be continually restarted on exit until + all regular containers have terminated. Once all regular containers + have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init + containers and is often referred to as a "sidecar" container. + Although this init container still starts in the init container + sequence, it does not wait for the container to complete before + proceeding to the next init container. Instead, the next init + container starts immediately after this init container is + started, or after any startupProbe has successfully completed.' + type: string securityContext: description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext @@ -3445,8 +3480,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured - seccomp profile location. Must only be set if type - is "Localhost". + seccomp profile location. Must be set if type is "Localhost". + Must NOT be set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -3479,16 +3514,12 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is - alpha-level and will only be honored by components - that enable the WindowsHostProcessContainers feature - flag. Setting this field without the feature flag - will result in errors when validating the Pod. All - of a Pod's containers must have the same effective - HostProcess value (it is not allowed to have a mix - of HostProcess containers and non-HostProcess containers). In - addition, if HostProcess is true then HostNetwork - must also be set to true. + be run as a 'Host Process' container. All of a Pod's + containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must also + be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -4165,7 +4196,8 @@ spec: in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". + location. Must be set if type is "Localhost". Must NOT be + set for any other type. type: string type: description: "type indicates which kind of seccomp profile @@ -4229,14 +4261,11 @@ spec: type: string hostProcess: description: HostProcess determines if a container should - be run as a 'Host Process' container. This field is alpha-level - and will only be honored by components that enable the WindowsHostProcessContainers - feature flag. Setting this field without the feature flag - will result in errors when validating the Pod. All of a - Pod's containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess containers - and non-HostProcess containers). In addition, if HostProcess - is true then HostNetwork must also be set to true. + be run as a 'Host Process' container. All of a Pod's containers + must have the same effective HostProcess value (it is not + allowed to have a mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true then HostNetwork + must also be set to true. type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint @@ -4816,6 +4845,51 @@ spec: items: type: string type: array + allocatedResourceStatuses: + additionalProperties: + description: When a controller receives persistentvolume + claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore + that update and let other controllers handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n ClaimResourceStatus can be + in any of following states: - ControllerResizeInProgress: + State set when resize controller starts resizing the + volume in control-plane. - ControllerResizeFailed: State + set when resize has failed in resize controller with + a terminal error. - NodeResizePending: State set when + resize controller has finished resizing the volume but + further resizing of volume is needed on the node. - + NodeResizeInProgress: State set when kubelet starts + resizing the volume. - NodeResizeFailed: State set when + resizing has failed in kubelet with a terminal error. + Transient errors don't set NodeResizeFailed. For example: + if expanding a PVC for more capacity - this field can + be one of the following states: - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\" When this field is not set, it + means that no resize operation is in progress for the + given PVC. \n A controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus + should ignore the update for the purpose it was designed. + For example - a controller that only is responsible + for resizing capacity of the volume, should ignore PVC + updates that change other valid resources associated + with PVC. \n This is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: @@ -4823,19 +4897,31 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. For - storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for quota - calculation. If a volume expansion capacity request - is lowered, allocatedResources is only lowered if there - are no expansion operations in progress and if the actual - volume capacity is equal or lower than the requested - capacity. This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature. + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity. Key names + follow standard Kubernetes label syntax. Valid values + are either: * Un-prefixed keys: - storage - the capacity + of the volume. * Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\" + Apart from above values - keys that are unprefixed or + have kubernetes.io prefix are considered reserved and + hence may not be used. \n Capacity reported here may + be larger than the actual capacity when a volume expansion + operation is requested. For storage quota, the larger + value from allocatedResources and PVC.spec.resources + is used. If allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation. If a volume expansion + capacity request is lowered, allocatedResources is only + lowered if there are no expansion operations in progress + and if the actual volume capacity is equal or lower + than the requested capacity. \n A controller that receives + PVC update with previously unknown resourceName should + ignore the update for the purpose it was designed. For + example - a controller that only is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid resources associated with PVC. + \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." type: object capacity: additionalProperties: @@ -4890,13 +4976,6 @@ spec: phase: description: phase represents the current phase of PersistentVolumeClaim. type: string - resizeStatus: - description: resizeStatus stores status of resize operation. - ResizeStatus is not set by default but when expansion - is complete resizeStatus is set to empty string by resize - controller or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. - type: string type: object type: object type: object diff --git a/bundle/manifests/obo-prometheus-operator-admission-webhook_policy_v1_poddisruptionbudget.yaml b/bundle/manifests/obo-prometheus-operator-admission-webhook_policy_v1_poddisruptionbudget.yaml index e3316668b..58160090e 100644 --- a/bundle/manifests/obo-prometheus-operator-admission-webhook_policy_v1_poddisruptionbudget.yaml +++ b/bundle/manifests/obo-prometheus-operator-admission-webhook_policy_v1_poddisruptionbudget.yaml @@ -4,7 +4,7 @@ metadata: labels: app.kubernetes.io/name: prometheus-operator-admission-webhook app.kubernetes.io/part-of: observability-operator - app.kubernetes.io/version: 0.66.0-rhobs1 + app.kubernetes.io/version: 0.68.0-rhobs1 name: obo-prometheus-operator-admission-webhook spec: minAvailable: 1 diff --git a/bundle/manifests/obo-prometheus-operator-admission-webhook_v1_service.yaml b/bundle/manifests/obo-prometheus-operator-admission-webhook_v1_service.yaml index ef7c7918f..b9fa3dd4c 100644 --- a/bundle/manifests/obo-prometheus-operator-admission-webhook_v1_service.yaml +++ b/bundle/manifests/obo-prometheus-operator-admission-webhook_v1_service.yaml @@ -5,7 +5,7 @@ metadata: labels: app.kubernetes.io/name: prometheus-operator-admission-webhook app.kubernetes.io/part-of: observability-operator - app.kubernetes.io/version: 0.66.0-rhobs1 + app.kubernetes.io/version: 0.68.0-rhobs1 name: obo-prometheus-operator-admission-webhook spec: ports: diff --git a/bundle/manifests/obo-prometheus-operator_v1_service.yaml b/bundle/manifests/obo-prometheus-operator_v1_service.yaml index 5e41d6488..dee0151ee 100644 --- a/bundle/manifests/obo-prometheus-operator_v1_service.yaml +++ b/bundle/manifests/obo-prometheus-operator_v1_service.yaml @@ -6,7 +6,7 @@ metadata: app.kubernetes.io/component: controller app.kubernetes.io/name: prometheus-operator app.kubernetes.io/part-of: observability-operator - app.kubernetes.io/version: 0.66.0-rhobs1 + app.kubernetes.io/version: 0.68.0-rhobs1 name: obo-prometheus-operator spec: clusterIP: None diff --git a/bundle/manifests/observability-operator.clusterserviceversion.yaml b/bundle/manifests/observability-operator.clusterserviceversion.yaml index 213431725..0e0b7944f 100644 --- a/bundle/manifests/observability-operator.clusterserviceversion.yaml +++ b/bundle/manifests/observability-operator.clusterserviceversion.yaml @@ -42,7 +42,7 @@ metadata: categories: Monitoring certified: "false" containerImage: observability-operator:0.0.26 - createdAt: "2023-10-11T12:07:39Z" + createdAt: "2023-10-12T14:19:51Z" description: A Go based Kubernetes operator to setup and manage highly available Monitoring Stack using Prometheus, Alertmanager and Thanos Querier. operators.operatorframework.io/builder: operator-sdk-v1.31.0 @@ -418,7 +418,7 @@ spec: app.kubernetes.io/component: controller app.kubernetes.io/name: prometheus-operator app.kubernetes.io/part-of: observability-operator - app.kubernetes.io/version: 0.66.0-rhobs1 + app.kubernetes.io/version: 0.68.0-rhobs1 name: obo-prometheus-operator spec: replicas: 1 @@ -437,7 +437,7 @@ spec: app.kubernetes.io/component: controller app.kubernetes.io/name: prometheus-operator app.kubernetes.io/part-of: observability-operator - app.kubernetes.io/version: 0.66.0-rhobs1 + app.kubernetes.io/version: 0.68.0-rhobs1 spec: affinity: nodeAffinity: @@ -450,11 +450,11 @@ spec: automountServiceAccountToken: true containers: - args: - - --prometheus-config-reloader=quay.io/rhobs/obo-prometheus-config-reloader:v0.66.0-rhobs1 + - --prometheus-config-reloader=quay.io/rhobs/obo-prometheus-config-reloader:v0.68.0-rhobs1 - --prometheus-instance-selector=app.kubernetes.io/managed-by=observability-operator - --alertmanager-instance-selector=app.kubernetes.io/managed-by=observability-operator - --thanos-ruler-instance-selector=app.kubernetes.io/managed-by=observability-operator - image: quay.io/rhobs/obo-prometheus-operator:v0.66.0-rhobs1 + image: quay.io/rhobs/obo-prometheus-operator:v0.68.0-rhobs1 name: prometheus-operator ports: - containerPort: 8080 @@ -484,7 +484,7 @@ spec: - label: app.kubernetes.io/name: prometheus-operator-admission-webhook app.kubernetes.io/part-of: observability-operator - app.kubernetes.io/version: 0.66.0-rhobs1 + app.kubernetes.io/version: 0.68.0-rhobs1 name: obo-prometheus-operator-admission-webhook spec: replicas: 2 @@ -502,7 +502,7 @@ spec: labels: app.kubernetes.io/name: prometheus-operator-admission-webhook app.kubernetes.io/part-of: observability-operator - app.kubernetes.io/version: 0.66.0-rhobs1 + app.kubernetes.io/version: 0.68.0-rhobs1 spec: affinity: nodeAffinity: @@ -527,7 +527,7 @@ spec: - --web.enable-tls=true - --web.cert-file=/tmp/k8s-webhook-server/serving-certs/tls.crt - --web.key-file=/tmp/k8s-webhook-server/serving-certs/tls.key - image: quay.io/rhobs/obo-admission-webhook:v0.66.0-rhobs1 + image: quay.io/rhobs/obo-admission-webhook:v0.68.0-rhobs1 name: prometheus-operator-admission-webhook ports: - containerPort: 8443 diff --git a/deploy/crds/common/monitoring.rhobs_monitoringstacks.yaml b/deploy/crds/common/monitoring.rhobs_monitoringstacks.yaml index 7c967e2a5..6c13a619b 100644 --- a/deploy/crds/common/monitoring.rhobs_monitoringstacks.yaml +++ b/deploy/crds/common/monitoring.rhobs_monitoringstacks.yaml @@ -337,8 +337,8 @@ spec: as `sigv4`, `basicAuth`, or `oauth2`." properties: credentials: - description: The secret's key that contains the credentials - of the request + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -359,11 +359,12 @@ spec: x-kubernetes-map-type: atomic credentialsFile: description: File to read a secret from, mutually exclusive - with Credentials (from SafeAuthorization) + with `credentials`. type: string type: - description: Set the authentication type. Defaults to - Bearer, Basic will cause an error + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported + value. \n Default: \"Bearer\"" type: string type: object basicAuth: @@ -415,7 +416,7 @@ spec: x-kubernetes-map-type: atomic type: object bearerToken: - description: "*Warning: this field shouldn't used because + description: "*Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* \n *Deprecated: this will be removed in a future release.*" type: string @@ -437,12 +438,12 @@ spec: metadata to the remote storage. properties: send: - description: Whether metric metadata is sent to the - remote storage or not. + description: Defines whether metric metadata is sent + to the remote storage or not. type: boolean sendInterval: - description: How frequently metric metadata is sent - to the remote storage. + description: Defines how frequently metric metadata + is sent to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object @@ -811,16 +812,17 @@ spec: writeRelabelConfigs: description: The list of remote write relabel configurations. items: - description: 'RelabelConfig allows dynamic rewriting of - the label set, being applied to samples before ingestion. - It defines ``-section of Prometheus - configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: "RelabelConfig allows dynamic rewriting of + the label set for targets, alerts, scraped samples and + remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" properties: action: default: replace - description: Action to perform based on regex matching. - Default is 'replace'. uppercase and lowercase actions - require Prometheus >= 2.36. + description: "Action to perform based on the regex + matching. \n `Uppercase` and `Lowercase` actions + require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` + actions require Prometheus >= v2.41.0. \n Default: + \"Replace\"" enum: - replace - Replace @@ -846,29 +848,29 @@ spec: - DropEqual type: string modulus: - description: Modulus to take of the hash of the source - label values. + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action + is `HashMod`." format: int64 type: integer regex: description: Regular expression against which the - extracted value is matched. Default is '(.*)' + extracted value is matched. type: string replacement: - description: Replacement value against which a regex - replace is performed if the regular expression matches. - Regex capture groups are available. Default is '$1' + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." type: string separator: - description: Separator placed between concatenated - source label values. default is ';'. + description: Separator is the string between concatenated + SourceLabels. type: string sourceLabels: description: The source labels select values from existing labels. Their content is concatenated using - the configured separator and matched against the - configured regular expression for the replace, keep, - and drop actions. + the configured Separator and matched against the + configured regular expression. items: description: LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, @@ -877,9 +879,11 @@ spec: type: string type: array targetLabel: - description: Label to which the resulting value is - written in a replace action. It is mandatory for - replace actions. Regex capture groups are available. + description: "Label to which the resulting string + is written in a replacement. \n It is mandatory + for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. \n Regex capture + groups are available." type: string type: object type: array diff --git a/deploy/dependencies/kustomization.yaml b/deploy/dependencies/kustomization.yaml index dddfa286f..ab2974ffd 100644 --- a/deploy/dependencies/kustomization.yaml +++ b/deploy/dependencies/kustomization.yaml @@ -4,34 +4,34 @@ kind: Kustomization resources: # CRDs -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_alertmanagers.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_podmonitors.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_probes.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_prometheuses.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_prometheusrules.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_servicemonitors.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_thanosrulers.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_prometheusagents.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_alertmanagerconfigs.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_scrapeconfigs.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_alertmanagers.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_podmonitors.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_probes.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_prometheuses.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_prometheusrules.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_servicemonitors.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_thanosrulers.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_prometheusagents.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_alertmanagerconfigs.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/prometheus-operator-crd/monitoring.rhobs_scrapeconfigs.yaml # PO Deployment -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-service.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/rbac/prometheus-operator/prometheus-operator-service.yaml # Admission Webhook Deployment -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/admission-webhook/deployment.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/admission-webhook/service-account.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/admission-webhook/deployment.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/admission-webhook/service-account.yaml # NOTE: a service although automatically created by OLM for webhooks still # requires admission-webhook/service as the port generated by OLM uses 443 # but assumes targetPort to be 443 as opposed to "https" port of webhook - 8443 -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/admission-webhook/service.yaml -- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.66.0-rhobs1/example/admission-webhook/pod-disruption-budget.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/admission-webhook/service.yaml +- https://raw.githubusercontent.com/rhobs/obo-prometheus-operator/v0.68.0-rhobs1/example/admission-webhook/pod-disruption-budget.yaml - admission-webhook/cluster-role.yaml - admission-webhook/cluster-role-binding.yaml @@ -63,9 +63,9 @@ patches: spec: containers: - name: prometheus-operator - image: quay.io/rhobs/obo-prometheus-operator:v0.66.0-rhobs1 + image: quay.io/rhobs/obo-prometheus-operator:v0.68.0-rhobs1 args: - - --prometheus-config-reloader=quay.io/rhobs/obo-prometheus-config-reloader:v0.66.0-rhobs1 + - --prometheus-config-reloader=quay.io/rhobs/obo-prometheus-config-reloader:v0.68.0-rhobs1 - --prometheus-instance-selector=app.kubernetes.io/managed-by=observability-operator - --alertmanager-instance-selector=app.kubernetes.io/managed-by=observability-operator - --thanos-ruler-instance-selector=app.kubernetes.io/managed-by=observability-operator diff --git a/docs/api.md b/docs/api.md index c08fad555..8d4b0718d 100644 --- a/docs/api.md +++ b/docs/api.md @@ -673,7 +673,7 @@ RemoteWriteSpec defines the configuration to write samples from Prometheus to a bearerToken string - *Warning: this field shouldn't used because the token value appears in clear-text. Prefer using `authorization`.* + *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* *Deprecated: this will be removed in a future release.*
false @@ -803,21 +803,23 @@ Authorization section for the URL. credentials object - The secret's key that contains the credentials of the request
+ Selects a key of a Secret in the namespace that contains the credentials for authentication.
false credentialsFile string - File to read a secret from, mutually exclusive with Credentials (from SafeAuthorization)
+ File to read a secret from, mutually exclusive with `credentials`.
false type string - Set the authentication type. Defaults to Bearer, Basic will cause an error
+ Defines the authentication type. The value is case-insensitive. + "Basic" is not a supported value. + Default: "Bearer"
false @@ -829,7 +831,7 @@ Authorization section for the URL. -The secret's key that contains the credentials of the request +Selects a key of a Secret in the namespace that contains the credentials for authentication. @@ -1002,14 +1004,14 @@ MetadataConfig configures the sending of series metadata to the remote storage. @@ -1806,7 +1808,8 @@ Secret containing the client key file for the targets. -RelabelConfig allows dynamic rewriting of the label set, being applied to samples before ingestion. It defines ``-section of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +RelabelConfig allows dynamic rewriting of the label set for targets, alerts, scraped samples and remote write samples. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
send boolean - Whether metric metadata is sent to the remote storage or not.
+ Defines whether metric metadata is sent to the remote storage or not.
 false
sendInterval string - How frequently metric metadata is sent to the remote storage.
+ Defines how frequently metric metadata is sent to the remote storage.
 false
@@ -1821,7 +1824,9 @@ RelabelConfig allows dynamic rewriting of the label set, being applied to sample @@ -1840,35 +1846,38 @@ RelabelConfig allows dynamic rewriting of the label set, being applied to sample diff --git a/go.mod b/go.mod index 01db87987..6122190ae 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/google/go-cmp v0.6.0 github.com/prometheus/common v0.44.0 github.com/prometheus/prometheus v1.8.2-0.20211105201321-411021ada9ab - github.com/rhobs/obo-prometheus-operator/pkg/apis/monitoring v0.66.0-rhobs1 + github.com/rhobs/obo-prometheus-operator/pkg/apis/monitoring v0.68.0-rhobs1 go.uber.org/zap v1.26.0 golang.org/x/exp v0.0.0-20230801115018-d63ba01acd4b gotest.tools/v3 v3.5.1 @@ -79,12 +79,12 @@ require ( go.uber.org/atomic v1.11.0 // indirect go.uber.org/goleak v1.2.1 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/net v0.13.0 // indirect + golang.org/x/net v0.15.0 // indirect golang.org/x/oauth2 v0.10.0 // indirect golang.org/x/sync v0.3.0 // indirect - golang.org/x/sys v0.11.0 // indirect - golang.org/x/term v0.10.0 // indirect - golang.org/x/text v0.11.0 // indirect + golang.org/x/sys v0.12.0 // indirect + golang.org/x/term v0.12.0 // indirect + golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.3.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/go.sum b/go.sum index 99d1efbe5..db642828d 100644 --- a/go.sum +++ b/go.sum @@ -1202,8 +1202,8 @@ github.com/prometheus/prometheus v1.8.2-0.20211105201321-411021ada9ab/go.mod h1: github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/retailnext/hllpp v1.0.1-0.20180308014038-101a6d2f8b52/go.mod h1:RDpi1RftBQPUCDRw6SmxeaREsAaRKnOclghuzp/WRzc= -github.com/rhobs/obo-prometheus-operator/pkg/apis/monitoring v0.66.0-rhobs1 h1:+2dvyv90foYNSUceYWSlE+SfkeJSFRHV9eOqfnhE0Rw= -github.com/rhobs/obo-prometheus-operator/pkg/apis/monitoring v0.66.0-rhobs1/go.mod h1:D7aYXoiteBUNwv3nMQ3NKKNlIEvFA1zS1nKJi7t8/IE= +github.com/rhobs/obo-prometheus-operator/pkg/apis/monitoring v0.68.0-rhobs1 h1:Iyk6usdPqnSd82dXOxDsN1Q7JNrS0/zQvNR3JjzW6OE= +github.com/rhobs/obo-prometheus-operator/pkg/apis/monitoring v0.68.0-rhobs1/go.mod h1:xrsNd6LTiBt9DQuI4GCJK7WsrFyg1JoCJ7Dq6Pz4tcc= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= @@ -1442,7 +1442,7 @@ golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWP golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA= +golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1555,8 +1555,8 @@ golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211020060615-d418f374d309/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.13.0 h1:Nvo8UFsZ8X3BhAC9699Z1j7XQ3rsZnUUm7jfBEk1ueY= -golang.org/x/net v0.13.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= +golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8= +golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1710,15 +1710,15 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= -golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o= +golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c= -golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= +golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU= +golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1730,8 +1730,8 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= -golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
action enum - Action to perform based on regex matching. Default is 'replace'. uppercase and lowercase actions require Prometheus >= 2.36.
+ Action to perform based on the regex matching. + `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. + Default: "Replace"

Enum: replace, Replace, keep, Keep, drop, Drop, hashmod, HashMod, labelmap, LabelMap, labeldrop, LabelDrop, labelkeep, LabelKeep, lowercase, Lowercase, uppercase, Uppercase, keepequal, KeepEqual, dropequal, DropEqual
Default: replace
@@ -1831,7 +1836,8 @@ RelabelConfig allows dynamic rewriting of the label set, being applied to sample 		modulus integer - Modulus to take of the hash of the source label values.
+ Modulus to take of the hash of the source label values. + Only applicable when the action is `HashMod`.

Format: int64
regex string - Regular expression against which the extracted value is matched. Default is '(.*)'
+ Regular expression against which the extracted value is matched.
 false
replacement string - Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
+ Replacement value against which a Replace action is performed if the regular expression matches. + Regex capture groups are available.
 false
separator string - Separator placed between concatenated source label values. default is ';'.
+ Separator is the string between concatenated SourceLabels.
 false
sourceLabels []string - The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
+ The source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression.
 false
targetLabel string - Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
+ Label to which the resulting string is written in a replacement. + It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. + Regex capture groups are available.
 false