From c2757402790f7263fc69ab61ca84f04a1abe51ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?= Date: Thu, 16 Mar 2023 13:03:52 +0100 Subject: [PATCH] fix: add missing service monitor for background controller (#6600) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: add missing service monitor for background controller Signed-off-by: Charles-Edouard Brétéché * fix Signed-off-by: Charles-Edouard Brétéché --------- Signed-off-by: Charles-Edouard Brétéché --- .../background-controller/servicemonitor.yaml | 34 +++++++++++++++++++ scripts/config/dev/kyverno.yaml | 4 +++ scripts/config/standard/kyverno.yaml | 26 +++++++------- 3 files changed, 51 insertions(+), 13 deletions(-) create mode 100644 charts/kyverno/templates/background-controller/servicemonitor.yaml diff --git a/charts/kyverno/templates/background-controller/servicemonitor.yaml b/charts/kyverno/templates/background-controller/servicemonitor.yaml new file mode 100644 index 0000000000..e8f05bad17 --- /dev/null +++ b/charts/kyverno/templates/background-controller/servicemonitor.yaml @@ -0,0 +1,34 @@ +{{- if .Values.backgroundController.enabled -}} +{{- if .Values.backgroundController.serviceMonitor.enabled -}} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kyverno.background-controller.name" . }} + {{- if .Values.backgroundController.serviceMonitor.namespace }} + namespace: {{ .Values.backgroundController.serviceMonitor.namespace }} + {{- else }} + namespace: {{ template "kyverno.namespace" . }} + {{- end }} + labels: + {{- include "kyverno.background-controller.labels" . | nindent 4 }} + {{- with .Values.backgroundController.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "kyverno.background-controller.matchLabels" . | nindent 6 }} + namespaceSelector: + matchNames: + - {{ template "kyverno.namespace" . }} + endpoints: + - port: metrics-port + interval: {{ .Values.backgroundController.serviceMonitor.interval }} + scrapeTimeout: {{ .Values.backgroundController.serviceMonitor.scrapeTimeout }} + {{- if .Values.backgroundController.serviceMonitor.secure }} + scheme: https + tlsConfig: + {{- toYaml .Values.backgroundController.serviceMonitor.tlsConfig | nindent 8 }} + {{- end }} +{{- end -}} +{{- end -}} diff --git a/scripts/config/dev/kyverno.yaml b/scripts/config/dev/kyverno.yaml index 46ce379799..d9ac3ad13a 100644 --- a/scripts/config/dev/kyverno.yaml +++ b/scripts/config/dev/kyverno.yaml @@ -17,6 +17,10 @@ admissionController: - --tracingPort=4317 - --enablePolicyException +backgroundController: + serviceMonitor: + enabled: true + cleanupController: rbac: clusterRole: diff --git a/scripts/config/standard/kyverno.yaml b/scripts/config/standard/kyverno.yaml index 5acc031fe1..3aee219cfe 100644 --- a/scripts/config/standard/kyverno.yaml +++ b/scripts/config/standard/kyverno.yaml @@ -9,19 +9,6 @@ admissionController: - --loggingFormat=json - --enablePolicyException -cleanupController: - rbac: - clusterRole: - extraResources: - - apiGroups: - - '' - resources: - - pods - -reportsController: - extraArgs: - enablePolicyException: true - backgroundController: rbac: clusterRole: @@ -40,3 +27,16 @@ backgroundController: - nodes - nodes/status - pods + +cleanupController: + rbac: + clusterRole: + extraResources: + - apiGroups: + - '' + resources: + - pods + +reportsController: + extraArgs: + enablePolicyException: true