mirrors/prometheus-operator
mirrors/prometheus-operator
1
0
Fork 0
mirror of https://github.com/prometheus-operator/prometheus-operator.git synced 2025-04-21 11:48:53 +00:00
Code Activity

Merge pull request from simonpasquier/merge-release-0.75

Browse source 
Merge release 0.75
This commit is contained in:
Simon Pasquier 2024-07-24 12:42:33 +02:00 committed by GitHub
commit f0a3778b4b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
50 changed files with 369 additions and 95 deletions

4
CHANGELOG.md
View file

@ -1,3 +1,7 @@
## 0.75.2 / 2024-07-23
* [BUGFIX] Avoid invalid alerting config with TLS. #6765
## 0.75.1 / 2024-07-02
* [BUGFIX] Fix OVHCloud service discovery configs key error. #6723

2
Documentation/operator.md
View file

@ -74,7 +74,7 @@ Usage of ./operator:
-namespaces value
Namespaces to scope the interaction of the Prometheus Operator and the apiserver (allow list). This is mutually exclusive with --deny-namespaces.
-prometheus-config-reloader string
Prometheus config reloader image (default "quay.io/prometheus-operator/prometheus-config-reloader:v0.75.1")
Prometheus config reloader image (default "quay.io/prometheus-operator/prometheus-config-reloader:v0.75.2")
-prometheus-default-base-image string
Prometheus default base image (path without tag/version) (default "quay.io/prometheus/prometheus")
-prometheus-instance-namespaces value

6
Documentation/rbac.md
View file

@ -26,7 +26,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
rules:
- apiGroups:
@ -194,7 +194,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
namespace: default
```
@ -210,7 +210,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
roleRef:
apiGroup: rbac.authorization.k8s.io

2
Documentation/user-guides/prometheus-agent.md
View file

@ -26,7 +26,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
rules:
- apiGroups:

10
Documentation/user-guides/webhook.md
View file

@ -86,7 +86,7 @@ kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator-admission-webhook
namespace: default
```
@ -97,7 +97,7 @@ kind: Deployment
metadata:
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator-admission-webhook
namespace: default
spec:
@ -114,7 +114,7 @@ spec:
kubectl.kubernetes.io/default-container: prometheus-operator-admission-webhook
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
spec:
affinity:
podAntiAffinity:
@ -131,7 +131,7 @@ spec:
- --web.enable-tls=true
- --web.cert-file=/etc/tls/private/tls.crt
- --web.key-file=/etc/tls/private/tls.key
image: quay.io/prometheus-operator/admission-webhook:v0.75.1
image: quay.io/prometheus-operator/admission-webhook:v0.75.2
name: prometheus-operator-admission-webhook
ports:
- containerPort: 8443
@ -179,7 +179,7 @@ kind: Service
metadata:
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator-admission-webhook
namespace: default
spec:

2
VERSION
View file

@ -1 +1 @@
0.75.1
0.75.2

36
bundle.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: alertmanagerconfigs.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -6703,7 +6703,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: alertmanagers.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -15029,7 +15029,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: podmonitors.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -16010,7 +16010,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: probes.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -16962,7 +16962,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: prometheusagents.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -27328,7 +27328,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: prometheuses.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -39724,7 +39724,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: prometheusrules.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -39867,7 +39867,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: scrapeconfigs.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -47641,7 +47641,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: servicemonitors.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -48650,7 +48650,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: thanosrulers.monitoring.coreos.com
spec:
group: monitoring.coreos.com
@ -56615,7 +56615,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
@ -56632,7 +56632,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
rules:
- apiGroups:
@ -56732,7 +56732,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
namespace: default
spec:
@ -56748,17 +56748,17 @@ spec:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
spec:
automountServiceAccountToken: true
containers:
- args:
- --kubelet-service=kube-system/kubelet
- --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.75.1
- --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.75.2
env:
- name: GOGC
value: "30"
image: quay.io/prometheus-operator/prometheus-operator:v0.75.1
image: quay.io/prometheus-operator/prometheus-operator:v0.75.2
name: prometheus-operator
ports:
- containerPort: 8080
@ -56792,7 +56792,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
namespace: default
---
@ -56802,7 +56802,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
namespace: default
spec:

6
example/admission-webhook/deployment.yaml
View file

@ -3,7 +3,7 @@ kind: Deployment
metadata:
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator-admission-webhook
namespace: default
spec:
@ -20,7 +20,7 @@ spec:
kubectl.kubernetes.io/default-container: prometheus-operator-admission-webhook
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
spec:
affinity:
podAntiAffinity:
@ -37,7 +37,7 @@ spec:
- --web.enable-tls=true
- --web.cert-file=/etc/tls/private/tls.crt
- --web.key-file=/etc/tls/private/tls.key
image: quay.io/prometheus-operator/admission-webhook:v0.75.1
image: quay.io/prometheus-operator/admission-webhook:v0.75.2
name: prometheus-operator-admission-webhook
ports:
- containerPort: 8443

2
example/admission-webhook/pod-disruption-budget.yaml
View file

@ -3,7 +3,7 @@ kind: PodDisruptionBudget
metadata:
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator-admission-webhook
namespace: default
spec:

2
example/admission-webhook/service-account.yaml
View file

@ -4,6 +4,6 @@ kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator-admission-webhook
namespace: default

4
example/admission-webhook/service-monitor.yaml
View file

@ -3,7 +3,7 @@ kind: ServiceMonitor
metadata:
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator-admission-webhook
namespace: default
spec:
@ -13,4 +13,4 @@ spec:
selector:
matchLabels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2

2
example/admission-webhook/service.yaml
View file

@ -3,7 +3,7 @@ kind: Service
metadata:
labels:
app.kubernetes.io/name: prometheus-operator-admission-webhook
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator-admission-webhook
namespace: default
spec:

2
example/alertmanager-crd-conversion/patch.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "alertmanagerconfigs.monitoring.coreos.com"
},

2
example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: alertmanagerconfigs.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: alertmanagers.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: podmonitors.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: probes.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: prometheusagents.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: prometheuses.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: prometheusrules.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: scrapeconfigs.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: servicemonitors.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml generated
View file

@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.75.1
operator.prometheus.io/version: 0.75.2
name: thanosrulers.monitoring.coreos.com
spec:
group: monitoring.coreos.com

2
example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml
View file

@ -4,7 +4,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
roleRef:
apiGroup: rbac.authorization.k8s.io

2
example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml
View file

@ -4,7 +4,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
rules:
- apiGroups:

8
example/rbac/prometheus-operator/prometheus-operator-deployment.yaml
View file

@ -4,7 +4,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
namespace: default
spec:
@ -20,17 +20,17 @@ spec:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
spec:
automountServiceAccountToken: true
containers:
- args:
- --kubelet-service=kube-system/kubelet
- --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.75.1
- --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.75.2
env:
- name: GOGC
value: "30"
image: quay.io/prometheus-operator/prometheus-operator:v0.75.1
image: quay.io/prometheus-operator/prometheus-operator:v0.75.2
name: prometheus-operator
ports:
- containerPort: 8080

2
example/rbac/prometheus-operator/prometheus-operator-service-account.yaml
View file

@ -5,6 +5,6 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
namespace: default

4
example/rbac/prometheus-operator/prometheus-operator-service-monitor.yaml
View file

@ -4,7 +4,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
namespace: default
spec:
@ -15,4 +15,4 @@ spec:
matchLabels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2

2
example/rbac/prometheus-operator/prometheus-operator-service.yaml
View file

@ -4,7 +4,7 @@ metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/version: 0.75.1
app.kubernetes.io/version: 0.75.2
name: prometheus-operator
namespace: default
spec:

4
go.mod
View file

@ -21,8 +21,8 @@ require (
github.com/mitchellh/hashstructure v1.1.0
github.com/oklog/run v1.1.0
github.com/prometheus-community/prom-label-proxy v0.10.0
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.75.1
github.com/prometheus-operator/prometheus-operator/pkg/client v0.75.1
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.75.2
github.com/prometheus-operator/prometheus-operator/pkg/client v0.75.2
github.com/prometheus/alertmanager v0.27.0
github.com/prometheus/client_golang v1.19.1
github.com/prometheus/common v0.55.0

2
jsonnet/prometheus-operator/alertmanagerconfigs-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "alertmanagerconfigs.monitoring.coreos.com"
},

2
jsonnet/prometheus-operator/alertmanagers-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "alertmanagers.monitoring.coreos.com"
},

2
jsonnet/prometheus-operator/podmonitors-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "podmonitors.monitoring.coreos.com"
},

2
jsonnet/prometheus-operator/probes-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "probes.monitoring.coreos.com"
},

2
jsonnet/prometheus-operator/prometheusagents-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "prometheusagents.monitoring.coreos.com"
},

2
jsonnet/prometheus-operator/prometheuses-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "prometheuses.monitoring.coreos.com"
},

2
jsonnet/prometheus-operator/prometheusrules-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "prometheusrules.monitoring.coreos.com"
},

2
jsonnet/prometheus-operator/scrapeconfigs-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "scrapeconfigs.monitoring.coreos.com"
},

2
jsonnet/prometheus-operator/servicemonitors-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "servicemonitors.monitoring.coreos.com"
},

2
jsonnet/prometheus-operator/thanosrulers-crd.json
View file

@ -4,7 +4,7 @@
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.15.0",
"operator.prometheus.io/version": "0.75.1"
"operator.prometheus.io/version": "0.75.2"
},
"name": "thanosrulers.monitoring.coreos.com"
},

2
pkg/client/go.mod
View file

@ -5,7 +5,7 @@ go 1.22.0
toolchain go1.22.2
require (
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.75.1
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.75.2
k8s.io/api v0.30.3
k8s.io/apiextensions-apiserver v0.30.3
k8s.io/apimachinery v0.30.3

41
pkg/prometheus/promcfg.go
View file

@ -884,7 +884,9 @@ func (cg *ConfigGenerator) generatePodMonitorConfig(
attachMetaConfig := mergeAttachMetadataWithScrapeClass(m.Spec.AttachMetadata, scrapeClass, "2.35.0")
cfg = append(cfg, cg.generateK8SSDConfig(m.Spec.NamespaceSelector, m.Namespace, apiserverConfig, store, kubernetesSDRolePod, attachMetaConfig))
s := store.ForNamespace(m.Namespace)
cfg = append(cfg, cg.generateK8SSDConfig(m.Spec.NamespaceSelector, m.Namespace, apiserverConfig, s, kubernetesSDRolePod, attachMetaConfig))
if ep.Interval != "" {
cfg = append(cfg, yaml.MapItem{Key: "scrape_interval", Value: ep.Interval})
@ -913,8 +915,6 @@ func (cg *ConfigGenerator) generatePodMonitorConfig(
cfg = addTLStoYaml(cfg, m.Namespace, mergeSafeTLSConfigWithScrapeClass(ep.TLSConfig, scrapeClass))
s := store.ForNamespace(m.Namespace)
//nolint:staticcheck // Ignore SA1019 this field is marked as deprecated.
if ep.BearerTokenSecret.Name != "" {
level.Debug(cg.logger).Log("msg", "'bearerTokenSecret' is deprecated, use 'authorization' instead.")
@ -1167,6 +1167,8 @@ func (cg *ConfigGenerator) generateProbeConfig(
}
labeler := namespacelabeler.New(cpf.EnforcedNamespaceLabel, cpf.ExcludedFromEnforcement, false)
s := store.ForNamespace(m.Namespace)
// As stated in the CRD documentation, if both StaticConfig and Ingress are
// defined, the former takes precedence which is why the first case statement
// checks for m.Spec.Targets.StaticConfig.
@ -1267,7 +1269,7 @@ func (cg *ConfigGenerator) generateProbeConfig(
}
}
cfg = append(cfg, cg.generateK8SSDConfig(m.Spec.Targets.Ingress.NamespaceSelector, m.Namespace, apiserverConfig, store, kubernetesSDRoleIngress, nil))
cfg = append(cfg, cg.generateK8SSDConfig(m.Spec.Targets.Ingress.NamespaceSelector, m.Namespace, apiserverConfig, s, kubernetesSDRoleIngress, nil))
// Relabelings for ingress SD.
relabelings = append(relabelings, []yaml.MapSlice{
@ -1321,8 +1323,6 @@ func (cg *ConfigGenerator) generateProbeConfig(
cfg = addTLStoYaml(cfg, m.Namespace, mergeSafeTLSConfigWithScrapeClass(m.Spec.TLSConfig, scrapeClass))
s := store.ForNamespace(m.Namespace)
if m.Spec.BearerTokenSecret.Name != "" {
b, err := s.GetSecretKey(m.Spec.BearerTokenSecret)
if err != nil {
@ -1374,7 +1374,10 @@ func (cg *ConfigGenerator) generateServiceMonitorConfig(
}
attachMetaConfig := mergeAttachMetadataWithScrapeClass(m.Spec.AttachMetadata, scrapeClass, "2.37.0")
cfg = append(cfg, cg.generateK8SSDConfig(m.Spec.NamespaceSelector, m.Namespace, apiserverConfig, store, role, attachMetaConfig))
s := store.ForNamespace(m.Namespace)
cfg = append(cfg, cg.generateK8SSDConfig(m.Spec.NamespaceSelector, m.Namespace, apiserverConfig, s, role, attachMetaConfig))
if ep.Interval != "" {
cfg = append(cfg, yaml.MapItem{Key: "scrape_interval", Value: ep.Interval})
@ -1400,7 +1403,7 @@ func (cg *ConfigGenerator) generateServiceMonitorConfig(
if ep.EnableHttp2 != nil {
cfg = cg.WithMinimumVersion("2.35.0").AppendMapItem(cfg, "enable_http2", *ep.EnableHttp2)
}
s := store.ForNamespace(m.Namespace)
cfg = cg.addOAuth2ToYaml(cfg, s, ep.OAuth2)
cfg = addTLStoYaml(cfg, m.Namespace, mergeTLSConfigWithScrapeClass(ep.TLSConfig, scrapeClass))
@ -1752,7 +1755,7 @@ func (cg *ConfigGenerator) generateK8SSDConfig(
namespaceSelector monitoringv1.NamespaceSelector,
namespace string,
apiserverConfig *monitoringv1.APIServerConfig,
store *assets.StoreBuilder,
store assets.StoreGetter,
role string,
attachMetadataConfig *attachMetadataConfig,
) yaml.MapItem {
@ -1776,13 +1779,12 @@ func (cg *ConfigGenerator) generateK8SSDConfig(
})
}
s := store.ForNamespace(namespace)
if apiserverConfig != nil {
k8sSDConfig = append(k8sSDConfig, yaml.MapItem{
Key: "api_server", Value: apiserverConfig.Host,
})
k8sSDConfig = cg.addBasicAuthToYaml(k8sSDConfig, s, apiserverConfig.BasicAuth)
k8sSDConfig = cg.addBasicAuthToYaml(k8sSDConfig, store, apiserverConfig.BasicAuth)
//nolint:staticcheck // Ignore SA1019 this field is marked as deprecated.
if apiserverConfig.BearerToken != "" {
@ -1796,12 +1798,11 @@ func (cg *ConfigGenerator) generateK8SSDConfig(
k8sSDConfig = append(k8sSDConfig, yaml.MapItem{Key: "bearer_token_file", Value: apiserverConfig.BearerTokenFile})
}
k8sSDConfig = cg.addAuthorizationToYaml(k8sSDConfig, s, apiserverConfig.Authorization)
k8sSDConfig = cg.addAuthorizationToYaml(k8sSDConfig, store, apiserverConfig.Authorization)
// TODO: If we want to support secret refs for k8s service discovery tls
// config as well, make sure to path the right namespace here.
k8sSDConfig = addTLStoYaml(k8sSDConfig, "", apiserverConfig.TLSConfig)
k8sSDConfig = addTLStoYaml(k8sSDConfig, namespace, apiserverConfig.TLSConfig)
}
if attachMetadataConfig != nil {
k8sSDConfig = cg.WithMinimumVersion(attachMetadataConfig.MinimumVersion).AppendMapItem(k8sSDConfig, "attach_metadata", yaml.MapSlice{
{Key: "node", Value: attachMetadataConfig.AttachMetadata.Node},
@ -1822,9 +1823,8 @@ func (cg *ConfigGenerator) generateAlertmanagerConfig(alerting *monitoringv1.Ale
}
alertmanagerConfigs := make([]yaml.MapSlice, 0, len(alerting.Alertmanagers))
s := store.ForNamespace(cg.prom.GetObjectMeta().GetNamespace())
for i, am := range alerting.Alertmanagers {
s := store.ForNamespace(am.Namespace)
if am.Scheme == "" {
am.Scheme = "http"
}
@ -1846,11 +1846,9 @@ func (cg *ConfigGenerator) generateAlertmanagerConfig(alerting *monitoringv1.Ale
cfg = cg.WithMinimumVersion("2.35.0").AppendMapItem(cfg, "enable_http2", *am.EnableHttp2)
}
// TODO: If we want to support secret refs for alertmanager config tls
// config as well, make sure to path the right namespace here.
cfg = addTLStoYaml(cfg, "", am.TLSConfig)
cfg = addTLStoYaml(cfg, cg.prom.GetObjectMeta().GetNamespace(), am.TLSConfig)
cfg = append(cfg, cg.generateK8SSDConfig(monitoringv1.NamespaceSelector{}, am.Namespace, apiserverConfig, store, kubernetesSDRoleEndpoint, nil))
cfg = append(cfg, cg.generateK8SSDConfig(monitoringv1.NamespaceSelector{}, am.Namespace, apiserverConfig, s, kubernetesSDRoleEndpoint, nil))
//nolint:staticcheck // Ignore SA1019 this field is marked as deprecated.
if am.BearerTokenFile != "" {
@ -1902,6 +1900,7 @@ func (cg *ConfigGenerator) generateAlertmanagerConfig(alerting *monitoringv1.Ale
}
alertmanagerConfigs = append(alertmanagerConfigs, cfg)
}
return alertmanagerConfigs
}

172
pkg/prometheus/promcfg_test.go
View file

@ -397,7 +397,7 @@ func TestNamespaceSetCorrectly(t *testing.T) {
}
}
c := cg.generateK8SSDConfig(tc.ServiceMonitor.Spec.NamespaceSelector, tc.ServiceMonitor.Namespace, nil, assets.NewTestStoreBuilder(), kubernetesSDRoleEndpoint, attachMetaConfig)
c := cg.generateK8SSDConfig(tc.ServiceMonitor.Spec.NamespaceSelector, tc.ServiceMonitor.Namespace, nil, assets.NewTestStoreBuilder().ForNamespace(tc.ServiceMonitor.Namespace), kubernetesSDRoleEndpoint, attachMetaConfig)
s, err := yaml.Marshal(yaml.MapSlice{c})
require.NoError(t, err)
golden.Assert(t, string(s), tc.Golden)
@ -438,7 +438,7 @@ func TestNamespaceSetCorrectlyForPodMonitor(t *testing.T) {
MinimumVersion: "2.35.0",
AttachMetadata: pm.Spec.AttachMetadata,
}
c := cg.generateK8SSDConfig(pm.Spec.NamespaceSelector, pm.Namespace, nil, assets.NewTestStoreBuilder(), kubernetesSDRolePod, attachMetadataConfig)
c := cg.generateK8SSDConfig(pm.Spec.NamespaceSelector, pm.Namespace, nil, assets.NewTestStoreBuilder().ForNamespace(pm.Namespace), kubernetesSDRolePod, attachMetadataConfig)
s, err := yaml.Marshal(yaml.MapSlice{c})
require.NoError(t, err)
@ -866,6 +866,39 @@ func TestK8SSDConfigGeneration(t *testing.T) {
),
golden: "K8SSDConfigGenerationTwo.golden",
},
{
apiServerConfig: &monitoringv1.APIServerConfig{
Host: "example.com",
TLSConfig: &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
CA: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: "tls",
},
Key: "ca",
},
},
Cert: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: "tls",
},
Key: "cert",
},
},
KeySecret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: "tls",
},
Key: "private-key",
},
},
},
},
store: assets.NewTestStoreBuilder(),
golden: "K8SSDConfigGenerationTLSConfig.golden",
},
}
for _, tc := range testcases {
@ -891,7 +924,7 @@ func TestK8SSDConfigGeneration(t *testing.T) {
sm.Spec.NamespaceSelector,
sm.Namespace,
tc.apiServerConfig,
tc.store,
tc.store.ForNamespace(sm.Namespace),
kubernetesSDRoleEndpoint,
attachMetaConfig,
)
@ -10540,8 +10573,141 @@ func TestScrapeClassAttachMetadata(t *testing.T) {
nil,
nil,
)
require.NoError(t, err)
golden.Assert(t, string(cfg), tc.goldenFile)
})
}
}
func TestGenerateAlertmanagerConfig(t *testing.T) {
for _, tc := range []struct {
alerting *monitoringv1.AlertingSpec
golden string
}{
{
alerting: nil,
golden: "AlertmanagerConfigEmpty.golden",
},
{
alerting: &monitoringv1.AlertingSpec{
Alertmanagers: []monitoringv1.AlertmanagerEndpoints{
{
Name: "foo",
Namespace: "other",
},
},
},
golden: "AlertmanagerConfigOtherNamespace.golden",
},
{
alerting: &monitoringv1.AlertingSpec{
Alertmanagers: []monitoringv1.AlertmanagerEndpoints{
{
Name: "foo",
Namespace: "default",
TLSConfig: &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
CA: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: "tls",
},
Key: "ca",
},
},
Cert: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: "tls",
},
Key: "cert",
},
},
KeySecret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: "tls",
},
Key: "private-key",
},
},
},
},
},
},
golden: "AlertmanagerConfigTLSconfig.golden",
},
{
alerting: &monitoringv1.AlertingSpec{
Alertmanagers: []monitoringv1.AlertmanagerEndpoints{
{
Name: "foo",
Namespace: "other",
TLSConfig: &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
CA: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: "tls",
},
Key: "ca",
},
},
Cert: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: "tls",
},
Key: "cert",
},
},
KeySecret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: "tls",
},
Key: "private-key",
},
},
},
},
},
},
golden: "AlertmanagerConfigTLSconfigOtherNamespace.golden",
},
} {
t.Run("", func(t *testing.T) {
p := &monitoringv1.Prometheus{
ObjectMeta: metav1.ObjectMeta{
Name: "test",
Namespace: "default",
},
Spec: monitoringv1.PrometheusSpec{
Alerting: tc.alerting,
},
}
cg := mustNewConfigGenerator(t, p)
cfg, err := cg.GenerateServerConfiguration(
p.Spec.EvaluationInterval,
p.Spec.QueryLogFile,
p.Spec.RuleSelector,
p.Spec.Exemplars,
p.Spec.TSDB,
p.Spec.Alerting,
p.Spec.RemoteRead,
map[string]*monitoringv1.ServiceMonitor{},
nil,
nil,
nil,
assets.NewTestStoreBuilder(),
nil,
nil,
nil,
nil,
)
require.NoError(t, err)
golden.Assert(t, string(cfg), tc.golden)
})
}
}

4
pkg/prometheus/server/operator.go
View file

@ -1319,6 +1319,10 @@ func addAlertmanagerEndpointsToStore(ctx context.Context, store *assets.StoreBui
if err := store.AddSigV4(ctx, namespace, am.Sigv4); err != nil {
return fmt.Errorf("alertmanager %d: %w", i, err)
}
if err := store.AddTLSConfig(ctx, namespace, am.TLSConfig); err != nil {
return fmt.Errorf("alertmanager %d: %w", i, err)
}
}
return nil

4
pkg/prometheus/store.go
View file

@ -99,6 +99,10 @@ func AddAPIServerConfigToStore(ctx context.Context, store *assets.StoreBuilder,
return fmt.Errorf("apiserver config: %w", err)
}
if err := store.AddTLSConfig(ctx, namespace, config.TLSConfig); err != nil {
return fmt.Errorf("apiserver config: %w", err)
}
return nil
}

7
pkg/prometheus/testdata/AlertmanagerConfigEmpty.golden generated vendored Normal file
View file

@ -0,0 +1,7 @@
global:
evaluation_interval: ""
scrape_interval: ""
external_labels:
prometheus: default/test
prometheus_replica: $(POD_NAME)
scrape_configs: []

24
pkg/prometheus/testdata/AlertmanagerConfigOtherNamespace.golden generated vendored Normal file
View file

@ -0,0 +1,24 @@
global:
evaluation_interval: ""
scrape_interval: ""
external_labels:
prometheus: default/test
prometheus_replica: $(POD_NAME)
scrape_configs: []
alerting:
alert_relabel_configs:
- action: labeldrop
regex: prometheus_replica
alertmanagers:
- path_prefix: /
scheme: http
kubernetes_sd_configs:
- role: endpoints
namespaces:
names:
- other
relabel_configs:
- action: keep
source_labels:
- __meta_kubernetes_service_name
regex: foo

28
pkg/prometheus/testdata/AlertmanagerConfigTLSconfig.golden generated vendored Normal file
View file

@ -0,0 +1,28 @@
global:
evaluation_interval: ""
scrape_interval: ""
external_labels:
prometheus: default/test
prometheus_replica: $(POD_NAME)
scrape_configs: []
alerting:
alert_relabel_configs:
- action: labeldrop
regex: prometheus_replica
alertmanagers:
- path_prefix: /
scheme: http
tls_config:
ca_file: /etc/prometheus/certs/0_default_tls_ca
cert_file: /etc/prometheus/certs/0_default_tls_cert
key_file: /etc/prometheus/certs/0_default_tls_private-key
kubernetes_sd_configs:
- role: endpoints
namespaces:
names:
- default
relabel_configs:
- action: keep
source_labels:
- __meta_kubernetes_service_name
regex: foo

28
pkg/prometheus/testdata/AlertmanagerConfigTLSconfigOtherNamespace.golden generated vendored Normal file
View file

@ -0,0 +1,28 @@
global:
evaluation_interval: ""
scrape_interval: ""
external_labels:
prometheus: default/test
prometheus_replica: $(POD_NAME)
scrape_configs: []
alerting:
alert_relabel_configs:
- action: labeldrop
regex: prometheus_replica
alertmanagers:
- path_prefix: /
scheme: http
tls_config:
ca_file: /etc/prometheus/certs/0_default_tls_ca
cert_file: /etc/prometheus/certs/0_default_tls_cert
key_file: /etc/prometheus/certs/0_default_tls_private-key
kubernetes_sd_configs:
- role: endpoints
namespaces:
names:
- other
relabel_configs:
- action: keep
source_labels:
- __meta_kubernetes_service_name
regex: foo

10
pkg/prometheus/testdata/K8SSDConfigGenerationTLSConfig.golden generated vendored Normal file
View file

@ -0,0 +1,10 @@
kubernetes_sd_configs:
- role: endpoints
namespaces:
names:
- test
api_server: example.com
tls_config:
ca_file: /etc/prometheus/certs/0_default_tls_ca
cert_file: /etc/prometheus/certs/0_default_tls_cert
key_file: /etc/prometheus/certs/0_default_tls_private-key